From dovecot at jl.wasmer.ca Thu Sep 1 01:01:39 2016 From: dovecot at jl.wasmer.ca (Jean-Luc Wasmer) Date: 31 Aug 2016 21:01:39 -0400 Subject: Dsync config help In-Reply-To: <5a5a942632bb6b92822b392d451cffd1@mail.wasmer.ca> References: <7B55E762-6089-4269-B3DC-8FACB61F70FA@jl.wasmer.ca> <5a5a942632bb6b92822b392d451cffd1@mail.wasmer.ca> Message-ID: I was able to workaround the ?Error: sync: /var/run/dovecot/auth-userdb: Configured passdbs don?t support credentials lookups (to see if user is proxied, because doveadm_port is set)? problem:? => I simply disabled ?doveadm_port? and added the port number at the end of the remote URL in ?mail_replica? Replication seems to work although I have regular errors (idk if they are related to each other or not). I?ve attached excerpts from the log files but here are the different errors: - out of memory errors: Aug 31 21:37:10 serverA dovecot: replicator: Panic: data stack: Out of memory when allocating 268435496 bytes - timeout errors: Aug 31 21:36:41 serverA dovecot: dsync-server(user1): Warning: replication(user1): Sync failure: Timeout in 2 secs Aug 31 21:37:09 serverA dovecot: dsync-local(user1): Error: Couldn't lock /home/user1/.dovecot-sync.lock: Timed out after 30 seconds Aug 31 21:38:34 serverA dovecot: imap(user2): Warning: replication(user2): Sync failure: Timeout in 2 secs - permission denied errors: Aug 31 21:37:14 serverA dovecot: dsync-server(user2): Error: net_connect_unix(/var/run/dovecot/replicator-doveadm) failed: Permission denied I also get errors for user ?nobody? with uid?65534. To avoid them I added? 10-mail.conf:first_valid_uid = 2000 10-mail.conf:last_valid_uid = 3000 but I still get some errors, different ones now: Sep ?1 00:13:42 shaun dovecot: doveadm(a.b.c.d,nobody): Error: Mail access for users with UID 65534 not permitted (see first_valid_uid in config file, uid from userdb lookup). Sep ?1 00:13:42 shaun dovecot: doveadm(a.b.c.d,nobody): Error: dsync-server: User init failed Sep ?1 00:14:00 shaun dovecot: doveadm(nobody): Error: sync: Failed to start remote dsync-server command: Remote exit_code=75 Jean-Luc > On Aug 31, 2016, at 12:02 AM, Jean-Luc Wasmer wrote: > > > Hi, > > > I'm trying to sync emails between server A and B. > A has replicator, aggregator and doveadm. > B only has doveadm for now. > > > I'm getting the following error: > > > Error: sync: /var/run/dovecot/auth-userdb: Configured passdbs don't? > support credentials lookups (to see if user is proxied, because? > doveadm_port is set) > > > I'm not sure why I'm getting this error because I authenticate using PAM? > and when I run > I do have a "service auth" enabled though... it's used for Postfix SASL? > to authenticate SMTP. > > > I'm running > > > # dovecot --version > 2.2.24 (a82c823) > > > > > > Cheers, > Jean-Luc > > > > > > PS: "replication_sync_timeout = 2s" doesn't work, I had to drop the 's' > > > > > > On 2016-08-28 17:43, Jean-Luc Wasmer wrote: >> >> >> Hi, >> >> >> >> >> >> I?m having a hard time with the?http://wiki2.dovecot.org/Replication >> ?page. >> >> >> >> >> >> - for a master-master setup, does the configuration need to be >> mirrored on both masters? >> >> >> >> >> >> >> >> >> - after aggregating unrelated sections of the wiki page, there seems >> to be 3 different values for ?mail_replica": >> - "remote?: for SSH >> - ?remoteprefix": for SSH wrapper >> - ?tcp?: for?TCP connection using the?Doveadm protocol >> Is this correct? >> >> >> >> >> >> - what?s the purpose of the?replicator VS?aggregator VS?doveadm? >> services? >> Who talks to who? Where can I find documentation about their >> configuration (i.e. not examples) >> >> >> >> >> >> - most examples are for a single vmail user setup? what should be done >> when using system accounts? >> >> >> >> >> >> Thanks, >> Jean-Luc >> -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: replication-errors.txt URL: From Raymond.Sellars at orionhealth.com Thu Sep 1 01:59:33 2016 From: Raymond.Sellars at orionhealth.com (Raymond Sellars) Date: Thu, 1 Sep 2016 01:59:33 +0000 Subject: Use of obox2 and AWS S3 Message-ID: Hi Has anyone used or is using dovecot obox and S3 storage? I see very little chatter or documentation on it. Interested in how mature it is and technical items such as high availability and region replication. I'm guessing that multiple updates to a S3 mailbox is mitigated via the standard dovecot pattern of Director pointing multiple user sessions to a single/common dovecot node. And for disaster recovery - that's out of scope of dovecot and more reliant on S3 replication? Any one running a dovecot solution within AWS in general? Interested in best practice for the storage layer. Although NFS is possible its not really optimised for elastic cloud type hosting. Thanks Raymond From piper at hrz.uni-marburg.de Thu Sep 1 05:03:00 2016 From: piper at hrz.uni-marburg.de (Piper Andreas) Date: Thu, 1 Sep 2016 07:03:00 +0200 Subject: 2.2.25 dumps core with "Panic: file imap-client.c: line 837 (client_check_command_hangs): assertion failed: (client->io != NULL)" In-Reply-To: References: <52dc785a-b2b6-33df-7d8a-e6f3520969e9@hrz.uni-marburg.de> Message-ID: Hi Jake, thanks for fixing this. I have installed now the newly built package on my production system and will report, if any more core dumps occur. Regards, Andreas Am 31.08.2016 um 20:19 schrieb Jake Goerzen: > Hi Andreas & Timo, > > > I've found out what is causing the incorrect hash in the built > packages. Our build system use here at OpenCSW has internal git > patching capability. I disabled it and rebuild again. This time all > architectures and memory model's are reporting the correct git-commit > hash 7be1766. Thank you Andreas for noticing and reporting this. > > > regards, > > Jake > > > On 08/31/2016 06:17 AM, Piper Andreas wrote: >> Hello Timo, >> >> from the maintainer of the OpenCSW package I got the below answer. >> >> As the newly build package yields another different commit hash (which I >> cannot find on GitHub too), I would ask, if you are sure that the commit >> hash-output in 'doveconf -n' is generated correctly? >> >> The headline of 'doveconf -n' with the newly build package is >> # 2.2.25 (68082dc): /etc/opt/csw/dovecot/dovecot.conf >> >> Many thanks for your help, >> Andreas >> >> -------- Weitergeleitete Nachricht -------- >> Betreff: Re: OpenCSW question about package CSWdovecot >> Datum: Tue, 30 Aug 2016 08:56:44 -0700 >> Von: jgoerzen >> An: piper at hrz.uni-marburg.de >> >> Hello Andreas, >> >> >> The OpenCSW dovecot package was built using the 2.2.25 version >> release tarball. No code changes or patches have been applied. I'm not >> sure what happened. I will respin new packages and then check to see if >> the git-commit hash is correct. When the packages are done building >> I'll put them in the experimental catalog: >> >> >> http://buildfarm.opencsw.org/experimental.html#jgoerzen >> >> >> Thanks, >> >> Jake >> >> >> >> >> >> >> >> On 08/29/2016 11:59 PM, piper at hrz.uni-marburg.de wrote: >>> Hello, >>> >>> with your newest dovecot-package 2.2.25,REV=2016.07.01, I sometimes >>> get core-dumps as documented in my bug-report at the >>> dovecot-mailing-list: >>> http://dovecot.org/list/dovecot/2016-August/105321.html >>> In reaction to my bug-report, Timo Sirainen asks, which git-commit of >>> the dovecot-sources was used for this package: >>> http://dovecot.org/list/dovecot/2016-August/105332.html >>> >>> Could you shed some light on this? >>> >>> Thanks a lot, >>> Andreas >> > -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 5176 bytes Desc: S/MIME Cryptographic Signature URL: From aki.tuomi at dovecot.fi Thu Sep 1 06:02:24 2016 From: aki.tuomi at dovecot.fi (Aki Tuomi) Date: Thu, 1 Sep 2016 09:02:24 +0300 Subject: dovecot and ldap with problem on userdb In-Reply-To: References: Message-ID: On 31.08.2016 19:24, Averlon GmbH (in Gr?ndung) wrote: > Hi, > I have setup a new ubuntu on 16.04.. > I have already a running system on 14.04 but wanted to migrate. > > I get an error when checking user in ldap. > > I get another error with some file permissions on auth-userdb which I was > not able to overcome sofar. > > Help appreciated. > > > Mit freundlichenGr??en / Kind Regards > Kallewirsch Your problem is in postfix config, possibly some virtual user mapping or aliasing. Aki From aki.tuomi at dovecot.fi Thu Sep 1 06:09:51 2016 From: aki.tuomi at dovecot.fi (Aki Tuomi) Date: Thu, 1 Sep 2016 09:09:51 +0300 Subject: Use of obox2 and AWS S3 In-Reply-To: References: Message-ID: <4a804ebf-fbb2-b06d-7364-7dd3b342a1a4@dovecot.fi> On 01.09.2016 04:59, Raymond Sellars wrote: > Hi > > Has anyone used or is using dovecot obox and S3 storage? I see very little chatter or documentation on it. > > Interested in how mature it is and technical items such as high availability and region replication. > > I'm guessing that multiple updates to a S3 mailbox is mitigated via the standard dovecot pattern of Director pointing multiple user sessions to a single/common dovecot node. > > And for disaster recovery - that's out of scope of dovecot and more reliant on S3 replication? > > > Any one running a dovecot solution within AWS in general? Interested in best practice for the storage layer. Although NFS is possible its not really optimised for elastic cloud type hosting. > > Thanks > Raymond Hi! Obox2 is a commercial product not available as open source, which is probably why there is very little chatter about it. Obox2 itself is used in many large installations at the moment and is considered mature. S3 is not that widely used. If you are interested to find out more about obox2 I invite you to contact our sales for more discussion. Aki Tuomi Dovecot oy From c38sgzkz at averlon.net Thu Sep 1 10:43:56 2016 From: c38sgzkz at averlon.net (=?iso-8859-1?Q?Averlon_GmbH_=28in_Gr=FCndung=29?=) Date: Thu, 1 Sep 2016 12:43:56 +0200 Subject: AW: dovecot and ldap with problem on userdb In-Reply-To: References: Message-ID: Hi, thanks for the valuable hint. I have already tried to search for this. This is my postfix config. +++ postconf -n alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases append_dot_mydomain = no biff = no bounce_queue_lifetime = 1h command_directory = /usr/sbin compatibility_level = 2 content_filter = smtp-amavis:[127.0.0.1]:10024 daemon_directory = /usr/lib/postfix/sbin data_directory = /var/lib/postfix debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5 home_mailbox = Maildir/ inet_interfaces = all inet_protocols = all mail_spool_directory = /var/spool/mail mailbox_size_limit = 0 maximal_backoff_time = 15m maximal_queue_lifetime = 1h message_size_limit = 10240000 minimal_backoff_time = 5m mydestination = $myhostname, localhost.$mydomain, localhost mydomain = av.loc myhostname = mail.av.loc mynetworks = 127.0.0.0/8, 192.168.110.0/24, 192.168.111.0/24, 192.168.114.150, 192.168.114.151 myorigin = /etc/mailname queue_run_delay = 5m readme_directory = no recipient_delimiter = + relayhost = smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/etc/postfix/av_smtp_auth.cf smtp_sasl_security_options = noanonymous smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt smtp_tls_ciphers = high smtp_tls_protocols = !SSLv2, !SSLv3 smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) smtpd_relay_restrictions = permit_sasl_authenticated permit_mynetworks check_relay_domains reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = $myhostname smtpd_sasl_security_options = noanonymous smtpd_sender_restrictions = reject_unknown_sender_domain permit_mynetworks permit_sasl_authenticated warn_if_reject smtpd_tls_CAfile = /etc/ssl/certs/ca-certificates.crt smtpd_tls_auth_only = yes smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key smtpd_tls_loglevel = 3 smtpd_tls_received_header = yes smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtpd_tls_session_cache_timeout = 3600s smtpd_use_tls = yes tls_high_cipherlist = EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA256:EECDH:+CAMELLIA128 :+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!IDE A:!ECDSA:kEDH:CAMELLIA128-SHA:AES128-SHA tls_random_source = dev:/dev/urandom tls_ssl_options = NO_COMPRESSION unknown_local_recipient_reject_code = 550 unverified_sender_reject_reason = "av - Address verification failed" virtual_alias_maps = hash:/etc/postfix/av_aliases.cf virtual_mailbox_base = /var/av_vmail virtual_mailbox_domains = /etc/postfix/av_domains.cf virtual_mailbox_limit = 0 virtual_mailbox_maps = ldap:/etc/postfix/av_accounts.cf virtual_transport = lmtp:unix:private/dovecot-lmtp postconf: warning: /etc/postfix/main.cf: unused parameter: i#setgid_group= +++ Could you probably identify the area based on your knowledge where it could be? ldap:/etc/postfix/av_accounts.cf = +++ # # check recipient mailbox destination # server_host = localhost search_base = ou=people,dc=av,dc=loc bind = yes bind_dn = cn=xxx bind_pw = xxx query_filter = (&(objectClass=posixAccount)(mail=%s)) result_attribute = mail result_format = %s/Maildir/ debuglevel = 1 +++ Mit freundlichenGr??en / Kind Regards Kallewirsch -----Urspr?ngliche Nachricht----- Von: dovecot [mailto:dovecot-bounces at dovecot.org] Im Auftrag von Aki Tuomi Gesendet: Donnerstag, 1. September 2016 08:02 An: dovecot at dovecot.org Betreff: Re: dovecot and ldap with problem on userdb On 31.08.2016 19:24, Averlon GmbH (in Gr?ndung) wrote: > Hi, > I have setup a new ubuntu on 16.04.. > I have already a running system on 14.04 but wanted to migrate. > > I get an error when checking user in ldap. > > I get another error with some file permissions on auth-userdb which I > was not able to overcome sofar. > > Help appreciated. > > > Mit freundlichenGr??en / Kind Regards > Kallewirsch Your problem is in postfix config, possibly some virtual user mapping or aliasing. Aki From piper at hrz.uni-marburg.de Thu Sep 1 11:20:53 2016 From: piper at hrz.uni-marburg.de (Piper Andreas) Date: Thu, 1 Sep 2016 13:20:53 +0200 Subject: 2.2.25 dumps core with "Panic: file imap-client.c: line 837 (client_check_command_hangs): assertion failed: (client->io != NULL)" In-Reply-To: References: <52dc785a-b2b6-33df-7d8a-e6f3520969e9@hrz.uni-marburg.de> Message-ID: Hello Timo, with the newly build CSW-package the crashes still occur, today already twice within two hours. The log shows always the same: Sep 1 11:50:13 surz113 dovecot: [ID 583609 mail.crit] imap(user): Panic: file imap-client.c: line 837 (client_check_command_hangs): assertion failed: (client->io != NULL) Sep 1 11:50:13 surz113 dovecot: [ID 583609 mail.error] imap(user): Error: Raw backtrace: 0xffff80ffb633d88d -> 0xffff80ffb636ae82 -> 0x41eba0 -> 0x41ecf3 -> 0xffff80ffb635d248 -> 0xffff80ffb6350d2f -> 0xffff80ffb63519e0 -> 0xffff80ffb6350dce -> 0xffff80ffb6350f90 -> 0xffff80ffb62e3ebb -> 0x42f169 -> 0x41292c Sep 1 11:50:13 surz113 dovecot: [ID 583609 mail.crit] imap(user): Fatal: master: service(imap): child 11227 killed with signal 6 (core not dumped - set service imap { drop_priv_before_exec=yes }) This happens with different users, the last one with a relatively small mailbox of 600MB. doveconf -n is attached. Dovecot 2.2.25 OS: Solaris 11 (SunOS 5.11 11.3 i86pc i386 i86pc) Virtualization: VMware Filesystem: ZFS active users: ~4000 The system was transferred at beginning of last week from an old SPARC-station with Solaris 10 running dovecot-2.2.15 to this virtualized platform under VMware. The mailboxes (maildir-format) were transferred without change by switching the storage-hardware to the new server. I had to remove all dovecot.index*-files for errors of "CPU Architecture changed", but after doing this all seemed to work ok except for these occasional crashes. If you need more information, please let me know. Thanks for any help, Andreas > Hi Jake, > > thanks for fixing this. I have installed now the newly built package on > my production system and will report, if any more core dumps occur. > > Regards, > Andreas > -------------- next part -------------- # 2.2.25 (7be1766): /etc/opt/csw/dovecot/dovecot.conf # OS: SunOS 5.11 i86pc auth_cache_negative_ttl = 0 auth_cache_size = 10 M auth_master_user_separator = * auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_ auth_username_format = %u auth_worker_max_count = 1024 base_dir = /var/run/dovecot/ default_vsz_limit = 2 G first_valid_gid = 30000 first_valid_uid = 30000 mail_location = maildir:%h/.maildir mail_plugins = " mail_log notify" mail_privileged_group = mail namespace { hidden = no inbox = yes list = yes location = maildir:%h/.maildir prefix = separator = / subscriptions = yes type = private } namespace inbox { hidden = yes inbox = no list = no location = maildir:%h/.maildir prefix = mail/ separator = / subscriptions = no type = private } passdb { args = /etc/dovecot.deny deny = yes driver = passwd-file } passdb { args = /etc/opt/csw/dovecot/private/passwd.masterusers driver = passwd-file master = yes } passdb { args = blocking=yes cache_key=%u%s * driver = pam } pop3_uidl_format = %08Xv%08Xu postmaster_address = postmaster at staff.uni-marburg.de protocols = imap pop3 service auth-worker { user = $default_internal_user } service auth { client_limit = 6000 } service imap-login { process_min_avail = 64 service_count = 0 } service imap { process_limit = 6000 } ssl_cert = From bytesplit at gmail.com Thu Sep 1 11:56:17 2016 From: bytesplit at gmail.com (Philon) Date: Thu, 1 Sep 2016 13:56:17 +0200 Subject: autoexpunge clarification In-Reply-To: <009c01d2039e$85e996c0$91bcc440$@mefox.org> References: <005a01d202bb$cc722be0$655683a0$@mefox.org> <52A12F10-9DE1-4A33-8F65-CC3460EF05F4@googlemail.com> <009c01d2039e$85e996c0$91bcc440$@mefox.org> Message-ID: Hi Michael you are correct I guess based on your assumptions. autoexpunge kicks in on user interaction either by email delivery or a user checking in. If both does not occour then no cleanup will happen. Question would be if there is that much to cleanup in this case. A user not logging in for long time and not receiving any emails? seems inactive to me. Ok, he might have put all his mails to the trash and this was not emptied before he went for his sabatical. But the use case seems to be in the n<10 range!? A monthly cronjob could be sufficent in this case? I?m quite happy with the expire plugin and SQL timestamping. Using this the cronjob only checks through the listed folders and not all users. Slim approach! And for me a cleanup once per day is at least currently more than enough. Philon > Am 31.08.2016 um 17:44 schrieb Michael Fox : > > Thanks Philon, > > I did read the extra bullets, as indicated in my email below. But your "When the user quits and thus closes his mailbox/connection" is more clear than "after the client is already disconnected", since the latter is really anytime, rather than at the time they quit. > > I can guess that the bulletin about LMTP similarly means at the end of each time LMTP delivers mail to the mailbox. > > Assuming that is true, then the problem I see with autoexpunge is that it doesn't address the case of a user that has not logged in nor received mail in that mailbox for the specified time. Those messages would apparently stay forever. Correct? > > And, if that's true, then the cron job seems like the only way to expunge all old messages. Correct? > > Thanks, > Michael From aki.tuomi at dovecot.fi Thu Sep 1 12:17:49 2016 From: aki.tuomi at dovecot.fi (Aki Tuomi) Date: Thu, 1 Sep 2016 15:17:49 +0300 Subject: 2.2.25 dumps core with "Panic: file imap-client.c: line 837 (client_check_command_hangs): assertion failed: (client->io != NULL)" In-Reply-To: References: <52dc785a-b2b6-33df-7d8a-e6f3520969e9@hrz.uni-marburg.de> Message-ID: <57b2f57f-3643-6198-f800-1cbb200ee6c8@dovecot.fi> On 01.09.2016 14:20, Piper Andreas wrote: > Hello Timo, > > with the newly build CSW-package the crashes still occur, today already > twice within two hours. The log shows always the same: > > Sep 1 11:50:13 surz113 dovecot: [ID 583609 mail.crit] imap(user): > Panic: file imap-client.c: line 837 (client_check_command_hangs): > assertion failed: (client->io != NULL) > Sep 1 11:50:13 surz113 dovecot: [ID 583609 mail.error] imap(user): > Error: Raw backtrace: 0xffff80ffb633d88d -> 0xffff80ffb636ae82 -> > 0x41eba0 -> 0x41ecf3 -> 0xffff80ffb635d248 -> 0xffff80ffb6350d2f -> > 0xffff80ffb63519e0 -> 0xffff80ffb6350dce -> 0xffff80ffb6350f90 -> > 0xffff80ffb62e3ebb -> 0x42f169 -> 0x41292c > Sep 1 11:50:13 surz113 dovecot: [ID 583609 mail.crit] imap(user): > Fatal: master: service(imap): child 11227 killed with signal 6 (core not > dumped - set service imap { drop_priv_before_exec=yes }) > > This happens with different users, the last one with a relatively small > mailbox of 600MB. > > doveconf -n is attached. > > Dovecot 2.2.25 > OS: Solaris 11 (SunOS 5.11 11.3 i86pc i386 i86pc) > Virtualization: VMware > Filesystem: ZFS > active users: ~4000 > > The system was transferred at beginning of last week from an old > SPARC-station with Solaris 10 running dovecot-2.2.15 to this virtualized > platform under VMware. The mailboxes (maildir-format) were transferred > without change by switching the storage-hardware to the new server. I > had to remove all dovecot.index*-files for errors of "CPU Architecture > changed", but after doing this all seemed to work ok except for these > occasional crashes. > > If you need more information, please let me know. > > Thanks for any help, > Andreas > >> Hi Jake, >> >> thanks for fixing this. I have installed now the newly built package on >> my production system and will report, if any more core dumps occur. >> >> Regards, >> Andreas >> Hi! Is it possible for you test out a small patch (attached) to see if it fixes this issue? Aki -------------- next part -------------- A non-text attachment was scrubbed... Name: test.diff Type: text/x-patch Size: 569 bytes Desc: not available URL: From news at mefox.org Thu Sep 1 13:53:03 2016 From: news at mefox.org (Michael Fox) Date: Thu, 1 Sep 2016 06:53:03 -0700 Subject: autoexpunge clarification In-Reply-To: References: <005a01d202bb$cc722be0$655683a0$@mefox.org> <52A12F10-9DE1-4A33-8F65-CC3460EF05F4@googlemail.com> <009c01d2039e$85e996c0$91bcc440$@mefox.org> Message-ID: <005301d20458$29924290$7cb6c7b0$@mefox.org> Thanks Philon. In one of my situations, the potential for such old mail in accounts where the user is not receiving new mail or logging in is large. For example, one application is for an emergency auxiliary mail service. It can be heavily used during training, drills and, of course, emergencies. But otherwise, any leftover mail will likely sit there until the next training, drill, or