From soko.tica at gmail.com Mon Feb 1 06:15:39 2016 From: soko.tica at gmail.com (soko.tica) Date: Mon, 1 Feb 2016 07:15:39 +0100 Subject: basic configuratio error In-Reply-To: References: Message-ID: Since I've got a question about this offlist, I've noticed that I haven't reported the solution back. The solution was not to start dovecot from the CLI, but as a service. Put it in /etc/rc.conf.local That's it! On Tue, Oct 28, 2014 at 9:05 PM, soko.tica wrote: > Hello list, > > After many hours I still fail to configure properly dovecot as the LDA > with opensmtpd, for system users only. > > I don't want pop at all, jus lmtp and imap, but still haven't stripped it. > > Here is the info, thanks in advance for your response: > > ===== > > # doveconf -n > # 2.2.14: /etc/dovecot/dovecot.conf > # OS: OpenBSD 5.6 i386 > auth_verbose = yes > auth_verbose_passwords = yes > disable_plaintext_auth = no > first_valid_uid = 1000 > hostname = imap.home.lan > imap_client_workarounds = delay-newmail tb-extra-mailbox-sep tb-lsub-flags > lda_mailbox_autocreate = yes > lda_mailbox_autosubscribe = yes > lda_original_recipient_header = X-Original-To > mail_debug = yes > mail_location = maildir:~/Maildir > managesieve_notify_capability = mailto > managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave duplicate > mbox_write_locks = fcntl > mmap_disable = yes > namespace inbox { > inbox = yes > location = > mailbox Drafts { > special_use = \Drafts > } > mailbox Junk { > special_use = \Junk > } > mailbox Sent { > special_use = \Sent > } > mailbox "Sent Messages" { > special_use = \Sent > } > mailbox Trash { > special_use = \Trash > } > prefix = > } > passdb { > driver = bsdauth > } > plugin { > sieve = ~/.dovecot.sieve > sieve_dir = ~/sieve > } > pop3_client_workarounds = outlook-no-nuls oe-ns-eoh > postmaster_address = postmaster at mileva.home.lan > protocols = imap pop3 lmtp sieve > service auth-worker { > user = root > } > service auth { > unix_listener auth-userdb { > group = _dovenull > mode = 0666 > user = _dovenull > } > } > service imap-login { > inet_listener imap { > port = 143 > } > inet_listener imaps { > port = 993 > ssl = yes > } > process_min_avail = 0 > service_count = 1 > } > service imap { > process_limit = 1024 > } > service lmtp { > unix_listener lmtp { > mode = 0666 > } > } > service managesieve-login { > inet_listener sieve { > port = 4190 > } > inet_listener sieve_deprecated { > port = 2000 > } > } > ssl_cert = ssl_key = userdb { > driver = passwd > } > verbose_ssl = yes > protocol lmtp { > mail_plugins = > } > protocol lda { > mail_plugins = > } > # /usr/local/sbin/dovecot -F > Oct 28 13:00:01 mileva newsyslog[1110]: logfile turned over > Oct 28 14:30:46 mileva dovecot: master: Dovecot v2.2.14 starting up for imap, pop3, lmtp, sieve > Oct 28 14:30:46 mileva dovecot: master: Error: service(aggregator): pipe() failed: Too many open files > Oct 28 14:30:46 mileva dovecot: master: Error: service(pop3): pipe() failed: Too many open files > Oct 28 14:30:46 mileva dovecot: master: Error: open(/var/dovecot/login-master-notifya57a2b8821460734) failed: Too many open files > Oct 28 14:30:46 mileva dovecot: master: Error: service(pop3-login): safe_mkstemp(/var/dovecot/login-master-notify) failed: Too many open files > Oct 28 14:30:46 mileva dovecot: master: Error: service(log): pipe() failed: Too many open files > Oct 28 14:30:46 mileva dovecot: master: Error: service(lmtp): pipe() failed: Too many open files > Oct 28 14:30:46 mileva dovecot: master: Error: service(ipc): pipe() failed: Too many open files > Oct 28 14:30:46 mileva dovecot: master: Error: service(indexer-worker): pipe() failed: Too many open files > Oct 28 14:30:46 mileva dovecot: master: Error: service(indexer): pipe() failed: Too many open files > Oct 28 14:30:46 mileva dovecot: master: Error: service(imap): pipe() failed: Too many open files > Oct 28 14:30:46 mileva dovecot: master: Error: service(imap-urlauth-worker): pipe() failed: Too many open files > Oct 28 14:30:46 mileva dovecot: master: Error: service(imap-urlauth): pipe() failed: Too many open files > Oct 28 14:30:46 mileva dovecot: master: Error: open(/var/dovecot/login-master-notify5dd2a3a0591effcc) failed: Too many open files > Oct 28 14:30:46 mileva dovecot: master: Error: service(imap-urlauth-login): safe_mkstemp(/var/dovecot/login-master-notify) failed: Too many open files > Oct 28 14:30:46 mileva dovecot: master: Error: open(/var/dovecot/login-master-notify152a1bb891f6f764) failed: Too many open files > Oct 28 14:30:46 mileva dovecot: master: Error: service(imap-login): safe_mkstemp(/var/dovecot/login-master-notify) failed: Too many open files > Oct 28 14:30:46 mileva dovecot: master: Error: service(doveadm): pipe() failed: Too many open files > Oct 28 14:30:46 mileva dovecot: master: Error: service(dns_client): pipe() failed: Too many open files > Oct 28 14:30:46 mileva dovecot: master: Error: service(director): pipe() failed: Too many open files > Oct 28 14:30:46 mileva dovecot: master: Error: service(dict): pipe() failed: Too many open files > Oct 28 14:30:46 mileva dovecot: master: Error: service(config): pipe() failed: Too many open files > Oct 28 14:30:46 mileva dovecot: master: Error: service(auth): pipe() failed: Too many open files > Oct 28 14:30:46 mileva dovecot: master: Error: service(auth-worker): pipe() failed: Too many open files > Oct 28 14:30:46 mileva dovecot: master: Error: service(anvil): command startup failed, throttling for 2 secs > Oct 28 14:30:56 mileva dovecot: master: Error: service(ssl-params): command startup failed, throttling for 2 secs > > [snipped 18 pages of /var/log/maillog] > > Oct 28 20:47:44 mileva dovecot: master: Dovecot v2.2.14 starting up for imap, pop3, lmtp, sieve > Oct 28 20:47:44 mileva dovecot: master: Error: service(aggregator): pipe() failed: Too many open files > Oct 28 20:47:44 mileva dovecot: master: Error: service(pop3): pipe() failed: Too many open files > Oct 28 20:47:44 mileva dovecot: master: Error: open(/var/dovecot/login-master-notifydd522320d99e7f4c) failed: Too many open files > Oct 28 20:47:44 mileva dovecot: master: Error: service(pop3-login): safe_mkstemp(/var/dovecot/login-master-notify) failed: Too many open files > Oct 28 20:47:44 mileva dovecot: master: Error: service(log): pipe() failed: Too many open files > Oct 28 20:47:44 mileva dovecot: master: Error: service(lmtp): pipe() failed: Too many open files > Oct 28 20:47:44 mileva dovecot: master: Error: service(ipc): pipe() failed: Too many open files > Oct 28 20:47:44 mileva dovecot: master: Error: service(indexer-worker): pipe() failed: Too many open files > Oct 28 20:47:44 mileva dovecot: master: Error: service(indexer): pipe() failed: Too many open files > Oct 28 20:47:44 mileva dovecot: master: Error: service(imap): pipe() failed: Too many open files > Oct 28 20:47:44 mileva dovecot: master: Error: service(imap-urlauth-worker): pipe() failed: Too many open files > Oct 28 20:47:44 mileva dovecot: master: Error: service(imap-urlauth): pipe() failed: Too many open files > Oct 28 20:47:44 mileva dovecot: master: Error: open(/var/dovecot/login-master-notify95aa9b38117677e4) failed: Too many open files > Oct 28 20:47:44 mileva dovecot: master: Error: service(imap-urlauth-login): safe_mkstemp(/var/dovecot/login-master-notify) failed: Too many open files > Oct 28 20:47:44 mileva dovecot: master: Error: open(/var/dovecot/login-master-notify4d021350494e6f7c) failed: Too many open files > Oct 28 20:47:44 mileva dovecot: master: Error: service(imap-login): safe_mkstemp(/var/dovecot/login-master-notify) failed: Too many open files > Oct 28 20:47:44 mileva dovecot: master: Error: service(doveadm): pipe() failed: Too many open files > Oct 28 20:47:44 mileva dovecot: master: Error: service(dns_client): pipe() failed: Too many open files > Oct 28 20:47:44 mileva dovecot: master: Error: service(director): pipe() failed: Too many open files > Oct 28 20:47:44 mileva dovecot: master: Error: service(dict): pipe() failed: Too many open files > Oct 28 20:47:44 mileva dovecot: master: Error: service(config): pipe() failed: Too many open files > Oct 28 20:47:44 mileva dovecot: master: Error: service(auth): pipe() failed: Too many open files > Oct 28 20:47:44 mileva dovecot: master: Error: service(auth-worker): pipe() failed: Too many open files > Oct 28 20:47:44 mileva dovecot: master: Error: service(anvil): command startup failed, throttling for 2 secs > Oct 28 20:47:46 mileva dovecot: master: Warning: Killed with signal 2 (by pid=0 uid=0 code=kill) > Oct 28 20:47:46 mileva dovecot: master: Error: open(/var/dovecot/.temp.mileva.home.lan.17422.055a8b6881266714) failed: Too many open files > Oct 28 20:47:46 mileva dovecot: master: Error: file_dotlock_open(/var/dovecot/instances) failed: Too many open files > Oct 28 20:47:46 mileva dovecot: master: Error: service(ssl-params): command startup failed, throttling for 2 secs > > > # /usr/sbin/smtpd -n > configuration OK > > > > > > > From itml at ma3ki.net Mon Feb 1 08:42:51 2016 From: itml at ma3ki.net (Masaki Nemoto) Date: Mon, 1 Feb 2016 17:42:51 +0900 Subject: fts_autoindex - index-worker problem In-Reply-To: <180FFE5B-B41B-464D-8B3E-8D09119A0352@iki.fi> References: <56ACF2D1.10109@ma3ki.net> <180FFE5B-B41B-464D-8B3E-8D09119A0352@iki.fi> Message-ID: <56AF1A8B.8030604@ma3ki.net> I use 0029 at 09.jp like dovecot internal user and use gk12k_0029 at 08wt09.jp as an e-mail address. I executed "doveadm user" command and understood that setting of "dovecot-ldap.conf.ext" was wrong. I changed user_attrs of dovecot-ldap.conf.ext as follows. ---------------------- user_attrs = mailRoutingAddress=mail=maildir:/var/dovecot/%Ld/%Ln, mailRoutingAddress=home=/var/dovecot/%Ld/%Ln, storeQuotaBytes=quota_rule=*:bytes=%$ ---------------------- Thank you ! On 2016/01/31 8:58, Timo Sirainen wrote: >> On 30 Jan 2016, at 19:28, Masaki Nemoto wrote: >> >> Hello List, >> >> I installed dovecot-2.2.21 on CentOS 6.7. >> >> I use ldap for userdb to separate an e-mail address and the user. >> Index to apache solr failed in fts_authindex when I received an email >> after setting. >> The error message is "indexer-worker: Error: User 0029 at 09.jp lookup >> failed: Unknown user" > The question is mainly if the lookup of user 0029 at 09.jp should work, or if that it the wrong user in the first place. If you want the username to be 0029 at 09.jp on Dovecot side, then this command must work: > > doveadm user 0029 at 09.jp > >> user_attrs = mailRoutingAddress=user, storeQuotaBytes=quota_rule=*:bytes=%$ > So here mailRoutingAddress=user is changing Dovecot's internal username to that field's value, which causes it to send that username to indexer-worker. > >> # ldapsearch -h ldap01 -x -b "" mailLocalAddress=gk12k_0029 at 08wt09.jp >> mailRoutingAddress mailLocalAddress -LLL >> dn: uid=gk12k_0029,dc=08wt09,dc=jp >> mailRoutingAddress: 0029 at 09.jp >> mailLocalAddress: gk12k_0029 at 08wt09.jp > Here is seems that the username should be gk12k_0029 at 08wt09.jp, not 0029 at 09.jp? So maybe you want mailLocalAddress=user? Or add mailRoutingAddress to user_filter so that lookup by 0029 at 09.jp works too. > > BTW. auth_debug=yes is helpful in showing in Dovecot's logs what it's doing and why it's not finding something. From skdovecot at smail.inf.fh-brs.de Mon Feb 1 08:43:00 2016 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Mon, 1 Feb 2016 09:43:00 +0100 (CET) Subject: Dovecot with Maildir In-Reply-To: <125518289.2866973.1454192772810.JavaMail.yahoo@mail.yahoo.com> References: <125518289.2866973.1454192772810.JavaMail.yahoo.ref@mail.yahoo.com> <125518289.2866973.1454192772810.JavaMail.yahoo@mail.yahoo.com> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sat, 30 Jan 2016, John Williams wrote: > I believe (not sure actually) the answer is in the mail_location variable for Dovecot. ?This is what I've tried so far: > #mail_location = mbox:~/mail:INBOX=/var/mail/%u#mail_location = maildir:/var/mail/%u/Maildir#mail_location = maildir:~/Maildir:INDEX=/var/mail/%umail_location = maildir:/var/mail/%u/Maildir What does Dovecot log? Where are your Maildir directories located? What does doveadm user -u username print? - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVq8alHz1H7kL/d9rAQIRYwgAtapJ2Br/zhYHrmze2k59G9wul8lT43Ga oUdsRb2JYEXeR51z5iHTIZKHUN2+l79g0qouvXJmNarTEUnXetavyss91cDzYw8n cGpzpb4M75BCLgVpPKiExnlPG5y7fFEHiOAMa2bwRsMlDEgtpbUQTBx+d9MuxniB QzXMJuSuwm0UN8OEO4Ct4jsNCtkt7bRPVGej0yj0aRZFFOPcvzLH9Bi6sWjNtfcx PU8UMlP4byyf7yBptcZ8FTnAZA4lcZdy8fnxrN91cHtqgSBbP1hfGORQcYcNS2Qu pZgU2SYugArDoxU5X+LxCCFugk0/KYPcWS1sH3S8svKTTEvjddg4Kw== =E6ey -----END PGP SIGNATURE----- From absolutely_free at libero.it Mon Feb 1 16:50:18 2016 From: absolutely_free at libero.it (absolutely_free at libero.it) Date: Mon, 1 Feb 2016 17:50:18 +0100 (CET) Subject: Mail User Agent? Message-ID: <138531110.5366231454345418123.JavaMail.httpd@webmail-29.iol.local> Hi,is there a way to log which MUA is being used from an user? # dovecot --version2.0.9 Thank you From axel.luttgens at skynet.be Mon Feb 1 17:19:28 2016 From: axel.luttgens at skynet.be (Axel Luttgens) Date: Mon, 1 Feb 2016 18:19:28 +0100 Subject: Mail User Agent? In-Reply-To: <138531110.5366231454345418123.JavaMail.httpd@webmail-29.iol.local> References: <138531110.5366231454345418123.JavaMail.httpd@webmail-29.iol.local> Message-ID: <16A48296-D188-478C-9DB1-A187E53BD55E@skynet.be> > Le 1 f?vr. 2016 ? 17:50, absolutely_free at libero.it a ?crit : > > Hi,is there a way to log which MUA is being used from an user? > # dovecot --version2.0.9 > Thank you Unless I missed some recent changes, neither POP nor IMAP protocols make provisions for having the client to send such info. As a result, dovecot does not have that info. HTH, Axel From jeff at xamarin.com Mon Feb 1 17:32:03 2016 From: jeff at xamarin.com (Jeff Stedfast) Date: Mon, 1 Feb 2016 12:32:03 -0500 Subject: Mail User Agent? In-Reply-To: <16A48296-D188-478C-9DB1-A187E53BD55E@skynet.be> References: <138531110.5366231454345418123.JavaMail.httpd@webmail-29.iol.local> <16A48296-D188-478C-9DB1-A187E53BD55E@skynet.be> Message-ID: IMAP actually has an ID extension where the client can send this info, but it doesn't force the client to send it. Jeff On Mon, Feb 1, 2016 at 12:19 PM, Axel Luttgens wrote: > > > Le 1 f?vr. 2016 ? 17:50, absolutely_free at libero.it a ?crit : > > > > Hi,is there a way to log which MUA is being used from an user? > > # dovecot --version2.0.9 > > Thank you > > Unless I missed some recent changes, neither POP nor IMAP protocols make > provisions for having the client to send such info. > > As a result, dovecot does not have that info. > > HTH, > Axel > From axel.luttgens at skynet.be Mon Feb 1 17:52:13 2016 From: axel.luttgens at skynet.be (Axel Luttgens) Date: Mon, 1 Feb 2016 18:52:13 +0100 Subject: Mail User Agent? In-Reply-To: References: <138531110.5366231454345418123.JavaMail.httpd@webmail-29.iol.local> <16A48296-D188-478C-9DB1-A187E53BD55E@skynet.be> Message-ID: <0B30B23F-E82A-487E-9150-F6D012A6CB16@skynet.be> > Le 1 f?vr. 2016 ? 18:32, Jeff Stedfast a ?crit : > > IMAP actually has an ID extension where the client can send this info, but > it doesn?t force the client to send it. Damn, I completely forgot that one. Thanks for the reminder, Axel From chris2014 at postbox.xyz Mon Feb 1 17:59:16 2016 From: chris2014 at postbox.xyz (Chris) Date: Mon, 1 Feb 2016 18:59:16 +0100 Subject: ACL and LDAP Message-ID: <52dbc16ba806b9c77af0f8a0c76f98b5.squirrel@mail2.postbox.xyz> Dear All, is it possible to store ACLs in LDAP? Does anyone happen to have a script that syncs ACLs read from LDAP with Dovecot? - Chris From troeder at univention.de Mon Feb 1 18:42:17 2016 From: troeder at univention.de (=?UTF-8?Q?Daniel_Tr=c3=b6der?=) Date: Mon, 1 Feb 2016 19:42:17 +0100 Subject: ACL and LDAP In-Reply-To: <52dbc16ba806b9c77af0f8a0c76f98b5.squirrel@mail2.postbox.xyz> References: <52dbc16ba806b9c77af0f8a0c76f98b5.squirrel@mail2.postbox.xyz> Message-ID: <56AFA709.9020300@univention.de> On 02/01/2016 06:59 PM, Chris wrote: > Dear All, > > is it possible to store ACLs in LDAP? > > Does anyone happen to have a script that syncs ACLs read from LDAP with > Dovecot? > > - Chris Hi Chris, for Dovecot in the mail stack of the Univention Corporate Server (UCS, a Open Source Linux server distribution) a mechanism to do that is implemented. It is used to set ACLs of shared folders stored in LDAP on Dovecots shared folders. Management of shared folders is done through a web/cmdline interface that stores its data in LDAP. The ACLs are stored in attributes like this: DN: cn=folder at test.dom,cn=folder,cn=mail,dc=test,dc=dom sharedFolderUserACL: test1 at test.dom write sharedFolderUserACL: test2 at test.dom read In https://forge.univention.org/websvn/filedetails.php?repname=dev&path=%2Fbranches%2Fucs-4.1%2Fucs-4.1-0%2Fmail%2Funivention-mail-dovecot%2Fmodules%2Funivention%2Fmail%2Fdovecot_shared_folder.py in doveadm_set_mailbox_acls() and imap_set_mailbox_acls() the attributes are read and used to set them on the folders. The solution is very specific to UCS (uses its LDAP notifier-listener mechanism and their LDAP schema), but maybe you can adapt it. Good luck Daniel -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: OpenPGP digital signature URL: From chris2014 at postbox.xyz Mon Feb 1 20:40:50 2016 From: chris2014 at postbox.xyz (Chris) Date: Mon, 1 Feb 2016 21:40:50 +0100 Subject: ACL and LDAP In-Reply-To: <56AFA709.9020300@univention.de> References: <52dbc16ba806b9c77af0f8a0c76f98b5.squirrel@mail2.postbox.xyz> <56AFA709.9020300@univention.de> Message-ID: Hi Daniel, > in doveadm_set_mailbox_acls() and imap_set_mailbox_acls() the attributes > are read and used to set them on the folders. thank you. That's interesting. They're calling doveadm directly. I probably would have tried to use an IMAP-Client library. The former seems easier. - Chris From marklittle at koallo.com Mon Feb 1 21:39:13 2016 From: marklittle at koallo.com (Mark Little) Date: Mon, 01 Feb 2016 16:39:13 -0500 Subject: dsync issues due to Prefix =?UTF-8?Q?difference=3F?= In-Reply-To: <613815EF-A6AF-498D-9314-49243BAB13C8@iki.fi> References: <720942e870f0a0a762ad972d06c7e70f@koallo.com> <613815EF-A6AF-498D-9314-49243BAB13C8@iki.fi> Message-ID: Hi Timo, Thank you very much for the information. I had seen the DSync page but I was confused as to how to configure it. I'd definitely love to be able to get the proper dsync migration working as I have some clients who use POP3 and others who use IMAP and I want to make this seamless for all if possible. Could you please elaborate on how I specify the alternate dovecot.conf? I've gone through the man pages and I don't see anything referencing -c for doveadm? Or do you mean that I should be running the full dovecot server process from the source server with an alternate configuration? If I change the name space won't it fail to find the local folders in their mailbox? Cheers, Mark On 2016-01-30 19:05, Timo Sirainen wrote: >> On 29 Jan 2016, at 23:16, Mark Little wrote: >> >> Hi everyone, >> >> I'm hoping I am just missing something obvious - but I cannot seem to >> get a one-way migration dsync working between two Dovecot servers >> because the Prefix configuration is different. > > I think a regular dsync -> dsync migration won't work then directly, > because it assumes similar source and destination namespaces. One > possibility would be that if you start dsync from the destination > server, you simply point it to a configuration with a similar > namespace config (via -c dovecot.conf) as the source. It should still > write everything correctly so that afterwards you can run with the > wanted the namespace prefix (i.e. prefix can be changed in > dovecot.conf without having to modify any per-user files). Another > possibility would be to do imapc sync and set imapc_prefix=INBOX. - > see http://wiki2.dovecot.org/Migration/Dsync From jtam.home at gmail.com Mon Feb 1 22:16:08 2016 From: jtam.home at gmail.com (Joseph Tam) Date: Mon, 1 Feb 2016 14:16:08 -0800 (PST) Subject: Mail User Agent? In-Reply-To: References: Message-ID: Axel Luttgens writes: >> Le 1 f?vr. 2016 ? 17:50, absolutely_free at libero.it a ?crit : >> >> Hi,is there a way to log which MUA is being used from an user? >> # dovecot --version2.0.9 >> Thank you > > Unless I missed some recent changes, neither POP nor IMAP protocols > make provisions for having the client to send such info. > > As a result, dovecot does not have that info. I regularly get such info in my logs e.g. Feb 1 14:10:45 server dovecot: imap(user): ID sent: name=iPhone Mail, version=12F70, os=iOS, os-version=8.3 (12F70) Only for IMAP (ID extension?). Joseph Tam From john.1209 at yahoo.com Tue Feb 2 00:51:37 2016 From: john.1209 at yahoo.com (John Williams) Date: Tue, 2 Feb 2016 00:51:37 +0000 (UTC) Subject: Dovecot with Maildir In-Reply-To: References: Message-ID: <1447159284.165180.1454374297474.JavaMail.yahoo@mail.yahoo.com> Dovecot logs as follows: Feb ?1 19:36:34 speedy dovecot: imap-login: Login: user=, method=PLAIN, rip=10.163.195.83, lip=10.163.195.82, mpid=7481, session=Feb ?1 19:36:37 speedy dovecot: imap-login: Login: user=, method=PLAIN, rip=10.163.195.83, lip=10.163.195.82, mpid=7483, session=Feb ?1 19:36:37 speedy dovecot: imap(rsmith): Disconnected: Logged out in=95 out=440Feb ?1 19:37:24 speedy dovecot: imap(rsmith): Connection closed in=275 out=995Feb ?1 19:37:27 speedy dovecot: imap-login: Login: user=, method=PLAIN, rip=10.163.195.83, lip=10.163.195.82, mpid=7485, session=Feb ?1 19:37:28 speedy dovecot: imap(rsmith): Disconnected: Logged out in=298 out=1130Feb ?1 19:37:28 speedy dovecot: imap-login: Login: user=, method=PLAIN, rip=10.163.195.83, lip=10.163.195.82, mpid=7487, session=Feb ?1 19:37:30 speedy dovecot: imap-login: Login: user=, method=PLAIN, rip=10.163.195.83, lip=10.163.195.82, mpid=7489, session=<5h3qtL4qTACto8NT>Feb ?1 19:37:31 speedy dovecot: imap(rsmith): Disconnected: Logged out in=95 out=440 The maildir on my instance is located in /var/log/mail. The output of doveadm is as follows: root at speedy:/var/mail# doveadm user -u jsmithuserdb: jsmith? system_groups_user: jsmith? uid ? ? ? : 1000? gid ? ? ? : 1000? home ? ? ?: /home/jsmith If that home variable is suppose to be the maildir folder it is wrong. ?It should be /var/mail/jsmith. ?If that is the problem, where or how do I change it. Thanks in advance!! From: Steffen Kaiser To: John Williams Cc: "dovecot at dovecot.org" Sent: Monday, February 1, 2016 3:43 AM Subject: Re: Dovecot with Maildir -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sat, 30 Jan 2016, John Williams wrote: > I believe (not sure actually) the answer is in the mail_location variable for Dovecot. ?This is what I've tried so far: > #mail_location = mbox:~/mail:INBOX=/var/mail/%u#mail_location = maildir:/var/mail/%u/Maildir#mail_location = maildir:~/Maildir:INDEX=/var/mail/%umail_location = maildir:/var/mail/%u/Maildir What does Dovecot log?Where are your Maildir directories located? What does doveadm user -u username print? - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVq8alHz1H7kL/d9rAQIRYwgAtapJ2Br/zhYHrmze2k59G9wul8lT43Ga oUdsRb2JYEXeR51z5iHTIZKHUN2+l79g0qouvXJmNarTEUnXetavyss91cDzYw8n cGpzpb4M75BCLgVpPKiExnlPG5y7fFEHiOAMa2bwRsMlDEgtpbUQTBx+d9MuxniB QzXMJuSuwm0UN8OEO4Ct4jsNCtkt7bRPVGej0yj0aRZFFOPcvzLH9Bi6sWjNtfcx PU8UMlP4byyf7yBptcZ8FTnAZA4lcZdy8fnxrN91cHtqgSBbP1hfGORQcYcNS2Qu pZgU2SYugArDoxU5X+LxCCFugk0/KYPcWS1sH3S8svKTTEvjddg4Kw== =E6ey -----END PGP SIGNATURE----- From skdovecot at smail.inf.fh-brs.de Tue Feb 2 07:34:20 2016 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Tue, 2 Feb 2016 08:34:20 +0100 (CET) Subject: Dovecot with Maildir In-Reply-To: <1447159284.165180.1454374297474.JavaMail.yahoo@mail.yahoo.com> References: <1447159284.165180.1454374297474.JavaMail.yahoo@mail.yahoo.com> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 2 Feb 2016, John Williams wrote: > Dovecot logs as follows: > Feb ?1 19:36:34 speedy dovecot: imap-login: Login: user=, method=PLAIN, rip=10.163.195.83, lip=10.163.195.82, mpid=7481, session= > Feb ?1 19:36:37 speedy dovecot: imap-login: Login: user=, method=PLAIN, rip=10.163.195.83, lip=10.163.195.82, mpid=7483, session= > Feb ?1 19:36:37 speedy dovecot: imap(rsmith): Disconnected: Logged out in=95 out=440Feb ?1 19:37:24 speedy dovecot: imap(rsmith): Connection closed in=275 out=995 > Feb ?1 19:37:27 speedy dovecot: imap-login: Login: user=, method=PLAIN, rip=10.163.195.83, lip=10.163.195.82, mpid=7485, session= > Feb ?1 19:37:28 speedy dovecot: imap(rsmith): Disconnected: Logged out in=298 out=1130 please increase logging, see mail_debug at http://wiki2.dovecot.org/Logging That will reveal, what mail location and inbox is used really. > The maildir on my instance is located in /var/log/mail. /var/__log__/mail ?? > The output of doveadm is as follows: > root at speedy:/var/mail# doveadm user -u jsmithuserdb: jsmith? system_groups_user: jsmith? uid ? ? ? : 1000? gid ? ? ? : 1000? home ? ? ?: /home/jsmith > If that home variable is suppose to be the maildir folder it is wrong. That looks good. About home vs. mail location see http://wiki2.dovecot.org/VirtualUsers/Home (applies to all users) and http://wiki2.dovecot.org/MailLocation >?It should be /var/mail/jsmith. ?If that is the problem, where or how do Is /var/mail/jsmith a directory or a file? If it is a directory, use something like: mail_location = maildir:/var/mail/%n - -or- mail_location = maildir:/var/mail/%n/Maildir depending on how the content of the directory looks like. If it is a file, use mail_location = maildir:~/Maildir:INBOX=/var/mail/%n === How does the userdb section of doveconf -n looks like? - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVrBb/Xz1H7kL/d9rAQJ3ewf9Hif5QHRuwTacc9vPEcRleE++OUpe9V21 nftpqOgDW0a+NX6FRXRABg/lBAP0fUzRN3RKgFmdBLL6N1ZCMyLYKPgyr+8Lcs39 oDJejNSZ+HSjGRIxzH4zbf2G8PDlxjpT02jybJKvmegKIMaPxV9Q4knYj5Zo2IQB lRgL4j+2WnP1P7gKuvvjoX/TbVh7v9cREULDM5krXXkZJ+TtsTMT8v5uYAAbxWGl gdfqVYOF+dLuHrGCe1KdVxvn1vDKuotSpKLFsgr4WluavOQwJx0Ws3/NaKvfj66d 7Xzkg2zR1VnQH9QsnsBeqWzHcm1hwJTlxLmdBwxF8KL/jdF8M1YLfw== =sEW+ -----END PGP SIGNATURE----- From crohmann at netcologne.de Tue Feb 2 10:52:37 2016 From: crohmann at netcologne.de (Christian Rohmann) Date: Tue, 2 Feb 2016 11:52:37 +0100 Subject: Can you "doveadm search" with mailbox location instead of a user (-u option)? In-Reply-To: <1F74CAD1-F3AD-4CF1-A25C-1B883131FADC@iki.fi> References: <56A8CBE1.2020303@netcologne.de> <1F74CAD1-F3AD-4CF1-A25C-1B883131FADC@iki.fi> Message-ID: <56B08A75.3040303@netcologne.de> On 01/29/2016 03:41 PM, Timo Sirainen wrote: > You can use: > > doveadm -o mail=maildir:/srv/mailboxes/example.com/mailbox123 search new > > You don't actually have to use the -u parameter, although doveadm may be using the wrong UID/GID/home then. Awesome. Maybe the usage output # /opt/dovecot/bin/doveadm search doveadm search [-u |-A] [-S ] should then not tell the user that "-u" needs to be given or better explain that "-o mail=" is also a valid way to define which mailbox. Thanks again Timo for one versatile piece of good software! Christian From dovecot at haravikk.me Tue Feb 2 11:09:58 2016 From: dovecot at haravikk.me (Haravikk) Date: Tue, 2 Feb 2016 11:09:58 +0000 Subject: Disable Client Certificate Authentication for Unencrypted Connections? In-Reply-To: <2D13A4B1-5F8C-4CAD-98E8-A708C2402999@haravikk.me> References: <369CB6E7-81BD-4872-AE72-D71A7CEC48CD@haravikk.me> <3ABCC028-7102-4223-98DD-0973F34774A1@skynet.be> <2D13A4B1-5F8C-4CAD-98E8-A708C2402999@haravikk.me> Message-ID: So I still haven?t found a way to require client certificates only for port 993/IMAPS while leaving unencrypted IMAP open for local, trusted, services. Is there really no way to do this? I just found out how to do the same thing for postfix (turns out it?s fairly easy, just a matter of adding the settings in the right parts of master.cf instead of main.cf), allowing me to restrict client certificate verification to port 587 (I don?t accept port 465) without interfering with incoming mail server connections on port 25. > On 29 Jan 2016, at 13:00, Haravikk wrote: > >> >> On 27 Jan 2016, at 21:55, Axel Luttgens wrote: >> >> Hello Haravikk, >> >> Perhaps could you try to devise an exception based on one (or more) "remote" section(s), as in: >> >> remote ip.of.webmail.server { >> ssl_verify_client_cert = no >> [other settings, if needed] >> } >> >> But I guess you would need to combine this with inner protocol blocks, and probably to replace the "protocol !smtp" block with less general settings. >> >> HTH, >> Axel > > Thanks for the suggestion! > > Unfortunately the problem seems to be auth_ssl_require_client_cert; it can only be added to protocol blocks not to local or remote ones. Turning off ssl_verify_client_cert doesn?t seem to prevent dovecot from requiring a certificate if auth_ssl_require_client_cert is enabled (it may even force ssl_verify_client_cert to on implicitly, I?m not sure). > > It?s annoying because at present it seems like my only option would be to limit client certificates to POP3 and use that in my mail clients, allowing me to disable client certificates for IMAP to keep it free for Roundcube to use exclusively, but that?s not really an option. From azurit at pobox.sk Tue Feb 2 12:19:13 2016 From: azurit at pobox.sk (azurit at pobox.sk) Date: Tue, 02 Feb 2016 13:19:13 +0100 Subject: Mail User Agent? In-Reply-To: References: Message-ID: <20160202131913.Horde.CkVbltwjAYBZChOJ7Tqg9k0@webmail.inetadmin.eu> Cit?t Joseph Tam : > Axel Luttgens writes: > >>> Le 1 f?vr. 2016 ? 17:50, absolutely_free at libero.it a ?crit : >>> >>> Hi,is there a way to log which MUA is being used from an user? >>> # dovecot --version2.0.9 >>> Thank you >> >> Unless I missed some recent changes, neither POP nor IMAP protocols >> make provisions for having the client to send such info. As a >> result, dovecot does not have that info. > > I regularly get such info in my logs e.g. > > Feb 1 14:10:45 server dovecot: imap(user): ID sent: name=iPhone > Mail, version=12F70, > os=iOS, os-version=8.3 (12F70) > > Only for IMAP (ID extension?). How this ID extension can be enabled in Dovecot? From which version is it supported? From tss at iki.fi Tue Feb 2 12:19:37 2016 From: tss at iki.fi (Timo Sirainen) Date: Tue, 2 Feb 2016 14:19:37 +0200 Subject: Disable Client Certificate Authentication for Unencrypted Connections? In-Reply-To: References: <369CB6E7-81BD-4872-AE72-D71A7CEC48CD@haravikk.me> <3ABCC028-7102-4223-98DD-0973F34774A1@skynet.be> <2D13A4B1-5F8C-4CAD-98E8-A708C2402999@haravikk.me> Message-ID: <57C8B9EA-0BD9-4F8F-9990-C3D6D920C95D@iki.fi> On 02 Feb 2016, at 13:09, Haravikk wrote: > > So I still haven?t found a way to require client certificates only for port 993/IMAPS while leaving unencrypted IMAP open for local, trusted, services. > > Is there really no way to do this? I just found out how to do the same thing for postfix (turns out it?s fairly easy, just a matter of adding the settings in the right parts of master.cf instead of main.cf), allowing me to restrict client certificate verification to port 587 (I don?t accept port 465) without interfering with incoming mail server connections on port 25. If you really want to do it, you could do it something like this (not tested - probably needs some additions/changes): # no 993 port for this imap-login service imap-login { inet_listener imaps { port = 0 } } # create a duplicate 993 service service imap-login-ssl { executable = imap-login login-ssl chroot = login user = $default_login_user # add other settings similarly as to service imap-login inet_listener imaps { port = 993 } } # create a separate auth master process for port 993 service auth-ssl { executable = auth -o auth_ssl_require_client_cert=yes # add other settings similarly as to service auth unix_listener login/login-ssl { mode = 0666 } } From tss at iki.fi Tue Feb 2 12:22:37 2016 From: tss at iki.fi (Timo Sirainen) Date: Tue, 2 Feb 2016 14:22:37 +0200 Subject: dsync issues due to Prefix difference? In-Reply-To: References: <720942e870f0a0a762ad972d06c7e70f@koallo.com> <613815EF-A6AF-498D-9314-49243BAB13C8@iki.fi> Message-ID: > On 01 Feb 2016, at 23:39, Mark Little wrote: > > Hi Timo, > > Thank you very much for the information. I had seen the DSync page but I was confused as to how to configure it. I'd definitely love to be able to get the proper dsync migration working as I have some clients who use POP3 and others who use IMAP and I want to make this seamless for all if possible. > > Could you please elaborate on how I specify the alternate dovecot.conf? I've gone through the man pages and I don't see anything referencing -c for doveadm? Or do you mean that I should be running the full dovecot server process from the source server with an alternate configuration? -c is a global option for all dovecot binaries, including doveadm. I guess all the global options should be included in all the man pages.. > If I change the name space won't it fail to find the local folders in their mailbox? I'm not sure what you mean here. It's possible to switch between namespaces on the fly without losing anything (besides clients seeing them differently). > > > Cheers, > Mark > > On 2016-01-30 19:05, Timo Sirainen wrote: >>> On 29 Jan 2016, at 23:16, Mark Little wrote: >>> Hi everyone, >>> I'm hoping I am just missing something obvious - but I cannot seem to get a one-way migration dsync working between two Dovecot servers because the Prefix configuration is different. >> I think a regular dsync -> dsync migration won't work then directly, >> because it assumes similar source and destination namespaces. One >> possibility would be that if you start dsync from the destination >> server, you simply point it to a configuration with a similar >> namespace config (via -c dovecot.conf) as the source. It should still >> write everything correctly so that afterwards you can run with the >> wanted the namespace prefix (i.e. prefix can be changed in >> dovecot.conf without having to modify any per-user files). Another >> possibility would be to do imapc sync and set imapc_prefix=INBOX. - >> see http://wiki2.dovecot.org/Migration/Dsync From tss at iki.fi Tue Feb 2 12:44:14 2016 From: tss at iki.fi (Timo Sirainen) Date: Tue, 2 Feb 2016 14:44:14 +0200 Subject: Disable Client Certificate Authentication for Unencrypted Connections? In-Reply-To: <57C8B9EA-0BD9-4F8F-9990-C3D6D920C95D@iki.fi> References: <369CB6E7-81BD-4872-AE72-D71A7CEC48CD@haravikk.me> <3ABCC028-7102-4223-98DD-0973F34774A1@skynet.be> <2D13A4B1-5F8C-4CAD-98E8-A708C2402999@haravikk.me> <57C8B9EA-0BD9-4F8F-9990-C3D6D920C95D@iki.fi> Message-ID: > On 02 Feb 2016, at 14:19, Timo Sirainen wrote: > > On 02 Feb 2016, at 13:09, Haravikk wrote: >> >> So I still haven?t found a way to require client certificates only for port 993/IMAPS while leaving unencrypted IMAP open for local, trusted, services. >> >> Is there really no way to do this? I just found out how to do the same thing for postfix (turns out it?s fairly easy, just a matter of adding the settings in the right parts of master.cf instead of main.cf), allowing me to restrict client certificate verification to port 587 (I don?t accept port 465) without interfering with incoming mail server connections on port 25. > > If you really want to do it, you could do it something like this (not tested - probably needs some additions/changes): Oh, except now you have two auth master processes, so the final userdb lookup would have to go to the right auth process. This requires the attached patch. After that you can do: # no 993 port for this imap-login service imap-login { inet_listener imaps { port = 0 } } # create a duplicate 993 service service imap-login-ssl { executable = imap-login -P imap-ssl login-ssl chroot = login user = $default_login_user # add other settings similarly as to service imap-login inet_listener imaps { port = 993 } } service imap-ssl { executable = imap -S auth-master-ssl unix_listener login/imap-ssl { user = $default_login_user } } # create a separate auth master process for port 993 service auth-ssl { executable = auth -o auth_ssl_require_client_cert=yes # add other settings similarly as to service auth unix_listener login/login-ssl { mode = 0666 } unix_listener auth-master-ssl { } } -------------- next part -------------- A non-text attachment was scrubbed... Name: multi-auth-master.diff Type: application/octet-stream Size: 2961 bytes Desc: not available URL: From dovecot at haravikk.me Tue Feb 2 13:15:13 2016 From: dovecot at haravikk.me (Haravikk) Date: Tue, 2 Feb 2016 13:15:13 +0000 Subject: Disable Client Certificate Authentication for Unencrypted Connections? In-Reply-To: References: <369CB6E7-81BD-4872-AE72-D71A7CEC48CD@haravikk.me> <3ABCC028-7102-4223-98DD-0973F34774A1@skynet.be> <2D13A4B1-5F8C-4CAD-98E8-A708C2402999@haravikk.me> <57C8B9EA-0BD9-4F8F-9990-C3D6D920C95D@iki.fi> Message-ID: <4CE1187C-3851-4C9B-A892-79A96D6D5F0B@haravikk.me> That definitely seems promising! Though I?m a little uncomfortable about having to apply a patch to make it work. However it?s got me curious; could I do something similar by defining a second IMAP protocol? Since the protocol !smtp option can enable client certificates for only some protocols, it seems like if I could copy (or symlink) the IMAP protocol into a second IMAPS protocol then I could possibly create the exception using protocol !imap !smtp, could something like that work? Of course I don?t know enough about how dovecot?s protocol modularity works, so I?m not sure what this would involve exactly, but if it could avoid the need for patching it might be a nice way to achieve the same goal. > On 2 Feb 2016, at 12:44, Timo Sirainen wrote: > > >> On 02 Feb 2016, at 14:19, Timo Sirainen wrote: >> >> On 02 Feb 2016, at 13:09, Haravikk wrote: >>> >>> So I still haven?t found a way to require client certificates only for port 993/IMAPS while leaving unencrypted IMAP open for local, trusted, services. >>> >>> Is there really no way to do this? I just found out how to do the same thing for postfix (turns out it?s fairly easy, just a matter of adding the settings in the right parts of master.cf instead of main.cf), allowing me to restrict client certificate verification to port 587 (I don?t accept port 465) without interfering with incoming mail server connections on port 25. >> >> If you really want to do it, you could do it something like this (not tested - probably needs some additions/changes): > > Oh, except now you have two auth master processes, so the final userdb lookup would have to go to the right auth process. This requires the attached patch. After that you can do: > > # no 993 port for this imap-login > service imap-login { > inet_listener imaps { > port = 0 > } > } > > # create a duplicate 993 service > service imap-login-ssl { > executable = imap-login -P imap-ssl login-ssl > chroot = login > user = $default_login_user > # add other settings similarly as to service imap-login > inet_listener imaps { > port = 993 > } > } > > service imap-ssl { > executable = imap -S auth-master-ssl > unix_listener login/imap-ssl { > user = $default_login_user > } > } > > # create a separate auth master process for port 993 > service auth-ssl { > executable = auth -o auth_ssl_require_client_cert=yes > # add other settings similarly as to service auth > unix_listener login/login-ssl { > mode = 0666 > } > unix_listener auth-master-ssl { > } > } > > From mail at tomsommer.dk Tue Feb 2 14:11:23 2016 From: mail at tomsommer.dk (Tom Sommer) Date: Tue, 02 Feb 2016 15:11:23 +0100 Subject: Mail User Agent? In-Reply-To: References: <138531110.5366231454345418123.JavaMail.httpd@webmail-29.iol.local> <16A48296-D188-478C-9DB1-A187E53BD55E@skynet.be> Message-ID: How do you enable this? I can't seem to find any information about it. --- Tom Sommer On 2016-02-01 18:32, Jeff Stedfast wrote: > IMAP actually has an ID extension where the client can send this info, > but > it doesn't force the client to send it. > > Jeff > > On Mon, Feb 1, 2016 at 12:19 PM, Axel Luttgens > > wrote: > >> >> > Le 1 f?vr. 2016 ? 17:50, absolutely_free at libero.it a ?crit : >> > >> > Hi,is there a way to log which MUA is being used from an user? >> > # dovecot --version2.0.9 >> > Thank you >> >> Unless I missed some recent changes, neither POP nor IMAP protocols >> make >> provisions for having the client to send such info. >> >> As a result, dovecot does not have that info. >> >> HTH, >> Axel >> From marklittle at koallo.com Tue Feb 2 15:04:06 2016 From: marklittle at koallo.com (Mark Little) Date: Tue, 02 Feb 2016 10:04:06 -0500 Subject: dsync issues due to Prefix =?UTF-8?Q?difference=3F?= In-Reply-To: References: <720942e870f0a0a762ad972d06c7e70f@koallo.com> <613815EF-A6AF-498D-9314-49243BAB13C8@iki.fi> Message-ID: On 2016-02-02 07:22, Timo Sirainen wrote: >> On 01 Feb 2016, at 23:39, Mark Little wrote: >> >> Hi Timo, >> >> Thank you very much for the information. I had seen the DSync page >> but I was confused as to how to configure it. I'd definitely love to >> be able to get the proper dsync migration working as I have some >> clients who use POP3 and others who use IMAP and I want to make this >> seamless for all if possible. >> >> Could you please elaborate on how I specify the alternate >> dovecot.conf? I've gone through the man pages and I don't see >> anything referencing -c for doveadm? Or do you mean that I should be >> running the full dovecot server process from the source server with an >> alternate configuration? > > -c is a global option for all dovecot binaries, including doveadm. I > guess all the global options should be included in all the man pages.. > Ok great. I will try that out. So you are saying I could run the daemon on a source server specifying to use a different config with the namespace matching the other, and then when dsync connects it will see the namespaces as the same? >> If I change the name space won't it fail to find the local folders in >> their mailbox? > > I'm not sure what you mean here. It's possible to switch between > namespaces on the fly without losing anything (besides clients seeing > them differently). > Ok. I am just realizing that I am probably unable to have a transparent migration for IMAP, right? Seeing as my destination is using a different Prefix, that means some IMAP clients will not see their migrated folders by default unless they update their configuration. I am mainly concerned about POP3 I guess, because if IMAP has to re-download it's not as big of a deal because everything is already marked as read.. but re-downloading POP3 doesn't work the same. I tried following the dsync page but I cannot get it working. Do I just have to include the POP3 configuration examples, or the IMAP too? Do I need to use 'pop3c:' at the end of the line instead of imapc: (eg: 'doveadm -R -u user at domain pop3c:') to signify it needs to preserve the UIDL's? Do I need to add the same settings to the source as well as destination? or just one side? I tried yesterday but then ended up breaking Dovecot on my destination server. After I added the pop3-migration namespace part to the namespace section, all users were failing with: 'Error: User initialization failed: namespace configuration error: list=yes namespace missing' Sorry for all the questions but the I am unable to work it out from the documentation documentation. If you know of some examples or some additional documentation it would be very appreciated. Thanks, Mark >> On 2016-01-30 19:05, Timo Sirainen wrote: >>>> On 29 Jan 2016, at 23:16, Mark Little wrote: >>>> Hi everyone, >>>> I'm hoping I am just missing something obvious - but I cannot seem >>>> to get a one-way migration dsync working between two Dovecot servers >>>> because the Prefix configuration is different. >>> I think a regular dsync -> dsync migration won't work then directly, >>> because it assumes similar source and destination namespaces. One >>> possibility would be that if you start dsync from the destination >>> server, you simply point it to a configuration with a similar >>> namespace config (via -c dovecot.conf) as the source. It should still >>> write everything correctly so that afterwards you can run with the >>> wanted the namespace prefix (i.e. prefix can be changed in >>> dovecot.conf without having to modify any per-user files). Another >>> possibility would be to do imapc sync and set imapc_prefix=INBOX. - >>> see http://wiki2.dovecot.org/Migration/Dsync From azurit at pobox.sk Tue Feb 2 15:10:02 2016 From: azurit at pobox.sk (azurit at pobox.sk) Date: Tue, 02 Feb 2016 16:10:02 +0100 Subject: Autosubscribe but not autocreate? Message-ID: <20160202161002.Horde.XsDflYZjcGUCUWN57emRInI@webmail.inetadmin.eu> Hi, is it possible to set a mailbox to autosubscribe IF it exists but NOT autocreate if it doesn't exists? We are having problems with users and Spam folders which are not subscribed so users doesn't see e-mails which are saved there. On the other hand, we don't want to recreate Spam folders which were deleted by users (some of them don't want to filter spam so they deleted Spam folder and spam is saved into INBOX). Or is it somehow possible to subscribe to a folder while creating e-mail account (i'm trying to save its name to 'subscriptions' file but it doesn't work)? Thnak you. azur From tss at iki.fi Tue Feb 2 16:00:23 2016 From: tss at iki.fi (Timo Sirainen) Date: Tue, 2 Feb 2016 18:00:23 +0200 Subject: Disable Client Certificate Authentication for Unencrypted Connections? In-Reply-To: <4CE1187C-3851-4C9B-A892-79A96D6D5F0B@haravikk.me> References: <369CB6E7-81BD-4872-AE72-D71A7CEC48CD@haravikk.me> <3ABCC028-7102-4223-98DD-0973F34774A1@skynet.be> <2D13A4B1-5F8C-4CAD-98E8-A708C2402999@haravikk.me> <57C8B9EA-0BD9-4F8F-9990-C3D6D920C95D@iki.fi> <4CE1187C-3851-4C9B-A892-79A96D6D5F0B@haravikk.me> Message-ID: <30982D99-D66E-4A37-BD6B-9BEAF3A7493C@iki.fi> > On 02 Feb 2016, at 15:15, Haravikk wrote: > > That definitely seems promising! Though I?m a little uncomfortable about having to apply a patch to make it work. I'll add those patches to future releases, at least once I verify that they work. > However it?s got me curious; could I do something similar by defining a second IMAP protocol? Since the protocol !smtp option can enable client certificates for only some protocols, it seems like if I could copy (or symlink) the IMAP protocol into a second IMAPS protocol then I could possibly create the exception using protocol !imap !smtp, could something like that work? Of course I don?t know enough about how dovecot?s protocol modularity works, so I?m not sure what this would involve exactly, but if it could avoid the need for patching it might be a nice way to achieve the same goal. Interesting idea. I guess that could work, except that imap-login binary is hardcoded to send "imap" as the protocol to auth process. In theory you could write a wrapper service between imap-login and auth that changes the imap to imaps, but that's not trivial.. Maybe the protocol name could be made configurable via another command line parameter. It would at least simplify the service changes. > >> On 2 Feb 2016, at 12:44, Timo Sirainen wrote: >> >> >>> On 02 Feb 2016, at 14:19, Timo Sirainen wrote: >>> >>> On 02 Feb 2016, at 13:09, Haravikk wrote: >>>> >>>> So I still haven?t found a way to require client certificates only for port 993/IMAPS while leaving unencrypted IMAP open for local, trusted, services. >>>> >>>> Is there really no way to do this? I just found out how to do the same thing for postfix (turns out it?s fairly easy, just a matter of adding the settings in the right parts of master.cf instead of main.cf), allowing me to restrict client certificate verification to port 587 (I don?t accept port 465) without interfering with incoming mail server connections on port 25. >>> >>> If you really want to do it, you could do it something like this (not tested - probably needs some additions/changes): >> >> Oh, except now you have two auth master processes, so the final userdb lookup would have to go to the right auth process. This requires the attached patch. After that you can do: >> >> # no 993 port for this imap-login >> service imap-login { >> inet_listener imaps { >> port = 0 >> } >> } >> >> # create a duplicate 993 service >> service imap-login-ssl { >> executable = imap-login -P imap-ssl login-ssl >> chroot = login >> user = $default_login_user >> # add other settings similarly as to service imap-login >> inet_listener imaps { >> port = 993 >> } >> } >> >> service imap-ssl { >> executable = imap -S auth-master-ssl >> unix_listener login/imap-ssl { >> user = $default_login_user >> } >> } >> >> # create a separate auth master process for port 993 >> service auth-ssl { >> executable = auth -o auth_ssl_require_client_cert=yes >> # add other settings similarly as to service auth >> unix_listener login/login-ssl { >> mode = 0666 >> } >> unix_listener auth-master-ssl { >> } >> } >> >> From chris2014 at postbox.xyz Tue Feb 2 18:05:56 2016 From: chris2014 at postbox.xyz (Chris) Date: Tue, 2 Feb 2016 19:05:56 +0100 Subject: IMAP ACLs for groups Message-ID: <93f19c4b4d269c6f0b32946b4477e6eb.squirrel@mail2.postbox.xyz> Dear All, is there any way to assign POSIX groups to Dovecot IMAP-ACLs? I've tried that today, but I could only open a public folder when my username was listed in the ACL. A group didn't work. How do you manage ACLs for intenseley used public folders with many users? What backend do you use for user management and ACLs? Is there any way to extend permissions? Are there any scripts available that set permissions or grant them when logging in? - Chris From jtam.home at gmail.com Tue Feb 2 19:43:13 2016 From: jtam.home at gmail.com (Joseph Tam) Date: Tue, 2 Feb 2016 11:43:13 -0800 (PST) Subject: Mail User Agent? In-Reply-To: References: Message-ID: azurit at pobox.sk and Tom Sommer asks: > How this ID extension can be enabled in Dovecot? From which version is > it supported? Accordind to Dovecot CAPA's response, it is already enabled * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS LOGINDISABLED] Ready. However, as a previous poster noted, Dovecot doesn't do anything with it other than to log it. The client can elect to ignore it or send an ID string. The ID extension is documented here https://www.ietf.org/rfc/rfc2971.txt I speculated it could be used as a client-side CAPA info so that an IMAP server can modify it's behaviour knowing it's dealing with a certain client, but that is flatly forbidden by RFC (Quoting from RFC) The sole purpose of the ID extension is to enable clients and servers to exchange information on their implementations for the purposes of statistical analysis and problem determination. ... Implementations MUST NOT make operational changes based on the data sent as part of the ID command or response. The ID command is for human consumption only, and is not to be used in improving the performance of clients or servers. Joseph Tam From azurit at pobox.sk Tue Feb 2 20:00:22 2016 From: azurit at pobox.sk (azurit at pobox.sk) Date: Tue, 02 Feb 2016 21:00:22 +0100 Subject: Mail User Agent? In-Reply-To: References: Message-ID: <20160202210022.Horde.yThsYcWpeNEPAGIyVJB5nLh@webmail.inetadmin.eu> Cit?t Joseph Tam : > azurit at pobox.sk and Tom Sommer asks: > >> How this ID extension can be enabled in Dovecot? From which version is >> it supported? > > Accordind to Dovecot CAPA's response, it is already enabled > > * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID > ENABLE IDLE STARTTLS LOGINDISABLED] Ready. > > However, as a previous poster noted, Dovecot doesn't do anything with > it other than to log it. The client can elect to ignore it or send an > ID string. The ID extension is documented here > > https://www.ietf.org/rfc/rfc2971.txt > > I speculated it could be used as a client-side CAPA info so that an IMAP > server can modify it's behaviour knowing it's dealing with a certain > client, but that is flatly forbidden by RFC > > (Quoting from RFC) > The sole purpose of the ID extension is to enable clients and > servers to exchange information on their implementations for > the purposes of statistical analysis and problem determination. > > ... > > Implementations MUST NOT make operational changes based on the > data sent as part of the ID command or response. The ID command > is for human consumption only, and is not to be used in improving > the performance of clients or servers. > > Joseph Tam Thank you for info. Well, i understand that clients are not forced to send the info but, in my logs, there's no single ID info. Do i need to enable logging of it or something? From tss at iki.fi Tue Feb 2 22:27:20 2016 From: tss at iki.fi (Timo Sirainen) Date: Wed, 3 Feb 2016 00:27:20 +0200 Subject: Mail User Agent? In-Reply-To: <20160202210022.Horde.yThsYcWpeNEPAGIyVJB5nLh@webmail.inetadmin.eu> References: <20160202210022.Horde.yThsYcWpeNEPAGIyVJB5nLh@webmail.inetadmin.eu> Message-ID: <0FE39EDA-D531-4B96-8F3C-FDCD91945D12@iki.fi> On 02 Feb 2016, at 22:00, azurit at pobox.sk wrote: > > Thank you for info. Well, i understand that clients are not forced to send the info but, in my logs, there's no single ID info. Do i need to enable logging of it or something? imap_id_log = * From john.1209 at yahoo.com Wed Feb 3 05:11:26 2016 From: john.1209 at yahoo.com (John Williams) Date: Wed, 3 Feb 2016 05:11:26 +0000 (UTC) Subject: Dovecot with Maildir In-Reply-To: References: Message-ID: <1699336619.879806.1454476286173.JavaMail.yahoo@mail.yahoo.com> WOE HOE! ?Worked! So I changed? mail_location = maildir:/var/mail/%u/Maildirtomail_location = maildir:/var/mail/%n and now it all works! Thanks much! From: Steffen Kaiser To: John Williams Cc: "dovecot at dovecot.org" Sent: Tuesday, February 2, 2016 2:34 AM Subject: Re: Dovecot with Maildir -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 2 Feb 2016, John Williams wrote: > Dovecot logs as follows: > Feb ?1 19:36:34 speedy dovecot: imap-login: Login: user=, method=PLAIN, rip=10.163.195.83, lip=10.163.195.82, mpid=7481, session= > Feb ?1 19:36:37 speedy dovecot: imap-login: Login: user=, method=PLAIN, rip=10.163.195.83, lip=10.163.195.82, mpid=7483, session= > Feb ?1 19:36:37 speedy dovecot: imap(rsmith): Disconnected: Logged out in=95 out=440Feb ?1 19:37:24 speedy dovecot: imap(rsmith): Connection closed in=275 out=995 > Feb ?1 19:37:27 speedy dovecot: imap-login: Login: user=, method=PLAIN, rip=10.163.195.83, lip=10.163.195.82, mpid=7485, session= > Feb ?1 19:37:28 speedy dovecot: imap(rsmith): Disconnected: Logged out in=298 out=1130 please increase logging, see mail_debug at http://wiki2.dovecot.org/Logging That will reveal, what mail location and inbox is used really. > The maildir on my instance is located in /var/log/mail. /var/__log__/mail ?? > The output of doveadm is as follows: > root at speedy:/var/mail# doveadm user -u jsmithuserdb: jsmith? system_groups_user: jsmith? uid ? ? ? : 1000? gid ? ? ? : 1000? home ? ? ?: /home/jsmith > If that home variable is suppose to be the maildir folder it is wrong. That looks good. About home vs. mail location see http://wiki2.dovecot.org/VirtualUsers/Home (applies to all users) and http://wiki2.dovecot.org/MailLocation >?It should be /var/mail/jsmith. ?If that is the problem, where or how do Is /var/mail/jsmith a directory or a file? If it is a directory, use something like: mail_location = maildir:/var/mail/%n - -or- mail_location = maildir:/var/mail/%n/Maildir depending on how the content of the directory looks like. If it is a file, use mail_location = maildir:~/Maildir:INBOX=/var/mail/%n === How does the userdb section of doveconf -n looks like? - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVrBb/Xz1H7kL/d9rAQJ3ewf9Hif5QHRuwTacc9vPEcRleE++OUpe9V21 nftpqOgDW0a+NX6FRXRABg/lBAP0fUzRN3RKgFmdBLL6N1ZCMyLYKPgyr+8Lcs39 oDJejNSZ+HSjGRIxzH4zbf2G8PDlxjpT02jybJKvmegKIMaPxV9Q4knYj5Zo2IQB lRgL4j+2WnP1P7gKuvvjoX/TbVh7v9cREULDM5krXXkZJ+TtsTMT8v5uYAAbxWGl gdfqVYOF+dLuHrGCe1KdVxvn1vDKuotSpKLFsgr4WluavOQwJx0Ws3/NaKvfj66d 7Xzkg2zR1VnQH9QsnsBeqWzHcm1hwJTlxLmdBwxF8KL/jdF8M1YLfw== =sEW+ -----END PGP SIGNATURE----- From leon at dexterous.org Wed Feb 3 06:03:55 2016 From: leon at dexterous.org (Leon Kyneur) Date: Wed, 03 Feb 2016 06:03:55 +0000 Subject: Apply modifier on long_name variables Message-ID: Hi, Wondering why it's not possible to do the following in ldap args file: base = ou=People,dc=%Ddomain_first,o=ISP however this does work: base = ou=People,dc=%Dd,o=ISP is it intentional that modifiers do not work on long names? Thanks Leon From leon at dexterous.org Wed Feb 3 06:49:47 2016 From: leon at dexterous.org (Leon Kyneur) Date: Wed, 03 Feb 2016 06:49:47 +0000 Subject: Apply modifier on long_name variables In-Reply-To: References: Message-ID: Just realized my mistake.. (should read more carefully). * Long variable names can be used like %{long_name} or with L modifier: %L{long_name} . So by changing %Ddomain_first to %D{domain_first} fixed my issue. On Wed, Feb 3, 2016 at 5:03 PM Leon Kyneur wrote: > Hi, > > Wondering why it's not possible to do the following in ldap args file: > base = ou=People,dc=%Ddomain_first,o=ISP > > however this does work: > base = ou=People,dc=%Dd,o=ISP > > is it intentional that modifiers do not work on long names? > > Thanks > > Leon > From f0andrey at gmail.com Wed Feb 3 15:06:07 2016 From: f0andrey at gmail.com (Andrey Fesenko) Date: Wed, 3 Feb 2016 18:06:07 +0300 Subject: Dovecot (LDAP) quota only if user in backend? Message-ID: Hello, Is it possible to get the quotas for users served by the backend? My env CentOS, dovecot-2.2.10-5.el7, users in LDAP dn: uid=user,ou=mailboxs,dc=wibble,dc=net cn: Account for server mail sn: User objectClass: top objectClass: person objectClass: posixAccount objectClass: VirtualMailAccount objectClass: Proxying uid: user gidNumber: 3000 uidNumber: 3000 userPassword: {SSHA} homeDirectory: user mailQuota: 1073741824 mailDirectory: maildir:~/Maildir Proxy: yes BackendHost: backend1.wibble.net starttlsProxying: any-cert BackendHost may bee backend1.wibble.net backend2.wibble.net ... if I'm get quota in backend1.wibble.net doveadm -f tab quota get -A If use standart /etc/dovecot/dovecot-ldap.conf user_filter = (&(objectClass=posixAccount)(uid=%u)), dovecot create blank mailboxes for all users, not only BackendHost: backend1.wibble.net If modify (&(objectClass=posixAccount)(uid=%u)(BackendHost=backend1.wibble.net)) doveadm -f tab quota get -u user work fine doveadm -f tab quota get -A doveadm(user1): Info: User no longer exists, skipping doveadm(user2): Info: User no longer exists, skipping doveadm(user3): Info: User no longer exists, skipping ... doveadm: Error: Failed to iterate through some users work for all dovecot user, and crash From zucca at systemschmiede.com Wed Feb 3 20:47:26 2016 From: zucca at systemschmiede.com (zucca at systemschmiede.com) Date: Wed, 3 Feb 2016 21:47:26 +0100 Subject: external storage for mail attachments Message-ID: <56B2675E.3020202@systemschmiede.com> Hi list! was wondering if it was possible to store mail attachments on a separate storage with dovecot, and if so, how. Of course a single instance storage of these attachments would also be a very good thing, allthough not a basic prerequisite. Thanks in advance Sascha -- Bitte beachten Sie unsere neue Firmenadresse ------------------------------------------------- Systemschmiede IT-L?sungen Zucca & Teves GbR An F?rthenrode 52 52511 Geilenkirchen www.systemschmiede.com Tel.: +49 (0)2451 - 9088390 Fax: +49 (0)2451 - 9124070 Mobil: +49 (0)178 - 4073254 Ust.ID: DE248030393 From delrio at mie.utoronto.ca Wed Feb 3 21:23:25 2016 From: delrio at mie.utoronto.ca (Oscar del Rio) Date: Wed, 03 Feb 2016 16:23:25 -0500 Subject: external storage for mail attachments In-Reply-To: <56B2675E.3020202@systemschmiede.com> References: <56B2675E.3020202@systemschmiede.com> Message-ID: <56B26FCD.60307@mie.utoronto.ca> On 02/ 3/16 03:47 PM, zucca at systemschmiede.com wrote: > > was wondering if it was possible to store mail attachments on a separate > storage with dovecot, and if so, how. > Of course a single instance storage of these attachments would also be a > very good thing, allthough not a basic prerequisite. > Yes. The description of the settings are in conf.d/10-mail.conf ## ## Mail attachments ## # sdbox and mdbox support saving mail attachments to external files, which # also allows single instance storage for them. Other backends don't support # this for now. # Directory root where to store mail attachments. Disabled, if empty. #mail_attachment_dir = # Attachments smaller than this aren't saved externally. It's also possible to # write a plugin to disable saving specific attachments externally. #mail_attachment_min_size = 128k # Filesystem backend to use for saving attachments: # posix : No SiS done by Dovecot (but this might help FS's own deduplication) # sis posix : SiS with immediate byte-by-byte comparison during saving # sis-queue posix : SiS with delayed comparison and deduplication #mail_attachment_fs = sis posix # Hash format to use in attachment filenames. You can add any text and # variables: %{md4}, %{md5}, %{sha1}, %{sha256}, %{sha512}, %{size}. # Variables can be truncated, e.g. %{sha256:80} returns only first 80 bits #mail_attachment_hash = %{sha1} From thomas at bitkomplex.de Thu Feb 4 01:44:45 2016 From: thomas at bitkomplex.de (=?UTF-8?Q?Thomas_M=c3=b6hle?=) Date: Thu, 4 Feb 2016 02:44:45 +0100 Subject: user password in mail-filter plugin Message-ID: <56B2AD0D.20701@bitkomplex.de> Hello, I would like to use the users password within a mail-filter script. Dovecots %w variable is only available within dovecot-auth, is there any way to access the password for a mail-filter? Thanks, Thomas From almutb at mur.at Thu Feb 4 09:26:25 2016 From: almutb at mur.at (almut bertha) Date: Thu, 4 Feb 2016 10:26:25 +0100 Subject: doveadm backup -- private flags in shared mailbox Message-ID: <56B31941.9080402@mur.at> dear list, i try to backup our dovecot server via doveadm -Dv backup -A -n inbox -n shared remote:vmail at 192.168.122.51 So far, it's working fine except for one thing: the "seen"flags for the shared mailboxes don't get copied to the backup-server. I tried a few things (like calling the doveadm command with different options for the namespaces or defining the mailboxes -m; i also changed the path for INDEXPVT), but none of these worked and i don't know how to tell doveadm to sync these flags. Maybe the config for the namespaces is wrong? Or is it just not possible (yet)? thanks in advance The configs for the source and the backup server are the same: (except for hostname, ip,...) # 2.2.18: /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.8 (0c4ae064f307+) # OS: Linux 4.3.0-1-amd64 x86_64 Debian stretch/sid ext4 auth_verbose = yes default_client_limit = 2500 default_process_limit = 500 disable_plaintext_auth = no doveadm_port = 11111 lmtp_rcpt_check_quota = yes lmtp_save_to_detail_mailbox = yes mail_location = maildir:/srv/vmail/%n/Maildir mail_plugins = " acl quota" managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate imapflags notify namespace { hidden = no inbox = no list = children location = maildir:/srv/vmail/%%n/Maildir:INDEXPVT=/srv/vmail/%n/shared/%%n prefix = shared.%%n. separator = . subscriptions = no type = shared } namespace inbox { hidden = no ignore_on_failure = no inbox = yes list = yes location = mailbox Drafts { auto = subscribe special_use = \Drafts } mailbox Junk { auto = subscribe special_use = \Junk } mailbox Sent { auto = subscribe special_use = \Sent } mailbox Trash { auto = subscribe special_use = \Trash } prefix = INBOX. separator = . subscriptions = yes type = private } passdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } plugin { acl = vfile:/etc/dovecot/global-acls:cache_secs=300 acl_shared_dict = file:/var/lib/dovecot/db/shared-mailboxes.db mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename quota = maildir:User quota:noenforcing quota_grace = 2%% quota_rule = *:storage=3G sieve = /srv/vmail/%Ln/default.sieve sieve_default = /srv/vmail/default.sieve sieve_dir = /srv/vmail/%Ln/sieve sieve_extensions = +notify +imapflags sieve_global_dir = /srv/vmail/global.sieve/ } postmaster_address = postmaster at mur.at protocols = " imap lmtp sieve pop3" quota_full_tempfail = yes service auth { unix_listener auth-userdb { group = vmail mode = 0777 user = vmail } } service lmtp { inet_listener lmtp { address = 192.168.122.52 port = 24 } user = vmail } service managesieve-login { inet_listener sieve { port = 4190 } inet_listener sieve_deprecated { port = 2000 } process_min_avail = 1 service_count = 1 vsz_limit = 64 M } service managesieve { process_limit = 256 } userdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } userdb { args = /etc/dovecot/dovecot-ldap-group-userdb.conf.ext driver = ldap } protocol lmtp { mail_plugins = " acl quota sieve" } protocol imap { mail_max_userip_connections = 16 mail_plugins = " acl quota imap_acl imap_quota" } protocol sieve { managesieve_implementation_string = Dovecot Pigeonhole } protocol pop3 { mail_plugins = " acl quota" } From absolutely_free at libero.it Thu Feb 4 09:34:10 2016 From: absolutely_free at libero.it (absolutely_free at libero.it) Date: Thu, 4 Feb 2016 10:34:10 +0100 (CET) Subject: R: Re: Mail User Agent? Message-ID: <1200804609.6248651454578450320.JavaMail.httpd@webmail-29.iol.local> >----Messaggio originale---- >Da: Timo Sirainen >Data: 02/02/2016 23.27 >A: >Cc: >Ogg: Re: Mail User Agent? > >On 02 Feb 2016, at 22:00, azurit at pobox.sk wrote: >> >> Thank you for info. Well, i understand that clients are not forced to send the info but, in my logs, there's no single ID info. Do i need to enable logging of it or something? > >imap_id_log = * > Thank you very much! From sca at andreasschulze.de Thu Feb 4 12:52:49 2016 From: sca at andreasschulze.de (A. Schulze) Date: Thu, 04 Feb 2016 13:52:49 +0100 Subject: R: Re: Mail User Agent? In-Reply-To: <1200804609.6248651454578450320.JavaMail.httpd@webmail-29.iol.local> Message-ID: <20160204135249.Horde.l1AEzEDG4M7o57Td3xVdjmm@andreasschulze.de> absolutely_free: > the info but, in my logs, there's no single ID info. Do i need to enable > logging of it or something? >> >> imap_id_log = * I guess you simply have clients which don't care about the offered ID extension. A recent Thunderbird should make you happy :-) Andreas From tss at iki.fi Thu Feb 4 16:43:11 2016 From: tss at iki.fi (Timo Sirainen) Date: Thu, 4 Feb 2016 18:43:11 +0200 Subject: user password in mail-filter plugin In-Reply-To: <56B2AD0D.20701@bitkomplex.de> References: <56B2AD0D.20701@bitkomplex.de> Message-ID: <6DA81168-E302-43BB-B8EC-5DB76F73D43D@iki.fi> On 04 Feb 2016, at 03:44, Thomas M?hle wrote: > > Hello, > > I would like to use the users password within a mail-filter script. > Dovecots %w variable is only available within dovecot-auth, is there any > way to access the password for a mail-filter? Something like this should work in recent versions: passdb { .. override_fields = userdb_pass=%w } plugin { mail_filter = mail-filter %{userdb:pass} } From r.koerner at tscheinig.com Thu Feb 4 17:14:29 2016 From: r.koerner at tscheinig.com (=?UTF-8?Q?Rudolf_K=c3=b6rner?=) Date: Thu, 4 Feb 2016 18:14:29 +0100 Subject: "mail_shared_explicit_inbox = no", but shared INBOX has a "\Noselect" tag? Message-ID: <56B386F5.6070709@tscheinig.com> Regarding the given information, it seems to me that the option "mail_shared_explicit_inbox=no" does not work as expected. Quote from NEWS-2.2: mail_shared_explicit_inbox setting to specify if a shared INBOX should be accessible as "shared/$user" or "shared/$user/INBOX" Using Dovecot 2.2.13 and Maildir++ Working on the commandline: # doveconf mail_shared_explicit_inbox mail_shared_explicit_inbox = no # service dovecot restart # ls -lda /mail/reader/Shared/owner at example.com/.* Shows no (hidden) folders. # telnet 127.0.0.1 143 a0 login reader at example.com *** a1 list "" "Shared/owner at example.com" * LIST (\Noselect \HasChildren) "/" Shared/owner at example.com a1 OK List completed. Is the retrieved "\Noselect" tag correct with the option "mail_shared_explicit_inbox = no"? I would expect the folder "Shared/owner at example.com" to be "selectable", because I thought the option "mail_shared_explicit_inbox = no" would make e-mails of a shared INBOX visible directly at the folder "Shared/owner at example.com" (which does not work in my case). Note: Shared *sub*folders of an INBOX work as expected. Just to show that the shared INBOX is accessible (note that it is not shown by a list "" "*" here, which is expected with that option): a2 list "" "Shared/owner at example.com/INBOX" a2 OK List completed. a3 select Shared/owner at example.com/INBOX * FLAGS (\Answered \Flagged \Deleted \Seen \Draft) * OK [PERMANENTFLAGS (\Answered \Flagged \Deleted \Seen \Draft \*)] Flags permitted. * 27 EXISTS Using "mail_shared_explicit_inbox = yes" does show the INBOX as a subfolder of "Shared/owner at example.com" and allows accessing the e-mails of the shared INBOX. However, it would be nice (and keep users happy at using their known shared folder layout) to see the e-mails of the shared INBOX at the Shared/owner at example.com folder. Best Regards, R.Koerner output of (removed irrelevant things like auth,pop,passdb,userdb,ssl,debug) # dovecot -n # 2.2.13: /etc/dovecot/dovecot.conf mail_location = maildir:~/Maildir mail_log_prefix = "%Us(%u): " mail_plugins = acl listescape namespace { hidden = no ignore_on_failure = no inbox = no list = children location = maildir:%%h/Maildir:INDEX=%h/Shared/%%u:CONTROL=%h/Shared/%%u:INDEXPVT=%h/Shared/%%u prefix = Shared/%%u/ separator = / subscriptions = yes type = shared } namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = INBOX/ separator = / subscriptions = yes type = private } plugin { acl = vfile acl_shared_dict = file:/var/lib/dovecot/db/shared-mailboxes.db mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename } protocols = imap lmtp protocol imap { mail_plugins = acl listescape imap_acl } From thomas at bitkomplex.de Thu Feb 4 17:41:54 2016 From: thomas at bitkomplex.de (=?UTF-8?Q?Thomas_M=c3=b6hle?=) Date: Thu, 4 Feb 2016 18:41:54 +0100 Subject: user password in mail-filter plugin In-Reply-To: <6DA81168-E302-43BB-B8EC-5DB76F73D43D@iki.fi> References: <56B2AD0D.20701@bitkomplex.de> <6DA81168-E302-43BB-B8EC-5DB76F73D43D@iki.fi> Message-ID: <56B38D62.5070301@bitkomplex.de> Am 04.02.2016 um 17:43 schrieb Timo Sirainen: > On 04 Feb 2016, at 03:44, Thomas M?hle wrote: >> >> Hello, >> >> I would like to use the users password within a mail-filter script. >> Dovecots %w variable is only available within dovecot-auth, is there any >> way to access the password for a mail-filter? > > Something like this should work in recent versions: > > passdb { > .. > override_fields = userdb_pass=%w > } > > plugin { > mail_filter = mail-filter %{userdb:pass} > } > Thanks for that idea, unfortunately %{ seems to be misinterpreted and the mail-filter script recieves the rest of the string "userdb:pass}" as a parameter, instead of the password. So, do I get this right? During login the content of dovecots %w variable is supposed to be stored in a userdb field, called userdb_pass, and the %{x} is supposed to get the content of that field? From tss at iki.fi Thu Feb 4 19:54:37 2016 From: tss at iki.fi (Timo Sirainen) Date: Thu, 4 Feb 2016 21:54:37 +0200 Subject: user password in mail-filter plugin In-Reply-To: <56B38D62.5070301@bitkomplex.de> References: <56B2AD0D.20701@bitkomplex.de> <6DA81168-E302-43BB-B8EC-5DB76F73D43D@iki.fi> <56B38D62.5070301@bitkomplex.de> Message-ID: <416F9EAE-E9C9-463C-B30D-3FB77A94E4EB@iki.fi> On 04 Feb 2016, at 19:41, Thomas M?hle wrote: > > Am 04.02.2016 um 17:43 schrieb Timo Sirainen: >> On 04 Feb 2016, at 03:44, Thomas M?hle wrote: >>> >>> Hello, >>> >>> I would like to use the users password within a mail-filter script. >>> Dovecots %w variable is only available within dovecot-auth, is there any >>> way to access the password for a mail-filter? >> >> Something like this should work in recent versions: >> >> passdb { >> .. >> override_fields = userdb_pass=%w >> } >> >> plugin { >> mail_filter = mail-filter %{userdb:pass} >> } >> > > Thanks for that idea, unfortunately %{ seems to be misinterpreted and > the mail-filter script recieves the rest of the string "userdb:pass}" as > a parameter, instead of the password. Do you have v2.2.19 or newer? That's required for %{userdb:*} to work. Without that you'd need to override the whole mail_filter in your passdb/userdb. > So, do I get this right? During login the content of dovecots %w > variable is supposed to be stored in a userdb field, called userdb_pass, > and the %{x} is supposed to get the content of that field? Mostly, yes. You need the "pass" field to be in userdb to access it in mail processes. The password is only available in passdb though, so you need to store it with userdb_ prefix to get it saved into userdb extra fields instead of passdb extra fields. From tss at iki.fi Thu Feb 4 19:59:15 2016 From: tss at iki.fi (Timo Sirainen) Date: Thu, 4 Feb 2016 21:59:15 +0200 Subject: doveadm backup -- private flags in shared mailbox In-Reply-To: <56B31941.9080402@mur.at> References: <56B31941.9080402@mur.at> Message-ID: <6FF93CE9-4E2D-4833-BBE3-D04A19F5B756@iki.fi> > On 04 Feb 2016, at 11:26, almut bertha wrote: > > dear list, > i try to backup our dovecot server via > > doveadm -Dv backup -A -n inbox -n shared remote:vmail at 192.168.122.51 > > So far, it's working fine except for one thing: the "seen"flags for the > shared mailboxes don't get copied to the backup-server. I tried a few > things > (like calling the doveadm command with different options for the > namespaces or defining the mailboxes -m; i also changed the path for > INDEXPVT), > but none of these worked and i don't know how to tell doveadm to sync > these flags. > Maybe the config for the namespaces is wrong? > > Or is it just not possible (yet)? Try adding -f parameter? It's probably skipping those folders because it thinks they're already synced. You anyway need to sync each shared folder as each user, but I think that command would be doing it. From thomas at bitkomplex.de Thu Feb 4 22:54:18 2016 From: thomas at bitkomplex.de (=?UTF-8?Q?Thomas_M=c3=b6hle?=) Date: Thu, 4 Feb 2016 23:54:18 +0100 Subject: user password in mail-filter plugin In-Reply-To: <416F9EAE-E9C9-463C-B30D-3FB77A94E4EB@iki.fi> References: <56B2AD0D.20701@bitkomplex.de> <6DA81168-E302-43BB-B8EC-5DB76F73D43D@iki.fi> <56B38D62.5070301@bitkomplex.de> <416F9EAE-E9C9-463C-B30D-3FB77A94E4EB@iki.fi> Message-ID: <56B3D69A.5060700@bitkomplex.de> Am 04.02.2016 um 20:54 schrieb Timo Sirainen: > On 04 Feb 2016, at 19:41, Thomas M?hle wrote: >> >> Am 04.02.2016 um 17:43 schrieb Timo Sirainen: >>> On 04 Feb 2016, at 03:44, Thomas M?hle wrote: >>>> >>>> Hello, >>>> >>>> I would like to use the users password within a mail-filter script. >>>> Dovecots %w variable is only available within dovecot-auth, is there any >>>> way to access the password for a mail-filter? >>> >>> Something like this should work in recent versions: >>> >>> passdb { >>> .. >>> override_fields = userdb_pass=%w >>> } >>> >>> plugin { >>> mail_filter = mail-filter %{userdb:pass} >>> } >>> >> >> Thanks for that idea, unfortunately %{ seems to be misinterpreted and >> the mail-filter script recieves the rest of the string "userdb:pass}" as >> a parameter, instead of the password. > > Do you have v2.2.19 or newer? That's required for %{userdb:*} to work. Without that you'd need to override the whole mail_filter in your passdb/userdb. I had v2.2.18 (Ubuntu 15.10) installed, so I updated to v2.2.21 now. >> So, do I get this right? During login the content of dovecots %w >> variable is supposed to be stored in a userdb field, called userdb_pass, >> and the %{x} is supposed to get the content of that field? > > Mostly, yes. You need the "pass" field to be in userdb to access it in mail processes. The password is only available in passdb though, so you need to store it with userdb_ prefix to get it saved into userdb extra fields instead of passdb extra fields. > Unfortunately it still doesn't work. The filter-script does not recieve any data from that variable. I tried replacing the %w with %u, to see, if the filter-script would at least recieve the username then, but that doesn't work, either. So I'm not sure, if %{userdb:pass} isn't read correctly, or if "override_fields = userdb_pass=%w" doesn't set it right. From skdovecot at smail.inf.fh-brs.de Fri Feb 5 06:59:06 2016 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Fri, 5 Feb 2016 07:59:06 +0100 (CET) Subject: user password in mail-filter plugin In-Reply-To: <56B3D69A.5060700@bitkomplex.de> References: <56B2AD0D.20701@bitkomplex.de> <6DA81168-E302-43BB-B8EC-5DB76F73D43D@iki.fi> <56B38D62.5070301@bitkomplex.de> <416F9EAE-E9C9-463C-B30D-3FB77A94E4EB@iki.fi> <56B3D69A.5060700@bitkomplex.de> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 4 Feb 2016, Thomas M?hle wrote: > not sure, if %{userdb:pass} isn't read correctly, or if "override_fields > = userdb_pass=%w" doesn't set it right. did you tried some alternate spelling? %{userdb_pass} %{userdb:userdb_pass} %{userdb_userdb_pass} something like this. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVrRIOnz1H7kL/d9rAQKAvQf/dwBF4XdgnBzouPAv3xArENgYo8SZefBO Hmn00/eL8ZAJn4ZvLmZUgCgqidNfDQFbnTBSj3PIsQQNFweLUhmlRDwsWca9WKpc uHzuOAnbmGs3EXT+oQK1A3y+gUGkkwtBeCgIjw2IABg8j1GRdz2oXE+sI9xlkjPA AFqMwBNX2k5aeJ91kdTWHihsIlB8YCbsxPTUjl9/GlpzIPkA4DSkg/o0Husnql4+ U4KOBiB3oEooK3YwDuXxnr9Uo7rDC+2Vj1UgHu5UzHq2ZtHeDOsL9kpj8tqPBHmi 9rk92hLwzDr7F/dWTibL5FvPXvC3+yX6UzQShpKYUBPtfLzsjfT8PA== =4F04 -----END PGP SIGNATURE----- From tss at iki.fi Fri Feb 5 09:38:55 2016 From: tss at iki.fi (Timo Sirainen) Date: Fri, 5 Feb 2016 11:38:55 +0200 Subject: user password in mail-filter plugin In-Reply-To: <56B3D69A.5060700@bitkomplex.de> References: <56B2AD0D.20701@bitkomplex.de> <6DA81168-E302-43BB-B8EC-5DB76F73D43D@iki.fi> <56B38D62.5070301@bitkomplex.de> <416F9EAE-E9C9-463C-B30D-3FB77A94E4EB@iki.fi> <56B3D69A.5060700@bitkomplex.de> Message-ID: <795A673B-969C-47D1-8C34-3EE025728EAF@iki.fi> > On 05 Feb 2016, at 00:54, Thomas M?hle wrote: > >>> So, do I get this right? During login the content of dovecots %w >>> variable is supposed to be stored in a userdb field, called userdb_pass, >>> and the %{x} is supposed to get the content of that field? >> >> Mostly, yes. You need the "pass" field to be in userdb to access it in mail processes. The password is only available in passdb though, so you need to store it with userdb_ prefix to get it saved into userdb extra fields instead of passdb extra fields. >> > > Unfortunately it still doesn't work. The filter-script does not recieve > any data from that variable. > I tried replacing the %w with %u, to see, if the filter-script would at > least recieve the username then, but that doesn't work, either. So I'm > not sure, if %{userdb:pass} isn't read correctly, or if "override_fields > = userdb_pass=%w" doesn't set it right. Check with: doveadm auth login user at domain password In the output there's supposed to be the "pass" field in userdb extra fields. If not, try adding before your first userdb: userdb { driver = prefetch result_success = continue } I don't think that was supposed to be necessary though. From skdovecot at smail.inf.fh-brs.de Fri Feb 5 10:13:46 2016 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Fri, 5 Feb 2016 11:13:46 +0100 (CET) Subject: user password in mail-filter plugin In-Reply-To: <56B3D69A.5060700@bitkomplex.de> References: <56B2AD0D.20701@bitkomplex.de> <6DA81168-E302-43BB-B8EC-5DB76F73D43D@iki.fi> <56B38D62.5070301@bitkomplex.de> <416F9EAE-E9C9-463C-B30D-3FB77A94E4EB@iki.fi> <56B3D69A.5060700@bitkomplex.de> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 4 Feb 2016, Thomas M?hle wrote: > Unfortunately it still doesn't work. The filter-script does not recieve > any data from that variable. you did a doveadm auth cache flush to ensure the data is not taken from cache? - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVrR12nz1H7kL/d9rAQKatwgAx9MobYbSfmW1nJ3GEGJWKhkJSAqDPwSS 7Fln4464QPuxcuD60Tm2TnEjqO4RNjbylYfenfIQ7wAYEE9AtFWGsYBgYegZcpFh 1D9BN24dupq7cAO/sq+tJ2zKhiFYyuuPlT8fJTaAvSaVMVf74ln1cvol/dIM+Pza QoPvnPy06BC7TuGcl5WqsFUiQY8Udho1YfpHMpYJ1hsM4Qh/CwECfHIME+Dt7CqB 6RDf+y+kyU4C2gLEu8SDm795H4FHd06bDlaSA8f2p12/fSsMCtlclEQNZuKccOm5 ThL4lgxnM2fStAKmbUa34FiJJtdoKscsxIvSZSyPCyhOK72sRjgDKQ== =nLiS -----END PGP SIGNATURE----- From thomas at bitkomplex.de Fri Feb 5 10:31:11 2016 From: thomas at bitkomplex.de (=?UTF-8?Q?Thomas_M=c3=b6hle?=) Date: Fri, 5 Feb 2016 11:31:11 +0100 Subject: user password in mail-filter plugin In-Reply-To: <795A673B-969C-47D1-8C34-3EE025728EAF@iki.fi> References: <56B2AD0D.20701@bitkomplex.de> <6DA81168-E302-43BB-B8EC-5DB76F73D43D@iki.fi> <56B38D62.5070301@bitkomplex.de> <416F9EAE-E9C9-463C-B30D-3FB77A94E4EB@iki.fi> <56B3D69A.5060700@bitkomplex.de> <795A673B-969C-47D1-8C34-3EE025728EAF@iki.fi> Message-ID: <56B479EF.7060809@bitkomplex.de> Am 05.02.2016 um 10:38 schrieb Timo Sirainen: > >> On 05 Feb 2016, at 00:54, Thomas M?hle wrote: >> >>>> So, do I get this right? During login the content of dovecots %w >>>> variable is supposed to be stored in a userdb field, called userdb_pass, >>>> and the %{x} is supposed to get the content of that field? >>> >>> Mostly, yes. You need the "pass" field to be in userdb to access it in mail processes. The password is only available in passdb though, so you need to store it with userdb_ prefix to get it saved into userdb extra fields instead of passdb extra fields. >>> >> >> Unfortunately it still doesn't work. The filter-script does not recieve >> any data from that variable. >> I tried replacing the %w with %u, to see, if the filter-script would at >> least recieve the username then, but that doesn't work, either. So I'm >> not sure, if %{userdb:pass} isn't read correctly, or if "override_fields >> = userdb_pass=%w" doesn't set it right. > > Check with: > > doveadm auth login user at domain password > > In the output there's supposed to be the "pass" field in userdb extra fields. If not, try adding before your first userdb: > > userdb { > driver = prefetch > result_success = continue > } > > I don't think that was supposed to be necessary though. > Still nothing. It seems like the extra field doesn't even exist. :/ doveadm auth login thomas at example.com mypassword passdb: thomas at example.com auth succeeded extra fields: user=thomas at example.com home=/var/mail/example.com/thomas mail=maildir:/var/mail/example.com/thomas/mail:LAYOUT=fs quota_rule=*:bytes=0 uid=5000 gid=5000 userdb extra fields: thomas at example.com home=/var/mail/example.com/thomas mail=maildir:/var/mail/example.com/thomas/mail:LAYOUT=fs quota_rule=*:bytes=0 uid=5000 gid=5000 From miecio45 at gmail.com Fri Feb 5 10:31:13 2016 From: miecio45 at gmail.com (Miecio) Date: Fri, 5 Feb 2016 11:31:13 +0100 Subject: Authentication proxy Message-ID: Hello everyone! I need to set up kind of gateway for submission and imap request, in order to do that i need to find out solution for verifying user password against multiple IMAP backends. Everything for IMAP proxy works perfectly. But i have a problem with authenticating postfix against dovecot SASL. I wonder if there is any option in dovecot to authenticate SASL requests (from postfix) against remote IMAP server or remote SASL instance. Problem is that this server has to be chosen dynamically on the user name basis, so i have to overwrite somehow host parameter in passdb imap definition. I was thinking about using two separate password databasases, first configured as normal sql lookup with proxy flag and host field and second as imap database with host changed to some parameter matching host from previous lookup. Problem is that i don't see any variable matching host filed from passwd sql lookup. With this approach other problem appears, because I want user to be always authenticated against remote IMAP/SASL so i have to somehow return PASSWORD_MISMATCH from my sql lookup. I tried setting up deny parameter to my sql lookup but it causes to reject whole authentication request without even asking remote imap. Thanks a lot --- Regards Miecio From thomas at bitkomplex.de Fri Feb 5 10:40:38 2016 From: thomas at bitkomplex.de (=?UTF-8?Q?Thomas_M=c3=b6hle?=) Date: Fri, 5 Feb 2016 11:40:38 +0100 Subject: user password in mail-filter plugin In-Reply-To: <56B479EF.7060809@bitkomplex.de> References: <56B2AD0D.20701@bitkomplex.de> <6DA81168-E302-43BB-B8EC-5DB76F73D43D@iki.fi> <56B38D62.5070301@bitkomplex.de> <416F9EAE-E9C9-463C-B30D-3FB77A94E4EB@iki.fi> <56B3D69A.5060700@bitkomplex.de> <795A673B-969C-47D1-8C34-3EE025728EAF@iki.fi> <56B479EF.7060809@bitkomplex.de> Message-ID: <56B47C26.2040300@bitkomplex.de> So let me show you my config, just to be sure: /etc/dovecot/conf.d/auth-sql.conf.ext: passdb { driver = sql override_fields = userdb_pass=%w args = /etc/dovecot/dovecot-sql.conf.ext } userdb { driver = prefetch result_success = continue } userdb { driver = sql args = /etc/dovecot/dovecot-sql.conf.ext } From thomas at bitkomplex.de Fri Feb 5 10:53:11 2016 From: thomas at bitkomplex.de (=?UTF-8?Q?Thomas_M=c3=b6hle?=) Date: Fri, 5 Feb 2016 11:53:11 +0100 Subject: user password in mail-filter plugin In-Reply-To: References: <56B2AD0D.20701@bitkomplex.de> <6DA81168-E302-43BB-B8EC-5DB76F73D43D@iki.fi> <56B38D62.5070301@bitkomplex.de> <416F9EAE-E9C9-463C-B30D-3FB77A94E4EB@iki.fi> <56B3D69A.5060700@bitkomplex.de> Message-ID: <56B47F17.7000209@bitkomplex.de> > you did a > > doveadm auth cache flush > > to ensure the data is not taken from cache? I just tried it, just to make sure, but ince I'm restarting dovecot after any config change anyway, it didn't make a difference. From almutb at mur.at Fri Feb 5 13:17:44 2016 From: almutb at mur.at (almut bertha) Date: Fri, 5 Feb 2016 14:17:44 +0100 Subject: doveadm backup -- private flags in shared mailbox In-Reply-To: <6FF93CE9-4E2D-4833-BBE3-D04A19F5B756@iki.fi> References: <56B31941.9080402@mur.at> <6FF93CE9-4E2D-4833-BBE3-D04A19F5B756@iki.fi> Message-ID: <56B4A0F8.6050109@mur.at> Hi Timo, >> dear list, >> i try to backup our dovecot server via >> >> doveadm -Dv backup -A -n inbox -n shared remote:vmail at 192.168.122.51 >> >> So far, it's working fine except for one thing: the "seen"flags for the >> shared mailboxes don't get copied to the backup-server. I tried a few >> things >> (like calling the doveadm command with different options for the >> namespaces or defining the mailboxes -m; i also changed the path for >> INDEXPVT), >> but none of these worked and i don't know how to tell doveadm to sync >> these flags. >> Maybe the config for the namespaces is wrong? >> >> Or is it just not possible (yet)? > > Try adding -f parameter? It's probably skipping those folders because it thinks they're already synced. You anyway need to sync each shared folder as each user, but I think that command would be doing it. > Thanks a lot! But adding the -f parameter made no difference (i also ran the command several times), maybe i'm having a completely different problem.. I will keep searching .. -- almut bertha -- mur.at -- +43 316 8214 5155 From nicocofo2 at gmail.com Fri Feb 5 14:42:31 2016 From: nicocofo2 at gmail.com (Nicolas Fo) Date: Fri, 5 Feb 2016 15:42:31 +0100 Subject: Send Dovecot logs to rsyslog Message-ID: Hello, I'm trying to send Dovecot logs to a Graylog server. To do this, I'd like to pass logs to rsyslog and rsyslog pass logs to remote Graylog server. I set in dovecot.conf : syslog_facility = local5.info I set in rsyslog.conf : local5.info @192.168.xxx.xxx:5555 Restarted services and it doesn't work. I use nmap to test if port 5555 is opened and this port is open. What missed I ? Thanks Nicolas From pch at myzel.net Fri Feb 5 15:42:39 2016 From: pch at myzel.net (Peter Chiochetti) Date: Fri, 5 Feb 2016 16:42:39 +0100 Subject: ACL user Message-ID: <56B4C2EF.4080605@myzel.net> How would I go, If I wanted ACL processing to start with %{auth_user} instead of %{user} when determining rights? -- peter From unixmfwic at mac.com Fri Feb 5 15:52:11 2016 From: unixmfwic at mac.com (Brad Guzules) Date: Fri, 05 Feb 2016 07:52:11 -0800 Subject: Send Dovecot logs to rsyslog In-Reply-To: References: Message-ID: <278E9C7A-D5A3-4B59-AECF-7A20B3CD2547@mac.com> Hi Nicolas, If you use 'logger' to test local5.info without Dovecot in the mix do you have success reaching your remote server? Sent from my iPad. > On Feb 5, 2016, at 6:42 AM, Nicolas Fo wrote: > > Hello, > I'm trying to send Dovecot logs to a Graylog server. > To do this, I'd like to pass logs to rsyslog and rsyslog pass logs to > remote Graylog server. > I set in dovecot.conf : syslog_facility = local5.info > I set in rsyslog.conf : local5.info @192.168.xxx.xxx:5555 > Restarted services and it doesn't work. > > I use nmap to test if port 5555 is opened and this port is open. > > What missed I ? > > Thanks > > Nicolas From hs at schlittermann.de Fri Feb 5 16:13:12 2016 From: hs at schlittermann.de (Heiko Schlittermann) Date: Fri, 5 Feb 2016 17:13:12 +0100 Subject: simple bind + X.509 client certificate? Message-ID: <20160205161312.GR28126@jumper.schlittermann.de> Hi, using dovecot 2.2.9. The LDAP server requests a client certificate from dovecot. This client certificate will not be used for authentication, but anyway, the server requests it. No SASL is involved. ldapsearch and Exim work as expected, sending the client cert. The slapd is configured: olcTLSVerifyClient: demand For authentication simple bind should be used. Dovecot doesn't seem to send the requested client certificate. If I sniff the connection, the "Certificate" sent to the server is empty. Using ldapsearch it works (and the certificate isn't empty). Any suggestions? Best regards from Dresden/Germany Viele Gr??e aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de ---------------------------- internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} - gnupg encrypted messages are welcome --------------- key ID: F69376CE - ! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ - -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 473 bytes Desc: Digital signature URL: From hs at schlittermann.de Fri Feb 5 16:33:18 2016 From: hs at schlittermann.de (Heiko Schlittermann) Date: Fri, 5 Feb 2016 17:33:18 +0100 Subject: [SOLVED] simple bind + X.509 client certificate? In-Reply-To: <20160205161312.GR28126@jumper.schlittermann.de> References: <20160205161312.GR28126@jumper.schlittermann.de> Message-ID: <20160205163318.GT28126@jumper.schlittermann.de> Heiko Schlittermann (Fr 05 Feb 2016 17:13:12 CET): > Hi, > > using dovecot 2.2.9. The LDAP server requests a client certificate from > dovecot. This client certificate will not be used for authentication, > but anyway, the server requests it. No SASL is involved. > ldapsearch and Exim work as expected, sending the client cert. I had the same question already? and forgot about it. Shame on me. 20151008194657.GZ4156 at jumper.schlittermann.de And it should be solved for newer dovecots. For me it's a work around to put the ldap client configuration into some ldaprc file and use ldaprc_path = ? Best regards from Dresden/Germany Viele Gr??e aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de ---------------------------- internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} - gnupg encrypted messages are welcome --------------- key ID: F69376CE - ! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ - -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 473 bytes Desc: Digital signature URL: From nicocofo2 at gmail.com Fri Feb 5 18:59:21 2016 From: nicocofo2 at gmail.com (Nicolas Fo) Date: Fri, 5 Feb 2016 19:59:21 +0100 Subject: Send Dovecot logs to rsyslog In-Reply-To: <278E9C7A-D5A3-4B59-AECF-7A20B3CD2547@mac.com> References: <278E9C7A-D5A3-4B59-AECF-7A20B3CD2547@mac.com> Message-ID: Hello, thanks to take time for my problem. Just tested with this command from my mail server: logger -p local5.info "hello world" This message is well sent to my Graylog server. It seems it's a problem between Dovecot and rsyslog :/ Any ideas ? Thanks Nicolas 2016-02-05 16:52 GMT+01:00 Brad Guzules : > Hi Nicolas, > > If you use 'logger' to test local5.info without Dovecot in the mix do you > have success reaching your remote server? > > Sent from my iPad. > > > On Feb 5, 2016, at 6:42 AM, Nicolas Fo wrote: > > > > Hello, > > I'm trying to send Dovecot logs to a Graylog server. > > To do this, I'd like to pass logs to rsyslog and rsyslog pass logs to > > remote Graylog server. > > I set in dovecot.conf : syslog_facility = local5.info > > I set in rsyslog.conf : local5.info @192.168.xxx.xxx:5555 > > Restarted services and it doesn't work. > > > > I use nmap to test if port 5555 is opened and this port is open. > > > > What missed I ? > > > > Thanks > > > > Nicolas > From stephan at rename-it.nl Sat Feb 6 10:32:22 2016 From: stephan at rename-it.nl (Stephan Bosch) Date: Sat, 6 Feb 2016 11:32:22 +0100 Subject: Released Pigeonhole v0.4.12 for Dovecot v2.2.21 Message-ID: <56B5CBB6.1040000@rename-it.nl> Hello Dovecot users, Here is the final v0.4.12 release of Pigeonhole for Dovecot v2.2.21. Nothing changed since the RC. Changelog v0.4.12: + Implemented the Sieve extracttext extension (RFC 5703; Section 7). It is now possible to extract body text from a message into a variable. * Increased ABI version due to changes in the Sieve interpreter's object definitions. - multiscript: Fixed bug in handling of (implicit) keep; final keep action was always executed as though there was a failure. This caused the keep action to revert back to the initial message, causing editheader actions to be ignored. - managesieve-login: Fixed proxy to allow SASL mechanisms other than PLAIN. Before, the proxy would fail if the server did not support the PLAIN mechanism. - ldap storage: Prevent segfault occurring when assigning certain (global) configuration options. The release is available as follows: http://pigeonhole.dovecot.org/releases/2.2/dovecot-2.2-pigeonhole-0.4.12.tar.gz http://pigeonhole.dovecot.org/releases/2.2/dovecot-2.2-pigeonhole-0.4.12.tar.gz.sig Refer to http://pigeonhole.dovecot.org and the Dovecot v2.x wiki for more information. Have fun testing this release and don't hesitate to notify me when there are any problems. Regards, -- Stephan Bosch stephan at rename-it.nl From nicocofo2 at gmail.com Sat Feb 6 11:20:14 2016 From: nicocofo2 at gmail.com (Nicolas Fo) Date: Sat, 6 Feb 2016 12:20:14 +0100 Subject: Send Dovecot logs to rsyslog In-Reply-To: References: <278E9C7A-D5A3-4B59-AECF-7A20B3CD2547@mac.com> Message-ID: For information, my Dovecot version is 2.2.13, hop it can help. Thanks Nicolas 2016-02-05 19:59 GMT+01:00 Nicolas Fo : > Hello, thanks to take time for my problem. > Just tested with this command from my mail server: logger -p local5.info > "hello world" > This message is well sent to my Graylog server. > It seems it's a problem between Dovecot and rsyslog :/ > Any ideas ? > Thanks > Nicolas > > 2016-02-05 16:52 GMT+01:00 Brad Guzules : > >> Hi Nicolas, >> >> If you use 'logger' to test local5.info without Dovecot in the mix do >> you have success reaching your remote server? >> >> Sent from my iPad. >> >> > On Feb 5, 2016, at 6:42 AM, Nicolas Fo wrote: >> > >> > Hello, >> > I'm trying to send Dovecot logs to a Graylog server. >> > To do this, I'd like to pass logs to rsyslog and rsyslog pass logs to >> > remote Graylog server. >> > I set in dovecot.conf : syslog_facility = local5.info >> > I set in rsyslog.conf : local5.info @192.168.xxx.xxx:5555 >> > Restarted services and it doesn't work. >> > >> > I use nmap to test if port 5555 is opened and this port is open. >> > >> > What missed I ? >> > >> > Thanks >> > >> > Nicolas >> > > From delrio at mie.utoronto.ca Sat Feb 6 15:44:28 2016 From: delrio at mie.utoronto.ca (Oscar del Rio) Date: Sat, 6 Feb 2016 10:44:28 -0500 Subject: Send Dovecot logs to rsyslog In-Reply-To: References: Message-ID: <56B614DC.5020504@mie.utoronto.ca> On 05/02/2016 9:42 AM, Nicolas Fo wrote: > I set in dovecot.conf : syslog_facility = local5.info Try: syslog_facility = local5 Source: http://wiki.dovecot.org/Logging#Syslog_Example From nicocofo2 at gmail.com Sat Feb 6 18:22:33 2016 From: nicocofo2 at gmail.com (Nicolas Fo) Date: Sat, 6 Feb 2016 19:22:33 +0100 Subject: Send Dovecot logs to rsyslog In-Reply-To: <56B614DC.5020504@mie.utoronto.ca> References: <56B614DC.5020504@mie.utoronto.ca> Message-ID: Just tested, same result :( Thanks Nicolas 2016-02-06 16:44 GMT+01:00 Oscar del Rio : > On 05/02/2016 9:42 AM, Nicolas Fo wrote: > >> I set in dovecot.conf : syslog_facility = local5.info >> > > Try: > > syslog_facility = local5 > > Source: > http://wiki.dovecot.org/Logging#Syslog_Example > From tj at terramar.net Sun Feb 7 02:50:58 2016 From: tj at terramar.net (Tom Johnson) Date: Sat, 6 Feb 2016 18:50:58 -0800 Subject: autoexpunge - different settings for different users Message-ID: I have some users where I'd like to expunge their mail at different times. For example, I may have some users who I want to expunge everything from every folder at 30 days. Others where I'd like to expunge everything at 90 days. And still others where I only want to expunge mail from the Trash and Junk folders, and nowhere else. Is there a way to do some sort of lookup for this? Or is this beyond the ability of the autoexpunge feature? Should I just use a cron job and use "doveadm expunge" on a user-by-user basis? Thanks- From rs at sys4.de Sun Feb 7 07:11:00 2016 From: rs at sys4.de (Robert Schetterer) Date: Sun, 7 Feb 2016 08:11:00 +0100 Subject: Released Pigeonhole v0.4.12 for Dovecot v2.2.21 In-Reply-To: <56B5CBB6.1040000@rename-it.nl> References: <56B5CBB6.1040000@rename-it.nl> Message-ID: <56B6EE04.1030508@sys4.de> Am 06.02.2016 um 11:32 schrieb Stephan Bosch: > Hello Dovecot users, > > Here is the final v0.4.12 release of Pigeonhole for Dovecot v2.2.21. > Nothing changed since the RC. > > Changelog v0.4.12: > > + Implemented the Sieve extracttext extension (RFC 5703; Section 7). It > is now possible to extract body text from a message into a variable. > * Increased ABI version due to changes in the Sieve interpreter's object > definitions. > - multiscript: Fixed bug in handling of (implicit) keep; final keep > action was always executed as though there was a failure. This caused > the keep action to revert back to the initial message, causing > editheader actions to be ignored. > - managesieve-login: Fixed proxy to allow SASL mechanisms other than > PLAIN. Before, the proxy would fail if the server did not support the > PLAIN mechanism. > - ldap storage: Prevent segfault occurring when assigning certain > (global) configuration options. > > The release is available as follows: > > http://pigeonhole.dovecot.org/releases/2.2/dovecot-2.2-pigeonhole-0.4.12.tar.gz > http://pigeonhole.dovecot.org/releases/2.2/dovecot-2.2-pigeonhole-0.4.12.tar.gz.sig > > Refer to http://pigeonhole.dovecot.org and the Dovecot v2.x wiki for > more information. Have fun testing this release and don't hesitate to > notify me when there are any problems. > > Regards, > Hi Stephan, looks like the last update at http://xi.rename-it.nl/ was on 04-Feb-2016 perhaps an additional build is need with Pigeonhole v0.4.12 ? Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein From dovecot at haravikk.me Sun Feb 7 10:17:02 2016 From: dovecot at haravikk.me (Haravikk) Date: Sun, 7 Feb 2016 10:17:02 +0000 Subject: autoexpunge - different settings for different users In-Reply-To: References: Message-ID: <542F8402-C41C-4109-B602-BBD58227D853@haravikk.me> > On 7 Feb 2016, at 02:50, Tom Johnson wrote: > > I have some users where I'd like to expunge their mail at different times. > > For example, I may have some users who I want to expunge everything from every folder at 30 days. > > Others where I'd like to expunge everything at 90 days. > > And still others where I only want to expunge mail from the Trash and Junk folders, and nowhere else. > > Is there a way to do some sort of lookup for this? Or is this beyond the ability of the autoexpunge feature? Should I just use a cron job and use "doveadm expunge" on a user-by-user basis? > > Thanks- I think you?ll need a script for this. At the most basic level you could just create a bash script, add a bunch of expunge commands and then run it every day (or week or whatever) via crontab. For example: doveadm expunge -u someone at yourdomain.tld \( mailbox Trash or mailbox Junk \) savedBefore 30d doveadm expunge -u someone_else at youdomain.tld savedBefore 90d And so-on. Also, don?t forget to add a purge command if you?re using the mdbox format, in my case I?d add this to the start of the script, so messages aren?t purged right away (i.e- expunged messages are not purged until the next time the script runs), but this only applies to that format. More complex logic will require a more complex script, I?ve been working on something of my own but I don?t know if I?d call it ready yet, and I?m not aware of anything else pre-made that will do it, but hopefully others can weigh in if there is. From dovecot at haravikk.me Sun Feb 7 11:28:05 2016 From: dovecot at haravikk.me (Haravikk) Date: Sun, 7 Feb 2016 11:28:05 +0000 Subject: autoexpunge - different settings for different users In-Reply-To: <542F8402-C41C-4109-B602-BBD58227D853@haravikk.me> References: <542F8402-C41C-4109-B602-BBD58227D853@haravikk.me> Message-ID: > On 7 Feb 2016, at 10:17, Haravikk wrote: > > >> On 7 Feb 2016, at 02:50, Tom Johnson wrote: >> >> I have some users where I'd like to expunge their mail at different times. >> >> For example, I may have some users who I want to expunge everything from every folder at 30 days. >> >> Others where I'd like to expunge everything at 90 days. >> >> And still others where I only want to expunge mail from the Trash and Junk folders, and nowhere else. >> >> Is there a way to do some sort of lookup for this? Or is this beyond the ability of the autoexpunge feature? Should I just use a cron job and use "doveadm expunge" on a user-by-user basis? >> >> Thanks- > > I think you?ll need a script for this. At the most basic level you could just create a bash script, add a bunch of expunge commands and then run it every day (or week or whatever) via crontab. For example: > > doveadm expunge -u someone at yourdomain.tld \( mailbox Trash or mailbox Junk \) savedBefore 30d > doveadm expunge -u someone_else at youdomain.tld savedBefore 90d > > And so-on. Also, don?t forget to add a purge command if you?re using the mdbox format, in my case I?d add this to the start of the script, so messages aren?t purged right away (i.e- expunged messages are not purged until the next time the script runs), but this only applies to that format. > > More complex logic will require a more complex script, I?ve been working on something of my own but I don?t know if I?d call it ready yet, and I?m not aware of anything else pre-made that will do it, but hopefully others can weigh in if there is. Just a note, but please disregard the extra e-mail in the angle brackets, OS X?s Mail seems to have added these automatically, the sample commands should look like: doveadm expunge -u someone at yourdomain.tld \( mailbox Trash or mailbox Junk \) savedBefore 30d doveadm expunge -u someone_else at youdomain.tld savedBefore 90d From bill at KnoxvilleChristian.org Sun Feb 7 18:37:52 2016 From: bill at KnoxvilleChristian.org (Bill Shirley) Date: Sun, 7 Feb 2016 13:37:52 -0500 Subject: autoexpunge - different settings for different users In-Reply-To: <542F8402-C41C-4109-B602-BBD58227D853@haravikk.me> References: <542F8402-C41C-4109-B602-BBD58227D853@haravikk.me> Message-ID: <56B78F00.8080207@KnoxvilleChristian.org> If have a Bash script I invoke from cron that iterates thru /home looking for a control file in each users Maildir that looks like this: /home/bill/Maildir/maildir.dovecot.purge.conf #Mailbox : KeepDays # -------------------------------------------------------- #INBOX : 180 #INBOX* : 180 #Invoices sent : 14 Trash* : 14 Junk : 14 Sent : 14 Sent Messages : 14 SystemFolders.SuspectedSpam : 14 #SystemFolders* : 14 #SystemFolders.* : 14 #AASystemAdministration : 14 Let me know if you're interested in the script. [1:root at elmo vhosts]$ wc -l /usr/local/sbin/maildir.dovecot.purge 82 /usr/local/sbin/maildir.dovecot.purge Bill On 2/7/2016 5:17 AM, Haravikk wrote: >> On 7 Feb 2016, at 02:50, Tom Johnson wrote: >> >> I have some users where I'd like to expunge their mail at different times. >> >> For example, I may have some users who I want to expunge everything from every folder at 30 days. >> >> Others where I'd like to expunge everything at 90 days. >> >> And still others where I only want to expunge mail from the Trash and Junk folders, and nowhere else. >> >> Is there a way to do some sort of lookup for this? Or is this beyond the ability of the autoexpunge feature? Should I just use a cron job and use "doveadm expunge" on a user-by-user basis? >> >> Thanks- > I think you?ll need a script for this. At the most basic level you could just create a bash script, add a bunch of expunge commands and then run it every day (or week or whatever) via crontab. For example: > > doveadm expunge -u someone at yourdomain.tld \( mailbox Trash or mailbox Junk \) savedBefore 30d > doveadm expunge -u someone_else at youdomain.tld savedBefore 90d > > And so-on. Also, don?t forget to add a purge command if you?re using the mdbox format, in my case I?d add this to the start of the script, so messages aren?t purged right away (i.e- expunged messages are not purged until the next time the script runs), but this only applies to that format. > > More complex logic will require a more complex script, I?ve been working on something of my own but I don?t know if I?d call it ready yet, and I?m not aware of anything else pre-made that will do it, but hopefully others can weigh in if there is. From tss at iki.fi Sun Feb 7 18:59:20 2016 From: tss at iki.fi (Timo Sirainen) Date: Sun, 7 Feb 2016 20:59:20 +0200 Subject: autoexpunge - different settings for different users In-Reply-To: References: Message-ID: > On 07 Feb 2016, at 04:50, Tom Johnson wrote: > > I have some users where I'd like to expunge their mail at different times. > > For example, I may have some users who I want to expunge everything from every folder at 30 days. > > Others where I'd like to expunge everything at 90 days. > > And still others where I only want to expunge mail from the Trash and Junk folders, and nowhere else. > > Is there a way to do some sort of lookup for this? Or is this beyond the ability of the autoexpunge feature? Should I just use a cron job and use "doveadm expunge" on a user-by-user basis? You can override any mail-related setting from userdb. So for example if you have: namespace inbox { mailbox Trash { autoexpunge = 30d } } You can have your userdb return namespace/inbox/Trash/autoexpunge=90d extra field for other users. http://wiki2.dovecot.org/UserDatabase/ExtraFields has some examples. From tj at terramar.net Mon Feb 8 04:46:30 2016 From: tj at terramar.net (Tom Johnson) Date: Sun, 7 Feb 2016 20:46:30 -0800 Subject: autoexpunge - different settings for different users In-Reply-To: References: Message-ID: <07271EC5-DD2A-4C00-ABBD-983D62639007@terramar.net> > On Feb 7, 2016, at 10:59 AM, Timo Sirainen wrote: >> On 07 Feb 2016, at 04:50, Tom Johnson wrote: >> >> I have some users where I'd like to expunge their mail at different times. >> .... >> .... >> Is there a way to do some sort of lookup for this? Or is this beyond the ability of the autoexpunge feature? Should I just use a cron job and use "doveadm expunge" on a user-by-user basis? > > You can override any mail-related setting from userdb. So for example if you have: > > namespace inbox { > mailbox Trash { > autoexpunge = 30d > } > } > > You can have your userdb return namespace/inbox/Trash/autoexpunge=90d extra field for other users. http://wiki2.dovecot.org/UserDatabase/ExtraFields has some examples. Thank you, Timo! Can you return something like "namespace/inbox/*/autoexpuge=90d" to cover all the namespaces? And then override individual ones if necessary? From bra at fsn.hu Mon Feb 8 09:01:59 2016 From: bra at fsn.hu (Nagy, Attila) Date: Mon, 8 Feb 2016 10:01:59 +0100 Subject: RFC: HTTP based storage API Message-ID: <56B85987.8050707@fsn.hu> Hi, Nearly every popular programming language has an LMTP/POP/IMAP implementation, most of them suck in many different ways. I don't know any server or library which provides a well-established, compatible protocol frontend with an open backend API, which could be used to easily make a custom storage backend for the LMTP/POP/IMAP frontend in any language, in any programming paradigm, irregardless of the frontend implementation. Dovecot is very close to this: it speaks IMAP to the backend, but you still have to make a nearly complete IMAP implementation, which is a PITA. Therefore I am curious about your opinion: what about an HTTP-based open backend (lib-storage) API to Dovecot? Some thoughts on this: 1. it should be a simple REST API 2. it should support efficient operations on both sides (client, server), for example listing a multi-million folder shouldn't be a single JSON response, but a JSON stream, which could be produced and parsed individually or in smaller batches efficiently 3. it should support capabilities, somewhat like the current imapc backend, so if the backend service suppports search, it should announce this capability and dovecot could offload these requests to it, but if it doesn't, dovecot could build its indices. 4. only the needed amount of POP/IMAP legacy should appear in the protocol 5. the operations should be asynchronous on Dovecot's side (to be scalable) 6. maybe even Dovecot's index-queries could be offloaded to the backend service (this way the local file system wouldn't be used at all and all caches could be stored in a distributed dictionary), this could also be a capability 7. it could support some kind of push (for IDLE-ing and the like) 8. it should be stateless If Dovecot could make this right, it could be the FUSE of the mail protocols, acting as a glue for experimental or production ready mail storage backends, without the need to write these backends in "Dovecot C" (I mean it's process and API structure). Of course HTTP here is not a strict requirement. It could be anything, which can be easy to implement and understand and is able to fulfill the needs. An example could be Dovecot's own dictionary protocol. What do you think about this? From tss at iki.fi Mon Feb 8 09:59:25 2016 From: tss at iki.fi (Timo Sirainen) Date: Mon, 8 Feb 2016 11:59:25 +0200 Subject: RFC: HTTP based storage API In-Reply-To: <56B85987.8050707@fsn.hu> References: <56B85987.8050707@fsn.hu> Message-ID: <0A763875-BD2D-46A7-AA49-E7A2672FF6F6@iki.fi> On 08 Feb 2016, at 11:01, Nagy, Attila wrote: > > Hi, > > Nearly every popular programming language has an LMTP/POP/IMAP implementation, most of them suck in many different ways. > I don't know any server or library which provides a well-established, compatible protocol frontend with an open backend API, which could be used to easily make a custom storage backend for the LMTP/POP/IMAP frontend in any language, in any programming paradigm, irregardless of the frontend implementation. > > Dovecot is very close to this: it speaks IMAP to the backend, but you still have to make a nearly complete IMAP implementation, which is a PITA. > > Therefore I am curious about your opinion: what about an HTTP-based open backend (lib-storage) API to Dovecot? We're planning on implementing http://jmap.io/ to Dovecot v2.3. It's close enough to how Dovecot works internally (although we'd still need the threading support) and also at least attempting to become a standard. We haven't really started it yet though, so now would be a good time to give any alternative suggestions or complaints about jmap :) From tss at iki.fi Mon Feb 8 10:02:32 2016 From: tss at iki.fi (Timo Sirainen) Date: Mon, 8 Feb 2016 12:02:32 +0200 Subject: autoexpunge - different settings for different users In-Reply-To: <07271EC5-DD2A-4C00-ABBD-983D62639007@terramar.net> References: <07271EC5-DD2A-4C00-ABBD-983D62639007@terramar.net> Message-ID: <21286692-3606-49C2-A810-790BE8776BD2@iki.fi> > On 08 Feb 2016, at 06:46, Tom Johnson wrote: > >> You can override any mail-related setting from userdb. So for example if you have: >> >> namespace inbox { >> mailbox Trash { >> autoexpunge = 30d >> } >> } >> >> You can have your userdb return namespace/inbox/Trash/autoexpunge=90d extra field for other users. http://wiki2.dovecot.org/UserDatabase/ExtraFields has some examples. > > Thank you, Timo! > > Can you return something like "namespace/inbox/*/autoexpuge=90d" to cover all the namespaces? And then override individual ones if necessary? It would mean the same as: namespace inbox { mailbox * { autoexpunge = 90d } } So the question is about whether the above configuration works. Currently it doesn't, but it probably will in future. From phil at dovecot.fi Mon Feb 8 10:06:35 2016 From: phil at dovecot.fi (Phil Carmody) Date: Mon, 8 Feb 2016 12:06:35 +0200 Subject: Send Dovecot logs to rsyslog In-Reply-To: References: <56B614DC.5020504@mie.utoronto.ca> Message-ID: <20160208100635.GD32269@phil.dovecot.net> On Sat, Feb 06, 2016 at 07:22:33PM +0100, Nicolas Fo wrote: > Just tested, same result :( It may be a silly question, but is one of log_path, info_log_path, or debug_log_path set to "syslog"? log_path defaults to it, so if you've changed that, the syslog service wouldn't be used. Dovecot's use of syslog is very vanilla, there's not much room for it to do much wrong. Phil > 2016-02-06 16:44 GMT+01:00 Oscar del Rio : > > On 05/02/2016 9:42 AM, Nicolas Fo wrote: > >> I set in dovecot.conf : syslog_facility = local5.info > > > > Try: > > > > syslog_facility = local5 > > > > Source: > > http://wiki.dovecot.org/Logging#Syslog_Example From tss at iki.fi Mon Feb 8 10:16:29 2016 From: tss at iki.fi (Timo Sirainen) Date: Mon, 8 Feb 2016 12:16:29 +0200 Subject: RFC: HTTP based storage API In-Reply-To: <0A763875-BD2D-46A7-AA49-E7A2672FF6F6@iki.fi> References: <56B85987.8050707@fsn.hu> <0A763875-BD2D-46A7-AA49-E7A2672FF6F6@iki.fi> Message-ID: > On 08 Feb 2016, at 11:59, Timo Sirainen wrote: > > On 08 Feb 2016, at 11:01, Nagy, Attila wrote: >> >> Hi, >> >> Nearly every popular programming language has an LMTP/POP/IMAP implementation, most of them suck in many different ways. >> I don't know any server or library which provides a well-established, compatible protocol frontend with an open backend API, which could be used to easily make a custom storage backend for the LMTP/POP/IMAP frontend in any language, in any programming paradigm, irregardless of the frontend implementation. >> >> Dovecot is very close to this: it speaks IMAP to the backend, but you still have to make a nearly complete IMAP implementation, which is a PITA. >> >> Therefore I am curious about your opinion: what about an HTTP-based open backend (lib-storage) API to Dovecot? > > We're planning on implementing http://jmap.io/ to Dovecot v2.3. It's close enough to how Dovecot works internally (although we'd still need the threading support) and also at least attempting to become a standard. We haven't really started it yet though, so now would be a good time to give any alternative suggestions or complaints about jmap :) Oh, you were thinking about ability to provide IMAP/etc support for other random servers, and have Dovecot act as kind of a middleware and translate the requests. Maybe the answer is still jmap though? It would require jmap lib-storage backend similar to imapc, which would be doable, although not really something we're right now planning to implement. From f0andrey at gmail.com Mon Feb 8 10:34:09 2016 From: f0andrey at gmail.com (Andrey Fesenko) Date: Mon, 8 Feb 2016 13:34:09 +0300 Subject: Dovecot (LDAP) quota only if user in backend? In-Reply-To: References: Message-ID: On Wed, Feb 3, 2016 at 6:06 PM, Andrey Fesenko wrote: > Hello, > > Is it possible to get the quotas for users served by the backend? > > My env CentOS, dovecot-2.2.10-5.el7, users in LDAP > > > BackendHost may bee backend1.wibble.net backend2.wibble.net ... if I'm > get quota in backend1.wibble.net > > doveadm -f tab quota get -A > After fix dovecot-ldap.conf user_filter = (&(objectClass=posixAccount)(uid=%u)(BackendHost=backend1.wibble.net)) pass_attrs = uid=user,userPassword=password pass_filter = (&(objectClass=posixAccount)(uid=%u)) # For using doveadm -A: iterate_attrs = uid=user iterate_filter = (&(objectClass=posixAccount)(BackendHost=backend1.wibble.net)) Work perfect > doveadm: Error: Failed to iterate through some users Need more search limit in LDAP From darix at opensu.se Mon Feb 8 10:44:10 2016 From: darix at opensu.se (Marcus Rueckert) Date: Mon, 8 Feb 2016 11:44:10 +0100 Subject: RFC: HTTP based storage API In-Reply-To: <56B85987.8050707@fsn.hu> References: <56B85987.8050707@fsn.hu> Message-ID: <20160208104409.GA3039@nordisch.org> that sounds like s3 API based backend. also note that dovecot comes with some "non local mail storage plugins" in the commercial part: ``` In this release, we support Windows Azure, Amazon S3, Scality and Dropbox systems. ``` so that should come close to what you want. for a local version you could use e.g. radosdb/ceph or riak. both can provide the s3 API for you. hth darix -- openSUSE - SUSE Linux is my linux openSUSE is good for you www.opensuse.org From tss at iki.fi Mon Feb 8 10:50:14 2016 From: tss at iki.fi (Timo Sirainen) Date: Mon, 8 Feb 2016 12:50:14 +0200 Subject: ACL user In-Reply-To: <56B4C2EF.4080605@myzel.net> References: <56B4C2EF.4080605@myzel.net> Message-ID: <715AA6FF-ABAC-4597-B3D5-7A54E2FB7A6C@iki.fi> On 05 Feb 2016, at 17:42, Peter Chiochetti wrote: > > How would I go, If I wanted ACL processing to > start with %{auth_user} instead of %{user} > when determining rights? You could kludge it by returning master_user=%{auth_user} in userdb, but that might affect other things.. But since this has been asked a few times, I finally implemented it in a bit cleaner way: https://github.com/dovecot/core/commit/dd5683e19979085fdfe9f269876f2a91ea604679 So you can do: plugin { acl_user = %{auth_user} } From bra at fsn.hu Mon Feb 8 10:56:16 2016 From: bra at fsn.hu (Nagy, Attila) Date: Mon, 8 Feb 2016 11:56:16 +0100 Subject: RFC: HTTP based storage API In-Reply-To: References: <56B85987.8050707@fsn.hu> <0A763875-BD2D-46A7-AA49-E7A2672FF6F6@iki.fi> Message-ID: <56B87450.5070408@fsn.hu> On 02/08/16 11:16, Timo Sirainen wrote: >> On 08 Feb 2016, at 11:59, Timo Sirainen wrote: >> >> On 08 Feb 2016, at 11:01, Nagy, Attila wrote: >>> Hi, >>> >>> Nearly every popular programming language has an LMTP/POP/IMAP implementation, most of them suck in many different ways. >>> I don't know any server or library which provides a well-established, compatible protocol frontend with an open backend API, which could be used to easily make a custom storage backend for the LMTP/POP/IMAP frontend in any language, in any programming paradigm, irregardless of the frontend implementation. >>> >>> Dovecot is very close to this: it speaks IMAP to the backend, but you still have to make a nearly complete IMAP implementation, which is a PITA. >>> >>> Therefore I am curious about your opinion: what about an HTTP-based open backend (lib-storage) API to Dovecot? >> We're planning on implementing http://jmap.io/ to Dovecot v2.3. It's close enough to how Dovecot works internally (although we'd still need the threading support) and also at least attempting to become a standard. We haven't really started it yet though, so now would be a good time to give any alternative suggestions or complaints about jmap :) > Oh, you were thinking about ability to provide IMAP/etc support for other random servers, and have Dovecot act as kind of a middleware and translate the requests. Maybe the answer is still jmap though? It would require jmap lib-storage backend similar to imapc, which would be doable, although not really something we're right now planning to implement. > Yeah, the opposite, in this case a jmap backend to Dovecot. BTW, I think jmap is too high level and implementing a jmap server is very much like implementing an IMAP one. I much more think of a pluggable, easy (remote) storage API, which has much less to do with IMAP, but can offer capabilities, which can help Dovecot (like the search and indexes). From tss at iki.fi Mon Feb 8 11:07:35 2016 From: tss at iki.fi (Timo Sirainen) Date: Mon, 8 Feb 2016 13:07:35 +0200 Subject: RFC: HTTP based storage API In-Reply-To: <56B87450.5070408@fsn.hu> References: <56B85987.8050707@fsn.hu> <0A763875-BD2D-46A7-AA49-E7A2672FF6F6@iki.fi> <56B87450.5070408@fsn.hu> Message-ID: On 08 Feb 2016, at 12:56, Nagy, Attila wrote: > > On 02/08/16 11:16, Timo Sirainen wrote: >> Oh, you were thinking about ability to provide IMAP/etc support for other random servers, and have Dovecot act as kind of a middleware and translate the requests. Maybe the answer is still jmap though? It would require jmap lib-storage backend similar to imapc, which would be doable, although not really something we're right now planning to implement. >> > Yeah, the opposite, in this case a jmap backend to Dovecot. > BTW, I think jmap is too high level and implementing a jmap server is very much like implementing an IMAP one. > > I much more think of a pluggable, easy (remote) storage API, which has much less to do with IMAP, but can offer capabilities, which can help Dovecot (like the search and indexes). What kind of use cases are you thinking for this remote storage API? What kind of remote storages would implement it, and what kind of installations would use them? From bra at fsn.hu Mon Feb 8 11:28:43 2016 From: bra at fsn.hu (Nagy, Attila) Date: Mon, 8 Feb 2016 12:28:43 +0100 Subject: RFC: HTTP based storage API In-Reply-To: References: <56B85987.8050707@fsn.hu> <0A763875-BD2D-46A7-AA49-E7A2672FF6F6@iki.fi> <56B87450.5070408@fsn.hu> Message-ID: <56B87BEB.2010501@fsn.hu> On 02/08/16 12:07, Timo Sirainen wrote: > On 08 Feb 2016, at 12:56, Nagy, Attila wrote: >> On 02/08/16 11:16, Timo Sirainen wrote: >>> Oh, you were thinking about ability to provide IMAP/etc support for other random servers, and have Dovecot act as kind of a middleware and translate the requests. Maybe the answer is still jmap though? It would require jmap lib-storage backend similar to imapc, which would be doable, although not really something we're right now planning to implement. >>> >> Yeah, the opposite, in this case a jmap backend to Dovecot. >> BTW, I think jmap is too high level and implementing a jmap server is very much like implementing an IMAP one. >> >> I much more think of a pluggable, easy (remote) storage API, which has much less to do with IMAP, but can offer capabilities, which can help Dovecot (like the search and indexes). > What kind of use cases are you thinking for this remote storage API? What kind of remote storages would implement it, and what kind of installations would use them? > Interfacing non-email systems to e-mail protocols and implementing other storage options (I can't say a better analogue than what FUSE is). Using Dovecot as a protocol implementation, but not for the underlying storage method, which may be custom to the given solution. A flexible way of implementing and adapting anything to IMAP. For example if I want to store really old and archived e-mails in a costly compression format somewhere in the cloud, but hot mails locally, based on my custom policies. In an international company there may be some regulations about what should go where, so for example if I can handle object placement myself, I can use the same installation to store non-EU mails in non-EU countries and others in US or EU clouds if law permits. Intermixing several systems into one (like merging two IMAP accounts into one) etc. Some of these are very costly to develop in Dovecot, while just a few lines in -say- Python or go. From bra at fsn.hu Mon Feb 8 11:31:57 2016 From: bra at fsn.hu (Nagy, Attila) Date: Mon, 8 Feb 2016 12:31:57 +0100 Subject: RFC: HTTP based storage API In-Reply-To: <20160208104409.GA3039@nordisch.org> References: <56B85987.8050707@fsn.hu> <20160208104409.GA3039@nordisch.org> Message-ID: <56B87CAD.3060709@fsn.hu> On 02/08/16 11:44, Marcus Rueckert wrote: > that sounds like s3 API based backend. > > also note that dovecot comes with some "non local mail storage plugins" > in the commercial part: > > ``` > In this release, we support Windows Azure, Amazon S3, Scality and > Dropbox systems. > ``` > > so that should come close to what you want. for a local version you > could use e.g. radosdb/ceph or riak. both can provide the s3 API for > you. > Close, but this may be too low level, for example it may hide whose e-mail do you store (I don't know the exact implementation, it's not open source AFAIK). From darix at opensu.se Mon Feb 8 11:34:53 2016 From: darix at opensu.se (Marcus Rueckert) Date: Mon, 8 Feb 2016 12:34:53 +0100 Subject: RFC: HTTP based storage API In-Reply-To: <56B87CAD.3060709@fsn.hu> References: <56B85987.8050707@fsn.hu> <20160208104409.GA3039@nordisch.org> <56B87CAD.3060709@fsn.hu> Message-ID: <20160208113452.GB3039@nordisch.org> On 2016-02-08 12:31:57 +0100, Nagy, Attila wrote: > On 02/08/16 11:44, Marcus Rueckert wrote: > >that sounds like s3 API based backend. > > > >also note that dovecot comes with some "non local mail storage plugins" > >in the commercial part: > > > >``` > >In this release, we support Windows Azure, Amazon S3, Scality and > >Dropbox systems. > >``` > > > >so that should come close to what you want. for a local version you > >could use e.g. radosdb/ceph or riak. both can provide the s3 API for > >you. > > > Close, but this may be too low level, for example it may hide whose e-mail > do you store (I don't know the exact implementation, it's not open source > AFAIK). True ... but that might be the hook point you can use for your more fancy implementation. and some of the mail backends are public. like mdbox and so on. the api towards dovecot should be the same. darix -- openSUSE - SUSE Linux is my linux openSUSE is good for you www.opensuse.org From tss at iki.fi Mon Feb 8 12:11:51 2016 From: tss at iki.fi (Timo Sirainen) Date: Mon, 8 Feb 2016 14:11:51 +0200 Subject: RFC: HTTP based storage API In-Reply-To: <56B87BEB.2010501@fsn.hu> References: <56B85987.8050707@fsn.hu> <0A763875-BD2D-46A7-AA49-E7A2672FF6F6@iki.fi> <56B87450.5070408@fsn.hu> <56B87BEB.2010501@fsn.hu> Message-ID: > On 08 Feb 2016, at 13:28, Nagy, Attila wrote: > > On 02/08/16 12:07, Timo Sirainen wrote: >> On 08 Feb 2016, at 12:56, Nagy, Attila wrote: >>> On 02/08/16 11:16, Timo Sirainen wrote: >>>> Oh, you were thinking about ability to provide IMAP/etc support for other random servers, and have Dovecot act as kind of a middleware and translate the requests. Maybe the answer is still jmap though? It would require jmap lib-storage backend similar to imapc, which would be doable, although not really something we're right now planning to implement. >>>> >>> Yeah, the opposite, in this case a jmap backend to Dovecot. >>> BTW, I think jmap is too high level and implementing a jmap server is very much like implementing an IMAP one. >>> >>> I much more think of a pluggable, easy (remote) storage API, which has much less to do with IMAP, but can offer capabilities, which can help Dovecot (like the search and indexes). >> What kind of use cases are you thinking for this remote storage API? What kind of remote storages would implement it, and what kind of installations would use them? >> > Interfacing non-email systems to e-mail protocols and implementing other storage options (I can't say a better analogue than what FUSE is). > Using Dovecot as a protocol implementation, but not for the underlying storage method, which may be custom to the given solution. > A flexible way of implementing and adapting anything to IMAP. > > For example if I want to store really old and archived e-mails in a costly compression format somewhere in the cloud, but hot mails locally, based on my custom policies. > In an international company there may be some regulations about what should go where, so for example if I can handle object placement myself, I can use the same installation to store non-EU mails in non-EU countries and others in US or EU clouds if law permits. You could already implement these with mail-filter plugin. The locally stored mail would be just an object pointer, which the mail-filter plugin reads from the remote storage. Although I think mail-filter is lacking error handling right now. > Intermixing several systems into one (like merging two IMAP accounts into one) etc. If I bothered to implement per-namespace imapc-settings, this could be done with virtual plugin. > Some of these are very costly to develop in Dovecot, while just a few lines in -say- Python or go. I think it might not be that easy. Although I've made lib-storage backends easier and easier to implement, it's still not exactly trivial. Implementing it behind some API could simplify it somewhat, but it wouldn't really remove all the difficult work that needs to be done. For example some backends might want to be read-only, others read-write. Some might want Dovecot to store all the message flags and other metadata locally, while others might want to store it themselves (and that would require two-way syncing between them). Some backends would support searching, fetching some headers fast and in general support different kinds of optimizations, while others wouldn't. The imapc backend is of course already implementing a lot of this functionality, but it's also getting complex. The backend would also have to guarantee some things to be compatible with IMAP, mainly never modifying existing mails. One alternative might be to add scripting support to Dovecot. I've been thinking about that several times over the years. So instead of implementing plugins with C, you could implement them with Python or some other language. Long time ago I tried to do this with SWIG, but it didn't work out. The main problem was function pointers in structs, but nowadays those aren't directly called and I think it could be implemented a bit differently. From info at tcknet.ch Sun Feb 7 22:26:17 2016 From: info at tcknet.ch (Thierry Coppey) Date: Sun, 7 Feb 2016 23:26:17 +0100 Subject: Found bug in quota-status + patch Message-ID: Hello, I've found a bug in the quota-status util (Dovecot 2.2.21, and probably below): it always return OK (sufficient quota) because it fails to load the user properly. More specifically, the branch " if (quser == NULL) return 1; " in src/plugins/quota/quota-status.c:59 is always taken. (at least with postgresql backend, test your config with the (adapted) command below: printf "recipient=mailbox at example.com\nsize=10000000000\n\n" | nc inet:mailstore.example.com 12340 it should reject, unless you have no quota, or more than 10G). Therefore it is pointless to configure the quota-status service as described in http://wiki2.dovecot.org/Quota because of that bug: the mail would be always accepted from the client and rejected at the end of the (Postfix) processing by lda. It is possible to reject directly at SMTP level when the mailbox is full using Postfix and main.cf: smtpd_recipient_restrictions = ... reject_unauth_destination, ... check_policy_service inet:mailstore.example.com:12340 smtpd_end_of_data_restrictions = check_policy_service inet:mailstore.example.com:12340 However there remain a *small inconsistency* as lda will count the size of message including headers whereas smtpd_end_of_data_restrictions seems not to count them towards the message size (or additional headers might be added by other preprocessing e.g. antispam etc...) I propose the patch below to fix quota-status. Could an expert double-check that it doesn't have memory leaks? (it shouldn't but I'm not yet comfortable enough with Dovecot memory management). Best regards, Thierry C. -------------- next part -------------- A non-text attachment was scrubbed... Name: quota-status.patch Type: application/octet-stream Size: 963 bytes Desc: not available URL: From nicocofo2 at gmail.com Mon Feb 8 13:23:36 2016 From: nicocofo2 at gmail.com (Nicolas Fo) Date: Mon, 8 Feb 2016 14:23:36 +0100 Subject: Send Dovecot logs to rsyslog In-Reply-To: <20160208100635.GD32269@phil.dovecot.net> References: <56B614DC.5020504@mie.utoronto.ca> <20160208100635.GD32269@phil.dovecot.net> Message-ID: Great ! I was using both "log_path" and "syslog_facility" so "syslog_facility" didn't work. No I have in dovecot.conf : # Logging. Reference: http://wiki2.dovecot.org/Logging #log_path = /var/log/dovecot.log syslog_facility = local5 And in rsyslog.conf : local5.* @IP_RSYSLOG_SERVER:PORT local5.* -/var/log/dovecot.log Thanks a lot Nicolas 2016-02-08 11:06 GMT+01:00 Phil Carmody : > On Sat, Feb 06, 2016 at 07:22:33PM +0100, Nicolas Fo wrote: > > Just tested, same result :( > > It may be a silly question, but is one of log_path, info_log_path, or > debug_log_path set to "syslog"? log_path defaults to it, so if you've > changed that, the syslog service wouldn't be used. Dovecot's use of > syslog is very vanilla, there's not much room for it to do much wrong. > > Phil > > > 2016-02-06 16:44 GMT+01:00 Oscar del Rio : > > > On 05/02/2016 9:42 AM, Nicolas Fo wrote: > > >> I set in dovecot.conf : syslog_facility = local5.info > > > > > > Try: > > > > > > syslog_facility = local5 > > > > > > Source: > > > http://wiki.dovecot.org/Logging#Syslog_Example > From pch at myzel.net Mon Feb 8 14:03:16 2016 From: pch at myzel.net (Peter Chiochetti) Date: Mon, 8 Feb 2016 15:03:16 +0100 Subject: ACL user In-Reply-To: <715AA6FF-ABAC-4597-B3D5-7A54E2FB7A6C@iki.fi> References: <56B4C2EF.4080605@myzel.net> <715AA6FF-ABAC-4597-B3D5-7A54E2FB7A6C@iki.fi> Message-ID: <56B8A024.1040107@myzel.net> Am 2016-02-08 um 11:50 schrieb Timo Sirainen: > On 05 Feb 2016, at 17:42, Peter Chiochetti wrote: >> >> How would I go, If I wanted ACL processing to start with >> %{auth_user} instead of %{user} when determining rights? > > You could kludge it by returning master_user=%{auth_user} in userdb, > but that might affect other things.. > [?] I tested the kludge: I put userdb_master_user=someone into the static passwd file for a certain auth_user and now global ACLs apply; as an extra bonus now userdb_acl_groups=somegroup starts to be applied too for that account! Observations: - my virtual users start with no rights - I add rights in the global dovecot-acl file - changes work immediately, no restart necessary - only users with a master_user set are affected - in the future a single stance in local.conf will apply to all users I could not put master_user=%{auth_user} into the userdb stance (nor the passwd file), because the parser does not expand the variable, possibly a formatting error on my side: "doveadm -D acl debug -u myname INBOX" then prints: > Debug: Added userdb setting: plugin/master_user=auth_user} After all, once more A happy dovecot user! -- peter From r.koerner at tscheinig.com Mon Feb 8 15:07:49 2016 From: r.koerner at tscheinig.com (=?UTF-8?Q?Rudolf_K=c3=b6rner?=) Date: Mon, 8 Feb 2016 16:07:49 +0100 Subject: "mail_shared_explicit_inbox = no", but shared INBOX has a "\Noselect" tag? In-Reply-To: <56B386F5.6070709@tscheinig.com> References: <56B386F5.6070709@tscheinig.com> Message-ID: <56B8AF45.3090004@tscheinig.com> Not solved, but found the reason of the problem: Obviously, the plugin "listescape" breaks the sharing of the INBOX of user as "Shared/" for another user. At least with usernames containing a dot "." as in "user at example.com", which are used as the name of the filesystem Maildir home directory. (IMAP separator "/".) When using this plugin, a "\Noselect" tag is added then to the output of the response to the IMAP command 'list "" "Shared/owner at example.com"'. Best Regards, R.Koerner From CMarcus at Media-Brokers.com Mon Feb 8 17:15:55 2016 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Mon, 8 Feb 2016 12:15:55 -0500 Subject: Lots of zero-byte hard link files in cur (and new/tmp), cannot see messages in folder Message-ID: <56B8CD4B.7070107@Media-Brokers.com> Hello, I have an el-cheapo shared hosting account on Dreamhost, and have had it for a very long time. For the most part everything usually works fairly well, considering I do keep a lot of folders, and mail, on some of my accounts. They are running dovecot, but still don't have a response as to the version, or doveconf -n output yet. My problem is, one of my most used folders, which was working fine up until a week or so ago, stopped loading the messages, and after some frustrating troubleshooting via email with people who don't listen very well, I finally got a tarball of this folder, and they are using maildir. There are about 24,000 messages in there (non-zero-byte files). This number sounds about right. All other folders (including INBOX, Sent, etc) are still working fine. The problem, though, is there are over 815,000 zero-byte-files in the cur directory, all showing as hardlinks (looks like maybe a whole bunch of duplicates for each of the real message files in the cur directory). There are also 43 non-zero-byte message files in the new directory, and 1,515 of these zero-byte hardlinks (to message files in the new directory). There are also no non-zero-byte message files in the tmp directory, but there are 52 of the hardlinks, linked to something in the new directory. I've never seen any of these kinds of zero-byte files before on the one server I managed for a long time (not shared, just used for a single domain). Anyone ever seen this before? Would running: doveadm index -u myuser * or doveadm force-resync -u myuser * be appropriate commands to try to repair the damage (whatever it is)? Any other commands I could suggest running? Thanks. I know I haven't given much to go on. Charles /* */ From stephan at rename-it.nl Mon Feb 8 17:49:37 2016 From: stephan at rename-it.nl (Stephan Bosch) Date: Mon, 8 Feb 2016 18:49:37 +0100 Subject: Released Pigeonhole v0.4.12 for Dovecot v2.2.21 In-Reply-To: <56B6EE04.1030508@sys4.de> References: <56B5CBB6.1040000@rename-it.nl> <56B6EE04.1030508@sys4.de> Message-ID: <56B8D531.5030300@rename-it.nl> Op 2/7/2016 om 8:11 AM schreef Robert Schetterer: > Am 06.02.2016 um 11:32 schrieb Stephan Bosch: >> Hello Dovecot users, >> >> Here is the final v0.4.12 release of Pigeonhole for Dovecot v2.2.21. >> Nothing changed since the RC. >> >> Changelog v0.4.12: >> >> + Implemented the Sieve extracttext extension (RFC 5703; Section 7). It >> is now possible to extract body text from a message into a variable. >> * Increased ABI version due to changes in the Sieve interpreter's object >> definitions. >> - multiscript: Fixed bug in handling of (implicit) keep; final keep >> action was always executed as though there was a failure. This caused >> the keep action to revert back to the initial message, causing >> editheader actions to be ignored. >> - managesieve-login: Fixed proxy to allow SASL mechanisms other than >> PLAIN. Before, the proxy would fail if the server did not support the >> PLAIN mechanism. >> - ldap storage: Prevent segfault occurring when assigning certain >> (global) configuration options. >> >> The release is available as follows: >> >> http://pigeonhole.dovecot.org/releases/2.2/dovecot-2.2-pigeonhole-0.4.12.tar.gz >> http://pigeonhole.dovecot.org/releases/2.2/dovecot-2.2-pigeonhole-0.4.12.tar.gz.sig >> >> Refer to http://pigeonhole.dovecot.org and the Dovecot v2.x wiki for >> more information. Have fun testing this release and don't hesitate to >> notify me when there are any problems. >> >> Regards, >> > Hi Stephan, looks like > the last update at http://xi.rename-it.nl/ > was on 04-Feb-2016 perhaps an additional build is need > with Pigeonhole v0.4.12 ? As I mentioned earlier, Xi currently does not track release branches; it only follows master which has placeholder version 2.2.devel (Pigionhole has 0.4.devel). So, unless I intervene manually, base versions are stuck at where they were last: Dovecot v2.2.21 and Pigeonhole v0.4.11. Of course, all changes are in there, but the versions are not updated with recent releases. This will be implemented once Dovecot v2.2.22 is released, so that I can test this properly. Currently, as a workaround, you can use the git hash in the version output from `dovecot -n` to find which master commits are part of your package and thereby get an idea of what approximate version you are actually running. Regards, Stephan. From rs at sys4.de Mon Feb 8 18:15:42 2016 From: rs at sys4.de (Robert Schetterer) Date: Mon, 8 Feb 2016 19:15:42 +0100 Subject: Released Pigeonhole v0.4.12 for Dovecot v2.2.21 In-Reply-To: <56B8D531.5030300@rename-it.nl> References: <56B5CBB6.1040000@rename-it.nl> <56B6EE04.1030508@sys4.de> <56B8D531.5030300@rename-it.nl> Message-ID: <56B8DB4E.4000602@sys4.de> Am 08.02.2016 um 18:49 schrieb Stephan Bosch: > Op 2/7/2016 om 8:11 AM schreef Robert Schetterer: >> Am 06.02.2016 um 11:32 schrieb Stephan Bosch: >>> Hello Dovecot users, >>> >>> Here is the final v0.4.12 release of Pigeonhole for Dovecot v2.2.21. >>> Nothing changed since the RC. >>> >>> Changelog v0.4.12: >>> >>> + Implemented the Sieve extracttext extension (RFC 5703; Section 7). It >>> is now possible to extract body text from a message into a variable. >>> * Increased ABI version due to changes in the Sieve interpreter's object >>> definitions. >>> - multiscript: Fixed bug in handling of (implicit) keep; final keep >>> action was always executed as though there was a failure. This caused >>> the keep action to revert back to the initial message, causing >>> editheader actions to be ignored. >>> - managesieve-login: Fixed proxy to allow SASL mechanisms other than >>> PLAIN. Before, the proxy would fail if the server did not support the >>> PLAIN mechanism. >>> - ldap storage: Prevent segfault occurring when assigning certain >>> (global) configuration options. >>> >>> The release is available as follows: >>> >>> http://pigeonhole.dovecot.org/releases/2.2/dovecot-2.2-pigeonhole-0.4.12.tar.gz >>> http://pigeonhole.dovecot.org/releases/2.2/dovecot-2.2-pigeonhole-0.4.12.tar.gz.sig >>> >>> Refer to http://pigeonhole.dovecot.org and the Dovecot v2.x wiki for >>> more information. Have fun testing this release and don't hesitate to >>> notify me when there are any problems. >>> >>> Regards, >>> >> Hi Stephan, looks like >> the last update at http://xi.rename-it.nl/ >> was on 04-Feb-2016 perhaps an additional build is need >> with Pigeonhole v0.4.12 ? > > As I mentioned earlier, Xi currently does not track release branches; it > only follows master which has placeholder version 2.2.devel (Pigionhole > has 0.4.devel). So, unless I intervene manually, base versions are > stuck at where they were last: Dovecot v2.2.21 and Pigeonhole v0.4.11. > Of course, all changes are in there, but the versions are not updated > with recent releases. This will be implemented once Dovecot v2.2.22 is > released, so that I can test this properly. > > Currently, as a workaround, you can use the git hash in the version > output from `dovecot -n` to find which master commits are part of your > package and thereby get an idea of what approximate version you are > actually running. > > Regards, > > Stephan. > thx Stephan , i am thinking i am fine now with dovecot_2.2.21-1~auto+115 looks like all sieve patches i want to test are included reading git changelog Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein From coles at itconsul.com Mon Feb 8 20:01:08 2016 From: coles at itconsul.com (Stephen) Date: Mon, 8 Feb 2016 15:01:08 -0500 Subject: Permissions issue with Debian 8, dovecot 2.21, vpopmail Message-ID: <56B8F404.4010903@itconsul.com> There is a permissions issue in dovecot 2.21 in the ~/run directory (mine is /var/run/dovecot) at least in Debian 8. Files created by dovecot imap: srw------- 1 root root 0 Feb 3 16:46 imap-hibernate srw------- 1 root root 0 Feb 3 16:46 imap-master changed to make work: srw-rw-rw- 1 root root 0 Feb 3 16:46 imap-hibernate srw-rw-rw- 1 root root 0 Feb 3 16:46 imap-master Errors were reported in /var/log/dovecot.log which we use mainly for fail2ban (it gets huge, but ...) vpopmail version 5.4.33 with one patch I don't think this is a Debian issue ... possibly could be a vpopmail issue, but it's probably caused by the fact that imap daemons are running as vpopmail: vpopmail 30182 9187 0 15:02 ? 00:00:00 dovecot/imap From ad+lists at uni-x.org Mon Feb 8 20:25:05 2016 From: ad+lists at uni-x.org (Alexander Dalloz) Date: Mon, 8 Feb 2016 21:25:05 +0100 Subject: Permissions issue with Debian 8, dovecot 2.21, vpopmail In-Reply-To: <56B8F404.4010903@itconsul.com> References: <56B8F404.4010903@itconsul.com> Message-ID: <56B8F9A1.8050000@uni-x.org> Am 08.02.2016 um 21:01 schrieb Stephen: > There is a permissions issue in dovecot 2.21 in the ~/run directory > (mine is /var/run/dovecot) at least in Debian 8. > > Files created by dovecot imap: > > srw------- 1 root root 0 Feb 3 16:46 imap-hibernate > srw------- 1 root root 0 Feb 3 16:46 imap-master > > changed to make work: > > srw-rw-rw- 1 root root 0 Feb 3 16:46 imap-hibernate > srw-rw-rw- 1 root root 0 Feb 3 16:46 imap-master > > Errors were reported in /var/log/dovecot.log which we use mainly for > fail2ban (it gets huge, but ...) > > vpopmail version 5.4.33 with one patch > > I don't think this is a Debian issue ... possibly could be a vpopmail > issue, but it's probably caused by the fact that imap daemons are > running as vpopmail: > > vpopmail 30182 9187 0 15:02 ? 00:00:00 dovecot/imap What purpose does vpopmail serve that dovecot alone does not? Isn't it just an ancient leftover from historic qmail times? Alexander From christian at ch-sc.de Mon Feb 8 20:25:35 2016 From: christian at ch-sc.de (Christian Schneider) Date: Mon, 08 Feb 2016 21:25:35 +0100 Subject: Dovecot with pam authentication and user@domain In-Reply-To: <1697187.Brhxq3VESD@limonengrasbaum> References: <1697187.Brhxq3VESD@limonengrasbaum> Message-ID: <2329004.Xn5i0zAXOv@limonengrasbaum> Sorry for bringing up this issue again, but I still have no solution. Is the describtion of my problem unclear? I suppose this setup is not uncommon... Greetings Christian On Samstag, 16. Januar 2016 00:51:27 CET Christian Schneider wrote: > Hello all, > I'm trying to setup dovecot for local users with pam authentication. > The passdb and userdb entries are as follows: > > passdb { > args = username_format=%n > driver = pam > } > userdb { > args = username_format=%n > driver = passwd > } > > Using "doveadm user chriss" returns the user record as expected, but > "doveadm user chriss at testmail.ch-sc.de" gives an error: > field valueuserdb lookup: user chriss at testmail.ch-sc.de doesn't exist > > As far as I understand, username_format=%n should drop the domain part and > only search for the user in the userdb, but it doesn't. What am I missing? > > Greetings > Christian -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 303 bytes Desc: This is a digitally signed message part. URL: From tj at terramar.net Mon Feb 8 22:28:53 2016 From: tj at terramar.net (Tom Johnson) Date: Mon, 8 Feb 2016 14:28:53 -0800 Subject: autoexpunge - different settings for different users In-Reply-To: <21286692-3606-49C2-A810-790BE8776BD2@iki.fi> References: <07271EC5-DD2A-4C00-ABBD-983D62639007@terramar.net> <21286692-3606-49C2-A810-790BE8776BD2@iki.fi> Message-ID: <10AC01B9-DD2D-4D15-A30C-E62552EFEDF9@terramar.net> > On Feb 8, 2016, at 2:02 AM, Timo Sirainen wrote: > >> >> On 08 Feb 2016, at 06:46, Tom Johnson wrote: >> >> Can you return something like "namespace/inbox/*/autoexpuge=90d" to cover all the namespaces? And then override individual ones if necessary? > > It would mean the same as: > > namespace inbox { > mailbox * { > autoexpunge = 90d > } > } > > So the question is about whether the above configuration works. Currently it doesn't, but it probably will in future. Does this mean that you can't use autoexpunge on the main inbox for a user at all? From axel.luttgens at skynet.be Mon Feb 8 22:46:37 2016 From: axel.luttgens at skynet.be (Axel Luttgens) Date: Mon, 8 Feb 2016 23:46:37 +0100 Subject: Found bug in quota-status + patch In-Reply-To: References: Message-ID: > Le 7 f?vr. 2016 ? 