emergency. The account is still valid and should not be removed. But we'd like the mails to be removed so this old mail isn't dumped on the user the next time they connect, especially since some may connect via lower-speed radio links. It looks like I'll definitely need to use the expunge plugin with a cron job. Thanks again for the clarifications. Michael From dovecot at jl.wasmer.ca Thu Sep 1 17:58:29 2016 From: dovecot at jl.wasmer.ca (Jean-Luc Wasmer) Date: Thu, 01 Sep 2016 13:58:29 -0400 Subject: Dsync config help In-Reply-To: References: <7B55E762-6089-4269-B3DC-8FACB61F70FA@jl.wasmer.ca> <5a5a942632bb6b92822b392d451cffd1@mail.wasmer.ca> Message-ID: <9cf29f067362582df37d678706583e6f@mail.wasmer.ca> Looks like I'm having a conversation with myself! lol To avoid the timeouts, I removed the "replication_sync_timeout" setting. It did work and also I don't get the "out of memory errors". I guess they were related. I also figured the "permission denied" errors: there was a typo in one of the "mode" in my config file. So to recap, here are the issues I couldn't fix: - replication_sync_timeout generates a lot of time out error resulting in out of memory errors. - users outside the valid uid range [first_valid_uid;last_valid_uid] won't be synced but will still generate a lot of errors The wiki page is of poor quality... it would need to be rewritten. I'm willing to do it if someone can tell me how to go about doing that. I'n not expecting any reply though... Cheers, Jean-Luc On 2016-08-31 21:01, Jean-Luc Wasmer wrote: > I was able to workaround the ?Error: sync: > /var/run/dovecot/auth-userdb: Configured passdbs don?t support > credentials lookups (to see if user is proxied, because doveadm_port > is set)? problem:? > > => I simply disabled ?doveadm_port? and added the port number at the > end of the remote URL in ?mail_replica? > > > Replication seems to work although I have regular errors (idk if they > are related to each other or not). > I?ve attached excerpts from the log files but here are the different > errors: > > > - out of memory errors: > Aug 31 21:37:10 serverA dovecot: replicator: Panic: data stack: Out of > memory when allocating 268435496 bytes > > > > - timeout errors: > > Aug 31 21:36:41 serverA dovecot: dsync-server(user1): Warning: > replication(user1): Sync failure: Timeout in 2 secs > > Aug 31 21:37:09 serverA dovecot: dsync-local(user1): Error: Couldn't > lock /home/user1/.dovecot-sync.lock: Timed out after 30 seconds > > Aug 31 21:38:34 serverA dovecot: imap(user2): Warning: > replication(user2): Sync failure: Timeout in 2 secs > > > > - permission denied errors: > > Aug 31 21:37:14 serverA dovecot: dsync-server(user2): Error: > net_connect_unix(/var/run/dovecot/replicator-doveadm) failed: > Permission denied > > > > > > I also get errors for user ?nobody? with uid?65534. To avoid them I > added? > 10-mail.conf:first_valid_uid = 2000 > 10-mail.conf:last_valid_uid = 3000 > > > > but I still get some errors, different ones now: > > > Sep ?1 00:13:42 shaun dovecot: doveadm(a.b.c.d,nobody): Error: Mail > access for users with UID 65534 not permitted (see first_valid_uid in > config file, uid from userdb lookup). > Sep ?1 00:13:42 shaun dovecot: doveadm(a.b.c.d,nobody): Error: > dsync-server: User init failed > Sep ?1 00:14:00 shaun dovecot: doveadm(nobody): Error: sync: Failed to > start remote dsync-server command: Remote exit_code=75 > > > > > > Jean-Luc > > > >> On Aug 31, 2016, at 12:02 AM, Jean-Luc Wasmer >> wrote: >> >> >> Hi, >> >> >> I'm trying to sync emails between server A and B. >> A has replicator, aggregator and doveadm. >> B only has doveadm for now. >> >> >> I'm getting the following error: >> >> >> Error: sync: /var/run/dovecot/auth-userdb: Configured passdbs don't? >> support credentials lookups (to see if user is proxied, because? >> doveadm_port is set) >> >> >> I'm not sure why I'm getting this error because I authenticate using >> PAM? >> and when I run >> I do have a "service auth" enabled though... it's used for Postfix >> SASL? >> to authenticate SMTP. >> >> >> I'm running >> >> >> # dovecot --version >> 2.2.24 (a82c823) >> >> >> >> >> >> Cheers, >> Jean-Luc >> >> >> >> >> >> PS: "replication_sync_timeout = 2s" doesn't work, I had to drop the >> 's' >> >> >> >> >> >> On 2016-08-28 17:43, Jean-Luc Wasmer wrote: >>> >>> >>> Hi, >>> >>> >>> >>> >>> >>> I?m having a hard time with the?http://wiki2.dovecot.org/Replication >>> ?page. >>> >>> >>> >>> >>> >>> - for a master-master setup, does the configuration need to be >>> mirrored on both masters? >>> >>> >>> >>> >>> >>> >>> >>> >>> - after aggregating unrelated sections of the wiki page, there seems >>> to be 3 different values for ?mail_replica": >>> - "remote?: for SSH >>> - ?remoteprefix": for SSH wrapper >>> - ?tcp?: for?TCP connection using the?Doveadm protocol >>> Is this correct? >>> >>> >>> >>> >>> >>> - what?s the purpose of the?replicator VS?aggregator VS?doveadm? >>> services? >>> Who talks to who? Where can I find documentation about their >>> configuration (i.e. not examples) >>> >>> >>> >>> >>> >>> - most examples are for a single vmail user setup? what should be >>> done >>> when using system accounts? >>> >>> >>> >>> >>> >>> Thanks, >>> Jean-Luc >>> From aki.tuomi at dovecot.fi Thu Sep 1 18:09:42 2016 From: aki.tuomi at dovecot.fi (Aki Tuomi) Date: Thu, 1 Sep 2016 21:09:42 +0300 (EEST) Subject: Dsync config help In-Reply-To: <9cf29f067362582df37d678706583e6f@mail.wasmer.ca> References: <7B55E762-6089-4269-B3DC-8FACB61F70FA@jl.wasmer.ca> <5a5a942632bb6b92822b392d451cffd1@mail.wasmer.ca> <9cf29f067362582df37d678706583e6f@mail.wasmer.ca> Message-ID: <1095859261.990.1472753383458@appsuite-dev.open-xchange.com> Hi! You can either send me the new text or I can send you the "password". Aki Tuomi Dovecot oy > On September 1, 2016 at 8:58 PM Jean-Luc Wasmer wrote: > > > Looks like I'm having a conversation with myself! lol > > To avoid the timeouts, I removed the "replication_sync_timeout" setting. > It did work and also I don't get the "out of memory errors". I guess > they were related. > I also figured the "permission denied" errors: there was a typo in one > of the "mode" in my config file. > > > So to recap, here are the issues I couldn't fix: > > - replication_sync_timeout generates a lot of time out error resulting > in out of memory errors. > > - users outside the valid uid range [first_valid_uid;last_valid_uid] > won't be synced but will still generate a lot of errors > > > The wiki page is of poor quality... it would need to be rewritten. I'm > willing to do it if someone can tell me how to go about doing that. I'n > not expecting any reply though... > > Cheers, > Jean-Luc > > On 2016-08-31 21:01, Jean-Luc Wasmer wrote: > > I was able to workaround the ?Error: sync: > > /var/run/dovecot/auth-userdb: Configured passdbs don?t support > > credentials lookups (to see if user is proxied, because doveadm_port > > is set)? problem: > > > > => I simply disabled ?doveadm_port? and added the port number at the > > end of the remote URL in ?mail_replica? > > > > > > Replication seems to work although I have regular errors (idk if they > > are related to each other or not). > > I?ve attached excerpts from the log files but here are the different > > errors: > > > > > > - out of memory errors: > > Aug 31 21:37:10 serverA dovecot: replicator: Panic: data stack: Out of > > memory when allocating 268435496 bytes > > > > > > > > - timeout errors: > > > > Aug 31 21:36:41 serverA dovecot: dsync-server(user1): Warning: > > replication(user1): Sync failure: Timeout in 2 secs > > > > Aug 31 21:37:09 serverA dovecot: dsync-local(user1): Error: Couldn't > > lock /home/user1/.dovecot-sync.lock: Timed out after 30 seconds > > > > Aug 31 21:38:34 serverA dovecot: imap(user2): Warning: > > replication(user2): Sync failure: Timeout in 2 secs > > > > > > > > - permission denied errors: > > > > Aug 31 21:37:14 serverA dovecot: dsync-server(user2): Error: > > net_connect_unix(/var/run/dovecot/replicator-doveadm) failed: > > Permission denied > > > > > > > > > > > > I also get errors for user ?nobody? with uid 65534. To avoid them I > > added > > 10-mail.conf:first_valid_uid = 2000 > > 10-mail.conf:last_valid_uid = 3000 > > > > > > > > but I still get some errors, different ones now: > > > > > > Sep 1 00:13:42 shaun dovecot: doveadm(a.b.c.d,nobody): Error: Mail > > access for users with UID 65534 not permitted (see first_valid_uid in > > config file, uid from userdb lookup). > > Sep 1 00:13:42 shaun dovecot: doveadm(a.b.c.d,nobody): Error: > > dsync-server: User init failed > > Sep 1 00:14:00 shaun dovecot: doveadm(nobody): Error: sync: Failed to > > start remote dsync-server command: Remote exit_code=75 > > > > > > > > > > > > Jean-Luc > > > > > > > >> On Aug 31, 2016, at 12:02 AM, Jean-Luc Wasmer > >> wrote: > >> > >> > >> Hi, > >> > >> > >> I'm trying to sync emails between server A and B. > >> A has replicator, aggregator and doveadm. > >> B only has doveadm for now. > >> > >> > >> I'm getting the following error: > >> > >> > >> Error: sync: /var/run/dovecot/auth-userdb: Configured passdbs don't > >> support credentials lookups (to see if user is proxied, because > >> doveadm_port is set) > >> > >> > >> I'm not sure why I'm getting this error because I authenticate using > >> PAM > >> and when I run > >> I do have a "service auth" enabled though... it's used for Postfix > >> SASL > >> to authenticate SMTP. > >> > >> > >> I'm running > >> > >> > >> # dovecot --version > >> 2.2.24 (a82c823) > >> > >> > >> > >> > >> > >> Cheers, > >> Jean-Luc > >> > >> > >> > >> > >> > >> PS: "replication_sync_timeout = 2s" doesn't work, I had to drop the > >> 's' > >> > >> > >> > >> > >> > >> On 2016-08-28 17:43, Jean-Luc Wasmer wrote: > >>> > >>> > >>> Hi, > >>> > >>> > >>> > >>> > >>> > >>> I?m having a hard time with the http://wiki2.dovecot.org/Replication > >>> page. > >>> > >>> > >>> > >>> > >>> > >>> - for a master-master setup, does the configuration need to be > >>> mirrored on both masters? > >>> > >>> > >>> > >>> > >>> > >>> > >>> > >>> > >>> - after aggregating unrelated sections of the wiki page, there seems > >>> to be 3 different values for ?mail_replica": > >>> - "remote?: for SSH > >>> - ?remoteprefix": for SSH wrapper > >>> - ?tcp?: for TCP connection using the Doveadm protocol > >>> Is this correct? > >>> > >>> > >>> > >>> > >>> > >>> - what?s the purpose of the replicator VS aggregator VS doveadm > >>> services? > >>> Who talks to who? Where can I find documentation about their > >>> configuration (i.e. not examples) > >>> > >>> > >>> > >>> > >>> > >>> - most examples are for a single vmail user setup? what should be > >>> done > >>> when using system accounts? > >>> > >>> > >>> > >>> > >>> > >>> Thanks, > >>> Jean-Luc > >>> From amk at spamfence.net Fri Sep 2 01:56:40 2016 From: amk at spamfence.net (Andreas M. Kirchwitz) Date: Fri, 2 Sep 2016 01:56:40 +0000 (UTC) Subject: Dovecot 2.2.25 fails on SSL References: <20160703234249.GA2315@krell.zikzak.de> <7d1080eb-6f47-9305-28a2-c626186615c3@dovecot.fi> Message-ID: Aki Tuomi wrote: >> ldd /usr/local/Dovecot-2.2.25/lib/dovecot/libssl_iostream_openssl.so >> linux-gate.so.1 => (0x00e8c000) >> libcrypto.so.1.0.0 => not found >> libssl.so.1.0.0 => not found >> librt.so.1 => /lib/librt.so.1 (0x00be4000) >> libc.so.6 => /lib/libc.so.6 (0x001a6000) >> libpthread.so.0 => /lib/libpthread.so.0 (0x003e4000) >> /lib/ld-linux.so.2 (0x007e7000) >> >> ldd /usr/local/Dovecot-2.2.25/lib/dovecot/libdcrypt_openssl.so >> linux-gate.so.1 => (0x00dca000) >> libcrypto.so.1.0.0 => not found >> libssl.so.1.0.0 => not found >> librt.so.1 => /lib/librt.so.1 (0x00a7a000) >> libc.so.6 => /lib/libc.so.6 (0x00160000) >> libpthread.so.0 => /lib/libpthread.so.0 (0x0072f000) >> /lib/ld-linux.so.2 (0x00560000) >> >> There's no libdcrypt_openssl.so in Dovecot 2.2.24, so I guess >> with the newly introduced dcrypt stuff something with SSL went wrong. >> >> Would be great if that could be fixed so that SSL works again. > > Can you try the attached patch out? Sorry for the late answer. (Away from computers. :-) Tried the attached patch, applies fine, compiles fine, but the ssl/crypto libraries are still not found. The additional "$(SSL_LIBS)" in both "Makefile.am" files doesn't properly make it into the resulting "Makefile" files. After "configure" is done, the resulting "Makefile" files are exactly the same in the original 2.2.25 version and patched 2.2.25 version (I guess they *should* contain the additional SSL libraries somewhere). Just let me know if there's more I can try (no longer away from computers, so response time is faster :-) Sorry for the bad news ... Andreas From piper at hrz.uni-marburg.de Fri Sep 2 04:54:46 2016 From: piper at hrz.uni-marburg.de (Piper Andreas) Date: Fri, 2 Sep 2016 06:54:46 +0200 Subject: 2.2.25 dumps core with "Panic: file imap-client.c: line 837 (client_check_command_hangs): assertion failed: (client->io != NULL)" In-Reply-To: <57b2f57f-3643-6198-f800-1cbb200ee6c8@dovecot.fi> References: <52dc785a-b2b6-33df-7d8a-e6f3520969e9@hrz.uni-marburg.de> <57b2f57f-3643-6198-f800-1cbb200ee6c8@dovecot.fi> Message-ID: Am 01.09.2016 um 14:17 schrieb Aki Tuomi: > > > On 01.09.2016 14:20, Piper Andreas wrote: >> Hello Timo, >> >> with the newly build CSW-package the crashes still occur, today already >> twice within two hours. The log shows always the same: >> >> Sep 1 11:50:13 surz113 dovecot: [ID 583609 mail.crit] imap(user): >> Panic: file imap-client.c: line 837 (client_check_command_hangs): >> assertion failed: (client->io != NULL) >> Sep 1 11:50:13 surz113 dovecot: [ID 583609 mail.error] imap(user): >> Error: Raw backtrace: 0xffff80ffb633d88d -> 0xffff80ffb636ae82 -> >> 0x41eba0 -> 0x41ecf3 -> 0xffff80ffb635d248 -> 0xffff80ffb6350d2f -> >> 0xffff80ffb63519e0 -> 0xffff80ffb6350dce -> 0xffff80ffb6350f90 -> >> 0xffff80ffb62e3ebb -> 0x42f169 -> 0x41292c >> Sep 1 11:50:13 surz113 dovecot: [ID 583609 mail.crit] imap(user): >> Fatal: master: service(imap): child 11227 killed with signal 6 (core not >> dumped - set service imap { drop_priv_before_exec=yes }) >> >> This happens with different users, the last one with a relatively small >> mailbox of 600MB. >> >> doveconf -n is attached. >> >> Dovecot 2.2.25 >> OS: Solaris 11 (SunOS 5.11 11.3 i86pc i386 i86pc) >> Virtualization: VMware >> Filesystem: ZFS >> active users: ~4000 >> >> The system was transferred at beginning of last week from an old >> SPARC-station with Solaris 10 running dovecot-2.2.15 to this virtualized >> platform under VMware. The mailboxes (maildir-format) were transferred >> without change by switching the storage-hardware to the new server. I >> had to remove all dovecot.index*-files for errors of "CPU Architecture >> changed", but after doing this all seemed to work ok except for these >> occasional crashes. >> >> If you need more information, please let me know. >> >> Thanks for any help, >> Andreas >> >>> Hi Jake, >>> >>> thanks for fixing this. I have installed now the newly built package on >>> my production system and will report, if any more core dumps occur. >>> >>> Regards, >>> Andreas >>> > > Hi! > > Is it possible for you test out a small patch (attached) to see if it > fixes this issue? > > Aki > Hello and thanks for this patch, I will try to have it implemented by the OpenCSW-maintainers for a test version as I do not have a compilation environment ready at hand. I'll report the results asap. Thanks again, Andreas -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 5176 bytes Desc: S/MIME Cryptographic Signature URL: From c38sgzkz at averlon.net Fri Sep 2 05:50:23 2016 From: c38sgzkz at averlon.net (=?iso-8859-1?Q?Averlon_GmbH_=28in_Gr=FCndung=29?=) Date: Fri, 2 Sep 2016 07:50:23 +0200 Subject: AW: dovecot and ldap with problem on userdb In-Reply-To: References: Message-ID: Hi all, I have now tried all kind of alternatives and even setup postfix config from scratch with a minimum setting, but still same result. If anyone can give me a hint how to get more information on that error or where to look at would be very helpful. Thanks Mit freundlichenGr??en / Kind Regards Kallewirsch From aki.tuomi at dovecot.fi Fri Sep 2 06:31:45 2016 From: aki.tuomi at dovecot.fi (Aki Tuomi) Date: Fri, 2 Sep 2016 09:31:45 +0300 (EEST) Subject: Dovecot 2.2.25 fails on SSL In-Reply-To: References: <20160703234249.GA2315@krell.zikzak.de> <7d1080eb-6f47-9305-28a2-c626186615c3@dovecot.fi> Message-ID: <604361712.1596.1472797906290@appsuite-dev.open-xchange.com> > On September 2, 2016 at 4:56 AM "Andreas M. Kirchwitz" wrote: > > > Aki Tuomi wrote: > > >> ldd /usr/local/Dovecot-2.2.25/lib/dovecot/libssl_iostream_openssl.so > >> linux-gate.so.1 => (0x00e8c000) > >> libcrypto.so.1.0.0 => not found > >> libssl.so.1.0.0 => not found > >> librt.so.1 => /lib/librt.so.1 (0x00be4000) > >> libc.so.6 => /lib/libc.so.6 (0x001a6000) > >> libpthread.so.0 => /lib/libpthread.so.0 (0x003e4000) > >> /lib/ld-linux.so.2 (0x007e7000) > >> > >> ldd /usr/local/Dovecot-2.2.25/lib/dovecot/libdcrypt_openssl.so > >> linux-gate.so.1 => (0x00dca000) > >> libcrypto.so.1.0.0 => not found > >> libssl.so.1.0.0 => not found > >> librt.so.1 => /lib/librt.so.1 (0x00a7a000) > >> libc.so.6 => /lib/libc.so.6 (0x00160000) > >> libpthread.so.0 => /lib/libpthread.so.0 (0x0072f000) > >> /lib/ld-linux.so.2 (0x00560000) > >> > >> There's no libdcrypt_openssl.so in Dovecot 2.2.24, so I guess > >> with the newly introduced dcrypt stuff something with SSL went wrong. > >> > >> Would be great if that could be fixed so that SSL works again. > > > > Can you try the attached patch out? > > Sorry for the late answer. (Away from computers. :-) > > Tried the attached patch, applies fine, compiles fine, > but the ssl/crypto libraries are still not found. > > The additional "$(SSL_LIBS)" in both "Makefile.am" files > doesn't properly make it into the resulting "Makefile" files. > After "configure" is done, the resulting "Makefile" files are > exactly the same in the original 2.2.25 version and patched > 2.2.25 version (I guess they *should* contain the additional > SSL libraries somewhere). > > Just let me know if there's more I can try (no longer away > from computers, so response time is faster :-) > > Sorry for the bad news ... Andreas Well, then it leaves only option of using /etc/ld.so.conf so basically add your libssl location there. Aki From sami.ketola at dovecot.fi Fri Sep 2 06:37:25 2016 From: sami.ketola at dovecot.fi (Sami Ketola) Date: Fri, 2 Sep 2016 09:37:25 +0300 Subject: initd script does not stop/restart all dovecot processes In-Reply-To: <5f5998d5-85a7-ff4e-200b-7224467c18d0@coppint.com> References: <5f5998d5-85a7-ff4e-200b-7224467c18d0@coppint.com> Message-ID: > On 01 Sep 2016, at 17:25, Florent B wrote: > > Hi everyone, > > On Debian Jessie servers, I use initd script provided by Dovecot 2.2 (in > doc/dovecot-initd.sh) and when I stop or restart dovecot service, it > still remains some process : > > ps aux | grep dove > dovecot 1798 0.0 0.1 9408 2116 ? S 16:15 0:00 > dovecot/anvil [1 connections] > root 1799 0.0 0.1 9544 2288 ? S 16:15 0:00 dovecot/log > dovecot 1812 0.0 0.2 39144 5720 ? S 16:15 0:00 > dovecot/auth [0 wait, 0 passdb, 0 userdb] > root 1844 0.0 0.1 12728 2076 pts/0 S+ 16:16 0:00 grep dove > > > Is it expected ? "restart" does not work of course, and "start" after > "stop" too. > > How can I fix this ? Debian Jessie comes with systemd so you really should not use initscript anymore but switch to systemd for starting dovecot. There is systemd service description file available for you in case your vendor does not provide it in the package: https://github.com/dovecot/core/blob/master/dovecot.service.in Sami From skdovecot at smail.inf.fh-brs.de Fri Sep 2 07:38:47 2016 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Fri, 2 Sep 2016 09:38:47 +0200 (CEST) Subject: initd script does not stop/restart all dovecot processes In-Reply-To: References: <5f5998d5-85a7-ff4e-200b-7224467c18d0@coppint.com> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, 2 Sep 2016, Sami Ketola wrote: >> On 01 Sep 2016, at 17:25, Florent B wrote: >> >> Hi everyone, >> >> On Debian Jessie servers, I use initd script provided by Dovecot 2.2 (in >> doc/dovecot-initd.sh) and when I stop or restart dovecot service, it >> still remains some process : >> >> ps aux | grep dove >> dovecot 1798 0.0 0.1 9408 2116 ? S 16:15 0:00 >> dovecot/anvil [1 connections] >> root 1799 0.0 0.1 9544 2288 ? S 16:15 0:00 dovecot/log >> dovecot 1812 0.0 0.2 39144 5720 ? S 16:15 0:00 >> dovecot/auth [0 wait, 0 passdb, 0 userdb] >> root 1844 0.0 0.1 12728 2076 pts/0 S+ 16:16 0:00 grep dove >> >> >> Is it expected ? "restart" does not work of course, and "start" after >> "stop" too. >> >> How can I fix this ? > > Debian Jessie comes with systemd so you really should not use initscript anymore but > switch to systemd for starting dovecot. There is systemd service description file available > for you in case your vendor does not provide it in the package: > > https://github.com/dovecot/core/blob/master/dovecot.service.in I have the same experience, that Dovecot keeps running for a while. An immediate stop & start always fails. IMHO, that behaviour started with the introduction of anvil. If the ps command lists all processes, that is what I see on Jessie and Squeeze as well. @Florent: Please check, if the Dovecot processess dies after some timeout. I have patched the scripts to wait 5s then send an extra HUP and after 5s INT. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBV8ksh3z1H7kL/d9rAQJY8gf+NnFjsEKI3a4opD4Wkim8eGtQvkWkFEtA Ywf7vS3cGzU2rJGqUq6X/zVjrW5oU5NUdePdR5nZqpkKz5+QR5jHluZ/zX4Cgmeh ujKSIf4VZnUmvw9XG5RRFzUlTUkZilSGz97KtcnLcLJQj7KNhC39sFBPTUl6Li2X 2lwDpyNz+u5rhPti1LTKwooiGI2Pr5X6YT+aZQcebzj++0qLiwRha6Gmm5PWzgS4 mMsMe2zFwvKhP6/XuVWMzT9nsgmEQaeiDsu4u3A+TDRdFwfYrHvhyG0uh8SgG6a6 Vye30fy53e/KWzfXAE37m1zRyouHUuxSzHjr4YtM9K/E8rYBDWR0Ow== =HdJT -----END PGP SIGNATURE----- From aki.tuomi at dovecot.fi Fri Sep 2 09:57:32 2016 From: aki.tuomi at dovecot.fi (Aki Tuomi) Date: Fri, 2 Sep 2016 12:57:32 +0300 (EEST) Subject: initd script does not stop/restart all dovecot processes In-Reply-To: References: <5f5998d5-85a7-ff4e-200b-7224467c18d0@coppint.com> Message-ID: <1839137742.1807.1472810253614@appsuite-dev.open-xchange.com> > On September 2, 2016 at 12:16 PM Florent B wrote: > > Hi You could look under /lib/systemd/system or similar. The .in file from repo gets a sed treatment during make install. Aki Tuomi From ml+dovecot at valo.at Fri Sep 2 10:31:42 2016 From: ml+dovecot at valo.at (Christian Kivalo) Date: Fri, 02 Sep 2016 12:31:42 +0200 Subject: initd script does not stop/restart all dovecot processes In-Reply-To: <9d91024e-fba5-2782-aa19-28b1bac86ed8@coppint.com> References: <5f5998d5-85a7-ff4e-200b-7224467c18d0@coppint.com> <1839137742.1807.1472810253614@appsuite-dev.open-xchange.com> <9d91024e-fba5-2782-aa19-28b1bac86ed8@coppint.com> Message-ID: <982c75333c24c6e2bce94adcac13b2f2@valo.at> On 2016-09-02 12:15, Florent B wrote: > On 09/02/2016 11:57 AM, Aki Tuomi wrote: >>> On September 2, 2016 at 12:16 PM Florent B >>> wrote: >>> >>> >> Hi >> >> You could look under /lib/systemd/system or similar. The .in file from >> repo gets a sed treatment during make install. >> >> Aki Tuomi > > Ok, but I use 2.2.24, and when I did "make install" from source, it did > not install any Dovecot service. Was it introduced in 2.2.25 ? "make > install" output does not show anything with "dovecot.service.in"... i use ./configure with --with-systemdsystemunitdir=/etc/systemd/system/ and that installs the systemd.service and socket > That's why I need to copy initd script by myself, and did the same with > systemd unit file when you suggested me to try it. -- Christian Kivalo From flatworm at users.sourceforge.net Fri Sep 2 11:49:39 2016 From: flatworm at users.sourceforge.net (Konstantin Khomoutov) Date: Fri, 2 Sep 2016 14:49:39 +0300 Subject: Force SSL/TLS and client certificate checking only for connections from Internet Message-ID: <20160902144939.24b614548f4b80989bf7052e@domain007.com> (Please CC me if possible.) I have Dovecot 2.2.13 (shipped with Debian 8 "Jessie") serving IMAP for a small organization. It's connected both to the Internet and to that organization LAN. I'd like to have Dovecot has rather tight security requirements for connections made from the Internet and reasonably laxed requirements for the LAN clients. Due to Dovecot authenticating users against a LDAP database which is also used for logging into the users' machines, we have to use somewhat weak passwords (randomly generated but short) for most users. Because of this I want to: * Mandate the usage of TLS for the connections made from Internet; * Require the clients to present their SSL certificates, and * Verify the validity of these certificates. The certificates are issued by our own CA, so it's not a problem to verify them. The first iteration was to set ssl = required and disable_plaintext_auth = yes which I then overrode with a "remote" section for LAN connections: remote 192.168.0.0/16 { disable_plaintext_auth = no ssl = yes } The next iteration was to actually enable verification of the client certificates. I have set the "ssl_ca" variable appropriately, then ssl_require_crl = yes ssl_verify_client_cert = yes and auth_ssl_require_client_cert = yes Then I went on and attempted to override the latter two settings for the LAN clients by appending them to my special "remote" section to it read: remote 192.168.0.0/16 { disable_plaintext_auth = no ssl = yes ssl_verify_client_cert = no auth_ssl_require_client_cert = no } But after restart Dovecot complained that I cannot use the "auth_ssl_require_client_cert" setting in a "remote" section. I have removed it in the hope that still having ssl_verify_client_cert = no there would inhibit SSL certificate checks for the LAN clients but apparently it did not. So, to recap: * I need to have tight TLS settings for the clients connecting from the Internet: - TLS is required; - The client must present a valid certificate (issued by a CA we control). * LAN clients should use relaxed security settings: TLS is okay but that's all. How do I go about setting this? (On a side note, I can supposedly get away installing stunnel and making it proxy IMAP and IMAPS connections to Dovecot -- at least from the documentation, it appears stunnel supports IMAP+STARTTLS, -- but I would rather have all this handled solely by Dovecot.) From mi.lists.dc at alma.ch Fri Sep 2 14:00:29 2016 From: mi.lists.dc at alma.ch (MI) Date: Fri, 2 Sep 2016 16:00:29 +0200 Subject: Cannot subscribe to Public mailbox Message-ID: I'm trying to set up a Public mailbox, but when I try to subscribe to it in Thunderbird, nothing happens: it doesn't appear as a folder, and when I go back to the Subscribe window, it is unchecked again. I use postfix local dlivery, which created a Maildir when a mail arrived for this mailbox: /home/others/sharedmail/Maildir/{cur,new,tmp} (sharedmail is a system user so that Postfix can deliver the mail; it doesn't have a login shell or a password) To make sure it is not a simple filesystem permissions problem, I did "chmod -R a+rwX Maildir/" This is my current config ( I tried to keep it short by leaving only what might be relevant ): # dovecot -n # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-4-amd64 x86_64 Debian 7.9 ... mail_location = maildir:~/Maildir namespace { list = yes location = maildir:/home/others/sharedmail/Maildir prefix = Public. separator = . subscriptions = no type = public } namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox ... ... } prefix = separator = . } passdb { driver = pam } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = " imap" service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } } userdb { driver = passwd } Also, I'm not sure about the difference between type=public and type=shared. But anyway, I tried both with the same result. From amk at spamfence.net Fri Sep 2 14:35:57 2016 From: amk at spamfence.net (Andreas M. Kirchwitz) Date: Fri, 2 Sep 2016 14:35:57 +0000 (UTC) Subject: Dovecot 2.2.25 fails on SSL References: <20160703234249.GA2315@krell.zikzak.de> <7d1080eb-6f47-9305-28a2-c626186615c3@dovecot.fi> <604361712.1596.1472797906290@appsuite-dev.open-xchange.com> Message-ID: Aki Tuomi wrote: > Well, then it leaves only option of using /etc/ld.so.conf > so basically add your libssl location there. That's not a working solution and not the purpose of /etc/ld.so.conf. Currently, this is a real-life security issue in Dovecot 2.2.25, because it compiles fine but then - to the user - silently fails to use SSL. The user who doesn't know better reconfigures his client and all security is gone. :-( Custom SSL worked fine in Dovecot 2.2.24, so obviously it can be made to work. The question is just where to add the proper options, or maybe "configure" is broken in some way. I'm happy to try out more patches until the proper solution is found. I've already tried adding SSL libs in various locations during the build process but it hast always the same result that it never gets past "configure". Greetings, Andreas From larryrtx at gmail.com Fri Sep 2 14:38:37 2016 From: larryrtx at gmail.com (Larry Rosenman) Date: Fri, 2 Sep 2016 09:38:37 -0500 Subject: index: namespace not selectable, and no info. :( In-Reply-To: References: Message-ID: anyone? On Tue, Aug 30, 2016 at 1:45 PM, Larry Rosenman wrote: > > thebighonker.lerctr.org ~ $ doveadm -D -v index \#ARCHIVE/2012/02/INBOX > Debug: Loading modules from directory: /usr/local/lib/dovecot > Debug: Module loaded: /usr/local/lib/dovecot/lib15_notify_plugin.so > Debug: Module loaded: /usr/local/lib/dovecot/lib20_fts_plugin.so > Debug: Module loaded: /usr/local/lib/dovecot/lib21_fts_lucene_plugin.so > Debug: Module loaded: /usr/local/lib/dovecot/lib90_stats_plugin.so > Debug: Loading modules from directory: /usr/local/lib/dovecot/doveadm > Debug: Skipping module doveadm_acl_plugin, because dlopen() failed: > /usr/local/lib/dovecot/doveadm/lib10_doveadm_acl_plugin.so: Undefined > symbol "acl_user_module" (this is usually intentional, so just ignore this > message) > Debug: Skipping module doveadm_expire_plugin, because dlopen() failed: > /usr/local/lib/dovecot/doveadm/lib10_doveadm_expire_plugin.so: Undefined > symbol "expire_set_lookup" (this is usually intentional, so just ignore > this message) > Debug: Skipping module doveadm_quota_plugin, because dlopen() failed: > /usr/local/lib/dovecot/doveadm/lib10_doveadm_quota_plugin.so: Undefined > symbol "quota_user_module" (this is usually intentional, so just ignore > this message) > Debug: Module loaded: /usr/local/lib/dovecot/doveadm/lib10_doveadm_sieve_ > plugin.so > Debug: Module loaded: /usr/local/lib/dovecot/doveadm/lib20_doveadm_fts_ > lucene_plugin.so > Debug: Module loaded: /usr/local/lib/dovecot/doveadm/lib20_doveadm_fts_ > plugin.so > doveadm(ler): Debug: Effective uid=1001, gid=1001, home=/home/ler > doveadm(ler): Debug: Namespace inbox: type=private, prefix=, sep=, > inbox=yes, hidden=no, list=yes, subscriptions=yes > location=mbox:~/mail:INBOX=~/mail/INBOX > doveadm(ler): Debug: fs: root=/home/ler/mail, index=, indexpvt=, control=, > inbox=/home/ler/mail/INBOX, alt= > doveadm(ler): Debug: Namespace archive: type=private, prefix=#ARCHIVE/, > sep=/, inbox=no, hidden=no, list=no, subscriptions=yes > location=mbox:~/MAILARCHIVE > doveadm(ler): Debug: mbox: INBOX defaulted to /home/ler/MAILARCHIVE/inbox > doveadm(ler): Debug: fs: root=/home/ler/MAILARCHIVE, index=, indexpvt=, > control=, inbox=/home/ler/MAILARCHIVE/inbox, alt= > doveadm(ler): Error: lucene: Failed to sync mailbox INBOX: Mailbox isn't > selectable > doveadm(ler): Error: Mailbox #ARCHIVE/2012/02/INBOX: Status lookup failed: > Internal error occurred. Refer to server log for more information. > [2016-08-30 13:41:57] > > NOTHING additional is logged in syslog. > > doveconf -n attached. > > I **CAN** select the mailbox in mutt using #ARCHIVE/2012/02/INBOX > > > -- > Larry Rosenman http://www.lerctr.org/~ler > Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com > US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 > -- Larry Rosenman http://www.lerctr.org/~ler Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 From aki.tuomi at dovecot.fi Fri Sep 2 14:41:35 2016 From: aki.tuomi at dovecot.fi (Aki Tuomi) Date: Fri, 2 Sep 2016 17:41:35 +0300 (EEST) Subject: Dovecot 2.2.25 fails on SSL In-Reply-To: References: <20160703234249.GA2315@krell.zikzak.de> <7d1080eb-6f47-9305-28a2-c626186615c3@dovecot.fi> <604361712.1596.1472797906290@appsuite-dev.open-xchange.com> Message-ID: <597716665.2499.1472827295735@appsuite-dev.open-xchange.com> > On September 2, 2016 at 5:35 PM "Andreas M. Kirchwitz" wrote: > > > Aki Tuomi wrote: > > > Well, then it leaves only option of using /etc/ld.so.conf > > so basically add your libssl location there. > > That's not a working solution and not the purpose of /etc/ld.so.conf. > > Currently, this is a real-life security issue in Dovecot 2.2.25, > because it compiles fine but then - to the user - silently fails > to use SSL. The user who doesn't know better reconfigures his > client and all security is gone. :-( > > Custom SSL worked fine in Dovecot 2.2.24, so obviously it can be > made to work. The question is just where to add the proper options, > or maybe "configure" is broken in some way. > > I'm happy to try out more patches until the proper solution is > found. I've already tried adding SSL libs in various locations > during the build process but it hast always the same result > that it never gets past "configure". > > Greetings, Andreas I tried various ways but wasn't able to get it to work. I can see if it can be fixed but it can take a while. Aki From prakash.autade at gmail.com Fri Sep 2 17:49:16 2016 From: prakash.autade at gmail.com (Prakash Autade) Date: Fri, 2 Sep 2016 23:19:16 +0530 Subject: Alternate mail store of few users is disparaged unexpectedly Message-ID: Hello, We are using dovecot with mdbox and ALT store on S3(Simple Storage System). We export the mail_location=mdbox://mdbox:ALT=/altmailstore//mdbox of user in extra parameters. Today, alternate mail store of few users is disparaged unexpectedly which resulted in mail loss. We are unable to trace out why and when the alternate store is disparaged. Our hypothesis is, the folder is removed during doveadm altmove. We want to prevent this in future. It will be great if someone helps to identify the root cause. Dovecot version: 2.2.19 # dovecot -n # 2.2.19: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-573.el6.x86_64 x86_64 CentOS Linux release 6.0 (Final) auth_mechanisms = plain login auth_verbose_passwords = plain disable_plaintext_auth = no mail_fsync = always mail_gid = 65111 mail_location = maildir:~/Maildir mail_nfs_index = yes mail_nfs_storage = yes mail_plugins = " quota" mail_uid = 65111 mdbox_rotate_interval = 1 days mdbox_rotate_size = 20 M mmap_disable = yes namespace inbox { inbox = yes location = mailbox Drafts { auto = create special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Items" { auto = create } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { auto = create special_use = \Trash } mailbox chat { auto = create } prefix = INBOX. separator = . type = private } plugin { mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename mail_log_fields = uid box msgid size } ssl_cert = References: Message-ID: Aki Tuomi wrote: >>>> ldd /usr/local/Dovecot-2.2.25/lib/dovecot/libdcrypt_openssl.so >>>> linux-gate.so.1 => (0x00dca000) >>>> libcrypto.so.1.0.0 => not found >>>> ... > > Well, then it leaves only option of using /etc/ld.so.conf > so basically add your libssl location there. You can also affect where shared libraries are loaded using the LD_LIBRARY_PATH environment variable. Try adding LD_LIBARY_PATH=/location/of/libdir; export LD_LIBARY_PATH to your service boot scripts. Joseph Tam From alessio at skye.it Sat Sep 3 10:30:55 2016 From: alessio at skye.it (Alessio Cecchi) Date: Sat, 03 Sep 2016 12:30:55 +0200 Subject: doveadm quota recalc returns a Segmentation fault Message-ID: <25cd5e82b26055f60b9ab0720fa24e1e@skye.it> Hi, with the latest dovecot-ee version (2.2.25.4 (5cb7c97)) if I run ?doveadm quota recalc -u alessio at skye.it? dovecot return a ?Segmentation fault? (but the quota is update fine). Since dovecot version 2.2.24.3 (55cdc32) works fine. This is my quota backends configuration: plugin { quota = maildir:UserQuota quota2 = dict:Quota Usage::noenforcing:proxy::sqlquota } dict { sqlquota = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext } I found that if I comment the line ?quota2 = dict:?? doveadm quota recalc works fine. I have two quota backends because with dict I can store everybody's current quota usage in a SQL database for fast retrieving (like quota_clone plugin but I cannot switch to it immediately). The backtrace: # gdb --args doveadm quota recalc -u alessio at skye.it GNU gdb (GDB) Red Hat Enterprise Linux (7.2-90.el6) Copyright (C) 2010 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-redhat-linux-gnu". For bug reporting instructions, please see: ... Reading symbols from /usr/bin/doveadm...Reading symbols from /usr/lib/debug/usr/bin/doveadm.debug...done. done. (gdb) run Starting program: /usr/bin/doveadm quota recalc -u alessio at skye.it [Thread debugging using libthread_db enabled] Program received signal SIGSEGV, Segmentation fault. 0x00007ffff73ed245 in io_loop_handler_run (ioloop=0x1006b1930) at ioloop.c:612 612 io_loop_handler_run_internal(ioloop); Missing separate debuginfos, use: debuginfo-install bzip2-libs-1.0.5-7.el6_0.x86_64 cyrus-sasl-lib-2.1.23-15.el6_6.2.x86_64 dovecot-ee-pigeonhole-2.2.25.4-4.x86_64 glibc-2.12-1.192.el6.x86_64 nspr-4.11.0-1.el6.x86_64 nss-3.21.0-8.el6.x86_64 nss-softokn-freebl-3.14.3-23.3.el6_8.x86_64 nss-util-3.21.0-2.el6.x86_64 openldap-2.4.40-12.el6.x86_64 zlib-1.2.3-29.el6.x86_64 (gdb) bt full #0 0x00007ffff73ed245 in io_loop_handler_run (ioloop=0x1006b1930) at ioloop.c:612 No locals. #1 0x00007ffff73ed3e8 in io_loop_run (ioloop=0x6b1930) at ioloop.c:588 __FUNCTION__ = "io_loop_run" #2 0x00007ffff73ac45c in client_dict_wait (_dict=0x6b15f0) at dict-client.c:653 dict = 0x6b15f0 #3 0x00007ffff636f85f in dict_quota_deinit (_root=) at quota-dict.c:106 root = 0x6b12f0 __FUNCTION__ = "dict_quota_deinit" #4 0x00007ffff636d326 in quota_root_deinit (root=0x6b12f0) at quota.c:279 pool = 0x6b1400 #5 0x00007ffff636d381 in quota_deinit (_quota=0x6aeae8) at quota.c:389 quota = 0x6ac0b0 roots = i = count = 2 #6 0x00007ffff637240d in quota_user_deinit (user=0x6ac7b0) at quota-storage.c:538 quser = 0x6aead8 quota_set = 0x6b07c0 #7 0x00007ffff76a9b52 in mail_user_unref (_user=) at mail-user.c:174 user = 0x6ac7b0 __FUNCTION__ = "mail_user_unref" #8 0x00000000004216b4 in doveadm_mail_next_user (ctx=0x69bbe0, cctx=, error_r=0x7fffffffe1c0) at doveadm-mail.c:403 input = {module = 0x0, service = 0x4569d9 "doveadm", username = 0x681288 "alessio at skye.it", session_id = 0x0, session_id_prefix = 0x0, local_ip = {family = 0, u = {ip6 = {__in6_u = {__u6_addr8 = '\000' , __u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0, 0, 0, 0}}}, ip4 = {s_addr = 0}}}, remote_ip = { family = 0, u = {ip6 = {__in6_u = {__u6_addr8 = '\000' , __u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0, 0, 0, 0}}}, ip4 = {s_addr = 0}}}, local_port = 0, remote_port = 0, userdb_fields = 0x0, flags_override_add = 0, flags_override_remove = 0, no_userdb_lookup = 0, debug = 0} error = ip = ret = __FUNCTION__ = "doveadm_mail_next_user" #9 0x00000000004218dc in doveadm_mail_cmd_exec (ctx=0x69bbe0, cctx=0x7fffffffe400, wildcard_user=0x0) at doveadm-mail.c:592 ret = error = #10 0x0000000000422c7d in doveadm_cmd_ver2_to_mail_cmd_wrapper (cctx=0x7fffffffe400) at doveadm-mail.c:1053 mctx = 0x69bbe0 wildcard_user = fieldstr = 0x456c52 "-u" i = ---Type to continue, or q to quit--- mail_cmd = {alloc = 0x7ffff573fba0 , name = 0x7ffff573ffc5 "quota recalc", usage_args = 0x7ffff573ff7f ""} args_pos = #11 0x00000000004303b6 in doveadm_cmd_run_ver2 (argc=3, argv=0x6883a0, cctx=0x7fffffffe400) at doveadm-cmd.c:523 param = pargv = {arr = {buffer = 0x680a28, element_size = 104}, v = 0x680a28, v_modifiable = 0x680a28} pargc = c = li = 32767 pool = 0x680858 optbuf = 0x680870 __FUNCTION__ = "doveadm_cmd_run_ver2" #12 0x0000000000430467 in doveadm_cmd_try_run_ver2 (cmd_name=, argc=3, argv=0x6883a0, cctx=0x7fffffffe400) at doveadm-cmd.c:446 cmd = #13 0x0000000000432bdc in main (argc=4, argv=0x688398) at doveadm.c:379 cctx = {cmd = 0x69abf8, argc = 4, argv = 0x680a60, username = 0x681288 "alessio at skye.it", cli = true, tcp_server = false, local_ip = {family = 0, u = {ip6 = {__in6_u = {__u6_addr8 = '\000' , __u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0, 0, 0, 0}}}, ip4 = {s_addr = 0}}}, remote_ip = {family = 0, u = {ip6 = {__in6_u = { __u6_addr8 = '\000' , __u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0, 0, 0, 0}}}, ip4 = {s_addr = 0}}}, local_port = 0, remote_port = 0, conn = 0x0} cmd_name = quick_init = false c = (gdb) I hope can be fixed. Thanks -- Alessio Cecchi Postmaster AT http://www.qboxmail.it http://www.linkedin.com/in/alessice From aki.tuomi at dovecot.fi Sat Sep 3 12:19:45 2016 From: aki.tuomi at dovecot.fi (Aki Tuomi) Date: Sat, 3 Sep 2016 15:19:45 +0300 (EEST) Subject: doveadm quota recalc returns a Segmentation fault In-Reply-To: <25cd5e82b26055f60b9ab0720fa24e1e@skye.it> References: <25cd5e82b26055f60b9ab0720fa24e1e@skye.it> Message-ID: <663852094.10.1472905186721@appsuite-dev.open-xchange.com> > On September 3, 2016 at 1:30 PM Alessio Cecchi wrote: > > > Hi, > > with the latest dovecot-ee version (2.2.25.4 (5cb7c97)) if I run > ?doveadm quota recalc -u alessio at skye.it? dovecot return a ?Segmentation > fault? (but the quota is update fine). Since dovecot version 2.2.24.3 > (55cdc32) works fine. > > This is my quota backends configuration: > > plugin { > quota = maildir:UserQuota > quota2 = dict:Quota Usage::noenforcing:proxy::sqlquota > } > dict { > sqlquota = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext > } > > I found that if I comment the line ?quota2 = dict:?? doveadm quota > recalc works fine. I have two quota backends because with dict I can > store everybody's current quota usage in a SQL database for fast > retrieving (like quota_clone plugin but I cannot switch to it > immediately). > > The backtrace: > > # gdb --args doveadm quota recalc -u alessio at skye.it > GNU gdb (GDB) Red Hat Enterprise Linux (7.2-90.el6) > Copyright (C) 2010 Free Software Foundation, Inc. > License GPLv3+: GNU GPL version 3 or later > > This is free software: you are free to change and redistribute it. > There is NO WARRANTY, to the extent permitted by law. Type "show > copying" > and "show warranty" for details. > This GDB was configured as "x86_64-redhat-linux-gnu". > For bug reporting instructions, please see: > ... > Reading symbols from /usr/bin/doveadm...Reading symbols from > /usr/lib/debug/usr/bin/doveadm.debug...done. > done. > > (gdb) run > Starting program: /usr/bin/doveadm quota recalc -u alessio at skye.it > [Thread debugging using libthread_db enabled] > > Program received signal SIGSEGV, Segmentation fault. > 0x00007ffff73ed245 in io_loop_handler_run (ioloop=0x1006b1930) at > ioloop.c:612 > 612 io_loop_handler_run_internal(ioloop); > Missing separate debuginfos, use: debuginfo-install > bzip2-libs-1.0.5-7.el6_0.x86_64 cyrus-sasl-lib-2.1.23-15.el6_6.2.x86_64 > dovecot-ee-pigeonhole-2.2.25.4-4.x86_64 glibc-2.12-1.192.el6.x86_64 > nspr-4.11.0-1.el6.x86_64 nss-3.21.0-8.el6.x86_64 > nss-softokn-freebl-3.14.3-23.3.el6_8.x86_64 nss-util-3.21.0-2.el6.x86_64 > openldap-2.4.40-12.el6.x86_64 zlib-1.2.3-29.el6.x86_64 > (gdb) bt full > #0 0x00007ffff73ed245 in io_loop_handler_run (ioloop=0x1006b1930) at > ioloop.c:612 > No locals. > #1 0x00007ffff73ed3e8 in io_loop_run (ioloop=0x6b1930) at ioloop.c:588 > __FUNCTION__ = "io_loop_run" > #2 0x00007ffff73ac45c in client_dict_wait (_dict=0x6b15f0) at > dict-client.c:653 > dict = 0x6b15f0 > #3 0x00007ffff636f85f in dict_quota_deinit (_root= out>) at quota-dict.c:106 > root = 0x6b12f0 > __FUNCTION__ = "dict_quota_deinit" > #4 0x00007ffff636d326 in quota_root_deinit (root=0x6b12f0) at > quota.c:279 > pool = 0x6b1400 > #5 0x00007ffff636d381 in quota_deinit (_quota=0x6aeae8) at quota.c:389 > quota = 0x6ac0b0 > roots = > i = > count = 2 > #6 0x00007ffff637240d in quota_user_deinit (user=0x6ac7b0) at > quota-storage.c:538 > quser = 0x6aead8 > quota_set = 0x6b07c0 > #7 0x00007ffff76a9b52 in mail_user_unref (_user=) > at mail-user.c:174 > user = 0x6ac7b0 > __FUNCTION__ = "mail_user_unref" > #8 0x00000000004216b4 in doveadm_mail_next_user (ctx=0x69bbe0, > cctx=, error_r=0x7fffffffe1c0) > at doveadm-mail.c:403 > input = {module = 0x0, service = 0x4569d9 "doveadm", username = > 0x681288 "alessio at skye.it", session_id = 0x0, > session_id_prefix = 0x0, local_ip = {family = 0, u = {ip6 = > {__in6_u = {__u6_addr8 = '\000' , > __u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = > {0, 0, 0, 0}}}, ip4 = {s_addr = 0}}}, remote_ip = { > family = 0, u = {ip6 = {__in6_u = {__u6_addr8 = '\000' > , __u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, > __u6_addr32 = {0, 0, 0, 0}}}, ip4 = {s_addr = 0}}}, > local_port = 0, remote_port = 0, userdb_fields = 0x0, > flags_override_add = 0, flags_override_remove = 0, > no_userdb_lookup = 0, debug = 0} > error = > ip = > ret = > __FUNCTION__ = "doveadm_mail_next_user" > #9 0x00000000004218dc in doveadm_mail_cmd_exec (ctx=0x69bbe0, > cctx=0x7fffffffe400, wildcard_user=0x0) at doveadm-mail.c:592 > ret = > error = > #10 0x0000000000422c7d in doveadm_cmd_ver2_to_mail_cmd_wrapper > (cctx=0x7fffffffe400) at doveadm-mail.c:1053 > mctx = 0x69bbe0 > wildcard_user = > fieldstr = 0x456c52 "-u" > i = > ---Type to continue, or q to quit--- > mail_cmd = {alloc = 0x7ffff573fba0 , > name = 0x7ffff573ffc5 "quota recalc", > usage_args = 0x7ffff573ff7f ""} > args_pos = > #11 0x00000000004303b6 in doveadm_cmd_run_ver2 (argc=3, argv=0x6883a0, > cctx=0x7fffffffe400) at doveadm-cmd.c:523 > param = > pargv = {arr = {buffer = 0x680a28, element_size = 104}, v = > 0x680a28, v_modifiable = 0x680a28} > pargc = > c = > li = 32767 > pool = 0x680858 > optbuf = 0x680870 > __FUNCTION__ = "doveadm_cmd_run_ver2" > #12 0x0000000000430467 in doveadm_cmd_try_run_ver2 (cmd_name= optimized out>, argc=3, argv=0x6883a0, cctx=0x7fffffffe400) > at doveadm-cmd.c:446 > cmd = > #13 0x0000000000432bdc in main (argc=4, argv=0x688398) at doveadm.c:379 > cctx = {cmd = 0x69abf8, argc = 4, argv = 0x680a60, username = > 0x681288 "alessio at skye.it", cli = true, tcp_server = false, > local_ip = {family = 0, u = {ip6 = {__in6_u = {__u6_addr8 = > '\000' , __u6_addr16 = {0, 0, 0, 0, 0, 0, > 0, 0}, __u6_addr32 = {0, 0, 0, 0}}}, ip4 = {s_addr = > 0}}}, remote_ip = {family = 0, u = {ip6 = {__in6_u = { > __u6_addr8 = '\000' , __u6_addr16 = > {0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0, 0, 0, 0}}}, > ip4 = {s_addr = 0}}}, local_port = 0, remote_port = 0, > conn = 0x0} > cmd_name = > quick_init = false > c = > (gdb) > > I hope can be fixed. > Thanks > -- > Alessio Cecchi > Postmaster AT http://www.qboxmail.it > http://www.linkedin.com/in/alessice Thank you for your report. We'll look into it. Aki From mi.lists.dc at alma.ch Sun Sep 4 15:19:38 2016 From: mi.lists.dc at alma.ch (MI) Date: Sun, 4 Sep 2016 17:19:38 +0200 Subject: Cannot subscribe to Public mailbox In-Reply-To: References: Message-ID: <5dd355a9-1b6a-3b90-1f79-8d1b5d8ad2ff@alma.ch> Some progress was achieved by using symlinks to make the Maildir a subdirectory of the public namespace location: mkdir /home/others/sharedmail/public-mails ln -si /home/others/sharedmail/Maildir/ /home/others/sharedmail/public-mails/.Public and namespace { list = yes location = maildir:/home/others/sharedmail/public-mails prefix = Public. separator = . subscriptions = no type = public } However, Postfix delivers new mails with mode 600: # ls -l /home/others/sharedmail/Maildir/cur -rw------- 1 sharedmail sharedmail 1596 Sep 4 16:25 1472999138.V804I3c0028M764419.pe2:2, -rw------- 1 sharedmail sharedmail 1596 Sep 4 16:36 1472999809.V804I3c002cM121024.pe2:2, So I can now subscribe to the Public maildir, but still cannot read the mails... I had the impression that using dovecot's lmtp delivery could help, but when I set "mailbox_transport = lmtp:unix:private/dovecot-lmtp" in postfix main.cf, mails are rejected because my recipient maps / virtual_alias maps are ignored. Would someone know what I have to do? I could (re-)try configuring dovecot ACLs, but according to http://wiki2.dovecot.org/SharedMailboxes/Permissions it looks like it wouldn't help: "If you use more than one UNIX UID for your mail users (e.g. you use system users), you'll need to make sure that all users can access the mailboxes on filesystem level. (ACL plugin won't help you with this.) " Basically, I have: - email users are system users - Postfix holds the email -> user maps (mostly in regexp or pcre format) How can I have Public or Shared mailboxes? -------- Original Message -------- > I'm trying to set up a Public mailbox, but when I try to subscribe to it in > Thunderbird, nothing happens: it doesn't appear as a folder, and when I go back to > the Subscribe window, it is unchecked again. > > I use postfix local dlivery, which created a Maildir when a mail arrived for this > mailbox: /home/others/sharedmail/Maildir/{cur,new,tmp} > > (sharedmail is a system user so that Postfix can deliver the mail; it doesn't have > a login shell or a password) > > To make sure it is not a simple filesystem permissions problem, I did "chmod -R > a+rwX Maildir/" > > This is my current config ( I tried to keep it short by leaving only what might be > relevant ): > > # dovecot -n > # 2.1.7: /etc/dovecot/dovecot.conf > # OS: Linux 3.2.0-4-amd64 x86_64 Debian 7.9 > ... > mail_location = maildir:~/Maildir > namespace { > list = yes > location = maildir:/home/others/sharedmail/Maildir > prefix = Public. > separator = . > subscriptions = no > type = public > } > namespace inbox { > inbox = yes > location = > mailbox Drafts { > special_use = \Drafts > } > mailbox ... > ... > } > prefix = > separator = . > } > passdb { > driver = pam > } > plugin { > sieve = ~/.dovecot.sieve > sieve_dir = ~/sieve > } > protocols = " imap" > service auth { > unix_listener /var/spool/postfix/private/auth { > group = postfix > mode = 0660 > user = postfix > } > } > userdb { > driver = passwd > } > > > Also, I'm not sure about the difference between type=public and type=shared. But > anyway, I tried both with the same result. From davide.marchi at mail.cgilfe.it Mon Sep 5 07:27:55 2016 From: davide.marchi at mail.cgilfe.it (Davide Marchi) Date: Mon, 05 Sep 2016 09:27:55 +0200 Subject: Strange result searching over fts_solr Message-ID: Hi to all, i have a strange issue if i search a series of messages through normal index on Sent folder my result is correct but if i make same search thrpough fts_solr result is much smaller on number of mails: - My solr version is 5.5.2 doveadm -Dv index -u davide.marchi at mail.cgilfe.it '*' no error this is my dovecot version and my doveconf - 2.2.23 (806d709) -# 2.2.23 (806d709): /usr/local/etc/dovecot/dovecot.conf # Pigeonhole version 0.4.13 (7b14904) # OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.10 auth_master_user_separator = * auth_mechanisms = plain digest-md5 debug_log_path = /var/log/dovecot/dovecot-debug.log disable_plaintext_auth = no first_valid_gid = 89 first_valid_uid = 89 imap_hibernate_timeout = 1 mins imap_id_log = * imap_idle_notify_interval = 1 mins info_log_path = /var/log/dovecot/dovecot.log last_valid_gid = 89 last_valid_uid = 89 lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes listen = 0.0.0.0 lmtp_rcpt_check_quota = yes log_path = /var/log/dovecot/dovecot-err.log log_timestamp = "%Y-%m-%d %H:%M:%S " login_log_format_elements = %u method=%m rip=%r lip=%l mpid=%e %c %k session=<%{session}> mail_fsync = never mail_gid = 89 mail_location = maildir:~/Maildir mail_plugins = " notify zlib quota fts fts_solr stats acl" mail_prefetch_count = 100 mail_uid = 89 mailbox_list_index = yes maildir_very_dirty_syncs = yes managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext mmap_disable = yes namespace { inbox = yes location = prefix = separator = / type = private } namespace { location = maildir:/home/public/:INDEX=/mnt/ramdisk/public prefix = Public/ separator = / subscriptions = no type = public } passdb { args = /usr/local/etc/dovecot/passwd.masterusers driver = passwd-file master = yes pass = yes } passdb { driver = shadow } passdb { args = webmail=127.0.0.1 cache_key=%u%s driver = vpopmail } plugin { acl = vfile:/usr/local/etc/dovecot/dovecot-acl antispam_backend = crm114 antispam_crm_args = -u;/opt/crm114;--fileprefix=/opt/crm114/;--config=/usr/share/crm114/mailfilter.cf antispam_crm_binary = /usr/share/crm114/mailreaver.crm antispam_crm_notspam_arg = --good antispam_crm_spam_arg = --spam antispam_signature = X-CRM114-CacheID antispam_spam_pattern_ignorecase = crm-spam* antispam_trash_pattern_ignorecase = Trash* antispam_unsure_pattern_ignorecase = crm-unsure* mail_log_events = delete undelete expunge copy mail_log_fields = uid box msgid size mail_log_group_events = quota = maildir:User quota quota_rule = ?:storage=0 quota_rule2 = Trash:storage=+20%% quota_vsizes = yes quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=80%% quota-warning 80 %u sieve = ~/.dovecot.sieve sieve_before = /usr/local/lib/dovecot/sieve/default.sieve sieve_default = /usr/local/lib/dovecot/sieve/default.sieve sieve_dir = ~/sieve sieve_global_dir = /usr/local/lib/dovecot/sieve/ stats_command_min_time = 1 mins stats_domain_min_time = 12 hours stats_ip_min_time = 12 hours stats_memory_limit = 16 M stats_refresh = 30 secs stats_session_min_time = 15 mins stats_track_cmds = yes stats_user_min_time = 1 hours zlib_save = gz zlib_save_level = 9 } protocols = imap sieve lmtp service anvil { client_limit = 2048 } service auth { client_limit = 2048 unix_listener auth-master { group = vchkpw mode = 0600 user = vpopmail } unix_listener auth-userdb { group = vchkpw mode = 0600 user = vpopmail } } service decode2text { executable = script /usr/local/libexec/dovecot/decode2text.sh unix_listener decode2text { mode = 0666 user = dovecot } } service imap-hibernate { unix_listener imap-hibernate { group = vchkpw mode = 0600 user = vpopmail } user = vpopmail } service imap-login { executable = /usr/local/libexec/dovecot/imap-login inet_listener imaps { address = 192.168.10.50 } process_limit = 1024 process_min_avail = 2 service_count = 0 } service imap { executable = /usr/local/libexec/dovecot/imap unix_listener imap-master { group = vchkpw mode = 0600 user = vpopmail } } service lmtp { executable = lmtp -L inet_listener lmtp { address = 192.168.10.50 127.0.0.1 ::1 port = 24 } process_min_avail = 5 unix_listener lmtp { group = vchkpw mode = 0600 user = vpopmail } } service managesieve-login { executable = managesieve-login inet_listener sieve { address = 0.0.0.0 port = 4190 } process_min_avail = 2 service_count = 0 } service managesieve { process_limit = 10 } service quota-warning { executable = script /usr/local/libexec/dovecot/quota-warning unix_listener quota-warning { mode = 0660 user = vpopmail } user = vpopmail } service stats { fifo_listener stats-mail { group = vchkpw mode = 0600 user = vpopmail } } ssl_cert = -<%s>-%m: %$ hostname = mail.cgilfe.it info_log_path = /var/log/dovecot/dovecot-lmtp.log log_path = /var/log/dovecot/dovecot-lmtp-err.log mail_fsync = optimized mail_plugin_dir = /usr/local/lib/dovecot mail_plugins = " notify zlib quota fts fts_solr stats acl mail_log sieve" postmaster_address = postmaster at mail.cgilfe.it rejection_reason = Il sistema ha rifiutato automaticamente il messaggio destinato a <%t> per il seguente motivo:%n%r rejection_subject = Messaggio Rifiutato: %s submission_host = 127.0.0.1 } protocol imap { imap_client_workarounds = delay-newmail tb-extra-mailbox-sep tb-lsub-flags imap_max_line_length = 64 k mail_plugin_dir = /usr/local/lib/dovecot mail_plugins = " notify zlib quota fts fts_solr stats acl imap_quota mail_log antispam imap_zlib imap_stats imap_acl" } protocol lda { auth_socket_path = /usr/local/var/run/dovecot/auth-userdb deliver_log_format = msgid=<%f>-<%s>-%m: %$ hostname = mail.cgilfe.it info_log_path = /var/log/dovecot/dovecot-lda.log log_path = /var/log/dovecot/dovecot-lda-err.log mail_fsync = optimized mail_plugin_dir = /usr/local/lib/dovecot mail_plugins = " notify zlib quota fts fts_solr stats acl mail_log sieve" postmaster_address = postmaster at mail.cgilfe.it rejection_reason = Il sistema ha rifiutato automaticamente il messaggio destinato a <%t> per il seguente motivo:%n%r rejection_subject = Messaggio Rifiutato: %s submission_host = 127.0.0.1 -- DAVIDE MARCHI Teorema Ferrara Srl Via Spronello 7 - FERRARA - 44121 Tel. 0532783161 Fax. 0532783368 ?????? THIS EMAIL AND ANY FILES TRANSMITTED WITH IT ARE CONFIDENTIAL AND INTENDED SOLELY FOR THE USE OF THE INDIVIDUAL OR ENTITY TO WHOM THEY ARE ADDRESSED. IF YOU HAVE RECEIVED THIS EMAIL IN ERROR PLEASE NOTIFY THE SYSTEM MANAGER. THIS MESSAGE CONTAINS CONFIDENTIAL INFORMATION AND IS INTENDED ONLY FOR THE INDIVIDUAL NAMED. IF YOU ARE NOT THE NAMED ADDRESSEE YOU SHOULD NOT DISSEMINATE, DISTRIBUTE OR COPY THIS E-MAIL. PLEASE NOTIFY THE SENDER IMMEDIATELY BY E-MAIL IF YOU HAVE RECEIVED THIS E-MAIL BY MISTAKE AND DELETE THIS E-MAIL FROM YOUR SYSTEM. IF YOU ARE NOT THE INTENDED RECIPIENT YOU ARE NOTIFIED THAT DISCLOSING, COPYING, DISTRIBUTING OR TAKING ANY ACTION IN RELIANCE ON THE CONTENTS OF THIS INFORMATION IS STRICTLY PROHIBITED. From tlx at leuxner.net Mon Sep 5 08:11:55 2016 From: tlx at leuxner.net (Thomas Leuxner) Date: Mon, 5 Sep 2016 10:11:55 +0200 Subject: [SOLVED] Error: istream-seekable: safe_mkstemp(/tmp/dovecot.imap.) failed In-Reply-To: <20160302085427.GA11532@nihlus.leuxner.net> References: <20160227082929.GA949@nihlus.leuxner.net> <3F4A98A8-A903-487D-AB22-644756F0B798@iki.fi> <20160302085427.GA11532@nihlus.leuxner.net> Message-ID: <20160905081141.GA2727@nihlus.leuxner.net> * Thomas Leuxner 2016.03.02 09:54: > * Timo Sirainen 2016.03.01 23:03: > > > > I'm seeing these recently: > > > > > > Feb 27 09:24:01 nihlus dovecot: imap(tlx at leuxner.net): Error: istream-seekable: safe_mkstemp(/tmp/dovecot.imap.) failed: No such file or directory > > > > You don't have a /tmp directory or imap is chrooted somewhere where there is no /tmp?.. Finally got down to the issue. The messages occur if the systemd-*service temporary directory gets deleted inside /tmp $l -d systemd* drwx------ 3 root root 60 Sep 5 09:29 systemd-private-37bbda70211940c593ef885fdfc1a1dc-dovecot.service-II7xjd Case solved. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 181 bytes Desc: Digital signature URL: From spiro at siriush.com Thu Sep 1 07:15:12 2016 From: spiro at siriush.com (Spiro Angeli) Date: Thu, 1 Sep 2016 09:15:12 +0200 Subject: Help setting up IMAP account in Outlook 2016 Message-ID: <004901d20420$950d7f40$bf287dc0$@siriush.com> Hi, I need help setting up mail clients for my email accounts running on dovecot ver 2.2.18 on CentOS release 6.8 (Final) and Plesk Web Admin Edition in Italian. For better reading I posted a forum thread where you can get all detail info: Help setting up IMAP account in Outlook 2016 Forum link: http://www.emailquestions.com/threads/help-setting-up-imap-account-in-outloo k-2016.13439 I was advised to " ask dovecot list for help with the IMAP server. " So I did and a user kindly suggested me to customize "15-mailboxes.conf " file. I have some technical questions I need to ask. Hope someone knows the answers. As Plesk continuously updates itself and manages most of the server the majority of CentOS fils report this lines on top of each file: ## ## Authentication for Plesk mail users. ## # PLEASE DON'T EDIT ANYTHING IN THIS FILE! ANY CHANGES WILL BE LOST ON UPGRADE. So if I customize this "15-mailboxes.conf " I need to make sure that Plesk does not overwrite. Also I need to make sure that it gets updated if Dovecot changes in its settings. So, my first question is: how do I manage to keep this "15-mailboxes.conf " file updatable by OS (when I update system) but at the same time retain customizations upon system updates? Second question has to do with customization: Please consult attachment for this question a. I wish to see existing server folders (Draft, Sent, Spam, Trash) on my MS Outlook mail client software only in Italian and not in English. What should I do? Roundcube displays them in Italian. AquaMail (on Android) displays them in Italian. b. I was told to solve this server wise and not mail box per mailbox. Is this correct? c. Can you please share a complete customized code, for my needs, for this "15-mailboxes.conf " so I can learn from it? Thank you, Spiro -------------- next part -------------- A non-text attachment was scrubbed... Name: IMAP Complete Sample.png Type: image/png Size: 101616 bytes Desc: not available URL: From amk at spamfence.net Tue Sep 6 03:03:47 2016 From: amk at spamfence.net (Andreas M. Kirchwitz) Date: Tue, 6 Sep 2016 03:03:47 +0000 (UTC) Subject: Dovecot 2.2.25 fails on SSL References: Message-ID: Joseph Tam wrote: > You can also affect where shared libraries are loaded using the > LD_LIBRARY_PATH environment variable. Try adding > > LD_LIBARY_PATH=/location/of/libdir; export LD_LIBARY_PATH > > to your service boot scripts. Thanks for the advice. It's fine for a temporary working around problems (like this one, so you're absolutely right :-) However, no program should require that for regular use because you never know exactly if somebody in the chain of executed code removes certain environment variables. And also the opposite way, if Dovecot runs external programs, those might not play well with an existing LD_LIBARY_PATH and incompatible SSL libraries. For every program I compile myself, I link it against my custom OpenSSL library (always newest version; distributions usually tend to stick with a specific version and only apply security fixes). For most packages (eg, Exim, Apache HTTP, BIND, INN, OpenSSH, Mutt, wget etc.) it pretty straightforward. Even if not, usually I can find a quick solution myself. Dovecot is the only package I know of where there are like a thousand places to put additional libs in the Makefile.am files, but most of them are totally ignored by configure. And even if I modify the Makefile files after configure, again most of the additional options get ignored. Never seen it that complicated. As Dovecot is my favorite IMAP daemon, there's no way I'm giving up. :-) I'm totally confident that the developers will find a good solution. And I'm happy to test every patch they come up with. Greetings, Andreas From mpeters at domblogger.net Tue Sep 6 03:38:11 2016 From: mpeters at domblogger.net (Michael A. Peters) Date: Mon, 5 Sep 2016 20:38:11 -0700 Subject: Dovecot 2.2.25 fails on SSL In-Reply-To: References: Message-ID: On 09/02/2016 12:50 PM, Joseph Tam wrote: > Aki Tuomi wrote: > >>>>> ldd /usr/local/Dovecot-2.2.25/lib/dovecot/libdcrypt_openssl.so >>>>> linux-gate.so.1 => (0x00dca000) >>>>> libcrypto.so.1.0.0 => not found >>>>> ... >> >> Well, then it leaves only option of using /etc/ld.so.conf >> so basically add your libssl location there. > > You can also affect where shared libraries are loaded using the > LD_LIBRARY_PATH environment variable. Try adding > > LD_LIBARY_PATH=/location/of/libdir; export LD_LIBARY_PATH > > to your service boot scripts. would an rpath solve the problem? I believe chrpath command can probably be used to set the rpath if it isn't set at compile time. From edgar at pettijohn-web.com Tue Sep 6 03:45:09 2016 From: edgar at pettijohn-web.com (Edgar Pettijohn) Date: Mon, 5 Sep 2016 22:45:09 -0500 Subject: Dovecot 2.2.25 fails on SSL In-Reply-To: References: Message-ID: <1C3AC8AB-772D-47EE-B727-A98251BC2797@pettijohn-web.com> Do you have multiple OpenSSL's installed? Sent from my iPhone > On Sep 5, 2016, at 10:38 PM, Michael A. Peters wrote: > > > >> On 09/02/2016 12:50 PM, Joseph Tam wrote: >> Aki Tuomi wrote: >> >>>>>> ldd /usr/local/Dovecot-2.2.25/lib/dovecot/libdcrypt_openssl.so >>>>>> linux-gate.so.1 => (0x00dca000) >>>>>> libcrypto.so.1.0.0 => not found >>>>>> ... >>> >>> Well, then it leaves only option of using /etc/ld.so.conf >>> so basically add your libssl location there. >> >> You can also affect where shared libraries are loaded using the >> LD_LIBRARY_PATH environment variable. Try adding >> >> LD_LIBARY_PATH=/location/of/libdir; export LD_LIBARY_PATH >> >> to your service boot scripts. > > would an rpath solve the problem? > > I believe chrpath command can probably be used to set the rpath if it isn't set at compile time. From Hajo.Locke at gmx.de Tue Sep 6 13:25:38 2016 From: Hajo.Locke at gmx.de (Hajo Locke) Date: Tue, 6 Sep 2016 15:25:38 +0200 Subject: sieve - find in header Message-ID: <0b73c341-02bf-c9c5-b28f-121c7f008756@gmx.de> Hello list, have a problem with sieve script. I want to perform an action if an arbitrary headerline contains a defined string. I tried with regex: if header :regex [".*"] ["searchstri.*"] { fileinto "junk"; } This is not working because regex is only used in 2nd argument ["searchstri.*"] In 1st argument [".*"] no regex is used, sieve expects just plain string. Something like this would work, if "x-myheader" contains "searchstring": if header :regex ["x-myheader"] ["searchstri.*"].... How to solve this case and find a string in arbitrary/unknown headerline? Thanks, Hajo From stephan at rename-it.nl Tue Sep 6 13:45:19 2016 From: stephan at rename-it.nl (Stephan Bosch) Date: Tue, 6 Sep 2016 15:45:19 +0200 Subject: sieve - find in header In-Reply-To: <0b73c341-02bf-c9c5-b28f-121c7f008756@gmx.de> References: <0b73c341-02bf-c9c5-b28f-121c7f008756@gmx.de> Message-ID: Op 6-9-2016 om 15:25 schreef Hajo Locke: > Hello list, > > have a problem with sieve script. I want to perform an action if an > arbitrary headerline contains a defined string. > I tried with regex: > > if header :regex [".*"] ["searchstri.*"] > { > fileinto "junk"; > } > > This is not working because regex is only used in 2nd argument > ["searchstri.*"] > In 1st argument [".*"] no regex is used, sieve expects just plain string. > Something like this would work, if "x-myheader" contains "searchstring": > if header :regex ["x-myheader"] ["searchstri.