23:26, Thierry Coppey a ?crit : > > Hello, > > I've found a bug in the quota-status util (Dovecot 2.2.21, and probably below): it always return > OK (sufficient quota) because it fails to load the user properly. More specifically, the branch > " if (quser == NULL) return 1; " in src/plugins/quota/quota-status.c:59 is always taken. > (at least with postgresql backend, test your config with the (adapted) command below: > printf "recipient=mailbox at example.com\nsize=10000000000\n\n" | nc inet:mailstore.example.com 12340 > it should reject, unless you have no quota, or more than 10G). > > [?] Hello Thierry, Could it be that you found an explanation for a similar problem I encountered as early as with 2.2.4 and with a sqlite backend (see thread "2.2.4 - Some questions about and needing help with quota-status" started July 16, 2013)? It would be marvelous, as I?m currently stuck with quite an ugly workaround. Thanks, Axel From tj at terramar.net Tue Feb 9 01:51:05 2016 From: tj at terramar.net (Tom Johnson) Date: Mon, 8 Feb 2016 17:51:05 -0800 Subject: autoexpunge - different settings for different users In-Reply-To: References: Message-ID: <02151B7A-30A5-4B25-A2D8-71C21DE20A65@terramar.net> > On Feb 7, 2016, at 10:59 AM, Timo Sirainen wrote: > > You can override any mail-related setting from userdb. So for example if you have: > > namespace inbox { > mailbox Trash { > autoexpunge = 30d > } > } > > You can have your userdb return namespace/inbox/Trash/autoexpunge=90d extra field for other users. http://wiki2.dovecot.org/UserDatabase/ExtraFields has some examples. I have my query returning the extra field, with the namespace entries separated by tabs. If I do a doveadm, I see it: # doveadm user field value uid 1005 gid 1005 home mail namespace/inbox/Drafts/autoexpunge 3d namespace/inbox/Quarantine/autoexpunge 3d quota_rule *:storage=10000M I turned on debugging, and tried to deliver some email to see if autoexpunge is called, and I'm seeing this: 2016-02-09T01:41:23+0000 s01.lax.mailroute.net dovecot: doveadm(tj at terramar.net): Debug: Unknown userdb setting: plugin/namespace/inbox/Drafts/autoexpunge=3d 2016-02-09T01:41:23+0000 s01.lax.mailroute.net dovecot: doveadm(tj at terramar.net): Debug: Unknown userdb setting: plugin/namespace/inbox/Quarantine/autoexpunge=3d Anybody know what am I missing? Thanks- Tom From leon at dexterous.org Tue Feb 9 03:01:23 2016 From: leon at dexterous.org (Leon Kyneur) Date: Tue, 09 Feb 2016 03:01:23 +0000 Subject: autoexpunge - different settings for different users In-Reply-To: <02151B7A-30A5-4B25-A2D8-71C21DE20A65@terramar.net> References: <02151B7A-30A5-4B25-A2D8-71C21DE20A65@terramar.net> Message-ID: Hi Tom, Looks like you are missing 'mailbox' keyword: namespace/inbox/mailbox/Drafts/autoexpunge=3d Regards, Leon On Tue, Feb 9, 2016 at 12:51 PM Tom Johnson wrote: > > > On Feb 7, 2016, at 10:59 AM, Timo Sirainen wrote: > > > > You can override any mail-related setting from userdb. So for example if > you have: > > > > namespace inbox { > > mailbox Trash { > > autoexpunge = 30d > > } > > } > > > > You can have your userdb return namespace/inbox/Trash/autoexpunge=90d > extra field for other users. > http://wiki2.dovecot.org/UserDatabase/ExtraFields has some examples. > > > I have my query returning the extra field, with the namespace entries > separated by tabs. If I do a doveadm, I see it: > # doveadm user > field value > uid 1005 > gid 1005 > home > mail > namespace/inbox/Drafts/autoexpunge 3d > namespace/inbox/Quarantine/autoexpunge 3d > quota_rule *:storage=10000M > > > I turned on debugging, and tried to deliver some email to see if > autoexpunge is called, and I'm seeing this: > > 2016-02-09T01:41:23+0000 s01.lax.mailroute.net dovecot: doveadm( > tj at terramar.net): Debug: Unknown userdb setting: > plugin/namespace/inbox/Drafts/autoexpunge=3d > 2016-02-09T01:41:23+0000 s01.lax.mailroute.net dovecot: doveadm( > tj at terramar.net): Debug: Unknown userdb setting: > plugin/namespace/inbox/Quarantine/autoexpunge=3d > > > > Anybody know what am I missing? > > Thanks- > > Tom > From skdovecot at smail.inf.fh-brs.de Tue Feb 9 07:02:43 2016 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Tue, 9 Feb 2016 08:02:43 +0100 (CET) Subject: Lots of zero-byte hard link files in cur (and new/tmp), cannot see messages in folder In-Reply-To: <56B8CD4B.7070107@Media-Brokers.com> References: <56B8CD4B.7070107@Media-Brokers.com> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Mon, 8 Feb 2016, Charles Marcus wrote: > My problem is, one of my most used folders, which was working fine up > until a week or so ago, stopped loading the messages, and after some > frustrating troubleshooting via email with people who don't listen very > well, I finally got a tarball of this folder, and they are using maildir. > > There are about 24,000 messages in there (non-zero-byte files). This > number sounds about right. All other folders (including INBOX, Sent, > etc) are still working fine. > > The problem, though, is there are over 815,000 zero-byte-files in the > cur directory, all showing as hardlinks (looks like maybe a whole bunch > of duplicates for each of the real message files in the cur directory). "zero-byte-files ... showing as hardlinks" You mean this: hrw-r--r-- user/group 0 2016-02-09 07:26 ./2 link to ./1 ? This is a pseudo-notation of tar to indicate hardlinks. This is no zero-byte file. yes, these entries are duplicates of other messages. Note, https://en.wikipedia.org/wiki/Hard_link if two files are hardlinked together, there is no "to" or "from". You cannot tell, which existed before. They just indicate that those directory entries point to the same physical file with the same access rights and times and data. Extract the tar file to a Unix-like, inode-based filesystem supporting hardlinks to see. > There are also 43 non-zero-byte message files in the new directory, and > 1,515 of these zero-byte hardlinks (to message files in the new directory). > There are also no non-zero-byte message files in the tmp directory, but > there are 52 of the hardlinks, linked to something in the new directory. if there is such entry in the tmp directory, it indicates a failed delivery attempt. If one entry in "tmp" is hardlinked to one entry in "new" of the same mailbox, it may indicate that the message was to spool into another mailbox (via hardlink, too), which failed fatally. Is it possible that those messages are messages from your hoster and the message was to spool to many user mailboxes? > I've never seen any of these kinds of zero-byte files before on the one > server I managed for a long time (not shared, just used for a single > domain). See above. > Anyone ever seen this before? What does "stopped loading messages" mean? The MUA cannot download messages? Check if the server returns OK selecting the mailbox and if the numbers match, see http://wiki2.dovecot.org/TestInstallation You could use a select INBOX b copy 1 "mailbox-name" to copy a new message there and re-select the broken mailbox and compare the numbers. Also you could test, if the server crashes on a message in the mailbox, try c fetch 1:* BODY.PEEK[HEADER.FIELDS (SUBJECT)] c FETCH 1:* FLAGS c FETCH 1:* BODY[TEXT] > Would running: > > doveadm index -u myuser * only, if the index is corrupt. > or > > doveadm force-resync -u myuser * you can run doveadm, but cannot doveconf on the server? > > be appropriate commands to try to repair the damage (whatever it is)? > > Any other commands I could suggest running? > > Thanks. I know I haven't given much to go on. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVrmPFHz1H7kL/d9rAQKGUAgAllyxylzcN+4+jvnB7rlxPwFF0/QbxbZb hHCVbLI5J0nL4BVaj8De1uY3TGW09HIf5p6DLoX0O0k+4tmvSKBSJASNZypF9Dco ELQbSoJCXL+fhOodsXxHXzfMJFVAM79Ly/2IPLsvHQclEUklrKKK7BXvpkqQmVKY Bos1ZWi0Ctl2pCZzG//dyz7ZRgkyr2j6MF/LaHRcmK0kOZT9fM8lfxPcYOY3ynOm xEjqDTP6iZtTMrpqm4YOMMhtXho0JmGVnLlO4HCdb9bMJzSwe/ZBw2Y2WoyuXwiL 4dmZ2r6WRQ+OM18aWGkDWQ3STenmuZUT4q7U3t1ObhnJw2xnLt0AJg== =oCQf -----END PGP SIGNATURE----- From lst_hoe02 at kwsoft.de Tue Feb 9 09:13:00 2016 From: lst_hoe02 at kwsoft.de (lst_hoe02 at kwsoft.de) Date: Tue, 09 Feb 2016 10:13:00 +0100 Subject: RFC: HTTP based storage API In-Reply-To: <0A763875-BD2D-46A7-AA49-E7A2672FF6F6@iki.fi> References: <56B85987.8050707@fsn.hu> <0A763875-BD2D-46A7-AA49-E7A2672FF6F6@iki.fi> Message-ID: <20160209101300.Horde.i7D_6F8I40OwAv-IChpwa8G@webmail.kwsoft.de> Zitat von Timo Sirainen : > On 08 Feb 2016, at 11:01, Nagy, Attila wrote: >> >> Hi, >> >> Nearly every popular programming language has an LMTP/POP/IMAP >> implementation, most of them suck in many different ways. >> I don't know any server or library which provides a >> well-established, compatible protocol frontend with an open backend >> API, which could be used to easily make a custom storage backend >> for the LMTP/POP/IMAP frontend in any language, in any programming >> paradigm, irregardless of the frontend implementation. >> >> Dovecot is very close to this: it speaks IMAP to the backend, but >> you still have to make a nearly complete IMAP implementation, which >> is a PITA. >> >> Therefore I am curious about your opinion: what about an HTTP-based >> open backend (lib-storage) API to Dovecot? > > We're planning on implementing http://jmap.io/ to Dovecot v2.3. It's > close enough to how Dovecot works internally (although we'd still > need the threading support) and also at least attempting to become a > standard. We haven't really started it yet though, so now would be a > good time to give any alternative suggestions or complaints about > jmap :) That would be a cool feature, Thanks. Andreas -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 5840 bytes Desc: S/MIME Cryptographic Signature URL: From amateo at um.es Tue Feb 9 09:54:19 2016 From: amateo at um.es (Angel L. Mateo) Date: Tue, 9 Feb 2016 10:54:19 +0100 Subject: Accessing to mail as another user Message-ID: <56B9B74B.60408@um.es> Hello, I'm looking for a way to access to a POP/IMAP account as another user different than me, but using my password. That is, I'm "someone at domain.com" and I want to access to "anotherone at domain.com" mailbox using the password of "someone at domain.com", not the "anotherone at domain.com" (something similar to master passwords, but without sharing any password). Obviously, in my LDAP backend I can configure something to authorize "someone" to access to "anotherone"'s mailbox. At this momment, I'm trying to use someone at domain.com@anotherone at domain.com as username, with a passdb that uses %{username}@%{domain_first} to authenticate the user, but I'm having problem to configure a userdb map to get the mailbox, because the %{domain_first} variable returns just "domain.com". To fix this, I could use "someone at anotherone@domain.com", but this has problems with virtual domains an different users with same username (someone at domain.com and someone at otherdomain.com). Looking at documentation, at [1], in the "auth_user" variable says: "... If username changes during authentication, this value contains the original username..." what leads me to think that there is some way to change the user during the authentication process, but I don't know how or maybe I'm assuming wrong. Any help with this? Thank you [1] http://wiki.dovecot.org/Variables -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n y las Comunicaciones Aplicadas (ATICA) http://www.um.es/atica Tfo: 868887590 Fax: 868888337 From pch at myzel.net Tue Feb 9 11:03:29 2016 From: pch at myzel.net (Peter Chiochetti) Date: Tue, 9 Feb 2016 12:03:29 +0100 Subject: Accessing to mail as another user In-Reply-To: <56B9B74B.60408@um.es> References: <56B9B74B.60408@um.es> Message-ID: <56B9C781.3080506@myzel.net> Am 2016-02-09 um 10:54 schrieb Angel L. Mateo: > [?] > Looking at documentation, at [1], in the "auth_user" variable says: > "... If username changes during authentication, this value contains the > original username..." what leads me to think that there is some way to > change the user during the authentication process, but I don't know how > or maybe I'm assuming wrong. If I fully understand, user switching is done by having userdb return arbitrary uid,gid,user for the principal used in authentication. After being switched, you ARE the other one, so in my (possibly limited) understanding you can no longer read your own mail. That might not be intended? -- peter From amateo at um.es Tue Feb 9 11:13:42 2016 From: amateo at um.es (Angel L. Mateo) Date: Tue, 9 Feb 2016 12:13:42 +0100 Subject: Accessing to mail as another user In-Reply-To: <56B9C781.3080506@myzel.net> References: <56B9B74B.60408@um.es> <56B9C781.3080506@myzel.net> Message-ID: <56B9C9E6.5040802@um.es> El 09/02/16 a las 12:03, Peter Chiochetti escribi?: > Am 2016-02-09 um 10:54 schrieb Angel L. Mateo: >> [?] >> Looking at documentation, at [1], in the "auth_user" variable says: >> "... If username changes during authentication, this value contains the >> original username..." what leads me to think that there is some way to >> change the user during the authentication process, but I don't know how >> or maybe I'm assuming wrong. > > If I fully understand, user switching is done by having userdb return > arbitrary uid,gid,user for the principal used in authentication. After > being switched, you ARE the other one, so in my (possibly limited) > understanding you can no longer read your own mail. That might not be > intended? > To access my own mail, I would use someone at domain.com as username, not someone at domain.com@another at domain.com. Looking deeply in master password documentation, I think I'll be able to use it configure. But I'm going to need to find a way to limit the access to just another at domain.com's mailbox, not all mailboxes. -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n y las Comunicaciones Aplicadas (ATICA) http://www.um.es/atica Tfo: 868887590 Fax: 868888337 From matthias.lay at securepoint.de Tue Feb 9 11:31:31 2016 From: matthias.lay at securepoint.de (Matthias Lay) Date: Tue, 9 Feb 2016 12:31:31 +0100 Subject: subscribe users mailbox with non-valid mutf7 chars Message-ID: <20160209123131.41d1723b@eugen.spdev.local> Hi all, I got a question if its possible to subscribe a mailbox from another user, who contains non mutf7 valid chars in his mailbox path. I have a private namespace which can subscribe to mailboxes of a shared namespace with public/ prefix in this example username in private namespace is johnd public username is "a & p products group" when I try the subscription I get this one: ******************************************** # doveadm mailbox subscribe -u johnd "public/a & p products group/INBOX" doveadm(johnd): Error: Can't public/a & p products group/INBOX mailbox subscribe to: Invalid mailbox name 'public/a & p products group/INBOX': Missing namespace prefix 'public/a &- p products group/' ******************************************** is there a way to work around this? (except for not to use usernames like this) greetz matze From idefix at fechner.net Tue Feb 9 12:44:57 2016 From: idefix at fechner.net (Matthias Fechner) Date: Tue, 09 Feb 2016 13:44:57 +0100 Subject: Accessing to mail as another user In-Reply-To: <56B9B74B.60408@um.es> References: <56B9B74B.60408@um.es> Message-ID: Am 2016-02-09 10:54, schrieb Angel L. Mateo: > I'm looking for a way to access to a POP/IMAP account as another user > different than me, but using my password. That is, I'm > "someone at domain.com" and I want to access to "anotherone at domain.com" > mailbox using the password of "someone at domain.com", not the > "anotherone at domain.com" (something similar to master passwords, but > without sharing any password). Obviously, in my LDAP backend I can > configure something to authorize "someone" to access to "anotherone"'s > mailbox. do you maybe mean shared mailboxes: http://wiki.dovecot.org/SharedMailboxes -- Gru? Matthias From r.koerner at tscheinig.com Tue Feb 9 15:06:38 2016 From: r.koerner at tscheinig.com (=?UTF-8?Q?Rudolf_K=c3=b6rner?=) Date: Tue, 9 Feb 2016 16:06:38 +0100 Subject: Bug: The "listescape" plugin does not work with the option "mail_shared_explicit_inbox = no". [with patch] Message-ID: <56BA007E.80603@tscheinig.com> Hello, there seems to be a problem with the listescape plugin and shared INBOX: === Preconditions: - Dovecot 2.2.21 (or 2.2.13) - IMAP - Separator / - Namespace-prefixes "INBOX/" and "shared/%%u/" - Maildir(++) - option mail_plugins = acl listescape - option mail_shared_explicit_inbox = no - User "owner" shares the INBOX - ACLs set for another user "reader", so "reader" is able to access the shared INBOX of "owner" === Steps to reproduce by using IMAP commands at a telnet session: - a1 login reader password - a2 select shared/owner === Result: Selecting the shared INBOX fails with a response like: a2 NO Mailbox doesn't exist: shared/owner === Expected: The "select" command works. === Analysis: The function "mailbox_list_default_get_storage_name" (lib-storage/mailbox-list.c) does not work as expected when using the mail_plugin "listescape". It compares the mailbox name to the namespace prefix. Since the mailbox name is escaped a few lines before, the comparison yields "strings differ", which makes accessing the shared INBOX fail. For example: for a string vname (mailbox name) "shared/owner", it compares "shared.owner" (escaped string) to the list->ns->prefix which is "shared/owner". Asuming that the stored prefix should not be escaped, there should be a comparison of the unescaped name to the unescaped prefix (or the escaped name to the escaped prefix?). === Patch: Attached is a small patch which shows a possible solution. When applied, the problem is solved, i.e. the shared INBOX is accessible then. Important note: this patch is experimental, it works for the described special case but might not work with a different configuration or might even break things. Best Regards, Rudolf K?rner -------------- next part -------------- A non-text attachment was scrubbed... Name: Dovecot_patch_shared_INBOX_working_with_libescape_plugin_and_mail_shared_explicit_inbox-no_EXPERIMENTAL.patch Type: text/x-patch Size: 1598 bytes Desc: not available URL: From alessio at skye.it Tue Feb 9 17:47:12 2016 From: alessio at skye.it (Alessio Cecchi) Date: Tue, 09 Feb 2016 18:47:12 +0100 Subject: Load increase and imap processes in state D Message-ID: <56BA1C12.6040809@skye.it> Hi, in recent weeks I have notice a sudden increase in the load average of our Dovecot (2.2.19) IMAP/POP servers (and consequently in the NFS storage). After an investigation I found some dovecot/imap processes in D state and running UID FETCH or UID SORT from Webmail (Roundcube) without that user was actually more connected to webmail. Some minutes after the dovecot/imap processes stop to run FETCH/SORT but in "ps aux" I can still see it. If the user try to login in Webmail again the same process start again to run FETCH/SORT (and it consumes a lot of I/O resources) but the webmail does not load any message and return a "FETCH 1: UID INTERNALDATE BODY.PEEK ..." error. The only way to restore the webmail access is to kill the related dovecot/imap process (or with doveadm kick username). I noticed that these processes in D state had started many hours before. Example, now are 17:30 (important, see the time of the dovecot/imap processes) the user alessio at skye try to login in webmail without success and close the webmail, processes are still running: # doveadm who | grep alessio at skye username # proto (pids) (ips) alessio at skye 3 imap (10440 4624) (192.168.5.215) # ps aux | grep SORT vmail 4624 0.0 0.0 108792 16048 ? D 13:32 0:01 dovecot/imap [alessio at skye 192.168.5.215 UID SORT] vmail 10440 0.0 0.1 108520 17832 ? D 12:32 0:02 dovecot/imap [alessio at skye 192.168.5.215 UID SORT] # doveadm kick alessio at skye kicked connections from the following users: alessio at skye Processes are now died, and user can login in Webmail easily. Can be a "reusing processes" issue since I have set service_count=100 for imap and pop3 services or there may be other problems related to my configuration? Thanks my configuration: # 2.2.19.1 (16dc61d3dab3): /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.9 (5d26f470efe6) # OS: Linux 2.6.32-573.12.1.el6.x86_64 x86_64 CentOS release 6.7 (Final) auth_cache_negative_ttl = 5 mins auth_cache_size = 10 M auth_cache_ttl = 20 mins auth_master_user_separator = * auth_worker_max_count = 50 deliver_log_format = msgid=%m, from=%f, subject="%s": %$ dict { acl = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext expire = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext sqlquota = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext } disable_plaintext_auth = no first_valid_gid = 89 first_valid_uid = 89 imap_client_workarounds = delay-newmail tb-extra-mailbox-sep tb-lsub-flags imap_idle_notify_interval = 29 mins imap_logout_format = in=%i out=%o session=<%{session}> last_valid_gid = 89 last_valid_uid = 89 lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes listen = 10.96.3.156 login_trusted_networks = 192.168.5.0/24 mail_fsync = always mail_location = maildir:~/Maildir mail_plugins = quota acl expire fts fts_solr zlib maildir_very_dirty_syncs = yes managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate vnd.dovecot.duplicate mmap_disable = yes namespace { list = children location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u prefix = shared/%%n/ separator = / subscriptions = no type = shared } namespace inbox { inbox = yes location = mailbox Drafts { auto = subscribe special_use = \Drafts } mailbox Sent { auto = subscribe special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Spam { auto = subscribe special_use = \Junk } mailbox Trash { auto = subscribe special_use = \Trash } prefix = separator = / } passdb { args = /etc/dovecot/dovecot-deny-sql.conf.ext deny = yes driver = sql } passdb { args = /etc/dovecot/extra/master-users driver = passwd-file master = yes pass = yes } passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { acl = vfile acl_shared_dict = proxy::acl antispam_backend = mailtrain antispam_mail_notspam = --ham antispam_mail_sendmail = /usr/bin/sa-learn antispam_mail_spam = --spam antispam_spam = Spam antispam_trash = Trash expire = Trash expire2 = Spam expire_dict = proxy::expire fts = solr fts_solr = url=http://10.0.0.5:8983/solr/ quota = maildir:UserQuota quota2 = dict:Quota Usage::noenforcing:proxy::sqlquota quota_grace = 10M quota_rule2 = Trash:storage=+100M quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=80%% quota-warning 80 %u sieve = ~/.dovecot.sieve sieve_before = /etc/dovecot/sieve/before.sieve sieve_dir = ~/sieve sieve_extensions = +vnd.dovecot.duplicate -vacation zlib_save = gz zlib_save_level = 6 } pop3_client_workarounds = outlook-no-nuls oe-ns-eoh pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s, bytes=%i/%o, session=<%{session}> protocols = imap pop3 sieve sendmail_path = /bin/sendmail service auth { client_limit = 6524 unix_listener auth-userdb { group = vmail mode = 0660 user = vmail } } service dict { process_limit = 500 unix_listener dict { group = vmail mode = 0660 user = vmail } } service imap-login { process_min_avail = 4 service_count = 0 } service imap-postlogin { executable = script-login /etc/dovecot/imap-postlogin.sh unix_listener imap-postlogin { group = vmail mode = 0660 user = vmail } user = vmail } service imap { executable = imap imap-postlogin process_limit = 5000 service_count = 100 vsz_limit = 384 M } service managesieve-login { inet_listener sieve { port = 4190 } } service pop3-login { process_min_avail = 4 service_count = 0 } service pop3-postlogin { executable = script-login /etc/dovecot/pop3-postlogin.sh unix_listener pop3-postlogin { group = vmail mode = 0660 user = vmail } user = vmail } service pop3 { executable = pop3 pop3-postlogin process_limit = 1024 service_count = 100 } service quota-warning { executable = script /etc/dovecot/quota-warning.sh unix_listener quota-warning { user = vmail } user = vmail } service stats { fifo_listener stats-mail { group = vmail mode = 0660 user = vmail } } ssl_cert = Hi It's possible to mark some folders as special use for IMAP in the config like: namespace inbox { mailbox Spam { special_use = \Junk } } Our webmail allows users to use an arbitrary folder for Spam, and we have this settings and we'd like to return it in from our UserDB (which is a custom dict proxy). For testing were able to set a namespace parameter like "separator" by returning: "namespace/inbox/separator" : "=", from UserDB, but can't figure out a way to set mailbox settings, "namespace/inbox/mailbox Spam/special_use" : "\Junk", for example doesn't work. Is there a way to return this setting from a UserDB query? From Hajo.Locke at gmx.de Tue Feb 9 22:33:53 2016 From: Hajo.Locke at gmx.de (Hajo Locke) Date: Tue, 9 Feb 2016 23:33:53 +0100 Subject: Per-user special folder? In-Reply-To: <1FC4E4AF-19C8-4244-A0B3-23A5AA5D3A04@tucows.com> References: <1FC4E4AF-19C8-4244-A0B3-23A5AA5D3A04@tucows.com> Message-ID: <56BA6951.8010000@gmx.de> Hello, Am 09.02.2016 um 22:28 schrieb Richard Platel: > Hi > > It's possible to mark some folders as special use for IMAP in the config like: > > namespace inbox { > mailbox Spam { > special_use = \Junk > } > } > > > Our webmail allows users to use an arbitrary folder for Spam, and we have this settings and we'd like to return it in from our UserDB (which is a custom dict proxy). > > For testing were able to set a namespace parameter like "separator" by returning: > "namespace/inbox/separator" : "=", > > from UserDB, but can't figure out a way to set mailbox settings, > > "namespace/inbox/mailbox Spam/special_use" : "\Junk", for example doesn't work. > > Is there a way to return this setting from a UserDB query? > we use this a lot with userdb to allow individual folders marked as special. your userbd-query should return something like this: namespace/inbox/mailbox=Junk namespace/inbox/mailbox/Junk/name=Spam namespace/inbox/mailbox/Junk/auto=subscribe namespace/inbox/mailbox/Junk/special_use=\Junk Spam is visible name in this case. Hajo From kremels at kreme.com Wed Feb 10 01:18:52 2016 From: kremels at kreme.com (@lbutlr) Date: Tue, 9 Feb 2016 18:18:52 -0700 Subject: Sieve question Message-ID: <439ED5D6-9532-4D85-A2AC-86905EA87F4B@kreme.com> Is it possible to use redirect in a sieve to redirect to multiple addresses? if header :contains ?from? ?test at example.com? { redirect ?user1 at example.com,user2 at example.com?; } I thought this would work, But I am seeing a ?redirect address is invalid: not a single addres [sic] (found ?,?). -- I'll have what the gentleman on the floor is having. From jeff at cjsa.com Wed Feb 10 05:45:42 2016 From: jeff at cjsa.com (Jeffery Small) Date: Tue, 9 Feb 2016 21:45:42 -0800 Subject: Question on setting up dovecot Message-ID: <20160210054542.GA1503@cjsa.com> Server OS: Ubuntu 15.10 Sendmail: 8.14.9-4 # doveconf -n ----------------------------------------------------------- # 2.2.18: /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.8 (0c4ae064f307+) # OS: Linux 4.2.0-27-generic x86_64 Ubuntu 15.10 disable_plaintext_auth = no mail_location = mbox:~/lib/Mail:INBOX=/var/mail/%u passdb { driver = pam } protocols = imap pop3 ssl_cert = References: <56B9B74B.60408@um.es> Message-ID: <56BADD77.3090504@um.es> El 09/02/16 a las 13:44, Matthias Fechner escribi?: > > do you maybe mean shared mailboxes: > http://wiki.dovecot.org/SharedMailboxes > I don't want shared mailboxes. I have to access the other mailbox as a complete separate account from my personal one. I think I can achive this with master user, but I need to found a way to configure permissions so the real user has access to all folders in the other mailbox. -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n y las Comunicaciones Aplicadas (ATICA) http://www.um.es/atica Tfo: 868887590 Fax: 868888337 From alec at alec.pl Wed Feb 10 07:18:39 2016 From: alec at alec.pl (A.L.E.C) Date: Wed, 10 Feb 2016 08:18:39 +0100 Subject: Sieve question In-Reply-To: <439ED5D6-9532-4D85-A2AC-86905EA87F4B@kreme.com> References: <439ED5D6-9532-4D85-A2AC-86905EA87F4B@kreme.com> Message-ID: <56BAE44F.4090303@alec.pl> On 02/10/2016 02:18 AM, @lbutlr wrote: > Is it possible to use redirect in a sieve to redirect to multiple addresses? > > if header :contains ?from? ?test at example.com? { > redirect ?user1 at example.com,user2 at example.com?; > } I never tried, but according to RFC redirect argument is supposed to be an email address, so even a list is not allowed, but you may try redirect [?user1 at example.com","user2 at example.com?]; Anyway, there's "copy" extension. So, this should work: require ["copy"] if header :contains ?from? ?test at example.com? { redirect :copy ?user1 at example.com?; redirect ?user2 at example.com?; } -- Aleksander 'A.L.E.C' Machniak Kolab Groupware Developer [http://kolab.org] Roundcube Webmail Developer [http://roundcube.net] --------------------------------------------------- PGP: 19359DC1 @@ GG: 2275252 @@ WWW: http://alec.pl From kremels at kreme.com Wed Feb 10 09:30:59 2016 From: kremels at kreme.com (@lbutlr) Date: Wed, 10 Feb 2016 02:30:59 -0700 Subject: Sieve question In-Reply-To: <56BAE44F.4090303@alec.pl> References: <439ED5D6-9532-4D85-A2AC-86905EA87F4B@kreme.com> <56BAE44F.4090303@alec.pl> Message-ID: On Feb 10, 2016, at 12:18 AM, A.L.E.C wrote: > require ["copy"] > if header :contains ?from? ?test at example.com? { > redirect :copy ?user1 at example.com?; > redirect ?user2 at example.com?; > } Ah, right, that makes sense. Thanks. -- Honesty may be the best policy, but insanity is a better defense. From stephan at rename-it.nl Wed Feb 10 09:55:03 2016 From: stephan at rename-it.nl (Stephan Bosch) Date: Wed, 10 Feb 2016 10:55:03 +0100 Subject: Sieve question In-Reply-To: References: <439ED5D6-9532-4D85-A2AC-86905EA87F4B@kreme.com> <56BAE44F.4090303@alec.pl> Message-ID: <56BB08F7.8060008@rename-it.nl> Op 10-2-2016 om 10:30 schreef @lbutlr: > On Feb 10, 2016, at 12:18 AM, A.L.E.C wrote: >> require ["copy"] >> if header :contains ?from? ?test at example.com? { >> redirect :copy ?user1 at example.com?; >> redirect ?user2 at example.com?; >> } > > > Ah, right, that makes sense. Thanks. The copy extension is not needed here. The redirect action is explicit and will not be affected by cancellation of the implicit keep in the absence of ":copy". Just keep in mind that the total number of redirects is limited (subject to configuration). Regards, Stephan. From gfinetin2 at hotmail.com Wed Feb 10 15:30:19 2016 From: gfinetin2 at hotmail.com (Jorge Carling) Date: Wed, 10 Feb 2016 16:30:19 +0100 Subject: Cache unseen count Message-ID: Dear all, Lately I am working on PHP mail account management application. It has, among others, Unread messages count column. To get the number of unread messages, I execute "doveadm search" command for each database row. The search time for single account is about 0.03 seconds. Our system has around 750 accounts, so the total loading time is currently around 20 seconds. When setting up Dovecot, I made the user_query, which is also used to store the message quota, and total number of messages stored in particular mailbox. Is there a keyword that can be included in the user_query, or some other way to maintain the unread messages count in the database? Maybe there is a way to execute a script every time a message is received, or becomes read, or unread. Kind regards,JC From =?UTF-8?Q?Thomas_M=c3=b6hle_=28 at bitkomplex=29?= Wed Feb 10 16:18:37 2016 From: =?UTF-8?Q?Thomas_M=c3=b6hle_=28 at bitkomplex=29?= (=?UTF-8?Q?Thomas_M=c3=b6hle_=28 at bitkomplex=29?=) Date: Wed, 10 Feb 2016 17:18:37 +0100 Subject: user password in mail-filter plugin In-Reply-To: <56B479EF.7060809@bitkomplex.de> References: <56B2AD0D.20701@bitkomplex.de> <6DA81168-E302-43BB-B8EC-5DB76F73D43D@iki.fi> <56B38D62.5070301@bitkomplex.de> <416F9EAE-E9C9-463C-B30D-3FB77A94E4EB@iki.fi> <56B3D69A.5060700@bitkomplex.de> <795A673B-969C-47D1-8C34-3EE025728EAF@iki.fi> <56B479EF.7060809@bitkomplex.de> Message-ID: <56BB62DD.1030403@bitkomplex.de> Am 05.02.2016 um 11:31 schrieb Thomas M?hle: > Am 05.02.2016 um 10:38 schrieb Timo Sirainen: >> >>> On 05 Feb 2016, at 00:54, Thomas M?hle wrote: >>> >>> Unfortunately it still doesn't work. The filter-script does not recieve >>> any data from that variable. >>> I tried replacing the %w with %u, to see, if the filter-script would at >>> least recieve the username then, but that doesn't work, either. So I'm >>> not sure, if %{userdb:pass} isn't read correctly, or if "override_fields >>> = userdb_pass=%w" doesn't set it right. >> >> Check with: >> >> doveadm auth login user at domain password >> >> In the output there's supposed to be the "pass" field in userdb extra fields. If not, try adding before your first userdb: >> >> userdb { >> driver = prefetch >> result_success = continue >> } >> >> I don't think that was supposed to be necessary though. >> > > Still nothing. It seems like the extra field doesn't even exist. :/ > > doveadm auth login thomas at example.com mypassword > passdb: thomas at example.com auth succeeded > userdb extra fields: > thomas at example.com > home=/var/mail/example.com/thomas > mail=maildir:/var/mail/example.com/thomas/mail:LAYOUT=fs > quota_rule=*:bytes=0 > uid=5000 > gid=5000 > I'm still stuck on this issue. What can I do, if "override_fields = userdb_pass=%u" sets the field to the username? Is it possible, that this is a bug in v2.2.21? From jtam.home at gmail.com Wed Feb 10 19:00:28 2016 From: jtam.home at gmail.com (Joseph Tam) Date: Wed, 10 Feb 2016 11:00:28 -0800 (PST) Subject: Question on setting up dovecot In-Reply-To: References: Message-ID: Jeffery Small writes: > I'm new to dovecot and have a configuration question. I'm attempting to > have a Windows 7 system on my secure LAN connect to the Ubuntu server > using POP3 on channel 110 and retrieve mail from the /var/mail directory. > The user is defined on the Ubuntu machine and when running the Windows > Internet E-Mail Settings tool, the Test Account Settings Logs onto the > server successfully and sends a test message. Sending message is a distinct service from retrieving Email. > However, when I perform a > Send/Receive operation from the user's Outlook, all steps complete but no > mail is pulled down from the server. > > I have tried setting: mail_location = /var/mail/%u > > and restarted dovecot, but nothing changes. How can I debug this? I'm > unsure where to look for clues as to what's happening under the hood. Any > pointers would be appreciated. Log files would be a good start. Maybe start with something like log_path = /path/to/logfile auth_verbose = yes auth_debug = yes mail_debug = yes verbose_ssl = yes Joseph Tam From clemens at en-der.at Wed Feb 10 21:48:40 2016 From: clemens at en-der.at (Clemens Ender) Date: Wed, 10 Feb 2016 22:48:40 +0100 Subject: Pigeonhole Sieve fails on date-based filter rules - bug? Message-ID: <81987BB0-E926-4C48-AA9C-69B8182D6387@en-der.at> Hi list! I?m running dovecot + pigeonhole on a debian wheezy based VPS. Here is the output of ?dovecot -n? # 2.2.18: /usr/local/etc/dovecot/dovecot.conf # Pigeonhole version 0.4.8 (0c4ae064f307+) # OS: Linux 3.2.0-4-amd64 x86_64 Debian 7.9 disable_plaintext_auth = no imap_idle_notify_interval = 29 mins mail_plugins = acl quota fts fts_lucene managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate namespace { location = maildir:%%h/maildir:INDEX=~/maildir/shared/%%u prefix = shared/%%u/ separator = / type = shared } namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = separator = / } passdb { args = username_format=%u /home/dovecot/auth.d/%d/users driver = passwd-file } plugin { acl_shared_dict = file:/home/dovecot/vmail/%d/shared-mailboxes.db fts = lucene fts_autoindex = yes fts_decoder = decode2text fts_lucene = whitespace_chars=@ sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = imap pop3 lmtp sieve service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } unix_listener auth-userdb { group = vmail mode = 0600 user = vmail } } service decode2text { executable = script /usr/local/libexec/dovecot/decode2text.sh unix_listener decode2text { mode = 0666 } user = dovecot } service lmtp { executable = lmtp -L unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0600 user = postfix } user = vmail } service managesieve-login { inet_listener sieve { port = 4190 } } ssl_cert = > Filtering message: ID: <0.0.6.888.1CFAFF845D5E634.77992 at mta144.avaaz.org> Date: Size: 17781 bytes Subject: =?utf-8?q?Klimafreunde_-_der_Plan_ste... Performed actions: * store message in folder: Archiv/2014 Implicit keep: (none) >> Filtering message: ID: <1527093595.86163601420098718229.JavaMail.email at email.apple.com> Date: Thu, 1 Jan 2015 07:51:58 +0000 (GMT) Size: 19573 bytes Subject: =?ISO-8859-1?Q?Ihre_Rechnung,_Nr.=A01... Performed actions: (none) Implicit keep: * store message in folder: INBOX ... So it appears that the ?Date? header is not properly extracted for the affected emails. Here are the headers of an particular email (the one without ?Date:? listed above): Return-Path: Delivered-To: Received: from vps1.en-der.at by vps1 (Dovecot) with LMTP id Vrb9JNSl31M5aQAAwqatwA for ; Mon, 04 Aug 2014 15:25:08 +0000 Received: from mta144.avaaz.org (mta144.avaaz.org [69.60.9.144]) by vps1.en-der.at (Postfix) with ESMTP id 61715ACDAA for ; Mon, 4 Aug 2014 15:25:07 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; s=av_key; d=avaaz.org; h=Content-Type:MIME-Version:Subject:From:To:List-Unsubscribe:Message-ID; i=avaaz at avaaz.org; bh=aNrRG1oOw57rU4AT/0miGg8aWAI=; b=erOsRngaWCaW7R0sK8COa4k97QpCISFa6/0ZKfZJHAEHKJu3FbUTExJb/L6OQez/V26UgwpbKJqU Py0l8dDpu68tUlhR42AUnZV+M+lpqI6LdoiTt/QMC0TklQnqdKZt0E4CG+Kz7plluYwhXlZHVSXc +apdPqllFZeYAcsaN5k= DomainKey-Signature: a=rsa-sha1; c=nofws; q=dns; s=av_key; d=avaaz.org; b=YdIs06lkIN6pxGKoLORIDjbBCLU/5vwP1QCVocIa0qB4EgT1uKwf+bDlpbQVWmSsjPzekeZmWbpZ um+paKzqq7UGtJMVb1eGjod/bkuOGeXXdeZG0tGJz8wfLdNog6DbfChRBvMciS/Wsz+xrK3yVbX6 bQuKbeD/gurWPhEDfFc=; Received: by mta144.avaaz.org id hruita1u62ku for ; Mon, 4 Aug 2014 11:25:07 -0400 (envelope-from ) Content-Type: multipart/alternative; boundary="===============1522543492113580631==" MIME-Version: 1.0 Subject: =?utf-8?q?Klimafreunde_-_der_Plan_steht!?= From: Ricken Patel - Avaaz.org To: "clemens at en-der.at" List-Unsubscribe: X-Campaign-ID: avaazCLIMATEeventhostsrecruitment201407301851073204 X-Version-ID: 43375 Message-ID: <0.0.6.888.1CFAFF845D5E634.77992 at mta144.avaaz.org> --===============1522543492113580631== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Liebe alle, tausende von uns haben ... Any idea what is wrong here? Best regards, Clemens Ender -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 4015 bytes Desc: not available URL: From doark at mail.com Thu Feb 11 02:50:30 2016 From: doark at mail.com (David Niklas) Date: Wed, 10 Feb 2016 21:50:30 -0500 Subject: RFC: HTTP based storage API Message-ID: <20160210215030.54532004@ulgy_thing> On 08 Feb 2016, at 11:01, Nagy, Attila wrote: > Nearly every popular programming language has an LMTP/POP/IMAP > implementation, most of them suck in many different ways. > I don't know any server or library which provides a well-established, > compatible protocol frontend with an open backend API, which could be > used to easily make a custom storage backend for the LMTP/POP/IMAP > frontend in any language, in any programming paradigm, irregardless > of the frontend implementation. Sorry to come in late, but as a curl lover I'd like to know what is wrong with their implementation of pop3 and imap (project homepage curl.haxx.se). Thanks, David From willy at gardiol.org Thu Feb 11 08:12:48 2016 From: willy at gardiol.org (Willy Gardiol) Date: Thu, 11 Feb 2016 09:12:48 +0100 Subject: Help migrating a mailbox... Message-ID: <69e550b5756cc603a52416246af83f1a@gardiol.org> Hi! i have a question for you guys, i have been playing with this issue for a while and i am a bit lost. I have dovecot 2.2.16 on a Gentoo linux server, which run a couple of email domains, linked with postfix. I have a huge (>4gb) Outlook PST file which contains a backup coming from a new user, he used to have this backup on his old email system and i need to dump it into his new email account on my server. This is just a "old" backup which needs to be kept for reference, there is no need to preserve any ID/UID/GUID whatever. So, i found the "readpst" util which is capable ot reading the PST file and dump it's contents as mbox structure. (see http://bit-vonameln.de/email-migration-outlook-dovecot-imap/) I did it and i got a 4.4gb folder with some sub-folders, attachments, and more files inside. Then i spent most of a few days trying to have dovecot digest this and import it on top of the user new email address. With no luck. I have being trying with doveadm sync but i cannot find how i need to do it. Note that: 1) there is no local user, only the mail user (user at hisdomain.org) 2) i use maildir, the PST has been converted to mbox 3) dovecot is compiled with maildir and mbox support I tried, for example: server # export mail_location=mbox:/path/to/mbox/converted/emails server # doveadm sync -u user at hisdomain.org -d doveadm(user at hisdomain.org): Fatal: User has no mail_replica in userdb Then i tried: server # export mail_location=/home/vmail/hisdomain.org/user/maildir server # doveadm sync -u user at hisdomain.org mbox:/path/to/mbox/converted/emails dsync(user at hisdomain.org): Error: Mail locations must use the same virtual mailbox hierarchy separator (specify separator for the default namespace) Also tried: server # export mail_location=/home/vmail/hisdomain.org/user/maildir server # doveadm sync -u user at hisdomain.org /path/to/mbox/converted/emails doveadm(user at hisdomain.org): Fatal: execvp(/home/vmail/hisdomain.org/user/maildir) failed: Permission denied dsync-local(user at hisdomain.org): Error: read(remote) failed: EOF (version not received) My dovecot is configured to use "maildir", the most relevant part of my dovecot.conf is: auth_debug = no login_greeting = Dovecot ready. mail_debug = no auth_debug_passwords = no auth_default_realm = mydomain.org auth_mechanisms = plain login auth_realms = auth_verbose = no base_dir = /var/run/dovecot/ disable_plaintext_auth = no mail_uid=999 mail_gid=999 listen = * mail_location = maildir:/home/vmail/%d/%n/maildir protocols = imap sieve lmtp (i can add omitted lines if needed) either i am not undesrtanding anything, which is totally possible, or i am missing something big. If anybody on this list has any insight or suggestion, pelase advise! ps: the destination mailbox is perfectly new and empty, it's already existing and the user can successfully login, send and receive emails. Dovecot works great, and i am operating locally on the server where i uploaded the converted mbox folders. -- Willy Gardiol willy at gardiol.org www.gardiol.org www.trackaway.org -> Track YOUR way the way you want! From tss at iki.fi Thu Feb 11 13:56:49 2016 From: tss at iki.fi (Timo Sirainen) Date: Thu, 11 Feb 2016 15:56:49 +0200 Subject: Config file syntax in gory detail Message-ID: I finally wrote this: http://wiki2.dovecot.org/ConfigFile Looks like it ended up having a lot more content than I initially assumed. From hs at schlittermann.de Thu Feb 11 14:24:09 2016 From: hs at schlittermann.de (Heiko Schlittermann) Date: Thu, 11 Feb 2016 15:24:09 +0100 Subject: Config file syntax in gory detail In-Reply-To: References: Message-ID: <20160211142409.GD27404@jumper.schlittermann.de> Timo Sirainen (Do 11 Feb 2016 14:56:49 CET): > I finally wrote this: > http://wiki2.dovecot.org/ConfigFile > Looks like it ended up having a lot more content than I initially assumed. Great! That I missed all the time. Best regards from Dresden/Germany Viele Gr??e aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de ---------------------------- internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} - gnupg encrypted messages are welcome --------------- key ID: F69376CE - ! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ - -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 473 bytes Desc: Digital signature URL: From axel.luttgens at skynet.be Thu Feb 11 14:28:15 2016 From: axel.luttgens at skynet.be (Axel Luttgens) Date: Thu, 11 Feb 2016 15:28:15 +0100 Subject: Config file syntax in gory detail In-Reply-To: References: Message-ID: <2DD29008-1B7D-4818-8799-951E9CD4D13A@skynet.be> > Le 11 f?vr. 2016 ? 14:56, Timo Sirainen a ?crit : > > I finally wrote this: > > http://wiki2.dovecot.org/ConfigFile > > Looks like it ended up having a lot more content than I initially assumed. Thanks a lot, Timo! Axel From tss at iki.fi Thu Feb 11 14:55:19 2016 From: tss at iki.fi (Timo Sirainen) Date: Thu, 11 Feb 2016 16:55:19 +0200 Subject: Cache unseen count In-Reply-To: References: Message-ID: <22123536-7B6A-4B62-A5DA-749FE73E540B@iki.fi> On 10 Feb 2016, at 17:30, Jorge Carling wrote: > > Dear all, > Lately I am working on PHP mail account management application. It has, among others, Unread messages count column. > To get the number of unread messages, I execute "doveadm search" command for each database row. > The search time for single account is about 0.03 seconds. Our system has around 750 accounts, so the total loading time is currently around 20 seconds. > When setting up Dovecot, I made the user_query, which is also used to store the message quota, and total number of messages stored in particular mailbox. > Is there a keyword that can be included in the user_query, or some other way to maintain the unread messages count in the database? Maybe there is a way to execute a script every time a message is received, or becomes read, or unread. It's much faster if you use: doveadm mailbox status -A unseen '*' Also if you enable mailbox_list_index=yes it's even faster. If you're using Maildir format you can also enable maildir_very_dirty_syncs=yes. If it's still not fast enough, it would require keeping the unseen counts in some kind of a database, but that would require writing a new plugin. From michael at hufnagl.info Thu Feb 11 15:36:28 2016 From: michael at hufnagl.info (michael at hufnagl.info) Date: Thu, 11 Feb 2016 16:36:28 +0100 Subject: Config file syntax in gory detail In-Reply-To: References: Message-ID: <0b71bafd30ea4afe9126215f322ecac9@hufnagl.info> Hello, Am 11-02-2016 14:56, schrieb Timo Sirainen: > I finally wrote this: > > http://wiki2.dovecot.org/ConfigFile > > Looks like it ended up having a lot more content than I initially > assumed. You are my hero ;) From jeff at cjsa.com Thu Feb 11 17:09:08 2016 From: jeff at cjsa.com (Jeffery Small) Date: Thu, 11 Feb 2016 09:09:08 -0800 Subject: Question on setting up dovecot Message-ID: <20160211170908.GA8844@cjsa.com> Many thanks to Joseph Tam and Steffen Kaiser for pointing me to the logging information that I should have been using in the first place. Now that I have separate log files and debugging information, I'm still at a loss to see why the mail is not being pulled over from the Linux system to the Windows 7 machine. To recap, here is the output from doveconf -n: ---------------------------------------------------------------------- # 2.2.18: /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.8 (0c4ae064f307+) # OS: Linux 4.2.0-27-generic x86_64 Ubuntu 15.10 auth_debug = yes auth_verbose = yes disable_plaintext_auth = no info_log_path = /var/log/dovecot.info log_path = /var/log/dovecot mail_debug = yes mail_location = mbox:~/lib/Mail:INBOX=/var/mail/%u passdb { driver = pam } protocols = imap pop3 ssl_cert = rip= \ lport=110 rport=54453 resp= Feb 11 08:47:49 auth-worker(7864): Debug: Loading modules from directory: \ /usr/lib/dovecot/modules/auth Feb 11 08:47:49 auth-worker(7864): Debug: pam(sherril,): \ lookup service=dovecot Feb 11 08:47:49 auth-worker(7864): Debug: pam(sherril,): \ #1/1 style=1 msg=Password: Feb 11 08:47:49 auth: Debug: client passdb out: OK 1 user=sherril Feb 11 08:47:49 auth: Debug: master in: REQUEST 1975517185 7861 1 \ b48910c85f39498e2fe83277d7e94028 session_pid=7866 Feb 11 08:47:49 auth-worker(7864): Debug: pam(sherril,): lookup Feb 11 08:47:49 auth: Debug: master userdb out: USER 1975517185 \ sherril system_groups_user=sherril uid=1001 gid=1001 \ home=/u/sherril Feb 11 08:47:49 pop3-login: Info: Login: user=, method=PLAIN, \ rip=, lip=, mpid=7866, \ session= Feb 11 08:47:49 pop3(sherril): Debug: Effective uid=1001, gid=1001, \ home=/u/sherril Feb 11 08:47:49 pop3(sherril): Debug: fs: root=/u/sherril/lib/Mail, \ index=, indexpvt=, control=, inbox=/var/mail/sherril, alt= Feb 11 08:47:49 pop3(sherril): Info: Disconnected: Logged out top=0/0, \ retr=0/0, del=0/3, size=36928 ---------------------------------------------------------------------- There are no errors. We have a pop3 connection. The user's name, uid, gid, password, home directory are all correct. The inbox is listed as /var/mail/sherril which is correct, and this file has the correct ownership and permissions: # ls -l /var/mail/sherril -rw-rw---- 1 sherril mail 194900 Feb 11 09:00 /var/mail/sherril Yet, no mail is pulled over. Are there any clues here? Thanks, -- Jeff From philipp.faeustlin at uni-hohenheim.de Thu Feb 11 17:52:53 2016 From: philipp.faeustlin at uni-hohenheim.de (Test) Date: Thu, 11 Feb 2016 18:52:53 +0100 Subject: Question on setting up dovecot In-Reply-To: <20160211170908.GA8844@cjsa.com> References: <20160211170908.GA8844@cjsa.com> Message-ID: <56BCCA75.8010307@uni-hohenheim.de> Am 11.02.2016 um 18:09 schrieb Jeffery Small: > Many thanks to Joseph Tam and Steffen Kaiser for pointing me to the logging > information that I should have been using in the first place. Now that > I have separate log files and debugging information, I'm still at a loss > to see why the mail is not being pulled over from the Linux system to the > Windows 7 machine. To recap, here is the output from doveconf -n: > > ---------------------------------------------------------------------- > # 2.2.18: /etc/dovecot/dovecot.conf > # Pigeonhole version 0.4.8 (0c4ae064f307+) > # OS: Linux 4.2.0-27-generic x86_64 Ubuntu 15.10 > auth_debug = yes > auth_verbose = yes > disable_plaintext_auth = no > info_log_path = /var/log/dovecot.info > log_path = /var/log/dovecot > mail_debug = yes > mail_location = mbox:~/lib/Mail:INBOX=/var/mail/%u Is the mail_location setting correct? I'm not sure about the mbox format an notation. So check the dovecot wiki for further infos. > passdb { > driver = pam > } > protocols = imap pop3 > ssl_cert = ssl_key = userdb { > driver = passwd > } > userdb { > driver = passwd > } > verbose_ssl = yes > ---------------------------------------------------------------------- > > Here is the configuration logging/debug info: > > ---------------------------------------------------------------------- > log_path = /var/log/dovecot > info_log_path = /var/log/dovecot.info > auth_verbose = yes > auth_debug = yes > mail_debug = yes > verbose_ssl = yes > ---------------------------------------------------------------------- > > And here is the complete set of Debug/Info information logged when Outlook > on the Win7 system attempts a Send/Receive operation. Long lines broken > for readability: > > ---------------------------------------------------------------------- > Feb 11 08:47:49 auth: Debug: Loading modules from directory: \ > /usr/lib/dovecot/modules/auth > Feb 11 08:47:49 auth: Debug: Read auth token secret from \ > /var/run/dovecot/auth-token-secret.dat > Feb 11 08:47:49 auth: Debug: auth client connected (pid=7861) > Feb 11 08:47:49 auth: Debug: client in: AUTH 1 PLAIN \ > service=pop3 session=dF2ST4ErtQDMa1sC \ > lip= rip= \ > lport=110 rport=54453 resp= > Feb 11 08:47:49 auth-worker(7864): Debug: Loading modules from directory: \ > /usr/lib/dovecot/modules/auth > Feb 11 08:47:49 auth-worker(7864): Debug: pam(sherril,): \ > lookup service=dovecot > Feb 11 08:47:49 auth-worker(7864): Debug: pam(sherril,): \ > #1/1 style=1 msg=Password: > Feb 11 08:47:49 auth: Debug: client passdb out: OK 1 user=sherril > Feb 11 08:47:49 auth: Debug: master in: REQUEST 1975517185 7861 1 \ > b48910c85f39498e2fe83277d7e94028 session_pid=7866 > Feb 11 08:47:49 auth-worker(7864): Debug: pam(sherril,): lookup > Feb 11 08:47:49 auth: Debug: master userdb out: USER 1975517185 \ > sherril system_groups_user=sherril uid=1001 gid=1001 \ > home=/u/sherril > Feb 11 08:47:49 pop3-login: Info: Login: user=, method=PLAIN, \ > rip=, lip=, mpid=7866, \ > session= > Feb 11 08:47:49 pop3(sherril): Debug: Effective uid=1001, gid=1001, \ > home=/u/sherril > Feb 11 08:47:49 pop3(sherril): Debug: fs: root=/u/sherril/lib/Mail, \ > index=, indexpvt=, control=, inbox=/var/mail/sherril, alt= Check both directories "/u/sherril/lib/Mail", "/var/mail/sherril" for correct ownership and permissions. > Feb 11 08:47:49 pop3(sherril): Info: Disconnected: Logged out top=0/0, \ > retr=0/0, del=0/3, size=36928 > ---------------------------------------------------------------------- > > There are no errors. We have a pop3 connection. The user's name, > uid, gid, password, home directory are all correct. The inbox is > listed as /var/mail/sherril which is correct, and this file has the > correct ownership and permissions: > > # ls -l /var/mail/sherril > -rw-rw---- 1 sherril mail 194900 Feb 11 09:00 /var/mail/sherril Are there any mails in that directory? Check if it is possible to walk thought the directory tree. If the user doesn't have the right to read /var , he will never reach /var/mail/sherril. > > Yet, no mail is pulled over. Are there any clues here? > > Thanks, > -- > Jeff > Philipp From gary at cpanel.net Thu Feb 11 18:53:26 2016 From: gary at cpanel.net (Gary Stanley) Date: Thu, 11 Feb 2016 13:53:26 -0500 Subject: [BUG] Dovecot 2.2.21 crashing with assertion failed: (!have_wait_unfinished || unfinished_count > 0) Message-ID: <56BCD8A6.8020005@cpanel.net> Hello Dovecot's IMAP process appears to be crashing at random times for a few users, but one is crashing at least 3 to 5 times an hour. I applied these patches per http://dovecot.org/list/dovecot/2016-January/102933.html /https://github.com/dovecot/core/commit/1ddf959a750f3860feff4ab3f0e908f32740978f.diff //https://github.com/dovecot/core/commit/c8e9fa2ffa2566e75f0500808b1bc9bf5d9db024.diff //https://github.com/dovecot/core/commit/15307c2c91854e766bd9fb095d611a29b3f7572e.diff //https://github.com/dovecot/core/commit/c7801f830c7d2e7d340065cdd5a5c795b1726223.diff //https://github.com/dovecot/core/commit/f136b0050b3125b466af73984177250b7ed1a3be.diff / But it's still crashing. # 2.2.21 (5345f22): /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-604.30.3.lve1.3.63.el6.x86_64 x86_64 CloudLinux Server release 6.7 (Aleksei Gubarev) auth_cache_size = 1 k auth_mechanisms = plain login auth_username_chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!#$-=?^_{}~./@+%" disable_plaintext_auth = no first_valid_uid = 201 mail_plugins = " zlib" maildir_very_dirty_syncs = yes namespace { inbox = yes location = mailbox Archive { auto = create special_use = \Archive } mailbox Archives { auto = no special_use = \Archive } mailbox Drafts { auto = subscribe special_use = \Drafts } mailbox Junk { auto = create special_use = \Junk } mailbox Sent { auto = subscribe special_use = \Sent } mailbox "Sent Messages" { auto = no special_use = \Sent } mailbox Trash { auto = subscribe special_use = \Trash } prefix = INBOX. type = private } passdb { args = /usr/local/cpanel/bin/dovecot-wrap driver = checkpassword } plugin { acl = vfile quota = maildir quota_rule = INBOX.Trash:ignore } protocols = imap pop3 service auth { unix_listener auth-client { mode = 0666 } } service imap-login { client_limit = 500 inet_listener imap { address = * } inet_listener imaps { address = * } process_limit = 50 process_min_avail = 2 service_count = 0 vsz_limit = 64 M } service imap { process_limit = 512 vsz_limit = 256 M } service managesieve-login { client_limit = 500 process_limit = 50 process_min_avail = 2 service_count = 0 vsz_limit = 64 M } service managesieve { process_limit = 512 vsz_limit = 256 M } service pop3-login { client_limit = 500 inet_listener pop3 { address = * } inet_listener pop3s { address = * } process_limit = 50 process_min_avail = 2 service_count = 0 vsz_limit = 64 M } service pop3 { process_limit = 512 vsz_limit = 256 M } ssl_cert = 0) Feb 11 18:23:54 gw-ud3 dovecot: imap(xxxx at xxxx.com): Error: Raw backtrace: /usr/lib64/dovecot/libdovecot.so.0(+0x8096a) [0x7f996c47e96a] -> /usr/lib64/dovecot/libdovecot.so.0(+0x809d6) [0x7f996c47e9d6]$ Feb 11 18:23:55 gw-ud3 dovecot: imap(xxxx at xxxx.com): Fatal: master: service(imap): child 329519 killed with signal 6 (core dumped) Here's the backtrace: (gdb) bt full #0 0x00007f046eb2e625 in raise (sig=) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64 resultvar = 0 pid = 98454 selftid = 98454 #1 0x00007f046eb2fe05 in abort () at abort.c:92 save_stage = 2 act = {__sigaction_handler = {sa_handler = 0x2, sa_sigaction = 0x2}, sa_mask = {__val = {139657018134932, 1, 18488448, 0, 139657017886537, 139657017552035, 139657017530872, 206158430224, 140725557583888, 140725557583680, 4362456, 140725557583788, 18440536, 0, 0, 6717455502603727992}}, sa_flags = 1635021663, sa_restorer = 0x7ffd38dee060} sigs = {__val = {32, 0 }} #2 0x00007f046ef10a60 in default_fatal_finish (type=, status=0) at failures.c:201 backtrace = 0x1196158 "/usr/lib64/dovecot/libdovecot.so.0(+0x80a6a) [0x7f046ef10a6a] -> /usr/lib64/dovecot/libdovecot.so.0(+0x80ad6) [0x7f046ef10ad6] -> /usr/lib64/dovecot/libdovecot.so.0(i_error+0) [0x7f046eeb994f] -> dove"... #3 0x00007f046ef10ad6 in i_internal_fatal_handler (ctx=0x7ffd38dee080, format=, args=) at failures.c:670 status = 0 #4 0x00007f046eeb994f in i_panic (format=0x18096
) at failures.c:275 ctx = {type = LOG_TYPE_PANIC, exit_status = 0, timestamp = 0x0, timestamp_usecs = 0} args = {{gp_offset = 40, fp_offset = 48, overflow_arg_area = 0x7ffd38dee160, reg_save_area = 0x7ffd38dee0a0}} #5 0x0000000000418247 in client_continue_pending_input () No symbol table info available. #6 0x00007f046ef22fdb in io_loop_call_io (io=0x11c5860) at ioloop.c:559 ioloop = 0x119e740 t_id = 2 __FUNCTION__ = "io_loop_call_io" #7 0x00007f046ef24577 in io_loop_handler_run_internal (ioloop=) at ioloop-epoll.c:220 ctx = 0x11a0250 events = event = 0x11a10c0 list = 0x11a1c80 io = tv = {tv_sec = 29, tv_usec = 999480} events_count = msecs = ret = 1 i = call = ---Type to continue, or q to quit--- __FUNCTION__ = "io_loop_handler_run_internal" #8 0x00007f046ef23085 in io_loop_handler_run (ioloop=0x119e740) at ioloop.c:607 No locals. #9 0x00007f046ef23228 in io_loop_run (ioloop=0x119e740) at ioloop.c:583 __FUNCTION__ = "io_loop_run" #10 0x00007f046eebeca3 in master_service_run (service=0x119e5e0, callback=) at master-service.c:640 No locals. #11 0x0000000000424c5c in main () No symbol table info available. From e1c1bac6253dc54a1e89ddc046585792 at posteo.net Thu Feb 11 19:12:56 2016 From: e1c1bac6253dc54a1e89ddc046585792 at posteo.net (Philipp Buehler) Date: Thu, 11 Feb 2016 20:12:56 +0100 Subject: Config file syntax in gory detail In-Reply-To: References: Message-ID: <18f3b9779343f2b6347039a8c3d5c88d@posteo.de> Am 11.02.2016 14:56 schrieb Timo Sirainen: > I finally wrote this: Have a beer on that! Many, many thanks. -- pb From przemek.orzechowski at makolab.pl Thu Feb 11 19:21:31 2016 From: przemek.orzechowski at makolab.pl (=?UTF-8?Q?Przemys=c5=82aw_Orzechowski?=) Date: Thu, 11 Feb 2016 20:21:31 +0100 Subject: Question on setting up dovecot In-Reply-To: <20160211170908.GA8844@cjsa.com> References: <20160211170908.GA8844@cjsa.com> Message-ID: <56BCDF3B.6050300@makolab.pl> W dniu 11.02.2016 o 18:09, Jeffery Small pisze: > Many thanks to Joseph Tam and Steffen Kaiser for pointing me to the logging > information that I should have been using in the first place. Now that > I have separate log files and debugging information, I'm still at a loss > to see why the mail is not being pulled over from the Linux system to the > Windows 7 machine. To recap, here is the output from doveconf -n: > > ---------------------------------------------------------------------- > # 2.2.18: /etc/dovecot/dovecot.conf > # Pigeonhole version 0.4.8 (0c4ae064f307+) > # OS: Linux 4.2.0-27-generic x86_64 Ubuntu 15.10 > auth_debug = yes > auth_verbose = yes > disable_plaintext_auth = no > info_log_path = /var/log/dovecot.info > log_path = /var/log/dovecot > mail_debug = yes > mail_location = mbox:~/lib/Mail:INBOX=/var/mail/%u > passdb { > driver = pam > } > protocols = imap pop3 > ssl_cert = ssl_key = userdb { > driver = passwd > } > userdb { > driver = passwd > } > verbose_ssl = yes > ---------------------------------------------------------------------- > > Here is the configuration logging/debug info: > > ---------------------------------------------------------------------- > log_path = /var/log/dovecot > info_log_path = /var/log/dovecot.info > auth_verbose = yes > auth_debug = yes > mail_debug = yes > verbose_ssl = yes > ---------------------------------------------------------------------- > > And here is the complete set of Debug/Info information logged when Outlook > on the Win7 system attempts a Send/Receive operation. Long lines broken > for readability: > > ---------------------------------------------------------------------- > Feb 11 08:47:49 auth: Debug: Loading modules from directory: \ > /usr/lib/dovecot/modules/auth > Feb 11 08:47:49 auth: Debug: Read auth token secret from \ > /var/run/dovecot/auth-token-secret.dat > Feb 11 08:47:49 auth: Debug: auth client connected (pid=7861) > > > cokycody2 at gmail.com 10-Feb-16 13:28 # > 24347 > > > Feb 11 08:47:49 auth: Debug: client in: AUTH 1 PLAIN \ > service=pop3 session=dF2ST4ErtQDMa1sC \ > lip= rip= \ > lport=110 rport=54453 resp= > Feb 11 08:47:49 auth-worker(7864): Debug: Loading modules from directory: \ > /usr/lib/dovecot/modules/auth > Feb 11 08:47:49 auth-worker(7864): Debug: pam(sherril,): \ > lookup service=dovecot > Feb 11 08:47:49 auth-worker(7864): Debug: pam(sherril,): \ > #1/1 style=1 msg=Password: > Feb 11 08:47:49 auth: Debug: client passdb out: OK 1 user=sherril > Feb 11 08:47:49 auth: Debug: master in: REQUEST 1975517185 7861 1 \ > b48910c85f39498e2fe83277d7e94028 session_pid=7866 > Feb 11 08:47:49 auth-worker(7864): Debug: pam(sherril,): lookup > Feb 11 08:47:49 auth: Debug: master userdb out: USER 1975517185 \ > sherril system_groups_user=sherril uid=1001 gid=1001 \ > home=/u/sherril > Feb 11 08:47:49 pop3-login: Info: Login: user=, method=PLAIN, \ > rip=, lip=, mpid=7866, \ > session= > Feb 11 08:47:49 pop3(sherril): Debug: Effective uid=1001, gid=1001, \ > home=/u/sherril > Feb 11 08:47:49 pop3(sherril): Debug: fs: root=/u/sherril/lib/Mail, \ > index=, indexpvt=, control=, inbox=/var/mail/sherril, alt= > Feb 11 08:47:49 pop3(sherril): Info: Disconnected: Logged out top=0/0, \ > retr=0/0, del=0/3, size=36928 > ---------------------------------------------------------------------- Hi For me it seems like outlook problem (we sometimes get strange problems with outlook, most of the time they are caused either by AV software interfering or outlook user profile or .pst file corruption) Have you checked different mail program or even telnet to see for problems? As or anti virus programs we had problems i can say for sure Norton and Kaspersky were problematic, causing unexpected connection failures ie after successfull auth connection was closed. As for outlook problems in most cases of pst coruption we got outlook errors suggesting connection problems. With profile corruption there were quite fiew different problems (outlook not cnnecting, droping connection out of bue, having problem authenticating, repetadly asking for password ...) The best way we found to test it was using different emai client to test if the problem is generic or outlook related in rare cases we used telnet (pop3 is quite simple protocol) As for dovecot side there are some compatibility options for older (hopefully) mail clients outlook related would be pop3_client_workarounds = outlook-no-nuls oe-ns-eoh As for Your log last line suggests there are 3 mails in inbox Info: Disconnected: Logged out top=0/0, retr=0/0, del=0/3, size=36928 top=x/y x- top commands issued (comand to retrive part of message ie headers) y - bytes sent as result retr=x/y x - retr commands issued (client requests to get message) the size is cumulative size of all messages del=x/y x - number of deleted messages y- numer of messages in inbox before any deletes, if there were no deletes total messages in inbox size=x - mailbox size in bytes before any messages were deleted mbox format stores multiple messages in single file You can just du sudo -u sherril cat /var/mail/sherril to see the messages on commandline and at same time check if user sherril has permission to read the file (if im right you are using system users not virual ones) but according to the log everything should be ok. regards Przemek > There are no errors. We have a pop3 connection. The user's name, > uid, gid, password, home directory are all correct. The inbox is > listed as /var/mail/sherril which is correct, and this file has the > correct ownership and permissions: > > # ls -l /var/mail/sherril > -rw-rw---- 1 sherril mail 194900 Feb 11 09:00 /var/mail/sherril > > Yet, no mail is pulled over. Are there any clues here? > > Thanks, > -- > Jeff > From delrio at mie.utoronto.ca Thu Feb 11 19:53:38 2016 From: delrio at mie.utoronto.ca (Oscar del Rio) Date: Thu, 11 Feb 2016 14:53:38 -0500 Subject: Question on setting up dovecot In-Reply-To: <20160211170908.GA8844@cjsa.com> References: <20160211170908.GA8844@cjsa.com> Message-ID: <56BCE6C2.9040005@mie.utoronto.ca> On 02/11/16 12:09 PM, Jeffery Small wrote: > # ls -l /var/mail/sherril > -rw-rw---- 1 sherril mail 194900 Feb 11 09:00 /var/mail/sherril > > Yet, no mail is pulled over. Are there any clues here? http://wiki.dovecot.org/TestInstallation Examples using openssl s_client: openssl s_client -connect server_ip:143 -starttls imap a login username password b list "" * c select INBOX d fetch 1:* flags e fetch 1:* INTERNALDATE f fetch 1:* (body[header.fields (from to subject date)]) g logout openssl s_client -connect server_ip:110 -starttls pop3 user username pass password list retr 1 quit From delrio at mie.utoronto.ca Thu Feb 11 20:07:26 2016 From: delrio at mie.utoronto.ca (Oscar del Rio) Date: Thu, 11 Feb 2016 15:07:26 -0500 Subject: Question on setting up dovecot In-Reply-To: <20160211170908.GA8844@cjsa.com> References: <20160211170908.GA8844@cjsa.com> Message-ID: <56BCE9FE.5080305@mie.utoronto.ca> On 02/11/16 12:09 PM, Jeffery Small wrote: > Feb 11 08:47:49 pop3(sherril): Info: Disconnected: Logged out top=0/0, \ > retr=0/0, del=0/3, size=36928 I think "retr=0/0, del=0/3" means that there are 3 messages but the client (Outlook) did not fetch any. From tss at iki.fi Thu Feb 11 20:46:51 2016 From: tss at iki.fi (Timo Sirainen) Date: Thu, 11 Feb 2016 22:46:51 +0200 Subject: [BUG] Dovecot 2.2.21 crashing with assertion failed: (!have_wait_unfinished || unfinished_count > 0) In-Reply-To: <56BCD8A6.8020005@cpanel.net> References: <56BCD8A6.8020005@cpanel.net> Message-ID: > On 11 Feb 2016, at 20:53, Gary Stanley wrote: > > Hello > > Dovecot's IMAP process appears to be crashing at random times for a few users, but one is crashing at least 3 to 5 times an hour. > > I applied these patches per http://dovecot.org/list/dovecot/2016-January/102933.html > > /https://github.com/dovecot/core/commit/1ddf959a750f3860feff4ab3f0e908f32740978f.diff //https://github.com/dovecot/core/commit/c8e9fa2ffa2566e75f0500808b1bc9bf5d9db024.diff //https://github.com/dovecot/core/commit/15307c2c91854e766bd9fb095d611a29b3f7572e.diff //https://github.com/dovecot/core/commit/c7801f830c7d2e7d340065cdd5a5c795b1726223.diff //https://github.com/dovecot/core/commit/f136b0050b3125b466af73984177250b7ed1a3be.diff / > > But it's still crashing. https://github.com/dovecot/core/commit/759a60c896270a74ef4a94ad348fe3722f183608.diff is still missing at least. I'm not sure if there was one more. From hs at schlittermann.de Thu Feb 11 23:05:27 2016 From: hs at schlittermann.de (Heiko Schlittermann) Date: Fri, 12 Feb 2016 00:05:27 +0100 Subject: Multiple quota rules from LDAP userdb? Message-ID: <20160211230527.GB30205@jumper.schlittermann.de> Hello, I'm just asking myself, how I get multiple quota rules into the LDAP userdb. Dovecot is 2.2.9 userdb_attrs = ? fooQuotaRule=quota_rule=%$ which allows me to have an user db entry as fooQuotaRule: *:storage=1000:messages=50 fooQuotaRule: Trash:storage=500 But, if I'd like to have another quota rule for a submailbox of that user? doveadm user returns the first field only field value uid 500 gid 500 home /volumes/dovecot/home/4b/heiko mail maildir:~:INBOX=/volumes/dovecot/inbox/4b/heiko:INDEX=/volumes/dovecot/cache/4b/heiko quota_rule *:storage=1000:messages=50 Inventing additional LDAP attributs fooQuotaRule2, ... doesn't scale well. Best regards from Dresden/Germany Viele Gr??e aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de ---------------------------- internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} - gnupg encrypted messages are welcome --------------- key ID: F69376CE - ! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ - -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 473 bytes Desc: Digital signature URL: From hs at schlittermann.de Thu Feb 11 23:37:16 2016 From: hs at schlittermann.de (Heiko Schlittermann) Date: Fri, 12 Feb 2016 00:37:16 +0100 Subject: LMTP proxy does not pass RCPT TO: ... 5xx response back Message-ID: <20160211233716.GC30205@jumper.schlittermann.de> Hello, I'm using dovecot 2.2.9 and a director/backend setup. On the director I've the LMTP in proxy mode, mapping the users to one of the backends. The backends to quota check and return the OverQuota message already at RCPT TO time. Here is what I typed, connected to the director Connection to director1 2525 port [tcp/*] succeeded! 220 director1.rz.hs-example.de Dovecot (Ubuntu) ready. LHLO mailhub1.rz.hs-example.de 250-director1.rz.hs-example.de 250-8BITMIME 250-ENHANCEDSTATUSCODES 250 PIPELINING MAIL FROM: 250 2.1.0 OK RCPT TO: 250 2.1.5 OK And here is, what TCPDUMP sees (cut for clarity): 00:22:23.029251 IP6 2001:638:914:f33::5:1.59466 > 2001:638:914:f33::5:ff.2525: Flags [S], 00:22:23.029376 IP6 2001:638:914:f33::5:ff.2525 > 2001:638:914:f33::5:1.59466: Flags [S.], 00:22:23.029660 IP6 2001:638:914:f33::5:1.59466 > 2001:638:914:f33::5:ff.2525: Flags [.], 00:22:23.051436 IP6 2001:638:914:f33::5:ff.2525 > 2001:638:914:f33::5:1.59466: Flags [P.], .7i`.7jN220 backend1.rz.hs-example.de Dovecot (Ubuntu) ready. 00:22:23.051805 IP6 2001:638:914:f33::5:1.59466 > 2001:638:914:f33::5:ff.2525: Flags [.], 00:22:23.052017 IP6 2001:638:914:f33::5:1.59466 > 2001:638:914:f33::5:ff.2525: Flags [P.], .7jT.7i`LHLO director1.rz.hs-example.de 00:22:23.052034 IP6 2001:638:914:f33::5:ff.2525 > 2001:638:914:f33::5:1.59466: Flags [.], 00:22:23.052114 IP6 2001:638:914:f33::5:ff.2525 > 2001:638:914:f33::5:1.59466: Flags [P.], .7ia.7jT250-backend1.rz.hs-example.de 250-XCLIENT ADDR PORT TTL TIMEOUT 250-8BITMIME 250-ENHANCEDSTATUSCODES 250 PIPELINING 00:22:23.052476 IP6 2001:638:914:f33::5:1.59466 > 2001:638:914:f33::5:ff.2525: Flags [P.], 0EH....d...... ..3........ ..8 ..3.........J ..... .7jT.7iaXCLIENT ADDR=2001:638:914:f33::7:1 PORT=60574 TTL=4 TIMEOUT=30 00:22:23.052540 IP6 2001:638:914:f33::5:ff.2525 > 2001:638:914:f33::5:1.59466: Flags [P.], 0EH...E....~e.....3........ ..8 ..3........ ..J .7ia.7jT220 backend1.rz.hs-example.de Dovecot (Ubuntu) ready. 00:22:23.052815 IP6 2001:638:914:f33::5:1.59466 > 2001:638:914:f33::5:ff.2525: Flags [P.], 0E.....s...... ..3........ ..8 ..3.........J ....E .7jT.7iaLHLO director1.rz.hs-example.de 00:22:23.052870 IP6 2001:638:914:f33::5:ff.2525 > 2001:638:914:f33::5:1.59466: Flags [P.], 0E....h....~......3........ ..8 ..3........ ..J .7ia.7jT250-backend1.rz.hs-example.de 250-8BITMIME 250-ENHANCEDSTATUSCODES 250 PIPELINING 00:22:23.053120 IP6 2001:638:914:f33::5:1.59466 > 2001:638:914:f33::5:ff.2525: Flags [P.], 0E.....qJ..... ..3........ ..8 ..3.........J ....h .7jT.7iaMAIL FROM: RCPT TO: 00:22:23.091824 IP6 2001:638:914:f33::5:ff.2525 > 2001:638:914:f33::5:1.59466: Flags [.], 0E.........~,.....3........ ..8 ..3........ ..J .7ik.7jT 00:22:23.119918 IP6 2001:638:914:f33::5:ff.2525 > 2001:638:914:f33::5:1.59466: Flags [P.], 0E.........~......3........ ..8 ..3........ ..J * .7ir.7jT250 2.1.0 OK * 552 5.2.2 Quota exceeded (mailbox for user is full) 00:22:23.158836 IP6 2001:638:914:f33::5:1.59466 > 2001:638:914:f33::5:ff.2525: Flags [.], 0F4....j...... ..3........ ..8 ..3.........J ..... .7jo.7ir 00:27:23.029008 IP6 2001:638:914:f33::5:1.59466 > 2001:638:914:f33::5:ff.2525: Flags [F.], 0F4....E...... ..3........ ..8 ..3.........J ..... It looks as if the backend tells the director/proxy about the full mailbox (552 5.2.2 Quota exceeded (mailbox for user is full)) already before the DATA phase starts, right as the response to the RCPT TO. But the proxy seems to ignore it? Any suggestion? Best regards from Dresden/Germany Viele Gr??e aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de ---------------------------- internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} - gnupg encrypted messages are welcome --------------- key ID: F69376CE - ! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ - -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 473 bytes Desc: Digital signature URL: From jtam.home at gmail.com Thu Feb 11 23:58:21 2016 From: jtam.home at gmail.com (Joseph Tam) Date: Thu, 11 Feb 2016 15:58:21 -0800 (PST) Subject: Question on setting up dovecot In-Reply-To: References: Message-ID: Jeffery Small writes: > There are no errors. We have a pop3 connection. The user's name, > uid, gid, password, home directory are all correct. The inbox is > listed as /var/mail/sherril which is correct, and this file has the > correct ownership and permissions: > > # ls -l /var/mail/sherril > -rw-rw---- 1 sherril mail 194900 Feb 11 09:00 /var/mail/sherril > > Yet, no mail is pulled over. Are there any clues here? OK, the next step might be to try talk POP3 directly to your dovecot server, and see if it responds to some common POP3 requests. You might have to use one of telnet server 110 nc server 110 (or "ncat" or "netcat") openssl s_client -connect server:995 (if using SSL) then test with these commands USER someuser PASS their-password (Should list messages and their sizes) LIST (Should list messages and their UIDLs) UIDL (Retrieve the first message) RETR 1 QUIT If these work, then I would look at the client. If not, check the logs why it failed. > Feb 11 08:47:49 pop3(sherril): Info: Disconnected: Logged out top=0/0, \ > retr=0/0, del=0/3, size=36928 If I read this right, the client never tried to download any messages (no top, no retr). Maybe the client downloaded the UIDLs and figured it already had local copies of those messages. Joseph Tam From gary at cpanel.net Fri Feb 12 00:28:57 2016 From: gary at cpanel.net (Gary Stanley) Date: Thu, 11 Feb 2016 19:28:57 -0500 Subject: [BUG] Dovecot 2.2.21 crashing with assertion failed: (!have_wait_unfinished || unfinished_count > 0) In-Reply-To: References: <56BCD8A6.8020005@cpanel.net> Message-ID: <56BD2749.5010308@cpanel.net> On 2/11/16 3:46 PM, Timo Sirainen wrote: >> On 11 Feb 2016, at 20:53, Gary Stanley wrote: >> >> Hello >> >> Dovecot's IMAP process appears to be crashing at random times for a few users, but one is crashing at least 3 to 5 times an hour. >> >> I applied these patches per http://dovecot.org/list/dovecot/2016-January/102933.html >> >> /https://github.com/dovecot/core/commit/1ddf959a750f3860feff4ab3f0e908f32740978f.diff //https://github.com/dovecot/core/commit/c8e9fa2ffa2566e75f0500808b1bc9bf5d9db024.diff //https://github.com/dovecot/core/commit/15307c2c91854e766bd9fb095d611a29b3f7572e.diff //https://github.com/dovecot/core/commit/c7801f830c7d2e7d340065cdd5a5c795b1726223.diff //https://github.com/dovecot/core/commit/f136b0050b3125b466af73984177250b7ed1a3be.diff / >> >> But it's still crashing. > https://github.com/dovecot/core/commit/759a60c896270a74ef4a94ad348fe3722f183608.diff is still missing at least. I'm not sure if there was one more. To clarify, You want me to add that patch on top of the others ones? From tj at terramar.net Fri Feb 12 03:39:19 2016 From: tj at terramar.net (Tom Johnson) Date: Thu, 11 Feb 2016 19:39:19 -0800 Subject: Autoexpunge on INBOX? And disabling autoexpunge for a mailbox via userdb_import? Message-ID: <984B32C6-9AEA-49A2-AE71-53E999324105@terramar.net> I have autoexpunge working for various special_use mailboxes, but I'd like it to optionally be used for users for their inbox as well. I'd also like to be able to disable autoexpunge for some users for certain directories. Is it possible to specify an autoexpunge period for the main inbox? And can autoexpunge be turned off via userdb_import? Here's some detail behind my questions: I have the following in 15-mailboxes.conf, and all is working great for the autoexpunge feature for the Junk and Trash mailboxes: namespace inbox { separator = . mailbox Drafts { auto = subscribe special_use = \Drafts } mailbox Junk { auto = subscribe special_use = \Junk autoexpunge = 15d } mailbox Trash { auto = subscribe special_use = \Trash autoexpunge = 15d } mailbox Sent { auto = subscribe special_use = \Sent } } And I can change the autoexpunge field for those mailboxes via userdb_import in a SQL query - that's working great. But I would like for some users to expire the main inbox and the Sent mailbox, and for others for there to be no expiration. Imagine a scenario where there are users who get a maximum of 15 days of storage - everything older than that should expire out. Other users are standard email users - their inboxes, personal folders, Sent mail should never expire. Adding autoexpunge to the main mailbox gives an error: namespace inbox { separator = . autoexpunge = 999d ... ... } doveconf: Fatal: Error in configuration file /etc/dovecot/conf.d/15-mailboxes.conf line 48: Unknown setting: autoexpunge So is there a way to add an autoexpunge setting to the main inbox? And can I set autoexpunge to 0 via userdb_import to disable autoexpunge for a particular mailbox? That doesn't give any error, but does it properly disable autoexpunge for that mailbox? Thanks- Tom From jeff at cjsa.com Fri Feb 12 04:13:43 2016 From: jeff at cjsa.com (Jeffery Small) Date: Thu, 11 Feb 2016 20:13:43 -0800 Subject: Question on setting up dovecot In-Reply-To: <20160211170908.GA8844@cjsa.com> References: <20160211170908.GA8844@cjsa.com> Message-ID: <20160212041343.GA18756@cjsa.com> I'm just getting around to reading all the helpful messages regarding my problem and will be trying out each of the suggestions. A very big thanks to everyone for the supportive help. I'll let you know what I discover. In the meantime I wanted to mention one additional thing. I am switching mail over from a Solaris server to a newer Linux box and Outlook on this Windows 7 machine has and continues to successfully communicate with the Solaris system, downloading all the mail. I can take the mail file from the Linux /var/mail directory, transfer it over to the Solaris machine, point the Windows machine at that server, and it downloads the mail without a problem, so if Outlook is part of the trouble, it is due to some unique interaction with dovecot. All file permissions and ownership are identical on both servers. So there is some subtle issue here that I just haven't nailed down. Regards, -- Jeff From bra at fsn.hu Fri Feb 12 07:58:28 2016 From: bra at fsn.hu (Nagy, Attila) Date: Fri, 12 Feb 2016 08:58:28 +0100 Subject: RFC: HTTP based storage API In-Reply-To: <20160210215030.54532004@ulgy_thing> References: <20160210215030.54532004@ulgy_thing> Message-ID: <56BD90A4.4080406@fsn.hu> On 02/11/16 03:50, David Niklas wrote: > On 08 Feb 2016, at 11:01, Nagy, Attila wrote: >> Nearly every popular programming language has an LMTP/POP/IMAP >> implementation, most of them suck in many different ways. >> I don't know any server or library which provides a well-established, >> compatible protocol frontend with an open backend API, which could be >> used to easily make a custom storage backend for the LMTP/POP/IMAP >> frontend in any language, in any programming paradigm, irregardless >> of the frontend implementation. > Sorry to come in late, but as a curl lover I'd like to know what is wrong > with their implementation of pop3 and imap (project homepage > curl.haxx.se). > Well, most of the time it quickly turns out these are just partial addons, with so basic bugs, like #1456 was. There is a reason why postfix, dovecot and others have so many man-hours in them. BTW, this is about a server implementation... From skdovecot at smail.inf.fh-brs.de Fri Feb 12 08:53:06 2016 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Fri, 12 Feb 2016 09:53:06 +0100 (CET) Subject: Question on setting up dovecot In-Reply-To: <56BCDF3B.6050300@makolab.pl> References: <20160211170908.GA8844@cjsa.com> <56BCDF3B.6050300@makolab.pl> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 11 Feb 2016, Przemys?aw Orzechowski wrote: >> Feb 11 08:47:49 pop3(sherril): Debug: Effective uid=1001, gid=1001, \ >> home=/u/sherril >> Feb 11 08:47:49 pop3(sherril): Debug: fs: root=/u/sherril/lib/Mail, \ >> index=, indexpvt=, control=, inbox=/var/mail/sherril, alt= >> Feb 11 08:47:49 pop3(sherril): Info: Disconnected: Logged out top=0/0, \ >> retr=0/0, del=0/3, size=36928 >> ---------------------------------------------------------------------- > As for Your log last line suggests there are 3 mails in inbox > > Info: Disconnected: Logged out top=0/0, retr=0/0, del=0/3, size=36928 I think Przemys?aw is right, deliver a new message to /var/mail/sherril and try again. Has Outlook configured to "keep messages on server"? That would make sense to not delete the messages. >> # ls -l /var/mail/sherril >> -rw-rw---- 1 sherril mail 194900 Feb 11 09:00 /var/mail/sherril >> >> Yet, no mail is pulled over. Are there any clues here? maybe because the MUA thinks they are old? You need a new one. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVr2dcnz1H7kL/d9rAQLY3wgAiS5untAczJU9a7Vc/HJLp51eJioztq9U HTcRWCxzVzv0qxHsc6gwQqjKbM13MnPCz62SueeM1NVSgBXH5cIZiDrwENaOJSYy t0QhCJS1xJPhveNPplu/YUVr+8GqC4yRv5+gKKRFg4QFWkZuLLfDh3naOeV1Or22 DJ65qCFPe66h/4B+wTJeWNQWru/Ne97mPWr8Jt6nMhvt17duR0PvpTuJE+bo36ob 2WqLCzLPOXJXcGko6CNDxG1gYAe84AQJRGdbI1zs91/+MyQ2usxlrIj7SmOYPMx0 GIlpJ9Wiu8eMm9O/Zgpf/5VBN6Y8wrNMYXn5wQ/LB36XweqwTKQjFg== =jDAl -----END PGP SIGNATURE----- From skdovecot at smail.inf.fh-brs.de Fri Feb 12 08:59:40 2016 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Fri, 12 Feb 2016 09:59:40 +0100 (CET) Subject: Multiple quota rules from LDAP userdb? In-Reply-To: <20160211230527.GB30205@jumper.schlittermann.de> References: <20160211230527.GB30205@jumper.schlittermann.de> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, 12 Feb 2016, Heiko Schlittermann wrote: > But, if I'd like to have another quota rule for a submailbox of that > user? > > Inventing additional LDAP attributs fooQuotaRule2, ... doesn't scale well. But that's how the config file work as well. Would you suggest the {#} approach OpenLDAP uses for its configuation? However, there is the generic User Extra Field: userdb_import http://wiki2.dovecot.org/UserDatabase/ExtraFields?highlight=%28userdb_impor%29 That's way you can add several settings in one LDAP attribute. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVr2e/Hz1H7kL/d9rAQJymgf+NFQz+VtBvloFkfMBxCAp0p4UEDPaBa2N SEHfc+QiGzQnmppVC99W6ZZD1+mP6rMAv6JlXHqPMSzxYnMSnlvL/hhcV/lm5ECm O3DwQ4AEtywMorf08l93lJWi/aRnPI4KYlrFaQrauxeN24FHJNpdr9XnIyOJFqYM hTHWrgfAaU5iDAfu+bxS38bdoN00f4XnNJbaFQp2Su26GrIzKO+1L287+ZyG94Oc a3+rSScG5EQndN1gaBxZBOIvCF5eh+qYAEl82xIJ00q680ooaWW2xpJ6TiNTTDsG dkfwuxRK35wvE8g8lCrIBPhr1tnGWKZEbi/L6HrGREWXUOHUe13KEg== =Wosc -----END PGP SIGNATURE----- From skdovecot at smail.inf.fh-brs.de Fri Feb 12 09:07:08 2016 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Fri, 12 Feb 2016 10:07:08 +0100 (CET) Subject: Autoexpunge on INBOX? And disabling autoexpunge for a mailbox via userdb_import? In-Reply-To: <984B32C6-9AEA-49A2-AE71-53E999324105@terramar.net> References: <984B32C6-9AEA-49A2-AE71-53E999324105@terramar.net> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 11 Feb 2016, Tom Johnson wrote: > Is it possible to specify an autoexpunge period for the main inbox? And can autoexpunge be turned off via userdb_import? I would make it the other way round: enabled it via userdb_import. > I have the following in 15-mailboxes.conf, and all is working great for the autoexpunge feature for the Junk and Trash mailboxes: > > namespace inbox { > separator = . > mailbox Drafts { > auto = subscribe > special_use = \Drafts > } > } > > Adding autoexpunge to the main mailbox gives an error: > > namespace inbox { > separator = . > autoexpunge = 999d > ... > ... > } autoexpunge must be part of a mailbox section. At least you must try: namespace inbox { mailbox Inbox { } } according: http://wiki2.dovecot.org/MailboxSettings?highlight=%28autoexpunge%29 "The mailbox section name specifies the mailbox name. If it has spaces, you can put it in "quotes"." Inbox should work. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVr2gvHz1H7kL/d9rAQKoqAgAs18V2VaOA2F0yJorkPisX4a2Zkrwb2yj t+fb+srGkotcoXpjresiFWh58yceVBX2On007T5EFZI78j98aNKx8/MTc2XGUkzZ 9DRPXTVxub2yJXEVXdFufSKJ0QHuVByOVb68sTjQIZSDqCbpaE/BTdQ+4JbhYksR Z4NQRknYvlrq6b24UoEsTn4mjpRRou+Cir3njo+j5G3vSiipaPB1tJ6OhHVmsEfc kisV4LBsGjGnD5p9peb/PYLLEYnLEEoNUoSf44e3vY3VOHTfCnY1NC4Wn7N44L0R BTxteX7APMy7BdmibgK3aArbat19AGnH5mTr3D/DfPyvoCBk9g62OQ== =89cb -----END PGP SIGNATURE----- From hs at schlittermann.de Fri Feb 12 10:06:42 2016 From: hs at schlittermann.de (Heiko Schlittermann) Date: Fri, 12 Feb 2016 11:06:42 +0100 Subject: Multiple quota rules from LDAP userdb? In-Reply-To: References: <20160211230527.GB30205@jumper.schlittermann.de> Message-ID: <20160212100642.GE30205@jumper.schlittermann.de> Steffen Kaiser (Fr 12 Feb 2016 09:59:40 CET): > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Fri, 12 Feb 2016, Heiko Schlittermann wrote: > > >But, if I'd like to have another quota rule for a submailbox of that > >user? > > > >Inventing additional LDAP attributs fooQuotaRule2, ... doesn't scale well. > > But that's how the config file work as well. Would you suggest the {#} > approach OpenLDAP uses for its configuation? Yes. It was the approach I tested, but it didn't work. Even w/o the {#}, dovecot seems to ignore all but the first attribute. The {#} would be useful if Dovecot reads all attributes AND if the order of the attribute's values matters. > However, there is the generic User Extra Field: > userdb_import Hm, thank you. I can try this as a work around. Best regards from Dresden/Germany Viele Gr??e aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de ---------------------------- internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} - gnupg encrypted messages are welcome --------------- key ID: F69376CE - ! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ - -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 473 bytes Desc: Digital signature URL: From whats_up at gmx.net Fri Feb 12 12:56:49 2016 From: whats_up at gmx.net (whats_up at gmx.net) Date: Fri, 12 Feb 2016 13:56:49 +0100 Subject: sieve: store string list in varable Message-ID: Hi, I'm working on a Sieve script and want to store a list of addresses in a variable to easily access the list multiple times later. For example I want to transform this: if address :is "from" ["daffy.duck at example.com", "porky.pig at example.com", "speedy.gonzales at example.com"] { fileinto "friends"; } into something like this: require ["fileinto", "variables"]; set "friends" ["daffy.duck at example.com", "porky.pig at example.com", "speedy.gonzales at example.com"] if address :is "from" $friends { fileinto "friends"; } Any ideas on this? regards Knut From stephan at rename-it.nl Fri Feb 12 13:18:55 2016 From: stephan at rename-it.nl (Stephan Bosch) Date: Fri, 12 Feb 2016 14:18:55 +0100 Subject: sieve: store string list in varable In-Reply-To: References: Message-ID: <56BDDBBF.6000209@rename-it.nl> Op 12-2-2016 om 13:56 schreef whats_up at gmx.net: > Hi, > > I'm working on a Sieve script and want to store a list of addresses in a variable to easily access the list multiple times later. > > For example I want to transform this: > > > if address :is "from" ["daffy.duck at example.com", "porky.pig at example.com", "speedy.gonzales at example.com"] { > fileinto "friends"; > } > > > into something like this: > > > require ["fileinto", "variables"]; > > set "friends" ["daffy.duck at example.com", "porky.pig at example.com", "speedy.gonzales at example.com"] > > if address :is "from" $friends { > fileinto "friends"; > } > > > Any ideas on this? This is one of those omissions in the Sieve standard. There is no way to have string list variables. Regards, Stephan. From CMarcus at Media-Brokers.com Fri Feb 12 16:09:12 2016 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Fri, 12 Feb 2016 11:09:12 -0500 Subject: Lots of zero-byte hard link files in cur (and new/tmp), cannot see messages in folder In-Reply-To: References: <56B8CD4B.7070107@Media-Brokers.com> Message-ID: <56BE03A8.8020904@Media-Brokers.com> Just to close this out... as I said, this is on a hosted (cheapo) dreamhost account, and their support was - well, crap. I was trying to provide suggestions for commands they could run, but I finally gave up. They were able to get me a 'tarbell' (thought it was a typo when I first saw it, but they used the exact same word many times over multiple emails, so... ) of the folder, so I was able to restore it to my own dovecot server, and I discovered it was actually crashing dovecot after a few minutes after a select (clicked on folder). Interestingly, I accidentally fixed it by simply decompressing it on my Windows box - all of those hardlinks gave errors, and when it was finished, they were not in the resulting uncompressed folder. Restoring that to my dovecot server and deleting the index files resulted in a successful restoration of the mails. On 2/9/2016 2:02 AM, Steffen Kaiser wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Mon, 8 Feb 2016, Charles Marcus wrote: > >> My problem is, one of my most used folders, which was working fine up >> until a week or so ago, stopped loading the messages, and after some >> frustrating troubleshooting via email with people who don't listen very >> well, I finally got a tarball of this folder, and they are using maildir. >> >> There are about 24,000 messages in there (non-zero-byte files). This >> number sounds about right. All other folders (including INBOX, Sent, >> etc) are still working fine. >> >> The problem, though, is there are over 815,000 zero-byte-files in the >> cur directory, all showing as hardlinks (looks like maybe a whole bunch >> of duplicates for each of the real message files in the cur directory). > "zero-byte-files ... showing as hardlinks" > > You mean this: > > hrw-r--r-- user/group 0 2016-02-09 07:26 ./2 link to ./1 > > ? > > This is a pseudo-notation of tar to indicate hardlinks. This is no > zero-byte file. yes, these entries are duplicates of other messages. > > Note, https://en.wikipedia.org/wiki/Hard_link > if two files are hardlinked together, there is no "to" or "from". You > cannot tell, which existed before. They just indicate that those directory > entries point to the same physical file with the same access rights and > times and data. > Extract the tar file to a Unix-like, inode-based filesystem supporting > hardlinks to see. > >> There are also 43 non-zero-byte message files in the new directory, and >> 1,515 of these zero-byte hardlinks (to message files in the new directory). >> There are also no non-zero-byte message files in the tmp directory, but >> there are 52 of the hardlinks, linked to something in the new directory. > if there is such entry in the tmp directory, it indicates a failed > delivery attempt. If one entry in "tmp" is hardlinked to one entry in > "new" of the same mailbox, it may indicate that the message was to spool > into another mailbox (via hardlink, too), which failed fatally. > > Is it possible that those messages are messages from your hoster and the > message was to spool to many user mailboxes? > >> I've never seen any of these kinds of zero-byte files before on the one >> server I managed for a long time (not shared, just used for a single >> domain). > See above. > >> Anyone ever seen this before? > What does "stopped loading messages" mean? > > The MUA cannot download messages? > > Check if the server returns OK selecting the mailbox and if the numbers > match, see > http://wiki2.dovecot.org/TestInstallation > > You could use > > a select INBOX > b copy 1 "mailbox-name" > > to copy a new message there and re-select the broken mailbox and compare > the numbers. > > Also you could test, if the server crashes on a message in the mailbox, > try > > c fetch 1:* BODY.PEEK[HEADER.FIELDS (SUBJECT)] > c FETCH 1:* FLAGS > c FETCH 1:* BODY[TEXT] > >> Would running: >> >> doveadm index -u myuser * > only, if the index is corrupt. > >> or >> >> doveadm force-resync -u myuser * > you can run doveadm, but cannot doveconf on the server? > >> be appropriate commands to try to repair the damage (whatever it is)? >> >> Any other commands I could suggest running? >> >> Thanks. I know I haven't given much to go on. > - -- > Steffen Kaiser > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1 > > iQEVAwUBVrmPFHz1H7kL/d9rAQKGUAgAllyxylzcN+4+jvnB7rlxPwFF0/QbxbZb > hHCVbLI5J0nL4BVaj8De1uY3TGW09HIf5p6DLoX0O0k+4tmvSKBSJASNZypF9Dco > ELQbSoJCXL+fhOodsXxHXzfMJFVAM79Ly/2IPLsvHQclEUklrKKK7BXvpkqQmVKY > Bos1ZWi0Ctl2pCZzG//dyz7ZRgkyr2j6MF/LaHRcmK0kOZT9fM8lfxPcYOY3ynOm > xEjqDTP6iZtTMrpqm4YOMMhtXho0JmGVnLlO4HCdb9bMJzSwe/ZBw2Y2WoyuXwiL > 4dmZ2r6WRQ+OM18aWGkDWQ3STenmuZUT4q7U3t1ObhnJw2xnLt0AJg== > =oCQf > -----END PGP SIGNATURE----- From gsomlo at gmail.com Fri Feb 12 19:25:51 2016 From: gsomlo at gmail.com (Gabriel L. Somlo) Date: Fri, 12 Feb 2016 14:25:51 -0500 Subject: Automatically inferring %d on multi-domain virtual install ? Message-ID: <20160212192550.GR16357@HEDWIG.INI.CMU.EDU> Hi, I'm trying to allow domain-less logins for a multi-domain virtual IMAP server, and wondering if I can automatically infer the domain (value of variable %d) from the local IP (%l) or the hostname used by the client when connecting to my server. Let's say I have two host names: mail.foo.org (10.0.0.100) and mail.bar.com (10.0.0.200), with forward and reverse DNS configured to resolve A and PTR records in either direction. Let's also say I have 10.0.0.100 and 10.0.0.200 set up as secondaries on my server's loopback interface, and routing is set up to bring client traffic to me for both of those IP addresses. The relevant bits of my dovecot.conf are: ---%<------------------------------------------------------------------ mail_location = maildir:/var/lib/vmail/%d/%n passdb { driver = passwd-file args = /var/lib/vmail/etc/postfix/userdb } userdb { driver = static args = uid=dovenull gid=dovenull home=/var/lib/vmail/%d/%n } ---%<------------------------------------------------------------------ And my userdb passwd-file right now includes: ---%<------------------------------------------------------------------ user1 at foo.org:{PLAIN}user1foo user2 at foo.org:{PLAIN}user2foo user1 at bar.com:{PLAIN}user1bar user2 at bar.com:{PLAIN}user2bar ---%<------------------------------------------------------------------ Right now, user1 at foo.org must configure their imap client like so: IMAP server: mail.foo.org username: user1 at foo.org password: user1foo I would like to require this (and other) users to only have to set: IMAP server: mail.foo.org username: user1 password: ... and have dovecot somehow infer the "@foo.org" domain based on the fact that the connection was made to 10.0.0.100, which is mail.foo.org, and therefore the domain can *only* be "@foo.org". I could start out by splitting my user database into two files: userdb.foo.org ---%<------------------------------------------------------------------ user1:{PLAIN}user1foo user2:{PLAIN}user2foo ---%<------------------------------------------------------------------ userdb.bar.com ---%<------------------------------------------------------------------ user1:{PLAIN}user1bar user2:{PLAIN}user2bar ---%<------------------------------------------------------------------ ... then modify dovecot.conf's passdb setup like so: ---%<------------------------------------------------------------------ passdb { driver = passwd-file args = /var/lib/vmail/etc/postfix/userdb.%d } ---%<------------------------------------------------------------------ ... but how would I insure that %d is set to the proper value based on e.g. a reverse lookup of %l, which, in foo.org's case would be 10.0.0.100, and resolve to mail.foo.org, and *somehow* that would match %d == "@foo.org" ? Is this even possible in the first place, or am I just being too fussy about the aesthetics of my users' imap client config files ? :) :) Thanks much, --Gabriel From hs at schlittermann.de Fri Feb 12 22:36:02 2016 From: hs at schlittermann.de (Heiko Schlittermann) Date: Fri, 12 Feb 2016 23:36:02 +0100 Subject: Segmentation fault on doveadm search -A with a huge user base Message-ID: <20160212223602.GH30205@jumper.schlittermann.de> Hi, I'm using dovecot 2.2.9 with a director/backend setup. The user base is about 4711 users currently. If I start at one of the directors doveadm search -A all savedbefore 5000d it terminates with doveadm(1rrissma): Error: doveadm server disconnected before handshake: EOF doveadm(1rrissma): Error: 2001:638:913:f33::5:ff:24245: Command search failed for 1phaaman: EOF doveadm(1rrissma): Error: doveadm server failure doveadm: Error: Failed to iterate through some users The backend logs about that ... Feb 12 23:09:41 backend1 dovecot: doveadm(2001:638:913:f33::5:1,1mstrei2): Error: doveadm search: Client sent unknown parameter: ? Feb 12 23:09:41 backend1 dovecot: doveadm: Error: search: invalid option -- '5' Feb 12 23:09:41 backend1 dovecot: doveadm(2001:638:913:f33::5:1,1mstrei2): Error: doveadm search: Client sent unknown parameter: ? Feb 12 23:09:41 backend1 dovecot: doveadm: Error: search: invalid option -- '5' Feb 12 23:09:41 backend1 dovecot: doveadm(2001:638:913:f33::5:1,1mstrei2): Error: doveadm search: Client sent unknown parameter: ? Feb 12 23:09:41 backend1 dovecot: doveadm: Error: search: invalid option -- '0' Feb 12 23:09:41 backend1 dovecot: doveadm(2001:638:913:f33::5:1,1mstrei2): Error: doveadm search: Client sent unknown parameter: ? Feb 12 23:09:41 backend1 dovecot: doveadm: Error: search: invalid option -- '0' Feb 12 23:09:41 backend1 dovecot: doveadm(2001:638:913:f33::5:1,1mstrei2): Error: doveadm search: Client sent unknown parameter: ? Feb 12 23:09:41 backend1 dovecot: doveadm: Error: search: invalid option -- '0' Feb 12 23:09:41 backend1 dovecot: doveadm(2001:638:913:f33::5:1,1mstrei2): Error: doveadm search: Client sent unknown parameter: ? Feb 12 23:09:41 backend1 dovecot: doveadm: Error: search: invalid option -- 'd' Feb 12 23:09:41 backend1 dovecot: doveadm(2001:638:913:f33::5:1,1mstrei2): Error: doveadm search: Client sent unknown parameter: ? Feb 12 23:09:41 backend1 dovecot: doveadm(2001:638:913:f33::5:1,1mstrei2): Fatal: master: service(doveadm): child 11235 killed with signal 11 (core dumped) Is this a known behaviour and fixed already, or do I need to do more investigation? (PS: Running the same command on one of the backends works w/o failure) Best regards from Dresden/Germany Viele Gr??e aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de ---------------------------- internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} - gnupg encrypted messages are welcome --------------- key ID: F69376CE - ! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ - -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 473 bytes Desc: Digital signature URL: From f0andrey at gmail.com Fri Feb 12 23:01:01 2016 From: f0andrey at gmail.com (Andrey Fesenko) Date: Sat, 13 Feb 2016 02:01:01 +0300 Subject: Segmentation fault on doveadm search -A with a huge user base In-Reply-To: <20160212223602.GH30205@jumper.schlittermann.de> References: <20160212223602.GH30205@jumper.schlittermann.de> Message-ID: On Sat, Feb 13, 2016 at 1:36 AM, Heiko Schlittermann wrote: > Hi, > > I'm using dovecot 2.2.9 with a director/backend setup. The user base is > about 4711 users currently. > > If I start at one of the directors > > doveadm search -A all savedbefore 5000d > > it terminates with > > doveadm(1rrissma): Error: doveadm server disconnected before handshake: EOF > doveadm(1rrissma): Error: 2001:638:913:f33::5:ff:24245: Command search failed for 1phaaman: EOF > doveadm(1rrissma): Error: doveadm server failure > doveadm: Error: Failed to iterate through some users > > The backend logs about that > > ... > Feb 12 23:09:41 backend1 dovecot: doveadm(2001:638:913:f33::5:1,1mstrei2): Error: doveadm search: Client sent unknown parameter: ? > Feb 12 23:09:41 backend1 dovecot: doveadm: Error: search: invalid option -- '5' > Feb 12 23:09:41 backend1 dovecot: doveadm(2001:638:913:f33::5:1,1mstrei2): Error: doveadm search: Client sent unknown parameter: ? > Feb 12 23:09:41 backend1 dovecot: doveadm: Error: search: invalid option -- '5' > Feb 12 23:09:41 backend1 dovecot: doveadm(2001:638:913:f33::5:1,1mstrei2): Error: doveadm search: Client sent unknown parameter: ? > Feb 12 23:09:41 backend1 dovecot: doveadm: Error: search: invalid option -- '0' > Feb 12 23:09:41 backend1 dovecot: doveadm(2001:638:913:f33::5:1,1mstrei2): Error: doveadm search: Client sent unknown parameter: ? > Feb 12 23:09:41 backend1 dovecot: doveadm: Error: search: invalid option -- '0' > Feb 12 23:09:41 backend1 dovecot: doveadm(2001:638:913:f33::5:1,1mstrei2): Error: doveadm search: Client sent unknown parameter: ? > Feb 12 23:09:41 backend1 dovecot: doveadm: Error: search: invalid option -- '0' > Feb 12 23:09:41 backend1 dovecot: doveadm(2001:638:913:f33::5:1,1mstrei2): Error: doveadm search: Client sent unknown parameter: ? > Feb 12 23:09:41 backend1 dovecot: doveadm: Error: search: invalid option -- 'd' > Feb 12 23:09:41 backend1 dovecot: doveadm(2001:638:913:f33::5:1,1mstrei2): Error: doveadm search: Client sent unknown parameter: ? > Feb 12 23:09:41 backend1 dovecot: doveadm(2001:638:913:f33::5:1,1mstrei2): Fatal: master: service(doveadm): child 11235 killed with signal 11 (core dumped) > > Is this a known behaviour and fixed already, or do I need to do more > investigation? > > (PS: Running the same command on one of the backends works w/o failure) > For dovecot with LDAP we make this After fix dovecot-ldap.conf user_filter = (&(objectClass=posixAccount)(uid=%u)(BackendHost=backend1.wibble.net)) pass_attrs = uid=user,userPassword=password pass_filter = (&(objectClass=posixAccount)(uid=%u)) # For using doveadm -A: iterate_attrs = uid=user iterate_filter = (&(objectClass=posixAccount)(BackendHost=backend1.wibble.net)) Work perfect > doveadm: Error: Failed to iterate through some users Need more search limit in LDAP http://dovecot.org/list/dovecot/2016-February/103118.html From hs at schlittermann.de Fri Feb 12 23:34:47 2016 From: hs at schlittermann.de (Heiko Schlittermann) Date: Sat, 13 Feb 2016 00:34:47 +0100 Subject: Segmentation fault on doveadm search -A with a huge user base In-Reply-To: References: <20160212223602.GH30205@jumper.schlittermann.de> Message-ID: <20160212233447.GI30205@jumper.schlittermann.de> Andrey Fesenko (Sa 13 Feb 2016 00:01:01 CET): ? Thank you for your fast response? doveadm user \* works on the director, gives us 4711 users. The LDAP limits are 'unlimited'. > For dovecot with LDAP we make this > After fix dovecot-ldap.conf > > user_filter = (&(objectClass=posixAccount)(uid=%u)(BackendHost=backend1.wibble.net)) > pass_attrs = uid=user,userPassword=password > pass_filter = (&(objectClass=posixAccount)(uid=%u)) > # For using doveadm -A: > iterate_attrs = uid=user > iterate_filter = (&(objectClass=posixAccount)(BackendHost=backend1.wibble.net)) > > Work perfect > > > doveadm: Error: Failed to iterate through some users Yes, but I *can* iterate through the users? # ldapsearch -x -w $( From cedric.malitte at gmail.com Sat Feb 13 03:00:03 2016 From: cedric.malitte at gmail.com (Cedric Malitte) Date: Fri, 12 Feb 2016 22:00:03 -0500 Subject: Redundant and Geobalancing setup Message-ID: Hi, I use dovecot for a long time now, but only as a single isolated server each time. I joined a company a few years back. We had trouble with compagnies hosting our mail, supposedly full redundant and so on. The company is small, but we have many dealers around the world, and it's growing. Mail became the fist choice for clients to contact the dealers. No mail, and we loose sales. For now we have a single server ( with a backup ) on east coast. And sometimes peoples from EU complain about speed.... ah users :) What I'd like to implement is a redundant system with 2 servers, one in NA, one in EU. And I'd also like to be able to add another server if needed on the west coast. Idea is, that if a server goes down, the users will be able to still receive and send mails, and never loose mails. For geobalacing and failover, I read that I can do it with DNS ( I'm with easydns ). I'm at the first stage where I collect informations that I try to understand and foresee a solution. First idea is to set up servers with a mysql master, slaves and a glusterfs in replica mode on the servers. I tried glusterfs on FreeBSD and OMG, it's slow as hell ! ( well maybe it's a trouble on the VMs nics ) On centos it's way better. But I read there might be trouble/index corruption for the mail storage on "shared" space using maildir. I also had a look at dsync, but I wonder if it can be used on more than 2 servers. I found many pages on dovecot clusters using shared storage NFS mounted, but I feel it's not really what I need as the servers will be in different datacenters. So any guide, clue hint would be really appreciated for me to do my homework ! Regards. Cedric From rs at sys4.de Sat Feb 13 21:05:10 2016 From: rs at sys4.de (Robert Schetterer) Date: Sat, 13 Feb 2016 22:05:10 +0100 Subject: Redundant and Geobalancing setup In-Reply-To: References: Message-ID: <56BF9A86.1060602@sys4.de> Am 13.02.2016 um 04:00 schrieb Cedric Malitte: > Hi, > > I use dovecot for a long time now, but only as a single isolated server > each time. > > I joined a company a few years back. We had trouble with compagnies hosting > our mail, supposedly full redundant and so on. > > The company is small, but we have many dealers around the world, and it's > growing. > > Mail became the fist choice for clients to contact the dealers. > No mail, and we loose sales. > > For now we have a single server ( with a backup ) on east coast. > And sometimes peoples from EU complain about speed.... ah users :) > > What I'd like to implement is a redundant system with 2 servers, one in NA, > one in EU. > And I'd also like to be able to add another server if needed on the west > coast. > > Idea is, that if a server goes down, the users will be able to still > receive and send mails, and never loose mails. > > For geobalacing and failover, I read that I can do it with DNS ( I'm with > easydns ). > > I'm at the first stage where I collect informations that I try to > understand and foresee a solution. > > First idea is to set up servers with a mysql master, slaves and a glusterfs > in replica mode on the servers. > I tried glusterfs on FreeBSD and OMG, it's slow as hell ! ( well maybe it's > a trouble on the VMs nics ) > On centos it's way better. > But I read there might be trouble/index corruption for the mail storage on > "shared" space using maildir. > > I also had a look at dsync, but I wonder if it can be used on more than 2 > servers. > > I found many pages on dovecot clusters using shared storage NFS mounted, > but I feel it's not really what I need as the servers will be in different > datacenters. > > So any guide, clue hint would be really appreciated for me to do my > homework ! > > Regards. > > Cedric > complicated and expensive for a small company why not have one imap server in US and the other in EU so US Users should have their Mailboxes on the US Server EU users should have their Mailboxes on the EU Server Smtp you might manage via smtp routing, perhaps with subdomains us eu and aliasing Or you might take some paid service which has geo stuff allready up and and running, dont try or think of doing it yourself, unlees youre a guru Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein From hs at schlittermann.de Sat Feb 13 22:24:11 2016 From: hs at schlittermann.de (Heiko Schlittermann) Date: Sat, 13 Feb 2016 23:24:11 +0100 Subject: ANNOTATE plugin? Squirrel uses it for EXPIRATION information Message-ID: <20160213222411.GJ30205@jumper.schlittermann.de> Hi, it seems that Squirrel mail uses Mailbox annotations for storing Expire times on the Server. It's an Cyrus server currently. (I've no clue how cyrexpire is able to read it's information from the annotiations) Does dovecot support some similiar mechanism? Or - does anybody know anything about how it's supposed to work on Cyrus and how it can be emulated/simulated with dovecot? Thanks in advance, Best regards from Dresden/Germany Viele Gr??e aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de ---------------------------- internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} - gnupg encrypted messages are welcome --------------- key ID: F69376CE - ! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ - -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 473 bytes Desc: Digital signature URL: From cedric.malitte at gmail.com Sun Feb 14 06:15:43 2016 From: cedric.malitte at gmail.com (Cedric Malitte) Date: Sun, 14 Feb 2016 01:15:43 -0500 Subject: Redundant and Geobalancing setup In-Reply-To: <56BF9A86.1060602@sys4.de> References: <56BF9A86.1060602@sys4.de> Message-ID: Thanks Robert, Having 2 separate servers would mean domain splitting in a way. So I'll have to dispatch incoming mail, and maintain 2 or more users databases. Well I could only maintain one, and let the DB replicate itself to other servers and only grab the users they are allowed to. We have many domain aliases for many countries and a dozen users traveling around the globe. So geo balacing would not be the best for them. But the redundancy is missing.... if one server goes down, I loose a bunch of users and that's not what I am looking for. I looked for providers offering that, but I guess my bosses would not let me spend over 3000$ per month on that. Else I would already have the mails hosted by microsoft and have a cocktail on the beach :) I'm not any kind of guru, I do not have any disciples. I did kernel mod development on embedded systems with freebsd 4 and 5, I still develop some linux kernel drivers for proprietary systems from time to time. My main degree is electronic engineering and I also graduated in computing related to management in other words I learned a bit of everything to be able to manage teams developers and understand what they do. Looks like it's doable, so I'll continue to dig and experiment. Best regards Cedric 2016-02-13 16:05 GMT-05:00 Robert Schetterer : > Am 13.02.2016 um 04:00 schrieb Cedric Malitte: > > Hi, > > > > I use dovecot for a long time now, but only as a single isolated server > > each time. > > > > I joined a company a few years back. We had trouble with compagnies > hosting > > our mail, supposedly full redundant and so on. > > > > The company is small, but we have many dealers around the world, and it's > > growing. > > > > Mail became the fist choice for clients to contact the dealers. > > No mail, and we loose sales. > > > > For now we have a single server ( with a backup ) on east coast. > > And sometimes peoples from EU complain about speed.... ah users :) > > > > What I'd like to implement is a redundant system with 2 servers, one in > NA, > > one in EU. > > And I'd also like to be able to add another server if needed on the west > > coast. > > > > Idea is, that if a server goes down, the users will be able to still > > receive and send mails, and never loose mails. > > > > For geobalacing and failover, I read that I can do it with DNS ( I'm with > > easydns ). > > > > I'm at the first stage where I collect informations that I try to > > understand and foresee a solution. > > > > First idea is to set up servers with a mysql master, slaves and a > glusterfs > > in replica mode on the servers. > > I tried glusterfs on FreeBSD and OMG, it's slow as hell ! ( well maybe > it's > > a trouble on the VMs nics ) > > On centos it's way better. > > But I read there might be trouble/index corruption for the mail storage > on > > "shared" space using maildir. > > > > I also had a look at dsync, but I wonder if it can be used on more than 2 > > servers. > > > > I found many pages on dovecot clusters using shared storage NFS mounted, > > but I feel it's not really what I need as the servers will be in > different > > datacenters. > > > > So any guide, clue hint would be really appreciated for me to do my > > homework ! > > > > Regards. > > > > Cedric > > > > complicated and expensive for a small company > why not have one imap server in US and the other in EU > so US Users should have their Mailboxes on the US Server > EU users should have their Mailboxes on the EU Server > > Smtp you might manage via smtp routing, perhaps with subdomains us eu > and aliasing > > Or you might take some paid service which has geo stuff allready up and > and running, dont try or think of doing it yourself, unlees youre a guru > > Best Regards > MfG Robert Schetterer > > -- > [*] sys4 AG > > http://sys4.de, +49 (89) 30 90 46 64 > Franziskanerstra?e 15, 81669 M?nchen > > Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 > Vorstand: Patrick Ben Koetter, Marc Schiffbauer > Aufsichtsratsvorsitzender: Florian Kirstein > From rs at sys4.de Sun Feb 14 06:39:35 2016 From: rs at sys4.de (Robert Schetterer) Date: Sun, 14 Feb 2016 07:39:35 +0100 Subject: Redundant and Geobalancing setup In-Reply-To: References: <56BF9A86.1060602@sys4.de> Message-ID: <56C02127.3030406@sys4.de> Am 14.02.2016 um 07:15 schrieb Cedric Malitte: > Thanks Robert, > > Having 2 separate servers would mean domain splitting in a way. > So I'll have to dispatch incoming mail, and maintain 2 or more users > databases. > Well I could only maintain one, and let the DB replicate itself to other > servers and only grab the users they are allowed to. > > We have many domain aliases for many countries and a dozen users traveling > around the globe. > So geo balacing would not be the best for them. hm... you could do some dns setup which gives differ results for your mail servers depending to the clients source ip > > But the redundancy is missing.... if one server goes down, I loose a bunch > of users and that's not what I am looking for. yes storage and balancing is the problem, there are differ ways to solve it > > I looked for providers offering that, but I guess my bosses would not let > me spend over 3000$ per month on that. > Else I would already have the mails hosted by microsoft and have a cocktail > on the beach :) a selfdone setup will not be cheap too > > I'm not any kind of guru, I do not have any disciples. > I did kernel mod development on embedded systems with freebsd 4 and 5, I > still develop some linux kernel drivers for proprietary systems from time > to time. > My main degree is electronic engineering and I also graduated in computing > related to management in other words I learned a bit of everything to be > able to manage teams developers and understand what they do. what i mean is experts in mail setups not your degree > > Looks like it's doable, so I'll continue to dig and experiment. of course it can be done ,but i think you will have a hard time unless you get help from people with experience in that > > Best regards > > Cedric > > > 2016-02-13 16:05 GMT-05:00 Robert Schetterer : > >> Am 13.02.2016 um 04:00 schrieb Cedric Malitte: >>> Hi, >>> >>> I use dovecot for a long time now, but only as a single isolated server >>> each time. >>> >>> I joined a company a few years back. We had trouble with compagnies >> hosting >>> our mail, supposedly full redundant and so on. >>> >>> The company is small, but we have many dealers around the world, and it's >>> growing. >>> >>> Mail became the fist choice for clients to contact the dealers. >>> No mail, and we loose sales. >>> >>> For now we have a single server ( with a backup ) on east coast. >>> And sometimes peoples from EU complain about speed.... ah users :) >>> >>> What I'd like to implement is a redundant system with 2 servers, one in >> NA, >>> one in EU. >>> And I'd also like to be able to add another server if needed on the west >>> coast. >>> >>> Idea is, that if a server goes down, the users will be able to still >>> receive and send mails, and never loose mails. >>> >>> For geobalacing and failover, I read that I can do it with DNS ( I'm with >>> easydns ). >>> >>> I'm at the first stage where I collect informations that I try to >>> understand and foresee a solution. >>> >>> First idea is to set up servers with a mysql master, slaves and a >> glusterfs >>> in replica mode on the servers. >>> I tried glusterfs on FreeBSD and OMG, it's slow as hell ! ( well maybe >> it's >>> a trouble on the VMs nics ) >>> On centos it's way better. >>> But I read there might be trouble/index corruption for the mail storage >> on >>> "shared" space using maildir. >>> >>> I also had a look at dsync, but I wonder if it can be used on more than 2 >>> servers. >>> >>> I found many pages on dovecot clusters using shared storage NFS mounted, >>> but I feel it's not really what I need as the servers will be in >> different >>> datacenters. >>> >>> So any guide, clue hint would be really appreciated for me to do my >>> homework ! >>> >>> Regards. >>> >>> Cedric >>> >> >> complicated and expensive for a small company >> why not have one imap server in US and the other in EU >> so US Users should have their Mailboxes on the US Server >> EU users should have their Mailboxes on the EU Server >> >> Smtp you might manage via smtp routing, perhaps with subdomains us eu >> and aliasing >> >> Or you might take some paid service which has geo stuff allready up and >> and running, dont try or think of doing it yourself, unlees youre a guru >> >> Best Regards >> MfG Robert Schetterer >> >> -- >> [*] sys4 AG >> >> http://sys4.de, +49 (89) 30 90 46 64 >> Franziskanerstra?e 15, 81669 M?nchen >> >> Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 >> Vorstand: Patrick Ben Koetter, Marc Schiffbauer >> Aufsichtsratsvorsitzender: Florian Kirstein >> Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein From sca at andreasschulze.de Sun Feb 14 11:47:19 2016 From: sca at andreasschulze.de (A. Schulze) Date: Sun, 14 Feb 2016 12:47:19 +0100 Subject: ANNOTATE plugin? Squirrel uses it for EXPIRATION information In-Reply-To: <20160213222411.GJ30205@jumper.schlittermann.de> References: <20160213222411.GJ30205@jumper.schlittermann.de> Message-ID: <56C06947.6090200@andreasschulze.de> Am 13.02.2016 um 23:24 schrieb Heiko Schlittermann: > it seems that Squirrel mail uses Mailbox annotations for storing Expire > times on the Server. It's an Cyrus server currently. (I've no clue how > cyrexpire is able to read it's information from the annotiations) > > Does dovecot support some similiar mechanism? Or - does anybody know > anything about how it's supposed to work on Cyrus and how it can be > emulated/simulated with dovecot? maybe metadata could be used. dovecot.conf: mail_location = maildir:~/Maildir/ mail_attribute_dict = file:Maildir/dovecot-metadata imap_metadata = yes $ doveadm mailbox metadata set -u user INBOX/subfolder /private/my_expire_info 5 -> is saved in ~user/Mailfir/dovecot-metadata $ doveadm mailbox metadata get -u user INBOX/subfolder /private/my_expire_info 5 now you could iterate over all mailboxes and all users and do magic things. unsolved: how could a user set values? Andreas From hs at schlittermann.de Sun Feb 14 17:12:32 2016 From: hs at schlittermann.de (Heiko Schlittermann) Date: Sun, 14 Feb 2016 18:12:32 +0100 Subject: ANNOTATE plugin? Squirrel uses it for EXPIRATION information In-Reply-To: <56C06947.6090200@andreasschulze.de> References: <20160213222411.GJ30205@jumper.schlittermann.de> <56C06947.6090200@andreasschulze.de> Message-ID: <20160214171232.GK30205@jumper.schlittermann.de> Hallo Andreas, A. Schulze (So 14 Feb 2016 12:47:19 CET): > > Am 13.02.2016 um 23:24 schrieb Heiko Schlittermann: > >it seems that Squirrel mail uses Mailbox annotations for storing Expire > >times on the Server. It's an Cyrus server currently. (I've no clue how > >cyrexpire is able to read it's information from the annotiations) > > > >Does dovecot support some similiar mechanism? Or - does anybody know > >anything about how it's supposed to work on Cyrus and how it can be > >emulated/simulated with dovecot? > > maybe metadata could be used. > > dovecot.conf: > mail_location = maildir:~/Maildir/ > mail_attribute_dict = file:Maildir/dovecot-metadata > imap_metadata = yes > Hm. ANNOTATE RFC 5257 METADATA RFC 5464 Does METADATA cover ANNOTATION? I'll try to find that out and I'll report success or failure here on that lits. > $ doveadm mailbox metadata set -u user INBOX/subfolder /private/my_expire_info 5 > -> is saved in ~user/Mailfir/dovecot-metadata > > $ doveadm mailbox metadata get -u user INBOX/subfolder /private/my_expire_info > 5 > > now you could iterate over all mailboxes and all users and do magic things. > unsolved: how could a user set values? I believe, that's done via the IMAP ANNOTATE extension. I see it for the very first time and so I've to investigate it further. Best regards from Dresden/Germany Viele Gr??e aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de ---------------------------- internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} - gnupg encrypted messages are welcome --------------- key ID: F69376CE - ! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ - -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 473 bytes Desc: Digital signature URL: From jeff at cjsa.com Mon Feb 15 02:55:17 2016 From: jeff at cjsa.com (Jeffery Small) Date: Sun, 14 Feb 2016 18:55:17 -0800 Subject: Question on setting up dovecot Message-ID: <20160215025517.GC32126@cjsa.com> The problem is solved! A great thanks to everyone for all the valuable information and suggestions you offered. I learned quite a bit, especially about talking to the dovecot server using the telnet/openssl suggestions and the available POP3 commands. Many of you were correct about your diagnosis, but I had some things happening that were creating confusion. Here is a brief summary of what I discovered. There were a few initial dovecot configuration issues which I eventually ironed out and, as I was reporting at the end of last week, the diagnostic logs seemed to indicate that the connection was successful. Yes, it turned out that Outlook was indeed set to leave a copy of the emails on the server for two weeks -- a setting hidden away on a sub-menu. Now, why this did not seem to be the case was because every time Outlook connected to the Solaris system to retrieve mail, all the messages were immediately deleted (despite this setting), so I was expecting the same behavior on the Linux machine and wasn't looking for the setting. There is something different about how the pop3 handler is working on the two systems. The second problem, which some of you guessed, was that the emails left on the server were not being downloaded because when I wasn't looking, Outlook had already downloaded and tagged them. So, even when I thought there was new mail (new to me anyway) in the inbox, Outlook had beaten me to them so that when I looked, I could see no new mail flowing over to the Windows machine. Disabling the retention setting removed the ambiguity and now I see any new mail in the inbox moving to the other system. Thanks again to everyone! -- Jeff From giunta at sissa.it Mon Feb 15 08:18:07 2016 From: giunta at sissa.it (Marco Giunta) Date: Mon, 15 Feb 2016 09:18:07 +0100 Subject: Accessing to mail as another user In-Reply-To: <56BADD77.3090504@um.es> References: <56B9B74B.60408@um.es> <56BADD77.3090504@um.es> Message-ID: <56C189BF.9050505@sissa.it> Hi, we have such configuration in our Dovecot; it is configured with virtual users and acl. To enable access of userA mailbox to userB, first I have to add userB to userA acl, and then I put userA username in an ARBITRARY_FIELD of userB record in our ldap (if you use a db for your account, the configuration could be more simple). We use the ARBITRARY_FIELD to limit the access of other users mailboxes: the field is not writable by the user, only by administrators. Our config files: /etc/dovecot/conf.d/auth-master.conf.ext ... passdb { driver = ldap master = yes args = /etc/dovecot/dovecot-ldap.conf.masterusers pass = yes default_fields = userdb_mail=maildir:/path_to_mailboxes/%1{login_user}/%{login_user}:INDEXPVT=/path_to_indexes/%1n/%n/shared/%{login_user} } and in /etc/dovecot/dovecot-ldap.conf.masterusers ... pass_attrs = uid=user,userPassword=password pass_filter = (&(uid=%n)(accountStatus=active)(ARBITRARY_FIELD=%{login_user})) to login, you have to use the same way of a masteruser: Login: userA*userB Password: userB_password Cheers, Marco On 2016-02-10 07:49, Angel L. Mateo wrote: > El 09/02/16 a las 13:44, Matthias Fechner escribi?: >> >> do you maybe mean shared mailboxes: >> http://wiki.dovecot.org/SharedMailboxes >> > I don't want shared mailboxes. I have to access the other mailbox > as a complete separate account from my personal one. > > I think I can achive this with master user, but I need to found a > way to configure permissions so the real user has access to all folders > in the other mailbox. > -- Marco Giunta - ITCS SysAdmin Via Bonomea, 265 34136 - Trieste, Italy Tel: +39-040-3787-503 Fax: +39-040-3787-244 From troeder at univention.de Mon Feb 15 09:16:45 2016 From: troeder at univention.de (=?UTF-8?Q?Daniel_Tr=c3=b6der?=) Date: Mon, 15 Feb 2016 10:16:45 +0100 Subject: Redundant and Geobalancing setup In-Reply-To: References: Message-ID: <56C1977D.4090902@univention.de> On 02/13/2016 04:00 AM, Cedric Malitte wrote: > Hi, > > I use dovecot for a long time now, but only as a single isolated server > each time. > > I joined a company a few years back. We had trouble with compagnies hosting > our mail, supposedly full redundant and so on. > > The company is small, but we have many dealers around the world, and it's > growing. > > Mail became the fist choice for clients to contact the dealers. > No mail, and we loose sales. > > For now we have a single server ( with a backup ) on east coast. > And sometimes peoples from EU complain about speed.... ah users :) > > What I'd like to implement is a redundant system with 2 servers, one in NA, > one in EU. > And I'd also like to be able to add another server if needed on the west > coast. > > Idea is, that if a server goes down, the users will be able to still > receive and send mails, and never loose mails. > > For geobalacing and failover, I read that I can do it with DNS ( I'm with > easydns ). > > I'm at the first stage where I collect informations that I try to > understand and foresee a solution. > > First idea is to set up servers with a mysql master, slaves and a glusterfs > in replica mode on the servers. > I tried glusterfs on FreeBSD and OMG, it's slow as hell ! ( well maybe it's > a trouble on the VMs nics ) > On centos it's way better. > But I read there might be trouble/index corruption for the mail storage on > "shared" space using maildir. > > I also had a look at dsync, but I wonder if it can be used on more than 2 > servers. > > I found many pages on dovecot clusters using shared storage NFS mounted, > but I feel it's not really what I need as the servers will be in different > datacenters. > > So any guide, clue hint would be really appreciated for me to do my > homework ! > > Regards. > > Cedric Hi Cedric, I think a simpler solution will not just be cheaper but less complex - and with that more reliable: The speed problem of the EU users is probably just feeling. You should quantify it for both SMTP and IMAP. Collect that data for the scenarios that your users complain about (is it to a partner or inter-office?). Only then can you work on a solution that you will be able to prove to them, is better. This is paramount. My suggestions: * Server on the east cost is good for both NA and EU. * Good (better?) internet connection for the EU office, prioritize SMTP vs HTTP in router/firewall (fast internet is WAY cheaper than cluster setups plus administrators) * SMTP relay in EU _office_, so that _sending_ mails is with LAN speed for users Create a redundant setup for SMTP and IMAP together on the east cost. You'll get redundancy without the WAN problem. Setup a secondary MX in a different data center for uber-redundency. It will not enable your users to read their mail in case the 1st data center is on fire, but no client mails will get lost, as they will be queued on the 2nd MX - better read client mails late then never! Setup a clone of the primary server at the 2nd MX and sync mails & backup there on a hourly basis. If the 1st data center is not back in an hour, you can still switch DNS to the 2nd site and your users will have had a very short downtime. The result is not a top-notch 100% solution, but it is simple and everything is implemented on application layer. That gives you freedom to switch products, hardware, platform and administrators(!). Ask your customer/supervisor what uptime is necessary and how much they are willing to pay. The SLAs of MS/Google/etc offer up to 99.9% (~9 hours downtime per year). If that is the goal, then they should pay the price for their equipment and staff. For anything less my argument is less complexity for higher reliability. Greetings Daniel -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: OpenPGP digital signature URL: From gallego at cri.ensmp.fr Sun Feb 14 04:17:23 2016 From: gallego at cri.ensmp.fr (Emilio =?utf-8?Q?Jes=C3=BAs?= Gallego Arias) Date: Sun, 14 Feb 2016 05:17:23 +0100 Subject: Streaming MOVE commands Message-ID: <84wpq68crq.fsf@cri.ensmp.fr> Dear Dovecot devs, is streaming multiple MOVE commands by clients allowed? I am getting duplicated messages with the GNUS mail client, the interchange looks like this: *stream two moves to different folders* > 9019 UID MOVE 4062,4066,4068 "folder0" > 9020 UID MOVE 4063:4064,4067,4069:4072 "folder1" *the messages are copied* > * OK [COPYUID 1424475218 4062,4066,4068 376:378] Moved UIDs. > * OK [COPYUID 1424475231 4063:4064,4067,4069:4072 26:32] Moved UIDs. *however expunge fails to clean 4063, 4064, and 4067* > * VANISHED 4062,4066,4068:4072 thus 4063, 4064, and 4067 end both in inbox and folder1 producing duplicate messages (more details at [1]). At the GNUS mailing list, we were wondering about what should be the correct reading of RFC6851. Version and config information below. Best regards, Emilio [1] More details in the thread http://permalink.gmane.org/gmane.emacs.gnus.general/86813 [2] Version $ /usr/sbin/dovecot --version 2.2.13 [3] Config $ /usr/sbin/dovecot -n # 2.2.13: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-4-amd64 x86_64 Debian 8.3 ext4 mail_location = maildir:/home/%u/Maildir managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { driver = pam } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = " imap sieve" ssl_cert = ... ssl_key = ... userdb { driver = passwd } From pch at myzel.net Mon Feb 15 12:26:22 2016 From: pch at myzel.net (Peter Chiochetti) Date: Mon, 15 Feb 2016 13:26:22 +0100 Subject: Get mailbox from its guid through IMAP Message-ID: <56C1C3EE.5040501@myzel.net> In the shell I'do: doveadm fetch -u bob mailbox mailbox-guid $box uid 1 Is there a way through IMAP to get the same? -- peter From cedric.malitte at gmail.com Mon Feb 15 16:36:20 2016 From: cedric.malitte at gmail.com (Cedric Malitte) Date: Mon, 15 Feb 2016 11:36:20 -0500 Subject: Redundant and Geobalancing setup In-Reply-To: <56C1977D.4090902@univention.de> References: <56C1977D.4090902@univention.de> Message-ID: Hi Daniel, I do already have a backup server where I replicate the mails every 4 hours using imapsync. Not the best, but this is workable. The one time I redirected to backup server, people where complaining that they were having duplicate mails ( this was pop access ) I also have mx backup with easydns, was part of the plan so I use it. We have three main offices, a few on the road managers and many dealers. Dealers run their own business under our trademark, and use the same domains for mails as ours (head offices). I mean every mailbox is on the same server. May be not the best. I have the mandate to get everything running smooth. There can be outages, but not too long. One hour is too long for some.... It will also be to educated people here and there. I understand that what they want costs money, but I'm not able to make them understand that what they want is not plug and play cheap solution. But, I'm going to test on VMs dovecot on glusterfs with dovecot director if I manage to get it working properly. Might be a challenge, but who knows, it might work :) Best regards, Cedric 2016-02-15 4:16 GMT-05:00 Daniel Tr?der : > On 02/13/2016 04:00 AM, Cedric Malitte wrote: > > Hi, > > > > I use dovecot for a long time now, but only as a single isolated server > > each time. > > > > I joined a company a few years back. We had trouble with compagnies > hosting > > our mail, supposedly full redundant and so on. > > > > The company is small, but we have many dealers around the world, and it's > > growing. > > > > Mail became the fist choice for clients to contact the dealers. > > No mail, and we loose sales. > > > > For now we have a single server ( with a backup ) on east coast. > > And sometimes peoples from EU complain about speed.... ah users :) > > > > What I'd like to implement is a redundant system with 2 servers, one in > NA, > > one in EU. > > And I'd also like to be able to add another server if needed on the west > > coast. > > > > Idea is, that if a server goes down, the users will be able to still > > receive and send mails, and never loose mails. > > > > For geobalacing and failover, I read that I can do it with DNS ( I'm with > > easydns ). > > > > I'm at the first stage where I collect informations that I try to > > understand and foresee a solution. > > > > First idea is to set up servers with a mysql master, slaves and a > glusterfs > > in replica mode on the servers. > > I tried glusterfs on FreeBSD and OMG, it's slow as hell ! ( well maybe > it's > > a trouble on the VMs nics ) > > On centos it's way better. > > But I read there might be trouble/index corruption for the mail storage > on > > "shared" space using maildir. > > > > I also had a look at dsync, but I wonder if it can be used on more than 2 > > servers. > > > > I found many pages on dovecot clusters using shared storage NFS mounted, > > but I feel it's not really what I need as the servers will be in > different > > datacenters. > > > > So any guide, clue hint would be really appreciated for me to do my > > homework ! > > > > Regards. > > > > Cedric > > Hi Cedric, > > I think a simpler solution will not just be cheaper but less complex - > and with that more reliable: > > The speed problem of the EU users is probably just feeling. You should > quantify it for both SMTP and IMAP. Collect that data for the scenarios > that your users complain about (is it to a partner or inter-office?). > Only then can you work on a solution that you will be able to prove to > them, is better. This is paramount. > > My suggestions: > * Server on the east cost is good for both NA and EU. > * Good (better?) internet connection for the EU office, prioritize SMTP > vs HTTP in router/firewall (fast internet is WAY cheaper than cluster > setups plus administrators) > * SMTP relay in EU _office_, so that _sending_ mails is with LAN speed > for users > > Create a redundant setup for SMTP and IMAP together on the east cost. > You'll get redundancy without the WAN problem. > > Setup a secondary MX in a different data center for uber-redundency. It > will not enable your users to read their mail in case the 1st data > center is on fire, but no client mails will get lost, as they will be > queued on the 2nd MX - better read client mails late then never! > > Setup a clone of the primary server at the 2nd MX and sync mails & > backup there on a hourly basis. If the 1st data center is not back in an > hour, you can still switch DNS to the 2nd site and your users will have > had a very short downtime. > > The result is not a top-notch 100% solution, but it is simple and > everything is implemented on application layer. That gives you freedom > to switch products, hardware, platform and administrators(!). > > Ask your customer/supervisor what uptime is necessary and how much they > are willing to pay. The SLAs of MS/Google/etc offer up to 99.9% (~9 > hours downtime per year). If that is the goal, then they should pay the > price for their equipment and staff. For anything less my argument is > less complexity for higher reliability. > > Greetings > Daniel > > From chris2014 at postbox.xyz Mon Feb 15 18:01:47 2016 From: chris2014 at postbox.xyz (Chris) Date: Mon, 15 Feb 2016 19:01:47 +0100 Subject: more than 6000 subfolders in the same level Message-ID: <185c8211069d1a59112873ef6fa8c685.squirrel@mail2.postbox.xyz> Dear All, I'm going to use a public namespace with more than 6000 folders and subfolders. On the local ext4-filesystem the nested IMAP subfolders will all be in the same directory: /var/vmail/public/folder1 /var/vmail/public/folder1.subfolder1a /var/vmail/public/folder1.subfolder1b ... Is this possible without any performance issues? Would it be better to use "real" subfolders with / as separator? Is / separator for public namespace and . for private namespace possible? - Chris From terrydop at gmail.com Mon Feb 15 19:43:00 2016 From: terrydop at gmail.com (Terry Barnum) Date: Mon, 15 Feb 2016 11:43:00 -0800 Subject: doveadm backup to local drive Message-ID: <9242BF20-6F1A-402E-9A5D-A49BA2098ED8@gmail.com> I'm trying to get doveadm to backup all users to a local drive without any luck. $ sudo doveadm backup -A /Volumes/mail_bak/mailstore_backup/ Error: User listing returned failure doveadm: Error: Failed to iterate through some users The doveadm-backup man page has the instruction to make sure the iterate query matches the database layout but I'm not sure what that means. If the user_query in dovecot-sql.conf.ext looks like this, what should the iterate_query look like? user_query = \ SELECT '/opt/local/virtual/%d/%n/mail' as home, \ 'maildir:/opt/local/virtual/%d/%n/mail' as mail, 501 as uid, \ 501 as gid, concat("*:storage=", quota) AS quota \ FROM mailbox WHERE username = "%u" AND active = "1" # Query to get a list of all usernames. iterate_query = SELECT username AS user FROM users Thanks, -Terry Terry Barnum digital OutPost Carlsbad, CA http://www.dop.com 800/464-6434 From richw at richw.org Mon Feb 15 23:49:21 2016 From: richw at richw.org (Rich Wales) Date: Mon, 15 Feb 2016 15:49:21 -0800 Subject: Health check for dsync? Message-ID: <56C26401.1020407@liberation.richw.org> I am syncing two Dovecot sites using dsync. Are there any tools available to confirm that dsync is (or is not) running properly between the two sites? (E.g., something I could run periodically in Nagios?) Rich Wales richw at richw.org From dogz.tw at gmail.com Tue Feb 16 00:31:49 2016 From: dogz.tw at gmail.com (Dogz) Date: Tue, 16 Feb 2016 08:31:49 +0800 Subject: the prefix number of the configuration filename Message-ID: Hi all, I am very curious about the prefix number of the configuration filename, such as 10-auth.conf 10-director.conf 10-logging.conf 10-mail.conf 10-master.conf 10-ssl.conf 15-lda.conf 15-mailboxes.conf 20-imap.conf 20-lmtp.conf 20-managesieve.conf 20-pop3.conf 90-acl.conf 90-plugin.conf 90-quota.conf 90-sieve.conf 90-sieve-extprograms.conf What are those meanings of 10,15,20 and 90 ? Please advise me and thank you in advance. -- Best Regards, Dogz From dovecot at biblestuph.com Tue Feb 16 00:32:47 2016 From: dovecot at biblestuph.com (Dan Ragle) Date: Mon, 15 Feb 2016 19:32:47 -0500 Subject: Pigeonhole and duplicate checking Message-ID: <56C26E2F.2070106@biblestuph.com> I spent some time setting up Dovecot LMTP with Pigeonhole this weekend. I got most of the things I wanted to working but have a few issues that I'm hoping that someone might be able to help with. First, I'm running the stock version of the tools from the core repos for CentOS/6, which means Dovecot 2.0.9 and Pigeonhole 0.2.2. Unfortunately, I don't expect to be able to upgrade those anytime soon, so I'm hoping I can find workarounds for my existing versions. My mailserver is sendmail, I linked to Dovecot LMTP by adding: FEATURE(`local_lmtp', `[IPC]', `FILE /var/run/dovecot/lmtp')dnl to my sendmail.mc. In my prior procmail setup, I auto-forwarded all my SPAM E-mail to a separate user on the system with their own account (called spamuser). In the Pigeonhole setup it looks like I have to redirect those messages (i.e., redirect "spamuser at mydomain.com";). That works, but I'm having issues with "duplicate" messages getting delivered directly to my inbox instead of getting redirected. IOW, my regular user's .dovecot.sieve has: if header :contains "X-Spam-Flag" "YES" { redirect "spamuser at mydomain.com"; stop; } and the spamuser's .dovecot.sieve has: require ["imap4flags"]; setflag "\\seen"; (this system is entirely for personal use, no concerns with a user's Spam being seen via the separate spamuser account). Now, the problem I'm having is that sometimes a message arrives with a duplicate message-ID. Here's an abbreviated example from my maillog: Feb 15 00:30:46 myhost sendmail[26844]: u1F5UeBP026844: from=, size=613, class=0, nrcpts=1, msgid=<68895654496651-HLTYGGRLPDJDVTZRHFIKGAON at hverovvxzb.arkansas-email.com>, proto=SMTP, daemon=MTA, relay=117.27.191.61.broad.static.hf.ah.cndata.com [61.191.27.117] (may be forged) Feb 15 00:31:05 myhost dovecot: lmtp(26856): Connect from local Feb 15 00:31:07 myhost sendmail[26867]: u1F5UvFi026867: from=, size=613, class=0, nrcpts=1, msgid=<68895654496651-HLTYGGRLPDJDVTZRHFIKGAON at hverovvxzb.arkansas-email.com>, proto=SMTP, daemon=MTA, relay=117.27.191.61.broad.static.hf.ah.cndata.com [61.191.27.117] (may be forged) Feb 15 00:31:10 myhost dovecot: lmtp(26856, dmr): 7Hj/LoBiwVboaAAACXJZQA: sieve: msgid=<68895654496651-HLTYGGRLPDJDVTZRHFIKGAON at hverovvxzb.arkansas-email.com>: forwarded to Feb 15 00:31:10 myhost dovecot: lmtp(26856): Disconnect from local: Client quit Feb 15 00:31:10 myhost dovecot: lmtp(26893): Connect from local Feb 15 00:31:10 myhost dovecot: lmtp(26893, spamuser): 9TPnN55iwVYNaQAACXJZQA: sieve: msgid=<68895654496651-HLTYGGRLPDJDVTZRHFIKGAON at hverovvxzb.arkansas-email.com>: stored mail into mailbox 'INBOX' Feb 15 00:31:11 myhost dovecot: lmtp(26893): Disconnect from local: Client quit Feb 15 00:31:18 myhost dovecot: lmtp(26893): Connect from local Feb 15 00:31:18 myhost dovecot: lmtp(26893, dmr): +TPnN55iwVYNaQAACXJZQA: sieve: msgid=<68895654496651-HLTYGGRLPDJDVTZRHFIKGAON at hverovvxzb.arkansas-email.com>: discarded duplicate forward to Feb 15 00:31:18 myhost dovecot: lmtp(26893, dmr): +TPnN55iwVYNaQAACXJZQA: sieve: msgid=<68895654496651-HLTYGGRLPDJDVTZRHFIKGAON at hverovvxzb.arkansas-email.com>: stored mail into mailbox 'INBOX' So the first message comes in and is redirected properly to my spamuser and stored in the inbox. The second one comes in, pigeonhole sees it's a duplicate, refuses to redirect it, and stores it in my inbox instead. I tried forcing the .dovecot.lda-dupes file to be a symlink to /dev/null just to see if it would work, but unfortunately dovecot just recreates it as a normal file the next time it delivers to that user. Ideally, I'd like to just discard the duplicates. It looks like there is duplicate testing functionality available, but not until later versions of Dovecot/Pigeonhole. Is there anyway I can either just discard the duplicates, or get them to be redirected to the spamuser? Also, some other questions I came up with along the way: Is there any way I can force a message to fileinto a different user's Mailbox? I'm guessing no since it appears that the lmtp drops root privileges before the global sieve script is interpreted, but thought I'd ask anyway. I did try: fileinto "/var/mail/spamuser"; But Dovecot complained, something about the mailbox pattern being invalid. If it were possible, I would think it would want something like fileinto "spamuser:INBOX"; instead, but I don't know if that is even possible. In a global sieve script, is there anyway to know/test which system user is the targeted user for delivery? So in a global sieve_before script I could test the target user, and if it's spamuser just file it immediately and stop with no further testing? Thanks for any assistance! Dan From richw at richw.org Tue Feb 16 00:48:55 2016 From: richw at richw.org (Rich Wales) Date: Mon, 15 Feb 2016 16:48:55 -0800 Subject: the prefix number of the configuration filename In-Reply-To: References: Message-ID: <56C271F7.2050407@liberation.richw.org> > Hi all, I am very curious about the prefix number of the configuration > filename, such as 10-auth.conf .... What are those meanings of 10,15,20 > and 90 ? The configuration files are read and processed according to the sorting order of their names. Adding the numeric prefixes allows the order in which the files are processed to be determined independently of their names. So, in this case, the config files with names starting with 10 are read first (i.e., 10-director.conf is processed first). If the number prefixes weren't there, then the "acl.conf" file would be processed first (instead of near the end). It matters what order the configuration files are processed in because later files can override parameters set by earlier files. Rich Wales richw at richw.org From dovecot at dpe.lusars.net Tue Feb 16 00:49:16 2016 From: dovecot at dpe.lusars.net (David Bishop) Date: Mon, 15 Feb 2016 19:49:16 -0500 Subject: the prefix number of the configuration filename In-Reply-To: References: Message-ID: At a guess, the directory gets listed, the names get sorted numerically, and then read in order low-to-high. In theory, the end result will be the same regardless of what order stuff gets read in, but doing it in a deterministic order makes troubleshooting easier. On Mon, Feb 15, 2016 at 7:31 PM, Dogz wrote: > Hi all, > > I am very curious about the prefix number of the configuration > filename, such as 10-auth.conf > 10-director.conf > 10-logging.conf > 10-mail.conf > 10-master.conf > 10-ssl.conf > 15-lda.conf > 15-mailboxes.conf > 20-imap.conf > 20-lmtp.conf > 20-managesieve.conf > 20-pop3.conf > 90-acl.conf > 90-plugin.conf > 90-quota.conf > 90-sieve.conf > 90-sieve-extprograms.conf > > What are those meanings of 10,15,20 and 90 ? > > Please advise me and thank you in advance. > > -- > Best Regards, > Dogz > From stephan at rename-it.nl Tue Feb 16 01:29:51 2016 From: stephan at rename-it.nl (Stephan Bosch) Date: Tue, 16 Feb 2016 02:29:51 +0100 Subject: Pigeonhole and duplicate checking In-Reply-To: <56C26E2F.2070106@biblestuph.com> References: <56C26E2F.2070106@biblestuph.com> Message-ID: <56C27B8F.8050105@rename-it.nl> Op 2/16/2016 om 1:32 AM schreef Dan Ragle: > In my prior procmail setup, I auto-forwarded all my SPAM E-mail to a > separate user on the system with their own account (called spamuser). > In the Pigeonhole setup it looks like I have to redirect those > messages (i.e., redirect "spamuser at mydomain.com";). That works, but > I'm having issues with "duplicate" messages getting delivered directly > to my inbox instead of getting redirected. IOW, my regular user's > .dovecot.sieve has: > > if header :contains "X-Spam-Flag" "YES" { > redirect "spamuser at mydomain.com"; > stop; > } > > and the spamuser's .dovecot.sieve has: > > require ["imap4flags"]; > setflag "\\seen"; > > (this system is entirely for personal use, no concerns with a user's > Spam being seen via the separate spamuser account). > > Now, the problem I'm having is that sometimes a message arrives with a > duplicate message-ID. Here's an abbreviated example from my maillog: > > Feb 15 00:30:46 myhost sendmail[26844]: u1F5UeBP026844: > from=, size=613, class=0, nrcpts=1, > msgid=<68895654496651-HLTYGGRLPDJDVTZRHFIKGAON at hverovvxzb.arkansas-email.com>, > proto=SMTP, daemon=MTA, > relay=117.27.191.61.broad.static.hf.ah.cndata.com [61.191.27.117] (may > be forged) > Feb 15 00:31:05 myhost dovecot: lmtp(26856): Connect from local > Feb 15 00:31:07 myhost sendmail[26867]: u1F5UvFi026867: > from=, size=613, class=0, nrcpts=1, > msgid=<68895654496651-HLTYGGRLPDJDVTZRHFIKGAON at hverovvxzb.arkansas-email.com>, > proto=SMTP, daemon=MTA, > relay=117.27.191.61.broad.static.hf.ah.cndata.com [61.191.27.117] (may > be forged) > Feb 15 00:31:10 myhost dovecot: lmtp(26856, dmr): > 7Hj/LoBiwVboaAAACXJZQA: sieve: > msgid=<68895654496651-HLTYGGRLPDJDVTZRHFIKGAON at hverovvxzb.arkansas-email.com>: > forwarded to > Feb 15 00:31:10 myhost dovecot: lmtp(26856): Disconnect from local: > Client quit > Feb 15 00:31:10 myhost dovecot: lmtp(26893): Connect from local > Feb 15 00:31:10 myhost dovecot: lmtp(26893, spamuser): > 9TPnN55iwVYNaQAACXJZQA: sieve: > msgid=<68895654496651-HLTYGGRLPDJDVTZRHFIKGAON at hverovvxzb.arkansas-email.com>: > stored mail into mailbox 'INBOX' > Feb 15 00:31:11 myhost dovecot: lmtp(26893): Disconnect from local: > Client quit > Feb 15 00:31:18 myhost dovecot: lmtp(26893): Connect from local > Feb 15 00:31:18 myhost dovecot: lmtp(26893, dmr): > +TPnN55iwVYNaQAACXJZQA: sieve: > msgid=<68895654496651-HLTYGGRLPDJDVTZRHFIKGAON at hverovvxzb.arkansas-email.com>: > discarded duplicate forward to > Feb 15 00:31:18 myhost dovecot: lmtp(26893, dmr): > +TPnN55iwVYNaQAACXJZQA: sieve: > msgid=<68895654496651-HLTYGGRLPDJDVTZRHFIKGAON at hverovvxzb.arkansas-email.com>: > stored mail into mailbox 'INBOX' > > So the first message comes in and is redirected properly to my > spamuser and stored in the inbox. The second one comes in, pigeonhole > sees it's a duplicate, refuses to redirect it, and stores it in my > inbox instead. This expected behavior. > I tried forcing the .dovecot.lda-dupes file to be a symlink to > /dev/null just to see if it would work, but unfortunately dovecot just > recreates it as a normal file the next time it delivers to that user. Exactly. > Ideally, I'd like to just discard the duplicates. It looks like there > is duplicate testing functionality available, but not until later > versions of Dovecot/Pigeonhole. Yes, but you will not need that. > Is there anyway I can either just discard the duplicates, or get them > to be redirected to the spamuser? What happens is that the redirect action is ignored the second time, which means that the implicit keep is not canceled (https://tools.ietf.org/html/rfc5228#section-2.10.2). Upon executing "stop;", the script ends and the implicit keep is executed, hence the message is stored in "INBOX". So, what you need to do is cancel the implicit keep, no matter what redirect does. This can be achieved as follows: if header :contains "X-Spam-Flag" "YES" { redirect "spamuser at mydomain.com"; discard; stop; } The discard action will cancel the implicit keep. It will not affect the redirect action in any way. If you're a bit scared of the discard action, you can also replace the it with some other action that cancels the implicit keep, such as "fileinto" to put duplicates in their own little black hole folder. > Also, some other questions I came up with along the way: > > Is there any way I can force a message to fileinto a different user's > Mailbox? I'm guessing no since it appears that the lmtp drops root > privileges before the global sieve script is interpreted, but thought > I'd ask anyway. I did try: > > fileinto "/var/mail/spamuser"; > > But Dovecot complained, something about the mailbox pattern being > invalid. If it were possible, I would think it would want something like > > fileinto "spamuser:INBOX"; > > instead, but I don't know if that is even possible. Your guess is right on the money. > In a global sieve script, is there anyway to know/test which system > user is the targeted user for delivery? So in a global sieve_before > script I could test the target user, and if it's spamuser just file it > immediately and stop with no further testing? The latest versions support this: https://raw.githubusercontent.com/dovecot/pigeonhole/master/doc/rfc/spec-bosch-sieve-dovecot-environment.txt For older versions, you can use the non-standard well-hidden "auth" field for the envelope test. This is some deprecated heritage from the old CMU implementation. require ["fileinto", "envelope"]; if envelope "auth" "spamuser" { fileinto "INBOX"; stop; } Regards, Stephan. From dovecot at biblestuph.com Tue Feb 16 02:47:07 2016 From: dovecot at biblestuph.com (Dan Ragle) Date: Mon, 15 Feb 2016 21:47:07 -0500 Subject: Pigeonhole and duplicate checking In-Reply-To: <56C27B8F.8050105@rename-it.nl> References: <56C26E2F.2070106@biblestuph.com> <56C27B8F.8050105@rename-it.nl> Message-ID: <56C28DAB.5020600@biblestuph.com> Perfect! Using the "auth" trick and appropriate "discard" statements allowed me to get the scripts setup exactly as I had originally intended. Thanks! Dan On 2/15/2016 8:29 PM, Stephan Bosch wrote: > Op 2/16/2016 om 1:32 AM schreef Dan Ragle: >> In my prior procmail setup, I auto-forwarded all my SPAM E-mail to a >> separate user on the system with their own account (called spamuser). >> In the Pigeonhole setup it looks like I have to redirect those >> messages (i.e., redirect "spamuser at mydomain.com";). That works, but >> I'm having issues with "duplicate" messages getting delivered directly >> to my inbox instead of getting redirected. IOW, my regular user's >> .dovecot.sieve has: >> >> if header :contains "X-Spam-Flag" "YES" { >> redirect "spamuser at mydomain.com"; >> stop; >> } >> >> and the spamuser's .dovecot.sieve has: >> >> require ["imap4flags"]; >> setflag "\\seen"; >> >> (this system is entirely for personal use, no concerns with a user's >> Spam being seen via the separate spamuser account). >> >> Now, the problem I'm having is that sometimes a message arrives with a >> duplicate message-ID. Here's an abbreviated example from my maillog: >> >> Feb 15 00:30:46 myhost sendmail[26844]: u1F5UeBP026844: >> from=, size=613, class=0, nrcpts=1, >> msgid=<68895654496651-HLTYGGRLPDJDVTZRHFIKGAON at hverovvxzb.arkansas-email.com>, >> proto=SMTP, daemon=MTA, >> relay=117.27.191.61.broad.static.hf.ah.cndata.com [61.191.27.117] (may >> be forged) >> Feb 15 00:31:05 myhost dovecot: lmtp(26856): Connect from local >> Feb 15 00:31:07 myhost sendmail[26867]: u1F5UvFi026867: >> from=, size=613, class=0, nrcpts=1, >> msgid=<68895654496651-HLTYGGRLPDJDVTZRHFIKGAON at hverovvxzb.arkansas-email.com>, >> proto=SMTP, daemon=MTA, >> relay=117.27.191.61.broad.static.hf.ah.cndata.com [61.191.27.117] (may >> be forged) >> Feb 15 00:31:10 myhost dovecot: lmtp(26856, dmr): >> 7Hj/LoBiwVboaAAACXJZQA: sieve: >> msgid=<68895654496651-HLTYGGRLPDJDVTZRHFIKGAON at hverovvxzb.arkansas-email.com>: >> forwarded to >> Feb 15 00:31:10 myhost dovecot: lmtp(26856): Disconnect from local: >> Client quit >> Feb 15 00:31:10 myhost dovecot: lmtp(26893): Connect from local >> Feb 15 00:31:10 myhost dovecot: lmtp(26893, spamuser): >> 9TPnN55iwVYNaQAACXJZQA: sieve: >> msgid=<68895654496651-HLTYGGRLPDJDVTZRHFIKGAON at hverovvxzb.arkansas-email.com>: >> stored mail into mailbox 'INBOX' >> Feb 15 00:31:11 myhost dovecot: lmtp(26893): Disconnect from local: >> Client quit >> Feb 15 00:31:18 myhost dovecot: lmtp(26893): Connect from local >> Feb 15 00:31:18 myhost dovecot: lmtp(26893, dmr): >> +TPnN55iwVYNaQAACXJZQA: sieve: >> msgid=<68895654496651-HLTYGGRLPDJDVTZRHFIKGAON at hverovvxzb.arkansas-email.com>: >> discarded duplicate forward to >> Feb 15 00:31:18 myhost dovecot: lmtp(26893, dmr): >> +TPnN55iwVYNaQAACXJZQA: sieve: >> msgid=<68895654496651-HLTYGGRLPDJDVTZRHFIKGAON at hverovvxzb.arkansas-email.com>: >> stored mail into mailbox 'INBOX' >> >> So the first message comes in and is redirected properly to my >> spamuser and stored in the inbox. The second one comes in, pigeonhole >> sees it's a duplicate, refuses to redirect it, and stores it in my >> inbox instead. > > This expected behavior. > >> I tried forcing the .dovecot.lda-dupes file to be a symlink to >> /dev/null just to see if it would work, but unfortunately dovecot just >> recreates it as a normal file the next time it delivers to that user. > > Exactly. > >> Ideally, I'd like to just discard the duplicates. It looks like there >> is duplicate testing functionality available, but not until later >> versions of Dovecot/Pigeonhole. > > Yes, but you will not need that. > >> Is there anyway I can either just discard the duplicates, or get them >> to be redirected to the spamuser? > > What happens is that the redirect action is ignored the second time, > which means that the implicit keep is not canceled > (https://tools.ietf.org/html/rfc5228#section-2.10.2). Upon executing > "stop;", the script ends and the implicit keep is executed, hence the > message is stored in "INBOX". > > So, what you need to do is cancel the implicit keep, no matter what > redirect does. This can be achieved as follows: > > if header :contains "X-Spam-Flag" "YES" { > redirect "spamuser at mydomain.com"; > discard; > stop; > } > > The discard action will cancel the implicit keep. It will not affect the > redirect action in any way. If you're a bit scared of the discard > action, you can also replace the it with some other action that cancels > the implicit keep, such as "fileinto" to put duplicates in their own > little black hole folder. > >> Also, some other questions I came up with along the way: >> >> Is there any way I can force a message to fileinto a different user's >> Mailbox? I'm guessing no since it appears that the lmtp drops root >> privileges before the global sieve script is interpreted, but thought >> I'd ask anyway. I did try: >> >> fileinto "/var/mail/spamuser"; >> >> But Dovecot complained, something about the mailbox pattern being >> invalid. If it were possible, I would think it would want something like >> >> fileinto "spamuser:INBOX"; >> >> instead, but I don't know if that is even possible. > > Your guess is right on the money. > >> In a global sieve script, is there anyway to know/test which system >> user is the targeted user for delivery? So in a global sieve_before >> script I could test the target user, and if it's spamuser just file it >> immediately and stop with no further testing? > > The latest versions support this: > > https://raw.githubusercontent.com/dovecot/pigeonhole/master/doc/rfc/spec-bosch-sieve-dovecot-environment.txt > > For older versions, you can use the non-standard well-hidden "auth" > field for the envelope test. This is some deprecated heritage from the > old CMU implementation. > > require ["fileinto", "envelope"]; > if envelope "auth" "spamuser" { > fileinto "INBOX"; > stop; > } > > Regards, > > Stephan. > > > > From amateo at um.es Tue Feb 16 07:04:31 2016 From: amateo at um.es (Angel L. Mateo) Date: Tue, 16 Feb 2016 08:04:31 +0100 Subject: Accessing to mail as another user In-Reply-To: <56C189BF.9050505@sissa.it> References: <56B9B74B.60408@um.es> <56BADD77.3090504@um.es> <56C189BF.9050505@sissa.it> Message-ID: <56C2C9FF.3020202@um.es> I have this configuration running, except for the ACL. The problem I'm having with ACLs is that I have to manually create the ACL for each folder userB has and if userB creates a new folder, then it is forbidden for userA until I update the ACL. How do you solve this? El 15/02/16 a las 09:18, Marco Giunta escribi?: > Hi, > we have such configuration in our Dovecot; it is configured with virtual > users and acl. To enable access of userA mailbox to userB, first I have > to add userB to userA acl, and then I put userA username in an > ARBITRARY_FIELD of userB record in our ldap (if you use a db for your > account, the configuration could be more simple). We use the > ARBITRARY_FIELD to limit the access of other users mailboxes: the field > is not writable by the user, only by administrators. > > > Our config files: > > /etc/dovecot/conf.d/auth-master.conf.ext > ... > passdb { > driver = ldap > master = yes > > args = /etc/dovecot/dovecot-ldap.conf.masterusers > pass = yes > default_fields = > userdb_mail=maildir:/path_to_mailboxes/%1{login_user}/%{login_user}:INDEXPVT=/path_to_indexes/%1n/%n/shared/%{login_user} > > } > > and in /etc/dovecot/dovecot-ldap.conf.masterusers > ... > pass_attrs = uid=user,userPassword=password > pass_filter = > (&(uid=%n)(accountStatus=active)(ARBITRARY_FIELD=%{login_user})) > > > to login, you have to use the same way of a masteruser: > > Login: userA*userB > Password: userB_password > > > Cheers, > Marco > > > > On 2016-02-10 07:49, Angel L. Mateo wrote: >> El 09/02/16 a las 13:44, Matthias Fechner escribi?: >>> >>> do you maybe mean shared mailboxes: >>> http://wiki.dovecot.org/SharedMailboxes >>> >> I don't want shared mailboxes. I have to access the other mailbox >> as a complete separate account from my personal one. >> >> I think I can achive this with master user, but I need to found a >> way to configure permissions so the real user has access to all folders >> in the other mailbox. >> > -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n y las Comunicaciones Aplicadas (ATICA) http://www.um.es/atica Tfo: 868887590 Fax: 868888337 From dogz.tw at gmail.com Tue Feb 16 08:05:01 2016 From: dogz.tw at gmail.com (Dogz) Date: Tue, 16 Feb 2016 16:05:01 +0800 Subject: the prefix number of the configuration filename In-Reply-To: <56C271F7.2050407@liberation.richw.org> References: <56C271F7.2050407@liberation.richw.org> Message-ID: Dear David and Rich, Thank you for your soon reply. I understood. I thought that would be special meanings. Anyway, thank you for your nice reply. 