*"].... > > How to solve this case and find a string in arbitrary/unknown headerline? I don't think the Sieve language supports a test like that at this time. Regards, Stephan. From aki.tuomi at dovecot.fi Wed Sep 7 09:33:12 2016 From: aki.tuomi at dovecot.fi (Aki Tuomi) Date: Wed, 7 Sep 2016 12:33:12 +0300 Subject: doveadm quota recalc returns a Segmentation fault In-Reply-To: <663852094.10.1472905186721@appsuite-dev.open-xchange.com> References: <25cd5e82b26055f60b9ab0720fa24e1e@skye.it> <663852094.10.1472905186721@appsuite-dev.open-xchange.com> Message-ID: <2a7bfa59-cf92-e65c-39e3-490fbccee25e@dovecot.fi> On 03.09.2016 15:19, Aki Tuomi wrote: >> On September 3, 2016 at 1:30 PM Alessio Cecchi wrote: >> >> >> Hi, >> >> with the latest dovecot-ee version (2.2.25.4 (5cb7c97)) if I run >> ?doveadm quota recalc -u alessio at skye.it? dovecot return a ?Segmentation >> fault? (but the quota is update fine). Since dovecot version 2.2.24.3 >> (55cdc32) works fine. >> >> This is my quota backends configuration: >> >> plugin { >> quota = maildir:UserQuota >> quota2 = dict:Quota Usage::noenforcing:proxy::sqlquota >> } >> dict { >> sqlquota = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext >> } >> >> I found that if I comment the line ?quota2 = dict:?? doveadm quota >> recalc works fine. I have two quota backends because with dict I can >> store everybody's current quota usage in a SQL database for fast >> retrieving (like quota_clone plugin but I cannot switch to it >> immediately). >> >> I hope can be fixed. >> Thanks >> -- >> Alessio Cecchi >> Postmaster AT http://www.qboxmail.it >> http://www.linkedin.com/in/alessice > > Thank you for your report. We'll look into it. > > Aki Fixed in https://github.com/dovecot/core/commit/e525e4215127aeb76a3b5a31f1a0d24a68f37c68 Aki From reuben-dovecot at reub.net Wed Sep 7 09:44:42 2016 From: reuben-dovecot at reub.net (Reuben Farrelly) Date: Wed, 7 Sep 2016 19:44:42 +1000 Subject: Sieve Script Replication Gliches (Report #2) In-Reply-To: <76071c04-b7af-be38-a7e6-6d167814f021@rename-it.nl> References: <4ece61c7-5950-9231-7efe-cf2eb9e270b1@reub.net> <7bf64b2f-fb63-316c-fe92-98da90b1b8f5@rename-it.nl> <8e809d23-d5b5-a35b-31a7-13f3c3e49250@reub.net> <76071c04-b7af-be38-a7e6-6d167814f021@rename-it.nl> Message-ID: <373eb6ad-a770-76c7-9683-b0a76255a807@reub.net> On 24/08/2016 10:58 AM, Stephan Bosch wrote: > Op 8/1/2016 om 3:37 AM schreef Reuben Farrelly: >> In other words, the rules did eventually get propagated across, and >> based on the file sizes they are complete. >> >> But there is obviously something amiss with handling of dates (which >> in turn may relate to how the system determines that the file on each >> server is up to date or not, I guess). In this case the two systems >> are in different timezones - the primary is GMT+10 and the secondary >> GMT+8. >> >> Also the status of active users is not always replicated either. On >> one host the output of 'doveadm sieve list -A' shows my own account as >> ACTIVE but the other host shows all users - except for my account - as >> being active, and the sieve script for my account is not being >> replicated. > This should fix the file timestamps getting set at unix time_t 0: > > https://github.com/dovecot/pigeonhole/commit/af91dd3f2d78da752292dce27f9e76d2c936868c > > I haven't been able to replicate the situation where this occurs though, > since my current replication setup is very simple. > > I need to extend my replication setup to test this more thoroughly. > > So, please test this at your end first. > > Regards, > > Stephan. Thanks Stephan. I have re-tested and the dates are now all look to be correct on the replicated scripts. We can cross that off as fixed now. There is still a problem with the scripts not being replicated though between replicated hosts. They do eventually catch up many hours later. I don't know what the trigger is for them updating but it's not triggered by delivery attempts (as every time a delivery was attempted the secondary complained about the missing sieve script). Thanks, Reuben From dovecot at jl.wasmer.ca Wed Sep 7 22:40:27 2016 From: dovecot at jl.wasmer.ca (Jean-Luc Wasmer) Date: 07 Sep 2016 18:40:27 -0400 Subject: Sieve Script Replication Gliches (Report #2) In-Reply-To: <373eb6ad-a770-76c7-9683-b0a76255a807@reub.net> References: <4ece61c7-5950-9231-7efe-cf2eb9e270b1@reub.net> <7bf64b2f-fb63-316c-fe92-98da90b1b8f5@rename-it.nl> <8e809d23-d5b5-a35b-31a7-13f3c3e49250@reub.net> <76071c04-b7af-be38-a7e6-6d167814f021@rename-it.nl> <373eb6ad-a770-76c7-9683-b0a76255a807@reub.net> Message-ID: Hey guys, I was gonna report this issue too. New script FILES get replicated right away but changes to an existing file are only replicated with a full sync (looks like this is every 24h by default). My assumption is this happens bc there?s no index file for sieve scripts. Cheers, Jean-Luc > On Sep 7, 2016, at 5:44 AM, Reuben Farrelly wrote: > > > > > > On 24/08/2016 10:58 AM, Stephan Bosch wrote: >> >> >> Op 8/1/2016 om 3:37 AM schreef Reuben Farrelly: >>> >>> >>> In other words, the rules did eventually get propagated across, and >>> based on the file sizes they are complete. >>> >>> >>> But there is obviously something amiss with handling of dates (which >>> in turn may relate to how the system determines that the file on each >>> server is up to date or not, I guess). In this case the two systems >>> are in different timezones - the primary is GMT+10 and the secondary >>> GMT+8. >>> >>> >>> Also the status of active users is not always replicated either. On >>> one host the output of 'doveadm sieve list -A' shows my own account as >>> ACTIVE but the other host shows all users - except for my account - as >>> being active, and the sieve script for my account is not being >>> replicated. >>> >> >> This should fix the file timestamps getting set at unix time_t 0: >> >> >> https://github.com/dovecot/pigeonhole/commit/af91dd3f2d78da752292dce27f9e76d2c936868c >> >> >> I haven't been able to replicate the situation where this occurs though, >> since my current replication setup is very simple. >> >> >> I need to extend my replication setup to test this more thoroughly. >> >> >> So, please test this at your end first. >> >> >> Regards, >> >> >> Stephan. >> > > > > > Thanks Stephan. I have re-tested and the dates are now all look to be? > correct on the replicated scripts. We can cross that off as fixed now. > > > There is still a problem with the scripts not being replicated though? > between replicated hosts. They do eventually catch up many hours? > later. I don't know what the trigger is for them updating but it's not? > triggered by delivery attempts (as every time a delivery was attempted? > the secondary complained about the missing sieve script). > > > Thanks, > Reuben > From kremels at kreme.com Thu Sep 8 18:51:06 2016 From: kremels at kreme.com (@lbutlr) Date: Thu, 8 Sep 2016 12:51:06 -0600 Subject: sieve - find in header In-Reply-To: <0b73c341-02bf-c9c5-b28f-121c7f008756@gmx.de> References: <0b73c341-02bf-c9c5-b28f-121c7f008756@gmx.de> Message-ID: <2400C1A9-F0E6-4175-AC9B-6474D16D4A49@kreme.com> On Tue Sep 06 2016 07:25:38 Hajo Locke said > How to solve this case and find a string in arbitrary/unknown headerline? You?ll have to create multiple sieves covering the possible headers. From tom at whyscream.net Thu Sep 8 20:13:21 2016 From: tom at whyscream.net (Tom Hendrikx) Date: Thu, 8 Sep 2016 22:13:21 +0200 Subject: sieve - find in header In-Reply-To: <2400C1A9-F0E6-4175-AC9B-6474D16D4A49@kreme.com> References: <0b73c341-02bf-c9c5-b28f-121c7f008756@gmx.de> <2400C1A9-F0E6-4175-AC9B-6474D16D4A49@kreme.com> Message-ID: On 08-09-16 20:51, @lbutlr wrote: > On Tue Sep 06 2016 07:25:38 Hajo Locke said >> How to solve this case and find a string in arbitrary/unknown headerline? > > You?ll have to create multiple sieves covering the possible headers. > Maybe when you tell what you're trying to achieve, we can give you better advice. Almost no one is looking for random strings in random headers, since headers are (somewhat) structured data. Could you share with us what string you are looking and why you don't know up front which header field you need to use to look for it? Kind regards, Tom -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: OpenPGP digital signature URL: From jtam.home at gmail.com Thu Sep 8 21:50:14 2016 From: jtam.home at gmail.com (Joseph Tam) Date: Thu, 8 Sep 2016 14:50:14 -0700 (PDT) Subject: Dovecot 2.2.25 fails on SSL In-Reply-To: References: Message-ID: Andreas M. Kirchwitz writes: >> You can also affect where shared libraries are loaded using the >> LD_LIBRARY_PATH environment variable. Try adding >> >> LD_LIBARY_PATH=/location/of/libdir; export LD_LIBARY_PATH >> >> to your service boot scripts. > > Thanks for the advice. It's fine for a temporary working around > problems (like this one, so you're absolutely right :-) > > However, no program should require that for regular use because > you never know exactly if somebody in the chain of executed code > removes certain environment variables. And also the opposite way, > if Dovecot runs external programs, those might not play well > with an existing LD_LIBARY_PATH and incompatible SSL libraries. Sure, I understand this, but it's handy in lots of cases where you need to loading from an alternate location. Not everyone has access to resource to recompile. > For every program I compile myself, I link it against my custom > OpenSSL library (always newest version; distributions usually tend > to stick with a specific version and only apply security fixes). OK, the origin of your problem becomes clearer. You can hardcode these paths into the executables by doing something like env CFLAGS='-I/my'ssl/include' \ LDFLAGS='-L/your/ssl/lib -Wl,-rpath,/my/ssl/lib' \ configure ... I use this myself (except the -Wl part since these libs are symlinked to my shared library path). I think "-R/my/ssl/lib" might also be synonymous with -Wl,... > Dovecot is the only package I know of where there are like a thousand > places to put additional libs in the Makefile.am files, but most of > them are totally ignored by configure. I don't have that problem -- I use configure to tell dovecot where to find my self-compiled openssl, and the resulting executables load from where I want. Joseph Tam From Hajo.Locke at gmx.de Fri Sep 9 06:35:57 2016 From: Hajo.Locke at gmx.de (Hajo Locke) Date: Fri, 9 Sep 2016 08:35:57 +0200 Subject: sieve - find in header In-Reply-To: References: <0b73c341-02bf-c9c5-b28f-121c7f008756@gmx.de> <2400C1A9-F0E6-4175-AC9B-6474D16D4A49@kreme.com> Message-ID: <333410d6-e1fa-7b2d-97ca-2b5e222d6acd@gmx.de> Hello, thanks for your help. Am 08.09.2016 um 22:13 schrieb Tom Hendrikx: > On 08-09-16 20:51, @lbutlr wrote: >> On Tue Sep 06 2016 07:25:38 Hajo Locke said >>> How to solve this case and find a string in arbitrary/unknown headerline? >> You?ll have to create multiple sieves covering the possible headers. >> > Maybe when you tell what you're trying to achieve, we can give you > better advice. > > Almost no one is looking for random strings in random headers, since > headers are (somewhat) structured data. Could you share with us what > string you are looking and why you don't know up front which header > field you need to use to look for it? We have a webmailer where experienced users are able to create filterrules. They can can choose from a lot of predefined headerlines and insert text to find. After that they choose a respective action. To cover all cases we had a choosable option "complete header" to find a string in every headerline without knowing the specific line. This is done easily in procmail: :0 H * ^*searchstring i agree that an option like this is needless and it was a mistake to offer it. If this is not achievable in sieve, we have to remove this search-option. May be we replace by a kind of custom-headerline. > > Kind regards, > Tom > > Thanks, Hajo From tom at whyscream.net Fri Sep 9 07:24:40 2016 From: tom at whyscream.net (Tom Hendrikx) Date: Fri, 9 Sep 2016 09:24:40 +0200 Subject: sieve - find in header In-Reply-To: <333410d6-e1fa-7b2d-97ca-2b5e222d6acd@gmx.de> References: <0b73c341-02bf-c9c5-b28f-121c7f008756@gmx.de> <2400C1A9-F0E6-4175-AC9B-6474D16D4A49@kreme.com> <333410d6-e1fa-7b2d-97ca-2b5e222d6acd@gmx.de> Message-ID: On 09-09-16 08:35, Hajo Locke wrote: > Hello, > > thanks for your help. > > Am 08.09.2016 um 22:13 schrieb Tom Hendrikx: >> On 08-09-16 20:51, @lbutlr wrote: >>> On Tue Sep 06 2016 07:25:38 Hajo Locke said >>>> How to solve this case and find a string in arbitrary/unknown >>>> headerline? >>> You?ll have to create multiple sieves covering the possible headers. >>> >> Maybe when you tell what you're trying to achieve, we can give you >> better advice. >> >> Almost no one is looking for random strings in random headers, since >> headers are (somewhat) structured data. Could you share with us what >> string you are looking and why you don't know up front which header >> field you need to use to look for it? > > We have a webmailer where experienced users are able to create > filterrules. They can can choose from a lot of predefined headerlines > and insert text to find. After that they choose a respective action. > To cover all cases we had a choosable option "complete header" to find a > string in every headerline without knowing the specific line. This is > done easily in procmail: > > :0 H > * ^*searchstring > > i agree that an option like this is needless and it was a mistake to > offer it. > If this is not achievable in sieve, we have to remove this > search-option. May be we replace by a kind of custom-headerline. I guess that would be my solution too. Maybe you can check the existing configurations from your users to see how many ppl actually use this action. If there any only a few, then that might be used an an extra argument in the discussion on removing the option altogether. Especially when you are able to manually replace the existing uses with a construct that sieve *does* support (f.i. someone uses this because wasn't able to determine which header name was actually needed, which is easier when you actually filtered a few messages). Kind regards, Tom From bunkertor at tiscali.it Fri Sep 9 15:51:28 2016 From: bunkertor at tiscali.it (bunkertor) Date: Fri, 9 Sep 2016 18:51:28 +0300 Subject: =?utf-8?B?bm91dmVsbGVzIGluY3JveWFibGVzIQ==?= Message-ID: <00008346c567$bb93e600$73098788$@tiscali.it> Hey, Ces nouvelles vont vous surprendre, je vous le dis! Jeter juste un coup d??il Je t'embrasse, bunkertor From karol at augustin.pl Sat Sep 10 21:27:52 2016 From: karol at augustin.pl (Karol Augustin) Date: Sat, 10 Sep 2016 22:27:52 +0100 Subject: Use of obox2 and AWS S3 In-Reply-To: References: Message-ID: <1fbb9ac24386c29a92a320d2d1a399bd@augustin.pl> On 2016-09-01 2:59, Raymond Sellars wrote: > Any one running a dovecot solution within AWS in general? Interested > in best practice for the storage layer. Although NFS is possible its > not really optimised for elastic cloud type hosting. > > Thanks > Raymond Hi Raymond, I am using dovecot on EC2 instance with EFS storage backend. As the initial performance is bad it scales pretty quickly with space used. So it handles maildir storage very well. The latency is a little high but with indexes there is no problem. It works as NFS storage with unlimited space (8EB) and you pay for what you use. So it turns out to be very cost effective as you do not have to worry about reserving space. For better performance you can keep indexes on ephermal storage or EBS, which both have much lower access times. As for 'elastic cloud type hosting' EFS store can be used by thousands of instances in multiple AWS AZs at the same time, so it looks like it is somehow optimized. Best, Karol -- Karol Augustin karol at augustin.pl http://karolaugustin.pl/ +353 85 775 5312 From piper at hrz.uni-marburg.de Mon Sep 12 06:02:58 2016 From: piper at hrz.uni-marburg.de (Piper Andreas) Date: Mon, 12 Sep 2016 08:02:58 +0200 Subject: 2.2.25 dumps core with "Panic: file imap-client.c: line 837 (client_check_command_hangs): assertion failed: (client->io != NULL)" In-Reply-To: <57b2f57f-3643-6198-f800-1cbb200ee6c8@dovecot.fi> References: <52dc785a-b2b6-33df-7d8a-e6f3520969e9@hrz.uni-marburg.de> <57b2f57f-3643-6198-f800-1cbb200ee6c8@dovecot.fi> Message-ID: <826ca1d4-ccec-6aae-68dd-6e08a7cff3dd@hrz.uni-marburg.de> Am 01.09.2016 um 14:17 schrieb Aki Tuomi: > > > On 01.09.2016 14:20, Piper Andreas wrote: >> Hello Timo, >> >> with the newly build CSW-package the crashes still occur, today already >> twice within two hours. The log shows always the same: >> >> Sep 1 11:50:13 surz113 dovecot: [ID 583609 mail.crit] imap(user): >> Panic: file imap-client.c: line 837 (client_check_command_hangs): >> assertion failed: (client->io != NULL) >> Sep 1 11:50:13 surz113 dovecot: [ID 583609 mail.error] imap(user): >> Error: Raw backtrace: 0xffff80ffb633d88d -> 0xffff80ffb636ae82 -> >> 0x41eba0 -> 0x41ecf3 -> 0xffff80ffb635d248 -> 0xffff80ffb6350d2f -> >> 0xffff80ffb63519e0 -> 0xffff80ffb6350dce -> 0xffff80ffb6350f90 -> >> 0xffff80ffb62e3ebb -> 0x42f169 -> 0x41292c >> Sep 1 11:50:13 surz113 dovecot: [ID 583609 mail.crit] imap(user): >> Fatal: master: service(imap): child 11227 killed with signal 6 (core not >> dumped - set service imap { drop_priv_before_exec=yes }) >> >> This happens with different users, the last one with a relatively small >> mailbox of 600MB. >> >> doveconf -n is attached. >> >> Dovecot 2.2.25 >> OS: Solaris 11 (SunOS 5.11 11.3 i86pc i386 i86pc) >> Virtualization: VMware >> Filesystem: ZFS >> active users: ~4000 >> >> The system was transferred at beginning of last week from an old >> SPARC-station with Solaris 10 running dovecot-2.2.15 to this virtualized >> platform under VMware. The mailboxes (maildir-format) were transferred >> without change by switching the storage-hardware to the new server. I >> had to remove all dovecot.index*-files for errors of "CPU Architecture >> changed", but after doing this all seemed to work ok except for these >> occasional crashes. >> >> If you need more information, please let me know. >> >> Thanks for any help, >> Andreas >> >>> Hi Jake, >>> >>> thanks for fixing this. I have installed now the newly built package on >>> my production system and will report, if any more core dumps occur. >>> >>> Regards, >>> Andreas >>> > > Hi! > > Is it possible for you test out a small patch (attached) to see if it > fixes this issue? > > Aki > Hello Aki, your patch missed a trailing '{', which was corrected by the OpenCSW-maintainer, who implemented the patch into a test-version of dovecot-2.2.25 for me. I started this version on my production system on Friday morning (09. Sep, 07:30). After that the server crashed once on Sunday evening (11.Sep, 20:40), but with a completely different error message: Sep 11 20:40:37 surz113 dovecot: [ID 583609 mail.crit] imap(user1): Panic: file imap-fetch.c: line 555 (imap_fetch_more): assertion failed: (ctx->client->output_cmd_lock == NULL || ctx->client->output_cmd_lock == cmd) Sep 11 20:40:37 surz113 dovecot: [ID 583609 mail.error] imap(user1): Error: Raw backtrace: 0xffff80ffb5fcd88d -> 0xffff80ffb5ffae82 -> 0x4225c1 -> 0x4153e5 -> 0x41ffae -> 0x41e4bf -> 0x41e865 -> 0x41ede4 -> 0xffff80ffb5fe0d2f -> 0xffff80ffb5fe19e0 -> 0xffff80ffb5fe0dce -> 0xffff80ffb5fe0f90 -> 0xffff80ffb5f73ebb -> 0x42f169 -> 0x41292c Sep 11 20:40:37 surz113 dovecot: [ID 583609 mail.crit] imap(user1): Fatal: master: service(imap): child 12150 killed with signal 6 (core not dumped - set service imap { drop_priv_before_exec=yes }) May this be related to your patch, or is it something completely different? Thanks and best regards, Andreas -- ________________________________________________________________________ Dr. Andreas Piper, Hochschulrechenzentrum der Philipps-Univ. Marburg Hans-Meerwein-Stra?e, 35032 Marburg, Germany Phone: +49 6421 28-23521 Fax: -26994 E-Mail: piper at HRZ.Uni-Marburg.DE -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 5176 bytes Desc: S/MIME Cryptographic Signature URL: From aki.tuomi at dovecot.fi Mon Sep 12 06:16:08 2016 From: aki.tuomi at dovecot.fi (Aki Tuomi) Date: Mon, 12 Sep 2016 09:16:08 +0300 Subject: 2.2.25 dumps core with "Panic: file imap-client.c: line 837 (client_check_command_hangs): assertion failed: (client->io != NULL)" In-Reply-To: <826ca1d4-ccec-6aae-68dd-6e08a7cff3dd@hrz.uni-marburg.de> References: <52dc785a-b2b6-33df-7d8a-e6f3520969e9@hrz.uni-marburg.de> <57b2f57f-3643-6198-f800-1cbb200ee6c8@dovecot.fi> <826ca1d4-ccec-6aae-68dd-6e08a7cff3dd@hrz.uni-marburg.de> Message-ID: <8930005b-96b1-5fa4-ad9d-e073001e49ce@dovecot.fi> On 12.09.2016 09:02, Piper Andreas wrote: > Am 01.09.2016 um 14:17 schrieb Aki Tuomi: >> >> On 01.09.2016 14:20, Piper Andreas wrote: >>> Hello Timo, >>> >>> with the newly build CSW-package the crashes still occur, today already >>> twice within two hours. The log shows always the same: >>> >>> Sep 1 11:50:13 surz113 dovecot: [ID 583609 mail.crit] imap(user): >>> Panic: file imap-client.c: line 837 (client_check_command_hangs): >>> assertion failed: (client->io != NULL) >>> Sep 1 11:50:13 surz113 dovecot: [ID 583609 mail.error] imap(user): >>> Error: Raw backtrace: 0xffff80ffb633d88d -> 0xffff80ffb636ae82 -> >>> 0x41eba0 -> 0x41ecf3 -> 0xffff80ffb635d248 -> 0xffff80ffb6350d2f -> >>> 0xffff80ffb63519e0 -> 0xffff80ffb6350dce -> 0xffff80ffb6350f90 -> >>> 0xffff80ffb62e3ebb -> 0x42f169 -> 0x41292c >>> Sep 1 11:50:13 surz113 dovecot: [ID 583609 mail.crit] imap(user): >>> Fatal: master: service(imap): child 11227 killed with signal 6 (core not >>> dumped - set service imap { drop_priv_before_exec=yes }) >>> >>> This happens with different users, the last one with a relatively small >>> mailbox of 600MB. >>> >>> doveconf -n is attached. >>> >>> Dovecot 2.2.25 >>> OS: Solaris 11 (SunOS 5.11 11.3 i86pc i386 i86pc) >>> Virtualization: VMware >>> Filesystem: ZFS >>> active users: ~4000 >>> >>> The system was transferred at beginning of last week from an old >>> SPARC-station with Solaris 10 running dovecot-2.2.15 to this virtualized >>> platform under VMware. The mailboxes (maildir-format) were transferred >>> without change by switching the storage-hardware to the new server. I >>> had to remove all dovecot.index*-files for errors of "CPU Architecture >>> changed", but after doing this all seemed to work ok except for these >>> occasional crashes. >>> >>> If you need more information, please let me know. >>> >>> Thanks for any help, >>> Andreas >>> >>>> Hi Jake, >>>> >>>> thanks for fixing this. I have installed now the newly built package on >>>> my production system and will report, if any more core dumps occur. >>>> >>>> Regards, >>>> Andreas >>>> >> Hi! >> >> Is it possible for you test out a small patch (attached) to see if it >> fixes this issue? >> >> Aki >> > Hello Aki, > > your patch missed a trailing '{', which was corrected by the > OpenCSW-maintainer, who implemented the patch into a test-version of > dovecot-2.2.25 for me. > > I started this version on my production system on Friday morning (09. > Sep, 07:30). After that the server crashed once on Sunday evening > (11.Sep, 20:40), but with a completely different error message: > > Sep 11 20:40:37 surz113 dovecot: [ID 583609 mail.crit] imap(user1): > Panic: file imap-fetch.c: line 555 (imap_fetch_more): assertion failed: > (ctx->client->output_cmd_lock == NULL || ctx->client->output_cmd_lock == > cmd) > Sep 11 20:40:37 surz113 dovecot: [ID 583609 mail.error] imap(user1): > Error: Raw backtrace: 0xffff80ffb5fcd88d -> 0xffff80ffb5ffae82 -> > 0x4225c1 -> 0x4153e5 -> 0x41ffae -> 0x41e4bf -> 0x41e865 -> 0x41ede4 -> > 0xffff80ffb5fe0d2f -> 0xffff80ffb5fe19e0 -> 0xffff80ffb5fe0dce -> > 0xffff80ffb5fe0f90 -> 0xffff80ffb5f73ebb -> 0x42f169 -> 0x41292c > Sep 11 20:40:37 surz113 dovecot: [ID 583609 mail.crit] imap(user1): > Fatal: master: service(imap): child 12150 killed with signal 6 (core not > dumped - set service imap { drop_priv_before_exec=yes }) > > May this be related to your patch, or is it something completely different? > > Thanks and best regards, > Andreas Hi! Apologies, I forgot to send you an email about this, it should be fixed with https://github.com/dovecot/core/commit/cd9cf45dcf9fcabc89e156117c4dcf464ec4eb85 Aki From andre.paiz at iqm.unicamp.br Mon Sep 12 13:07:27 2016 From: andre.paiz at iqm.unicamp.br (Andre Luiz Paiz) Date: Mon, 12 Sep 2016 10:07:27 -0300 Subject: Sieve filtering SPAM and redirect Message-ID: <20160912100727.Horde.nQpP3RpYuP7Czf0VaePU3eT@webmail.iqm.unicamp.br> Hi every body. I'm having difficulties to setup my filters correctly and I really need some help. This is my environment: Mail that is received on the system passes through a sieve_before script that checks the message header for SPAM tag and store it into the "Junk" folder. If no spam tag is found, mail goes to inbox. My horde webmail is integrated with sieve, so this allow users to create their own scripts to store mail in other folders or forward them to external accounts. And this are the problems I'm having: 1 - When users create a forward filter to redirect to external mail, mail that is stored inside the Junk folder are not forwarded; 2 - If I insert a "keep" parameter inside the sieve_before script to keep processing the rules, the mail is forwarded, but becomes duplicated and stored inside the inbox or other folders, if the user has more filters. 