2016-02-16 8:48 GMT+08:00 Rich Wales : > >> Hi all, I am very curious about the prefix number of the configuration >> filename, such as 10-auth.conf .... What are those meanings of 10,15,20 >> and 90 ? > > The configuration files are read and processed according to the sorting > order of their names. Adding the numeric prefixes allows the order in > which the files are processed to be determined independently of their names. > > So, in this case, the config files with names starting with 10 are read > first (i.e., 10-director.conf is processed first). If the number > prefixes weren't there, then the "acl.conf" file would be processed > first (instead of near the end). > > It matters what order the configuration files are processed in because > later files can override parameters set by earlier files. > > Rich Wales > richw at richw.org -- Best Regards, Dogz From skdovecot at smail.inf.fh-brs.de Tue Feb 16 10:52:27 2016 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Tue, 16 Feb 2016 11:52:27 +0100 (CET) Subject: more than 6000 subfolders in the same level In-Reply-To: <185c8211069d1a59112873ef6fa8c685.squirrel@mail2.postbox.xyz> References: <185c8211069d1a59112873ef6fa8c685.squirrel@mail2.postbox.xyz> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Mon, 15 Feb 2016, Chris wrote: > On the local ext4-filesystem the nested IMAP subfolders will all be in the > same directory: > > /var/vmail/public/folder1 > /var/vmail/public/folder1.subfolder1a > /var/vmail/public/folder1.subfolder1b > ... > > Is this possible without any performance issues? Would it be better to use > "real" subfolders with / as separator? Is / separator for public namespace ext4 should handle it fine. You did not deactivated any default feature: dir_index Use hashed b-trees to speed up lookups for large directories. > and . for private namespace possible? No, I don't think so. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVsL/a3z1H7kL/d9rAQK24QgAvBmWzMrTGyw4Y7vvBy/bMh6PrAbFzTrZ mkdY/6srWIezH2XItkgmuRoa5xqWSg2mqb1IVAXWreHqdhjbrvmow+b55Y5wNKU6 g1BbXn1aRpi3H088wbVvhfW6UNv2L2lZNO37GJwaiUKM7vCZNCU80KLZOvrjJUG4 NMRqtiidlhfP8mD93z0cP/jfzxqtTRKFlrhX4nt+8oPMCNHk+Tkggr5M3ycgmNXc Rja3Amz4mCWHxIirvYYFOFnmUn4bWtGjCVXih9TNH13WhStJ7HrxbhLKYGlJ0mat uOifmF2rx0b8Fa9k8DtVs4km/Xg/8POHe6JMF0DJ/Qjsv2fI16m2fA== =QLER -----END PGP SIGNATURE----- From whats_up at gmx.net Mon Feb 15 13:08:12 2016 From: whats_up at gmx.net (whats_up at gmx.net) Date: Mon, 15 Feb 2016 14:08:12 +0100 Subject: sieve: store string list in varable In-Reply-To: <56BDDBBF.6000209@rename-it.nl> References: <56BDDBBF.6000209@rename-it.nl> Message-ID: <20160215140812.363ccbcf@poseidon> > This is one of those omissions in the Sieve standard. There is no way > to have string list variables. ok. I want to check if the sender of a mail is in a list and then forward the mail to the list. Is there an alternative way without repeating the list? From stephan at rename-it.nl Wed Feb 17 01:14:51 2016 From: stephan at rename-it.nl (Stephan Bosch) Date: Wed, 17 Feb 2016 02:14:51 +0100 Subject: sieve: store string list in varable In-Reply-To: <20160215140812.363ccbcf@poseidon> References: <56BDDBBF.6000209@rename-it.nl> <20160215140812.363ccbcf@poseidon> Message-ID: <56C3C98B.9050404@rename-it.nl> Op 2/15/2016 om 2:08 PM schreef whats_up at gmx.net: >> This is one of those omissions in the Sieve standard. There is no way >> to have string list variables. > ok. I want to check if the sender of a mail is in a list and then > forward the mail to the list. Is there an alternative way without > repeating the list? This extension could provide some relief for your problem: https://tools.ietf.org/html/rfc6134 But it is not currently implemented. There isn't anything else unfortunately... Regards, Stephan. From alessio at skye.it Wed Feb 17 08:49:47 2016 From: alessio at skye.it (Alessio Cecchi) Date: Wed, 17 Feb 2016 09:49:47 +0100 Subject: How to understand NFS lookup (requests) spike? Message-ID: <56C4342B.5010400@skye.it> Hi, I'm are running a classic Dovecot setup: About ten thousand connected users mailbox in Maildir format shared via NFS (NetApp) Director for POP/IMAP Delivery via Dovecot LDA All works fine but sometimes I see a spike on the load of POP/IMAP servers and high disk usage (close to 100%) on NFS NetApp. When this happens on NFS stats (of POP/IMAP) I can see an high volume of "lookup, remove, rename" requests. Example (avg is during normal load, max is request number during the spike): Lookup avg 100 max 700 Remove avg 50 max 300 Rename avg 50 max 300 Getattr avg 200 max 250 Total NFS avg 600 max 1800 I think that some users are doing some kinds of "intensive" operations on their mailbox but what and who? I am currently using "iotop" to monitor the activity of individual users but I can't figure out who is causing the high number of I/O requests. Have you any suggestions? Thanks -- Alessio Cecchi Postmaster @ http://www.qboxmail.it https://www.linkedin.com/in/alessice From moseleymark at gmail.com Wed Feb 17 17:03:25 2016 From: moseleymark at gmail.com (Mark Moseley) Date: Wed, 17 Feb 2016 09:03:25 -0800 Subject: How to understand NFS lookup (requests) spike? In-Reply-To: <56C4342B.5010400@skye.it> References: <56C4342B.5010400@skye.it> Message-ID: On Wed, Feb 17, 2016 at 12:49 AM, Alessio Cecchi wrote: > Hi, I'm are running a classic Dovecot setup: > > About ten thousand connected users > mailbox in Maildir format shared via NFS (NetApp) > Director for POP/IMAP > Delivery via Dovecot LDA > > All works fine but sometimes I see a spike on the load of POP/IMAP servers > and high disk usage (close to 100%) on NFS NetApp. > > When this happens on NFS stats (of POP/IMAP) I can see an high volume of > "lookup, remove, rename" requests. > > Example (avg is during normal load, max is request number during the > spike): > > Lookup avg 100 max 700 > Remove avg 50 max 300 > Rename avg 50 max 300 > Getattr avg 200 max 250 > Total NFS avg 600 max 1800 > > I think that some users are doing some kinds of "intensive" operations on > their mailbox but what and who? > > I am currently using "iotop" to monitor the activity of individual users > but I can't figure out who is causing the high number of I/O requests. > > > One suggestions is that I'd walk those directories and see if someone has a mailbox with 100k files in it. From hughbragg at dodo.com.au Wed Feb 17 17:23:20 2016 From: hughbragg at dodo.com.au (Hugh Bragg) Date: Thu, 18 Feb 2016 03:23:20 +1000 Subject: shared folders not working with . separator Message-ID: <56C4AC88.605@dodo.com.au> Hi, I've been trying this for weeks and never managed to get my mail client to see shared folders. Apparently imap_acl works fine as I can see these entries in the dovecot-acl-list files and the correct entries persist in the client. This is my first dovecot setup so I hope I've configured it right. Everything else works beautifully, thanks. # dovecot -n # 2.2.21 (5345f22): /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.11 (6ddf62b87f60+) # OS: Linux 4.3.5-300.fc23.x86_64 x86_64 Fedora release 23 (Twenty Three) auth_mechanisms = plain login auth_socket_path = /var/run/dovecot/auth-userdb imap_client_workarounds = tb-extra-mailbox-sep listen = * log_path = /var/log/dovecot.log mail_access_groups = mail, vmail mail_home = /var/mail/vmail/%d/%n mail_location = maildir:~/mail mail_plugins = virtual, acl managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart mbox_write_locks = fcntl namespace { location = virtual:/var/mail/vhosts/%d/%n/virtual prefix = virtual. separator = . } namespace { list = children location = maildir:/var/mail/vhosts/%%d/%%n/mail:INDEX=/var/mail/vhosts/%d/%n/shared/%%u:CONTROL=/var/mail/vhosts/%d/%n/shared/%%u prefix = shared.%%u. separator = . subscriptions = yes type = shared } namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } mailbox virtual/All { comment = All my messages special_use = \All } mailbox virtual/Flagged { comment = All my flagged messages special_use = \Flagged } prefix = } passdb { args = scheme=PLAIN username_format=%u /etc/dovecot/dovecot-users driver = passwd-file } plugin { acl = vfile acl_shared_dict = file:/var/mail/vhosts/shared-mailboxes.db sieve = ~/.dovecot.sieve sieve_dir = ~/sieve sieve_global_dir = /var/mail/vhosts/sieve-global } protocols = imap lmtp sieve service auth-worker { user = vmail } service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } unix_listener auth-userdb { group = vmail mode = 0660 user = vmail } } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 0 ssl = yes } } service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0600 user = postfix } } service managesieve-login { inet_listener sieve { port = 4190 } } service pop3-login { inet_listener pop3 { port = 0 } inet_listener pop3s { port = 0 } } ssl = required ssl_cert = / >/What purpose does vpopmail serve that dovecot alone does not? Isn't it > just an ancient leftover from historic qmail times? qmail and vpopmail are still quite prominent on the Internet. I see no reason to change my setup at the moment. Possibly I could re-architect to read user info directly from mysql but that would not help with the fact that dovecot then likely read or write as the wrong userid on the system (since mailboxes are virtual). Have recreated the same issue (sans mysql) on another vpopmail system. Regardless, it is a bug. From my process list: 25813 vpopmail 20 0 26468 4984 4016 R 0.7 0.0 0:00.02 imap 26730 vpopmail 20 0 28332 5940 4212 S 0.7 0.0 0:00.06 imap For certain, imap being ANY other user than root means that the /var/run/dovecot/imap-* sockets would be unwritable. From terrydop at gmail.com Wed Feb 17 18:08:55 2016 From: terrydop at gmail.com (Terry Barnum) Date: Wed, 17 Feb 2016 10:08:55 -0800 Subject: doveadm backup to local drive In-Reply-To: <9242BF20-6F1A-402E-9A5D-A49BA2098ED8@gmail.com> References: <9242BF20-6F1A-402E-9A5D-A49BA2098ED8@gmail.com> Message-ID: > On Feb 15, 2016, at 11:43 AM, Terry Barnum wrote: > > I'm trying to get doveadm to backup all users to a local drive without any luck. > > $ sudo doveadm backup -A /Volumes/mail_bak/mailstore_backup/ > Error: User listing returned failure > doveadm: Error: Failed to iterate through some users > > The doveadm-backup man page has the instruction to make sure the iterate query matches the database layout but I'm not sure what that means. > > If the user_query in dovecot-sql.conf.ext looks like this, what should the iterate_query look like? > > user_query = \ > SELECT '/opt/local/virtual/%d/%n/mail' as home, \ > 'maildir:/opt/local/virtual/%d/%n/mail' as mail, 501 as uid, \ > 501 as gid, concat("*:storage=", quota) AS quota \ > FROM mailbox WHERE username = "%u" AND active = "1" > > # Query to get a list of all usernames. > iterate_query = SELECT username AS user FROM users I didn't see my original email show up on the mailing list so I'm resending. To recap, is it possible to backup all users to a local drive with doveadm? Thanks, -Terry Terry Barnum digital OutPost Carlsbad, CA http://www.dop.com 800/464-6434 From chris2014 at postbox.xyz Wed Feb 17 19:09:03 2016 From: chris2014 at postbox.xyz (Chris) Date: Wed, 17 Feb 2016 20:09:03 +0100 Subject: edit ACL files Message-ID: Dear All, is it possible to edit ACL files regularly with an editor or is there any reason to use doveadm? - Chris From chris2014 at postbox.xyz Wed Feb 17 19:22:38 2016 From: chris2014 at postbox.xyz (Chris) Date: Wed, 17 Feb 2016 20:22:38 +0100 Subject: shared folders not working with . separator In-Reply-To: <56C4AC88.605@dodo.com.au> References: <56C4AC88.605@dodo.com.au> Message-ID: <21db9f0e260d5224cddbd420b5afd295.squirrel@mail2.postbox.xyz> Hugh Bragg wrote: > I've been trying this for weeks and never managed to get my mail client > to see shared folders. > Apparently imap_acl works fine as I can see these entries in the > dovecot-acl-list files and the correct entries persist in the client. > This is my first dovecot setup so I hope I've configured it right. > Everything else works beautifully, thanks. Are they shown with telnet? e.g. http://www.anta.net/misc/telnet-troubleshooting/imap.shtml From rs at sys4.de Wed Feb 17 19:59:09 2016 From: rs at sys4.de (Robert Schetterer) Date: Wed, 17 Feb 2016 20:59:09 +0100 Subject: edit ACL files In-Reply-To: References: Message-ID: <56C4D10D.6060801@sys4.de> Am 17.02.2016 um 20:09 schrieb Chris: > Dear All, > > is it possible to edit ACL files regularly with an editor or is there any > reason to use doveadm? > > - Chris > webmailers have acl imap guis , such as Horde/imp you can also use Thunderbird https://addons.mozilla.org/de/thunderbird/addon/imap-acl-extension/ doveadm is a multi admin tool for dovecot which covers many complex tasks Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein From rplatel at tucows.com Wed Feb 17 20:30:48 2016 From: rplatel at tucows.com (Richard Platel) Date: Wed, 17 Feb 2016 15:30:48 -0500 Subject: dovecot Digest, Vol 154, Issue 14 In-Reply-To: References: Message-ID: Thanks, Hajo This mostly works, but we can?t seem to send an arbitrary mailbox name with UserDB, we have to initialize it in the config: "namespace/inbox/mailbox=Junk namespace/inbox/mailbox/Junk/name"="Spam" seems to initialize the folder somehow so that the subsequent "namespace/inbox/mailbox/Junk/auto"="subscribe" and "namespace/inbox/mailbox/Junk/special_use"="\Junk" have something to act upon. (the first line doesn't work quite properly, however - it ends up causing a folder named "" to show up) we've noticed that if we set a very minimal config for the mailbox in the main config (that wouldn't cause the mailbox to be autocreated), that this also initializes the folder name allowing for subsequent auto and subscribe directives to be processed for it: namespace inbox { inbox = yes mailbox "Spam" { auto = no } } is there some userdb response that will simply initialize the folder (without doing any name remapping) in the same way that the above config lines do? we have tried a few things based off Hajo's first line, but nothing we guess at seems to do the trick. ie: "namespace/inbox/mailbox"="Spam" "namespace/inbox/mailbox=Spam"=?Spam" > > ------------------------------ > > Message: 2 > Date: Tue, 9 Feb 2016 23:33:53 +0100 > From: Hajo Locke > To: dovecot at dovecot.org > Subject: Re: Per-user special folder? > Message-ID: <56BA6951.8010000 at gmx.de> > Content-Type: text/plain; charset=windows-1252; format=flowed > > Hello, > > Am 09.02.2016 um 22:28 schrieb Richard Platel: >> Hi >> >> It's possible to mark some folders as special use for IMAP in the config like: >> >> namespace inbox { >> mailbox Spam { >> special_use = \Junk >> } >> } >> >> >> Our webmail allows users to use an arbitrary folder for Spam, and we have this settings and we'd like to return it in from our UserDB (which is a custom dict proxy). >> >> For testing were able to set a namespace parameter like "separator" by returning: >> "namespace/inbox/separator" : "=", >> >> from UserDB, but can't figure out a way to set mailbox settings, >> >> "namespace/inbox/mailbox Spam/special_use" : "\Junk", for example doesn't work. >> >> Is there a way to return this setting from a UserDB query? >> > we use this a lot with userdb to allow individual folders marked as special. > your userbd-query should return something like this: > > namespace/inbox/mailbox=Junk namespace/inbox/mailbox/Junk/name=Spam > namespace/inbox/mailbox/Junk/auto=subscribe > namespace/inbox/mailbox/Junk/special_use=\Junk > Spam is visible name in this case. > > Hajo From hughbragg at dodo.com.au Thu Feb 18 03:45:08 2016 From: hughbragg at dodo.com.au (Hugh Bragg) Date: Thu, 18 Feb 2016 13:45:08 +1000 Subject: shared folders not working with . separator In-Reply-To: <21db9f0e260d5224cddbd420b5afd295.squirrel@mail2.postbox.xyz> References: <56C4AC88.605@dodo.com.au> <21db9f0e260d5224cddbd420b5afd295.squirrel@mail2.postbox.xyz> Message-ID: <56C53E44.1010403@dodo.com.au> On 18/02/2016 5:22 AM, Chris wrote: > Hugh Bragg wrote: >> I've been trying this for weeks and never managed to get my mail client >> to see shared folders. >> Apparently imap_acl works fine as I can see these entries in the >> dovecot-acl-list files and the correct entries persist in the client. >> This is my first dovecot setup so I hope I've configured it right. >> Everything else works beautifully, thanks. > Are they shown with telnet? e.g. > > http://www.anta.net/misc/telnet-troubleshooting/imap.shtml Absolutely nothing for shared only the usual. Very frustrating. From hughbragg at dodo.com.au Thu Feb 18 05:26:56 2016 From: hughbragg at dodo.com.au (Hugh Bragg) Date: Thu, 18 Feb 2016 15:26:56 +1000 Subject: shared folders not working with . separator In-Reply-To: <56C53E44.1010403@dodo.com.au> References: <56C4AC88.605@dodo.com.au> <21db9f0e260d5224cddbd420b5afd295.squirrel@mail2.postbox.xyz> <56C53E44.1010403@dodo.com.au> Message-ID: <56C55620.4050807@dodo.com.au> On 18/02/2016 1:45 PM, Hugh Bragg wrote: > On 18/02/2016 5:22 AM, Chris wrote: >> Hugh Bragg wrote: >>> I've been trying this for weeks and never managed to get my mail client >>> to see shared folders. >>> Apparently imap_acl works fine as I can see these entries in the >>> dovecot-acl-list files and the correct entries persist in the client. >>> This is my first dovecot setup so I hope I've configured it right. >>> Everything else works beautifully, thanks. >> Are they shown with telnet? e.g. >> >> http://www.anta.net/misc/telnet-troubleshooting/imap.shtml > Absolutely nothing for shared only the usual. Very frustrating. Nothing listed for shared with doveadm either: doveadm mailbox list -u Should I file a bug report? From ml+dovecot at valo.at Thu Feb 18 07:15:42 2016 From: ml+dovecot at valo.at (Christian Kivalo) Date: Thu, 18 Feb 2016 08:15:42 +0100 Subject: shared folders not working with . separator In-Reply-To: <56C4AC88.605@dodo.com.au> References: <56C4AC88.605@dodo.com.au> Message-ID: <381e6613e6c8260c5d108751f3134cb7@valo.at> On 2016-02-17 18:23, Hugh Bragg wrote: > Hi, > > I've been trying this for weeks and never managed to get my mail client > to see shared folders. > Apparently imap_acl works fine as I can see these entries in the > dovecot-acl-list files and the correct entries persist in the client. > This is my first dovecot setup so I hope I've configured it right. > Everything else works beautifully, thanks. What client do you use? Are there folders shared from user1 to user2? what does dovecadm acl get -u -m shared..mailbox show? doveadm debug -u user2 -m shared..mailbox Whats in your logs? Enable debug log and look for errors. > # dovecot -n > # 2.2.21 (5345f22): /etc/dovecot/dovecot.conf > # Pigeonhole version 0.4.11 (6ddf62b87f60+) > # OS: Linux 4.3.5-300.fc23.x86_64 x86_64 Fedora release 23 (Twenty > Three) > auth_mechanisms = plain login > auth_socket_path = /var/run/dovecot/auth-userdb > imap_client_workarounds = tb-extra-mailbox-sep > listen = * > log_path = /var/log/dovecot.log > mail_access_groups = mail, vmail > mail_home = /var/mail/vmail/%d/%n > mail_location = maildir:~/mail > mail_plugins = virtual, acl > managesieve_notify_capability = mailto > managesieve_sieve_capability = fileinto reject envelope > encoded-character vacation subaddress comparator-i;ascii-numeric > relational regex imap4flags copy include variables body enotify > environment mailbox date index ihave duplicate mime foreverypart > mbox_write_locks = fcntl > namespace { > location = virtual:/var/mail/vhosts/%d/%n/virtual > prefix = virtual. > separator = . > } > namespace { > list = children > location = > maildir:/var/mail/vhosts/%%d/%%n/mail:INDEX=/var/mail/vhosts/%d/%n/shared/%%u:CONTROL=/var/mail/vhosts/%d/%n/shared/%%u > prefix = shared.%%u. > separator = . > subscriptions = yes > type = shared > } According to http://wiki2.dovecot.org/SharedMailboxes/Shared the "list = Children" hides the namespace from the imap list command, if there is no folder shared to the user. Try to set list = yes that should show the shared namespace in the imap list. Also scroll down to shared mailbox listing, you should setup a dict so that dovecot knows which folders are shared. > namespace inbox { > inbox = yes > location = > mailbox Drafts { > special_use = \Drafts > } > mailbox Junk { > special_use = \Junk > } > mailbox Sent { > special_use = \Sent > } > mailbox "Sent Messages" { > special_use = \Sent > } > mailbox Trash { > special_use = \Trash > } > mailbox virtual/All { > comment = All my messages > special_use = \All > } > mailbox virtual/Flagged { > comment = All my flagged messages > special_use = \Flagged > } I have my virtual mailboxes configuration in the virtual namespace { } section, not in the general inbox namespace. > prefix = > } > passdb { > args = scheme=PLAIN username_format=%u /etc/dovecot/dovecot-users > driver = passwd-file > } > plugin { > acl = vfile > acl_shared_dict = file:/var/mail/vhosts/shared-mailboxes.db > sieve = ~/.dovecot.sieve > sieve_dir = ~/sieve > sieve_global_dir = /var/mail/vhosts/sieve-global > } > protocols = imap lmtp sieve > service auth-worker { > user = vmail > } > service auth { > unix_listener /var/spool/postfix/private/auth { > group = postfix > mode = 0660 > user = postfix > } > unix_listener auth-userdb { > group = vmail > mode = 0660 > user = vmail > } > } > service imap-login { > inet_listener imap { > port = 143 > } > inet_listener imaps { > port = 0 > ssl = yes > } > } > service lmtp { > unix_listener /var/spool/postfix/private/dovecot-lmtp { > group = postfix > mode = 0600 > user = postfix > } > } > service managesieve-login { > inet_listener sieve { > port = 4190 > } > } > service pop3-login { > inet_listener pop3 { > port = 0 > } > inet_listener pop3s { > port = 0 > } > } > ssl = required > ssl_cert = ssl_cipher_list = PROFILE=SYSTEM > ssl_key = userdb { > args = uid=vmail gid=vmail home=/var/mail/vhosts/%d/%n > driver = static > } > protocol lmtp { > mail_plugins = virtual, acl , sieve > } > protocol lda { > mail_plugins = virtual, acl , sieve > } > protocol imap { > mail_plugins = virtual, acl , imap_acl > } -- Christian Kivalo From skdovecot at smail.inf.fh-brs.de Thu Feb 18 08:03:37 2016 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Thu, 18 Feb 2016 09:03:37 +0100 (CET) Subject: shared folders not working with . separator In-Reply-To: <56C4AC88.605@dodo.com.au> References: <56C4AC88.605@dodo.com.au> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 18 Feb 2016, Hugh Bragg wrote: > namespace { > location = virtual:/var/mail/vhosts/%d/%n/virtual > prefix = virtual. > separator = . > } > namespace { > list = children > location = > maildir:/var/mail/vhosts/%%d/%%n/mail:INDEX=/var/mail/vhosts/%d/%n/shared/%%u:CONTROL=/var/mail/vhosts/%d/%n/shared/%%u > prefix = shared.%%u. > separator = . > subscriptions = yes > type = shared > } you have two namespaces with the same name, put some string before the {'s. > namespace inbox { like here. === Then check out the advices of Christian & Chris (telnet) as well - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVsV62Xz1H7kL/d9rAQKirwf+IvDtS2sbdJczMdzo3j95SWj/qAk6G+Rg X0vBCYK4z1KKabSLU+eDqS/FfW+pSRqaUlKa/XYdwzGCR1B3s0zFUd1K2Brtagd4 knDSVTCTQz3L4bcxEriZ6N9zvFKWFR5FQzUV5sq7ObhY24cNyUk4kFSU8LGZVjVz pxZ1V+TyjhI76EjxoxTDdTEVHYuGkSFRgomyGYDcQ8scVW22mL5H8RaXvS+TNJac tp04E8ibCn4zzm0ui7RRhFuzfOJ8z2rMFe+7RTTMstkzEAp9CegRgtcA545n3gga X2hR/rFGeNGtAElD6UM3cd2VsuWskbnbK8EF3gZwx4YAHmVGFRguAw== =D7Vs -----END PGP SIGNATURE----- From skdovecot at smail.inf.fh-brs.de Thu Feb 18 08:11:26 2016 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Thu, 18 Feb 2016 09:11:26 +0100 (CET) Subject: dovecot Digest, Vol 154, Issue 14 In-Reply-To: References: Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, 17 Feb 2016, Richard Platel wrote: > "namespace/inbox/mailbox=Junk namespace/inbox/mailbox/Junk/name"="Spam" > seems to initialize the folder somehow so that the subsequent > "namespace/inbox/mailbox/Junk/auto"="subscribe" > and > "namespace/inbox/mailbox/Junk/special_use"="\Junk" > have something to act upon. > > (the first line doesn't work quite properly, however - it ends up > causing a folder named "" to show up) > > we've noticed that if we set a very minimal config for the mailbox in > the main config (that wouldn't cause the mailbox to be autocreated), > that this also initializes the folder name allowing for subsequent auto > and subscribe directives to be processed for it: > namespace inbox { > inbox = yes > mailbox "Spam" { > auto = no > } > } you separate each part with /'s, IMHO: namespace/inbox/inbox=yes namespace/inbox/mailbox/Spam/auto=no BUT I recall something, that you cannot have "NO" or "FALSE" for boolean values in ExtraFields. If the option is present, it is treated as "yes", regardless of the value. Maybe that changed in current version of Dovecot. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVsV8rnz1H7kL/d9rAQJL4wgAkpQWZvqKzl/EeZV1YliUOcGx8OVlHRu0 BERMvVWvp3bzA5gIenPognWPgvMTluxv+EkaD1jVJBFPUZs4VsyIYWkloGo+oW9C injAV9k0fwiAHTLXFBF3HsjTxzpUzH1BUszAhbhqQkYewIQkSzLOTiq/lVher2cR aRa+5BYA1tFCooWbGJfMY8QPRnjqHjqqsaF4nDsFHXMWyDmb/ivzWogTff1l8cey bmj0x+oRCmhddv2VM+reWGirHtVtaF51rC4n/DaY0V6BdBluzdGAT9Hg5FkbZIbA O732U5pL6MdqNIht5BOz/7vsgTnu9fVosMERc8fc1SE04mPFbb7M4w== =jfBe -----END PGP SIGNATURE----- From skdovecot at smail.inf.fh-brs.de Thu Feb 18 08:16:59 2016 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Thu, 18 Feb 2016 09:16:59 +0100 (CET) Subject: dovecot Digest, Vol 154, Issue 14 In-Reply-To: References: Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 18 Feb 2016, Steffen Kaiser wrote: > On Wed, 17 Feb 2016, Richard Platel wrote: > >> "namespace/inbox/mailbox=Junk namespace/inbox/mailbox/Junk/name"="Spam" >> seems to initialize the folder somehow so that the subsequent >> "namespace/inbox/mailbox/Junk/auto"="subscribe" >> and >> "namespace/inbox/mailbox/Junk/special_use"="\Junk" >> have something to act upon. >> >> (the first line doesn't work quite properly, however - it ends up >> causing a folder named "" to show up) >> >> we've noticed that if we set a very minimal config for the mailbox in >> the main config (that wouldn't cause the mailbox to be autocreated), >> that this also initializes the folder name allowing for subsequent auto >> and subscribe directives to be processed for it: >> namespace inbox { >> inbox = yes >> mailbox "Spam" { >> auto = no >> } >> } > > you separate each part with /'s, IMHO: > > namespace/inbox/inbox=yes > namespace/inbox/mailbox/Spam/auto=no > > BUT I recall something, that you cannot have "NO" or "FALSE" for boolean > values in ExtraFields. If the option is present, it is treated as "yes", > regardless of the value. > Maybe that changed in current version of Dovecot. Hmm, it's documented for passwd ExtraFields, but not for UserDB's: http://wiki2.dovecot.org/PasswordDatabase/ExtraFields http://wiki2.dovecot.org/UserDatabase/ExtraFields - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVsV9+3z1H7kL/d9rAQIfjgf8CdD6x+vyaNpAlYZI+b6YO2Z9V7YuwtEz NOhIoQaNuwRSVM770vM24mh+Tt3pYJ69tw8SaX4gNCYVt0XdVsGJL0UKAEv28MvP /3PXPw4Kb4VfGEP8GBNuw8642qCRZQSBswl+TnFccJodEZprun5b2NvLGXbXZ39R 0iZFxdTmx0d026fzyA/YyUPQGwfeu+jtdTHFMCmuqJQA6tDQ5xxjb9hYXCFIgPM9 4b1S0Zz7xYyH/ZcqktQATcDhkl8R+ZKfck/jV6+humDEu6iSqLGaeQt2J8UOi2xe AGFrE4xkRWSCRlnF45oxDr6m6YOEM9MtVVsV6lGpXWQDRkWvMXWmWw== =teiW -----END PGP SIGNATURE----- From hughbragg at dodo.com.au Thu Feb 18 14:21:15 2016 From: hughbragg at dodo.com.au (Hugh Bragg) Date: Fri, 19 Feb 2016 00:21:15 +1000 Subject: shared folders not working with . separator In-Reply-To: References: <56C4AC88.605@dodo.com.au> Message-ID: <56C5D35B.4090406@dodo.com.au> Thanks, this helped. I added namespace virtual and removed the virtual references from inbox namespace and added list = yes so now I can see shared folder in the client. There's still nothing in there though. I followed Christian's advice, debug shows this very strange behaviour. doveadm acl debug -u user1 at domain1.com.au shared.user2 at domain2.com.au doveadm(user1 at domain1.com.au): Error: Mailbox 'com.au' in namespace 'shared.user2 at domain2.' doesn't exist in /var/mail/vhosts/domain2/user2/mail/.com.au There are no errors in the log. This looks like a bug. I was seeing this before I got the shared folder working when I saw dovecot had created these extra folders and added dovecot-acl-list file there. I suppose if I'd used the / separator, this would work fine, but there was nothing about this on the wiki so I didn't expect this. Hugh On 18/02/2016 6:03 PM, Steffen Kaiser wrote: > On Thu, 18 Feb 2016, Hugh Bragg wrote: > > > namespace { > > location = virtual:/var/mail/vhosts/%d/%n/virtual > > prefix = virtual. > > separator = . > > } > > namespace { > > list = children > > location = > > > maildir:/var/mail/vhosts/%%d/%%n/mail:INDEX=/var/mail/vhosts/%d/%n/shared/%%u:CONTROL=/var/mail/vhosts/%d/%n/shared/%%u > > prefix = shared.%%u. > > separator = . > > subscriptions = yes > > type = shared > > } > > you have two namespaces with the same name, put some string before the > {'s. > > > namespace inbox { > > like here. > > === > > Then check out the advices of Christian & Chris (telnet) as well > > -- Steffen Kaiser From ml+dovecot at valo.at Thu Feb 18 16:14:52 2016 From: ml+dovecot at valo.at (Christian Kivalo) Date: Thu, 18 Feb 2016 17:14:52 +0100 Subject: shared folders not working with . separator In-Reply-To: <56C5D35B.4090406@dodo.com.au> References: <56C4AC88.605@dodo.com.au> <56C5D35B.4090406@dodo.com.au> Message-ID: On 2016-02-18 15:21, Hugh Bragg wrote: > Thanks, this helped. > I added namespace virtual and removed the virtual references from inbox > namespace and added list = yes so now I can see shared folder in the > client. > There's still nothing in there though. > > I followed Christian's advice, debug shows this very strange behaviour. > doveadm acl debug -u user1 at domain1.com.au shared.user2 at domain2.com.au > doveadm(user1 at domain1.com.au): Error: Mailbox 'com.au' in namespace > 'shared.user2 at domain2.' doesn't exist in > /var/mail/vhosts/domain2/user2/mail/.com.au > There are no errors in the log. You will probably run into problems with your unsernames containing "." and have the separator set to ".". Take a look at this (very) old thread from the mailinglist, that's the same problem http://www.dovecot.org/list/dovecot/2011-January/056135.html And as mentioned by Timo here http://www.dovecot.org/list/dovecot/2011-January/056149.html > In any case having '.' both in usernames and as hierarchy separator > just > isn't going to work. I switched from system users to virtual users with my last server migration and changed separator from "." to "/" just because of this. It could be that auth_username_translation can help. Look in 10-auth.conf for an explanation for that setting. I haven't tested it though. > This looks like a bug. I was seeing this before I got the shared folder > working when I saw dovecot had created these extra folders and added > dovecot-acl-list file there. > I suppose if I'd used the / separator, this would work fine, but there > was nothing about this on the wiki so I didn't expect this. You could also use "/" as separator for the shared namespace and the "." for the other namespaces. As it's not working anyway there should be no problems with your MUAs. -- Christian Kivalo From chris2014 at postbox.xyz Thu Feb 18 16:54:40 2016 From: chris2014 at postbox.xyz (Chris) Date: Thu, 18 Feb 2016 17:54:40 +0100 Subject: edit ACL files In-Reply-To: <56C4D10D.6060801@sys4.de> References: <56C4D10D.6060801@sys4.de> Message-ID: <38554e89e006e95adce60c6a8e10620e.squirrel@mail2.postbox.xyz> Robert Schetterer wrote: > Am 17.02.2016 um 20:09 schrieb Chris: >> is it possible to edit ACL files regularly with an editor or is there >> any >> reason to use doveadm? >> > > webmailers have acl imap guis , such as Horde/imp > doveadm is a multi admin tool for dovecot which covers many complex tasks Sorry, my question was unclear. I'd like to use a script to set ACLs. Is it better to call doveadm or can I write / modify the acl-files directly? - Chris From rs at sys4.de Thu Feb 18 17:15:19 2016 From: rs at sys4.de (Robert Schetterer) Date: Thu, 18 Feb 2016 18:15:19 +0100 Subject: edit ACL files In-Reply-To: <38554e89e006e95adce60c6a8e10620e.squirrel@mail2.postbox.xyz> References: <56C4D10D.6060801@sys4.de> <38554e89e006e95adce60c6a8e10620e.squirrel@mail2.postbox.xyz> Message-ID: <56C5FC27.1040505@sys4.de> Am 18.02.2016 um 17:54 schrieb Chris: > Robert Schetterer wrote: >> Am 17.02.2016 um 20:09 schrieb Chris: >>> is it possible to edit ACL files regularly with an editor or is there >>> any >>> reason to use doveadm? >>> >> >> webmailers have acl imap guis , such as Horde/imp >> doveadm is a multi admin tool for dovecot which covers many complex tasks > > Sorry, my question was unclear. > > I'd like to use a script to set ACLs. Is it better to call doveadm or can > I write / modify the acl-files directly? > > - Chris > hm read http://wiki2.dovecot.org/Tools/Doveadm/ACL and http://wiki.dovecot.org/ACL decide what fits better in your usecase long time ago i modified acl files via cron directly but i think more clean way is to use doveadm cause it may give additional warnings and fits better to all kind of mailbox type setups Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein From hughbragg at dodo.com.au Thu Feb 18 21:20:39 2016 From: hughbragg at dodo.com.au (Hugh Bragg) Date: Fri, 19 Feb 2016 07:20:39 +1000 Subject: shared folders not working with . separator In-Reply-To: References: <56C4AC88.605@dodo.com.au> <56C5D35B.4090406@dodo.com.au> Message-ID: <56C635A7.5030408@dodo.com.au> On 19/02/2016 2:14 AM, Christian Kivalo wrote: > On 2016-02-18 15:21, Hugh Bragg wrote: >> Thanks, this helped. >> I added namespace virtual and removed the virtual references from inbox >> namespace and added list = yes so now I can see shared folder in the >> client. >> There's still nothing in there though. >> >> I followed Christian's advice, debug shows this very strange behaviour. >> doveadm acl debug -u user1 at domain1.com.au shared.user2 at domain2.com.au >> doveadm(user1 at domain1.com.au): Error: Mailbox 'com.au' in namespace >> 'shared.user2 at domain2.' doesn't exist in >> /var/mail/vhosts/domain2/user2/mail/.com.au >> There are no errors in the log. > You will probably run into problems with your unsernames containing > "." and have the separator set to ".". > > Take a look at this (very) old thread from the mailinglist, that's the > same problem > http://www.dovecot.org/list/dovecot/2011-January/056135.html > > And as mentioned by Timo here > http://www.dovecot.org/list/dovecot/2011-January/056149.html >> In any case having '.' both in usernames and as hierarchy separator just >> isn't going to work. > > I switched from system users to virtual users with my last server > migration and changed separator from "." to "/" just because of this. > > It could be that auth_username_translation can help. Look in > 10-auth.conf for an explanation for that setting. I haven't tested it > though. > >> This looks like a bug. I was seeing this before I got the shared folder >> working when I saw dovecot had created these extra folders and added >> dovecot-acl-list file there. >> I suppose if I'd used the / separator, this would work fine, but there >> was nothing about this on the wiki so I didn't expect this. > > You could also use "/" as separator for the shared namespace and the > "." for the other namespaces. As it's not working anyway there should > be no problems with your MUAs. > That auth_username_translation looks dodgy. When I read those threads before, I though the problem was confined to usernames. Surely there should be some sort of documentation on this to prevent people wasting countless hours trying it. The wiki documentation recommends using . separator for Maildir++ because it's native imap. I still think this is a bug. For some reason virtual handles it with no problem, but shared falls in a heap. To me it looks like %% and % are interpreted differently. depending on the namespace type. Surely, maildir:/var/mail/vhosts/%%d/%%n/mail:INDEX=/var/mail/vhosts/%d/%n/shared/%%u is no harder to translate than virtual:/var/mail/vhosts/%d/%n/virtual should I file a bug report? I'm not confident changing the separator to /. I have a lot of mails imported with the . separator and I'm worried something will get lost. - Hugh From chris2014 at postbox.xyz Fri Feb 19 00:12:12 2016 From: chris2014 at postbox.xyz (Chris) Date: Fri, 19 Feb 2016 01:12:12 +0100 Subject: Maildir++ and fs-layout Message-ID: <01dec55a84ce41dba017e113d1665db2.squirrel@mail2.postbox.xyz> Dear All, can I use Maildir++ Layout for private namespace and fs-layout for public namespace on the same server, provided that the hierarchy separator is the same (.)? Are all parts of dovecot (especially deliver, sieve and lmtp) compatible with fs-layout? Are there any restrictions I have to obey? - Chris From troeder at univention.de Fri Feb 19 07:10:04 2016 From: troeder at univention.de (=?UTF-8?Q?Daniel_Tr=c3=b6der?=) Date: Fri, 19 Feb 2016 08:10:04 +0100 Subject: edit ACL files In-Reply-To: References: Message-ID: <56C6BFCC.7070702@univention.de> On 02/17/2016 08:09 PM, Chris wrote: > is it possible to edit ACL files regularly with an editor or is there any > reason to use doveadm? It may be possible, but I'd not recommend it from a general point of view (without knowing the internals of Dovecot). It is like using the internal objects in a library - not the API - when programming: While it may work with a certain version of the software, it may stop working in the next version. It could also be, that the software uses (or in a future version starts using) caching mechanisms, that render your changes invalid. The API you can safely use is the command line program doveadm. If you use one of its internal data structures (ACL files), then your software may not be sustainable in the long term. Greetings Daniel -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: OpenPGP digital signature URL: From skdovecot at smail.inf.fh-brs.de Fri Feb 19 07:21:10 2016 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Fri, 19 Feb 2016 08:21:10 +0100 (CET) Subject: edit ACL files In-Reply-To: <56C5FC27.1040505@sys4.de> References: <56C4D10D.6060801@sys4.de> <38554e89e006e95adce60c6a8e10620e.squirrel@mail2.postbox.xyz> <56C5FC27.1040505@sys4.de> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 18 Feb 2016, Robert Schetterer wrote: > Am 18.02.2016 um 17:54 schrieb Chris: >> I'd like to use a script to set ACLs. Is it better to call doveadm or can >> I write / modify the acl-files directly? > > read > > http://wiki2.dovecot.org/Tools/Doveadm/ACL > long time ago i modified acl files via cron directly > but i think more clean way is to use doveadm cause > it may give additional warnings and fits better to all kind of mailbox > type setups That's my experience, too. If you change the acl files directly, it can happen, this change does not take effect in some time, because Dovecot never inspects the file, e.g. nobody accesses the mailbox. doveadm worked great for me, although it requires more scripting, if you change the ACLs of a whole account etc.pp. But if such script is done once, it fits for all kind of setups as Robert already pointed out. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVsbCZnz1H7kL/d9rAQKzPwf/aoLg3HaJO7MPqGsVIibozedXBPbNtaBB wTmII4HUnBrcGa0VfOEIHgsZlL5pBMbOxF3jY5d2UOgGDXyXYO/NpaMMu1hxU9t4 Wehc/XVsoz+NirkfaF0zudJ7OVvkvOjV0RBek/BhGcy9OcXNXClOQsJo01FimS0A QgZyj3p2RUasc0Rp66QdNViSeZB0uCOP22Vul2/C8EN5SCWb4qIQJYlgqgT8kxh2 Togca9Vlux1rdoCnJVi2QcjAKLOKV9exmMJNqcI94WNHIjqS8VNNOROXU+c7zZgX Y3P8XMtwyl2/XzgSD4jPtvqZnHUXvp7CGBPv0IrtT/oCGzxcXAeCPw== =VFvx -----END PGP SIGNATURE----- From skdovecot at smail.inf.fh-brs.de Fri Feb 19 07:25:54 2016 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Fri, 19 Feb 2016 08:25:54 +0100 (CET) Subject: Maildir++ and fs-layout In-Reply-To: <01dec55a84ce41dba017e113d1665db2.squirrel@mail2.postbox.xyz> References: <01dec55a84ce41dba017e113d1665db2.squirrel@mail2.postbox.xyz> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, 19 Feb 2016, Chris wrote: > can I use Maildir++ Layout for private namespace and fs-layout for public > namespace on the same server, provided that the hierarchy separator is the > same (.)? As far as I know you can intermix storage types just fine. > Are all parts of dovecot (especially deliver, sieve and lmtp) compatible > with fs-layout? Are there any restrictions I have to obey? If you stick with Dovecot tools, incl. doveadm, you have no problems. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVsbDgnz1H7kL/d9rAQI96AgAwgy3oVGeiAfcF6bARJTl/xYUY3KlN2lc 15Kk0zRUvXN3YKEskWTshF/Hgv32+0ew3nyc3UdiDdijKtYA+EvNiUzbBtC/ZPzd PKCtKlRDQsHd51pmMxsK/Esk3jcNKfVJgLVCnN9ac/RtRGNXvM4weLWE4gNMhy7o 9NnKlhTvYMkix+BS8oe9Xbey4uZi+XsMSeaYPWveLulUvAMtHTHVXaG0y1Dh53nF NcGBmvhhm1nr5+3VuFZQw7h58DMiXsHQ+b0lR2oy9JyvAhHTwgTLoWkaVH9HGNti zO/9Iy1nPWqLsJisZnz8AyGR3ZNybdUWxIfL3wOw2Db53yuCtqHF3g== =5wqw -----END PGP SIGNATURE----- From skdovecot at smail.inf.fh-brs.de Fri Feb 19 07:41:15 2016 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Fri, 19 Feb 2016 08:41:15 +0100 (CET) Subject: Automatically inferring %d on multi-domain virtual install ? In-Reply-To: <20160212192550.GR16357@HEDWIG.INI.CMU.EDU> References: <20160212192550.GR16357@HEDWIG.INI.CMU.EDU> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, 12 Feb 2016, Gabriel L. Somlo wrote: > I'm trying to allow domain-less logins for a multi-domain virtual IMAP > server, and wondering if I can automatically infer the domain (value of > variable %d) from the local IP (%l) or the hostname used by the client > when connecting to my server. > > Let's say I have two host names: mail.foo.org (10.0.0.100) and > mail.bar.com (10.0.0.200), with forward and reverse DNS configured to > resolve A and PTR records in either direction. > > Let's also say I have 10.0.0.100 and 10.0.0.200 set up as secondaries > on my server's loopback interface, and routing is set up to bring client > traffic to me for both of those IP addresses. Hm, it should be possible like so: 1) keep the file you have now as 2nd passdb, in order to let your users login like now from anywhere > user1 at foo.org:{PLAIN}user1foo 2) from this file create another passwd-file with ExtraField via script / cron jobs, that defines user1 at 10.0.0.100:{PLAIN}user1foo:::::user=user1 at foo.org see http://wiki2.dovecot.org/PasswordDatabase/ExtraFields Maybe allow_nets could limit the clients further. Then add another passdb section pointing to that file using username_format=%n@%l http://wiki2.dovecot.org/AuthDatabase/PasswdFile That will map domain-less logins to full mail addresses, which in turn sets %d, too. > > The relevant bits of my dovecot.conf are: > > ---%<------------------------------------------------------------------ > mail_location = maildir:/var/lib/vmail/%d/%n > passdb { > driver = passwd-file > args = /var/lib/vmail/etc/postfix/userdb > } > userdb { > driver = static > args = uid=dovenull gid=dovenull home=/var/lib/vmail/%d/%n > } > ---%<------------------------------------------------------------------ > > And my userdb passwd-file right now includes: > > ---%<------------------------------------------------------------------ > user1 at foo.org:{PLAIN}user1foo > user2 at foo.org:{PLAIN}user2foo > user1 at bar.com:{PLAIN}user1bar > user2 at bar.com:{PLAIN}user2bar > ---%<------------------------------------------------------------------ > > Right now, user1 at foo.org must configure their imap client like so: > > IMAP server: mail.foo.org > username: user1 at foo.org > password: user1foo > > I would like to require this (and other) users to only have to set: > > IMAP server: mail.foo.org > username: user1 > password: ... > > and have dovecot somehow infer the "@foo.org" domain based on the fact > that the connection was made to 10.0.0.100, which is mail.foo.org, and > therefore the domain can *only* be "@foo.org". > > I could start out by splitting my user database into two files: > > userdb.foo.org > ---%<------------------------------------------------------------------ > user1:{PLAIN}user1foo > user2:{PLAIN}user2foo > ---%<------------------------------------------------------------------ > > userdb.bar.com > ---%<------------------------------------------------------------------ > user1:{PLAIN}user1bar > user2:{PLAIN}user2bar > ---%<------------------------------------------------------------------ > > ... then modify dovecot.conf's passdb setup like so: > > ---%<------------------------------------------------------------------ > passdb { > driver = passwd-file > args = /var/lib/vmail/etc/postfix/userdb.%d > } > ---%<------------------------------------------------------------------ > > ... but how would I insure that %d is set to the proper value based > on e.g. a reverse lookup of %l, which, in foo.org's case would be > 10.0.0.100, and resolve to mail.foo.org, and *somehow* that would > match %d == "@foo.org" ? > > Is this even possible in the first place, or am I just being too fussy > about the aesthetics of my users' imap client config files ? :) :) > > Thanks much, > --Gabriel > - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVsbHG3z1H7kL/d9rAQLzRggAoBVJDWXDakkqLD+Gye/9KjHvfcIFkf+5 u3W7ZlPSvyePaAM8u0TDnIPJ15aeyO6XZbTTqB9iKQXzluCusvhNOUl14nVO4CjW gJASzpo1Kc9moWW7sWXTF/MCO+O4zVSBtJWdVmJch80hQT8LJxG3jU45FJAd1Jj3 j+Rso5vEtH3Qw8i1cePaRc6FpDQ+7wboUI53OVjSKJGXbsyK5MXJFhoyvOo8UnvU KdbyFoGkYR4n3zaSrkwof6TrRqqgcGA2TUyeQIS8j+ArhDpi7ilOU6x904KK7LoE Ff2CzskTaTwEyTW1DZgJzLPc38PzMv9PX7QNUhdPHLFnYrhrutOfww== =CFD6 -----END PGP SIGNATURE----- From hughbragg at dodo.com.au Fri Feb 19 08:51:36 2016 From: hughbragg at dodo.com.au (Hugh Bragg) Date: Fri, 19 Feb 2016 18:51:36 +1000 Subject: Bug Report: %% variables not expanded properly with shared namespace using . as separator Message-ID: <56C6D798.3020203@dodo.com.au> I think this is a bug. I'd expect that location %% variables are translated the same way % variables are interpreted, but apparently this isn't the case. virtual folders work fine, but my shared folders fail because of the . in the domain name. What I get is the following: # doveadm acl debug -u user1 at domain1.com.au shared.user2 at domain2.com.au doveadm(user1 at domain1.com.au): Error: Mailbox 'com.au' in namespace 'shared.user2 at domain2.' doesn't exist in /var/mail/vhosts/domain2/user2/mail/.com.au I know there is a similar report for usernames, but these should be interpreted at the top level and not inside the maildir. I hope this is enough info. Let me know if I can supply any further information. Hugh Here is my config: # dovecot -n # 2.2.21 (5345f22): /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.11 (6ddf62b87f60+) # OS: Linux 4.3.5-300.fc23.x86_64 x86_64 Fedora release 23 (Twenty Three) auth_mechanisms = plain login auth_socket_path = /var/run/dovecot/auth-userdb imap_client_workarounds = tb-extra-mailbox-sep listen = * log_path = /var/log/dovecot.log mail_access_groups = mail, vmail mail_home = /var/mail/vmail/%d/%n mail_location = maildir:~/mail mail_plugins = virtual, acl managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart mbox_write_locks = fcntl namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } namespace others { list = children location = maildir:/var/mail/vhosts/%%d/%%n/mail:INDEX=/var/mail/vhosts/%d/%n/shared/%%u prefix = shared.%%u. separator = . subscriptions = yes type = shared } namespace virtual { location = virtual:/var/mail/vhosts/%d/%n/virtual prefix = virtual. separator = . } passdb { args = scheme=PLAIN username_format=%u /etc/dovecot/dovecot-users driver = passwd-file } plugin { acl = vfile acl_shared_dict = file:/var/mail/vhosts/shared-mailboxes.db sieve = ~/.dovecot.sieve sieve_dir = ~/sieve sieve_global_dir = /var/mail/vhosts/sieve-global } protocols = imap lmtp sieve service auth-worker { user = vmail } service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } unix_listener auth-userdb { group = vmail mode = 0660 user = vmail } } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 0 ssl = yes } } service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0600 user = postfix } } service managesieve-login { inet_listener sieve { port = 4190 } } service pop3-login { inet_listener pop3 { port = 0 } inet_listener pop3s { port = 0 } } ssl = required ssl_cert = References: <56C6D798.3020203@dodo.com.au> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, 19 Feb 2016, Hugh Bragg wrote: > Subject: Bug Report: %% variables not expanded properly with shared namespace > using . as separator > > I think this is a bug. > I'd expect that location %% variables are translated the same way % > variables are interpreted, but apparently this isn't the case. > virtual folders work fine, but my shared folders fail because of the . > in the domain name. > What I get is the following: > > # doveadm acl debug -u user1 at domain1.com.au shared.user2 at domain2.com.au > doveadm(user1 at domain1.com.au): Error: Mailbox 'com.au' in namespace > 'shared.user2 at domain2.' doesn't exist in > /var/mail/vhosts/domain2/user2/mail/.com.au > namespace others { > list = children > location = > maildir:/var/mail/vhosts/%%d/%%n/mail:INDEX=/var/mail/vhosts/%d/%n/shared/%%u > prefix = shared.%%u. The mailbox Trash of user user1 at domain1.com.au would spell as IMAP token: shared.user1 at domain1.com.au.Trash Because . is the hierarchie separator, Dovecot must break the string at the 2nd ., because it cannot determine which dot comes from a domain name and which is a separator. You need another hierarchie separator for all your namespaces. http://wiki2.dovecot.org/Namespaces?highlight=%28separator%29 "IMAP clients, Sieve scripts and many parts of Dovecot configuration use the configured separator when referring to mailboxes. This means that if you change the separator, you may break things." Meaning e.g. the fileinto in Sieve scripts need to use the other separator, too. > separator = . > subscriptions = yes > type = shared > } > namespace virtual { > location = virtual:/var/mail/vhosts/%d/%n/virtual > prefix = virtual. > separator = . > } > passdb { > args = scheme=PLAIN username_format=%u /etc/dovecot/dovecot-users > driver = passwd-file > } > plugin { > acl = vfile > acl_shared_dict = file:/var/mail/vhosts/shared-mailboxes.db > sieve = ~/.dovecot.sieve > sieve_dir = ~/sieve > sieve_global_dir = /var/mail/vhosts/sieve-global > } > protocols = imap lmtp sieve > service auth-worker { > user = vmail > } > service auth { > unix_listener /var/spool/postfix/private/auth { > group = postfix > mode = 0660 > user = postfix > } > unix_listener auth-userdb { > group = vmail > mode = 0660 > user = vmail > } > } > service imap-login { > inet_listener imap { > port = 143 > } > inet_listener imaps { > port = 0 > ssl = yes > } > } > service lmtp { > unix_listener /var/spool/postfix/private/dovecot-lmtp { > group = postfix > mode = 0600 > user = postfix > } > } > service managesieve-login { > inet_listener sieve { > port = 4190 > } > } > service pop3-login { > inet_listener pop3 { > port = 0 > } > inet_listener pop3s { > port = 0 > } > } > ssl = required > ssl_cert = ssl_cipher_list = PROFILE=SYSTEM > ssl_key = userdb { > args = uid=vmail gid=vmail home=/var/mail/vhosts/%d/%n > driver = static > } > protocol lmtp { > mail_plugins = virtual, acl , sieve > } > protocol lda { > mail_plugins = virtual, acl , sieve > } > protocol imap { > mail_plugins = virtual, acl , imap_acl > } > - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVsbp6Xz1H7kL/d9rAQJumAf/YtIXGM1t4WalzhrjP5azXEDXa1twsRdY hHTycmmUpsmXlMS4Ol3kT3u/YpEBk/VMMqPay8gMuKD9rQ69wAqH9xIt47mWfwFG NsBGbDeoCePFmdtZ+nix2RkWApNL3JDONIF0UtpUHvFj7QJrW+jqVExdBeXdijGv rkbUr8fZl+4AM8m6CG07opTgxcgF6mFlakNe022uYSJdvH7UUY/fjJE/n+pj6lQ4 FUJ2RKSJWflJif8Klfs91iHJ9X4RVloY/WNJj52HWkthSgz3Xc9O1GTM8D1U24ZG rZHkdDtkryC709NKqWJqnQt3ejQ1KP7mGy7zY2we+wkv8SdajbagQA== =dNkH -----END PGP SIGNATURE----- From hughbragg at dodo.com.au Fri Feb 19 13:38:05 2016 From: hughbragg at dodo.com.au (Hugh Bragg) Date: Fri, 19 Feb 2016 23:38:05 +1000 Subject: Bug Report: %% variables not expanded properly with shared namespace using . as separator In-Reply-To: References: <56C6D798.3020203@dodo.com.au> Message-ID: <56C71ABC.6010804@dodo.com.au> On 19/02/2016 8:09 PM, Steffen Kaiser wrote: > On Fri, 19 Feb 2016, Hugh Bragg wrote: > > > Subject: Bug Report: %% variables not expanded properly with shared > namespace > > using . as separator > > > I think this is a bug. > > I'd expect that location %% variables are translated the same way % > > variables are interpreted, but apparently this isn't the case. > > virtual folders work fine, but my shared folders fail because of the . > > in the domain name. > > What I get is the following: > > > # doveadm acl debug -u user1 at domain1.com.au shared.user2 at domain2.com.au > > doveadm(user1 at domain1.com.au): Error: Mailbox 'com.au' in namespace > > 'shared.user2 at domain2.' doesn't exist in > > /var/mail/vhosts/domain2/user2/mail/.com.au > > > namespace others { > > list = children > > location = > > > maildir:/var/mail/vhosts/%%d/%%n/mail:INDEX=/var/mail/vhosts/%d/%n/shared/%%u > > prefix = shared.%%u. > > The mailbox Trash of user user1 at domain1.com.au would spell as IMAP token: > > shared.user1 at domain1.com.au.Trash > > Because . is the hierarchie separator, Dovecot must break the string > at the 2nd ., because it cannot determine which dot comes from a > domain name and which is a separator. > That's much is clear and that's the issue. The Virtual can achieve this, so why don't these plugins use the mail_home, mail_location, %% variable which are used to create the string? It looks like when the string representing the mailbox if constructed, all the information is available, but that the plugin doesn't use this and parses the string again. I suppose the virtual plugin handles this differently. I can't tell if it's a sequencing issue or and configuration access problem. > -- Steffen Kaiser - Hugh From toooode at gmail.com Fri Feb 19 14:33:45 2016 From: toooode at gmail.com (Toooode) Date: Fri, 19 Feb 2016 15:33:45 +0100 Subject: RPMs for Fedora and RHEL/CentOS Message-ID: Hi Link on http://www.dovecot.org/download.html for RPMs for Fedora and RHEL/CentOS is not working. It seams that atrpms repo is dead for some time now Can you please update this and suggest me alternative trusted repo with newest dovecot packages for RHEL/CentOS? Thank you From bra at fsn.hu Fri Feb 19 15:12:17 2016 From: bra at fsn.hu (Nagy, Attila) Date: Fri, 19 Feb 2016 16:12:17 +0100 Subject: imapc tries to fetch uid 0 Message-ID: <56C730D1.30703@fsn.hu> Hi, This is a capture from an imapc client session (which is triggered by a message, received via LMTP): * OK [CAPABILITY IMAP4rev1 NAMESPACE] Ready 2 LOGIN "uid" "pass" 2 OK LOGIN succeeded 1 LIST "" "" * LIST (\Noselect) "/" "" 1 OK LIST completed 3 APPEND "INBOX" {568} + Ready for 568 octets of data [...] 3 OK APPEND complete 4 EXAMINE "INBOX" * FLAGS (\Answered \Flagged \Deleted \Seen \Draft) * OK [PERMANENTFLAGS (\Answered \Flagged \Deleted \Seen \Draft \*)] Flags permitted. * 4 EXISTS * 0 RECENT * OK [UIDVALIDITY 1455885804] * OK [UIDNEXT 5] 4 OK [READ-ONLY] EXAMINE successful 5 UID FETCH 0 (RFC822.SIZE BODY.PEEK[HEADER.FIELDS (Message-ID)]) 5 BAD Illegal syntax: Bad message number 0 Dovecot 2.2.21 I don't see any problems with the conversation otherwise. Is it safe to assume this is a bug in imapc? From jeff at xamarin.com Fri Feb 19 15:16:25 2016 From: jeff at xamarin.com (Jeff Stedfast) Date: Fri, 19 Feb 2016 10:16:25 -0500 Subject: imapc tries to fetch uid 0 In-Reply-To: <56C730D1.30703@fsn.hu> References: <56C730D1.30703@fsn.hu> Message-ID: Yes, this is a bug in imapc. A UID of 0 is not even allowed by the standards. Nor does there appear to be anything in the logs that suggest that Dovecot is telling imapc that a message with UID 0 exists. Hope that helps, Jeff On Fri, Feb 19, 2016 at 10:12 AM, Nagy, Attila wrote: > Hi, > > This is a capture from an imapc client session (which is triggered by a > message, received via LMTP): > * OK [CAPABILITY IMAP4rev1 NAMESPACE] Ready > 2 LOGIN "uid" "pass" > 2 OK LOGIN succeeded > 1 LIST "" "" > * LIST (\Noselect) "/" "" > 1 OK LIST completed > 3 APPEND "INBOX" {568} > + Ready for 568 octets of data > [...] > 3 OK APPEND complete > 4 EXAMINE "INBOX" > * FLAGS (\Answered \Flagged \Deleted \Seen \Draft) > * OK [PERMANENTFLAGS (\Answered \Flagged \Deleted \Seen \Draft \*)] Flags > permitted. > * 4 EXISTS > * 0 RECENT > * OK [UIDVALIDITY 1455885804] > * OK [UIDNEXT 5] > 4 OK [READ-ONLY] EXAMINE successful > 5 UID FETCH 0 (RFC822.SIZE BODY.PEEK[HEADER.FIELDS (Message-ID)]) > 5 BAD Illegal syntax: Bad message number 0 > > Dovecot 2.2.21 > > I don't see any problems with the conversation otherwise. Is it safe to > assume this is a bug in imapc? > From ad+lists at uni-x.org Fri Feb 19 16:58:20 2016 From: ad+lists at uni-x.org (Alexander Dalloz) Date: Fri, 19 Feb 2016 17:58:20 +0100 Subject: RPMs for Fedora and RHEL/CentOS In-Reply-To: References: Message-ID: <56C749AC.3080704@uni-x.org> Am 19.02.2016 um 15:33 schrieb Toooode: > Hi > > Link on http://www.dovecot.org/download.html for RPMs for Fedora and > RHEL/CentOS is not working. > It seams that atrpms repo is dead for some time now Dovecot and Open-Xchange have merged some while ago. https://software.open-xchange.com/products/dovecot/doc/Dovecot-EE-repository-and-object-storage-installation-manual_v1.9.pdf > Can you please update this and suggest me alternative trusted repo with > newest dovecot packages for RHEL/CentOS? I am pretty happy with the ghettoforge repository. http://ghettoforge.org/index.php/Main_Page Peter Ajamian maintains the dovecot package and always is pretty up to date when new releases appear. Don't be confused: dovecot is available through gf-plus as dovecot22 packages to prevent collisions with what RHEL / CentOS provide as their dovecot package. Latest sits still in gf-testing but can be moved to gf-plus as it's properly packaged and installs and runs fine. > Thank you Alexander From michael.seevogel at ddnetservice.de Fri Feb 19 16:50:25 2016 From: michael.seevogel at ddnetservice.de (Michael Seevogel) Date: Fri, 19 Feb 2016 17:50:25 +0100 Subject: RPMs for Fedora and RHEL/CentOS In-Reply-To: References: Message-ID: <56C747D1.4040404@ddnetservice.de> Am 19.02.2016 um 15:33 schrieb Toooode: > Hi > > Link on http://www.dovecot.org/download.html for RPMs for Fedora and > RHEL/CentOS is not working. > It seams that atrpms repo is dead for some time now > > Can you please update this and suggest me alternative trusted repo with > newest dovecot packages for RHEL/CentOS? > I am currently not aware of any trustable and public community repository with the newest Dovecot versions for CentOS 5/6/7 However, if you want to support Dovecot development then you may should get a subscription of Dovecot and if you don't want to pay anything, then you'll still have the possibility to build a RPM of Dovecot yourself. Just head over to http://koji.fedoraproject.org/koji/search?order=-id&terms=dovecot%&type=build&match=glob and get from there your prefered src.rpm and rebuild it for CentOS 7. Best regards Michael Seevogel From gsomlo at gmail.com Fri Feb 19 21:10:38 2016 From: gsomlo at gmail.com (Gabriel L. Somlo) Date: Fri, 19 Feb 2016 16:10:38 -0500 Subject: Automatically inferring %d on multi-domain virtual install ? In-Reply-To: References: <20160212192550.GR16357@HEDWIG.INI.CMU.EDU> Message-ID: <20160219211037.GB16357@HEDWIG.INI.CMU.EDU> On Fri, Feb 19, 2016 at 08:41:15AM +0100, Steffen Kaiser wrote: > >I'm trying to allow domain-less logins for a multi-domain virtual IMAP > >server, and wondering if I can automatically infer the domain (value of > >variable %d) from the local IP (%l) or the hostname used by the client > >when connecting to my server. > > > >Let's say I have two host names: mail.foo.org (10.0.0.100) and > >mail.bar.com (10.0.0.200), with forward and reverse DNS configured to > >resolve A and PTR records in either direction. > > > >Let's also say I have 10.0.0.100 and 10.0.0.200 set up as secondaries > >on my server's loopback interface, and routing is set up to bring client > >traffic to me for both of those IP addresses. > > Hm, it should be possible like so: > > 1) keep the file you have now as 2nd passdb, in order to let your users > login like now from anywhere > > >user1 at foo.org:{PLAIN}user1foo > > 2) from this file create another passwd-file with ExtraField via script / > cron jobs, that defines > > user1 at 10.0.0.100:{PLAIN}user1foo:::::user=user1 at foo.org > > see http://wiki2.dovecot.org/PasswordDatabase/ExtraFields > > Maybe allow_nets could limit the clients further. > > Then add another passdb section pointing to that file using > username_format=%n@%l > > http://wiki2.dovecot.org/AuthDatabase/PasswdFile > > That will map domain-less logins to full mail addresses, which in turn sets > %d, too. That *almost* worked :) I now have passdb { driver = passwd-file args = username_format=%n@%l /var/lib/topgen/etc/postfix/users } pointing to a "users" file with entries such as user1 at 10.0.0.100:{PLAIN}user1foo:::::user=user1 at foo.org The only trouble is, %d does not get set; I get new "user1" and "user2" folders created directly under /var/lib/vmail/, which indicates the %d portion is equal to the empty string. I also tried user1 at 111.0.10.10:{PLAIN}tartans1:::::domain=foo.org which the PasswordDatabase wiki page says should override %d, but still no luck... Thanks for the pointer though, now that I read the relevant bits of documentation it feels like I'm really close, and this *should* work. I'm still either missing something, or tickling a bug (probably the former :) Thanks, --Gabriel > > > > >The relevant bits of my dovecot.conf are: > > > >---%<------------------------------------------------------------------ > >mail_location = maildir:/var/lib/vmail/%d/%n > >passdb { > > driver = passwd-file > > args = /var/lib/vmail/etc/postfix/userdb > >} > >userdb { > > driver = static > > args = uid=dovenull gid=dovenull home=/var/lib/vmail/%d/%n > >} > >---%<------------------------------------------------------------------ > > > >And my userdb passwd-file right now includes: > > > >---%<------------------------------------------------------------------ > >user1 at foo.org:{PLAIN}user1foo > >user2 at foo.org:{PLAIN}user2foo > >user1 at bar.com:{PLAIN}user1bar > >user2 at bar.com:{PLAIN}user2bar > >---%<------------------------------------------------------------------ > > > >Right now, user1 at foo.org must configure their imap client like so: > > > > IMAP server: mail.foo.org > > username: user1 at foo.org > > password: user1foo > > > >I would like to require this (and other) users to only have to set: > > > > IMAP server: mail.foo.org > > username: user1 > > password: ... > > > >and have dovecot somehow infer the "@foo.org" domain based on the fact > >that the connection was made to 10.0.0.100, which is mail.foo.org, and > >therefore the domain can *only* be "@foo.org". > > > >I could start out by splitting my user database into two files: > > > >userdb.foo.org > >---%<------------------------------------------------------------------ > >user1:{PLAIN}user1foo > >user2:{PLAIN}user2foo > >---%<------------------------------------------------------------------ > > > >userdb.bar.com > >---%<------------------------------------------------------------------ > >user1:{PLAIN}user1bar > >user2:{PLAIN}user2bar > >---%<------------------------------------------------------------------ > > > >... then modify dovecot.conf's passdb setup like so: > > > >---%<------------------------------------------------------------------ > >passdb { > > driver = passwd-file > > args = /var/lib/vmail/etc/postfix/userdb.%d > >} > >---%<------------------------------------------------------------------ > > > >... but how would I insure that %d is set to the proper value based > >on e.g. a reverse lookup of %l, which, in foo.org's case would be > >10.0.0.100, and resolve to mail.foo.org, and *somehow* that would > >match %d == "@foo.org" ? > > > >Is this even possible in the first place, or am I just being too fussy > >about the aesthetics of my users' imap client config files ? :) :) > > > >Thanks much, > >--Gabriel > > > > - -- Steffen Kaiser > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1 > > iQEVAwUBVsbHG3z1H7kL/d9rAQLzRggAoBVJDWXDakkqLD+Gye/9KjHvfcIFkf+5 > u3W7ZlPSvyePaAM8u0TDnIPJ15aeyO6XZbTTqB9iKQXzluCusvhNOUl14nVO4CjW > gJASzpo1Kc9moWW7sWXTF/MCO+O4zVSBtJWdVmJch80hQT8LJxG3jU45FJAd1Jj3 > j+Rso5vEtH3Qw8i1cePaRc6FpDQ+7wboUI53OVjSKJGXbsyK5MXJFhoyvOo8UnvU > KdbyFoGkYR4n3zaSrkwof6TrRqqgcGA2TUyeQIS8j+ArhDpi7ilOU6x904KK7LoE > Ff2CzskTaTwEyTW1DZgJzLPc38PzMv9PX7QNUhdPHLFnYrhrutOfww== > =CFD6 > -----END PGP SIGNATURE----- From toooode at gmail.com Fri Feb 19 22:08:35 2016 From: toooode at gmail.com (Deton) Date: Fri, 19 Feb 2016 23:08:35 +0100 Subject: RPMs for Fedora and RHEL/CentOS In-Reply-To: <56C747D1.4040404@ddnetservice.de> References: <56C747D1.4040404@ddnetservice.de> Message-ID: <56C79263.4080105@gmail.com> Hi Michael, thx for suggestion. Yeah, it would be cool just to rebuild Fedora package for RHEL 7, but unfortunately I need dovecot for RHEL 6 :\ I found few repos that have newer version, then that in offical repo, but trustworthy is very important here. Thanks On 19.2.2016. 17:50, Michael Seevogel wrote: > > Am 19.02.2016 um 15:33 schrieb Toooode: >> Hi >> >> Link on http://www.dovecot.org/download.html for RPMs for Fedora and >> RHEL/CentOS is not working. >> It seams that atrpms repo is dead for some time now >> >> Can you please update this and suggest me alternative trusted repo with >> newest dovecot packages for RHEL/CentOS? >> > > I am currently not aware of any trustable and public community > repository with the newest Dovecot versions for CentOS 5/6/7 > > However, if you want to support Dovecot development then you may > should get a subscription of Dovecot and if you don't want to pay > anything, then you'll still have the possibility to build a RPM of > Dovecot yourself. > > Just head over to > http://koji.fedoraproject.org/koji/search?order=-id&terms=dovecot%&type=build&match=glob > and get from there your prefered src.rpm and rebuild it for CentOS 7. > > Best regards > Michael Seevogel --- This email has been checked for viruses by Avast antivirus software. https://www.avast.com/antivirus From toooode at gmail.com Fri Feb 19 22:09:37 2016 From: toooode at gmail.com (Deton) Date: Fri, 19 Feb 2016 23:09:37 +0100 Subject: RPMs for Fedora and RHEL/CentOS In-Reply-To: <56C749AC.3080704@uni-x.org> References: <56C749AC.3080704@uni-x.org> Message-ID: <56C792A1.5050405@gmail.com> Hi Alexander, thank you for your suggestion. Ghettoforge repo looks good. I tried it earlier, but saw only 2.2.19 on Plus repo, totaly missed Testing repo and the latest version in it :) Btw, I ran into http://www.city-fan.org/ftp/contrib/yum-repo/ who also have latest dovecot packages, among other things, so I was wondering if you or anyone else knows something about this repo and his maintainers reputation, how trustworthy and reliable is it. Thanks On 19.2.2016. 17:58, Alexander Dalloz wrote: > Am 19.02.2016 um 15:33 schrieb Toooode: >> Hi >> >> Link on http://www.dovecot.org/download.html for RPMs for Fedora and >> RHEL/CentOS is not working. >> It seams that atrpms repo is dead for some time now > > Dovecot and Open-Xchange have merged some while ago. > > https://software.open-xchange.com/products/dovecot/doc/Dovecot-EE-repository-and-object-storage-installation-manual_v1.9.pdf > > >> Can you please update this and suggest me alternative trusted repo with >> newest dovecot packages for RHEL/CentOS? > > I am pretty happy with the ghettoforge repository. > > http://ghettoforge.org/index.php/Main_Page > > Peter Ajamian maintains the dovecot package and always is pretty up to > date when new releases appear. > > Don't be confused: dovecot is available through gf-plus as dovecot22 > packages to prevent collisions with what RHEL / CentOS provide as > their dovecot package. Latest sits still in gf-testing but can be > moved to gf-plus as it's properly packaged and installs and runs fine. > >> Thank you > > Alexander --- This email has been checked for viruses by Avast antivirus software. https://www.avast.com/antivirus From michael.seevogel at ddnetservice.de Sat Feb 20 09:55:29 2016 From: michael.seevogel at ddnetservice.de (Michael Seevogel) Date: Sat, 20 Feb 2016 10:55:29 +0100 Subject: RPMs for Fedora and RHEL/CentOS In-Reply-To: <56C79263.4080105@gmail.com> References: <56C747D1.4040404@ddnetservice.de> <56C79263.4080105@gmail.com> Message-ID: <56C83811.8090901@ddnetservice.de> Am 19.02.2016 um 23:08 schrieb Deton: > Hi Michael, > > thx for suggestion. Yeah, it would be cool just to rebuild Fedora > package for RHEL 7, but unfortunately I need dovecot for RHEL 6 :\ > I found few repos that have newer version, then that in offical repo, > but trustworthy is very important here. > > Thanks > Hi you don't have to worry, because all the Fedora Dovecot src.rpms - to be precise, the spec files - also include RHEL 6 macros and the FC src.rpms also contain init service files, so in general it would be possible to rebuild Dovecot 2.2.21 as a RPM also for RHEL/CentOS 6 and by comparing the ghettoforge src.rpms with FC src.rpms they are looking pretty much identical - well ok, perhaps except some minor rebaseing. So, the only thing - if you should decide to rebuild the FC src.rpm - that you later have to take care of is to alter the ssl_cipher_list value back to RHEL 6/7 defaults or whatever cipher list you desire. Best regards Michael Seevogel From toooode at gmail.com Sat Feb 20 15:25:49 2016 From: toooode at gmail.com (Deton) Date: Sat, 20 Feb 2016 16:25:49 +0100 Subject: RPMs for Fedora and RHEL/CentOS In-Reply-To: <56C83811.8090901@ddnetservice.de> References: <56C747D1.4040404@ddnetservice.de> <56C79263.4080105@gmail.com> <56C83811.8090901@ddnetservice.de> Message-ID: <56C8857D.8020703@gmail.com> On 20.2.2016. 10:55, Michael Seevogel wrote: > Hi > > you don't have to worry, because all the Fedora Dovecot src.rpms - to > be precise, the spec files - also include RHEL 6 macros and the FC > src.rpms also contain init service files, so in general it would be > possible to rebuild Dovecot 2.2.21 as a RPM also for RHEL/CentOS 6 and > by comparing the ghettoforge src.rpms with FC src.rpms they are > looking pretty much identical - well ok, perhaps except some minor > rebaseing. > > So, the only thing - if you should decide to rebuild the FC src.rpm - > that you later have to take care of is to alter the ssl_cipher_list > value back to RHEL 6/7 defaults or whatever cipher list you desire. > > Best regards > Michael Seevogel Hi thx a lot Michael, I will try to play with it a little and try to rebuild it, just to make some comparisons, but at the end I'll probably use the one from Ghetto Thanks --- This email has been checked for viruses by Avast antivirus software. https://www.avast.com/antivirus From aki.tuomi at dovecot.fi Sat Feb 20 16:09:20 2016 From: aki.tuomi at dovecot.fi (aki.tuomi at dovecot.fi) Date: Sat, 20 Feb 2016 18:09:20 +0200 (EET) Subject: New feature: HTTP API Message-ID: <289895264.13993.22ea9490-41a0-4846-81ec-d4706f3bbfc6.open-xchange@appsuite.open-xchange.com> Hi all! We are bringing out HTTP API for doveadm-server in master HEAD. This feature is experimental, and can be expected to have bugs in it and might not always work. If you feel like trying it out though, you can enable it in your configuration file: doveadm_api_key = some-string service doveadm { inet_listener http { port = 8080 } } To use the API, you can go to http://host:8080/doveadm. GET request will print out possible commands, along with their parameters. If you have set API KEY, you need to include it in the request as X-API-Key header. This API has been designed to resemble JMAP API since we are planning to implement it in future version. The rule of thumb is that all the commands work as they would on cli, so the parameters are more or less the same. There are few exceptions, like 'field' parameter in some mail/mailbox commands. Commands are executed by POSTin JSON to /doveadm. The JSON format is [ ["command",{"parameter":"value"},"opaque identifier"], ["command",{"parameter":"value"},"opaque identifier"], ["command",{"parameter":"value"},"opaque identifier"], ... ] Be warned though that even if it supports multiple commands, some commands still use i_fatal to terminate the server if they are unhappy. This will mean you will lose the whole result set, and get no output, so at this point it is safest option to run only one command at a time. If you run into problems or discover issues, please report them in the usual manner to us. Kind regards, Aki Tuomi Dovecot Oy From dovecot at biblestuph.com Sat Feb 20 18:59:19 2016 From: dovecot at biblestuph.com (Dan Ragle) Date: Sat, 20 Feb 2016 13:59:19 -0500 Subject: pigeonhole vnd.dovecot.pipe Message-ID: <56C8B787.701@biblestuph.com> Ok, I have pigeonhole setup on my CentOS 6 box and it's working great; the filters are doing almost everything I want them to. I now find that I'd like to add piping support to pigeonhole scripts, and as I am running CentOS 6 (Dovecot 2.0.9, with pigeonhole 0.2.2) I'm trying to get the vnd.dovecot.pipe extension working. Couldn't find that anywhere in the repos, so went to the source as explained on this page: http://wiki2.dovecot.org/Pigeonhole/Sieve/Plugins/Pipe But I'm not able to get it to work. Here's what I've tried so far: 1.) Installed dovecot-devel-2.0.9 (yum install dovecot-devel) 2.) Downloaded the sieve-pipe source (hg clone http://hg.rename-it.nl/pigeonhole-0.2-sieve-pipe/) 3.) In the new sieve-pipe directory: a.) ./autogen.sh (appeared to go smoothly) b.) ./configure --with-dovecot=/usr/lib64/dovecot --with-pigeonhole=/usr/include/dovecot/sieve (again, ok) c.) make This one failed, complaining that sieve-ext-copy.h was unavailable. Found a copy of the file online at http://www.opensource.apple.com/source/dovecot/dovecot-239/dovecot-pigeonhole/src/lib-sieve/plugins/copy/sieve-ext-copy.h copied it into /usr/include/dovecot/sieve/ and reran the make, this time no errors. d.) make install (no errors) 4.) Added the sieve_plugins = sieve_pipe config into 90-sieve.conf 5.) Restarted dovecot. It complained thus: Starting Dovecot Imap: managesieve: Fatal: opendir(/usr/lib64/dovecot/sieve) failed: No such file or directory doveconf: Error: managesieve-login: dump-capability process returned 89 6.) Looking through the make install output, I noticed that the new libs had been installed in /usr/local/lib/dovecot/sieve. So, cd /usr/lib64/dovecot ln -s /usr/local/lib/dovecot/sieve sieve 7.) Restarted dovecot. This time a different complaint: Starting Dovecot Imap: managesieve: Error: dlopen(/usr/lib64/dovecot/sieve/lib90_sieve_pipe_plugin.so) failed: /usr/lib64/dovecot/sieve/lib90_sieve_pipe_plugin.so: undefined symbol: uni_utf8_to_ucs4_n managesieve: Fatal: Couldn't load required plugins doveconf: Error: managesieve-login: dump-capability process returned 89 And now without digging into code I'm stuck. I'm guessing I have some incompatibility issues. Do I need to be running the 32bit dovecot for this to work? Or is there some other mismatch or misstep I've made along the way? Was I correct in assuming the necessary dovecot-pigeonhole-devel stuph came with the dovecot-devel install? There is no separate dovecot-pigeonhole-devel package in the main repos (the dovecot-pigeonhole package I have loaded is 2.0.9, looks like it was just named to match the corresponding dovecot package. The version appears to be 0.2.2, as it is adding a X-Sieve: Pigeonhole Sieve 0.2.2 header into redirected messages). Thanks! Dan From ad+lists at uni-x.org Sat Feb 20 19:54:56 2016 From: ad+lists at uni-x.org (Alexander Dalloz) Date: Sat, 20 Feb 2016 20:54:56 +0100 Subject: pigeonhole vnd.dovecot.pipe In-Reply-To: <56C8B787.701@biblestuph.com> References: <56C8B787.701@biblestuph.com> Message-ID: <56C8C490.8030709@uni-x.org> Am 20.02.2016 um 19:59 schrieb Dan Ragle: > Ok, I have pigeonhole setup on my CentOS 6 box and it's working great; > the filters are doing almost everything I want them to. Very simple thing: use the dovecot22 package from ghettoforge. Alexander From chris2014 at postbox.xyz Sat Feb 20 21:40:44 2016 From: chris2014 at postbox.xyz (Chris) Date: Sat, 20 Feb 2016 22:40:44 +0100 Subject: Maildir++ and fs-layout In-Reply-To: References: <01dec55a84ce41dba017e113d1665db2.squirrel@mail2.postbox.xyz> Message-ID: <81873f79da70594cd67d64552d5aa87c.squirrel@mail2.postbox.xyz> Thank you. Steffen Kaiser wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Fri, 19 Feb 2016, Chris wrote: > >> can I use Maildir++ Layout for private namespace and fs-layout for >> public >> namespace on the same server, provided that the hierarchy separator is >> the >> same (.)? > > As far as I know you can intermix storage types just fine. > >> Are all parts of dovecot (especially deliver, sieve and lmtp) compatible >> with fs-layout? Are there any restrictions I have to obey? > > If you stick with Dovecot tools, incl. doveadm, you have no problems. > > - -- > Steffen Kaiser > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1 > > iQEVAwUBVsbDgnz1H7kL/d9rAQI96AgAwgy3oVGeiAfcF6bARJTl/xYUY3KlN2lc > 15Kk0zRUvXN3YKEskWTshF/Hgv32+0ew3nyc3UdiDdijKtYA+EvNiUzbBtC/ZPzd > PKCtKlRDQsHd51pmMxsK/Esk3jcNKfVJgLVCnN9ac/RtRGNXvM4weLWE4gNMhy7o > 9NnKlhTvYMkix+BS8oe9Xbey4uZi+XsMSeaYPWveLulUvAMtHTHVXaG0y1Dh53nF > NcGBmvhhm1nr5+3VuFZQw7h58DMiXsHQ+b0lR2oy9JyvAhHTwgTLoWkaVH9HGNti > zO/9Iy1nPWqLsJisZnz8AyGR3ZNybdUWxIfL3wOw2Db53yuCtqHF3g== > =5wqw > -----END PGP SIGNATURE----- > From cstkersh at outlook.com Sun Feb 21 00:50:24 2016 From: cstkersh at outlook.com (Kevin Kershner) Date: Sat, 20 Feb 2016 17:50:24 -0700 Subject: Dovecot Bulletin Message-ID: I'd like to revisit and old post if I may, will/does Dovecot support the old qpopper "Bulletin" ability? Basically I need a simple way of posting bulletins to all domain users. Qpopper maintained a bulletin db for each user and sent them the next bulletin in sequence. Thanks in advance Kevin From tss at iki.fi Sun Feb 21 01:45:48 2016 From: tss at iki.fi (Timo Sirainen) Date: Sun, 21 Feb 2016 03:45:48 +0200 Subject: Streaming MOVE commands In-Reply-To: <84wpq68crq.fsf@cri.ensmp.fr> References: <84wpq68crq.fsf@cri.ensmp.fr> Message-ID: <7068E0DA-AA85-47F4-865C-98495882025D@iki.fi> On 14 Feb 2016, at 06:17, Emilio Jes?s Gallego Arias wrote: > > Dear Dovecot devs, > > is streaming multiple MOVE commands by clients allowed? > > I am getting duplicated messages with the GNUS mail client, the > interchange looks like this: > > *stream two moves to different folders* >> 9019 UID MOVE 4062,4066,4068 "folder0" >> 9020 UID MOVE 4063:4064,4067,4069:4072 "folder1" > *the messages are copied* >> * OK [COPYUID 1424475218 4062,4066,4068 376:378] Moved UIDs. >> * OK [COPYUID 1424475231 4063:4064,4067,4069:4072 26:32] Moved UIDs. > *however expunge fails to clean 4063, 4064, and 4067* >> * VANISHED 4062,4066,4068:4072 > > thus 4063, 4064, and 4067 end both in inbox and folder1 producing > duplicate messages (more details at [1]). > > At the GNUS mailing list, we were wondering about what should be the > correct reading of RFC6851. Thanks, looks like this was broken with Maildir and mbox formats. It also caused expunges in some other situations to be lost. Fixed: https://github.com/dovecot/core/commit/950a6e61d6c2dac961ce031bdd8b2895bc32b827 From tss at iki.fi Sun Feb 21 01:57:55 2016 From: tss at iki.fi (Timo Sirainen) Date: Sun, 21 Feb 2016 03:57:55 +0200 Subject: LMTP proxy does not pass RCPT TO: ... 5xx response back In-Reply-To: <20160211233716.GC30205@jumper.schlittermann.de> References: <20160211233716.GC30205@jumper.schlittermann.de> Message-ID: On 12 Feb 2016, at 01:37, Heiko Schlittermann wrote: > > Hello, > > I'm using dovecot 2.2.9 and a director/backend setup. > On the director I've the LMTP in proxy mode, mapping the users to one of > the backends. > > The backends to quota check and return the OverQuota message already at > RCPT TO time. > > Here is what I typed, connected to the director > > Connection to director1 2525 port [tcp/*] succeeded! > 220 director1.rz.hs-example.de Dovecot (Ubuntu) ready. > LHLO mailhub1.rz.hs-example.de > 250-director1.rz.hs-example.de > 250-8BITMIME > 250-ENHANCEDSTATUSCODES > 250 PIPELINING > MAIL FROM: > 250 2.1.0 OK > RCPT TO: > 250 2.1.5 OK .. > It looks as if the backend tells the director/proxy about the full > mailbox (552 5.2.2 Quota exceeded (mailbox for > user is full)) already before the DATA phase starts, right as the > response to the RCPT TO. > > But the proxy seems to ignore it? Right.. RCPT TO in proxy answers immediately when it has verified that the user exists. It doesn't wait until it has connected to the backend and sent RCPT TO there. I'm also not entirely sure how good of an idea that is if it would, since at least without pipelining it would slow down all the LMTP operations when there are multiple recipients. But then again, if pipelining is used it wouldn't matter, at least in theory. It would require some more coding though. The way it's commonly done in larger environments is that the over-quota is already checked by the MTA and have it fail the RCPT TO. You can have Dovecot update the over-quota flags via quota-warning scripts (and quota_over_script) in whatever way and have the MTA look that up. Then in Dovecot LMTP you could simply disable quota checks. From tss at iki.fi Sun Feb 21 02:14:06 2016 From: tss at iki.fi (Timo Sirainen) Date: Sun, 21 Feb 2016 04:14:06 +0200 Subject: Dovecot Bulletin In-Reply-To: References: Message-ID: On 21 Feb 2016, at 02:50, Kevin Kershner wrote: > > I'd like to revisit and old post if I may, will/does Dovecot support the old > qpopper "Bulletin" ability? > > Basically I need a simple way of posting bulletins to all domain users. > Qpopper maintained a bulletin db for each user and sent them the next > bulletin in sequence. I guess there could be a plugin that does this check on each login. But would it actually be useful? Why would it be better than simply sending the mail to all the users? For example: doveadm save -A < bulletin.txt From tss at iki.fi Sun Feb 21 02:20:07 2016 From: tss at iki.fi (Timo Sirainen) Date: Sun, 21 Feb 2016 04:20:07 +0200 Subject: Automatically inferring %d on multi-domain virtual install ? In-Reply-To: <20160219211037.GB16357@HEDWIG.INI.CMU.EDU> References: <20160212192550.GR16357@HEDWIG.INI.CMU.EDU> <20160219211037.GB16357@HEDWIG.INI.CMU.EDU> Message-ID: How about: passdb { driver = passwd-file args = username_format=%l /etc/dovecot/passwd.domains result_success = continue } passdb { .. the real passdb for authentication .. } Where /etc/dovecot/passwd.domains contains: 10.0.0.100:::::domain=foo.org 10.0.0.101:::::domain=bar.org So the first passdb lookup would set the domain based on IP and then continue for the actual authentication. Or if you don't want it to override an explicit user at domain authentication, this should also work: 10.0.0.100:::::domain:protected=foo.org 10.0.0.101:::::domain:protected=bar.org Not tested, but should work I think. At least with new enough Dovecot versions. > On 19 Feb 2016, at 23:10, Gabriel L. Somlo wrote: > > On Fri, Feb 19, 2016 at 08:41:15AM +0100, Steffen Kaiser wrote: >>> I'm trying to allow domain-less logins for a multi-domain virtual IMAP >>> server, and wondering if I can automatically infer the domain (value of >>> variable %d) from the local IP (%l) or the hostname used by the client >>> when connecting to my server. >>> >>> Let's say I have two host names: mail.foo.org (10.0.0.100) and >>> mail.bar.com (10.0.0.200), with forward and reverse DNS configured to >>> resolve A and PTR records in either direction. >>> >>> Let's also say I have 10.0.0.100 and 10.0.0.200 set up as secondaries >>> on my server's loopback interface, and routing is set up to bring client >>> traffic to me for both of those IP addresses. >> >> Hm, it should be possible like so: >> >> 1) keep the file you have now as 2nd passdb, in order to let your users >> login like now from anywhere >> >>> user1 at foo.org:{PLAIN}user1foo >> >> 2) from this file create another passwd-file with ExtraField via script / >> cron jobs, that defines >> >> user1 at 10.0.0.100:{PLAIN}user1foo:::::user=user1 at foo.org >> >> see http://wiki2.dovecot.org/PasswordDatabase/ExtraFields >> >> Maybe allow_nets could limit the clients further. >> >> Then add another passdb section pointing to that file using >> username_format=%n@%l >> >> http://wiki2.dovecot.org/AuthDatabase/PasswdFile >> >> That will map domain-less logins to full mail addresses, which in turn sets >> %d, too. > > That *almost* worked :) > > I now have > > passdb { > driver = passwd-file > args = username_format=%n@%l /var/lib/topgen/etc/postfix/users > } > > pointing to a "users" file with entries such as > > user1 at 10.0.0.100:{PLAIN}user1foo:::::user=user1 at foo.org > > The only trouble is, %d does not get set; I get new "user1" and > "user2" folders created directly under /var/lib/vmail/, which > indicates the %d portion is equal to the empty string. > > I also tried > > user1 at 111.0.10.10:{PLAIN}tartans1:::::domain=foo.org > > which the PasswordDatabase wiki page says should override %d, but > still no luck... > > Thanks for the pointer though, now that I read the relevant bits of > documentation it feels like I'm really close, and this *should* work. > I'm still either missing something, or tickling a bug (probably the > former :) > > Thanks, > --Gabriel > >> >>> >>> The relevant bits of my dovecot.conf are: >>> >>> ---%<------------------------------------------------------------------ >>> mail_location = maildir:/var/lib/vmail/%d/%n >>> passdb { >>> driver = passwd-file >>> args = /var/lib/vmail/etc/postfix/userdb >>> } >>> userdb { >>> driver = static >>> args = uid=dovenull gid=dovenull home=/var/lib/vmail/%d/%n >>> } >>> ---%<------------------------------------------------------------------ >>> >>> And my userdb passwd-file right now includes: >>> >>> ---%<------------------------------------------------------------------ >>> user1 at foo.org:{PLAIN}user1foo >>> user2 at foo.org:{PLAIN}user2foo >>> user1 at bar.com:{PLAIN}user1bar >>> user2 at bar.com:{PLAIN}user2bar >>> ---%<------------------------------------------------------------------ >>> >>> Right now, user1 at foo.org must configure their imap client like so: >>> >>> IMAP server: mail.foo.org >>> username: user1 at foo.org >>> password: user1foo >>> >>> I would like to require this (and other) users to only have to set: >>> >>> IMAP server: mail.foo.org >>> username: user1 >>> password: ... >>> >>> and have dovecot somehow infer the "@foo.org" domain based on the fact >>> that the connection was made to 10.0.0.100, which is mail.foo.org, and >>> therefore the domain can *only* be "@foo.org". >>> >>> I could start out by splitting my user database into two files: >>> >>> userdb.foo.org >>> ---%<------------------------------------------------------------------ >>> user1:{PLAIN}user1foo >>> user2:{PLAIN}user2foo >>> ---%<------------------------------------------------------------------ >>> >>> userdb.bar.com >>> ---%<------------------------------------------------------------------ >>> user1:{PLAIN}user1bar >>> user2:{PLAIN}user2bar >>> ---%<------------------------------------------------------------------ >>> >>> ... then modify dovecot.conf's passdb setup like so: >>> >>> ---%<------------------------------------------------------------------ >>> passdb { >>> driver = passwd-file >>> args = /var/lib/vmail/etc/postfix/userdb.%d >>> } >>> ---%<------------------------------------------------------------------ >>> >>> ... but how would I insure that %d is set to the proper value based >>> on e.g. a reverse lookup of %l, which, in foo.org's case would be >>> 10.0.0.100, and resolve to mail.foo.org, and *somehow* that would >>> match %d == "@foo.org" ? >>> >>> Is this even possible in the first place, or am I just being too fussy >>> about the aesthetics of my users' imap client config files ? :) :) >>> >>> Thanks much, >>> --Gabriel >>> >> >> - -- Steffen Kaiser >> -----BEGIN PGP SIGNATURE----- >> Version: GnuPG v1 >> >> iQEVAwUBVsbHG3z1H7kL/d9rAQLzRggAoBVJDWXDakkqLD+Gye/9KjHvfcIFkf+5 >> u3W7ZlPSvyePaAM8u0TDnIPJ15aeyO6XZbTTqB9iKQXzluCusvhNOUl14nVO4CjW >> gJASzpo1Kc9moWW7sWXTF/MCO+O4zVSBtJWdVmJch80hQT8LJxG3jU45FJAd1Jj3 >> j+Rso5vEtH3Qw8i1cePaRc6FpDQ+7wboUI53OVjSKJGXbsyK5MXJFhoyvOo8UnvU >> KdbyFoGkYR4n3zaSrkwof6TrRqqgcGA2TUyeQIS8j+ArhDpi7ilOU6x904KK7LoE >> Ff2CzskTaTwEyTW1DZgJzLPc38PzMv9PX7QNUhdPHLFnYrhrutOfww== >> =CFD6 >> -----END PGP SIGNATURE----- From tlx at leuxner.net Sun Feb 21 09:03:15 2016 From: tlx at leuxner.net (Thomas Leuxner) Date: Sun, 21 Feb 2016 10:03:15 +0100 Subject: systemd changes in Git/Debian Auto-Builds Message-ID: <20160221090315.GA54104@nihlus.leuxner.net> Not sure if the issue is limited to the Debian Auto-Builds, but after the latest commits an update of the packages fails: https://github.com/dovecot/core/commit/53cc71cae88ee81fd7eae47aed743496f8c884a2 Feb 21 07:31:22 nihlus dovecot: master: Dovecot v2.2.devel (950a6e6) starting up for imap, lmtp Feb 21 07:31:22 nihlus systemd[1]: PID file /var/run/dovecot/dovecot/master.pid not readable (yet?) after start. The PID-File seems to be expected under yet another sub-dir of /var/run/dovecot. Regards Thomas -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 181 bytes Desc: Digital signature URL: From leon at dexterous.org Sun Feb 21 10:51:21 2016 From: leon at dexterous.org (Leon Kyneur) Date: Sun, 21 Feb 2016 10:51:21 +0000 Subject: Automatically inferring %d on multi-domain virtual install ? In-Reply-To: References: <20160212192550.GR16357@HEDWIG.INI.CMU.EDU> <20160219211037.GB16357@HEDWIG.INI.CMU.EDU> Message-ID: very intrigued by your solution Timo, have attempted something similar in the past to no avail. When I tried I was unable to retain the user at domain when setting the domain as extra field - protected is new to me and can't find documentation - but also doesn't work :( # cat passwd.domains 10.100.1.1:::::::domain:protected=foo.org 10.100.1.2:::::::domain:protected=bar.org # cat imap.passwd user at bar.org:{plain}password:::::: user at foo.org:{plain}password:::::: dovecot.conf: passdb { args = username_format=%l /etc/dovecot/passwd.domains default_fields = nopassword=y driver = passwd-file result_success = continue } passdb { args = scheme=plain-md5 username_format=%u /etc/dovecot/imap.passwd driver = passwd-file } 1. user without domain localip 10.100.1.1 - adds foo.org: # doveadm auth lookup -x lip=10.100.1.1 user passdb: user user : user at foo.org 2. user without domain localip 10.100.1.2 - adds bar.org # doveadm auth lookup -x lip=10.100.1.2 user passdb: user user : user at bar.org 3. user WITH domain bar.org on localip 10.100.1.1 - still adds foo.org??? # doveadm auth lookup -x lip=10.100.1.1 user at bar.org passdb: user at bar.org user : user at foo.org Is the protected suffix supposed protect domain and not change it here? On Sun, Feb 21, 2016 at 1:20 PM Timo Sirainen wrote: > How about: > > passdb { > driver = passwd-file > args = username_format=%l /etc/dovecot/passwd.domains > result_success = continue > } > > passdb { > .. the real passdb for authentication .. > } > > Where /etc/dovecot/passwd.domains contains: > > 10.0.0.100:::::domain=foo.org > 10.0.0.101:::::domain=bar.org > > So the first passdb lookup would set the domain based on IP and then > continue for the actual authentication. Or if you don't want it to override > an explicit user at domain authentication, this should also work: > > 10.0.0.100:::::domain:protected=foo.org > 10.0.0.101:::::domain:protected=bar.org > > Not tested, but should work I think. At least with new enough Dovecot > versions. > > > On 19 Feb 2016, at 23:10, Gabriel L. Somlo wrote: > > > > On Fri, Feb 19, 2016 at 08:41:15AM +0100, Steffen Kaiser wrote: > >>> I'm trying to allow domain-less logins for a multi-domain virtual IMAP > >>> server, and wondering if I can automatically infer the domain (value of > >>> variable %d) from the local IP (%l) or the hostname used by the client > >>> when connecting to my server. > >>> > >>> Let's say I have two host names: mail.foo.org (10.0.0.100) and > >>> mail.bar.com (10.0.0.200), with forward and reverse DNS configured to > >>> resolve A and PTR records in either direction. > >>> > >>> Let's also say I have 10.0.0.100 and 10.0.0.200 set up as secondaries > >>> on my server's loopback interface, and routing is set up to bring > client > >>> traffic to me for both of those IP addresses. > >> > >> Hm, it should be possible like so: > >> > >> 1) keep the file you have now as 2nd passdb, in order to let your users > >> login like now from anywhere > >> > >>> user1 at foo.org:{PLAIN}user1foo > >> > >> 2) from this file create another passwd-file with ExtraField via script > / > >> cron jobs, that defines > >> > >> user1 at 10.0.0.100:{PLAIN}user1foo:::::user=user1 at foo.org > >> > >> see http://wiki2.dovecot.org/PasswordDatabase/ExtraFields > >> > >> Maybe allow_nets could limit the clients further. > >> > >> Then add another passdb section pointing to that file using > >> username_format=%n@%l > >> > >> http://wiki2.dovecot.org/AuthDatabase/PasswdFile > >> > >> That will map domain-less logins to full mail addresses, which in turn > sets > >> %d, too. > > > > That *almost* worked :) > > > > I now have > > > > passdb { > > driver = passwd-file > > args = username_format=%n@%l /var/lib/topgen/etc/postfix/users > > } > > > > pointing to a "users" file with entries such as > > > > user1 at 10.0.0.100:{PLAIN}user1foo:::::user=user1 at foo.org > > > > The only trouble is, %d does not get set; I get new "user1" and > > "user2" folders created directly under /var/lib/vmail/, which > > indicates the %d portion is equal to the empty string. > > > > I also tried > > > > user1 at 111.0.10.10:{PLAIN}tartans1:::::domain=foo.org > > > > which the PasswordDatabase wiki page says should override %d, but > > still no luck... > > > > Thanks for the pointer though, now that I read the relevant bits of > > documentation it feels like I'm really close, and this *should* work. > > I'm still either missing something, or tickling a bug (probably the > > former :) > > > > Thanks, > > --Gabriel > > > >> > >>> > >>> The relevant bits of my dovecot.conf are: > >>> > >>> ---%<------------------------------------------------------------------ > >>> mail_location = maildir:/var/lib/vmail/%d/%n > >>> passdb { > >>> driver = passwd-file > >>> args = /var/lib/vmail/etc/postfix/userdb > >>> } > >>> userdb { > >>> driver = static > >>> args = uid=dovenull gid=dovenull home=/var/lib/vmail/%d/%n > >>> } > >>> ---%<------------------------------------------------------------------ > >>> > >>> And my userdb passwd-file right now includes: > >>> > >>> ---%<------------------------------------------------------------------ > >>> user1 at foo.org:{PLAIN}user1foo > >>> user2 at foo.org:{PLAIN}user2foo > >>> user1 at bar.com:{PLAIN}user1bar > >>> user2 at bar.com:{PLAIN}user2bar > >>> ---%<------------------------------------------------------------------ > >>> > >>> Right now, user1 at foo.org must configure their imap client like so: > >>> > >>> IMAP server: mail.foo.org > >>> username: user1 at foo.org > >>> password: user1foo > >>> > >>> I would like to require this (and other) users to only have to set: > >>> > >>> IMAP server: mail.foo.org > >>> username: user1 > >>> password: ... > >>> > >>> and have dovecot somehow infer the "@foo.org" domain based on the fact > >>> that the connection was made to 10.0.0.100, which is mail.foo.org, and > >>> therefore the domain can *only* be "@foo.org". > >>> > >>> I could start out by splitting my user database into two files: > >>> > >>> userdb.foo.org > >>> ---%<------------------------------------------------------------------ > >>> user1:{PLAIN}user1foo > >>> user2:{PLAIN}user2foo > >>> ---%<------------------------------------------------------------------ > >>> > >>> userdb.bar.com > >>> ---%<------------------------------------------------------------------ > >>> user1:{PLAIN}user1bar > >>> user2:{PLAIN}user2bar > >>> ---%<------------------------------------------------------------------ > >>> > >>> ... then modify dovecot.conf's passdb setup like so: > >>> > >>> ---%<------------------------------------------------------------------ > >>> passdb { > >>> driver = passwd-file > >>> args = /var/lib/vmail/etc/postfix/userdb.%d > >>> } > >>> ---%<------------------------------------------------------------------ > >>> > >>> ... but how would I insure that %d is set to the proper value based > >>> on e.g. a reverse lookup of %l, which, in foo.org's case would be > >>> 10.0.0.100, and resolve to mail.foo.org, and *somehow* that would > >>> match %d == "@foo.org" ? > >>> > >>> Is this even possible in the first place, or am I just being too fussy > >>> about the aesthetics of my users' imap client config files ? :) :) > >>> > >>> Thanks much, > >>> --Gabriel > >>> > >> > >> - -- Steffen Kaiser > >> -----BEGIN PGP SIGNATURE----- > >> Version: GnuPG v1 > >> > >> iQEVAwUBVsbHG3z1H7kL/d9rAQLzRggAoBVJDWXDakkqLD+Gye/9KjHvfcIFkf+5 > >> u3W7ZlPSvyePaAM8u0TDnIPJ15aeyO6XZbTTqB9iKQXzluCusvhNOUl14nVO4CjW > >> gJASzpo1Kc9moWW7sWXTF/MCO+O4zVSBtJWdVmJch80hQT8LJxG3jU45FJAd1Jj3 > >> j+Rso5vEtH3Qw8i1cePaRc6FpDQ+7wboUI53OVjSKJGXbsyK5MXJFhoyvOo8UnvU > >> KdbyFoGkYR4n3zaSrkwof6TrRqqgcGA2TUyeQIS8j+ArhDpi7ilOU6x904KK7LoE > >> Ff2CzskTaTwEyTW1DZgJzLPc38PzMv9PX7QNUhdPHLFnYrhrutOfww== > >> =CFD6 > >> -----END PGP SIGNATURE----- > From aki.tuomi at dovecot.fi Sun Feb 21 11:43:15 2016 From: aki.tuomi at dovecot.fi (aki.tuomi at dovecot.fi) Date: Sun, 21 Feb 2016 13:43:15 +0200 (EET) Subject: systemd changes in Git/Debian Auto-Builds In-Reply-To: <20160221090315.GA54104@nihlus.leuxner.net> References: <20160221090315.GA54104@nihlus.leuxner.net> Message-ID: <1693574954.14125.22ea9490-41a0-4846-81ec-d4706f3bbfc6.open-xchange@appsuite.open-xchange.com> > On February 21, 2016 at 11:03 AM Thomas Leuxner wrote: > > > Not sure if the issue is limited to the Debian Auto-Builds, but after the > latest commits an update of the packages fails: > > https://github.com/dovecot/core/commit/53cc71cae88ee81fd7eae47aed743496f8c884a2 > > Feb 21 07:31:22 nihlus dovecot: master: Dovecot v2.2.devel (950a6e6) starting > up for imap, lmtp > Feb 21 07:31:22 nihlus systemd[1]: PID file > /var/run/dovecot/dovecot/master.pid not readable (yet?) after start. > > The PID-File seems to be expected under yet another sub-dir of > /var/run/dovecot. > > Regards > Thomas Hi, This is fixed in https://github.com/dovecot/core/commit/22d75d47097ca83c6e824a5129d81e8f18fb589b --- Aki Tuomi From gallego at cri.ensmp.fr Sun Feb 21 11:46:12 2016 From: gallego at cri.ensmp.fr (Emilio =?utf-8?Q?Jes=C3=BAs?= Gallego Arias) Date: Sun, 21 Feb 2016 12:46:12 +0100 Subject: Streaming MOVE commands In-Reply-To: <7068E0DA-AA85-47F4-865C-98495882025D@iki.fi> (Timo Sirainen's message of "Sun, 21 Feb 2016 03:45:48 +0200") References: <84wpq68crq.fsf@cri.ensmp.fr> <7068E0DA-AA85-47F4-865C-98495882025D@iki.fi> Message-ID: <8760xiffqz.fsf@cri.ensmp.fr> Hello Timo, Timo Sirainen writes: > Thanks, looks like this was broken with Maildir and mbox formats. It > also caused expunges in some other situations to be lost. Fixed: > > https://github.com/dovecot/core/commit/950a6e61d6c2dac961ce031bdd8b2895bc32b827 Thanks a lot for the fix, testing it now! Is this patch suitable of being backported to 2.2.13? (Debian stable) Best regards, E. From tlx at leuxner.net Sun Feb 21 12:23:14 2016 From: tlx at leuxner.net (Thomas Leuxner) Date: Sun, 21 Feb 2016 13:23:14 +0100 Subject: systemd changes in Git/Debian Auto-Builds In-Reply-To: <1693574954.14125.22ea9490-41a0-4846-81ec-d4706f3bbfc6.open-xchange@appsuite.open-xchange.com> References: <20160221090315.GA54104@nihlus.leuxner.net> <1693574954.14125.22ea9490-41a0-4846-81ec-d4706f3bbfc6.open-xchange@appsuite.open-xchange.com> Message-ID: <20160221122314.GA49439@nihlus.leuxner.net> * aki.tuomi at dovecot.fi 2016.02.21 12:43: > This is fixed in > https://github.com/dovecot/core/commit/22d75d47097ca83c6e824a5129d81e8f18fb589b Thanks Aki. As all patches are in the source tree, I guess this is not included in Stephan's Auto-Build: $ dpkg --unpack dovecot-core_2.2.21-1~auto+130_amd64.deb $ grep PID /lib/systemd/system/dovecot.service PIDFile=/var/run/dovecot/dovecot/master.pid I manually edited the file afterwards and ran dpkg --configure which brought up the server. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 181 bytes Desc: Digital signature URL: From reuben-dovecot at reub.net Sun Feb 21 12:31:05 2016 From: reuben-dovecot at reub.net (Reuben Farrelly) Date: Sun, 21 Feb 2016 23:31:05 +1100 Subject: systemd changes in Git/Debian Auto-Builds In-Reply-To: <1693574954.14125.22ea9490-41a0-4846-81ec-d4706f3bbfc6.open-xchange@appsuite.open-xchange.com> References: <20160221090315.GA54104@nihlus.leuxner.net> <1693574954.14125.22ea9490-41a0-4846-81ec-d4706f3bbfc6.open-xchange@appsuite.open-xchange.com> Message-ID: On 21/02/2016 10:43 PM, aki.tuomi at dovecot.fi wrote: >> The PID-File seems to be expected under yet another sub-dir of >> /var/run/dovecot. >> >> Regards >> Thomas > > Hi, > > This is fixed in > https://github.com/dovecot/core/commit/22d75d47097ca83c6e824a5129d81e8f18fb589b > > --- > Aki Tuomi This doesn't seem to be fixed for me, with latest -hg and a full make clean and new ./configure as of 30 mins ago. This is with a raspberri pi with Raspbian 8 (all up to date). [Service] Type=forking ExecStart=/usr/sbin/dovecot PIDFile=/var/run/dovecot/dovecot/master.pid ExecReload=/usr/bin/doveadm reload ExecStop=/usr/bin/doveadm stop PrivateTmp=true NonBlocking=yes # Enable this if your systemd is new enough to support it: #ProtectSystem=full I'm running ./configure with: ./configure --prefix=/usr --sysconfdir=/etc --libexecdir=/usr/lib --localstatedir=/var --mandir=/usr/share/man --infodir=/usr/share/info --with-moduledir=/usr/lib/dovecot/modules --disable-rpath --with-systemdsystemunitdir=auto --with-storages=maildir --with-ssl=openssl --with-solr --with-ioloop=best --with-stemmer --with-libwrap --with-lucene --without-sqlite --without-ldap --without-pgsql --disable-static It's not an old dovecot.service file either - updated when I installed the build a few minutes ago. By manually editing the systemd file above I was able to get the service up. Reuben From aki.tuomi at dovecot.fi Sun Feb 21 12:35:46 2016 From: aki.tuomi at dovecot.fi (aki.tuomi at dovecot.fi) Date: Sun, 21 Feb 2016 14:35:46 +0200 (EET) Subject: systemd changes in Git/Debian Auto-Builds In-Reply-To: References: <20160221090315.GA54104@nihlus.leuxner.net> <1693574954.14125.22ea9490-41a0-4846-81ec-d4706f3bbfc6.open-xchange@appsuite.open-xchange.com> Message-ID: <1424470728.14132.22ea9490-41a0-4846-81ec-d4706f3bbfc6.open-xchange@appsuite.open-xchange.com> > On February 21, 2016 at 2:31 PM Reuben Farrelly > wrote: > > > On 21/02/2016 10:43 PM, aki.tuomi at dovecot.fi wrote: > >> The PID-File seems to be expected under yet another sub-dir of > >> /var/run/dovecot. > >> > >> Regards > >> Thomas > > > > Hi, > > > > This is fixed in > > https://github.com/dovecot/core/commit/22d75d47097ca83c6e824a5129d81e8f18fb589b > > > > --- > > Aki Tuomi > > This doesn't seem to be fixed for me, with latest -hg and a full make > clean and new ./configure as of 30 mins ago. > > This is with a raspberri pi with Raspbian 8 (all up to date). > > [Service] > Type=forking > ExecStart=/usr/sbin/dovecot > PIDFile=/var/run/dovecot/dovecot/master.pid > ExecReload=/usr/bin/doveadm reload > ExecStop=/usr/bin/doveadm stop > PrivateTmp=true > NonBlocking=yes > # Enable this if your systemd is new enough to support it: > #ProtectSystem=full > > I'm running ./configure with: > > ./configure --prefix=/usr --sysconfdir=/etc --libexecdir=/usr/lib > --localstatedir=/var --mandir=/usr/share/man --infodir=/usr/share/info > --with-moduledir=/usr/lib/dovecot/modules --disable-rpath > --with-systemdsystemunitdir=auto --with-storages=maildir > --with-ssl=openssl --with-solr --with-ioloop=best --with-stemmer > --with-libwrap --with-lucene --without-sqlite --without-ldap > --without-pgsql --disable-static > > It's not an old dovecot.service file either - updated when I installed > the build a few minutes ago. > > By manually editing the systemd file above I was able to get the service up. > > Reuben Hi, where was your pid file located? --- Aki Tuomi From reuben-dovecot at reub.net Sun Feb 21 12:45:43 2016 From: reuben-dovecot at reub.net (Reuben Farrelly) Date: Sun, 21 Feb 2016 23:45:43 +1100 Subject: systemd changes in Git/Debian Auto-Builds In-Reply-To: <1424470728.14132.22ea9490-41a0-4846-81ec-d4706f3bbfc6.open-xchange@appsuite.open-xchange.com> References: <20160221090315.GA54104@nihlus.leuxner.net> <1693574954.14125.22ea9490-41a0-4846-81ec-d4706f3bbfc6.open-xchange@appsuite.open-xchange.com> <1424470728.14132.22ea9490-41a0-4846-81ec-d4706f3bbfc6.open-xchange@appsuite.open-xchange.com> Message-ID: <01aa8690-4c18-0ac2-3485-ff1ba131790a@reub.net> On 21/02/2016 11:35 PM, aki.tuomi at dovecot.fi wrote: >> By manually editing the systemd file above I was able to get the service up. >> >> Reuben > > Hi, > > where was your pid file located? > --- > Aki Tuomi In /var/run/dovecot : root at pi:~/dovecot/dovecot-2.2# ls -la /var/run/dovecot/ total 8 drwxr-xr-x 5 root root 780 Feb 22 01:18 . drwxr-xr-x 17 root root 580 Jan 1 1970 .. srw------- 1 root root 0 Feb 22 01:18 anvil srw------- 1 root root 0 Feb 22 01:18 anvil-auth-penalty srw------- 1 dovecot root 0 Feb 22 01:18 auth-client srw------- 1 dovecot root 0 Feb 22 01:18 auth-login srw------- 1 root root 0 Feb 22 01:18 auth-master -rw------- 1 root root 32 Feb 21 15:25 auth-token-secret.dat srw-rw-rw- 1 dovecot root 0 Feb 22 01:18 auth-userdb srw------- 1 dovecot root 0 Feb 22 01:18 auth-worker srw------- 1 root root 0 Feb 22 01:18 config srw------- 1 root root 0 Feb 22 01:18 dict srw------- 1 root root 0 Feb 22 01:18 dict-async srw------- 1 root root 0 Feb 22 01:18 director-admin srw------- 1 root root 0 Feb 22 01:18 director-userdb srw-rw-rw- 1 root root 0 Feb 22 01:18 dns-client srw------- 1 root root 0 Feb 22 01:18 doveadm-server lrwxrwxrwx 1 root root 25 Feb 22 01:18 dovecot.conf -> /etc/dovecot/dovecot.conf drwxr-xr-x 2 root root 40 Jan 1 1970 empty srw------- 1 root root 0 Feb 22 01:18 imap-hibernate srw------- 1 root root 0 Feb 22 01:18 imap-master srw-rw-rw- 1 root root 0 Feb 22 01:18 imap-urlauth srw------- 1 dovecot root 0 Feb 22 01:18 imap-urlauth-worker srw-rw-rw- 1 root root 0 Feb 22 01:18 indexer srw------- 1 dovecot root 0 Feb 22 01:18 indexer-worker srw------- 1 root root 0 Feb 22 01:18 ipc srw-rw-rw- 1 root root 0 Feb 22 01:18 lmtp srw------- 1 root root 0 Feb 22 01:18 log-errors drwxr-x--- 2 root dovenull 120 Feb 22 01:18 login -rw------- 1 root root 6 Feb 22 01:18 master.pid srw-rw-rw- 1 root root 0 Feb 22 01:18 replication-notify prw-rw-rw- 1 root root 0 Feb 22 01:18 replication-notify-fifo srw------- 1 dovecot root 0 Feb 22 01:18 replicator srw-rw-rw- 1 dovecot root 0 Feb 22 01:18 replicator-doveadm srw-rw-rw- 1 root root 0 Feb 22 01:18 ssl-params srw------- 1 root root 0 Feb 22 01:18 stats prw-rw-rw- 1 root root 0 Feb 22 01:18 stats-mail prw------- 1 root root 0 Feb 22 01:18 stats-user drwxr-x--- 2 root dovenull 80 Feb 22 01:18 token-login root at pi:~/dovecot/dovecot-2.2# Reuben From slitt at troubleshooters.com Sun Feb 21 17:10:59 2016 From: slitt at troubleshooters.com (Steve Litt) Date: Sun, 21 Feb 2016 12:10:59 -0500 Subject: To what extent does/will Dovecot depend on systemd? was systemd changes... In-Reply-To: <20160221090315.GA54104@nihlus.leuxner.net> References: <20160221090315.GA54104@nihlus.leuxner.net> Message-ID: <20160221121059.03eab67b@mydesk.domain.cxm> On Sun, 21 Feb 2016 10:03:15 +0100 Thomas Leuxner wrote: [snip] > https://github.com/dovecot/core/commit/53cc71cae88ee81fd7eae47aed743496f8c884a2 [snip] > The PID-File seems to be expected under yet another sub-dir > of /var/run/dovecot. I wasn't aware that any Dovecot functionalities have become dependent on systemd. Is this discussion simply about the unit file and PID file location for Dovecot under systemd's process manager, or is Dovecot starting to acquire systemd dependencies that will make it difficult to run without systemd in the future? Thanks, SteveT Steve Litt February 2016 featured book: The Key to Everyday Excellence http://www.troubleshooters.com/key From thomas at bitkomplex.de Sun Feb 21 18:35:20 2016 From: thomas at bitkomplex.de (=?UTF-8?Q?Thomas_M=c3=b6hle?=) Date: Sun, 21 Feb 2016 19:35:20 +0100 Subject: syntax for overriding userdb fields from passdb config Message-ID: <56CA0368.7080901@bitkomplex.de> Dear Dovecot developers, how exactly is the syntax to override a userdb field within the passdb configuration? I cannot find any documentation on this in the wiki. Let's say, I'd like to override the userdb extra field "chroot" with /var/mail. How exactly would be the notation? My auth-sql.conf.ext looks like this: passdb { driver = sql args = /etc/dovecot/dovecot-sql.conf.ext } userdb { driver = sql args = /etc/dovecot/dovecot-sql.conf.ext } I already tried these modifications within the passdb area: override_fields = userdb_chroot=/var/mail override_fields = userdb:chroot=/var/mail override_fields = %{userdb:chroot}=/var/mail override_fields = %{userdb_chroot}=/var/mail but none of the above returned /var/mail when I tried to hand %{userdb:chroot} to an external script. Thanks for your help, Thomas M?hle From tss at iki.fi Mon Feb 22 00:33:41 2016 From: tss at iki.fi (Timo Sirainen) Date: Mon, 22 Feb 2016 02:33:41 +0200 Subject: Streaming MOVE commands In-Reply-To: <8760xiffqz.fsf@cri.ensmp.fr> References: <84wpq68crq.fsf@cri.ensmp.fr> <7068E0DA-AA85-47F4-865C-98495882025D@iki.fi> <8760xiffqz.fsf@cri.ensmp.fr> Message-ID: <382903E1-0654-4A26-AFB2-B314C81DB9A0@iki.fi> On 21 Feb 2016, at 13:46, Emilio Jes?s Gallego Arias wrote: > > Hello Timo, > > Timo Sirainen writes: > >> Thanks, looks like this was broken with Maildir and mbox formats. It >> also caused expunges in some other situations to be lost. Fixed: >> >> https://github.com/dovecot/core/commit/950a6e61d6c2dac961ce031bdd8b2895bc32b827 > > Thanks a lot for the fix, testing it now! > > Is this patch suitable of being backported to 2.2.13? (Debian stable) Should be. BTW. This bug only meant that some expunges were ignored, which at worst caused unwanted email duplicates. It didn't corrupt the mailbox state or the client state in any way. From soko.tica at gmail.com Mon Feb 22 01:59:56 2016 From: soko.tica at gmail.com (soko.tica) Date: Mon, 22 Feb 2016 02:59:56 +0100 Subject: postfix/dovecot - [private/dovecot-lmtp]: No such file or directory Message-ID: Hello list, I am trying to send a mail message from root to a system user on the same box. While postfix functions without dovecot properly, once dovecot is installed, I get the message from logs as set in the subject line - that postfix/lmpt cannot connect to [private/dovecot-lmtp]: No such file or directory Also, user's ~/.Maildir aren't created, although there is such instructions in dovecot. Finally, doveconf -n says there is no ssl enabled, although I explicitly set it in /conf.d/10-ssl.conf Below are dmesg, postconf -n, doveconf -n and a snippet from /var/log/mail.log Please advise. Thanks in advance. $dmesg [ 0.000000] Linux version 3.18.26-x1-64 (root at dev0001.support.domain.tld) (gcc version 4.4.5 (Debian 4.4.5-8) ) #1 SMP Mon Feb 8 11:43:41 GMT 2016 [ 0.740773] pps_core: LinuxPPS API ver. 1 registered ================ $ postconf -n alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases append_dot_mydomain = no biff = no config_directory = /etc/postfix default_transport = error delay_warning_time = 4h inet_interfaces = loopback-only mailbox_size_limit = 0 mailbox_transport = lmtp:unix:private/dovecot-lmtp mydestination = $myhostname localhost.$mydomain localhost $mydomain myhostname = mail.domain.tld mynetworks = [::ffff:127.0.0.0]/104 [::1]/128 myorigin = $myhostname notify_classes = resource, software readme_directory = no recipient_delimiter = + relay_domains = $mydestination relay_transport = error smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtpd_use_tls = yes ========================== $ doveconf -n # 2.2.13: /etc/dovecot/dovecot.conf # OS: Linux 3.18.26-x1-64 x86_64 Debian 8.3 hostname = mail.domain.tld lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes lda_original_recipient_header = X-Original-To mail_location = maildir:~/Maildir maildir_very_dirty_syncs = yes namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = separator = / type = private } passdb { driver = pam } passdb { driver = pam } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } postmaster_address = postmaster at mail.domain.tld protocols = lmtp service lmtp { unix_listener lmtp { group = postfix mode = 0600 user = postfix } } ssl = no ssl_cert = Feb 21 23:22:28 boxname postfix/cleanup[32177]: EA06822140: message-id=<20160221232228.EA06822140 at mail.domain.tld> Feb 21 23:22:28 boxname postfix/qmgr[32139]: EA06822140: from=, size=333, nrcpt=1 (queue active) Feb 21 23:22:29 boxname postfix/lmtp[32180]: EA06822140: to=, orig_to=, relay=none, delay=0.06, delays=0.02/0.01/0.04/0, dsn=4.4.1, status=deferred (connect to mail.domain.tld[private/dovecot-lmtp]: No such file or directory) From jaldhar at debian.org Mon Feb 22 05:36:46 2016 From: jaldhar at debian.org (Jaldhar H. Vyas) Date: Mon, 22 Feb 2016 00:36:46 -0500 (EST) Subject: Streaming MOVE commands In-Reply-To: <382903E1-0654-4A26-AFB2-B314C81DB9A0@iki.fi> References: <84wpq68crq.fsf@cri.ensmp.fr> <7068E0DA-AA85-47F4-865C-98495882025D@iki.fi> <8760xiffqz.fsf@cri.ensmp.fr> <382903E1-0654-4A26-AFB2-B314C81DB9A0@iki.fi> Message-ID: On Mon, 22 Feb 2016, Timo Sirainen wrote: > On 21 Feb 2016, at 13:46, Emilio Jes?s Gallego Arias wrote: >> >> Hello Timo, >> >> Timo Sirainen writes: >> >>> Thanks, looks like this was broken with Maildir and mbox formats. It >>> also caused expunges in some other situations to be lost. Fixed: >>> >>> https://github.com/dovecot/core/commit/950a6e61d6c2dac961ce031bdd8b2895bc32b827 >> >> Thanks a lot for the fix, testing it now! >> >> Is this patch suitable of being backported to 2.2.13? (Debian stable) > > Should be. > This will definitely go into the upcoming 2.2.21 packages. (After a long period of stasis we're going to bring everything up to date again soon.) I don't know if the release team will allow it for stable even though it is a minor change but I'll definitely bring it up for their consideration. -- Jaldhar H. Vyas From andrew.mcglashan at affinityvision.com.au Mon Feb 22 06:52:39 2016 From: andrew.mcglashan at affinityvision.com.au (Andrew McGlashan) Date: Mon, 22 Feb 2016 17:52:39 +1100 Subject: Setup changes 1.x to 2.x -- custom POP3 account handling required. Message-ID: <56CAB037.9000205@affinityvision.com.au> Hi, Previously I did /special/ processing for some email accounts; if a particular file existed in the user's home directory, then I caused the account to use /var/mail/$USER file for POP -- otherwise it used IMAP. Now, because I adjusted the setup for POP only, IMAP still worked perfectly well. Some users have both POP and IMAP access for various reasons. The special POP processing was done using a shell script [1] in place of: /usr/lib/dovecot/pop3 - which in turn called the normal binary once setting up the environment. Now, I have been forced to upgrade my Debian from squeeze-lts to wheezy and the dovecot setup is quite different. How can I implement my /wrapper/ script for POP handling now? Here is my current setup with dovecot -n ... # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-5-xen-amd64 x86_64 Debian 7.9 mail_location = maildir:~/Maildir namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Items" { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { driver = pam } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = " imap pop3" service imap-login { inet_listener imap { port = 0 } } service pop3-login { inet_listener pop3 { port = 0 } } ssl = required ssl_cert = > /var/log/usr-lib-dovecot--pop3-affinity.log fi fi else if [ -d $HOME/Maildir ]; then export MAIL=Maildir:$HOME/Maildir else export MAIL=mbox:$HOME/mail:INBOX=/var/mail/$USER fi fi # Finally execute the imap/pop3. If you use both, you'll need two scripts. # - this customization just for POP3S ... exec /usr/lib/dovecot/pop3 Thanks AndrewM From aki.tuomi at dovecot.fi Mon Feb 22 07:14:08 2016 From: aki.tuomi at dovecot.fi (Aki Tuomi) Date: Mon, 22 Feb 2016 09:14:08 +0200 Subject: To what extent does/will Dovecot depend on systemd? was systemd changes... In-Reply-To: <20160221121059.03eab67b@mydesk.domain.cxm> References: <20160221090315.GA54104@nihlus.leuxner.net> <20160221121059.03eab67b@mydesk.domain.cxm> Message-ID: <56CAB540.7090401@dovecot.fi> On 21.02.2016 19:10, Steve Litt wrote: > On Sun, 21 Feb 2016 10:03:15 +0100 > Thomas Leuxner wrote: > > [snip] > >> https://github.com/dovecot/core/commit/53cc71cae88ee81fd7eae47aed743496f8c884a2 > [snip] > >> The PID-File seems to be expected under yet another sub-dir >> of /var/run/dovecot. > I wasn't aware that any Dovecot functionalities have become dependent > on systemd. Is this discussion simply about the unit file and PID file > location for Dovecot under systemd's process manager, or is Dovecot > starting to acquire systemd dependencies that will make it difficult to > run without systemd in the future? > > Thanks, > > SteveT > > Steve Litt > February 2016 featured book: The Key to Everyday Excellence > http://www.troubleshooters.com/key We do not depend on systemd, but unit files are provided and automatically installed if enabled. Aki From aki.tuomi at dovecot.fi Mon Feb 22 07:15:22 2016 From: aki.tuomi at dovecot.fi (Aki Tuomi) Date: Mon, 22 Feb 2016 09:15:22 +0200 Subject: postfix/dovecot - [private/dovecot-lmtp]: No such file or directory In-Reply-To: References: Message-ID: <56CAB58A.3030408@dovecot.fi> On 22.02.2016 03:59, soko.tica wrote: > Hello list, > > I am trying to send a mail message from root to a system user on the same > box. While postfix functions without dovecot properly, once dovecot is > installed, I get the message from logs as set in the subject line - that > postfix/lmpt cannot connect to [private/dovecot-lmtp]: No such file or > directory > > Also, user's ~/.Maildir aren't created, although there is such instructions > in dovecot. Finally, doveconf -n says there is no ssl enabled, although I > explicitly set it in /conf.d/10-ssl.conf > > Below are dmesg, postconf -n, doveconf -n and a snippet from > /var/log/mail.log > > Please advise. Thanks in advance. > > $ doveconf -n > # 2.2.13: /etc/dovecot/dovecot.conf > # OS: Linux 3.18.26-x1-64 x86_64 Debian 8.3 > hostname = mail.domain.tld > protocols = lmtp > service lmtp { > unix_listener lmtp { > group = postfix > mode = 0600 > user = postfix > } > } > You probably want to define socket path here, so that the socket gets created in postfix's private directory, probably /var/lib/postfix/private Aki From skdovecot at smail.inf.fh-brs.de Mon Feb 22 07:55:21 2016 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Mon, 22 Feb 2016 08:55:21 +0100 (CET) Subject: Automatically inferring %d on multi-domain virtual install ? In-Reply-To: References: <20160212192550.GR16357@HEDWIG.INI.CMU.EDU> <20160219211037.GB16357@HEDWIG.INI.CMU.EDU> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sun, 21 Feb 2016, Leon Kyneur wrote: > Date: Sun, 21 Feb 2016 10:51:21 +0000 > From: Leon Kyneur > To: Dovecot Mailing List , Timo Sirainen > Subject: Re: Automatically inferring %d on multi-domain virtual install ? > > very intrigued by your solution Timo, have attempted something similar in > the past to no avail. > > When I tried I was unable to retain the user at domain when setting the domain > as extra field - protected is new to me and can't find documentation - but > also doesn't work :( > > # cat passwd.domains > 10.100.1.1:::::::domain:protected=foo.org > 10.100.1.2:::::::domain:protected=bar.org > > # cat imap.passwd > user at bar.org:{plain}password:::::: > user at foo.org:{plain}password:::::: > > dovecot.conf: > > passdb { > args = username_format=%l /etc/dovecot/passwd.domains > default_fields = nopassword=y > driver = passwd-file > result_success = continue > } > > passdb { > args = scheme=plain-md5 username_format=%u /etc/dovecot/imap.passwd > driver = passwd-file > } > > 1. user without domain localip 10.100.1.1 - adds foo.org: > # doveadm auth lookup -x lip=10.100.1.1 user > passdb: user > user : user at foo.org > > 2. user without domain localip 10.100.1.2 - adds bar.org > # doveadm auth lookup -x lip=10.100.1.2 user > passdb: user > user : user at bar.org > > 3. user WITH domain bar.org on localip 10.100.1.1 - still adds foo.org??? > # doveadm auth lookup -x lip=10.100.1.1 user at bar.org > passdb: user at bar.org > user : user at foo.org > > Is the protected suffix supposed protect domain and not change it here? The domain is overwritten by the first passdb, that caused 1. and 2. to work :-) . > On Sun, Feb 21, 2016 at 1:20 PM Timo Sirainen wrote: > >> How about: >> >> passdb { >> driver = passwd-file >> args = username_format=%l /etc/dovecot/passwd.domains >> result_success = continue >> } >> >> passdb { >> .. the real passdb for authentication .. >> } >> >> Where /etc/dovecot/passwd.domains contains: >> >> 10.0.0.100:::::domain=foo.org >> 10.0.0.101:::::domain=bar.org >> >> So the first passdb lookup would set the domain based on IP and then >> continue for the actual authentication. Or if you don't want it to override >> an explicit user at domain authentication, this should also work: >> >> 10.0.0.100:::::domain:protected=foo.org >> 10.0.0.101:::::domain:protected=bar.org >> >> Not tested, but should work I think. At least with new enough Dovecot >> versions. >> >>> On 19 Feb 2016, at 23:10, Gabriel L. Somlo wrote: >>> >>> On Fri, Feb 19, 2016 at 08:41:15AM +0100, Steffen Kaiser wrote: >>>>> I'm trying to allow domain-less logins for a multi-domain virtual IMAP >>>>> server, and wondering if I can automatically infer the domain (value of >>>>> variable %d) from the local IP (%l) or the hostname used by the client >>>>> when connecting to my server. >>>>> >>>>> Let's say I have two host names: mail.foo.org (10.0.0.100) and >>>>> mail.bar.com (10.0.0.200), with forward and reverse DNS configured to >>>>> resolve A and PTR records in either direction. >>>>> >>>>> Let's also say I have 10.0.0.100 and 10.0.0.200 set up as secondaries >>>>> on my server's loopback interface, and routing is set up to bring >> client >>>>> traffic to me for both of those IP addresses. >>>> >>>> Hm, it should be possible like so: >>>> >>>> 1) keep the file you have now as 2nd passdb, in order to let your users >>>> login like now from anywhere >>>> >>>>> user1 at foo.org:{PLAIN}user1foo >>>> >>>> 2) from this file create another passwd-file with ExtraField via script >> / >>>> cron jobs, that defines >>>> >>>> user1 at 10.0.0.100:{PLAIN}user1foo:::::user=user1 at foo.org >>>> >>>> see http://wiki2.dovecot.org/PasswordDatabase/ExtraFields >>>> >>>> Maybe allow_nets could limit the clients further. >>>> >>>> Then add another passdb section pointing to that file using >>>> username_format=%n@%l >>>> >>>> http://wiki2.dovecot.org/AuthDatabase/PasswdFile >>>> >>>> That will map domain-less logins to full mail addresses, which in turn >> sets >>>> %d, too. >>> >>> That *almost* worked :) >>> >>> I now have >>> >>> passdb { >>> driver = passwd-file >>> args = username_format=%n@%l /var/lib/topgen/etc/postfix/users >>> } >>> >>> pointing to a "users" file with entries such as >>> >>> user1 at 10.0.0.100:{PLAIN}user1foo:::::user=user1 at foo.org >>> >>> The only trouble is, %d does not get set; I get new "user1" and >>> "user2" folders created directly under /var/lib/vmail/, which >>> indicates the %d portion is equal to the empty string. >>> >>> I also tried >>> >>> user1 at 111.0.10.10:{PLAIN}tartans1:::::domain=foo.org >>> >>> which the PasswordDatabase wiki page says should override %d, but >>> still no luck... >>> >>> Thanks for the pointer though, now that I read the relevant bits of >>> documentation it feels like I'm really close, and this *should* work. >>> I'm still either missing something, or tickling a bug (probably the >>> former :) >>> >>> Thanks, >>> --Gabriel >>> >>>> >>>>> >>>>> The relevant bits of my dovecot.conf are: >>>>> >>>>> ---%<------------------------------------------------------------------ >>>>> mail_location = maildir:/var/lib/vmail/%d/%n >>>>> passdb { >>>>> driver = passwd-file >>>>> args = /var/lib/vmail/etc/postfix/userdb >>>>> } >>>>> userdb { >>>>> driver = static >>>>> args = uid=dovenull gid=dovenull home=/var/lib/vmail/%d/%n >>>>> } >>>>> ---%<------------------------------------------------------------------ >>>>> >>>>> And my userdb passwd-file right now includes: >>>>> >>>>> ---%<------------------------------------------------------------------ >>>>> user1 at foo.org:{PLAIN}user1foo >>>>> user2 at foo.org:{PLAIN}user2foo >>>>> user1 at bar.com:{PLAIN}user1bar >>>>> user2 at bar.com:{PLAIN}user2bar >>>>> ---%<------------------------------------------------------------------ >>>>> >>>>> Right now, user1 at foo.org must configure their imap client like so: >>>>> >>>>> IMAP server: mail.foo.org >>>>> username: user1 at foo.org >>>>> password: user1foo >>>>> >>>>> I would like to require this (and other) users to only have to set: >>>>> >>>>> IMAP server: mail.foo.org >>>>> username: user1 >>>>> password: ... >>>>> >>>>> and have dovecot somehow infer the "@foo.org" domain based on the fact >>>>> that the connection was made to 10.0.0.100, which is mail.foo.org, and >>>>> therefore the domain can *only* be "@foo.org". >>>>> >>>>> I could start out by splitting my user database into two files: >>>>> >>>>> userdb.foo.org >>>>> ---%<------------------------------------------------------------------ >>>>> user1:{PLAIN}user1foo >>>>> user2:{PLAIN}user2foo >>>>> ---%<------------------------------------------------------------------ >>>>> >>>>> userdb.bar.com >>>>> ---%<------------------------------------------------------------------ >>>>> user1:{PLAIN}user1bar >>>>> user2:{PLAIN}user2bar >>>>> ---%<------------------------------------------------------------------ >>>>> >>>>> ... then modify dovecot.conf's passdb setup like so: >>>>> >>>>> ---%<------------------------------------------------------------------ >>>>> passdb { >>>>> driver = passwd-file >>>>> args = /var/lib/vmail/etc/postfix/userdb.%d >>>>> } >>>>> ---%<------------------------------------------------------------------ >>>>> >>>>> ... but how would I insure that %d is set to the proper value based >>>>> on e.g. a reverse lookup of %l, which, in foo.org's case would be >>>>> 10.0.0.100, and resolve to mail.foo.org, and *somehow* that would >>>>> match %d == "@foo.org" ? >>>>> >>>>> Is this even possible in the first place, or am I just being too fussy >>>>> about the aesthetics of my users' imap client config files ? :) :) >>>>> >>>>> Thanks much, >>>>> --Gabriel >>>>> >>>> >>>> - -- Steffen Kaiser >>>> -----BEGIN PGP SIGNATURE----- >>>> Version: GnuPG v1 >>>> >>>> iQEVAwUBVsbHG3z1H7kL/d9rAQLzRggAoBVJDWXDakkqLD+Gye/9KjHvfcIFkf+5 >>>> u3W7ZlPSvyePaAM8u0TDnIPJ15aeyO6XZbTTqB9iKQXzluCusvhNOUl14nVO4CjW >>>> gJASzpo1Kc9moWW7sWXTF/MCO+O4zVSBtJWdVmJch80hQT8LJxG3jU45FJAd1Jj3 >>>> j+Rso5vEtH3Qw8i1cePaRc6FpDQ+7wboUI53OVjSKJGXbsyK5MXJFhoyvOo8UnvU >>>> KdbyFoGkYR4n3zaSrkwof6TrRqqgcGA2TUyeQIS8j+ArhDpi7ilOU6x904KK7LoE >>>> Ff2CzskTaTwEyTW1DZgJzLPc38PzMv9PX7QNUhdPHLFnYrhrutOfww== >>>> =CFD6 >>>> -----END PGP SIGNATURE----- >> > - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVsq+6Xz1H7kL/d9rAQKvnwgAh/GmJKPC/4I4RB2vs7N53sp8EUFMtHzy urK7EwzX8Zs31adysRuz5wnDOAWYh/c6a2niKIY20kuae1h+Nb3u/jdmjyTAsiJP nvkuoAJuh+JtA8uNccGVvMYIMX6wRkyqFsA3h57b0g0e/04nFeL7gUA/nQ2l7lEx saJAnlIrW12aBAlN01/qfm3D7iXosxiOcDHVGRdGhHkfhLvpoPklEX4HJSASSn77 nPZVElXYH6qZVAuc5mkhjxFTNZ/7QYmBav8z6mZe90IR5wpVlZV/P3ToTcgvzsF0 qHN39vE7K4xaoQyimjfi+7Y6SdXDm/K403snkD+A0lqY2Yrzq7gxbQ== =0CTu -----END PGP SIGNATURE----- From skdovecot at smail.inf.fh-brs.de Mon Feb 22 07:56:40 2016 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Mon, 22 Feb 2016 08:56:40 +0100 (CET) Subject: Automatically inferring %d on multi-domain virtual install ? In-Reply-To: References: <20160212192550.GR16357@HEDWIG.INI.CMU.EDU> <20160219211037.GB16357@HEDWIG.INI.CMU.EDU> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sun, 21 Feb 2016, Leon Kyneur wrote: > Date: Sun, 21 Feb 2016 10:51:21 +0000 > From: Leon Kyneur > To: Dovecot Mailing List , Timo Sirainen > Subject: Re: Automatically inferring %d on multi-domain virtual install ? > > very intrigued by your solution Timo, have attempted something similar in > the past to no avail. > > When I tried I was unable to retain the user at domain when setting the domain > as extra field - protected is new to me and can't find documentation - but > also doesn't work :( > > # cat passwd.domains > 10.100.1.1:::::::domain:protected=foo.org > 10.100.1.2:::::::domain:protected=bar.org > > # cat imap.passwd > user at bar.org:{plain}password:::::: > user at foo.org:{plain}password:::::: > > dovecot.conf: > > passdb { > args = username_format=%l /etc/dovecot/passwd.domains What, if you use: args = username_format=%l@%d /etc/dovecot/passwd.domains and: 10.100.1.1@:::::::domain:protected=foo.org in the file .... > default_fields = nopassword=y > driver = passwd-file > result_success = continue > } > > passdb { > args = scheme=plain-md5 username_format=%u /etc/dovecot/imap.passwd > driver = passwd-file > } > > 1. user without domain localip 10.100.1.1 - adds foo.org: > # doveadm auth lookup -x lip=10.100.1.1 user > passdb: user > user : user at foo.org > > 2. user without domain localip 10.100.1.2 - adds bar.org > # doveadm auth lookup -x lip=10.100.1.2 user > passdb: user > user : user at bar.org > > 3. user WITH domain bar.org on localip 10.100.1.1 - still adds foo.org??? > # doveadm auth lookup -x lip=10.100.1.1 user at bar.org > passdb: user at bar.org > user : user at foo.org > > Is the protected suffix supposed protect domain and not change it here? > > > On Sun, Feb 21, 2016 at 1:20 PM Timo Sirainen wrote: > >> How about: >> >> passdb { >> driver = passwd-file >> args = username_format=%l /etc/dovecot/passwd.domains >> result_success = continue >> } >> >> passdb { >> .. the real passdb for authentication .. >> } >> >> Where /etc/dovecot/passwd.domains contains: >> >> 10.0.0.100:::::domain=foo.org >> 10.0.0.101:::::domain=bar.org >> >> So the first passdb lookup would set the domain based on IP and then >> continue for the actual authentication. Or if you don't want it to override >> an explicit user at domain authentication, this should also work: >> >> 10.0.0.100:::::domain:protected=foo.org >> 10.0.0.101:::::domain:protected=bar.org >> >> Not tested, but should work I think. At least with new enough Dovecot >> versions. >> >>> On 19 Feb 2016, at 23:10, Gabriel L. Somlo wrote: >>> >>> On Fri, Feb 19, 2016 at 08:41:15AM +0100, Steffen Kaiser wrote: >>>>> I'm trying to allow domain-less logins for a multi-domain virtual IMAP >>>>> server, and wondering if I can automatically infer the domain (value of >>>>> variable %d) from the local IP (%l) or the hostname used by the client >>>>> when connecting to my server. >>>>> >>>>> Let's say I have two host names: mail.foo.org (10.0.0.100) and >>>>> mail.bar.com (10.0.0.200), with forward and reverse DNS configured to >>>>> resolve A and PTR records in either direction. >>>>> >>>>> Let's also say I have 10.0.0.100 and 10.0.0.200 set up as secondaries >>>>> on my server's loopback interface, and routing is set up to bring >> client >>>>> traffic to me for both of those IP addresses. >>>> >>>> Hm, it should be possible like so: >>>> >>>> 1) keep the file you have now as 2nd passdb, in order to let your users >>>> login like now from anywhere >>>> >>>>> user1 at foo.org:{PLAIN}user1foo >>>> >>>> 2) from this file create another passwd-file with ExtraField via script >> / >>>> cron jobs, that defines >>>> >>>> user1 at 10.0.0.100:{PLAIN}user1foo:::::user=user1 at foo.org >>>> >>>> see http://wiki2.dovecot.org/PasswordDatabase/ExtraFields >>>> >>>> Maybe allow_nets could limit the clients further. >>>> >>>> Then add another passdb section pointing to that file using >>>> username_format=%n@%l >>>> >>>> http://wiki2.dovecot.org/AuthDatabase/PasswdFile >>>> >>>> That will map domain-less logins to full mail addresses, which in turn >> sets >>>> %d, too. >>> >>> That *almost* worked :) >>> >>> I now have >>> >>> passdb { >>> driver = passwd-file >>> args = username_format=%n@%l /var/lib/topgen/etc/postfix/users >>> } >>> >>> pointing to a "users" file with entries such as >>> >>> user1 at 10.0.0.100:{PLAIN}user1foo:::::user=user1 at foo.org >>> >>> The only trouble is, %d does not get set; I get new "user1" and >>> "user2" folders created directly under /var/lib/vmail/, which >>> indicates the %d portion is equal to the empty string. >>> >>> I also tried >>> >>> user1 at 111.0.10.10:{PLAIN}tartans1:::::domain=foo.org >>> >>> which the PasswordDatabase wiki page says should override %d, but >>> still no luck... >>> >>> Thanks for the pointer though, now that I read the relevant bits of >>> documentation it feels like I'm really close, and this *should* work. >>> I'm still either missing something, or tickling a bug (probably the >>> former :) >>> >>> Thanks, >>> --Gabriel >>> >>>> >>>>> >>>>> The relevant bits of my dovecot.conf are: >>>>> >>>>> ---%<------------------------------------------------------------------ >>>>> mail_location = maildir:/var/lib/vmail/%d/%n >>>>> passdb { >>>>> driver = passwd-file >>>>> args = /var/lib/vmail/etc/postfix/userdb >>>>> } >>>>> userdb { >>>>> driver = static >>>>> args = uid=dovenull gid=dovenull home=/var/lib/vmail/%d/%n >>>>> } >>>>> ---%<------------------------------------------------------------------ >>>>> >>>>> And my userdb passwd-file right now includes: >>>>> >>>>> ---%<------------------------------------------------------------------ >>>>> user1 at foo.org:{PLAIN}user1foo >>>>> user2 at foo.org:{PLAIN}user2foo >>>>> user1 at bar.com:{PLAIN}user1bar >>>>> user2 at bar.com:{PLAIN}user2bar >>>>> ---%<------------------------------------------------------------------ >>>>> >>>>> Right now, user1 at foo.org must configure their imap client like so: >>>>> >>>>> IMAP server: mail.foo.org >>>>> username: user1 at foo.org >>>>> password: user1foo >>>>> >>>>> I would like to require this (and other) users to only have to set: >>>>> >>>>> IMAP server: mail.foo.org >>>>> username: user1 >>>>> password: ... >>>>> >>>>> and have dovecot somehow infer the "@foo.org" domain based on the fact >>>>> that the connection was made to 10.0.0.100, which is mail.foo.org, and >>>>> therefore the domain can *only* be "@foo.org". >>>>> >>>>> I could start out by splitting my user database into two files: >>>>> >>>>> userdb.foo.org >>>>> ---%<------------------------------------------------------------------ >>>>> user1:{PLAIN}user1foo >>>>> user2:{PLAIN}user2foo >>>>> ---%<------------------------------------------------------------------ >>>>> >>>>> userdb.bar.com >>>>> ---%<------------------------------------------------------------------ >>>>> user1:{PLAIN}user1bar >>>>> user2:{PLAIN}user2bar >>>>> ---%<------------------------------------------------------------------ >>>>> >>>>> ... then modify dovecot.conf's passdb setup like so: >>>>> >>>>> ---%<------------------------------------------------------------------ >>>>> passdb { >>>>> driver = passwd-file >>>>> args = /var/lib/vmail/etc/postfix/userdb.%d >>>>> } >>>>> ---%<------------------------------------------------------------------ >>>>> >>>>> ... but how would I insure that %d is set to the proper value based >>>>> on e.g. a reverse lookup of %l, which, in foo.org's case would be >>>>> 10.0.0.100, and resolve to mail.foo.org, and *somehow* that would >>>>> match %d == "@foo.org" ? >>>>> >>>>> Is this even possible in the first place, or am I just being too fussy >>>>> about the aesthetics of my users' imap client config files ? :) :) >>>>> >>>>> Thanks much, >>>>> --Gabriel >>>>> >>>> >>>> - -- Steffen Kaiser >>>> -----BEGIN PGP SIGNATURE----- >>>> Version: GnuPG v1 >>>> >>>> iQEVAwUBVsbHG3z1H7kL/d9rAQLzRggAoBVJDWXDakkqLD+Gye/9KjHvfcIFkf+5 >>>> u3W7ZlPSvyePaAM8u0TDnIPJ15aeyO6XZbTTqB9iKQXzluCusvhNOUl14nVO4CjW >>>> gJASzpo1Kc9moWW7sWXTF/MCO+O4zVSBtJWdVmJch80hQT8LJxG3jU45FJAd1Jj3 >>>> j+Rso5vEtH3Qw8i1cePaRc6FpDQ+7wboUI53OVjSKJGXbsyK5MXJFhoyvOo8UnvU >>>> KdbyFoGkYR4n3zaSrkwof6TrRqqgcGA2TUyeQIS8j+ArhDpi7ilOU6x904KK7LoE >>>> Ff2CzskTaTwEyTW1DZgJzLPc38PzMv9PX7QNUhdPHLFnYrhrutOfww== >>>> =CFD6 >>>> -----END PGP SIGNATURE----- >> > - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVsq/OHz1H7kL/d9rAQI0zAgAmJoE93zZ4qwc+xsJKuhGBIYIhyTZ7rmv 8i62HsBzznqxBf2r0OWd4QDmWuyPE+vD3jAsD4pZvrLvbSXbkTrLUxUJwDhxoRtT Ox37JS4y4LawGbeIbwvPkKOn6IuktGqZPEfj0PObuCcdjHwS3oETgRP3FUYIrqEq ujyK7l7VSq8idHqLYa+9SA2YunBeq+LVVskB8z50+ut764nQq/bcqT3gn7MXER5I KIUUzWsFJXFpEkhadxfarLz1sI0dXapbS1SpMgOZMG2MCr54pbClviy+CuvVBP4Q 8LSN9mLl3DFqa0vLHVrRrmOJNjRN4UUdQ4XFewkgjLvEJTNGiv4XlA== =Hbr4 -----END PGP SIGNATURE----- From tss at iki.fi Mon Feb 22 08:28:54 2016 From: tss at iki.fi (Timo Sirainen) Date: Mon, 22 Feb 2016 10:28:54 +0200 Subject: systemd changes in Git/Debian Auto-Builds In-Reply-To: <20160221122314.GA49439@nihlus.leuxner.net> References: <20160221090315.GA54104@nihlus.leuxner.net> <1693574954.14125.22ea9490-41a0-4846-81ec-d4706f3bbfc6.open-xchange@appsuite.open-xchange.com> <20160221122314.GA49439@nihlus.leuxner.net> Message-ID: <183061F7-E2B1-4C66-B064-78A5BD39CE6E@iki.fi> On 21 Feb 2016, at 14:23, Thomas Leuxner wrote: > > * aki.tuomi at dovecot.fi 2016.02.21 12:43: > >> This is fixed in >> https://github.com/dovecot/core/commit/22d75d47097ca83c6e824a5129d81e8f18fb589b > > Thanks Aki. As all patches are in the source tree, I guess this is not included in Stephan's Auto-Build: > > $ dpkg --unpack dovecot-core_2.2.21-1~auto+130_amd64.deb > > $ grep PID /lib/systemd/system/dovecot.service > PIDFile=/var/run/dovecot/dovecot/master.pid > > I manually edited the file afterwards and ran dpkg --configure which brought up the server. Another fix: https://git.dovecot.net/dovecot/core/commit/2d5fcede6dcce079fdca5f0589c9c2142f016a65 From gallego at cri.ensmp.fr Mon Feb 22 09:46:46 2016 From: gallego at cri.ensmp.fr (Emilio =?utf-8?Q?Jes=C3=BAs?