3 - If I move my sieve_before script to sieve_after, the same thing happened, one copy is stored on the user selected folder (inbox or filtered), including mail marked as SPAM. My needs are: I need to separate SPAM and HAM e-mail before users intervention (so I need sieve_before). But this SPAM e-mail has to be forwarded if a forward filter is created. Is it possible to use a sieve_after script that moves (instead of copy) the user mail marked as SPAM to the Junk folder even if it was stored in a different folder? Is that possible? Thanks a lot. Here is my config: sieve_after content: require "fileinto"; if header :contains "X-Spam-Flag" "YES" { ? fileinto "Junk"; } dovecot --version 2.2.10 # 2.2.10: /etc/dovecot/dovecot.conf # OS: Linux 3.10.0-327.28.2.el7.x86_64 x86_64 CentOS Linux release 7.2.1511 (Core) auth_cache_negative_ttl = 0 auth_cache_size = 10 M auth_mechanisms = plain login auth_username_format = %Ln default_client_limit = 1024 default_process_limit = 1024 default_vsz_limit = 1 G mail_location = maildir:~/Maildir:INDEX=/var/indexes/dovecot/%u mail_plugins = " mail_log notify quota" mail_temp_dir = /var/tmp managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave imapflags notify mbox_write_locks = fcntl mmap_disable = yes namespace inbox { ? inbox = yes ? location = ? mailbox Drafts { ??? special_use = \Drafts ? } ? mailbox Junk { ??? special_use = \Junk ? } ? mailbox Sent { ??? special_use = \Sent ? } ? mailbox "Sent Messages" { ??? special_use = \Sent ? } ? mailbox Trash { ??? special_use = \Trash ? } ? prefix = } passdb { ? driver = pam } passdb { ? args = /etc/dovecot/dovecot-ldap.conf.ext ? driver = ldap } plugin { ? mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename ? mail_log_fields = uid box msgid size ? quota = maildir ? quota_exceeded_message = Cota de armazenamento de e-mails excedida. Quota exceeded for mail store. ? quota_warning = storage=95%% quota-warning 95 %u ? quota_warning2 = storage=85%% quota-warning 85 %u ? quota_warning3 = storage=75%% quota-warning 75 %u ? sieve = ~/.dovecot.sieve ? sieve_before = /var/lib/dovecot/sieve/default.sieve ? sieve_default = /var/lib/dovecot/sieve/default.sieve ? sieve_dir = ~/sieve ? sieve_extensions = +notify +imapflags } protocols = imap pop3 lmtp sieve service anvil { ? client_limit = 14100 ? process_limit = 1 } service auth-worker { ? client_limit = 1 ? process_limit = 50 ? service_count = 1 } service auth { ? client_limit = 15100 ? process_limit = 1 } service dict { ? client_limit = 1 } service imap-login { ? inet_listener imap { ??? port = 143 ? } ? inet_listener imaps { ??? port = 993 ??? ssl = yes ? } ? process_limit = 6000 ? process_min_avail = 10 ? service_count = 1 ? vsz_limit = 256 M } service imap { ? process_limit = 3000 ? vsz_limit = 1 G } service lmtp { ? client_limit = 1 ? inet_listener lmtp { ??? port = 24 ? } ? unix_listener lmtp { ??? mode = 0666 ? } } service managesieve-login { ? inet_listener sieve { ??? port = 4190 ? } } service pop3-login { ? inet_listener pop3 { ??? port = 110 ? } ? inet_listener pop3s { ??? port = 995 ??? ssl = yes ? } ? process_limit = 6000 ? process_min_avail = 10 ? service_count = 1 } service pop3 { ? process_limit = 3000 } service quota-warning { ? executable = script /usr/local/bin/quota-warning.sh ? unix_listener quota-warning { ??? mode = 0666 ??? user = dovecot ? } ? user = root } ssl = required ssl_cert = ************** ssl_key = ************** userdb { ? driver = passwd } userdb { ? args = /etc/dovecot/dovecot-ldap.conf.ext ? driver = ldap } protocol lmtp { ? mail_plugins = " mail_log notify quota sieve quota" } protocol imap { ? mail_plugins = " mail_log notify quota imap_quota" } Atenciosamente ? Andr? Luiz Paiz Administra??o de Redes Instituto de Qu?mica ? Unicamp andre.paiz at iqm.unicamp.br Telefone: (19)3521-0197 From rs at sys4.de Mon Sep 12 13:50:27 2016 From: rs at sys4.de (Robert Schetterer) Date: Mon, 12 Sep 2016 15:50:27 +0200 Subject: Sieve filtering SPAM and redirect In-Reply-To: <20160912100727.Horde.nQpP3RpYuP7Czf0VaePU3eT@webmail.iqm.unicamp.br> References: <20160912100727.Horde.nQpP3RpYuP7Czf0VaePU3eT@webmail.iqm.unicamp.br> Message-ID: <8bd4b840-bde2-f180-7a60-7b6e60a8084e@sys4.de> Am 12.09.2016 um 15:07 schrieb Andre Luiz Paiz: > Hi every body. I'm having difficulties to setup my filters correctly and > I really need some help. > > This is my environment: > > Mail that is received on the system passes through a sieve_before script > that checks the message header for SPAM tag and store it into the "Junk" > folder. If no spam tag is found, mail goes to inbox. > My horde webmail is integrated with sieve, so this allow users to create > their own scripts to store mail in other folders or forward them to > external accounts. And this are the problems I'm having: > > 1 - When users create a forward filter to redirect to external mail, > mail that is stored inside the Junk folder are not forwarded; > 2 - If I insert a "keep" parameter inside the sieve_before script to > keep processing the rules, the mail is forwarded, but becomes duplicated > and stored inside the inbox or other folders, if the user has more filters. > 3 - If I move my sieve_before script to sieve_after, the same thing > happened, one copy is stored on the user selected folder (inbox or > filtered), including mail marked as SPAM. > > My needs are: I need to separate SPAM and HAM e-mail before users > intervention (so I need sieve_before). But this SPAM e-mail has to be > forwarded if a forward filter is created. > Is it possible to use a sieve_after script that moves (instead of copy) > the user mail marked as SPAM to the Junk folder even if it was stored in > a different folder? > > Is that possible? > > Thanks a lot. > > Here is my config: > > sieve_after content: > require "fileinto"; > if header :contains "X-Spam-Flag" "YES" { > fileinto "Junk"; > } > > dovecot --version > 2.2.10 > > # 2.2.10: /etc/dovecot/dovecot.conf > # OS: Linux 3.10.0-327.28.2.el7.x86_64 x86_64 CentOS Linux release > 7.2.1511 (Core) > auth_cache_negative_ttl = 0 > auth_cache_size = 10 M > auth_mechanisms = plain login > auth_username_format = %Ln > default_client_limit = 1024 > default_process_limit = 1024 > default_vsz_limit = 1 G > mail_location = maildir:~/Maildir:INDEX=/var/indexes/dovecot/%u > mail_plugins = " mail_log notify quota" > mail_temp_dir = /var/tmp > managesieve_notify_capability = mailto > managesieve_sieve_capability = fileinto reject envelope > encoded-character vacation subaddress comparator-i;ascii-numeric > relational regex imap4flags copy include variables body > enotify environment mailbox date ihave imapflags notify > mbox_write_locks = fcntl > mmap_disable = yes > namespace inbox { > inbox = yes > location = > mailbox Drafts { > special_use = \Drafts > } > mailbox Junk { > special_use = \Junk > } > mailbox Sent { > special_use = \Sent > } > mailbox "Sent Messages" { > special_use = \Sent > } > mailbox Trash { > special_use = \Trash > } > prefix = > } > passdb { > driver = pam > } > passdb { > args = /etc/dovecot/dovecot-ldap.conf.ext > driver = ldap > } > plugin { > mail_log_events = delete undelete expunge copy mailbox_delete > mailbox_rename > mail_log_fields = uid box msgid size > quota = maildir > quota_exceeded_message = Cota de armazenamento de e-mails excedida. > Quota exceeded for mail store. > quota_warning = storage=95%% quota-warning 95 %u > quota_warning2 = storage=85%% quota-warning 85 %u > quota_warning3 = storage=75%% quota-warning 75 %u > sieve = ~/.dovecot.sieve > sieve_before = /var/lib/dovecot/sieve/default.sieve > sieve_default = /var/lib/dovecot/sieve/default.sieve > sieve_dir = ~/sieve > sieve_extensions = +notify +imapflags > } > protocols = imap pop3 lmtp sieve > service anvil { > client_limit = 14100 > process_limit = 1 > } > service auth-worker { > client_limit = 1 > process_limit = 50 > service_count = 1 > } > service auth { > client_limit = 15100 > process_limit = 1 > } > service dict { > client_limit = 1 > } > service imap-login { > inet_listener imap { > port = 143 > } > inet_listener imaps { > port = 993 > ssl = yes > } > process_limit = 6000 > process_min_avail = 10 > service_count = 1 > vsz_limit = 256 M > } > service imap { > process_limit = 3000 > vsz_limit = 1 G > } > service lmtp { > client_limit = 1 > inet_listener lmtp { > port = 24 > } > unix_listener lmtp { > mode = 0666 > } > } > service managesieve-login { > inet_listener sieve { > port = 4190 > } > } > service pop3-login { > inet_listener pop3 { > port = 110 > } > inet_listener pop3s { > port = 995 > ssl = yes > } > process_limit = 6000 > process_min_avail = 10 > service_count = 1 > } > service pop3 { > process_limit = 3000 > } > service quota-warning { > executable = script /usr/local/bin/quota-warning.sh > unix_listener quota-warning { > mode = 0666 > user = dovecot > } > user = root > } > ssl = required > ssl_cert = ************** > ssl_key = ************** > userdb { > driver = passwd > } > userdb { > args = /etc/dovecot/dovecot-ldap.conf.ext > driver = ldap > } > protocol lmtp { > mail_plugins = " mail_log notify quota sieve quota" > } > protocol imap { > mail_plugins = " mail_log notify quota imap_quota" > } > Atenciosamente > > Andr? Luiz Paiz > Administra??o de Redes > Instituto de Qu?mica ? Unicamp > andre.paiz at iqm.unicamp.br > Telefone: (19)3521-0197 i have a nearly the same setup incl Horde , solved like this spam tag added via spamass-milter and postfix, dove lmtp /etc/dovecot/sieve/global.sieve ... if header :contains "X-Spam-Flag" "YES" {fileinto "Junk";stop;} ... http://wiki2.dovecot.org/Pigeonhole/Sieve/Examples 90-sieve.conf ... sieve = file:~/sieve;active=~/.dovecot.sieve ... #sieve_default = /var/lib/dovecot/sieve/default.sieve ... sieve_global = /etc/dovecot/sieve/ ... i use no sieve includes that forces the spam filter act ever, only mail that went inbox can be redirected by user scripts later but check if this may fit to your dove setup Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Schlei?heimer Stra?e 26/MG, 80333 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein From andre.paiz at iqm.unicamp.br Mon Sep 12 13:59:52 2016 From: andre.paiz at iqm.unicamp.br (Andre Luiz Paiz) Date: Mon, 12 Sep 2016 10:59:52 -0300 Subject: Sieve filtering SPAM and redirect In-Reply-To: <8bd4b840-bde2-f180-7a60-7b6e60a8084e@sys4.de> References: <20160912100727.Horde.nQpP3RpYuP7Czf0VaePU3eT@webmail.iqm.unicamp.br> <8bd4b840-bde2-f180-7a60-7b6e60a8084e@sys4.de> Message-ID: <20160912105952.Horde.78oRlF7ATKdHvwvZaSuMAj9@webmail.iqm.unicamp.br> Quoting Robert Schetterer : > Am 12.09.2016 um 15:07 schrieb Andre Luiz Paiz: >> Hi everybody. I'm having difficulties to setup my filters correctly and >> I really need some help. >> >> This is my environment: >> >> Mail that is received on the system passes through a sieve_before script >> that checks the message header for SPAM tag and store it into the "Junk" >> folder. If no spam tag is found, mail goes to inbox. >> My horde webmail is integrated with sieve, so this allow users to create >> their own scripts to store mail in other folders or forward them to >> external accounts. And this are the problems I'm having: >> >> 1 - When users create a forward filter to redirect to external mail, >> mail that is stored inside the Junk folder are not forwarded; >> 2 - If I insert a "keep" parameter inside the sieve_before script to >> keep processing the rules, the mail is forwarded, but becomes duplicated >> and stored inside the inbox or other folders, if the user has more filters. >> 3 - If I move my sieve_before script to sieve_after, the same thing >> happened, one copy is stored on the user selected folder (inbox or >> filtered), including mail marked as SPAM. >> >> My needs are: I need to separate SPAM and HAM e-mail before users >> intervention (so I need sieve_before). But this SPAM e-mail has to be >> forwarded if a forward filter is created. >> Is it possible to use a sieve_after script that moves (instead of copy) >> the user mail marked as SPAM to the Junk folder even if it was stored in >> a different folder? >> >> Is that possible? >> >> Thanks a lot. >> >> Here is my config: >> >> sieve_after content: >> require "fileinto"; >> if header :contains "X-Spam-Flag" "YES" { >> ? fileinto "Junk"; >> } >> >> dovecot --version >> 2.2.10 >> >> # 2.2.10: /etc/dovecot/dovecot.conf >> # OS: Linux 3.10.0-327.28.2.el7.x86_64 x86_64 CentOS Linux release >> 7.2.1511 (Core) >> auth_cache_negative_ttl = 0 >> auth_cache_size = 10 M >> auth_mechanisms = plain login >> auth_username_format = %Ln >> default_client_limit = 1024 >> default_process_limit = 1024 >> default_vsz_limit = 1 G >> mail_location = maildir:~/Maildir:INDEX=/var/indexes/dovecot/%u >> mail_plugins = " mail_log notify quota" >> mail_temp_dir = /var/tmp >> managesieve_notify_capability = mailto >> managesieve_sieve_capability = fileinto reject envelope >> encoded-character vacation subaddress comparator-i;ascii-numeric >> relational regex imap4flags copy include variables body >> enotify environment mailbox date ihave imapflags notify >> mbox_write_locks = fcntl >> mmap_disable = yes >> namespace inbox { >> ? inbox = yes >> ? location = >> ? mailbox Drafts { >> ? ? special_use = \Drafts >> ? } >> ? mailbox Junk { >> ? ? special_use = \Junk >> ? } >> ? mailbox Sent { >> ? ? special_use = \Sent >> ? } >> ? mailbox "Sent Messages" { >> ? ? special_use = \Sent >> ? } >> ? mailbox Trash { >> ? ? special_use = \Trash >> ? } >> ? prefix = >> } >> passdb { >> ? driver = pam >> } >> passdb { >> ? args = /etc/dovecot/dovecot-ldap.conf.ext >> ? driver = ldap >> } >> plugin { >> ? mail_log_events = delete undelete expunge copy mailbox_delete >> mailbox_rename >> ? mail_log_fields = uid box msgid size >> ? quota = maildir >> ? quota_exceeded_message = Cota de armazenamento de e-mails excedida. >> Quota exceeded for mail store. >> ? quota_warning = storage=95%% quota-warning 95 %u >> ? quota_warning2 = storage=85%% quota-warning 85 %u >> ? quota_warning3 = storage=75%% quota-warning 75 %u >> ? sieve = ~/.dovecot.sieve >> ? sieve_before = /var/lib/dovecot/sieve/default.sieve >> ? sieve_default = /var/lib/dovecot/sieve/default.sieve >> ? sieve_dir = ~/sieve >> ? sieve_extensions = +notify +imapflags >> } >> protocols = imap pop3 lmtp sieve >> service anvil { >> ? client_limit = 14100 >> ? process_limit = 1 >> } >> service auth-worker { >> ? client_limit = 1 >> ? process_limit = 50 >> ? service_count = 1 >> } >> service auth { >> ? client_limit = 15100 >> ? process_limit = 1 >> } >> service dict { >> ? client_limit = 1 >> } >> service imap-login { >> ? inet_listener imap { >> ? ? port = 143 >> ? } >> ? inet_listener imaps { >> ? ? port = 993 >> ? ? ssl = yes >> ? } >> ? process_limit = 6000 >> ? process_min_avail = 10 >> ? service_count = 1 >> ? vsz_limit = 256 M >> } >> service imap { >> ? process_limit = 3000 >> ? vsz_limit = 1 G >> } >> service lmtp { >> ? client_limit = 1 >> ? inet_listener lmtp { >> ? ? port = 24 >> ? } >> ? unix_listener lmtp { >> ? ? mode = 0666 >> ? } >> } >> service managesieve-login { >> ? inet_listener sieve { >> ? ? port = 4190 >> ? } >> } >> service pop3-login { >> ? inet_listener pop3 { >> ? ? port = 110 >> ? } >> ? inet_listener pop3s { >> ? ? port = 995 >> ? ? ssl = yes >> ? } >> ? process_limit = 6000 >> ? process_min_avail = 10 >> ? service_count = 1 >> } >> service pop3 { >> ? process_limit = 3000 >> } >> service quota-warning { >> ? executable = script /usr/local/bin/quota-warning.sh >> ? unix_listener quota-warning { >> ? ? mode = 0666 >> ? ? user = dovecot >> ? } >> ? user = root >> } >> ssl = required >> ssl_cert = ************** >> ssl_key = ************** >> userdb { >> ? driver = passwd >> } >> userdb { >> ? args = /etc/dovecot/dovecot-ldap.conf.ext >> ? driver = ldap >> } >> protocol lmtp { >> ? mail_plugins = " mail_log notify quota sieve quota" >> } >> protocol imap { >> ? mail_plugins = " mail_log notify quota imap_quota" >> } >> Atenciosamente >> >> Andr? Luiz Paiz >> Administra??o de Redes >> Instituto de Qu?mica ? Unicamp >> andre.paiz at iqm.unicamp.br >> Telefone: (19)3521-0197 > > i have a nearly the same setup incl Horde , solved like this > > spam tag added via spamass-milter and postfix, dove lmtp > > /etc/dovecot/sieve/global.sieve > ... > if header :contains "X-Spam-Flag" "YES" {fileinto "Junk";stop;} > ... > > http://wiki2.dovecot.org/Pigeonhole/Sieve/Examples > > 90-sieve.conf > ... > sieve = file:~/sieve;active=~/.dovecot.sieve > ... > #sieve_default = /var/lib/dovecot/sieve/default.sieve > ... > sieve_global = /etc/dovecot/sieve/ > ... > > i use no sieve includes > > that forces the spam filter act ever, only mail that went inbox can be > redirected by user scripts later > > but check if this may fit to your dove setup > > Best Regards > MfG Robert Schetterer > > -- > [*] sys4 AG > > http://sys4.de, +49 (89) 30 90 46 64 > Schlei?heimer Stra?e 26/MG, 80333 M?nchen > > Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 > Vorstand: Patrick Ben Koetter, Marc Schiffbauer > Aufsichtsratsvorsitzender: Florian Kirstein > > Scanned and tagged with DSPAM 3.10.2 by Instituto de Quimica > !DSPAM:9735,57d6b2dd10014649918933! Thanks for you reply. My needs are almost there. In my case I need that SPAM mails also be redirected with the forward filter, even after it was sended to the Junk folder. Is that possible without creating duplicated messages (one in the Junk folder and another inside the inbox or another user folder)? Atenciosamente ? Andr? Luiz Paiz Administra??o de Redes Instituto de Qu?mica ? Unicamp andre.paiz at iqm.unicamp.br Telefone: (19)3521-0197 From stephan at rename-it.nl Mon Sep 12 14:02:02 2016 From: stephan at rename-it.nl (Stephan Bosch) Date: Mon, 12 Sep 2016 16:02:02 +0200 Subject: Sieve Script Replication Gliches (Report #2) In-Reply-To: References: <4ece61c7-5950-9231-7efe-cf2eb9e270b1@reub.net> <7bf64b2f-fb63-316c-fe92-98da90b1b8f5@rename-it.nl> <8e809d23-d5b5-a35b-31a7-13f3c3e49250@reub.net> <76071c04-b7af-be38-a7e6-6d167814f021@rename-it.nl> <373eb6ad-a770-76c7-9683-b0a76255a807@reub.net> Message-ID: <5e6d75a6-5345-11ae-65e7-be2833c42dc2@rename-it.nl> Op 8-9-2016 om 0:40 schreef Jean-Luc Wasmer: > Hey guys, > > > I was gonna report this issue too. > New script FILES get replicated right away but changes to an existing file are only replicated with a full sync (looks like this is every 24h by default). > > > My assumption is this happens bc there?s no index file for sieve scripts. Looking at his is on my list. Will do that soon.. Regards, Stephan. > > > >> On Sep 7, 2016, at 5:44 AM, Reuben Farrelly wrote: >> >> >> >> >> >> On 24/08/2016 10:58 AM, Stephan Bosch wrote: >>> >>> Op 8/1/2016 om 3:37 AM schreef Reuben Farrelly: >>>> >>>> In other words, the rules did eventually get propagated across, and >>>> based on the file sizes they are complete. >>>> >>>> >>>> But there is obviously something amiss with handling of dates (which >>>> in turn may relate to how the system determines that the file on each >>>> server is up to date or not, I guess). In this case the two systems >>>> are in different timezones - the primary is GMT+10 and the secondary >>>> GMT+8. >>>> >>>> >>>> Also the status of active users is not always replicated either. On >>>> one host the output of 'doveadm sieve list -A' shows my own account as >>>> ACTIVE but the other host shows all users - except for my account - as >>>> being active, and the sieve script for my account is not being >>>> replicated. >>>> >>> This should fix the file timestamps getting set at unix time_t 0: >>> >>> >>> https://github.com/dovecot/pigeonhole/commit/af91dd3f2d78da752292dce27f9e76d2c936868c >>> >>> >>> I haven't been able to replicate the situation where this occurs though, >>> since my current replication setup is very simple. >>> >>> >>> I need to extend my replication setup to test this more thoroughly. >>> >>> >>> So, please test this at your end first. >>> >>> >>> Regards, >>> >>> >>> Stephan. >>> >> >> >> >> Thanks Stephan. I have re-tested and the dates are now all look to be >> correct on the replicated scripts. We can cross that off as fixed now. >> >> >> There is still a problem with the scripts not being replicated though >> between replicated hosts. They do eventually catch up many hours >> later. I don't know what the trigger is for them updating but it's not >> triggered by delivery attempts (as every time a delivery was attempted >> the secondary complained about the missing sieve script). >> >> >> Thanks, >> Reuben >> From stephan at rename-it.nl Mon Sep 12 14:08:40 2016 From: stephan at rename-it.nl (Stephan Bosch) Date: Mon, 12 Sep 2016 16:08:40 +0200 Subject: Sieve filtering SPAM and redirect In-Reply-To: <20160912100727.Horde.nQpP3RpYuP7Czf0VaePU3eT@webmail.iqm.unicamp.br> References: <20160912100727.Horde.nQpP3RpYuP7Czf0VaePU3eT@webmail.iqm.unicamp.br> Message-ID: <0664c9aa-6bb1-6d00-b5e5-7140fdad1597@rename-it.nl> Op 