= Gallego Arias) Date: Mon, 22 Feb 2016 10:46:46 +0100 Subject: Streaming MOVE commands In-Reply-To: (Jaldhar H. Vyas's message of "Mon, 22 Feb 2016 00:36:46 -0500 (EST)") References: <84wpq68crq.fsf@cri.ensmp.fr> <7068E0DA-AA85-47F4-865C-98495882025D@iki.fi> <8760xiffqz.fsf@cri.ensmp.fr> <382903E1-0654-4A26-AFB2-B314C81DB9A0@iki.fi> Message-ID: <87d1rpvzzt.fsf@cri.ensmp.fr> Thanks a lot both for your help! On Mon, 22 Feb 2016, Timo Sirainen wrote: >> Is this patch suitable of being backported to 2.2.13? (Debian stable) > > Should be. > > BTW. This bug only meant that some expunges were ignored, which at > worst caused unwanted email duplicates. It didn't corrupt the mailbox > state or the client state in any way. Thanks for the update. Testing on 2.2.13. "Jaldhar H. Vyas" writes: > I don't know if the release team will allow it for stable even though > it is a minor change but I'll definitely bring it up for their > consideration. Timo said the bug doesn't corrupt data, but IMVHO a case could be made for stable-updates. I get around 100-200 duplicated mails a day, so it really hampers the usability of the package with my mail client (gnus). Also, it seems that the bug be prevent people to use dsync and other sync tools with Dovecot. Luca, does the patch fix your dsync issues? Unfortunately, I can't properly test the patch with 2.2.13, my mail servers have really low mail volume to consider them "testing". Best, Emilio From otto at igotafrica.com Mon Feb 22 10:26:48 2016 From: otto at igotafrica.com (Otto Saayman) Date: Mon, 22 Feb 2016 12:26:48 +0200 Subject: Replication for all users in Dovecot ISPConfig database Message-ID: <56CAE268.7070000@igotafrica.com> Hello I have set up two servers, one master and one slave, using ISPConfig. I have been using rsync to synchronise mails between the two machines, but this has some unstable results. I had a look at setting up replication: http://wiki.dovecot.org/Replication When I run the command, doveadm user '*', only two users are returned. So when I run this command: doveadm replicator replicate \* I get: 2 users updated I run this command: doveadm sync -u [e-mail address] tcp:[2nd/ slave dovecot server IP address] Here I can input any valid e-mail address in the ISPConfig MySQL database and it works. How do I tell the dovecote server to replicate all the users configured in the MySQL database it uses when it handles logins via POP/ IMAP, all of which is working fine? Is there a command I need to run at a set interval via cron to synchronise the two machines' mailboxes, which are identical in every way except the mails the users' mailboxes contain? OR Is there a way that I can instruct the two machines to keep each other's user mailbox contents "up to date"? The main idea is to have a hot backup of my "main" dovecot server and also to enable a lower mail priority for the second server so that mails are still received when the main server becomes busy, or is taken offline for some reason. Any help, or link to a HOWTO would be appreciated. -- Best Regards *Otto Saayman* /IT Guru and/ /Owner/ *Mobile: E-mail: Skype: Web:* +27 82 821 9119 otto at igotafrica.com ozzmaster80 www.igotafrica.com ?/We can do anything, but we can't do everything./? - John Maxwell Confidentiality notice and disclaimer: This message and the attached files and links contain information intended for the exclusive perusal and/or use, of the addressee only. The information may be confidential and legally privileged and protected by law. Access is authorised only by the intended recipient. If you are not an intended recipient, do not peruse, use, disseminate, distribute, copy or in any manner rely upon the information contained in this message or the attached files (directly or indirectly). The sender and/or IgotAfrica CCshall not be held liable for any loss damage, injury, or expense however caused, whether direct, indirect or consequential in the event that this prohibition is disregarded. If you receive this message and/or the attached files in error, please notify the sender immediately by email, fax or telephone and destroy the original message. The views or representations contained in this communication, whether expressed or implied, are those of the sender only. IgotAfrica CCand the sender do not warrant the truth, integrity, accuracy or completeness of the information provided, or that the message and attached files are free of errors, virus, interception or interference. -------------- next part -------------- A non-text attachment was scrubbed... Name: Image1 Type: image/jpeg Size: 6078 bytes Desc: not available URL: From otto at igotafrica.com Mon Feb 22 10:44:17 2016 From: otto at igotafrica.com (Otto Saayman) Date: Mon, 22 Feb 2016 12:44:17 +0200 Subject: Replication between two ISPCOnfig servers Message-ID: <56CAE681.4060003@igotafrica.com> Hello I have set up two servers, one master and one slave, using ISPConfig. I have been using rsync to synchronise mails between the two machines, but this has some unstable results. I had a look at setting up replication: http://wiki.dovecot.org/Replication When I run the command, doveadm user '*', only two users are returned. So when I run this command: doveadm replicator replicate \* I get: 2 users updated I run this command: doveadm sync -u [e-mail address] tcp:[2nd/ slave dovecot server IP address] Here I can input any valid e-mail address in the ISPConfig MySQL database and it works. How do I tell the dovecote server to replicate all the users configured in the MySQL database it uses when it handles logins via POP/ IMAP, all of which is working fine? Is there a command I need to run at a set interval via cron to synchronise the two machines' mailboxes, which are identical in every way except the mails the users' mailboxes contain? OR Is there a way that I can instruct the two machines to keep each other's user mailbox contents "up to date"? The main idea is to have a hot backup of my "main" dovecot server and also to enable a lower mail priority for the second server so that mails are still received when the main server becomes busy, or is taken offline for some reason. Any help, or link to a HOWTO would be appreciated. -- Best Regards Otto Saayman From bc979 at lafn.org Mon Feb 22 11:02:11 2016 From: bc979 at lafn.org (Doug Hardie) Date: Mon, 22 Feb 2016 03:02:11 -0800 Subject: Dovecot Bulletin In-Reply-To: References: Message-ID: <51FDA2AA-7632-4D72-BDEA-36478F1801E1@lafn.org> > On 20 February 2016, at 18:14, Timo Sirainen wrote: > > On 21 Feb 2016, at 02:50, Kevin Kershner wrote: >> >> I'd like to revisit and old post if I may, will/does Dovecot support the old >> qpopper "Bulletin" ability? >> >> Basically I need a simple way of posting bulletins to all domain users. >> Qpopper maintained a bulletin db for each user and sent them the next >> bulletin in sequence. > > I guess there could be a plugin that does this check on each login. But would it actually be useful? Why would it be better than simply sending the mail to all the users? For example: > > doveadm save -A < bulletin.txt The reasons for bulletins as I see it are: 1. The doveadm save command is undocumented. It does show a cryptic line in the output of the command "doveadm". However, it doesn't give any clue what it does or how to provide the message. Your note above provides considerably more information on that command. I tested it and it works as you have indicated though. 2. The doveadm save command causes the email to be saved in each user's mailbox. If you have a lot of users, thats a lot of wasted disk space. Qpopper's bulletins only kept one copy and every user downloaded from that copy. All that was retained per user was a counter of the last bulletin's sequence number that was downloaded. ? Doug From tlx at leuxner.net Mon Feb 22 11:06:36 2016 From: tlx at leuxner.net (Thomas Leuxner) Date: Mon, 22 Feb 2016 12:06:36 +0100 Subject: systemd changes in Git/Debian Auto-Builds In-Reply-To: <183061F7-E2B1-4C66-B064-78A5BD39CE6E@iki.fi> References: <20160221090315.GA54104@nihlus.leuxner.net> <1693574954.14125.22ea9490-41a0-4846-81ec-d4706f3bbfc6.open-xchange@appsuite.open-xchange.com> <20160221122314.GA49439@nihlus.leuxner.net> <183061F7-E2B1-4C66-B064-78A5BD39CE6E@iki.fi> Message-ID: <20160222110636.GA51234@nihlus.leuxner.net> * Timo Sirainen 2016.02.22 09:28: > Another fix: https://git.dovecot.net/dovecot/core/commit/2d5fcede6dcce079fdca5f0589c9c2142f016a65 Thanks. Confirmed effective. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 181 bytes Desc: Digital signature URL: From noel.butler at ausics.net Mon Feb 22 11:31:39 2016 From: noel.butler at ausics.net (Noel Butler) Date: Mon, 22 Feb 2016 21:31:39 +1000 Subject: To what extent does/will Dovecot depend on systemd? was systemd changes... In-Reply-To: <56CAB540.7090401@dovecot.fi> References: <20160221090315.GA54104@nihlus.leuxner.net> <20160221121059.03eab67b@mydesk.domain.cxm> <56CAB540.7090401@dovecot.fi> Message-ID: On 22/02/2016 17:14, Aki Tuomi wrote: > On 21.02.2016 19:10, Steve Litt wrote: >> On Sun, 21 Feb 2016 10:03:15 +0100 >> Thomas Leuxner wrote: >> >> [snip] >> >>> https://github.com/dovecot/core/commit/53cc71cae88ee81fd7eae47aed743496f8c884a2 >> [snip] >> >>> The PID-File seems to be expected under yet another sub-dir >>> of /var/run/dovecot. >> I wasn't aware that any Dovecot functionalities have become dependent >> on systemd. Is this discussion simply about the unit file and PID file >> location for Dovecot under systemd's process manager, or is Dovecot >> starting to acquire systemd dependencies that will make it difficult >> to >> run without systemd in the future? >> >> Thanks, >> >> SteveT >> >> Steve Litt >> February 2016 featured book: The Key to Everyday Excellence >> http://www.troubleshooters.com/key > We do not depend on systemd, but unit files are provided and > automatically installed if enabled. > > Aki That's excellent news, because hell will freeze over before systemd is introduced to official slackware releases -- If you have the urge to reply to all rather than reply to list, you best first read http://members.ausics.net/qwerty/ From andrew.mcglashan at affinityvision.com.au Mon Feb 22 12:40:39 2016 From: andrew.mcglashan at affinityvision.com.au (Andrew McGlashan) Date: Mon, 22 Feb 2016 23:40:39 +1100 Subject: Setup changes 1.x to 2.x -- custom POP3 account handling required. In-Reply-To: <56CAB037.9000205@affinityvision.com.au> References: <56CAB037.9000205@affinityvision.com.au> Message-ID: <56CB01C7.7080203@affinityvision.com.au> No help? Is this possible to do as I had done before but with the newer version? Thanks A. On 22/02/2016 5:52 PM, Andrew McGlashan wrote: > Hi, > > Previously I did /special/ processing for some email accounts; if a > particular file existed in the user's home directory, then I caused the > account to use /var/mail/$USER file for POP -- otherwise it used IMAP. > > Now, because I adjusted the setup for POP only, IMAP still worked > perfectly well. Some users have both POP and IMAP access for various > reasons. > > The special POP processing was done using a shell script [1] in place of: > /usr/lib/dovecot/pop3 > - which in turn called the normal binary once setting up the > environment. > > Now, I have been forced to upgrade my Debian from squeeze-lts to wheezy > and the dovecot setup is quite different. > > How can I implement my /wrapper/ script for POP handling now? > > Here is my current setup with dovecot -n ... > > # 2.1.7: /etc/dovecot/dovecot.conf > # OS: Linux 2.6.32-5-xen-amd64 x86_64 Debian 7.9 > mail_location = maildir:~/Maildir > namespace inbox { > inbox = yes > location = > mailbox Drafts { > special_use = \Drafts > } > mailbox Junk { > special_use = \Junk > } > mailbox Sent { > special_use = \Sent > } > mailbox "Sent Items" { > special_use = \Sent > } > mailbox "Sent Messages" { > special_use = \Sent > } > mailbox Trash { > special_use = \Trash > } > prefix = > } > passdb { > driver = pam > } > plugin { > sieve = ~/.dovecot.sieve > sieve_dir = ~/sieve > } > protocols = " imap pop3" > service imap-login { > inet_listener imap { > port = 0 > } > } > service pop3-login { > inet_listener pop3 { > port = 0 > } > } > ssl = required > ssl_cert = ssl_key = userdb { > driver = passwd > } > > > [1] This is the content of the original wrapper script: > > #!/bin/sh > > if [ -f $HOME/.use-mbox-for-pop3s ]; then > export MAIL=mbox:$HOME/mail:INBOX=/var/mail/$USER > export USER_INBOX=/var/mail/$USER > if [ -f $USER_INBOX ] > then > export USER_INBOX_GROUP=$(stat -c %G $USER_INBOX) > if [ $USER_INBOX_GROUP != $USER ] > then > ( > date > ls -l $USER_INBOX > chown Debian-exim:$USER $USER_INBOX > ls -l $USER_INBOX > ) >> /var/log/usr-lib-dovecot--pop3-affinity.log > fi > fi > else > if [ -d $HOME/Maildir ]; then > export MAIL=Maildir:$HOME/Maildir > else > export MAIL=mbox:$HOME/mail:INBOX=/var/mail/$USER > fi > fi > > # Finally execute the imap/pop3. If you use both, you'll need two scripts. > # - this customization just for POP3S ... > exec /usr/lib/dovecot/pop3 > > > > Thanks > AndrewM From leon at f-m.fm Mon Feb 22 12:41:44 2016 From: leon at f-m.fm (Leon Kyneur) Date: Mon, 22 Feb 2016 23:41:44 +1100 Subject: Automatically inferring %d on multi-domain virtual install ? In-Reply-To: References: <20160212192550.GR16357@HEDWIG.INI.CMU.EDU> <20160219211037.GB16357@HEDWIG.INI.CMU.EDU> Message-ID: <56CB0208.1080803@f-m.fm> On 22/02/16 18:56, Steffen Kaiser wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Sun, 21 Feb 2016, Leon Kyneur wrote: > >> Date: Sun, 21 Feb 2016 10:51:21 +0000 >> From: Leon Kyneur >> To: Dovecot Mailing List , Timo Sirainen >> >> Subject: Re: Automatically inferring %d on multi-domain virtual >> install ? >> >> very intrigued by your solution Timo, have attempted something >> similar in >> the past to no avail. >> >> When I tried I was unable to retain the user at domain when setting the >> domain >> as extra field - protected is new to me and can't find documentation >> - but >> also doesn't work :( >> >> # cat passwd.domains >> 10.100.1.1:::::::domain:protected=foo.org >> 10.100.1.2:::::::domain:protected=bar.org >> >> # cat imap.passwd >> user at bar.org:{plain}password:::::: >> user at foo.org:{plain}password:::::: >> >> dovecot.conf: >> >> passdb { >> args = username_format=%l /etc/dovecot/passwd.domains > > What, if you use: > > args = username_format=%l@%d /etc/dovecot/passwd.domains > and: > > 10.100.1.1@:::::::domain:protected=foo.org > in the file .... This works! Thankyou, this is a little simpler than my current fix which relies on SQL to make this work, and a series of %{domain_first} in later passdbs to ensure the right domain is being checked (it's ugly, believe me). I still do not understand what 'protected' does though? > >> default_fields = nopassword=y >> driver = passwd-file >> result_success = continue >> } >> >> passdb { >> args = scheme=plain-md5 username_format=%u /etc/dovecot/imap.passwd >> driver = passwd-file >> } >> >> 1. user without domain localip 10.100.1.1 - adds foo.org: >> # doveadm auth lookup -x lip=10.100.1.1 user >> passdb: user >> user : user at foo.org >> >> 2. user without domain localip 10.100.1.2 - adds bar.org >> # doveadm auth lookup -x lip=10.100.1.2 user >> passdb: user >> user : user at bar.org >> >> 3. user WITH domain bar.org on localip 10.100.1.1 - still adds >> foo.org??? >> # doveadm auth lookup -x lip=10.100.1.1 user at bar.org >> passdb: user at bar.org >> user : user at foo.org >> >> Is the protected suffix supposed protect domain and not change it here? >> >> >> On Sun, Feb 21, 2016 at 1:20 PM Timo Sirainen wrote: >> >>> How about: >>> >>> passdb { >>> driver = passwd-file >>> args = username_format=%l /etc/dovecot/passwd.domains >>> result_success = continue >>> } >>> >>> passdb { >>> .. the real passdb for authentication .. >>> } >>> >>> Where /etc/dovecot/passwd.domains contains: >>> >>> 10.0.0.100:::::domain=foo.org >>> 10.0.0.101:::::domain=bar.org >>> >>> So the first passdb lookup would set the domain based on IP and then >>> continue for the actual authentication. Or if you don't want it to >>> override >>> an explicit user at domain authentication, this should also work: >>> >>> 10.0.0.100:::::domain:protected=foo.org >>> 10.0.0.101:::::domain:protected=bar.org >>> >>> Not tested, but should work I think. At least with new enough Dovecot >>> versions. >>> >>>> On 19 Feb 2016, at 23:10, Gabriel L. Somlo wrote: >>>> >>>> On Fri, Feb 19, 2016 at 08:41:15AM +0100, Steffen Kaiser wrote: >>>>>> I'm trying to allow domain-less logins for a multi-domain virtual >>>>>> IMAP >>>>>> server, and wondering if I can automatically infer the domain >>>>>> (value of >>>>>> variable %d) from the local IP (%l) or the hostname used by the >>>>>> client >>>>>> when connecting to my server. >>>>>> >>>>>> Let's say I have two host names: mail.foo.org (10.0.0.100) and >>>>>> mail.bar.com (10.0.0.200), with forward and reverse DNS >>>>>> configured to >>>>>> resolve A and PTR records in either direction. >>>>>> >>>>>> Let's also say I have 10.0.0.100 and 10.0.0.200 set up as >>>>>> secondaries >>>>>> on my server's loopback interface, and routing is set up to bring >>> client >>>>>> traffic to me for both of those IP addresses. >>>>> >>>>> Hm, it should be possible like so: >>>>> >>>>> 1) keep the file you have now as 2nd passdb, in order to let your >>>>> users >>>>> login like now from anywhere >>>>> >>>>>> user1 at foo.org:{PLAIN}user1foo >>>>> >>>>> 2) from this file create another passwd-file with ExtraField via >>>>> script >>> / >>>>> cron jobs, that defines >>>>> >>>>> user1 at 10.0.0.100:{PLAIN}user1foo:::::user=user1 at foo.org >>>>> >>>>> see http://wiki2.dovecot.org/PasswordDatabase/ExtraFields >>>>> >>>>> Maybe allow_nets could limit the clients further. >>>>> >>>>> Then add another passdb section pointing to that file using >>>>> username_format=%n@%l >>>>> >>>>> http://wiki2.dovecot.org/AuthDatabase/PasswdFile >>>>> >>>>> That will map domain-less logins to full mail addresses, which in >>>>> turn >>> sets >>>>> %d, too. >>>> >>>> That *almost* worked :) >>>> >>>> I now have >>>> >>>> passdb { >>>> driver = passwd-file >>>> args = username_format=%n@%l /var/lib/topgen/etc/postfix/users >>>> } >>>> >>>> pointing to a "users" file with entries such as >>>> >>>> user1 at 10.0.0.100:{PLAIN}user1foo:::::user=user1 at foo.org >>>> >>>> The only trouble is, %d does not get set; I get new "user1" and >>>> "user2" folders created directly under /var/lib/vmail/, which >>>> indicates the %d portion is equal to the empty string. >>>> >>>> I also tried >>>> >>>> user1 at 111.0.10.10:{PLAIN}tartans1:::::domain=foo.org >>>> >>>> which the PasswordDatabase wiki page says should override %d, but >>>> still no luck... >>>> >>>> Thanks for the pointer though, now that I read the relevant bits of >>>> documentation it feels like I'm really close, and this *should* work. >>>> I'm still either missing something, or tickling a bug (probably the >>>> former :) >>>> >>>> Thanks, >>>> --Gabriel >>>> >>>>> >>>>>> >>>>>> The relevant bits of my dovecot.conf are: >>>>>> >>>>>> ---%<------------------------------------------------------------------ >>>>>> >>>>>> mail_location = maildir:/var/lib/vmail/%d/%n >>>>>> passdb { >>>>>> driver = passwd-file >>>>>> args = /var/lib/vmail/etc/postfix/userdb >>>>>> } >>>>>> userdb { >>>>>> driver = static >>>>>> args = uid=dovenull gid=dovenull home=/var/lib/vmail/%d/%n >>>>>> } >>>>>> ---%<------------------------------------------------------------------ >>>>>> >>>>>> >>>>>> And my userdb passwd-file right now includes: >>>>>> >>>>>> ---%<------------------------------------------------------------------ >>>>>> >>>>>> user1 at foo.org:{PLAIN}user1foo >>>>>> user2 at foo.org:{PLAIN}user2foo >>>>>> user1 at bar.com:{PLAIN}user1bar >>>>>> user2 at bar.com:{PLAIN}user2bar >>>>>> ---%<------------------------------------------------------------------ >>>>>> >>>>>> >>>>>> Right now, user1 at foo.org must configure their imap client like so: >>>>>> >>>>>> IMAP server: mail.foo.org >>>>>> username: user1 at foo.org >>>>>> password: user1foo >>>>>> >>>>>> I would like to require this (and other) users to only have to set: >>>>>> >>>>>> IMAP server: mail.foo.org >>>>>> username: user1 >>>>>> password: ... >>>>>> >>>>>> and have dovecot somehow infer the "@foo.org" domain based on the >>>>>> fact >>>>>> that the connection was made to 10.0.0.100, which is >>>>>> mail.foo.org, and >>>>>> therefore the domain can *only* be "@foo.org". >>>>>> >>>>>> I could start out by splitting my user database into two files: >>>>>> >>>>>> userdb.foo.org >>>>>> ---%<------------------------------------------------------------------ >>>>>> >>>>>> user1:{PLAIN}user1foo >>>>>> user2:{PLAIN}user2foo >>>>>> ---%<------------------------------------------------------------------ >>>>>> >>>>>> >>>>>> userdb.bar.com >>>>>> ---%<------------------------------------------------------------------ >>>>>> >>>>>> user1:{PLAIN}user1bar >>>>>> user2:{PLAIN}user2bar >>>>>> ---%<------------------------------------------------------------------ >>>>>> >>>>>> >>>>>> ... then modify dovecot.conf's passdb setup like so: >>>>>> >>>>>> ---%<------------------------------------------------------------------ >>>>>> >>>>>> passdb { >>>>>> driver = passwd-file >>>>>> args = /var/lib/vmail/etc/postfix/userdb.%d >>>>>> } >>>>>> ---%<------------------------------------------------------------------ >>>>>> >>>>>> >>>>>> ... but how would I insure that %d is set to the proper value based >>>>>> on e.g. a reverse lookup of %l, which, in foo.org's case would be >>>>>> 10.0.0.100, and resolve to mail.foo.org, and *somehow* that would >>>>>> match %d == "@foo.org" ? >>>>>> >>>>>> Is this even possible in the first place, or am I just being too >>>>>> fussy >>>>>> about the aesthetics of my users' imap client config files ? :) :) >>>>>> >>>>>> Thanks much, >>>>>> --Gabriel >>>>>> >>>>> >>>>> - -- Steffen Kaiser >>>>> -----BEGIN PGP SIGNATURE----- >>>>> Version: GnuPG v1 >>>>> >>>>> iQEVAwUBVsbHG3z1H7kL/d9rAQLzRggAoBVJDWXDakkqLD+Gye/9KjHvfcIFkf+5 >>>>> u3W7ZlPSvyePaAM8u0TDnIPJ15aeyO6XZbTTqB9iKQXzluCusvhNOUl14nVO4CjW >>>>> gJASzpo1Kc9moWW7sWXTF/MCO+O4zVSBtJWdVmJch80hQT8LJxG3jU45FJAd1Jj3 >>>>> j+Rso5vEtH3Qw8i1cePaRc6FpDQ+7wboUI53OVjSKJGXbsyK5MXJFhoyvOo8UnvU >>>>> KdbyFoGkYR4n3zaSrkwof6TrRqqgcGA2TUyeQIS8j+ArhDpi7ilOU6x904KK7LoE >>>>> Ff2CzskTaTwEyTW1DZgJzLPc38PzMv9PX7QNUhdPHLFnYrhrutOfww== >>>>> =CFD6 >>>>> -----END PGP SIGNATURE----- >>> >> > > - -- Steffen Kaiser > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1 > > iQEVAwUBVsq/OHz1H7kL/d9rAQI0zAgAmJoE93zZ4qwc+xsJKuhGBIYIhyTZ7rmv > 8i62HsBzznqxBf2r0OWd4QDmWuyPE+vD3jAsD4pZvrLvbSXbkTrLUxUJwDhxoRtT > Ox37JS4y4LawGbeIbwvPkKOn6IuktGqZPEfj0PObuCcdjHwS3oETgRP3FUYIrqEq > ujyK7l7VSq8idHqLYa+9SA2YunBeq+LVVskB8z50+ut764nQq/bcqT3gn7MXER5I > KIUUzWsFJXFpEkhadxfarLz1sI0dXapbS1SpMgOZMG2MCr54pbClviy+CuvVBP4Q > 8LSN9mLl3DFqa0vLHVrRrmOJNjRN4UUdQ4XFewkgjLvEJTNGiv4XlA== > =Hbr4 > -----END PGP SIGNATURE----- From alex.dovecot at kerkhove.net Mon Feb 22 12:47:57 2016 From: alex.dovecot at kerkhove.net (alex) Date: Mon, 22 Feb 2016 13:47:57 +0100 Subject: dovecot local indexes and multiple servers Message-ID: <56CB037D.5060106@kerkhove.net> Hi, I've been testing mdbox with local indexes on our nfs based directors + multiple imap/lda/pop3 server setup. The performance is noticeably better than maildir with indexes on nfs, so I'd like to make this work. About the possible direction to other servers the wiki says that it will create a new index 'on the fly'. That is true, but after the index is recreated, Thunderbird (imap) re-downloads all the messages and sees all those messages as unread again! This is probably quite logical as the message status is only kept in the indexes, but this is not very customer friendly. Is there a way to avoid this problem? I'd rather not manually sync those local indexes between our servers. In fact, I was planning on deleting (old) indexes when a user moved to another server or even if they haven't checked their mail for XX days. with up to 10Gb mailboxes the indexes themselves can get up to 20-40Mb for a mailbox. that amounts to quite a lot of storage for 200k+ users. Thanks, Alex. From soko.tica at gmail.com Mon Feb 22 14:11:54 2016 From: soko.tica at gmail.com (soko.tica) Date: Mon, 22 Feb 2016 15:11:54 +0100 Subject: User@domain.tld doesn't exist (postfix error 550 5.1.1) Message-ID: Hello list, I am trying to send an e-mail message from the local root to another local user (alias to root) on the same box. While it functions without dovecot, it doesn't work with dovecot installed. Local user is recognized, but local user at domain.tld isn't. While this option is turned on in postfix, I believe it has something with dovecot configuration, due to doveadm isnt' able to recognise user at domain.tld Bellow are the outputs of doveadm user username, doveadm user username at domain.tld, doveconf -n, tail -f /var/log/mail.log, cat /etc/aliases and postconf -n. Please advise. Thanks in advance. # doveadm user testuser field value uid 1000 gid 1000 home /home/testuser mail maildir:~/Maildir system_groups_user testuser ======================================== # doveadm user testuser at mail.domain.tld field valueuserdb lookup: user testuser at mail.domain.tld doesn't exist ====================================== # doveadm user testuser at domain.tld field valueuserdb lookup: user testuser at domain.tld doesn't exist ======================================= # doveconf -n # 2.2.13: /etc/dovecot/dovecot.conf # OS: Linux 3.18.26-x1-64 x86_64 Debian 8.3 hostname = mail.domain.tld lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes lda_original_recipient_header = X-Original-To lmtp_save_to_detail_mailbox = yes mail_location = maildir:~/Maildir maildir_very_dirty_syncs = yes namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = separator = / type = private } passdb { driver = pam } passdb { driver = pam } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } postmaster_address = postmaster at mail.domain.tld protocols = lmtp service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0600 user = postfix } } ssl = no ssl_cert = , orig_to=, relay=mail.domain.tld[private/dovecot-lmtp], delay=0.01, delays=0/0/0.01/0, dsn=5.1.1, status=bounced (host mail.domain.tld[private/dovecot-lmtp] said: 550 5.1.1 User doesn't exist: testuser at mail.domain.tld (in reply to RCPT TO command)) Feb 22 13:21:01 uidigaa4 dovecot: lmtp(4764): Disconnect from local: Successful quit Feb 22 13:21:01 uidigaa4 postfix/qmgr[4657]: 82EA222140: removed ======================= # cat /etc/aliases # See man 5 aliases for format postmaster: root root: testuser =================== # postconf -n alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases append_dot_mydomain = no biff = no config_directory = /etc/postfix delay_warning_time = 4h inet_interfaces = all mailbox_size_limit = 0 mailbox_transport = lmtp:unix:private/dovecot-lmtp mydestination = $myhostname localhost.$mydomain localhost $mydomain mydomain = domain.tld myhostname = mail.domain.tld mynetworks = [::ffff:127.0.0.0]/104 [::1]/128 myorigin = $myhostname notify_classes = resource, software readme_directory = no recipient_delimiter = + relay_domains = $mydestination relay_transport = error smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtpd_use_tls = yes From soko.tica at gmail.com Mon Feb 22 15:18:19 2016 From: soko.tica at gmail.com (soko.tica) Date: Mon, 22 Feb 2016 16:18:19 +0100 Subject: User@domain.tld doesn't exist (postfix error 550 5.1.1) In-Reply-To: References: Message-ID: The solution was auth_username_format = %Ln in /etc/dovecot/conf.d/10-auth.conf I saw it on another thread. Thanks Pascal On Mon, Feb 22, 2016 at 3:11 PM, soko.tica wrote: > Hello list, > > I am trying to send an e-mail message from the local root to another local > user (alias to root) on the same box. While it functions without dovecot, > it doesn't work with dovecot installed. Local user is recognized, but local > user at domain.tld isn't. While this option is turned on in postfix, I > believe it has something with dovecot configuration, due to doveadm isnt' > able to recognise user at domain.tld > > Bellow are the outputs of doveadm user username, doveadm user > username at domain.tld, doveconf -n, tail -f /var/log/mail.log, cat > /etc/aliases and postconf -n. > > Please advise. Thanks in advance. > > # doveadm user testuser > field value > uid 1000 > gid 1000 > home /home/testuser > mail maildir:~/Maildir > system_groups_user testuser > ======================================== > # doveadm user testuser at mail.domain.tld > field valueuserdb lookup: user testuser at mail.domain.tld doesn't exist > ====================================== > # doveadm user testuser at domain.tld > field valueuserdb lookup: user testuser at domain.tld doesn't exist > ======================================= > # doveconf -n > # 2.2.13: /etc/dovecot/dovecot.conf > # OS: Linux 3.18.26-x1-64 x86_64 Debian 8.3 > hostname = mail.domain.tld > lda_mailbox_autocreate = yes > lda_mailbox_autosubscribe = yes > lda_original_recipient_header = X-Original-To > lmtp_save_to_detail_mailbox = yes > mail_location = maildir:~/Maildir > maildir_very_dirty_syncs = yes > namespace inbox { > inbox = yes > location = > mailbox Drafts { > special_use = \Drafts > } > mailbox Junk { > special_use = \Junk > } > mailbox Sent { > special_use = \Sent > } > mailbox "Sent Messages" { > special_use = \Sent > } > mailbox Trash { > special_use = \Trash > } > prefix = > separator = / > type = private > } > passdb { > driver = pam > } > passdb { > driver = pam > } > plugin { > sieve = ~/.dovecot.sieve > sieve_dir = ~/sieve > } > postmaster_address = postmaster at mail.domain.tld > protocols = lmtp > service lmtp { > unix_listener /var/spool/postfix/private/dovecot-lmtp { > group = postfix > mode = 0600 > user = postfix > } > } > ssl = no > ssl_cert = ssl_key = userdb { > driver = passwd > } > userdb { > driver = passwd > } > protocol lmtp { > mail_fsync = optimized > } > protocol lda { > mail_fsync = optimized > } > =============================== > # tail -f /var/log/mail.log > > Feb 22 13:21:01 uidigaa4 postfix/qmgr[4657]: 75E0722137: removed > Feb 22 13:21:01 uidigaa4 dovecot: lmtp(4764): Connect from local > Feb 22 13:21:01 uidigaa4 postfix/lmtp[4763]: 82EA222140: > to=, orig_to=, > relay=mail.domain.tld[private/dovecot-lmtp], delay=0.01, delays=0/0/0.01/0, > dsn=5.1.1, status=bounced (host mail.domain.tld[private/dovecot-lmtp] said: > 550 5.1.1 User doesn't exist: > testuser at mail.domain.tld (in reply to RCPT TO command)) > Feb 22 13:21:01 uidigaa4 dovecot: lmtp(4764): Disconnect from local: > Successful quit > Feb 22 13:21:01 uidigaa4 postfix/qmgr[4657]: 82EA222140: removed > ======================= > # cat /etc/aliases > # See man 5 aliases for format > postmaster: root > root: testuser > =================== > # postconf -n > alias_database = hash:/etc/aliases > alias_maps = hash:/etc/aliases > append_dot_mydomain = no > biff = no > config_directory = /etc/postfix > delay_warning_time = 4h > inet_interfaces = all > mailbox_size_limit = 0 > mailbox_transport = lmtp:unix:private/dovecot-lmtp > mydestination = $myhostname localhost.$mydomain localhost $mydomain > mydomain = domain.tld > myhostname = mail.domain.tld > mynetworks = [::ffff:127.0.0.0]/104 [::1]/128 > myorigin = $myhostname > notify_classes = resource, software > readme_directory = no > recipient_delimiter = + > relay_domains = $mydestination > relay_transport = error > smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache > smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) > smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem > smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key > smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache > smtpd_use_tls = yes > > From andrew.mcglashan at affinityvision.com.au Mon Feb 22 15:34:57 2016 From: andrew.mcglashan at affinityvision.com.au (Andrew McGlashan) Date: Tue, 23 Feb 2016 02:34:57 +1100 Subject: Require different setting for mail_location for each of POP3S and IMAPS protocols Message-ID: <56CB2AA1.6080704@affinityvision.com.au> Okay, Let's try this a different way. I've been able to configure past dovecot to have a different mail_location setting for the same user, but with different protocols. When the user requests POP3S, I adjusted the mail_location to /var/mail/$USER (with mbox in use). When that *same* user requested IMAPS protocol, the required mail_location is the Maildir folder. This allows for independent two mail storage locations, one for the use of mbox and the other for the use of Maildir *and* for the same user. Some users only require mbox with others only requiring Maildir. So, I need to cater for each of these situations. How might I adjust current dovecot configuration to provide different mail_location settings for different protocols? Old dovecot allowed me to run a script before POP3S processing that gave me the chance to adjust the mail_location variable. That is what I need now, just for POP3S. Thanks AndrewM From cstkersh at outlook.com Mon Feb 22 15:45:42 2016 From: cstkersh at outlook.com (Kevin Kershner) Date: Mon, 22 Feb 2016 08:45:42 -0700 Subject: Dovecot Bulletin Message-ID: It also got the bulletin out to new users without admin intervention. Sent from Mobile ________________________________ From: Doug Hardie Sent: ?2/?22/?2016 4:02 To: Dovecot Mailing List; Timo Sirainen Cc: Kevin Kershner Subject: Re: Dovecot Bulletin > On 20 February 2016, at 18:14, Timo Sirainen wrote: > > On 21 Feb 2016, at 02:50, Kevin Kershner wrote: >> >> I'd like to revisit and old post if I may, will/does Dovecot support the old >> qpopper "Bulletin" ability? >> >> Basically I need a simple way of posting bulletins to all domain users. >> Qpopper maintained a bulletin db for each user and sent them the next >> bulletin in sequence. > > I guess there could be a plugin that does this check on each login. But would it actually be useful? Why would it be better than simply sending the mail to all the users? For example: > > doveadm save -A < bulletin.txt The reasons for bulletins as I see it are: 1. The doveadm save command is undocumented. It does show a cryptic line in the output of the command "doveadm". However, it doesn't give any clue what it does or how to provide the message. Your note above provides considerably more information on that command. I tested it and it works as you have indicated though. 2. The doveadm save command causes the email to be saved in each user's mailbox. If you have a lot of users, thats a lot of wasted disk space. Qpopper's bulletins only kept one copy and every user downloaded from that copy. All that was retained per user was a counter of the last bulletin's sequence number that was downloaded. ? Doug From tss at iki.fi Mon Feb 22 15:57:13 2016 From: tss at iki.fi (Timo Sirainen) Date: Mon, 22 Feb 2016 17:57:13 +0200 Subject: Dovecot Bulletin In-Reply-To: <51FDA2AA-7632-4D72-BDEA-36478F1801E1@lafn.org> References: <51FDA2AA-7632-4D72-BDEA-36478F1801E1@lafn.org> Message-ID: > On 22 Feb 2016, at 13:02, Doug Hardie wrote: > > >> On 20 February 2016, at 18:14, Timo Sirainen wrote: >> >> On 21 Feb 2016, at 02:50, Kevin Kershner wrote: >>> >>> I'd like to revisit and old post if I may, will/does Dovecot support the old >>> qpopper "Bulletin" ability? >>> >>> Basically I need a simple way of posting bulletins to all domain users. >>> Qpopper maintained a bulletin db for each user and sent them the next >>> bulletin in sequence. >> >> I guess there could be a plugin that does this check on each login. But would it actually be useful? Why would it be better than simply sending the mail to all the users? For example: >> >> doveadm save -A < bulletin.txt > > The reasons for bulletins as I see it are: > > 1. The doveadm save command is undocumented. It does show a cryptic line in the output of the command "doveadm". However, it doesn't give any clue what it does or how to provide the message. Your note above provides considerably more information on that command. I tested it and it works as you have indicated though. Yeah, would be good to add a man page to it.. > 2. The doveadm save command causes the email to be saved in each user's mailbox. If you have a lot of users, thats a lot of wasted disk space. Qpopper's bulletins only kept one copy and every user downloaded from that copy. All that was retained per user was a counter of the last bulletin's sequence number that was downloaded. With sdbox and Maildir formats the mails can be hard linked to provide only one copy. This would have to be done by delivering the mail once and then using doveadm copy to copy it to everybody else. These kind of bulletins would be pretty complicated to implement in a generic way. From slitt at troubleshooters.com Mon Feb 22 16:00:58 2016 From: slitt at troubleshooters.com (Steve Litt) Date: Mon, 22 Feb 2016 11:00:58 -0500 Subject: To what extent does/will Dovecot depend on systemd? was systemd changes... In-Reply-To: <56CAB540.7090401@dovecot.fi> References: <20160221090315.GA54104@nihlus.leuxner.net> <20160221121059.03eab67b@mydesk.domain.cxm> <56CAB540.7090401@dovecot.fi> Message-ID: <20160222110058.634a04f5@mydesk.domain.cxm> On Mon, 22 Feb 2016 09:14:08 +0200 Aki Tuomi wrote: > On 21.02.2016 19:10, Steve Litt wrote: > > On Sun, 21 Feb 2016 10:03:15 +0100 > > Thomas Leuxner wrote: > > > > [snip] > > > >> https://github.com/dovecot/core/commit/53cc71cae88ee81fd7eae47aed743496f8c884a2 > > [snip] > > > >> The PID-File seems to be expected under yet another sub-dir > >> of /var/run/dovecot. > > I wasn't aware that any Dovecot functionalities have become > > dependent on systemd. Is this discussion simply about the unit file > > and PID file location for Dovecot under systemd's process manager, > > or is Dovecot starting to acquire systemd dependencies that will > > make it difficult to run without systemd in the future? > > > > Thanks, > > > > SteveT > > > > Steve Litt > > February 2016 featured book: The Key to Everyday Excellence > > http://www.troubleshooters.com/key > We do not depend on systemd, but unit files are provided and > automatically installed if enabled. > > Aki Thanks Aki, This was what I hoped to hear. SteveT Steve Litt February 2016 featured book: The Key to Everyday Excellence http://www.troubleshooters.com/key From mcguire at neurotica.com Mon Feb 22 17:22:07 2016 From: mcguire at neurotica.com (Dave McGuire) Date: Mon, 22 Feb 2016 12:22:07 -0500 Subject: To what extent does/will Dovecot depend on systemd? was systemd changes... In-Reply-To: References: <20160221090315.GA54104@nihlus.leuxner.net> <20160221121059.03eab67b@mydesk.domain.cxm> <56CAB540.7090401@dovecot.fi> Message-ID: <56CB43BF.2040401@neurotica.com> On 02/22/2016 06:31 AM, Noel Butler wrote: >>>> https://github.com/dovecot/core/commit/53cc71cae88ee81fd7eae47aed743496f8c884a2 >>>> >>> [snip] >>> >>>> The PID-File seems to be expected under yet another sub-dir >>>> of /var/run/dovecot. >>> I wasn't aware that any Dovecot functionalities have become dependent >>> on systemd. Is this discussion simply about the unit file and PID file >>> location for Dovecot under systemd's process manager, or is Dovecot >>> starting to acquire systemd dependencies that will make it difficult to >>> run without systemd in the future? >>> >>> February 2016 featured book: The Key to Everyday Excellence >>> http://www.troubleshooters.com/key >> We do not depend on systemd, but unit files are provided and >> automatically installed if enabled. > > That's excellent news, because hell will freeze over before systemd is > introduced to official slackware releases Or Solaris, for that matter. -Dave -- Dave McGuire, AK4HZ New Kensington, PA From aki.tuomi at dovecot.fi Mon Feb 22 18:27:06 2016 From: aki.tuomi at dovecot.fi (aki.tuomi at dovecot.fi) Date: Mon, 22 Feb 2016 20:27:06 +0200 (EET) Subject: To what extent does/will Dovecot depend on systemd? was systemd changes... In-Reply-To: <56CB43BF.2040401@neurotica.com> References: <20160221090315.GA54104@nihlus.leuxner.net> <20160221121059.03eab67b@mydesk.domain.cxm> <56CAB540.7090401@dovecot.fi> <56CB43BF.2040401@neurotica.com> Message-ID: <2011807008.19376.22ea9490-41a0-4846-81ec-d4706f3bbfc6.open-xchange@appsuite.open-xchange.com> > On February 22, 2016 at 7:22 PM Dave McGuire wrote: > > > On 02/22/2016 06:31 AM, Noel Butler wrote: > >>>> https://github.com/dovecot/core/commit/53cc71cae88ee81fd7eae47aed743496f8c884a2 > >>>> > >>> [snip] > >>> > >>>> The PID-File seems to be expected under yet another sub-dir > >>>> of /var/run/dovecot. > >>> I wasn't aware that any Dovecot functionalities have become dependent > >>> on systemd. Is this discussion simply about the unit file and PID file > >>> location for Dovecot under systemd's process manager, or is Dovecot > >>> starting to acquire systemd dependencies that will make it difficult to > >>> run without systemd in the future? > >>> > >>> February 2016 featured book: The Key to Everyday Excellence > >>> http://www.troubleshooters.com/key > >> We do not depend on systemd, but unit files are provided and > >> automatically installed if enabled. > > > > That's excellent news, because hell will freeze over before systemd is > > introduced to official slackware releases > > Or Solaris, for that matter. > > -Dave > > -- > Dave McGuire, AK4HZ > New Kensington, PA Thank you for your feedback on this matter. We will keep this in mind. --- Aki Tuomi From mcguire at neurotica.com Mon Feb 22 18:29:20 2016 From: mcguire at neurotica.com (Dave McGuire) Date: Mon, 22 Feb 2016 13:29:20 -0500 Subject: To what extent does/will Dovecot depend on systemd? was systemd changes... In-Reply-To: <2011807008.19376.22ea9490-41a0-4846-81ec-d4706f3bbfc6.open-xchange@appsuite.open-xchange.com> References: <20160221090315.GA54104@nihlus.leuxner.net> <20160221121059.03eab67b@mydesk.domain.cxm> <56CAB540.7090401@dovecot.fi> <56CB43BF.2040401@neurotica.com> <2011807008.19376.22ea9490-41a0-4846-81ec-d4706f3bbfc6.open-xchange@appsuite.open-xchange.com> Message-ID: <56CB5380.1030103@neurotica.com> On 02/22/2016 01:27 PM, aki.tuomi at dovecot.fi wrote: >>>>> [snip] >>>>> >>>>>> The PID-File seems to be expected under yet another sub-dir >>>>>> of /var/run/dovecot. >>>>> I wasn't aware that any Dovecot functionalities have become dependent >>>>> on systemd. Is this discussion simply about the unit file and PID file >>>>> location for Dovecot under systemd's process manager, or is Dovecot >>>>> starting to acquire systemd dependencies that will make it difficult to >>>>> run without systemd in the future? >>>>> >>>>> February 2016 featured book: The Key to Everyday Excellence >>>>> http://www.troubleshooters.com/key >>>> We do not depend on systemd, but unit files are provided and >>>> automatically installed if enabled. >>> >>> That's excellent news, because hell will freeze over before systemd is >>> introduced to official slackware releases >> >> Or Solaris, for that matter. > > Thank you for your feedback on this matter. We will keep this in mind. Thank you Aki. -Dave -- Dave McGuire, AK4HZ New Kensington, PA From micah at riseup.net Mon Feb 22 19:18:44 2016 From: micah at riseup.net (micah) Date: Mon, 22 Feb 2016 14:18:44 -0500 Subject: Dovecot Bulletin In-Reply-To: References: Message-ID: <87fuwkft9n.fsf@riseup.net> Using doveadm copy is an interesting solution because of the hardlinking. I wonder how fast it is, because almost every time I use the -A flag, the iterations over 100k users takes a long time. We email the 'bulletin' to all of our users, everyone gets a copy, that way an admin doesn't need to do it, but it does mean that we duplicate the data quite a lot. Kevin Kershner writes: > It also got the bulletin out to new users without admin intervention. > > Sent from Mobile > ________________________________ > From: Doug Hardie > Sent: ?2/?22/?2016 4:02 > To: Dovecot Mailing List; Timo Sirainen > Cc: Kevin Kershner > Subject: Re: Dovecot Bulletin > > >> On 20 February 2016, at 18:14, Timo Sirainen wrote: >> >> On 21 Feb 2016, at 02:50, Kevin Kershner wrote: >>> >>> I'd like to revisit and old post if I may, will/does Dovecot support the old >>> qpopper "Bulletin" ability? >>> >>> Basically I need a simple way of posting bulletins to all domain users. >>> Qpopper maintained a bulletin db for each user and sent them the next >>> bulletin in sequence. >> >> I guess there could be a plugin that does this check on each login. But would it actually be useful? Why would it be better than simply sending the mail to all the users? For example: >> >> doveadm save -A < bulletin.txt > > The reasons for bulletins as I see it are: > > 1. The doveadm save command is undocumented. It does show a cryptic line in the output of the command "doveadm". However, it doesn't give any clue what it does or how to provide the message. Your note above provides considerably more information on that command. I tested it and it works as you have indicated though. > > 2. The doveadm save command causes the email to be saved in each user's mailbox. If you have a lot of users, thats a lot of wasted disk space. Qpopper's bulletins only kept one copy and every user downloaded from that copy. All that was retained per user was a counter of the last bulletin's sequence number that was downloaded. > > ? Doug From cstkersh at outlook.com Mon Feb 22 19:48:45 2016 From: cstkersh at outlook.com (Kevin Kershner) Date: Mon, 22 Feb 2016 12:48:45 -0700 Subject: Dovecot Bulletin In-Reply-To: <87fuwkft9n.fsf@riseup.net> References: <87fuwkft9n.fsf@riseup.net> Message-ID: Yup, exactly what I hoped to avoid. Maybe a new feature to consider for future release. K -----Original Message----- From: micah [mailto:micah at riseup.net] Sent: Monday, February 22, 2016 12:19 PM To: Kevin Kershner; Doug Hardie; Dovecot Mailing List; Timo Sirainen Subject: RE: Dovecot Bulletin Using doveadm copy is an interesting solution because of the hardlinking. I wonder how fast it is, because almost every time I use the -A flag, the iterations over 100k users takes a long time. We email the 'bulletin' to all of our users, everyone gets a copy, that way an admin doesn't need to do it, but it does mean that we duplicate the data quite a lot. Kevin Kershner writes: > It also got the bulletin out to new users without admin intervention. > > Sent from Mobile > ________________________________ > From: Doug Hardie > Sent: ?2/?22/?2016 4:02 > To: Dovecot Mailing List; Timo > Sirainen > Cc: Kevin Kershner > Subject: Re: Dovecot Bulletin > > >> On 20 February 2016, at 18:14, Timo Sirainen wrote: >> >> On 21 Feb 2016, at 02:50, Kevin Kershner wrote: >>> >>> I'd like to revisit and old post if I may, will/does Dovecot support >>> the old qpopper "Bulletin" ability? >>> >>> Basically I need a simple way of posting bulletins to all domain users. >>> Qpopper maintained a bulletin db for each user and sent them the >>> next bulletin in sequence. >> >> I guess there could be a plugin that does this check on each login. But would it actually be useful? Why would it be better than simply sending the mail to all the users? For example: >> >> doveadm save -A < bulletin.txt > > The reasons for bulletins as I see it are: > > 1. The doveadm save command is undocumented. It does show a cryptic line in the output of the command "doveadm". However, it doesn't give any clue what it does or how to provide the message. Your note above provides considerably more information on that command. I tested it and it works as you have indicated though. > > 2. The doveadm save command causes the email to be saved in each user's mailbox. If you have a lot of users, thats a lot of wasted disk space. Qpopper's bulletins only kept one copy and every user downloaded from that copy. All that was retained per user was a counter of the last bulletin's sequence number that was downloaded. > > ? Doug From skdovecot at smail.inf.fh-brs.de Tue Feb 23 07:30:03 2016 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Tue, 23 Feb 2016 08:30:03 +0100 (CET) Subject: Dovecot Bulletin In-Reply-To: <87fuwkft9n.fsf@riseup.net> References: <87fuwkft9n.fsf@riseup.net> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Mon, 22 Feb 2016, micah wrote: > Using doveadm copy is an interesting solution because of the > hardlinking. I wonder how fast it is, because almost every time I use > the -A flag, the iterations over 100k users takes a long time. > > We email the 'bulletin' to all of our users, everyone gets a copy, that > way an admin doesn't need to do it, but it does mean that we duplicate > the data quite a lot. hmm, I do have some sort of Bulletin (approx. one message per year) that I deliver per script to Maildir: 1. I sent the message to myself 2. discover it in my mail spool 3. cd /mailspool ; ls -U | while read u; do if test -d "$u/Maildir/new"; then ln /mailspool/myself/Maildir/new/message "$u/Maildir/new" fi done Steps 1 and 2 can be simulated easily or combined with a mailbox, that fires a script for new arrivals. Of course, this script depends on your local situation. > > Kevin Kershner writes: > >> It also got the bulletin out to new users without admin intervention. >> >> Sent from Mobile >> ________________________________ >> From: Doug Hardie >> Sent: ?2/?22/?2016 4:02 >> To: Dovecot Mailing List; Timo Sirainen >> Cc: Kevin Kershner >> Subject: Re: Dovecot Bulletin >> >> >>> On 20 February 2016, at 18:14, Timo Sirainen wrote: >>> >>> On 21 Feb 2016, at 02:50, Kevin Kershner wrote: >>>> >>>> I'd like to revisit and old post if I may, will/does Dovecot support the old >>>> qpopper "Bulletin" ability? >>>> >>>> Basically I need a simple way of posting bulletins to all domain users. >>>> Qpopper maintained a bulletin db for each user and sent them the next >>>> bulletin in sequence. >>> >>> I guess there could be a plugin that does this check on each login. But would it actually be useful? Why would it be better than simply sending the mail to all the users? For example: >>> >>> doveadm save -A < bulletin.txt >> >> The reasons for bulletins as I see it are: >> >> 1. The doveadm save command is undocumented. It does show a cryptic line in the output of the command "doveadm". However, it doesn't give any clue what it does or how to provide the message. Your note above provides considerably more information on that command. I tested it and it works as you have indicated though. >> >> 2. The doveadm save command causes the email to be saved in each user's mailbox. If you have a lot of users, thats a lot of wasted disk space. Qpopper's bulletins only kept one copy and every user downloaded from that copy. All that was retained per user was a counter of the last bulletin's sequence number that was downloaded. >> >> ? Doug > > - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVswKe3z1H7kL/d9rAQKSGQf/WZb8rrLU8Ly6Bv/8cf660VLpAKmQEU6M Dv6kz/v8Xr+KgUmx4FcB6anfSqZfh9QnEHfH69XQEs5EVqQQhOXVlpnDKbeSCKN4 YexkPvVNKvdE5tQ1TqwOtqEgHs1N1pJLDuTne7jImeXUzGxzwwudFPQNIu9eRdTr ryzze8Wh2eoInNcd1Jkr5I27HpsPAq15EYgpHlzro5ecFgmxANEhgcnJMWgqcU9U 8KaFewDaqAtbJouLlfJKJ0rcL637vr/ZL1F23pQyHb+wmWhYIGAmRE0/kwzOjZ3j JU2ySYdMLaPDqXpxpX3ecayrp0Jp2t0Cb49yRZ6H7+8L5EdRFYyT9g== =LCbn -----END PGP SIGNATURE----- From skdovecot at smail.inf.fh-brs.de Tue Feb 23 07:45:22 2016 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Tue, 23 Feb 2016 08:45:22 +0100 (CET) Subject: Require different setting for mail_location for each of POP3S and IMAPS protocols In-Reply-To: <56CB2AA1.6080704@affinityvision.com.au> References: <56CB2AA1.6080704@affinityvision.com.au> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 23 Feb 2016, Andrew McGlashan wrote: > I've been able to configure past dovecot to have a different > mail_location setting for the same user, but with different protocols. > > When the user requests POP3S, I adjusted the mail_location to > /var/mail/$USER (with mbox in use). > > > When that *same* user requested IMAPS protocol, the required > mail_location is the Maildir folder. > > > This allows for independent two mail storage locations, one for the use > of mbox and the other for the use of Maildir *and* for the same user. > > Some users only require mbox with others only requiring Maildir. > > So, I need to cater for each of these situations. > > How might I adjust current dovecot configuration to provide different > mail_location settings for different protocols? > > Old dovecot allowed me to run a script before POP3S processing that gave > me the chance to adjust the mail_location variable. That is what I need > now, just for POP3S. Did you already tried: http://wiki2.dovecot.org/PostLoginScripting e.g. for service pop3 ? Depending on your userdb, you can make use of the %s variable in lookups. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVswOEnz1H7kL/d9rAQJTdgf/fTeThZGSDBLdYEtvd5sD/FKXEeCQpVYl YGF2YgNnTL9i5iQHGgUze/KzmefP+viEBFhFREke1bK2kOyJFcTNslytzQC5Fg4D BF7GBAPz323Xp1RY4KhANlkRnEQY8nQ+UNtQUjaR9RbpfdPFVHU/MYlZgvbMlext btOnh7D2dB8ouZ4myAt91mwzAjuuvUIpBajX42MmFwuvmD6ZiH3AQkel+sOLjX7O qOxvwLJ8h+SIbqMWnz5BR4aWUwiP8vU6As5rzXjlRW6yeC/vlROf6VRGTt3IcinY FCoCXp5xgnUDlqoqRt+LsDEC4Wq0w96eiqoyrnXox/tlpnsKSctBhA== =D7to -----END PGP SIGNATURE----- From skdovecot at smail.inf.fh-brs.de Tue Feb 23 07:47:25 2016 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Tue, 23 Feb 2016 08:47:25 +0100 (CET) Subject: syntax for overriding userdb fields from passdb config In-Reply-To: <56CA0368.7080901@bitkomplex.de> References: <56CA0368.7080901@bitkomplex.de> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sun, 21 Feb 2016, Thomas M?hle wrote: > how exactly is the syntax to override a userdb field within the passdb > configuration? I cannot find any documentation on this in the wiki. > Let's say, I'd like to override the userdb extra field "chroot" with > /var/mail. How exactly would be the notation? could you post a complete conf and how/where you use the value? > My auth-sql.conf.ext looks like this: > > passdb { > driver = sql > args = /etc/dovecot/dovecot-sql.conf.ext > } > userdb { > driver = sql > args = /etc/dovecot/dovecot-sql.conf.ext > } > > I already tried these modifications within the passdb area: > override_fields = userdb_chroot=/var/mail > override_fields = userdb:chroot=/var/mail > override_fields = %{userdb:chroot}=/var/mail > override_fields = %{userdb_chroot}=/var/mail > > but none of the above returned /var/mail when I tried to hand > %{userdb:chroot} to an external script. > > Thanks for your help, > Thomas M?hle > - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVswOjXz1H7kL/d9rAQIpTwf/XRcCeT7OgcnHAI9rXCxfLE35muiMXakA hf2lRvVWSMVPyw3oHRPFhrOdatcoXVYfrnMzJ5djGiUCFtPXb3/ZWIiDL7YkcWqQ rz4GeGo+pz3f3R7T5M/xVNFgzAExakGkmh+W8OchCs0UfYKOcEocW1Bh3SSxfjJS CJcoTFd0DdnAMQTfzU38Di83Kzb4nzn/umz/OCpf/lOJgvyLjLy2kmplVW97L2dX 8Zhu4B6CIaC9xmsFY2Mk7Y78mCNY9DXFQRTKufnipgTUl0L/+X4R3UKADRuDk617 hYzBOKlXzJWITDxTFv8KGYFRJd7Bvee8eIUWfvIICzCtAYZiTT4E1g== =EdRo -----END PGP SIGNATURE----- From marklittle at koallo.com Tue Feb 23 15:32:24 2016 From: marklittle at koallo.com (Mark Little) Date: Tue, 23 Feb 2016 10:32:24 -0500 Subject: dsync issues due to Prefix =?UTF-8?Q?difference=3F?= In-Reply-To: References: <720942e870f0a0a762ad972d06c7e70f@koallo.com> <613815EF-A6AF-498D-9314-49243BAB13C8@iki.fi> Message-ID: <651edbb4785cefa68e1461a80b802b98@koallo.com> Hi all, Just wondering if anyone else has any experience with imapc: migration? I am trying to get a POP3/IMAP migration going from another Dovecot installation which has a different Prefix. I am having trouble working out exactly what needs to be done in the configuration to get the migration working correctly. I have some POP3 users so I want to use the proper pop3 migration plugin but the documentation is a bit lacking. If anyone has any experience doing this in the past: - Do I need to include both imapc: AND pop3c: settings in the Dovecot config on the destination server? - When initiating the migration, should I be using pop3c: or imapc: at the end if I need the POP3 UIDLs to be preserved? (The documentation gives an example of "doveadm -R -u user at domain imapc:") Or if I have the migration plugin enabled, will it automatically do the POP3 stuff even if I specify "imapc:"? Any help at all would be greatly appreciated! Thank you. On 2016-02-02 10:04, Mark Little wrote: > On 2016-02-02 07:22, Timo Sirainen wrote: >>> On 01 Feb 2016, at 23:39, Mark Little wrote: >>> >>> Hi Timo, >>> >>> Thank you very much for the information. I had seen the DSync page >>> but I was confused as to how to configure it. I'd definitely love to >>> be able to get the proper dsync migration working as I have some >>> clients who use POP3 and others who use IMAP and I want to make this >>> seamless for all if possible. >>> >>> Could you please elaborate on how I specify the alternate >>> dovecot.conf? I've gone through the man pages and I don't see >>> anything referencing -c for doveadm? Or do you mean that I should be >>> running the full dovecot server process from the source server with >>> an alternate configuration? >> >> -c is a global option for all dovecot binaries, including doveadm. I >> guess all the global options should be included in all the man pages.. >> > > Ok great. I will try that out. So you are saying I could run the > daemon on a source server specifying to use a different config with > the namespace matching the other, and then when dsync connects it will > see the namespaces as the same? > > >>> If I change the name space won't it fail to find the local folders in >>> their mailbox? >> >> I'm not sure what you mean here. It's possible to switch between >> namespaces on the fly without losing anything (besides clients seeing >> them differently). >> > > Ok. I am just realizing that I am probably unable to have a > transparent migration for IMAP, right? Seeing as my destination is > using a different Prefix, that means some IMAP clients will not see > their migrated folders by default unless they update their > configuration. > > I am mainly concerned about POP3 I guess, because if IMAP has to > re-download it's not as big of a deal because everything is already > marked as read.. but re-downloading POP3 doesn't work the same. > > I tried following the dsync page but I cannot get it working. Do I > just have to include the POP3 configuration examples, or the IMAP too? > Do I need to use 'pop3c:' at the end of the line instead of imapc: > (eg: 'doveadm -R -u user at domain pop3c:') to signify it needs to > preserve the UIDL's? > > Do I need to add the same settings to the source as well as > destination? or just one side? I tried yesterday but then ended up > breaking Dovecot on my destination server. After I added the > pop3-migration namespace part to the namespace section, all users were > failing with: 'Error: User initialization failed: namespace > configuration error: list=yes namespace missing' > > Sorry for all the questions but the I am unable to work it out from > the documentation documentation. > > If you know of some examples or some additional documentation it would > be very appreciated. > > > Thanks, > Mark > >>> On 2016-01-30 19:05, Timo Sirainen wrote: >>>>> On 29 Jan 2016, at 23:16, Mark Little >>>>> wrote: >>>>> Hi everyone, >>>>> I'm hoping I am just missing something obvious - but I cannot seem >>>>> to get a one-way migration dsync working between two Dovecot >>>>> servers because the Prefix configuration is different. >>>> I think a regular dsync -> dsync migration won't work then directly, >>>> because it assumes similar source and destination namespaces. One >>>> possibility would be that if you start dsync from the destination >>>> server, you simply point it to a configuration with a similar >>>> namespace config (via -c dovecot.conf) as the source. It should >>>> still >>>> write everything correctly so that afterwards you can run with the >>>> wanted the namespace prefix (i.e. prefix can be changed in >>>> dovecot.conf without having to modify any per-user files). Another >>>> possibility would be to do imapc sync and set imapc_prefix=INBOX. - >>>> see http://wiki2.dovecot.org/Migration/Dsync From andrew.mcglashan at affinityvision.com.au Tue Feb 23 20:41:05 2016 From: andrew.mcglashan at affinityvision.com.au (Andrew McGlashan) Date: Wed, 24 Feb 2016 07:41:05 +1100 Subject: Require different setting for mail_location for each of POP3S and IMAPS protocols In-Reply-To: References: <56CB2AA1.6080704@affinityvision.com.au> Message-ID: <56CCC3E1.508@affinityvision.com.au> On 23/02/2016 6:45 PM, Steffen Kaiser wrote: > Did you already tried: > http://wiki2.dovecot.org/PostLoginScripting > e.g. for service pop3 ? > > Depending on your userdb, you can make use of the %s variable in lookups. Just a quick thank you. > -- Steffen Kaiser Looks like that is the way to go. Kind Regards AndrewM From fabio.onorini at secoges.com Wed Feb 24 11:20:17 2016 From: fabio.onorini at secoges.com (fabio.onorini at secoges.com) Date: Wed, 24 Feb 2016 11:20:17 +0000 Subject: Segfault using doveadm dsync Message-ID: <06a7aac613461c1855a45a1f8f47b071@mail.secoges.com> I'm trying to migrate a imap mailbox from dovecot 1.2.15 to a new imap server with dovecot 2.2.13. I would preserving the IMAP UIDs and POP3 UIDLs. So I'm using doveadm backup command but after folders analyze, command return segmentation fault. Any hint? GDB result: sync(easymail): Debug: brain S: Deleting mailbox 'Bozze' (GUID f0836f3222c335cfa383cb38ff0e3183): UIDNEXT is too high (9 > 1) dsync(easymail): Debug: brain S: Deleting mailbox 'Cestino' (GUID cd0edec22e40323d878a39dc8e432e5a): UIDNEXT is too high (628 > 1) dsync(easymail): Debug: brain S: Deleting mailbox 'INBOX' (GUID c92f64f79f0d1ed01e6d5b314f04886c): UIDVALIDITY changed (1456239585 -> 1456310264) dsync(easymail): Debug: brain S: Deleting mailbox 'Modelli' (GUID f0933f8b90e6eaf3a00a0220b173f3b4): UIDNEXT is too high (2 > 1) dsync(easymail): Debug: brain S: Deleting mailbox 'Sent' (GUID 7d3c7eaa71cdf47ee8a1192687cda8cd): UIDNEXT is too high (39 > 1) Program received signal SIGSEGV, Segmentation fault. imapc_client_mailbox_cmd (box=0x0, callback=callback at entry=0x7ffff76d7140 , context=context at entry=0x7fffffffe2d0) at imapc-client.c:351 351 imapc-client.c: No such file or directory. (gdb) bt full #0 imapc_client_mailbox_cmd (box=0x0, callback=callback at entry=0x7ffff76d7140 , context=context at entry=0x7fffffffe2d0) at imapc-client.c:351 cmd = __FUNCTION__ = "imapc_client_mailbox_cmd" #1 0x00007ffff76d7915 in imapc_mailbox_noop (mbox=mbox at entry=0x5555558049e0) at imapc-storage.c:154 cmd = sctx = {client = 0x5555557e89b0, ret = -2} #2 0x00007ffff76d5c18 in imapc_mailbox_sync_init (box=0x5555558049e0, flags=(MAILBOX_SYNC_FLAG_FULL_READ | MAILBOX_SYNC_FLAG_FIX_INCONSISTENT)) at imapc-sync.c:476 mbox = 0x5555558049e0 list = capabilities = changes = false ret = 0 #3 0x00007ffff76e9289 in mailbox_sync_init (box=0x5555558049e0, flags=(MAILBOX_SYNC_FLAG_FULL_READ | MAILBOX_SYNC_FLAG_FIX_INCONSISTENT)) at mail-storage.c:1677 _data_stack_cur_id = 3 ctx = #4 0x00007ffff76e93d7 in mailbox_sync (box=box at entry=0x5555558049e0, flags=, flags at entry=MAILBOX_SYNC_FLAG_FULL_READ) at mail-storage.c:1725 ctx = 0x555555804ea8 status = {sync_delayed_expunges = 0} #5 0x00007ffff7715bab in mailbox_expunge_all_data (box=0x5555558049e0) at index-storage.c:648 ctx = 0x7ffff7714e57 t = 0x5555558049e0 mail = 0x7fffffffe4b4 search_args = 0x7fffffffe558 #6 index_storage_mailbox_delete (box=0x5555558049e0) at index-storage.c:701 metadata = {guid = "\264\344\377\377\377\177\000\000\000\000\000\000\000\000\000", virtual_size = 140737488348504, cache_fields = 0x555555807258, precache_fields = (MAIL_FETCH_RECEIVED_DATE | MAIL_FETCH_SAVE_DATE | MAIL_FETCH_PHYSICAL_SIZE | MAIL_FETCH_VIRTUAL_SIZE | MAIL_FETCH_IMAP_ENVELOPE | MAIL_FETCH_REFCOUNT | unknown: 1426065408), backend_ns_prefix = 0x7ffff73b1e59 ";\003u\v\307\003", backend_ns_type = (unknown: 1434470880)} status = {messages = 4294960472, recent = 32767, unseen = 0, uidvalidity = 0, uidnext = 1434582544, first_unseen_seq = 0, first_recent_uid = 232594432, last_cached_seq = 3612951791, highest_modseq = 93824995052000, highest_pvt_modseq = 93824992578308, keywords = 0x1, permanent_flags = 4151223616, permanent_keywords = 1, allow_new_keywords = 1, nonpermanent_modseqs = 1, no_modseq_tracking = 1, have_guids = 1, have_save_guids = 1, have_only_guid128 = 1} ret_guid = #7 0x00007ffff76ea737 in mailbox_delete (box=box at entry=0x5555558049e0) at mail-storage.c:1319 ret = #8 0x00005555555895d4 in dsync_brain_mailbox_tree_sync_change (brain=brain at entry=0x5555557fcd00, change=) at dsync-brain-mailbox-tree-sync.c:182 box = 0x5555558049e0 destbox = 0x5555558007c8 errstr = 0x5555557ff750 "\030\366\177UUU" func_name = 0x0 ---Type to continue, or q to quit--- storage_name = error = 32767 ret = __FUNCTION__ = "dsync_brain_mailbox_tree_sync_change" #9 0x00005555555892db in dsync_brain_mailbox_trees_sync (brain=0x5555557fcd00) at dsync-brain-mailbox-tree.c:291 ctx = 0x55555580ab40 change = sync_type = sync_flags = #10 dsync_brain_recv_mailbox_tree_deletes (brain=brain at entry=0x5555557fcd00) at dsync-brain-mailbox-tree.c:440 deletes = 0x5555557fa0a0 i = count = 0 sep = 47 '/' __FUNCTION__ = "dsync_brain_recv_mailbox_tree_deletes" #11 0x00005555555860e8 in dsync_brain_run_real (changed_r=0x7fffffffe74b, brain=0x5555557fcd00) at dsync-brain.c:565 ret = true orig_state = DSYNC_STATE_RECV_MAILBOX_TREE_DELETES orig_box_recv_state = DSYNC_BOX_STATE_MAILBOX orig_box_send_state = DSYNC_BOX_STATE_MAILBOX changed = false #12 dsync_brain_run (brain=0x5555557fcd00, changed_r=changed_r at entry=0x7fffffffe74b) at dsync-brain.c:610 _data_stack_cur_id = 2 changed_r = 0x7fffffffe74b brain = 0x5555557fcd00 #13 0x00005555555846f7 in cmd_dsync_run_local (changes_during_sync_r=, ibc2=, brain=0x5555557e1860, user=, ctx=0x5555557cd590) at doveadm-dsync.c:384 brain2 = 0x5555557fcd00 set_parser = location = user2 = 0x0 brain1_running = true changed1 = true ret = set_line = brain2_running = true changed2 = false #14 cmd_dsync_run (_ctx=0x5555557cd590, user=) at doveadm-dsync.c:596 ---Type to continue, or q to quit--- ctx = 0x5555557cd590 ibc = 0x5555557d50d0 ibc2 = 0x5555557e14d0 brain = 0x5555557e1860 set = {process_title_prefix = 0x0, sync_namespaces = {arr = {buffer = 0x5555557c0378, element_size = 8}, v = 0x5555557c0378, v_modifiable = 0x5555557c0378}, sync_box = 0x0, sync_box_guid = '\000' , exclude_mailboxes = 0x0, lock_timeout_secs = 0, state = 0x0} ns = 0x5555557cd670 strp = brain_flags = remote_errors_logged = false changes_during_sync = false status = 0 ret = 0 #15 0x0000555555569e4b in doveadm_mail_next_user (ctx=0x5555557cd590, input=, error_r=0x7fffffffe898) at doveadm-mail.c:314 error = 0x5555557cd590 "p\325|UUU" ret = error_r = 0x7fffffffe898 input = ctx = 0x5555557cd590 ip = ret = 0 #16 0x000055555556ac2c in doveadm_mail_cmd (argv=0x5555557c73b8, argc=4, cmd=0x5555557cb140) at doveadm-mail.c:525 input = {module = 0x0, service = 0x5555555a7367 "doveadm", username = 0x5555557c73e7 "easymail", session_id = 0x0, local_ip = {family = 0, u = {ip6 = { __in6_u = {__u6_addr8 = '\000' , __u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0, 0, 0, 0}}}, ip4 = {s_addr = 0}}}, remote_ip = {family = 0, u = {ip6 = {__in6_u = {__u6_addr8 = '\000' , __u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0, 0, 0, 0}}}, ip4 = {s_addr = 0}}}, local_port = 0, remote_port = 0, userdb_fields = 0x0, flags_override_add = (unknown: 0), flags_override_remove = (unknown: 0), no_userdb_lookup = 0} ctx = 0x5555557cd590 getopt_args = 0x5555557bf660 "+1dEfg:l:m:n:NPr:Rs:Ux:RAS:u:" ret = c = wildcard_user = 0x0 error = 0x7ffff73b7122 "H\213\204$\230" #17 doveadm_mail_try_run (cmd_name=, argc=4, argv=0x5555557c73a0) at doveadm-mail.c:617 cmd = 0x5555557cb140 #18 0x00005555555699a4 in main (argc=4, argv=0x5555557c73a0) at doveadm.c:398 cmd_name = 0x5555557c73dd "backup" i = ---Type to continue, or q to quit--- quick_init = false c = ----------------------------------------------- Fabio Onorini ----------------------------------------------- Gruppo SeCoGes srl Via Enzo Ferrari, 4/6 - 25134 - Brescia - Italy Tel. +39 030 23 06 877 Fax +39 030 23 15 512 Sito Web: http://www.secoges.com Indirizzo EMail (assistenza): easymail at secoges.com ------------------------------------------------ From msoragni at gmail.com Wed Feb 24 13:33:07 2016 From: msoragni at gmail.com (Michele Soragni) Date: Wed, 24 Feb 2016 14:33:07 +0100 Subject: Dovecot + Ceph Cluster Sizing Message-ID: Hi all. We are searching for information about how to size dovecot servers in a clustered architecture (dovecot + postfix + roundcube + mysql). We need to migrate mailboxes from an old Exchange installation: 60k mailbox 900 GB total storage 14 MB/mailbox About 133 email/mailbox Low usage: about 2k simultaneous imap/pop3 connections This is how we are thinking to build our new architecture 3 x Dell R630 or R530 servers with 6x300SAS disks for Ceph storage with 1 replica . Total storage = 2,5 TB for mailboxes 3 x Dell R630 or R530 with 2x CPU 6core,64GB RAM, 4x 300SAS disks hosting the following VMs in a VMware cluster: - 3 x VM Dovecot - 3 x VM Postfix - 3 x VM Roundcube webmail - 3 x VM MySQL All VMs are behind a balancer All OS disks are on local storage Dovecot VMs share Ceph storage with OCFS2 filesystem for the mailboxes. I'd like to have some hints about CPU and memory for Dovecot VMs. 2 vCPU and 8 GB RAM each sould be enough? Is there a way to calculate this? Do you think the storage performance could be a problem using Ceph + OCFS2? Is Ceph + XFS + Dsync replication a better choice? Thanks! Michele From gsomlo at gmail.com Wed Feb 24 15:12:42 2016 From: gsomlo at gmail.com (Gabriel L. Somlo) Date: Wed, 24 Feb 2016 10:12:42 -0500 Subject: Automatically inferring %d on multi-domain virtual install ? In-Reply-To: References: <20160212192550.GR16357@HEDWIG.INI.CMU.EDU> <20160219211037.GB16357@HEDWIG.INI.CMU.EDU> Message-ID: <20160224151241.GP16357@HEDWIG.INI.CMU.EDU> On Sun, Feb 21, 2016 at 04:20:07AM +0200, Timo Sirainen wrote: > How about: > > passdb { > driver = passwd-file > args = username_format=%l /etc/dovecot/passwd.domains > result_success = continue > } > > passdb { > .. the real passdb for authentication .. > } > > Where /etc/dovecot/passwd.domains contains: > > 10.0.0.100:::::domain=foo.org > 10.0.0.101:::::domain=bar.org > > So the first passdb lookup would set the domain based on IP and then continue for the actual authentication. Or if you don't want it to override an explicit user at domain authentication, this should also work: > > 10.0.0.100:::::domain:protected=foo.org > 10.0.0.101:::::domain:protected=bar.org > > Not tested, but should work I think. At least with new enough Dovecot versions. Sounds promising, thanks for the idea. My current problem is that passwd.domains "authentication" now fails because user1's password doesn't match the "empty field" corresponding to 10.0.0.100:::::domain=foo.org I get: auth: Info: passwd-file(user1,,): unknown user auth: Info: passwd-file(user1,,): Password mismatch Hmm, "result_failure = continue" doesn't seem to help, either... Thanks, --Gabriel From gsomlo at gmail.com Wed Feb 24 16:22:38 2016 From: gsomlo at gmail.com (Gabriel L. Somlo) Date: Wed, 24 Feb 2016 11:22:38 -0500 Subject: Automatically inferring %d on multi-domain virtual install ? In-Reply-To: References: <20160212192550.GR16357@HEDWIG.INI.CMU.EDU> <20160219211037.GB16357@HEDWIG.INI.CMU.EDU> Message-ID: <20160224162237.GQ16357@HEDWIG.INI.CMU.EDU> On Sun, Feb 21, 2016 at 04:20:07AM +0200, Timo Sirainen wrote: > How about: > > passdb { > driver = passwd-file > args = username_format=%l /etc/dovecot/passwd.domains > result_success = continue > } > > passdb { > .. the real passdb for authentication .. > } > > Where /etc/dovecot/passwd.domains contains: > > 10.0.0.100:::::domain=foo.org > 10.0.0.101:::::domain=bar.org > > So the first passdb lookup would set the domain based on IP and then continue for the actual authentication. Or if you don't want it to override an explicit user at domain authentication, this should also work: > > 10.0.0.100:::::domain:protected=foo.org > 10.0.0.101:::::domain:protected=bar.org > > Not tested, but should work I think. At least with new enough Dovecot versions. Apparently you werre a ':' short, so cut'n'pasting your solution didn't immediately work; Adding an extra colon did the trick: 10.0.0.100:::::::domain=foo.org Still working on "domain:protected=foo.org", which would be nice, since it'd support all possible combinations of client settings, but wanted to let everyone know your suggestion works for me, and say thanks again for the tip! Thanks, --Gabriel > > > On 19 Feb 2016, at 23:10, Gabriel L. Somlo wrote: > > > > On Fri, Feb 19, 2016 at 08:41:15AM +0100, Steffen Kaiser wrote: > >>> I'm trying to allow domain-less logins for a multi-domain virtual IMAP > >>> server, and wondering if I can automatically infer the domain (value of > >>> variable %d) from the local IP (%l) or the hostname used by the client > >>> when connecting to my server. > >>> > >>> Let's say I have two host names: mail.foo.org (10.0.0.100) and > >>> mail.bar.com (10.0.0.200), with forward and reverse DNS configured to > >>> resolve A and PTR records in either direction. > >>> > >>> Let's also say I have 10.0.0.100 and 10.0.0.200 set up as secondaries > >>> on my server's loopback interface, and routing is set up to bring client > >>> traffic to me for both of those IP addresses. > >> > >> Hm, it should be possible like so: > >> > >> 1) keep the file you have now as 2nd passdb, in order to let your users > >> login like now from anywhere > >> > >>> user1 at foo.org:{PLAIN}user1foo > >> > >> 2) from this file create another passwd-file with ExtraField via script / > >> cron jobs, that defines > >> > >> user1 at 10.0.0.100:{PLAIN}user1foo:::::user=user1 at foo.org > >> > >> see http://wiki2.dovecot.org/PasswordDatabase/ExtraFields > >> > >> Maybe allow_nets could limit the clients further. > >> > >> Then add another passdb section pointing to that file using > >> username_format=%n@%l > >> > >> http://wiki2.dovecot.org/AuthDatabase/PasswdFile > >> > >> That will map domain-less logins to full mail addresses, which in turn sets > >> %d, too. > > > > That *almost* worked :) > > > > I now have > > > > passdb { > > driver = passwd-file > > args = username_format=%n@%l /var/lib/topgen/etc/postfix/users > > } > > > > pointing to a "users" file with entries such as > > > > user1 at 10.0.0.100:{PLAIN}user1foo:::::user=user1 at foo.org > > > > The only trouble is, %d does not get set; I get new "user1" and > > "user2" folders created directly under /var/lib/vmail/, which > > indicates the %d portion is equal to the empty string. > > > > I also tried > > > > user1 at 111.0.10.10:{PLAIN}tartans1:::::domain=foo.org > > > > which the PasswordDatabase wiki page says should override %d, but > > still no luck... > > > > Thanks for the pointer though, now that I read the relevant bits of > > documentation it feels like I'm really close, and this *should* work. > > I'm still either missing something, or tickling a bug (probably the > > former :) > > > > Thanks, > > --Gabriel > > > >> > >>> > >>> The relevant bits of my dovecot.conf are: > >>> > >>> ---%<------------------------------------------------------------------ > >>> mail_location = maildir:/var/lib/vmail/%d/%n > >>> passdb { > >>> driver = passwd-file > >>> args = /var/lib/vmail/etc/postfix/userdb > >>> } > >>> userdb { > >>> driver = static > >>> args = uid=dovenull gid=dovenull home=/var/lib/vmail/%d/%n > >>> } > >>> ---%<------------------------------------------------------------------ > >>> > >>> And my userdb passwd-file right now includes: > >>> > >>> ---%<------------------------------------------------------------------ > >>> user1 at foo.org:{PLAIN}user1foo > >>> user2 at foo.org:{PLAIN}user2foo > >>> user1 at bar.com:{PLAIN}user1bar > >>> user2 at bar.com:{PLAIN}user2bar > >>> ---%<------------------------------------------------------------------ > >>> > >>> Right now, user1 at foo.org must configure their imap client like so: > >>> > >>> IMAP server: mail.foo.org > >>> username: user1 at foo.org > >>> password: user1foo > >>> > >>> I would like to require this (and other) users to only have to set: > >>> > >>> IMAP server: mail.foo.org > >>> username: user1 > >>> password: ... > >>> > >>> and have dovecot somehow infer the "@foo.org" domain based on the fact > >>> that the connection was made to 10.0.0.100, which is mail.foo.org, and > >>> therefore the domain can *only* be "@foo.org". > >>> > >>> I could start out by splitting my user database into two files: > >>> > >>> userdb.foo.org > >>> ---%<------------------------------------------------------------------ > >>> user1:{PLAIN}user1foo > >>> user2:{PLAIN}user2foo > >>> ---%<------------------------------------------------------------------ > >>> > >>> userdb.bar.com > >>> ---%<------------------------------------------------------------------ > >>> user1:{PLAIN}user1bar > >>> user2:{PLAIN}user2bar > >>> ---%<------------------------------------------------------------------ > >>> > >>> ... then modify dovecot.conf's passdb setup like so: > >>> > >>> ---%<------------------------------------------------------------------ > >>> passdb { > >>> driver = passwd-file > >>> args = /var/lib/vmail/etc/postfix/userdb.%d > >>> } > >>> ---%<------------------------------------------------------------------ > >>> > >>> ... but how would I insure that %d is set to the proper value based > >>> on e.g. a reverse lookup of %l, which, in foo.org's case would be > >>> 10.0.0.100, and resolve to mail.foo.org, and *somehow* that would > >>> match %d == "@foo.org" ? > >>> > >>> Is this even possible in the first place, or am I just being too fussy > >>> about the aesthetics of my users' imap client config files ? :) :) > >>> > >>> Thanks much, > >>> --Gabriel > >>> > >> > >> - -- Steffen Kaiser > >> -----BEGIN PGP SIGNATURE----- > >> Version: GnuPG v1 > >> > >> iQEVAwUBVsbHG3z1H7kL/d9rAQLzRggAoBVJDWXDakkqLD+Gye/9KjHvfcIFkf+5 > >> u3W7ZlPSvyePaAM8u0TDnIPJ15aeyO6XZbTTqB9iKQXzluCusvhNOUl14nVO4CjW > >> gJASzpo1Kc9moWW7sWXTF/MCO+O4zVSBtJWdVmJch80hQT8LJxG3jU45FJAd1Jj3 > >> j+Rso5vEtH3Qw8i1cePaRc6FpDQ+7wboUI53OVjSKJGXbsyK5MXJFhoyvOo8UnvU > >> KdbyFoGkYR4n3zaSrkwof6TrRqqgcGA2TUyeQIS8j+ArhDpi7ilOU6x904KK7LoE > >> Ff2CzskTaTwEyTW1DZgJzLPc38PzMv9PX7QNUhdPHLFnYrhrutOfww== > >> =CFD6 > >> -----END PGP SIGNATURE----- > From gallego at cri.ensmp.fr Wed Feb 24 17:56:54 2016 From: gallego at cri.ensmp.fr (Emilio =?utf-8?Q?Jes=C3=BAs?= Gallego Arias) Date: Wed, 24 Feb 2016 18:56:54 +0100 Subject: Streaming MOVE commands In-Reply-To: <382903E1-0654-4A26-AFB2-B314C81DB9A0@iki.fi> (Timo Sirainen's message of "Mon, 22 Feb 2016 02:33:41 +0200") References: <84wpq68crq.fsf@cri.ensmp.fr> <7068E0DA-AA85-47F4-865C-98495882025D@iki.fi> <8760xiffqz.fsf@cri.ensmp.fr> <382903E1-0654-4A26-AFB2-B314C81DB9A0@iki.fi> Message-ID: <87h9gyq9eh.fsf@cri.ensmp.fr> Hi, Timo Sirainen writes: >>> Thanks, looks like this was broken with Maildir and mbox formats. It >>> also caused expunges in some other situations to be lost. Fixed: >>> >>> https://github.com/dovecot/core/commit/950a6e61d6c2dac961ce031bdd8b2895bc32b827 >> >> Is this patch suitable of being backported to 2.2.13? (Debian stable) > > Should be. > > BTW. This bug only meant that some expunges were ignored, which at > worst caused unwanted email duplicates. It didn't corrupt the mailbox > state or the client state in any way. The GNUS mail client developers would like to add quirk to workaround this problem in its mail client, any idea which version should be affected by this problem? Thank you & best regards, Emilio From chris2014 at postbox.xyz Wed Feb 24 18:07:59 2016 From: chris2014 at postbox.xyz (Chris) Date: Wed, 24 Feb 2016 19:07:59 +0100 Subject: Script dovecot ACLs, Quota and doveadm Message-ID: Dear All, I'd like to set a) Quota for mailboxes in private and public namespace b) ACLs for both. What's the easiest way to do this? Do I have to call doveadm for every mailbox (private and public)? Is it required to provide a username to doveadm? Can I use the same user for all if it is defined in global ACLs? For Cyrus there are perl modules which have the same functions as cyradm. Is there something like this for dovecot? Are there any modules available? Haven't found anything in CPAN. - Chris From lev at serebryakov.spb.ru Wed Feb 24 18:31:16 2016 From: lev at serebryakov.spb.ru (Lev Serebryakov) Date: Wed, 24 Feb 2016 21:31:16 +0300 Subject: SQLite driver and auth-worker credentials Message-ID: <56CDF6F4.3050601@serebryakov.spb.ru> I want to use SQLite database as storage for auth and user databases. I've encountered two problems here: (1) There is no way to open SQLite database read-only (via sqlite3_open_v2() call with SQLITE_OPEN_READONLY flag). It looks bad. I don't need (and want) to give dovecot rights to write to this database. (2) I've created system group "hostingdb", added "dovecot" user to it and gives 660 rights to database file, but still "auth-worker" could not open database and complains to log file. Now I'm set "user = root" for auth-worker, but I don't like it! Why auth-worker doesn't belong to "hostingdb" group? -- // Black Lion AKA Lev Serebryakov -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 949 bytes Desc: OpenPGP digital signature URL: From james at lottspot.com Wed Feb 24 18:49:22 2016 From: james at lottspot.com (james at lottspot.com) Date: Wed, 24 Feb 2016 13:49:22 -0500 Subject: SQLite driver and auth-worker credentials In-Reply-To: <56CDF6F4.3050601@serebryakov.spb.ru> References: <56CDF6F4.3050601@serebryakov.spb.ru> Message-ID: The only secure way to enforce read-only access on a sqlite database is via filesystem permissions. I would recommend setting your database to 640 and ensure that any modifying process runs with the owning UID. Dovecot processes will not assume they should run as a GID based on the UID to which they are assigned; you need to explicitly set the GID of the process (pretty sure this is the case anyways). Neither I or anyone else on this list though will be able to offer much more guidance than that unless you supply your `doveconf -n` output. On 2016-02-24 13:31, Lev Serebryakov wrote: > I want to use SQLite database as storage for auth and user databases. > I've encountered two problems here: > > (1) There is no way to open SQLite database read-only (via > sqlite3_open_v2() call with SQLITE_OPEN_READONLY flag). It looks bad. I > don't need (and want) to give dovecot rights to write to this database. > > (2) I've created system group "hostingdb", added "dovecot" user to it > and gives 660 rights to database file, but still "auth-worker" could > not > open database and complains to log file. Now I'm set "user = root" for > auth-worker, but I don't like it! Why auth-worker doesn't belong to > "hostingdb" group? From andersonb at gmail.com Wed Feb 24 19:14:59 2016 From: andersonb at gmail.com (Anderson Barbosa) Date: Wed, 24 Feb 2016 16:14:59 -0300 Subject: search problem dovecot 2.2.21 + fts - Solr Message-ID: Hello, Realized update dovecot on my server. Now the search is returning differently from the previous version bringing reference information of other messages . For example when doing a search for anderson.joao this new version of the dovecot dovecot 2.2.21 + fts - Solr response will be all email that has the word anderson and joao, instead of returning only items with the word anderson.joao. Before used version 2.2.18 + dovecot fts - Solr and the problem did not occur . For example practical test : Dovecot 2.2.18 # telnet SERVER 143 Trying SERVER... Connected to SERVER. Escape character is '^]'. * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN] Zimbra IMAP4. a login conta at conta.com.br 1223456 a OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS THREAD=ORDEREDSUBJECT MULTIAPPEND URL-PARTIAn a select INBOX * FLAGS (\Answered \Flagged \Deleted \Seen \Draft) * OK [PERMANENTFLAGS (\Answered \Flagged \Deleted \Seen \Draft \*)] Flags permitted. * 14 EXISTS * 0 RECENT * OK [UIDVALIDITY 1452548222] UIDs valid * OK [UIDNEXT 25] Predicted next UID * OK [HIGHESTMODSEQ 52] Highest a OK [READ-WRITE] Select completed (0.001 secs). a SEARCH text "anderson" * SEARCH 11 12 (2 found emails) a OK Search completed (0.265 secs). a SEARCH text "joao" * SEARCH 13 14 (2 found emails) a OK Search completed (0.003 secs). a SEARCH text "anderson.joao" * SEARCH (0 found emails) a OK Search completed (0.004 secs). a logout * BYE Logging out a OK Logout completed. Connection closed by foreign host. Dovecot 2.2.21 # telnet SERVER 143 Trying SERVER... Connected to SERVER. Escape character is '^]'. * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN] Zimbra IMAP4. a login conta at conta.com.br 1223456 a OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS THREAD=ORDEREDSUBJECT MULTIAPPEND URL-PARTIAn a select INBOX * FLAGS (\Answered \Flagged \Deleted \Seen \Draft) * OK [PERMANENTFLAGS (\Answered \Flagged \Deleted \Seen \Draft \*)] Flags permitted. * 14 EXISTS * 0 RECENT * OK [UIDVALIDITY 1452548222] UIDs valid * OK [UIDNEXT 25] Predicted next UID * OK [HIGHESTMODSEQ 52] Highest a OK [READ-WRITE] Select completed (0.000 + 0.000 secs). a SEARCH text "anderson" * SEARCH 11 12 (2 found emails) a OK Search completed (0.004 + 0.000 secs). a SEARCH text "joao" (2 found emails) * SEARCH 13 14 a OK Search completed (0.005 + 0.000 secs). a SEARCH text "anderson.joao" * SEARCH 11 12 13 14 *(4 found emails)* a OK Search completed (0.005 + 0.000 secs). a logout * BYE Logging out a OK Logout completed. Connection closed by foreign host. Even using characters Special "" \ scape, ' ' for an answer will always be all emails with the word anderson and joao. Checking the Changelog dovecot noticed que NAS versions Previous v2.2.20 and v2.2.19 certain changes with respect to fts . There Have Another way to Make Search for Exact Word In this new version to loft? -- Anderson Barbosa dos Santos Em todo o universo, nada existe de mais parecido com Deus que o sil?ncio. "Johanes Eckhart" From lev at serebryakov.spb.ru Wed Feb 24 19:18:26 2016 From: lev at serebryakov.spb.ru (Lev Serebryakov) Date: Wed, 24 Feb 2016 22:18:26 +0300 Subject: SQLite driver and auth-worker credentials In-Reply-To: References: <56CDF6F4.3050601@serebryakov.spb.ru> Message-ID: <56CE0202.8080609@serebryakov.spb.ru> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 24.02.2016 21:49, james at lottspot.com wrote: > The only secure way to enforce read-only access on a sqlite > database is via filesystem permissions. I would recommend setting > your database to 640 and ensure that any modifying process runs > with the owning UID. dovecot CAN NOT open SQLite database with read-only permissions set! It is problem ?1 in my message: it uses sqlite3_open() API which requires read-write access and fails otherwise. > Dovecot processes will not assume they should run as a GID based on > the UID to which they are assigned; you need to explicitly set the > GID of But system should assign all secondary GIDs to effective UID? > the process (pretty sure this is the case anyways). Neither I or > anyone else on this list though will be able to offer much more > guidance than that unless you supply your `doveconf -n` output. Relevant parts: ======================= passdb { args = /usr/local/etc/dovecot/dovecot-sql.conf.ext driver = sql } userdb { args = /usr/local/etc/dovecot/dovecot-sql.conf.ext driver = sql } service auth-worker { user = $default_internal_user } ======================= And I have: % grep dovecot /etc/group dovecot:*:143: hostingdb:*:999:postfix,dovecot % ls -l /usr/local/etc/hostenv/db/mailhost.sqlite - -rw-rw---- 1 root hostingdb 14336 24 Feb 14:47 /usr/local/etc/hostenv/db/mailhost.sqlite % sudo su -m dovecot -c id uid=143(dovecot) gid=143(dovecot) groups=143(dovecot),999(hostingdb) % - -- // Black Lion AKA Lev Serebryakov -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQJ8BAEBCgBmBQJWzgIBXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRGOTZEMUNBMEI1RjQzMThCNjc0QjMzMEFF QUIwM0M1OEJGREM0NzhGAAoJEOqwPFi/3EePIK0QAJk0nTOGCCxc/A5LqLKbYzX4 9fKQKrfLfWZfKcdRW0flLefcrCj2AAL9aM/KybKDOIR/IqC/+s8KwLLi/VN0+CSa UaKOca2LsMJtiOVy0DOs+KXS5ynpBeTZ9UCna2lVlySoVNsXPw2pQ+uSQYtKFrVQ SRmF6XanVndW4mH7x0Pj4YJwSE55FC+RcuNP94th4uIHavV7LCjFuv4O7hTSax7d RuBxkW52ILZaD4RICHQ6T5bmhCUVgzmYNw2NV/sZdvT5CH6rszPQU8VR/3I3FYp5 /8rNXaScOgQ351WEBI/K9s8IjvazZjKi6jE0auvJb0qw0tD0N3UCrfALtIOKLcbb GWacmqlogidVYMgaggPJBEu4W6bkqBxDICp2FXvIzzRGuwYv4dks+IxLDpHIfZyH PrQLDK4qBsBo3/4dTd3CxJddHMYM1Hdnswntg/S2hwt6g20ZE+WB1YhPUWyfiFMh 0sn4timpuxW40AzYIO6jtE7/HB0hUMCajKiBemcVb8P4bMXmTSeLaflhYlq1/zty lDYcT+qIb29ug7rBY0ljuOWRSYTq8JJTxuM3QEJbjDLKmucNsGRmcF1j1Yb9fnZl 6jicP0CSyWvGtD051mz1AIBoT6WW1xtB6g/0gBnyEIHD2TSEWad53lZM8Kq3h6OD d8eBgznhx4DwJjF4u7XZ =OOJa -----END PGP SIGNATURE----- From james at lottspot.com Wed Feb 24 20:17:12 2016 From: james at lottspot.com (james at lottspot.com) Date: Wed, 24 Feb 2016 15:17:12 -0500 Subject: SQLite driver and auth-worker credentials In-Reply-To: <56CE0202.8080609@serebryakov.spb.ru> References: <56CDF6F4.3050601@serebryakov.spb.ru> <56CE0202.8080609@serebryakov.spb.ru> Message-ID: > dovecot CAN NOT open SQLite database with read-only permissions set! > It is problem ?1 in my message: it uses sqlite3_open() API which > requires read-write access and fails otherwise. What I'm talking about has nothing to do with the sqlite3 API. The API is not how you *securely* enforce read-only access to a sqlite3 database. If you need to enforce read-only access, you will need to do so using filesystem permissions modes (i.e., use chmod and chown to set the read bit for the user or group which will read the database, and unset the write bit for the same user or group). > But system should assign all secondary GIDs to effective UID? Not the case. Changing the effective uid of a process does not associate the process with any of the groups which the user it has inherited are associated with. The process must explicitly call setgid in order to change its effective GID. This is also why dovecot services have a separate 'group =' directive in addition to the 'user =' directive (http://wiki2.dovecot.org/Services). In order to achieve the configuration you desire, you need to set the group of the auth-worker service to hostingdb and set filesystem permissions on the database to 640. Forget about trying to alter the behavior of sqlite3_open. On 2016-02-24 14:18, Lev Serebryakov wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 > > On 24.02.2016 21:49, james at lottspot.com wrote: > >> The only secure way to enforce read-only access on a sqlite >> database is via filesystem permissions. I would recommend setting >> your database to 640 and ensure that any modifying process runs >> with the owning UID. > dovecot CAN NOT open SQLite database with read-only permissions set! > It is problem ?1 in my message: it uses sqlite3_open() API which > requires read-write access and fails otherwise. > >> Dovecot processes will not assume they should run as a GID based on >> the UID to which they are assigned; you need to explicitly set the >> GID of > But system should assign all secondary GIDs to effective UID? > >> the process (pretty sure this is the case anyways). Neither I or >> anyone else on this list though will be able to offer much more >> guidance than that unless you supply your `doveconf -n` output. > > Relevant parts: > > ======================= > passdb { > args = /usr/local/etc/dovecot/dovecot-sql.conf.ext > driver = sql > } > > userdb { > args = /usr/local/etc/dovecot/dovecot-sql.conf.ext > driver = sql > } > > service auth-worker { > user = $default_internal_user > } > ======================= > > And I have: > > % grep dovecot /etc/group > dovecot:*:143: > hostingdb:*:999:postfix,dovecot > % ls -l /usr/local/etc/hostenv/db/mailhost.sqlite > - -rw-rw---- 1 root hostingdb 14336 24 Feb 14:47 > /usr/local/etc/hostenv/db/mailhost.sqlite > % sudo su -m dovecot -c id > uid=143(dovecot) gid=143(dovecot) groups=143(dovecot),999(hostingdb) > % > > - -- > // Black Lion AKA Lev Serebryakov > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v2 > > iQJ8BAEBCgBmBQJWzgIBXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w > ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRGOTZEMUNBMEI1RjQzMThCNjc0QjMzMEFF > QUIwM0M1OEJGREM0NzhGAAoJEOqwPFi/3EePIK0QAJk0nTOGCCxc/A5LqLKbYzX4 > 9fKQKrfLfWZfKcdRW0flLefcrCj2AAL9aM/KybKDOIR/IqC/+s8KwLLi/VN0+CSa > UaKOca2LsMJtiOVy0DOs+KXS5ynpBeTZ9UCna2lVlySoVNsXPw2pQ+uSQYtKFrVQ > SRmF6XanVndW4mH7x0Pj4YJwSE55FC+RcuNP94th4uIHavV7LCjFuv4O7hTSax7d > RuBxkW52ILZaD4RICHQ6T5bmhCUVgzmYNw2NV/sZdvT5CH6rszPQU8VR/3I3FYp5 > /8rNXaScOgQ351WEBI/K9s8IjvazZjKi6jE0auvJb0qw0tD0N3UCrfALtIOKLcbb > GWacmqlogidVYMgaggPJBEu4W6bkqBxDICp2FXvIzzRGuwYv4dks+IxLDpHIfZyH > PrQLDK4qBsBo3/4dTd3CxJddHMYM1Hdnswntg/S2hwt6g20ZE+WB1YhPUWyfiFMh > 0sn4timpuxW40AzYIO6jtE7/HB0hUMCajKiBemcVb8P4bMXmTSeLaflhYlq1/zty > lDYcT+qIb29ug7rBY0ljuOWRSYTq8JJTxuM3QEJbjDLKmucNsGRmcF1j1Yb9fnZl > 6jicP0CSyWvGtD051mz1AIBoT6WW1xtB6g/0gBnyEIHD2TSEWad53lZM8Kq3h6OD > d8eBgznhx4DwJjF4u7XZ > =OOJa > -----END PGP SIGNATURE----- From lev at serebryakov.spb.ru Wed Feb 24 21:32:26 2016 From: lev at serebryakov.spb.ru (Lev Serebryakov) Date: Thu, 25 Feb 2016 00:32:26 +0300 Subject: SQLite driver and auth-worker credentials In-Reply-To: References: <56CDF6F4.3050601@serebryakov.spb.ru> <56CE0202.8080609@serebryakov.spb.ru> Message-ID: <421080872.20160225003220@serebryakov.spb.ru> Hello James, Wednesday, February 24, 2016, 11:17:12 PM, you wrote: >> But system should assign all secondary GIDs to effective UID? > separate 'group =' directive in addition to the 'user =' directive > (http://wiki2.dovecot.org/Services). Oh, I missed this one, thank you -- Best regards, Lev mailto:lev at serebryakov.spb.ru -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 960 bytes Desc: not available URL: From jk at ucls.uchicago.edu Wed Feb 24 21:56:42 2016 From: jk at ucls.uchicago.edu (John Krug) Date: Wed, 24 Feb 2016 15:56:42 -0600 Subject: Deleting / Removing users Message-ID: <1782EB97-5CF2-47E7-A86A-9B2A1BD76110@ucls.uchicago.edu> i have a list of users that I?ve removed from LDAP and I want to delete their mail storage. sdbox Dovecot 2.2.15.8 I have mail messages in one location and indexes in another. Should I just rm -rf /messages/ rm -rf /indexes/ Thanks, JK ----------------------------------------------------------------------- John "JK" Krug System Administrator The University of Chicago | Laboratory Schools 1362 East 59th Street | Chicago, IL 60637 Phone: (773) 834-4476 jk at ucls.uchicago.edu | http://helpdesk.ucls.uchicago.edu _______________________________________________ From aki.tuomi at dovecot.fi Wed Feb 24 21:59:22 2016 From: aki.tuomi at dovecot.fi (Aki Tuomi) Date: Wed, 24 Feb 2016 23:59:22 +0200 Subject: VS: Re: SQLite driver and auth-worker credentials Message-ID: <12qv4ro0wqnr8658a5ktay6m.1456351162578@email.android.com> this is probably something that ought to be fixed. Read only scenario for auth/userdb is quite plausible.? ---Aki TuomiDovecot oy-------- Alkuper?inen viesti --------L?hett?j?: Lev Serebryakov P?iv?m??r?: 24.2.2016 23.32 (GMT+02:00) Saaja: james at lottspot.com Kopio: dovecot at dovecot.org Aihe: Re: SQLite driver and auth-worker credentials Hello James, Wednesday, February 24, 2016, 11:17:12 PM, you wrote: >>?? But system should assign all secondary GIDs to effective UID? > separate 'group =' directive in addition to the 'user =' directive > (http://wiki2.dovecot.org/Services). ? Oh, I missed this one, thank you -- Best regards, Lev??????????????????????????? mailto:lev at serebryakov.spb.ru From chris2014 at postbox.xyz Thu Feb 25 00:17:08 2016 From: chris2014 at postbox.xyz (Chris) Date: Thu, 25 Feb 2016 01:17:08 +0100 Subject: Different Quotas For Public Namespace Message-ID: Dear All, are different quotas for public namespace folders possible? They're in the same namespace. If I got it right, the wiki says there's one quota per namespace only? - Chris From chris2014 at postbox.xyz Thu Feb 25 00:51:37 2016 From: chris2014 at postbox.xyz (Chris) Date: Thu, 25 Feb 2016 01:51:37 +0100 Subject: Block public namespace mail when quota exceeded Message-ID: Dear All, is it possible to temporarily reject mails, when quota of public namespace subfolder is exceeded? I'd check folder size with a cronjob. Dovecot is using a system user, so I guess blocking post and insert in ACL isn't a solution? I don't want to set the folder to read-only, that users can still delete mails. Thank you in advance. - Chris From leon at f-m.fm Thu Feb 25 05:53:16 2016 From: leon at f-m.fm (Leon Kyneur) Date: Thu, 25 Feb 2016 16:53:16 +1100 Subject: where is pop3_migration_ignore_missing_uidls=yes set? Message-ID: <56CE96CC.5000207@f-m.fm> While doing pop3 migrations with dsync I am getting an error: dsync(user at domain.net): Error: pop3_migration: 2 POP3 messages have no matching IMAP messages (first POP3 msg 2638 UIDL fb3d6f3299541e695a28585f5803ed1c) - set pop3_migration_ignore_missing_uidls=yes to continue anyway dsync(user at domain.net): Error: Exporting mailbox INBOX failed: Can't lookup pop3-uidl for UID=3252: POP3 UIDLs couldn't be synced Can't see this is doveconf -a so it's not a setting? - tried configuring it as a plugin setting but that didn't work... Where is the correct place to set this? TIA From skdovecot at smail.inf.fh-brs.de Thu Feb 25 07:16:22 2016 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Thu, 25 Feb 2016 08:16:22 +0100 (CET) Subject: Deleting / Removing users In-Reply-To: <1782EB97-5CF2-47E7-A86A-9B2A1BD76110@ucls.uchicago.edu> References: <1782EB97-5CF2-47E7-A86A-9B2A1BD76110@ucls.uchicago.edu> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, 24 Feb 2016, John Krug wrote: > i have a list of users that I?ve removed from LDAP and I want to delete their mail storage. > > sdbox > Dovecot 2.2.15.8 > > I have mail messages in one location and indexes in another. Should I just > rm -rf /messages/ > rm -rf /indexes/ if that's where the mail_location points to. Also check out the home directory of eash user. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVs6qRnz1H7kL/d9rAQL8Hgf/fNlN1fuggq2eABGDrn6sv43+VE0geAXn U3oMoQF8ABItuOU7kMagDwY7n+K35ZFY/b2sddZ3kc4eKLORRxUzrN3orl1+H9jl bkqjeDmF7PazKd1lFtfCZpgjCT/UM6MQPn8Lxm4TaL+2tV50Gm//Og7PdeQ5N7UO YQcWvYLQOVgkY8vbqhNTnp0QFlfttHT+oFT+Kp3mDj3GQ2Mg7nMSKFZAeanaX2Qd XTSgsKtX9yaoG/E76o/2dvtW8jh0RS1OhX9oDaboFIsKj4OkI7ahaAxwmB6jZxX7 pnnrOZzKMEDO8S7MmjtyWmG0MGIzzWwKfYSI/5mOpT3rkphHjihpwA== =WH5K -----END PGP SIGNATURE----- From skdovecot at smail.inf.fh-brs.de Thu Feb 25 07:19:47 2016 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Thu, 25 Feb 2016 08:19:47 +0100 (CET) Subject: Different Quotas For Public Namespace In-Reply-To: References: Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 25 Feb 2016, Chris wrote: > are different quotas for public namespace folders possible? They're in the > same namespace. > > If I got it right, the wiki says there's one quota per namespace only? Which Wiki says what exactly and what's your config and what's your goal? http://wiki2.dovecot.org/Quota/Configuration says "Quota for public namespaces You can create a separate namespace-specific quota that's shared between all users. This is done simply by adding :ns= parameter to quota setting. For example you could have something like: " - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVs6rE3z1H7kL/d9rAQLDZQgAq2veIN4n3xM+Vc7i8RQXiYhmyWxqDsSC eZ51q92aQuwm2uiFOmmnVscRGK/ObUUYWM+TpnEbZuTO7krdHdrzvGEC1+wm8y8U v6bFzSZDueZWB1i9qvJzGLe9XG7NF/jeOqlkpXBSkcrqjNF+7aKflHBSUDxx1fVM YifgCmYRLtACtpPxBVL8sIIhz+cYeLAZfdkaDqmdaZZ4mP9MJffL1gitDm62kd6Y 74jYh2VDX4Sfmqe0cvo/Z6uiDhFQdQRlh/5h+ePW0YSySxN9C4D84Zmj70k+/R3y jSxbY0katYbbiOA0P/AyklywiWxbpbsYfwglMJ3TgfpeptX0x07rsQ== =OmD6 -----END PGP SIGNATURE----- From skdovecot at smail.inf.fh-brs.de Thu Feb 25 07:25:07 2016 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Thu, 25 Feb 2016 08:25:07 +0100 (CET) Subject: Block public namespace mail when quota exceeded In-Reply-To: References: Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 25 Feb 2016, Chris wrote: > is it possible to temporarily reject mails, when quota of public namespace > subfolder is exceeded? I'd check folder size with a cronjob. How does the MTA know that the message is filed into a public namespace? > Dovecot is using a system user, so I guess blocking post and insert in ACL > isn't a solution? you mean users drop messages via Sieve script there? Yes, removing post and insert is a solution, but the message is still excepted by the MTA and generates a DSN if not resolved in a time. > I don't want to set the folder to read-only, that users can still delete > mails. > > Thank you in advance. > > - Chris > - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVs6sU3z1H7kL/d9rAQICKgf/R1xL4zDlg8ICIFQBoxrDDnW3JWAqgkb1 k597wUona8FAxHH/EfIxXBYvfA67D884w1ruquOin2STXcvxu+hi4Ob2hgTd7L5X iyWlRCERi98+mzZSIWitW/HwmuXjB5u8i2M+/s2E5HFG0R4zpd4KU556JHDe6v9B UQ4HNIPlCOF6U3ocWleORN9oUrJ+q33erP2J3yLSJdUeH0Rmblo3uI9EobqqCIQQ as6GrhmVycgxxT0iBne0fAMsrnJOMBNigT0waLEdz6hi7TJ6kHgTkYa9e9r4HceH OAAV1ri63w3p2jhOD+ZmUurAsOD/+F142daAaE4k2My4gSecxqetZQ== =R22x -----END PGP SIGNATURE----- From teemu.huovila at dovecot.fi Thu Feb 25 09:20:58 2016 From: teemu.huovila at dovecot.fi (Teemu Huovila) Date: Thu, 25 Feb 2016 11:20:58 +0200 Subject: search problem dovecot 2.2.21 + fts - Solr In-Reply-To: References: Message-ID: <56CEC77A.5060501@dovecot.fi> On 24.02.2016 21:14, Anderson Barbosa wrote: > Hello, > > Realized update dovecot on my server. Now the search is returning > differently from the previous version bringing reference information of > other messages . > For example when doing a search for anderson.joao this new version of the > dovecot dovecot 2.2.21 + fts - Solr response will be all email that has the > word anderson and joao, instead of returning only items with the word > anderson.joao. > > Before used version 2.2.18 + dovecot fts - Solr and the problem did not > occur . > For example practical test : > > Dovecot 2.2.18 > > > # telnet SERVER 143 > Trying SERVER... > Connected to SERVER. > Escape character is '^]'. > * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE > AUTH=PLAIN] Zimbra IMAP4. > a login conta at conta.com.br 1223456 > a OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE > SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS THREAD=ORDEREDSUBJECT > MULTIAPPEND URL-PARTIAn > a select INBOX > * FLAGS (\Answered \Flagged \Deleted \Seen \Draft) > * OK [PERMANENTFLAGS (\Answered \Flagged \Deleted \Seen \Draft \*)] Flags > permitted. > * 14 EXISTS > * 0 RECENT > * OK [UIDVALIDITY 1452548222] UIDs valid > * OK [UIDNEXT 25] Predicted next UID > * OK [HIGHESTMODSEQ 52] Highest > a OK [READ-WRITE] Select completed (0.001 secs). > a SEARCH text "anderson" > * SEARCH 11 12 (2 found emails) > a OK Search completed (0.265 secs). > a SEARCH text "joao" > * SEARCH 13 14 (2 found emails) > a OK Search completed (0.003 secs). > a SEARCH text "anderson.joao" > * SEARCH (0 found emails) > a OK Search completed (0.004 secs). > a logout > * BYE Logging out > a OK Logout completed. > Connection closed by foreign host. > > > Dovecot 2.2.21 > > # telnet SERVER 143 > Trying SERVER... > Connected to SERVER. > Escape character is '^]'. > * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE > AUTH=PLAIN] Zimbra IMAP4. > a login conta at conta.com.br 1223456 > a OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE > SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS THREAD=ORDEREDSUBJECT > MULTIAPPEND URL-PARTIAn > a select INBOX > * FLAGS (\Answered \Flagged \Deleted \Seen \Draft) > * OK [PERMANENTFLAGS (\Answered \Flagged \Deleted \Seen \Draft \*)] Flags > permitted. > * 14 EXISTS > * 0 RECENT > * OK [UIDVALIDITY 1452548222] UIDs valid > * OK [UIDNEXT 25] Predicted next UID > * OK [HIGHESTMODSEQ 52] Highest > a OK [READ-WRITE] Select completed (0.000 + 0.000 secs). > a SEARCH text "anderson" > * SEARCH 11 12 (2 found emails) > a OK Search completed (0.004 + 0.000 secs). > a SEARCH text "joao" (2 found emails) > * SEARCH 13 14 > a OK Search completed (0.005 + 0.000 secs). > a SEARCH text "anderson.joao" > * SEARCH 11 12 13 14 *(4 found emails)* > a OK Search completed (0.005 + 0.000 secs). > a logout > * BYE Logging out > a OK Logout completed. > Connection closed by foreign host. > > Even using characters Special "" \ scape, ' ' for an answer will always be > all emails with the word anderson and joao. > Checking the Changelog dovecot noticed que NAS versions Previous v2.2.20 > and v2.2.19 certain changes with respect to fts . > > There Have Another way to Make Search for Exact Word In this new version to > loft? This is most likely fixed by https://github.com/dovecot/core/commit/f3b0efdcbd0bd9059574c8f86d6cb43e16c8e521 The fix will be included in 2.2.22, which will hopefully be released some time mid-march. If you can, please test with a build from current git master tip and let us know, if it does not. br, Teemu Huovila From manu at netbsd.org Thu Feb 25 10:34:46 2016 From: manu at netbsd.org (Emmanuel Dreyfus) Date: Thu, 25 Feb 2016 10:34:46 +0000 Subject: Checking index sanity Message-ID: <20160225103446.GC7353@homeworld.NetBSD.org> Hello We experienced corrupted dovecot indexes, probably caused by a server crash. This does not cause a lot of harm, just annoyance. For instance, LMTP raises an assertion during delivery, which causes mail to multiple recipients e-mail to remain in the queue if a single of them hits a corrupted index. The workaround for now is to detect the situation in the logs and to remove corrupted indexes when the problem arise. A better fix would be to sanity check all user's index on startup. Is there a command line tool to do this? -- Emmanuel Dreyfus manu at netbsd.org From dovecot at haravikk.me Thu Feb 25 22:23:23 2016 From: dovecot at haravikk.me (Haravikk) Date: Thu, 25 Feb 2016 22:23:23 +0000 Subject: [Feature Request] doveadm option to return number of messages acted upon Message-ID: So I have a script for handling my specific archive and expunge needs, but it?d be nice to be able to track how many messages are being affected. Currently I?m doing it by firing the same search queries into doveadm search and counting the lines of the result with wc -l, but that?s not a very pretty solution. While I?m mostly doing it out of interest on a personal server, I can?t imagine it?s a very scalable way to do it if you wanted to gather some kind of metrics for example. What I think would make sense would be for relevant doveadm commands such as move, expunge (probably purge too) and others I haven?t thought of to have a new option that, if enabled, will cause the command to output the number of messages affected as the final line of output (most of these commands don?t have any output anyway). A doveadm count command could also be a convenient, more efficient, alternative to doveadm search | wc -l. From bytesplit at gmail.com Thu Feb 25 23:06:23 2016 From: bytesplit at gmail.com (Philon) Date: Fri, 26 Feb 2016 00:06:23 +0100 Subject: Replication between two ISPCOnfig servers In-Reply-To: <56CAE681.4060003@igotafrica.com> References: <56CAE681.4060003@igotafrica.com> Message-ID: Hi Otto if Dovecot users are setup through SQL you might want to check the iterate query. So that things like for example doveadm quota get -A work. So look into your SQL config, there you must setup the sql query. Then doveadm sync -A should do what you expect. Philon 2016-02-22 11:44 GMT+01:00 Otto Saayman : > Hello > > I have set up two servers, one master and one slave, using ISPConfig. I > have been using rsync to synchronise mails between the two machines, but > this has some unstable results. > > I had a look at setting up replication: > http://wiki.dovecot.org/Replication > > When I run the command, doveadm user '*', only two users are returned. So > when I run this command: doveadm replicator replicate \* I get: 2 users > updated > > I run this command: > doveadm sync -u [e-mail address] tcp:[2nd/ slave dovecot server IP > address] > > Here I can input any valid e-mail address in the ISPConfig MySQL database > and it works. > > How do I tell the dovecote server to replicate all the users configured in > the MySQL database it uses when it handles logins via POP/ IMAP, all of > which is working fine? > > Is there a command I need to run at a set interval via cron to synchronise > the two machines' mailboxes, which are identical in every way except the > mails the users' mailboxes contain? > > OR > > Is there a way that I can instruct the two machines to keep each other's > user mailbox contents "up to date"? > > The main idea is to have a hot backup of my "main" dovecot server and also > to enable a lower mail priority for the second server so that mails are > still received when the main server becomes busy, or is taken offline for > some reason. > > Any help, or link to a HOWTO would be appreciated. > > -- > > Best Regards > > Otto Saayman > From sca at andreasschulze.de Fri Feb 26 07:25:47 2016 From: sca at andreasschulze.de (A. Schulze) Date: Fri, 26 Feb 2016 08:25:47 +0100 Subject: [Feature Request] doveadm option to return number of messages acted upon In-Reply-To: Message-ID: <20160226082547.Horde.6N12qp0GMDTGTftZes-eCUR@andreasschulze.de> Haravikk: > So I have a script for handling my specific archive and expunge > needs, but it?d be nice to be able to track how many messages are > being affected. > > Currently I?m doing it by firing the same search queries into > doveadm search and counting the lines of the result with wc -l, but > that?s not a very pretty solution. While I?m mostly doing it out of > interest on a personal server, I can?t imagine it?s a very scalable > way to do it if you wanted to gather some kind of metrics for example. > > What I think would make sense would be for relevant doveadm commands > such as move, expunge (probably purge too) and others I haven?t > thought of to have a new option that, if enabled, will cause the > command to output the number of messages affected as the final line > of output (most of these commands don?t have any output anyway). A > doveadm count command could also be a convenient, more efficient, > alternative to doveadm search | wc -l. +1 statistics are always nice Andreas From altin.ukshini at gmail.com Fri Feb 26 11:59:49 2016 From: altin.ukshini at gmail.com (Altin Ukshini) Date: Fri, 26 Feb 2016 12:59:49 +0100 Subject: Question: Directory hashing to support large domains | Dovecot & MySQL Message-ID: Hello there, I have a postfix + dovecot + mysql installation in an ubuntu server. Virtual users and domains in a small mysql db that I manage via a web based mailadmin I wrote myself. The mysql db I'm talking about has a qmail structure that used to be managed by qmailadmin and worked with vpopmail. As for information, I cannot move to a different structure (exc postfixadmin/postfix) for many reasons, so I was forced to stick with it and configure postfix and dovecot to read that structure... If you may know, qmail (depends on the configuration) uses a directory hashing like /home/vpopmail/DOMAIN/P/7/USERNAME (something similar) in order to manage large domains, and this is handled by vpopmail. Please refer to these two links for details: - http://free.acrconsulting.co.uk/email/qmh.html - https://sourceforge.net/p/vpopmail/mailman/message/2710408/ I saw that dovecot uses something similar which I found in dovecot documentation ?: http://wiki2.dovecot.org/MailLocation#Directory_hashing Unfortunately, I cannot find more details, so I'd be thankful if you help me out with the following: By reading the documentation, I can tell that I can use the dir hashing variables in my dovecot configuration. But, in my case, I get the directory path from my mysql db via dovecot sql user_query - not from mail_location variable in 10-mail.conf Therefore if in case of a first received email for a user: dovecot checks in the db, gets the path and creates the maildir from the given path. In case the maildir column is empty, it fails, and it also fails to authenticate... So, can dovecot write to mysql? I would like to use directory hashing of dovecot, but from what I can find: If dovecot has mail_location variable set to do the dir hashing, it will not then go and add the created path in my mysql db. While if I try to implement something similar from my web gui application, I'd probably have to rewrite the algorithm that does this!? Can anyone help me figure out what's the best way to implement this? Thank you very much in advance for your help! Best, Altin Ukshini From chris2014 at postbox.xyz Fri Feb 26 18:49:52 2016 From: chris2014 at postbox.xyz (Chris) Date: Fri, 26 Feb 2016 19:49:52 +0100 Subject: Block public namespace mail when quota exceeded In-Reply-To: References: Message-ID: <4fdf7e36edb056bb74a294b3caa9b79e.squirrel@mail2.postbox.xyz> Steffen Kaiser wrote: > On Thu, 25 Feb 2016, Chris wrote: > >> is it possible to temporarily reject mails, when quota of public >> namespace >> subfolder is exceeded? I'd check folder size with a cronjob. > > How does the MTA know that the message is filed into a public namespace? deliver -m Public.somebox > you mean users drop messages via Sieve script there? Yes, removing post > and insert is a solution, but the message is still excepted by the MTA and > generates a DSN if not resolved in a time. I meant dovecot users are virtual. Dovecot runs as vmail system user, so changing ACLs is probably not possible. From chris2014 at postbox.xyz Fri Feb 26 19:04:19 2016 From: chris2014 at postbox.xyz (Chris) Date: Fri, 26 Feb 2016 20:04:19 +0100 Subject: Different Quotas For Public Namespace In-Reply-To: References: Message-ID: Steffen Kaiser wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Thu, 25 Feb 2016, Chris wrote: > >> are different quotas for public namespace folders possible? They're in >> the >> same namespace. >> >> If I got it right, the wiki says there's one quota per namespace only? > > Which Wiki says what exactly and what's your config and what's your goal? > > http://wiki2.dovecot.org/Quota/Configuration > says "Quota for public namespaces > > You can create a separate namespace-specific quota that's shared between > all users. This is done simply by adding :ns= parameter > to quota setting. For example you could have something like: This is exactly the wiki section I meant. I'd like to set quota for individual maildirs (not users) in public namespace. Quota in public namespace seems not to be for individual maildirs, but the whole namespace. From yannik at sembritzki.me Fri Feb 26 20:44:15 2016 From: yannik at sembritzki.me (Yannik Sembritzki) Date: Fri, 26 Feb 2016 21:44:15 +0100 Subject: Dovecot sieve - How to check which username a mail is being delivered to? Message-ID: <56D0B91F.5090007@sembritzki.me> Hi everyone, I am looking for a way to check which mailbox an email is being delivered to in a global sieve filter. After not being able to find some kind of variable that is populated by dovecot automatically, I tried to use the `Delivered-To` header. I tried a check like this: header :is "delivered-to" "" Unfortunately, this does not only match the first occurence of the header (which can be assumed is added by dovecot), but any occurence of this header in the email, which could be added due to previous deliveries and forwards, or just cause of malice. Is there any way to achieve this? Best regards, Yannik From jtam.home at gmail.com Fri Feb 26 22:16:16 2016 From: jtam.home at gmail.com (Joseph Tam) Date: Fri, 26 Feb 2016 14:16:16 -0800 (PST) Subject: Assertion crash: (idx * array->element_size < array->buffer->used) Message-ID: Log message: Traceback is hex gibberish: if symbolic traceback is needed, I'll recompile with "cc -g" and retest. Panic: file ../../../src/lib/array.h: line 219 (array_idx_i): assertion failed : (idx * array->element_size < array->buffer->used) (Similar to http://dovecot.org/pipermail/dovecot/2015-February/099771.html) IMAP command that provoked the crash: x1 FETCH 3 (BODY) Dovecot version: 2.2.19, Solaris10 (I don't think doveconf -n is relevant, but willing to provide if needed). It seems like a mailbox index issue. Removing, then recreating the indices gets rid of the crash. I saved these indices if it will help. Joseph Tam From tom at whyscream.net Fri Feb 26 23:53:53 2016 From: tom at whyscream.net (Tom Hendrikx) Date: Sat, 27 Feb 2016 00:53:53 +0100 Subject: Dovecot sieve - How to check which username a mail is being delivered to? In-Reply-To: <56D0B91F.5090007@sembritzki.me> References: <56D0B91F.5090007@sembritzki.me> Message-ID: <56D0E591.4020003@whyscream.net> On 26-02-16 21:44, Yannik Sembritzki wrote: > Hi everyone, > > I am looking for a way to check which mailbox an email is being > delivered to in a global sieve filter. > > After not being able to find some kind of variable that is populated by > dovecot automatically, I tried to use the `Delivered-To` header. > I tried a check like this: > > header :is "delivered-to" "" > You're probably better off using envelope recipient: envelope :is "to" "recipient at example.org" Regards, Tom -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: OpenPGP digital signature URL: From tlx at leuxner.net Sat Feb 27 08:29:43 2016 From: tlx at leuxner.net (Thomas Leuxner) Date: Sat, 27 Feb 2016 09:29:43 +0100 Subject: Error: istream-seekable: safe_mkstemp(/tmp/dovecot.imap.) failed Message-ID: <20160227082929.GA949@nihlus.leuxner.net> I'm seeing these recently: Feb 27 09:24:01 nihlus dovecot: imap(tlx at leuxner.net): Error: istream-seekable: safe_mkstemp(/tmp/dovecot.imap.) failed: No such file or directory Feb 27 09:24:01 nihlus dovecot: imap(tlx at leuxner.net): Error: istream-seekable: safe_mkstemp(/tmp/dovecot.imap.) failed: No such file or directory Feb 27 09:24:01 nihlus dovecot: imap(tlx at leuxner.net): Error: istream-seekable: safe_mkstemp(/tmp/dovecot.imap.) failed: No such file or directory Feb 27 09:24:01 nihlus dovecot: imap(tlx at leuxner.net): Error: istream-seekable: safe_mkstemp(/tmp/dovecot.imap.) failed: No such file or directory Feb 27 09:24:01 nihlus dovecot: imap(tlx at leuxner.net): Error: istream-seekable: safe_mkstemp(/tmp/dovecot.imap.) failed: No such file or directory Feb 27 09:24:01 nihlus dovecot: imap(tlx at leuxner.net): Error: istream-seekable: safe_mkstemp(/tmp/dovecot.imap.) failed: No such file or directory $ doveconf -n | head # 2.2.devel (f1a9b58): /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.devel (0de2a19) Regards Thomas -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 181 bytes Desc: Digital signature URL: From yannik at sembritzki.me Sat Feb 27 09:42:11 2016 From: yannik at sembritzki.me (Yannik Sembritzki) Date: Sat, 27 Feb 2016 10:42:11 +0100 Subject: Dovecot sieve - How to check which username a mail is being delivered to? In-Reply-To: <56D0E591.4020003@whyscream.net> References: <56D0B91F.5090007@sembritzki.me> <56D0E591.4020003@whyscream.net> Message-ID: <56D16F73.6080301@sembritzki.me> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hi, what happens when an email with multiple recipient is (RCPT TO) is delivered over lmtp? Will 'envelope "to"' contain multiple recipients in this case? Am 27.02.2016 um 00:53 schrieb Tom Hendrikx: > On 26-02-16 21:44, Yannik Sembritzki wrote: >> Hi everyone, >> >> I am looking for a way to check which mailbox an email is being >> delivered to in a global sieve filter. >> >> After not being able to find some kind of variable that is populated by >> dovecot automatically, I tried to use the `Delivered-To` header. >> I tried a check like this: >> >> header :is "delivered-to" "" >> > > You're probably better off using envelope recipient: > > envelope :is "to" "recipient at example.org" > > Regards, > Tom > -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJW0W9vAAoJECmWCr2wpSDlu0MQAMAuSTcNEVoxuHySwsuTzqs6 pHcrTUaI9fTmooSkwAFwExUwXBgttXnEhqa+C2wgsyMDUXGki59xAwvSbREzBwL3 84uLguNSS0nC+wh1bGNK2W+jOHq9VPxcVMT/T9agsDJJfB7I5sBfebawOCUrE7c0 8J4lXv1X5xnC7FzJ9aZ9ufd65Tb2N7j3a3QezQwgj5IC69rdp7dM1Uhg+25jlvIr 8l9C8Gc7j3FszbAWFKpvKH2kSnAskYCWvMJ/zCUmf7Z5yd0KfhSAi2qWU4X1Q4oV NAANEIUeg6wG/QxcED3N7+1pucp4X9+Kk/oTNYSh/1y0MxeiBIyOpF2CPOk9hiU5 6jswa5qc73I6lP5EcaTxW9NCcrZRxiosKTrW2j9dKbS/WywmkwXF+F8Ziy7SZG+H 0DlKNdjUnKffe7WdvqRf4cYdBOwkwPql5c0w8qj8obMZdl8X5QxErlgYH7Ugmzmp qVg3XjPT1cGmh5CP+l2sN52Dm0EHvPvyYPhLLB0qJXQsQ7lTrnJqFxZypxtnnNwR wCfpzu2WiaawIPZAK3TpOY6+gKXhOOMEeppVPyXmH/YiTdNuETJ2bawfFfq3YXm6 3A+vOBF72Oem9t2YKAf3N4zJFaEK2WmYIBm3WKrUEcX6bnhzJ/QYx9hAFOYwVWqc CgPSSBIFTxtEMWM1rHsw =/Vno -----END PGP SIGNATURE----- From tom at whyscream.net Sat Feb 27 09:50:25 2016 From: tom at whyscream.net (Tom Hendrikx) Date: Sat, 27 Feb 2016 10:50:25 +0100 Subject: Dovecot sieve - How to check which username a mail is being delivered to? In-Reply-To: <56D16F73.6080301@sembritzki.me> References: <56D0B91F.5090007@sembritzki.me> <56D0E591.4020003@whyscream.net> <56D16F73.6080301@sembritzki.me> Message-ID: <56D17161.7020903@whyscream.net> Hi, According to RFC https://tools.ietf.org/html/rfc5228#section-5.4 If one of the envelope-part strings is (case insensitive) "to", then matching occurs against the TO address used in the SMTP RCPT command that resulted in this message getting delivered to this user. Note that only the most recent TO is available, and only the one relevant to this user. So only the envelope recipient for the current delivery is available, i.e. a single address. Regards, Tom On 27-02-16 10:42, Yannik Sembritzki wrote: > > Hi, > > what happens when an email with multiple recipient is (RCPT TO) is > delivered over lmtp? Will 'envelope "to"' contain multiple recipients in > this case? > > > Am 27.02.2016 um 00:53 schrieb Tom Hendrikx: >> On 26-02-16 21:44, Yannik Sembritzki wrote: >>> Hi everyone, >>> >>> I am looking for a way to check which mailbox an email is being >>> delivered to in a global sieve filter. >>> >>> After not being able to find some kind of variable that is populated by >>> dovecot automatically, I tried to use the `Delivered-To` header. >>> I tried a check like this: >>> >>> header :is "delivered-to" "" >>> > >> You're probably better off using envelope recipient: > >> envelope :is "to" "recipient at example.org" > >> Regards, >> Tom > > > -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: OpenPGP digital signature URL: From 4dahmen at informatik.uni-hamburg.de Sun Feb 28 20:43:42 2016 From: 4dahmen at informatik.uni-hamburg.de (Vincent Dahmen) Date: Sun, 28 Feb 2016 21:43:42 +0100 Subject: UnicodeData Message-ID: <56D35BFE.4010202@informatik.uni-hamburg.de> Hey guys, there seem to be a problem with wget and/or the unicode webserver. During the make process there are several files wich are download from the unicode server. I can access them manually but both curl and wget failing to get it. Are they any other mirrors or anyone else expiring this bug? Greetings From 4dahmen at informatik.uni-hamburg.de Sun Feb 28 21:43:30 2016 From: 4dahmen at informatik.uni-hamburg.de (Vincent Dahmen) Date: Sun, 28 Feb 2016 22:43:30 +0100 Subject: UnicodeData In-Reply-To: <56D35BFE.4010202@informatik.uni-hamburg.de> References: <56D35BFE.4010202@informatik.uni-hamburg.de> Message-ID: <56D36A02.5020404@informatik.uni-hamburg.de> There are 2 makefiles downloading files from unicode. They are locatet at src/lib/Makefile src/lib-fts/Makefile I manually downloaded the files form the website and hosted them myself and everything worked just fine. Maybe store the files inside the git? Or am I missing smth? Greetings Am 28.02.2016 um 21:43 schrieb Vincent Dahmen: > Hey guys, > > there seem to be a problem with wget and/or the unicode webserver. > > During the make process there are several files wich are download from > the unicode server. > > I can access them manually but both curl and wget failing to get it. > > Are they any other mirrors or anyone else expiring this bug? > > Greetings > From ralph.jones at modolingo.de Sun Feb 28 22:59:55 2016 From: ralph.jones at modolingo.de (ralph.jones at modolingo.de) Date: Sun, 28 Feb 2016 23:59:55 +0100 Subject: Queries are not being sent to solr when search on server issued via imap client. Message-ID: <20160228225955.GA28191@debian.ralphnet> I traced the network communication with the solr server with tcpdump: sudo tcpdump -i any -A -vvv port 8080 I logged into the imap server via telnet (actually openssl) and issued the command ". search body ". About 20 results were returned within about half a second. Nothing was seen in tcpdump. When I issue "doveadm search box ", I can see the search string in the output of tcpdump and also in the solr logs. Solr seems to have been initialized correctly, in that when I issue a query via curl, I receive the correct results. I am using: dovecot 2.2.13 (debian jessie) libsolr-java 3.6.2+dfsg-5 relevant config: mail_plugins = fts fts_solr acl virtual plugin { fts = solr fts_solr = url=http://localhost:8080/solr/ debug ... } From ralph.jones at modolingo.de Mon Feb 29 09:33:36 2016 From: ralph.jones at modolingo.de (Ralph Jones) Date: Mon, 29 Feb 2016 10:33:36 +0100 Subject: Queries are not being sent to solr when search on server issued via imap client. In-Reply-To: <20160228225955.GA28191@debian.ralphnet> References: <20160228225955.GA28191@debian.ralphnet> Message-ID: <20160229093336.GA2135@debian.ralphnet> I found the problem. "mail_plugins = fts fts_solr" has to be set within "protocol imap" as well. On 2016-02-28 23:59, ralph.jones at modolingo.de wrote: > I traced the network communication with the solr server with tcpdump: > sudo tcpdump -i any -A -vvv port 8080 > > I logged into the imap server via telnet (actually openssl) and issued the command ". search body ". About 20 results were returned within about half a second. Nothing was seen in tcpdump. When I issue "doveadm search box ", I can see the search string in the output of tcpdump and also in the solr logs. Solr seems to have been initialized correctly, in that when I issue a query via curl, I receive the correct results. > > I am using: > dovecot 2.2.13 (debian jessie) > libsolr-java 3.6.2+dfsg-5 > > relevant config: > mail_plugins = fts fts_solr acl virtual > plugin { > fts = solr > fts_solr = url=http://localhost:8080/solr/ debug > ... > } From 4dahmen at informatik.uni-hamburg.de Mon Feb 29 10:58:39 2016 From: 4dahmen at informatik.uni-hamburg.de (Vincent Dahmen) Date: Mon, 29 Feb 2016 11:58:39 +0100 Subject: UnicodeData In-Reply-To: <56D36A02.5020404@informatik.uni-hamburg.de> References: <56D35BFE.4010202@informatik.uni-hamburg.de> <56D36A02.5020404@informatik.uni-hamburg.de> Message-ID: <56D4245F.6060509@informatik.uni-hamburg.de> It seems that the problem occurs only on some virtual maschines ... Neither does swithching to ftp helps ... Since it doesnt seem to be general problem you may ignore this, but I would love to know if it happend to anyone else. Is this some kind of spam protection by unicode.org? Am 28.02.2016 um 22:43 schrieb Vincent Dahmen: > There are 2 makefiles downloading files from unicode. > > They are locatet at > > src/lib/Makefile > src/lib-fts/Makefile > > I manually downloaded the files form the website and hosted them myself > and everything worked just fine. > > Maybe store the files inside the git? Or am I missing smth? > > Greetings > Am 28.02.2016 um 21:43 schrieb Vincent Dahmen: >> Hey guys, >> >> there seem to be a problem with wget and/or the unicode webserver. >> >> During the make process there are several files wich are download from >> the unicode server. >> >> I can access them manually but both curl and wget failing to get it. >> >> Are they any other mirrors or anyone else expiring this bug? >> >> Greetings >> From oleksandr at natalenko.name Mon Feb 29 11:31:29 2016 From: oleksandr at natalenko.name (Oleksandr Natalenko) Date: Mon, 29 Feb 2016 13:31:29 +0200 Subject: Alternative storage backend for Dovecot Message-ID: <11dc4571aa193d058a9c8446dc694db6@natalenko.name> Hi. We have corporate Dovecot setup with GlusterFS as file storage. We store maildirs on GlueterFS share, mounting it via NFS. Mounting share via native GlusterFS FUSE client introduces visible performance overhead. Also, NFS mount does not provide us with HA. That's why I have an idea to use GlusterFS C API to access maildirs share. I'd like to preserve maildir structure, but get access to it not via FS mount point but with GlusterFS C API calls. I've discovered that Dovecot source tree has src/lib-fs infrastructure with fs-posix implemented on top of it. Is that the right place to start from? GlusterFS C API calls are POSIX-like, so they could be easily used as substitutions for VFS ops. Could such a backend be implemented as separate plugin? Are there any examples of alternative storage backend to look at? Thanks. Regards, Oleksandr. From Hajo.Locke at gmx.de Mon Feb 29 12:11:06 2016 From: Hajo.Locke at gmx.de (Hajo Locke) Date: Mon, 29 Feb 2016 13:11:06 +0100 Subject: sieve_extprograms - double linebreaks at filtering In-Reply-To: <55F01849.4090502@rename-it.nl> References: <55EEC221.3020103@gmx.de> <55EFFB5A.9060008@rename-it.nl> <55F00BD1.5060204@gmx.de> <55F01849.4090502@rename-it.nl> Message-ID: <56D4355A.8050603@gmx.de> Hello, Am 09.09.2015 um 13:30 schrieb Stephan Bosch: > > > Op 9-9-2015 om 12:37 schreef Hajo Locke: >> Hello, >> >> >> Am 09.09.2015 um 11:26 schrieb Stephan Bosch: >>> >>> >>> Op 8-9-2015 om 13:10 schreef Hajo Locke: >>>> Hello List, >>>> >>>> i have a problem when using sieve-plugin sieve_extprograms. I use >>>> dovecot 2.2.18 and bundled pigeonhole 0.4.6 (Ubuntu 14.04.3 LTS) >>>> >>>> i have enabled sieve_extprograms and vnd.dovecot.filter to send >>>> mail to user-defined script and get changed content back. >>>> My script previously was used with procmail and is working fine. >>>> Using same script with vnd.dovecot.filter leads to odd behavior. >>>> I already found out the problem itself: >>>> By sending Mailcontent to filter-programm it seems that >>>> sieve/sieve_extprograms is adding additional linebreaks to every >>>> line of complete mail. >>>> Please see this image to clarify: >>>> http://r31i.imgup.net/header8d56.jpg?l=de >>>> Every lineending got additional windows-lineendings, which leads to >>>> problems with processing scripts. >>>> Piping mails by procmail to same script is working without >>>> problems, because this mails are recieved "clean" without the "^M". >>> >>> Well, the specified format for an internet message like e-mail has >>> CRLF line endings everywhere. That's why this happens now: >>> >>> http://hg.rename-it.nl/dovecot-2.2-pigeonhole/file/5df1b6d72ec2/src/plugins/sieve-extprograms/sieve-extprograms-common.c#l604 >>> >>> >>> But maybe that is not such a good idea in a UNIX environment. I >>> think I can just make it configurable. >> >> ahh, there it is. i think just commenting out this line in my sources >> will result in some errors. Is there a possibility for me to make a >> quickfix in my sources? (use other function or something like that) > > You can replace it with the i_stream_create_lf() function, which > enforces LF rather than CR+LF, which would be what you need. Unfortunately i have to continue this issue. During my last updates this problem is occured again. This are my versions: # 2.2.21 (): /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.11 (6ddf62b87f60+) # OS: Linux 3.13.0-77-generic x86_64 Ubuntu 14.04.4 LTS I tried to configure the linebreaks in my plugin section of /etc/dovecot/dovecot.conf by: sieve_extprograms_input_eol = lf But it seems to have no effect. Is this configured the right way or i have to use 0.4.12? Currently it looks like this: plugin { sieve = ~/sieve/.dovecot.sieve sieve_before = ~/sieve_before/.dovecot_before.sieve sieve_after = ~/sieve_after/.dovecot_after.sieve sieve_plugins = sieve_extprograms sieve_extensions = +vnd.dovecot.pipe +vnd.dovecot.filter +vnd.dovecot.execute +editheader sieve_pipe_bin_dir = /usr/local/bin/ sieve_filter_bin_dir = /usr/local/bin/ sieve_dir = ~/sieve sieve_global_dir = /etc/dovecot/sieve/ sieve_extprograms_input_eol = lf } > > Regards, > > Stephan. > > Thanks, Hajo From stephan at rename-it.nl Mon Feb 29 12:35:46 2016 From: stephan at rename-it.nl (Stephan Bosch) Date: Mon, 29 Feb 2016 13:35:46 +0100 Subject: sieve_extprograms - double linebreaks at filtering In-Reply-To: <56D4355A.8050603@gmx.de> References: <55EEC221.3020103@gmx.de> <55EFFB5A.9060008@rename-it.nl> <55F00BD1.5060204@gmx.de> <55F01849.4090502@rename-it.nl> <56D4355A.8050603@gmx.de> Message-ID: <56D43B22.1020603@rename-it.nl> Op 29-2-2016 om 13:11 schreef Hajo Locke: > Hello, > > > Am 09.09.2015 um 13:30 schrieb Stephan Bosch: >> >> >> Op 9-9-2015 om 12:37 schreef Hajo Locke: >>> Hello, >>> >>> >>> Am 09.09.2015 um 11:26 schrieb Stephan Bosch: >>>> >>>> >>>> Op 8-9-2015 om 13:10 schreef Hajo Locke: >>>>> Hello List, >>>>> >>>>> i have a problem when using sieve-plugin sieve_extprograms. I use >>>>> dovecot 2.2.18 and bundled pigeonhole 0.4.6 (Ubuntu 14.04.3 LTS) >>>>> >>>>> i have enabled sieve_extprograms and vnd.dovecot.filter to send >>>>> mail to user-defined script and get changed content back. >>>>> My script previously was used with procmail and is working fine. >>>>> Using same script with vnd.dovecot.filter leads to odd behavior. >>>>> I already found out the problem itself: >>>>> By sending Mailcontent to filter-programm it seems that >>>>> sieve/sieve_extprograms is adding additional linebreaks to every >>>>> line of complete mail. >>>>> Please see this image to clarify: >>>>> http://r31i.imgup.net/header8d56.jpg?l=de >>>>> Every lineending got additional windows-lineendings, which leads >>>>> to problems with processing scripts. >>>>> Piping mails by procmail to same script is working without >>>>> problems, because this mails are recieved "clean" without the "^M". >>>> >>>> Well, the specified format for an internet message like e-mail has >>>> CRLF line endings everywhere. That's why this happens now: >>>> >>>> http://hg.rename-it.nl/dovecot-2.2-pigeonhole/file/5df1b6d72ec2/src/plugins/sieve-extprograms/sieve-extprograms-common.c#l604 >>>> >>>> >>>> But maybe that is not such a good idea in a UNIX environment. I >>>> think I can just make it configurable. >>> >>> ahh, there it is. i think just commenting out this line in my >>> sources will result in some errors. Is there a possibility for me to >>> make a quickfix in my sources? (use other function or something like >>> that) >> >> You can replace it with the i_stream_create_lf() function, which >> enforces LF rather than CR+LF, which would be what you need. > Unfortunately i have to continue this issue. > During my last updates this problem is occured again. This are my > versions: > # 2.2.21 (): /etc/dovecot/dovecot.conf > # Pigeonhole version 0.4.11 (6ddf62b87f60+) > # OS: Linux 3.13.0-77-generic x86_64 Ubuntu 14.04.4 LTS > > I tried to configure the linebreaks in my plugin section of > /etc/dovecot/dovecot.conf by: > sieve_extprograms_input_eol = lf > > But it seems to have no effect. Is this configured the right way or i > have to use 0.4.12? No wonder, since there is no such setting. Settings that do exist are: "sieve_pipe_input_eol", "sieve_execute_input_eol", and "sieve_filter_input_eol". Regards, Stephan. From Hajo.Locke at gmx.de Mon Feb 29 12:44:14 2016 From: Hajo.Locke at gmx.de (Hajo Locke) Date: Mon, 29 Feb 2016 13:44:14 +0100 Subject: sieve_extprograms - double linebreaks at filtering In-Reply-To: <56D43B22.1020603@rename-it.nl> References: <55EEC221.3020103@gmx.de> <55EFFB5A.9060008@rename-it.nl> <55F00BD1.5060204@gmx.de> <55F01849.4090502@rename-it.nl> <56D4355A.8050603@gmx.de> <56D43B22.1020603@rename-it.nl> Message-ID: <56D43D1E.1030303@gmx.de> Hello, Am 29.02.2016 um 13:35 schrieb Stephan Bosch: > > > Op 29-2-2016 om 13:11 schreef Hajo Locke: >> Hello, >> >> >> Am 09.09.2015 um 13:30 schrieb Stephan Bosch: >>> >>> >>> Op 9-9-2015 om 12:37 schreef Hajo Locke: >>>> Hello, >>>> >>>> >>>> Am 09.09.2015 um 11:26 schrieb Stephan Bosch: >>>>> >>>>> >>>>> Op 8-9-2015 om 13:10 schreef Hajo Locke: >>>>>> Hello List, >>>>>> >>>>>> i have a problem when using sieve-plugin sieve_extprograms. I use >>>>>> dovecot 2.2.18 and bundled pigeonhole 0.4.6 (Ubuntu 14.04.3 LTS) >>>>>> >>>>>> i have enabled sieve_extprograms and vnd.dovecot.filter to send >>>>>> mail to user-defined script and get changed content back. >>>>>> My script previously was used with procmail and is working fine. >>>>>> Using same script with vnd.dovecot.filter leads to odd behavior. >>>>>> I already found out the problem itself: >>>>>> By sending Mailcontent to filter-programm it seems that >>>>>> sieve/sieve_extprograms is adding additional linebreaks to every >>>>>> line of complete mail. >>>>>> Please see this image to clarify: >>>>>> http://r31i.imgup.net/header8d56.jpg?l=de >>>>>> Every lineending got additional windows-lineendings, which leads >>>>>> to problems with processing scripts. >>>>>> Piping mails by procmail to same script is working without >>>>>> problems, because this mails are recieved "clean" without the "^M". >>>>> >>>>> Well, the specified format for an internet message like e-mail has >>>>> CRLF line endings everywhere. That's why this happens now: >>>>> >>>>> http://hg.rename-it.nl/dovecot-2.2-pigeonhole/file/5df1b6d72ec2/src/plugins/sieve-extprograms/sieve-extprograms-common.c#l604 >>>>> >>>>> >>>>> But maybe that is not such a good idea in a UNIX environment. I >>>>> think I can just make it configurable. >>>> >>>> ahh, there it is. i think just commenting out this line in my >>>> sources will result in some errors. Is there a possibility for me >>>> to make a quickfix in my sources? (use other function or something >>>> like that) >>> >>> You can replace it with the i_stream_create_lf() function, which >>> enforces LF rather than CR+LF, which would be what you need. >> Unfortunately i have to continue this issue. >> During my last updates this problem is occured again. This are my >> versions: >> # 2.2.21 (): /etc/dovecot/dovecot.conf >> # Pigeonhole version 0.4.11 (6ddf62b87f60+) >> # OS: Linux 3.13.0-77-generic x86_64 Ubuntu 14.04.4 LTS >> >> I tried to configure the linebreaks in my plugin section of >> /etc/dovecot/dovecot.conf by: >> sieve_extprograms_input_eol = lf >> >> But it seems to have no effect. Is this configured the right way or i >> have to use 0.4.12? > > No wonder, since there is no such setting. > > Settings that do exist are: "sieve_pipe_input_eol", > "sieve_execute_input_eol", and "sieve_filter_input_eol". you are right, this works. I saw this: http://www.dovecot.org/list/dovecot-cvs/2015-September/026497.html My mistake to evaluate sieve__input_eol to sieve_extprograms_input_eol > > Regards, > > Stephan. > Thank you, Hajo From aki.tuomi at dovecot.fi Mon Feb 29 13:22:01 2016 From: aki.tuomi at dovecot.fi (aki.tuomi at dovecot.fi) Date: Mon, 29 Feb 2016 15:22:01 +0200 (EET) Subject: UnicodeData In-Reply-To: <56D4245F.6060509@informatik.uni-hamburg.de> References: <56D35BFE.4010202@informatik.uni-hamburg.de> <56D36A02.5020404@informatik.uni-hamburg.de> <56D4245F.6060509@informatik.uni-hamburg.de> Message-ID: <16401444.7441.6e161d0f-e69a-4ba2-bc6a-8e29e71b33fc.open-xchange@appsuite.open-xchange.com> Hi! This problem is only if you take sources from git. Our source distball contains these files. Aki > On February 29, 2016 at 12:58 PM Vincent Dahmen > <4dahmen at informatik.uni-hamburg.de> wrote: > > > It seems that the problem occurs only on some virtual maschines ... > > Neither does swithching to ftp helps ... > > Since it doesnt seem to be general problem you may ignore this, but I > would love to know if it happend to anyone else. > > Is this some kind of spam protection by unicode.org? > > > > Am 28.02.2016 um 22:43 schrieb Vincent Dahmen: > > There are 2 makefiles downloading files from unicode. > > > > They are locatet at > > > > src/lib/Makefile > > src/lib-fts/Makefile > > > > I manually downloaded the files form the website and hosted them myself > > and everything worked just fine. > > > > Maybe store the files inside the git? Or am I missing smth? > > > > Greetings > > Am 28.02.2016 um 21:43 schrieb Vincent Dahmen: > >> Hey guys, > >> > >> there seem to be a problem with wget and/or the unicode webserver. > >> > >> During the make process there are several files wich are download from > >> the unicode server. > >> > >> I can access them manually but both curl and wget failing to get it. > >> > >> Are they any other mirrors or anyone else expiring this bug? > >> > >> Greetings > >> From andersonb at gmail.com Mon Feb 29 14:53:42 2016 From: andersonb at gmail.com (Anderson Barbosa) Date: Mon, 29 Feb 2016 11:53:42 -0300 Subject: search problem dovecot 2.2.21 + fts - Solr In-Reply-To: <56CEC77A.5060501@dovecot.fi> References: <56CEC77A.5060501@dovecot.fi> Message-ID: Thanks Teemu, work correctly on my beta server. 2016-02-25 6:20 GMT-03:00 Teemu Huovila : > > > On 24.02.2016 21:14, Anderson Barbosa wrote: > > Hello, > > > > Realized update dovecot on my server. Now the search is returning > > differently from the previous version bringing reference information of > > other messages . > > For example when doing a search for anderson.joao this new version of the > > dovecot dovecot 2.2.21 + fts - Solr response will be all email that has > the > > word anderson and joao, instead of returning only items with the word > > anderson.joao. > > > > Before used version 2.2.18 + dovecot fts - Solr and the problem did not > > occur . > > For example practical test : > > > > Dovecot 2.2.18 > > > > > > # telnet SERVER 143 > > Trying SERVER... > > Connected to SERVER. > > Escape character is '^]'. > > * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE > IDLE > > AUTH=PLAIN] Zimbra IMAP4. > > a login conta at conta.com.br 1223456 > > a OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE > IDLE > > SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS THREAD=ORDEREDSUBJECT > > MULTIAPPEND URL-PARTIAn > > a select INBOX > > * FLAGS (\Answered \Flagged \Deleted \Seen \Draft) > > * OK [PERMANENTFLAGS (\Answered \Flagged \Deleted \Seen \Draft \*)] Flags > > permitted. > > * 14 EXISTS > > * 0 RECENT > > * OK [UIDVALIDITY 1452548222] UIDs valid > > * OK [UIDNEXT 25] Predicted next UID > > * OK [HIGHESTMODSEQ 52] Highest > > a OK [READ-WRITE] Select completed (0.001 secs). > > a SEARCH text "anderson" > > * SEARCH 11 12 (2 found emails) > > a OK Search completed (0.265 secs). > > a SEARCH text "joao" > > * SEARCH 13 14 (2 found emails) > > a OK Search completed (0.003 secs). > > a SEARCH text "anderson.joao" > > * SEARCH (0 found emails) > > a OK Search completed (0.004 secs). > > a logout > > * BYE Logging out > > a OK Logout completed. > > Connection closed by foreign host. > > > > > > Dovecot 2.2.21 > > > > # telnet SERVER 143 > > Trying SERVER... > > Connected to SERVER. > > Escape character is '^]'. > > * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE > IDLE > > AUTH=PLAIN] Zimbra IMAP4. > > a login conta at conta.com.br 1223456 > > a OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE > IDLE > > SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS THREAD=ORDEREDSUBJECT > > MULTIAPPEND URL-PARTIAn > > a select INBOX > > * FLAGS (\Answered \Flagged \Deleted \Seen \Draft) > > * OK [PERMANENTFLAGS (\Answered \Flagged \Deleted \Seen \Draft \*)] Flags > > permitted. > > * 14 EXISTS > > * 0 RECENT > > * OK [UIDVALIDITY 1452548222] UIDs valid > > * OK [UIDNEXT 25] Predicted next UID > > * OK [HIGHESTMODSEQ 52] Highest > > a OK [READ-WRITE] Select completed (0.000 + 0.000 secs). > > a SEARCH text "anderson" > > * SEARCH 11 12 (2 found emails) > > a OK Search completed (0.004 + 0.000 secs). > > a SEARCH text "joao" (2 found emails) > > * SEARCH 13 14 > > a OK Search completed (0.005 + 0.000 secs). > > a SEARCH text "anderson.joao" > > * SEARCH 11 12 13 14 *(4 found emails)* > > a OK Search completed (0.005 + 0.000 secs). > > a logout > > * BYE Logging out > > a OK Logout completed. > > Connection closed by foreign host. > > > > Even using characters Special "" \ scape, ' ' for an answer will always > be > > all emails with the word anderson and joao. > > Checking the Changelog dovecot noticed que NAS versions Previous v2.2.20 > > and v2.2.19 certain changes with respect to fts . > > > > There Have Another way to Make Search for Exact Word In this new version > to > > loft? > > This is most likely fixed by > https://github.com/dovecot/core/commit/f3b0efdcbd0bd9059574c8f86d6cb43e16c8e521 > The fix will be included in 2.2.22, which will hopefully be released some > time mid-march. > If you can, please test with a build from current git master tip and let > us know, if it does not. > > br, > Teemu Huovila > -- Anderson Barbosa dos Santos msn: obiwan_kenob at hotmail.com Em todo o universo, nada existe de mais parecido com Deus que o sil?ncio. "Johanes Eckhart" From gordon.grubert+lists at uni-greifswald.de Mon Feb 29 15:18:21 2016 From: gordon.grubert+lists at uni-greifswald.de (Gordon Grubert) Date: Mon, 29 Feb 2016 16:18:21 +0100 Subject: Timout for LDAP connection Message-ID: <56D4613D.5050805@uni-greifswald.de> Hi, we are using a round robin dns record for connections to our ldap system. This works fine for almost all cases. In particular, for dovecot does this mean, when an ldap server is stopped, dovecot instantly reconnects to another ldap server. But when the network connection to the active ldap server is broken, dovecot sticks to the failed ldap server. Is there any possibility to define a connection timeout? This is our current configuration for the ldap connection: # 2.2.devel (2d8f665): /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.devel (0de2a19) # OS: Linux 3.16.0-4-amd64 x86_64 Debian 8.3 uris = ldaps://LDAP-SERVER dn = BINDDN dnpass = BINDPASS auth_bind = yes ldap_version = 3 base = BASEDN scope = subtree user_attrs= ATTRIBUTES user_filter = USERFILTER pass_filter = PASSFILTER iterate_filter = ITERATEFILTER Best regards, Gordon -- Technischer Leiter & stellv. Direktor Universit?tsrechenzentrum (URZ) E.-M.-Arndt-Universit?t Greifswald Felix-Hausdorff-Str. 12 17489 Greifswald Germany Tel. +49 3834 86 1456 Fax. +49 3834 86 1401 From ricardomachini at gmail.com Mon Feb 29 21:31:54 2016 From: ricardomachini at gmail.com (Ricardo Machini Barbosa) Date: Mon, 29 Feb 2016 18:31:54 -0300 Subject: Inconsistent mdbox index while running doveadm altmove Message-ID: <085a01d17338$aa2ec650$fe8c52f0$@gmail.com> Hello, I was performing doveadm altmove for one account while this mailbox was being accessed. Dovecot version: 2.2.21 Mailbox format: mdbox Command: doveadm altmove -u user1 at domain.com.br before 360d This command took about 5 minutes to finish and during the execution I found some log messages: Feb 25 19:57:51 dovecot: imap(user1 at domain.com.br): Error: mdbox map /var/mail/user1/mdbox/storage/dovecot.map.index corrupted: Unexpectedly lost INBOX uid=77 map_uid=76 Feb 25 19:57:51 dovecot: imap(user1 at domain.com.br): Internal error occurred. Refer to server log for more information. [2016-02-25 19:57:51] in=4798 out=1361819 deleted=0 expunged=0 trashed=0 Feb 25 19:57:51 dovecot: imap(user1 at domain.com.br): Warning: fscking index file /var/mail/user1/mdbox/storage/dovecot.map.index Feb 25 19:58:15 dovecot: imap(user1 at domain.com.br): Error: /var/mail/user1/mdbox/mailboxes/INBOX/dbox-Mails/dovecot.index reset, view is now inconsistent Feb 25 19:58:20 dovecot: imap(user1 at domain.com.br): Error: /var/mail/user1/mdbox/mailboxes/Rascunhos/dbox-Mails/dovecot.index reset, view is now inconsistent After that these messages moved to alternate storage disappeared from the mailbox/IMAP but these files were all on alternative storage. I had to execute doveadm force-resync -u user1 at domain.com.br INBOX to recovery this mailbox, but losing all e-mail's flags. I should do some kind of lock before running the command altmove ? Regards, Ricardo From tj at terramar.net Mon Feb 29 21:45:16 2016 From: tj at terramar.net (Tom Johnson) Date: Mon, 29 Feb 2016 13:45:16 -0800 Subject: Returning custom autoexpunge for user's INBOX Message-ID: <776B1657-FE9F-40F1-836B-0412E54A9211@terramar.net> I want to be able to have custom autoexpunge settings for different users. I have it working for various folders (draft, junk, trash), but I can't seem to get it working for the user's primary inbox. In my user_query (I'm using mysql), I'm returning entries like this in the userdb_import field: namespace/inbox/mailbox/autoexpunge=5d namespace/inbox/mailbox/Drafts/autoexpunge=5d namespace/inbox/mailbox/Junk/autoexpunge=5d namespace/inbox/mailbox/Trash/autoexpunge=5d And everything works fine for Drafts, Junk, and Trash, but not for the main inbox. The logs show: Debug: Unknown userdb setting: plugin/namespace/inbox/mailbox/autoexpunge=5d I've also tried variations, trying to get the namespace correct for the main inbox, but they all get the same "Unknown userdb setting" error: namespace/inbox/mailbox/autoexpunge=5d namespace/inbox/mailbox/inbox/autoexpunge=5d namespace/inbox/mailbox/Inbox/autoexpunge=5d namespace/inbox/mailbox/INBOX/autoexpunge=5d I suspect I'm just giving the wrong namespace for the primary inbox. What's the right way to do this? Tom From tj at terramar.net Mon Feb 29 22:00:57 2016 From: tj at terramar.net (Tom Johnson) Date: Mon, 29 Feb 2016 14:00:57 -0800 Subject: Returning custom autoexpunge for user's INBOX In-Reply-To: <776B1657-FE9F-40F1-836B-0412E54A9211@terramar.net> References: <776B1657-FE9F-40F1-836B-0412E54A9211@terramar.net> Message-ID: I wrote: > I want to be able to have custom autoexpunge settings for different users. > Sorry to follow up on my own post - but will it work if I define the inbox explicitly in 15-mailboxes.conf? Does this syntax properly set autoexpunge for the inbox? namespace inbox { separator = . # These mailboxes are widely used and could perhaps be created automatically: mailbox Inbox { autoexpunge = 0 } ..... Will this give me no autoexpunge by default, and then allow me to override it in with via userdb_import in my sql query? At first glance it doesn't throw an error - I just want to be sure that autoexpunge is disabled when it's explicitly sent to zero, and that I'm correctly referencing the inbox in 15-mailboxes.conf and in userdb_import (namespace/inbox/mailbox/INBOX/autoexpunge=5d). Tom