12-9-2016 om 15:07 schreef Andre Luiz Paiz: > Hi every body. I'm having difficulties to setup my filters correctly > and I really need some help. > > This is my environment: > > Mail that is received on the system passes through a sieve_before > script that checks the message header for SPAM tag and store it into > the "Junk" folder. If no spam tag is found, mail goes to inbox. > My horde webmail is integrated with sieve, so this allow users to > create their own scripts to store mail in other folders or forward > them to external accounts. And this are the problems I'm having: > > 1 - When users create a forward filter to redirect to external mail, > mail that is stored inside the Junk folder are not forwarded; > 2 - If I insert a "keep" parameter inside the sieve_before script to > keep processing the rules, the mail is forwarded, but becomes > duplicated and stored inside the inbox or other folders, if the user > has more filters. > 3 - If I move my sieve_before script to sieve_after, the same thing > happened, one copy is stored on the user selected folder (inbox or > filtered), including mail marked as SPAM. > > My needs are: I need to separate SPAM and HAM e-mail before users > intervention (so I need sieve_before). But this SPAM e-mail has to be > forwarded if a forward filter is created. > Is it possible to use a sieve_after script that moves (instead of > copy) the user mail marked as SPAM to the Junk folder even if it was > stored in a different folder? > > Is that possible? In the script sequence, it is currently only possible to decide whether the next script will execute or not by executing (implicit) keep. It is currently not possible to somehow influence which actions subsequent scripts can still execute. Also, once a script is executed, its actions are final. It is not possible to undo actions performed by earlier Sieve scripts from within Sieve scripts executed later in the script sequence. At this time, I also don't see how this could be implemented cleanly. I am fresh out of ideas. :/ Regards Stephan. From daniel-dovecot at demus.dk Mon Sep 12 15:34:03 2016 From: daniel-dovecot at demus.dk (Daniel Demus) Date: Mon, 12 Sep 2016 17:34:03 +0200 Subject: Sieve filtering SPAM and redirect In-Reply-To: <20160912100727.Horde.nQpP3RpYuP7Czf0VaePU3eT@webmail.iqm.unicamp.br> References: <20160912100727.Horde.nQpP3RpYuP7Czf0VaePU3eT@webmail.iqm.unicamp.br> Message-ID: <347a1a5f-cd84-6c78-a26a-a9380f49d3a1@demus.dk> Can't you store it the spam folder in the before script, send it on and then discard it in the after script. This would of course miss mails that are stored somewhere else by user rules, fx mailinglist spam, but it handles the simple case. /Daniel On 2016-09-12 15:07, Andre Luiz Paiz wrote: > Hi every body. I'm having difficulties to setup my filters correctly and > I really need some help. > > This is my environment: > > Mail that is received on the system passes through a sieve_before script > that checks the message header for SPAM tag and store it into the "Junk" > folder. If no spam tag is found, mail goes to inbox. > My horde webmail is integrated with sieve, so this allow users to create > their own scripts to store mail in other folders or forward them to > external accounts. And this are the problems I'm having: > > 1 - When users create a forward filter to redirect to external mail, > mail that is stored inside the Junk folder are not forwarded; > 2 - If I insert a "keep" parameter inside the sieve_before script to > keep processing the rules, the mail is forwarded, but becomes duplicated > and stored inside the inbox or other folders, if the user has more filters. > 3 - If I move my sieve_before script to sieve_after, the same thing > happened, one copy is stored on the user selected folder (inbox or > filtered), including mail marked as SPAM. > > My needs are: I need to separate SPAM and HAM e-mail before users > intervention (so I need sieve_before). But this SPAM e-mail has to be > forwarded if a forward filter is created. > Is it possible to use a sieve_after script that moves (instead of copy) > the user mail marked as SPAM to the Junk folder even if it was stored in > a different folder? > > Is that possible? > > Thanks a lot. > > Here is my config: > > sieve_after content: > require "fileinto"; > if header :contains "X-Spam-Flag" "YES" { > fileinto "Junk"; > } > > dovecot --version > 2.2.10 > > # 2.2.10: /etc/dovecot/dovecot.conf > # OS: Linux 3.10.0-327.28.2.el7.x86_64 x86_64 CentOS Linux release > 7.2.1511 (Core) > auth_cache_negative_ttl = 0 > auth_cache_size = 10 M > auth_mechanisms = plain login > auth_username_format = %Ln > default_client_limit = 1024 > default_process_limit = 1024 > default_vsz_limit = 1 G > mail_location = maildir:~/Maildir:INDEX=/var/indexes/dovecot/%u > mail_plugins = " mail_log notify quota" > mail_temp_dir = /var/tmp > managesieve_notify_capability = mailto > managesieve_sieve_capability = fileinto reject envelope > encoded-character vacation subaddress comparator-i;ascii-numeric > relational regex imap4flags copy include variables body > enotify environment mailbox date ihave imapflags notify > mbox_write_locks = fcntl > mmap_disable = yes > namespace inbox { > inbox = yes > location = > mailbox Drafts { > special_use = \Drafts > } > mailbox Junk { > special_use = \Junk > } > mailbox Sent { > special_use = \Sent > } > mailbox "Sent Messages" { > special_use = \Sent > } > mailbox Trash { > special_use = \Trash > } > prefix = > } > passdb { > driver = pam > } > passdb { > args = /etc/dovecot/dovecot-ldap.conf.ext > driver = ldap > } > plugin { > mail_log_events = delete undelete expunge copy mailbox_delete > mailbox_rename > mail_log_fields = uid box msgid size > quota = maildir > quota_exceeded_message = Cota de armazenamento de e-mails excedida. > Quota exceeded for mail store. > quota_warning = storage=95%% quota-warning 95 %u > quota_warning2 = storage=85%% quota-warning 85 %u > quota_warning3 = storage=75%% quota-warning 75 %u > sieve = ~/.dovecot.sieve > sieve_before = /var/lib/dovecot/sieve/default.sieve > sieve_default = /var/lib/dovecot/sieve/default.sieve > sieve_dir = ~/sieve > sieve_extensions = +notify +imapflags > } > protocols = imap pop3 lmtp sieve > service anvil { > client_limit = 14100 > process_limit = 1 > } > service auth-worker { > client_limit = 1 > process_limit = 50 > service_count = 1 > } > service auth { > client_limit = 15100 > process_limit = 1 > } > service dict { > client_limit = 1 > } > service imap-login { > inet_listener imap { > port = 143 > } > inet_listener imaps { > port = 993 > ssl = yes > } > process_limit = 6000 > process_min_avail = 10 > service_count = 1 > vsz_limit = 256 M > } > service imap { > process_limit = 3000 > vsz_limit = 1 G > } > service lmtp { > client_limit = 1 > inet_listener lmtp { > port = 24 > } > unix_listener lmtp { > mode = 0666 > } > } > service managesieve-login { > inet_listener sieve { > port = 4190 > } > } > service pop3-login { > inet_listener pop3 { > port = 110 > } > inet_listener pop3s { > port = 995 > ssl = yes > } > process_limit = 6000 > process_min_avail = 10 > service_count = 1 > } > service pop3 { > process_limit = 3000 > } > service quota-warning { > executable = script /usr/local/bin/quota-warning.sh > unix_listener quota-warning { > mode = 0666 > user = dovecot > } > user = root > } > ssl = required > ssl_cert = ************** > ssl_key = ************** > userdb { > driver = passwd > } > userdb { > args = /etc/dovecot/dovecot-ldap.conf.ext > driver = ldap > } > protocol lmtp { > mail_plugins = " mail_log notify quota sieve quota" > } > protocol imap { > mail_plugins = " mail_log notify quota imap_quota" > } > Atenciosamente > > Andr? Luiz Paiz > Administra??o de Redes > Instituto de Qu?mica ? Unicamp > andre.paiz at iqm.unicamp.br > Telefone: (19)3521-0197 From andre.paiz at iqm.unicamp.br Mon Sep 12 16:14:07 2016 From: andre.paiz at iqm.unicamp.br (Andre Luiz Paiz) Date: Mon, 12 Sep 2016 13:14:07 -0300 Subject: Sieve filtering SPAM and redirect In-Reply-To: <347a1a5f-cd84-6c78-a26a-a9380f49d3a1@demus.dk> References: <20160912100727.Horde.nQpP3RpYuP7Czf0VaePU3eT@webmail.iqm.unicamp.br> <347a1a5f-cd84-6c78-a26a-a9380f49d3a1@demus.dk> Message-ID: <20160912131407.Horde.rALRG7XYrTonMvqW5_foWpG@webmail.iqm.unicamp.br> Quoting Daniel Demus : > Can't you store it the spam folder in the before script, send it on > and then discard it in the after script. > > This would of course miss mails that are stored somewhere else by > user rules, fx mailinglist spam, but it handles the simple case. > > /Daniel > > On 2016-09-12 15:07, Andre Luiz Paiz wrote: >> Hi every body. I'm having difficulties to setup my filters correctly and >> I really need some help. >> >> This is my environment: >> >> Mail that is received on the system passes through a sieve_before script >> that checks the message header for SPAM tag and store it into the "Junk" >> folder. If no spam tag is found, mail goes to inbox. >> My horde webmail is integrated with sieve, so this allow users to create >> their own scripts to store mail in other folders or forward them to >> external accounts. And this are the problems I'm having: >> >> 1 - When users create a forward filter to redirect to external mail, >> mail that is stored inside the Junk folder are not forwarded; >> 2 - If I insert a "keep" parameter inside the sieve_before script to >> keep processing the rules, the mail is forwarded, but becomes duplicated >> and stored inside the inbox or other folders, if the user has more filters. >> 3 - If I move my sieve_before script to sieve_after, the same thing >> happened, one copy is stored on the user selected folder (inbox or >> filtered), including mail marked as SPAM. >> >> My needs are: I need to separate SPAM and HAM e-mail before users >> intervention (so I need sieve_before). But this SPAM e-mail has to be >> forwarded if a forward filter is created. >> Is it possible to use a sieve_after script that moves (instead of copy) >> the user mail marked as SPAM to the Junk folder even if it was stored in >> a different folder? >> >> Is that possible? >> >> Thanks a lot. >> >> Here is my config: >> >> sieve_after content: >> require "fileinto"; >> if header :contains "X-Spam-Flag" "YES" { >> fileinto "Junk"; >> } >> >> dovecot --version >> 2.2.10 >> >> # 2.2.10: /etc/dovecot/dovecot.conf >> # OS: Linux 3.10.0-327.28.2.el7.x86_64 x86_64 CentOS Linux release >> 7.2.1511 (Core) >> auth_cache_negative_ttl = 0 >> auth_cache_size = 10 M >> auth_mechanisms = plain login >> auth_username_format = %Ln >> default_client_limit = 1024 >> default_process_limit = 1024 >> default_vsz_limit = 1 G >> mail_location = maildir:~/Maildir:INDEX=/var/indexes/dovecot/%u >> mail_plugins = " mail_log notify quota" >> mail_temp_dir = /var/tmp >> managesieve_notify_capability = mailto >> managesieve_sieve_capability = fileinto reject envelope >> encoded-character vacation subaddress comparator-i;ascii-numeric >> relational regex imap4flags copy include variables body >> enotify environment mailbox date ihave imapflags notify >> mbox_write_locks = fcntl >> mmap_disable = yes >> namespace inbox { >> inbox = yes >> location = >> mailbox Drafts { >> ? ?special_use = \Drafts >> } >> mailbox Junk { >> ? ?special_use = \Junk >> } >> mailbox Sent { >> ? ?special_use = \Sent >> } >> mailbox "Sent Messages" { >> ? ?special_use = \Sent >> } >> mailbox Trash { >> ? ?special_use = \Trash >> } >> prefix = >> } >> passdb { >> driver = pam >> } >> passdb { >> args = /etc/dovecot/dovecot-ldap.conf.ext >> driver = ldap >> } >> plugin { >> mail_log_events = delete undelete expunge copy mailbox_delete >> mailbox_rename >> mail_log_fields = uid box msgid size >> quota = maildir >> quota_exceeded_message = Cota de armazenamento de e-mails excedida. >> Quota exceeded for mail store. >> quota_warning = storage=95%% quota-warning 95 %u >> quota_warning2 = storage=85%% quota-warning 85 %u >> quota_warning3 = storage=75%% quota-warning 75 %u >> sieve = ~/.dovecot.sieve >> sieve_before = /var/lib/dovecot/sieve/default.sieve >> sieve_default = /var/lib/dovecot/sieve/default.sieve >> sieve_dir = ~/sieve >> sieve_extensions = +notify +imapflags >> } >> protocols = imap pop3 lmtp sieve >> service anvil { >> client_limit = 14100 >> process_limit = 1 >> } >> service auth-worker { >> client_limit = 1 >> process_limit = 50 >> service_count = 1 >> } >> service auth { >> client_limit = 15100 >> process_limit = 1 >> } >> service dict { >> client_limit = 1 >> } >> service imap-login { >> inet_listener imap { >> ? ?port = 143 >> } >> inet_listener imaps { >> ? ?port = 993 >> ? ?ssl = yes >> } >> process_limit = 6000 >> process_min_avail = 10 >> service_count = 1 >> vsz_limit = 256 M >> } >> service imap { >> process_limit = 3000 >> vsz_limit = 1 G >> } >> service lmtp { >> client_limit = 1 >> inet_listener lmtp { >> ? ?port = 24 >> } >> unix_listener lmtp { >> ? ?mode = 0666 >> } >> } >> service managesieve-login { >> inet_listener sieve { >> ? ?port = 4190 >> } >> } >> service pop3-login { >> inet_listener pop3 { >> ? ?port = 110 >> } >> inet_listener pop3s { >> ? ?port = 995 >> ? ?ssl = yes >> } >> process_limit = 6000 >> process_min_avail = 10 >> service_count = 1 >> } >> service pop3 { >> process_limit = 3000 >> } >> service quota-warning { >> executable = script /usr/local/bin/quota-warning.sh >> unix_listener quota-warning { >> ? ?mode = 0666 >> ? ?user = dovecot >> } >> user = root >> } >> ssl = required >> ssl_cert = ************** >> ssl_key = ************** >> userdb { >> driver = passwd >> } >> userdb { >> args = /etc/dovecot/dovecot-ldap.conf.ext >> driver = ldap >> } >> protocol lmtp { >> mail_plugins = " mail_log notify quota sieve quota" >> } >> protocol imap { >> mail_plugins = " mail_log notify quota imap_quota" >> } >> Atenciosamente >> >> Andr? Luiz Paiz >> Administra??o de Redes >> Instituto de Qu?mica ? Unicamp >> andre.paiz at iqm.unicamp.br >> Telefone: (19)3521-0197 > > Scanned and tagged with DSPAM 3.10.2 by Instituto de Quimica > !DSPAM:9735,57d6cb3410011706321379! I think I will try that. Store on junk, forward and discard later. Thanks. Atenciosamente ? Andr? Luiz Paiz Administra??o de Redes Instituto de Qu?mica ? Unicamp andre.paiz at iqm.unicamp.br Telefone: (19)3521-0197 From rs at sys4.de Mon Sep 12 16:29:24 2016 From: rs at sys4.de (Robert Schetterer) Date: Mon, 12 Sep 2016 18:29:24 +0200 Subject: Sieve filtering SPAM and redirect In-Reply-To: <20160912105952.Horde.78oRlF7ATKdHvwvZaSuMAj9@webmail.iqm.unicamp.br> References: <20160912100727.Horde.nQpP3RpYuP7Czf0VaePU3eT@webmail.iqm.unicamp.br> <8bd4b840-bde2-f180-7a60-7b6e60a8084e@sys4.de> <20160912105952.Horde.78oRlF7ATKdHvwvZaSuMAj9@webmail.iqm.unicamp.br> Message-ID: <5bac53f2-12dd-af4a-3651-5fd4bd6af8c7@sys4.de> Am 12.09.2016 um 15:59 schrieb Andre Luiz Paiz: > In my case I need that SPAM mails also be redirected with the forward filter sorry i dont understand why this should be needed ever, please explain Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Schlei?heimer Stra?e 26/MG, 80333 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein From andre.paiz at iqm.unicamp.br Mon Sep 12 17:25:23 2016 From: andre.paiz at iqm.unicamp.br (Andre Luiz Paiz) Date: Mon, 12 Sep 2016 14:25:23 -0300 Subject: Sieve filtering SPAM and redirect In-Reply-To: <5bac53f2-12dd-af4a-3651-5fd4bd6af8c7@sys4.de> References: <20160912100727.Horde.nQpP3RpYuP7Czf0VaePU3eT@webmail.iqm.unicamp.br> <8bd4b840-bde2-f180-7a60-7b6e60a8084e@sys4.de> <20160912105952.Horde.78oRlF7ATKdHvwvZaSuMAj9@webmail.iqm.unicamp.br> <5bac53f2-12dd-af4a-3651-5fd4bd6af8c7@sys4.de> Message-ID: <20160912142523.Horde.FlyTSu-W8EASsrfOO04_l0G@webmail.iqm.unicamp.br> Quoting Robert Schetterer : > Am 12.09.2016 um 15:59 schrieb Andre Luiz Paiz: >> In my case I need that SPAM mails also be redirected with the forward filter > > sorry i dont understand why this should be needed ever, please explain > > Best Regards > MfG Robert Schetterer > > -- > [*] sys4 AG > > http://sys4.de, +49 (89) 30 90 46 64 > Schlei?heimer Stra?e 26/MG, 80333 M?nchen > > Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 > Vorstand: Patrick Ben Koetter, Marc Schiffbauer > Aufsichtsratsvorsitzender: Florian Kirstein > > Scanned and tagged with DSPAM 3.10.2 by Instituto de Quimica > !DSPAM:9735,57d6d82010011542927698! In case of false-positive. Some users prefer to redirect their e-mail to their external providers instead of using our corporate network webmail. And they want all e-mail to be forwarded. Atenciosamente ? Andr? Luiz Paiz Administra??o de Redes Instituto de Qu?mica ? Unicamp andre.paiz at iqm.unicamp.br Telefone: (19)3521-0197 From rs at sys4.de Mon Sep 12 19:18:50 2016 From: rs at sys4.de (Robert Schetterer) Date: Mon, 12 Sep 2016 21:18:50 +0200 Subject: Sieve filtering SPAM and redirect In-Reply-To: <20160912142523.Horde.FlyTSu-W8EASsrfOO04_l0G@webmail.iqm.unicamp.br> References: <20160912100727.Horde.nQpP3RpYuP7Czf0VaePU3eT@webmail.iqm.unicamp.br> <8bd4b840-bde2-f180-7a60-7b6e60a8084e@sys4.de> <20160912105952.Horde.78oRlF7ATKdHvwvZaSuMAj9@webmail.iqm.unicamp.br> <5bac53f2-12dd-af4a-3651-5fd4bd6af8c7@sys4.de> <20160912142523.Horde.FlyTSu-W8EASsrfOO04_l0G@webmail.iqm.unicamp.br> Message-ID: Am 12.09.2016 um 19:25 schrieb Andre Luiz Paiz: > Quoting Robert Schetterer : > >> Am 12.09.2016 um 15:59 schrieb Andre Luiz Paiz: >>> In my case I need that SPAM mails also be redirected with the forward >>> filter >> >> sorry i dont understand why this should be needed ever, please explain >> >> Best Regards >> MfG Robert Schetterer >> >> -- >> [*] sys4 AG >> >> http://sys4.de, +49 (89) 30 90 46 64 >> Schlei?heimer Stra?e 26/MG, 80333 M?nchen >> >> Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 >> Vorstand: Patrick Ben Koetter, Marc Schiffbauer >> Aufsichtsratsvorsitzender: Florian Kirstein >> >> Scanned and tagged with DSPAM 3.10.2 by Instituto de Quimica >> !DSPAM:9735,57d6d82010011542927698! > > In case of false-positive. Some users prefer to redirect their e-mail to > their external providers instead of using our corporate network webmail. > And they want all e-mail to be forwarded. then solve it via i.e postfix transport etc, thats not a native sieve job if you need a user gui for that ,postfixadmin , modoboa etc should work but however forwarding spam external is a very, very bad idea, external networks will punish your server for doing so > Atenciosamente > > Andr? Luiz Paiz > Administra??o de Redes > Instituto de Qu?mica ? Unicamp > andre.paiz at iqm.unicamp.br > Telefone: (19)3521-0197 Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Schlei?heimer Stra?e 26/MG, 80333 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein From Raymond.Sellars at orionhealth.com Mon Sep 12 21:49:06 2016 From: Raymond.Sellars at orionhealth.com (Raymond Sellars) Date: Mon, 12 Sep 2016 21:49:06 +0000 Subject: Use of obox2 and AWS S3 Message-ID: Thanks Karol My challenge with AWS EFS is waiting for it to be HIPAA/BAA certified. But good to know it's a satisfactory option. I like the aspect of not worrying about total storage space, in part why I was looking at obox and S3 for the elastic scale. ------------------------------ Message: 5 Date: Sat, 10 Sep 2016 22:27:52 +0100 From: Karol Augustin To: dovecot at dovecot.org Subject: Re: Use of obox2 and AWS S3 Message-ID: <1fbb9ac24386c29a92a320d2d1a399bd at augustin.pl> Content-Type: text/plain; charset=US-ASCII On 2016-09-01 2:59, Raymond Sellars wrote: > Any one running a dovecot solution within AWS in general? Interested > in best practice for the storage layer. Although NFS is possible its > not really optimised for elastic cloud type hosting. > > Thanks > Raymond Hi Raymond, I am using dovecot on EC2 instance with EFS storage backend. As the initial performance is bad it scales pretty quickly with space used. So it handles maildir storage very well. The latency is a little high but with indexes there is no problem. It works as NFS storage with unlimited space (8EB) and you pay for what you use. So it turns out to be very cost effective as you do not have to worry about reserving space. For better performance you can keep indexes on ephermal storage or EBS, which both have much lower access times. As for 'elastic cloud type hosting' EFS store can be used by thousands of instances in multiple AWS AZs at the same time, so it looks like it is somehow optimized. Best, Karol -- Karol Augustin karol at augustin.pl http://karolaugustin.pl/ +353 85 775 5312 From ben at indietorrent.org Tue Sep 13 02:26:03 2016 From: ben at indietorrent.org (Ben Johnson) Date: Mon, 12 Sep 2016 22:26:03 -0400 Subject: Capturing dovecot core dump and debugging with gdb: ../sysdeps/unix/sysv/linux/raise.c: No such file or directory. Message-ID: <58d36468-f49d-163e-404a-bf8b125e0608@indietorrent.org> Hello, I'm experiencing a segfault, so I've followed the steps at http://www.dovecot.org/bugreport.html in an effort to capture the information necessary to submit a bug report. Full "doveconf -n" output is at the end of this message. Dovecot does seem to dump a core file, but when I attempt to parse it, I get this: # apt install dovecot-dbg lib64stdc++6-4.9-dbg # gdb /usr/lib/dovecot/deliver /var/vmail/tmp/core-deliver-6-5000-5000-29125-1473732949 # Generic gdb GNU disclaimers and such here... Reading symbols from /usr/lib/dovecot/deliver...Reading symbols from /usr/lib/debug/.build-id/49/c9c607c304a5c853c05a4ccb9e4b995f185ac4.debug...done. done. warning: core file may not match specified executable file. [New LWP 29125] warning: the debug information found in "/lib64/ld-2.23.so" does not match "/lib64/ld-linux-x86-64.so.2" (CRC mismatch). Core was generated by `/usr/lib/dovecot/deliver -d sa-training at example.com -m Training.HAM -p'. Program terminated with signal SIGABRT, Aborted. #0 0x00007f7712e77418 in __GI_raise (sig=sig at entry=6) at ../sysdeps/unix/sysv/linux/raise.c:54 54 ../sysdeps/unix/sysv/linux/raise.c: No such file or directory. (gdb) The obvious question is why the "core file may not match specified executable file". What am I doing wrong here? Any help would be greatly appreciated. Thanks in advance! --Ben # 2.2.22 (fe789d2): /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.13 (7b14904) # OS: Linux 4.4.0-36-generic x86_64 Ubuntu 16.04.1 LTS auth_mechanisms = plain login disable_plaintext_auth = no listen = *,[::] log_timestamp = "%Y-%m-%d %H:%M:%S " mail_max_userip_connections = 100 mail_plugins = " quota" mail_privileged_group = vmail passdb { args = /etc/dovecot/dovecot-sql.conf driver = sql } plugin { antispam_backend = pipe antispam_debug_target = syslog antispam_pipe_program = /bin/bash antispam_pipe_program_args = /usr/local/bin/sa-learn-pipe.sh antispam_pipe_program_notspam_arg = --ham antispam_pipe_program_spam_arg = --spam antispam_pipe_tmpdir = /tmp antispam_spam_pattern_ignorecase = SPAM;JUNK antispam_trash_pattern_ignorecase = trash;Deleted * antispam_verbose_debug = 1 quota = dict:user::file:/var/vmail/%d/%n/.quotausage quota_rule2 = Trash:storage=+100M quota_rule3 = Junk:ignore quota_rule4 = INBOX:storage=+100M quota_warning = storage=100%% quota-reached 100 %u %d quota_warning2 = storage=95%% quota-warning 95 %u %d quota_warning3 = storage=80%% quota-warning 80 %u %d quota_warning4 = -storage=100%% quota-below below %u %d sieve = /var/vmail/%d/%n/.sieve sieve_max_redirects = 25 } postmaster_address = postmaster at example protocols = imap pop3 service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } unix_listener auth-userdb { group = vmail mode = 0600 user = vmail } user = root } service config { unix_listener config { group = vmail mode = 0600 user = vmail } } service imap-login { client_limit = 1000 process_limit = 512 } service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0600 user = postfix } } service quota-below { executable = script /usr/local/bin/quota-below.sh unix_listener quota-below { group = vmail mode = 0666 user = vmail } user = vmail } service quota-reached { executable = script /usr/local/bin/quota-reached.sh unix_listener quota-reached { group = vmail mode = 0666 user = vmail } user = vmail } service quota-warning { executable = script /usr/local/bin/quota-warning.sh unix_listener quota-warning { group = vmail mode = 0666 user = vmail } user = vmail } ssl_cert = Hello, If in extra fields "port" isn't set, then lmtp proxy doesn't work: Error: lmtp client: connect(mail.example.com, 0) failed: Can't assign requested address If to set "port", then imap, doveadm proxy don't work. How it is possible to set "port" only for lmtp proxy? -- Best regards, Aleksey Tsvetkov Leading System Administrator Company Grand Vision tel. +7(495)937-70-02 From heiken at luis.uni-hannover.de Tue Sep 13 11:43:22 2016 From: heiken at luis.uni-hannover.de (Karsten Heiken) Date: Tue, 13 Sep 2016 13:43:22 +0200 Subject: Replication: Can't unsubscribe from shared mailbox Message-ID: <3c9532cf-9fc3-d7cd-ab83-96f9d26dc87f@luis.uni-hannover.de> Hi, I am running two dovecot servers active/active. Everything runs pretty great, except for the replication of subscriptions in a shared namespace. When I unsubscribe from a folder the subscription instantly re-appears. The timestamp on the subscriptions file is updated, but the entry is still in there. If the other node is shut down, everything works as expected, which leads me to believe that the subscription is re-applied upon a replicator-run. I attached a tcpdump of a dsync run. The only action that was executed was to unsubscribe from the folder shared/weinrot at luis.uni-hannover.de/INBOX. Is there any other way I might help debugging this? Thanks, Karsten # 2.2.24 (a82c823): /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.13 (7b14904) # OS: Linux 2.6.32-44-pve x86_64 Debian 8.5 default_vsz_limit = 512 M dict { acl = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext } imap_max_line_length = 2 M lmtp_rcpt_check_quota = yes mail_attribute_dict = file:%h/Maildir/dovecot-attributes mail_gid = 7777 mail_location = maildir:%h/Maildir:LAYOUT=fs:DIRNAME=maiLdir mail_plugins = " zlib quota acl notify replication " mail_shared_explicit_inbox = yes mail_uid = 7777 mailbox_list_index = yes managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext imapflags notify namespace { hidden = no ignore_on_failure = no inbox = no list = children location = maildir:%%h/Maildir:INDEXPVT=%h/shared/%%u:LAYOUT=fs:DIRNAME=maiLdir prefix = shared/%%u/ separator = / subscriptions = yes type = shared } namespace inbox { hidden = no inbox = yes list = yes location = mailbox 30dTrash { auto = subscribe autoexpunge = 30 days special_use = \Junk } mailbox Drafts { auto = subscribe special_use = \Drafts } mailbox Sent { auto = subscribe special_use = \Sent } mailbox Trash { auto = subscribe special_use = \Trash } prefix = separator = / subscriptions = yes type = private } passdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } plugin { acl = vfile acl_shared_dict = proxy::acl mail_replica = tcp:10.6.1.10:24245 quota = maildir:Postfach-Limit quota_grace = 2%% quota_rule = *:storage=8G quota_status_nouser = DUNNO quota_status_overquota = 552 5.2.2 Mailbox is full quota_status_success = DUNNO sieve = ~/.dovecot.sieve sieve_dir = ~/sieve sieve_extensions = +notify +imapflags sieve_max_actions = 250 sieve_max_redirects = 200 zlib_save = gz zlib_save_level = 6 } protocols = " imap lmtp sieve pop3 sieve" replication_dsync_parameters = -d -l 300 -U -N service aggregator { fifo_listener replication-notify-fifo { user = vmail } unix_listener replication-notify { user = vmail } } service auth { unix_listener auth-userdb { group = vmail user = vmail } } service dict { unix_listener dict { group = vmail mode = 0660 user = vmail } } service doveadm { inet_listener { port = 24245 } } service imap-login { process_min_avail = 16 service_count = 0 } service imap { executable = imap postlogin process_limit = 30000 } service lmtp { inet_listener lmtp { port = 24 } vsz_limit = 1 G } service managesieve-login { inet_listener sieve { port = 4190 } } service managesieve { process_limit = 1024 } service pop3-login { process_min_avail = 4 service_count = 0 } service pop3 { process_limit = 2500 } service postlogin { executable = script-login -d rawlog /usr/local/bin/dovecot-postlogin.sh } service quota-status { client_limit = 1 executable = quota-status -p postfix inet_listener { port = 12340 } } service replicator { process_min_avail = 1 unix_listener replicator-doveadm { mode = 0600 user = vmail } } shutdown_clients = no ssl_cert = From zerocool at modemsoft.it Tue Sep 13 07:55:06 2016 From: zerocool at modemsoft.it (zerocool at modemsoft.it) Date: Tue, 13 Sep 2016 09:55:06 +0200 Subject: Dovecot con Autentication Checkpassword error signal 111 Message-ID: <20160913095506.Horde.aMfrgRb-RoXIhbfqATI8nrm@webmail.modemsoft.it> Good morning, It is the first time I write in this mailing list and I apologize in advance for possible nonsense that i can write. I have a mail server with qmail + courier imap and I would "Migrate" to dovecot. I installed the package and configured the components necessary to me using as system autentication checkpassword. I have verified the checkpassword operation without the processor usage of Dovecot and is functioning. When you perform the tests with dovecot from the logs out these errors: auth: Error: checkpassword(plutos,127.0.0.1,): Child 15375 died with signal 11 auth: Error: checkpassword(plutos,127.0.0.1,): Child 15376 died with signal 11 imap-login: Info: Disconnected (auth failed, 2 attempts in 8 secs): user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured master: Warning: Killed with signal 15 (by pid=15479 uid=0 code=kill) or : auth: Error: checkpassword(plutos,192.168.1.113,): Child 15851 died with signal 11 auth: Error: checkpassword(plutos,192.168.1.113,): Child 15852 died with signal 11 imap-login: Info: Disconnected (auth failed, 2 attempts in 8 secs): user=, method=PLAIN, rip=192.168.1.113, lip=192.168.1.113, secured imap-login: Info: Disconnected: Too many invalid commands (no auth attempts in 102 secs): user=<>, rip=192.168.1.235, lip=192.168.1.113 auth: Error: checkpassword(plutos,192.168.1.235,<7pLd+FI81uXAqAHr>): Child 15870 died with signal 11 It is already a long time that we slam but I can not figure out where to make the mistake. Who will help me to solve this problem. Thanks in advance for your support. Regards From aki.tuomi at dovecot.fi Tue Sep 13 15:53:19 2016 From: aki.tuomi at dovecot.fi (Aki Tuomi) Date: Tue, 13 Sep 2016 18:53:19 +0300 (EEST) Subject: Dovecot con Autentication Checkpassword error signal 111 In-Reply-To: <20160913095506.Horde.aMfrgRb-RoXIhbfqATI8nrm@webmail.modemsoft.it> References: <20160913095506.Horde.aMfrgRb-RoXIhbfqATI8nrm@webmail.modemsoft.it> Message-ID: <109946834.657.1473782000057@appsuite-dev.open-xchange.com> > On September 13, 2016 at 10:55 AM zerocool at modemsoft.it wrote: > > > Good morning, > It is the first time I write in this mailing list and I apologize in > advance for possible nonsense that i can write. > I have a mail server with qmail + courier imap and I would "Migrate" > to dovecot. > I installed the package and configured the components necessary to me > using as system autentication checkpassword. > I have verified the checkpassword operation without the processor > usage of Dovecot and is functioning. > When you perform the tests with dovecot from the logs out these errors: > > > auth: Error: checkpassword(plutos,127.0.0.1,): Child > 15375 died with signal 11 > auth: Error: checkpassword(plutos,127.0.0.1,): Child > 15376 died with signal 11 > imap-login: Info: Disconnected (auth failed, 2 attempts in 8 secs): > user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured > master: Warning: Killed with signal 15 (by pid=15479 uid=0 code=kill) > > or : > > auth: Error: checkpassword(plutos,192.168.1.113,): > Child 15851 died with signal 11 > auth: Error: checkpassword(plutos,192.168.1.113,): > Child 15852 died with signal 11 > imap-login: Info: Disconnected (auth failed, 2 attempts in 8 secs): > user=, method=PLAIN, rip=192.168.1.113, lip=192.168.1.113, > secured > imap-login: Info: Disconnected: Too many invalid commands (no auth > attempts in 102 secs): user=<>, rip=192.168.1.235, lip=192.168.1.113 > auth: Error: checkpassword(plutos,192.168.1.235,<7pLd+FI81uXAqAHr>): > Child 15870 died with signal 11 > > > It is already a long time that we slam but I can not figure out where > to make the mistake. Who will help me to solve this problem. > > Thanks in advance for your support. > > Regards Hi! Can you provide backtrace from the crash? See http://www.dovecot.org/bugreport.html Aki From ben at indietorrent.org Wed Sep 14 01:52:35 2016 From: ben at indietorrent.org (Ben Johnson) Date: Tue, 13 Sep 2016 21:52:35 -0400 Subject: How to obtain a "non-stripped" executable for producing a usable core-dump Message-ID: Hello, I'm attempting to capture a core-dump file, and gdb reports warning: core file may not match specified executable file. And only after installing "dovecot-dbg" on my system (Ubuntu 16.04 LTS) does gdb report further warning: the debug information found in "/lib64/ld-2.23.so" does not match "/lib64/ld-linux-x86-64.so.2" (CRC mismatch). It took some searching the internet to realize that both messages are likely the result of having a "stripped" executable: # file /usr/lib/dovecot/dovecot-lda /usr/lib/dovecot/dovecot-lda: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 2.6.32, BuildID[sha1]=49c9c607c304a5c853c05a4ccb9e4b995f185ac4, stripped So, how best I am I to obtain a "non-stripped" dovecot-lda executable? Must I forego my distro's repositories and download the dovecot source, compiling every executable and all plugins "from scratch", in order to obtain a useful core-dump file? Perhaps the bug report instructions at http://www.dovecot.org/bugreport.html should mention "stripped" executables and how to avoid them. Perhaps I am simply ignorant, but if that is the case, there is little to no hope for the "average user" where submitting bug reports is concerned. Any guidance would be most appreciated. Thanks in advance, -Ben From edgar at pettijohn-web.com Wed Sep 14 02:00:14 2016 From: edgar at pettijohn-web.com (Edgar Pettijohn) Date: Tue, 13 Sep 2016 21:00:14 -0500 Subject: How to obtain a "non-stripped" executable for producing a usable core-dump In-Reply-To: References: Message-ID: Sent from my iPhone > On Sep 13, 2016, at 8:52 PM, Ben Johnson wrote: > > Hello, > > I'm attempting to capture a core-dump file, and gdb reports > > warning: core file may not match specified executable file. > I believe this means the core file doesn't match up to the executable. I would delete the core and try to reproduce with your new executable then run gdb with a core that matches. > And only after installing "dovecot-dbg" on my system (Ubuntu 16.04 LTS) > does gdb report further > > warning: the debug information found in "/lib64/ld-2.23.so" does not > match "/lib64/ld-linux-x86-64.so.2" (CRC mismatch). > > It took some searching the internet to realize that both messages are > likely the result of having a "stripped" executable: > > # file /usr/lib/dovecot/dovecot-lda > /usr/lib/dovecot/dovecot-lda: ELF 64-bit LSB shared object, x86-64, > version 1 (SYSV), dynamically linked, interpreter > /lib64/ld-linux-x86-64.so.2, for GNU/Linux 2.6.32, > BuildID[sha1]=49c9c607c304a5c853c05a4ccb9e4b995f185ac4, stripped > > So, how best I am I to obtain a "non-stripped" dovecot-lda executable? > > Must I forego my distro's repositories and download the dovecot source, > compiling every executable and all plugins "from scratch", in order to > obtain a useful core-dump file? > > Perhaps the bug report instructions at > http://www.dovecot.org/bugreport.html should mention "stripped" > executables and how to avoid them. Perhaps I am simply ignorant, but if > that is the case, there is little to no hope for the "average user" > where submitting bug reports is concerned. > > Any guidance would be most appreciated. > > Thanks in advance, > > -Ben From ben at indietorrent.org Wed Sep 14 02:05:55 2016 From: ben at indietorrent.org (Ben Johnson) Date: Tue, 13 Sep 2016 22:05:55 -0400 Subject: How to obtain a "non-stripped" executable for producing a usable core-dump In-Reply-To: References: Message-ID: <91bdfcbf-0804-f35a-df88-c2d9c9d184eb@indietorrent.org> On 9/13/2016 10:00 PM, Edgar Pettijohn wrote: >> I'm attempting to capture a core-dump file, and gdb reports >> > >> > warning: core file may not match specified executable file. >> > > I believe this means the core file doesn't match up to the executable. I would delete the core and try to reproduce with your new executable then run gdb with a core that matches. > Thanks so much for the quick reply, Edgar! That's what I find to be so strange. I am producing the core-dump and then attempting to run it through gdb immediately thereafter. I just don't see how the dovecot-lda executable could be changing in the space of about ten seconds. I don't know what it's worth, but the "bt full" command, while at the gdb prompt, produces legible output. I don't see a bunch of "?" characters, as cautioned about in the bug report instructions. For example, here's the tail end of the output (is it usable as-is?): session_id = 0x14844a489d8 , session_id_prefix = 0x0, local_ip = {family = 0, u = {ip6 = {__in6_u = { __u6_addr8 = '\000' , __u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0, 0, 0, 0}}}, ip4 = {s_addr = 0}}}, remote_ip = {family = 0, u = { ip6 = {__in6_u = {__u6_addr8 = '\000' , __u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0, 0, 0, 0}}}, ip4 = {s_addr = 0}}}, local_port = 65320, remote_port = 59489, userdb_fields = 0x0, flags_override_add = MAIL_STORAGE_SERVICE_FLAG_DISALLOW_ROOT, flags_override_remove = (unknown: 0), no_userdb_lookup = 0} storage = 0x1 user_source = 0x56242ac6d3af "" destaddr_source = 0x56242ac6d3af "" process_euid = 5000 stderr_rejection = false ret = c = error = MAIL_ERROR_NONE Thanks in advance for any additional insight that you may be able to provide! -Ben From edgar at pettijohn-web.com Wed Sep 14 02:34:55 2016 From: edgar at pettijohn-web.com (Edgar Pettijohn) Date: Tue, 13 Sep 2016 21:34:55 -0500 Subject: How to obtain a "non-stripped" executable for producing a usable core-dump In-Reply-To: <91bdfcbf-0804-f35a-df88-c2d9c9d184eb@indietorrent.org> References: <91bdfcbf-0804-f35a-df88-c2d9c9d184eb@indietorrent.org> Message-ID: <20160914023453.zazus5ai3sfmv5nf@thinkpad.my.domain> On 16-09-13 22:05:55, Ben Johnson wrote: > On 9/13/2016 10:00 PM, Edgar Pettijohn wrote: > >> I'm attempting to capture a core-dump file, and gdb reports > >> > > >> > warning: core file may not match specified executable file. > >> > > > I believe this means the core file doesn't match up to the executable. I would delete the core and try to reproduce with your new executable then run gdb with a core that matches. > > > > Thanks so much for the quick reply, Edgar! > > That's what I find to be so strange. I am producing the core-dump and > then attempting to run it through gdb immediately thereafter. I just > don't see how the dovecot-lda executable could be changing in the space > of about ten seconds. > > I don't know what it's worth, but the "bt full" command, while at the > gdb prompt, produces legible output. I don't see a bunch of "?" > characters, as cautioned about in the bug report instructions. > > For example, here's the tail end of the output (is it usable as-is?): I've never had lda dump core on me. If this is just the tail end I'd say post the whole thing and see if anyone can help. > > session_id = 0x14844a489d8 0x14844a489d8>, > session_id_prefix = 0x0, local_ip = {family = 0, u = {ip6 = > {__in6_u = { > __u6_addr8 = '\000' , __u6_addr16 = > {0, 0, 0, 0, 0, 0, 0, 0}, > __u6_addr32 = {0, 0, 0, 0}}}, ip4 = {s_addr = 0}}}, > remote_ip = {family = 0, u = { > ip6 = {__in6_u = {__u6_addr8 = '\000' , > __u6_addr16 = {0, 0, 0, 0, > 0, 0, 0, 0}, __u6_addr32 = {0, 0, 0, 0}}}, ip4 = > {s_addr = 0}}}, > local_port = 65320, remote_port = 59489, userdb_fields = 0x0, > flags_override_add = MAIL_STORAGE_SERVICE_FLAG_DISALLOW_ROOT, > flags_override_remove = (unknown: 0), no_userdb_lookup = 0} > storage = 0x1 > user_source = 0x56242ac6d3af "" > destaddr_source = 0x56242ac6d3af "" > process_euid = 5000 > stderr_rejection = false > ret = > c = > error = MAIL_ERROR_NONE > > Thanks in advance for any additional insight that you may be able to > provide! > > -Ben -- Edgar Pettijohn From aki.tuomi at dovecot.fi Wed Sep 14 04:31:58 2016 From: aki.tuomi at dovecot.fi (Aki Tuomi) Date: Wed, 14 Sep 2016 07:31:58 +0300 (EEST) Subject: How to obtain a "non-stripped" executable for producing a usable core-dump In-Reply-To: <20160914023453.zazus5ai3sfmv5nf@thinkpad.my.domain> References: <91bdfcbf-0804-f35a-df88-c2d9c9d184eb@indietorrent.org> <20160914023453.zazus5ai3sfmv5nf@thinkpad.my.domain> Message-ID: <2010994713.1333.1473827519702@appsuite-dev.open-xchange.com> > On September 14, 2016 at 5:34 AM Edgar Pettijohn wrote: > > > On 16-09-13 22:05:55, Ben Johnson wrote: > > On 9/13/2016 10:00 PM, Edgar Pettijohn wrote: > > >> I'm attempting to capture a core-dump file, and gdb reports > > >> > > > >> > warning: core file may not match specified executable file. > > >> > > > > I believe this means the core file doesn't match up to the executable. I would delete the core and try to reproduce with your new executable then run gdb with a core that matches. > > > > > > > Thanks so much for the quick reply, Edgar! > > > > That's what I find to be so strange. I am producing the core-dump and > > then attempting to run it through gdb immediately thereafter. I just > > don't see how the dovecot-lda executable could be changing in the space > > of about ten seconds. > > > > I don't know what it's worth, but the "bt full" command, while at the > > gdb prompt, produces legible output. I don't see a bunch of "?" > > characters, as cautioned about in the bug report instructions. > > > > For example, here's the tail end of the output (is it usable as-is?): > > I've never had lda dump core on me. If this is just the tail end I'd say > post the whole thing and see if anyone can help. > > > > > session_id = 0x14844a489d8 > 0x14844a489d8>, > > session_id_prefix = 0x0, local_ip = {family = 0, u = {ip6 = > > {__in6_u = { > > __u6_addr8 = '\000' , __u6_addr16 = > > {0, 0, 0, 0, 0, 0, 0, 0}, > > __u6_addr32 = {0, 0, 0, 0}}}, ip4 = {s_addr = 0}}}, > > remote_ip = {family = 0, u = { > > ip6 = {__in6_u = {__u6_addr8 = '\000' , > > __u6_addr16 = {0, 0, 0, 0, > > 0, 0, 0, 0}, __u6_addr32 = {0, 0, 0, 0}}}, ip4 = > > {s_addr = 0}}}, > > local_port = 65320, remote_port = 59489, userdb_fields = 0x0, > > flags_override_add = MAIL_STORAGE_SERVICE_FLAG_DISALLOW_ROOT, > > flags_override_remove = (unknown: 0), no_userdb_lookup = 0} > > storage = 0x1 > > user_source = 0x56242ac6d3af "" > > destaddr_source = 0x56242ac6d3af "" > > process_euid = 5000 > > stderr_rejection = false > > ret = > > c = > > error = MAIL_ERROR_NONE > > > > Thanks in advance for any additional insight that you may be able to > > provide! > > > > -Ben > > -- > Edgar Pettijohn Can you post output of bt full? Aki From arne at fish.in-berlin.de Wed Sep 14 09:27:39 2016 From: arne at fish.in-berlin.de (Arne Hoffmann) Date: Wed, 14 Sep 2016 11:27:39 +0200 Subject: Limit replication to one user Message-ID: <20160914092739.GA9796@fish.in-berlin.de> Hello, we have a setup here where the main (and only important) feature of the IMAP server is the public folder. Two Dovecot instances are running in a active/passive cluster and mailstorage should be replicated between the two. Since there is a race condition when using public namespaces (locking on user level and not on mailbox level) I had the intention of limiting the replication to one user. I read somewhere that dsync is replicating all the users the command "doveadm user '*'" shows. And the command only shows *one* user because I have modified the iterate_query: ,----[/etc/dovecot/mysql.conf] | iterate_query = SELECT username AS user FROM mailbox WHERE username = 'data_replication at example.com' `---- root [~]# doveadm user '*' data_replication at example.com root [~]# So, why does Dovecot still replicate mails from other users inboxes? And why does doveadm replicator still show other users? root [~]# doveadm replicator status '*' username priority fast sync full sync success sync failed data_replication at example.com none 00:57:14 01:13:21 00:57:12 - arne.hoffmann at example.com none 00:20:04 00:31:40 00:20:02 - root [~]# [I removed some whitespace to keep line length in check] Any explanation of this behavior would be just awesome. Hints to possible solution even more! :) root [~]# doveconf -n # 2.2.24 (a82c823): /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.13 (7b14904) # OS: Linux 3.16.0-4-amd64 x86_64 Debian 8.5 ext4 debug_log_path = /var/log/mail.debug disable_plaintext_auth = no doveadm_password = # hidden, use -P to show it mail_debug = yes mail_location = maildir:/var/mail/vmail/%d/%n/Maildir:INBOX=/var/mail/vmail/%d/%n/Maildir mail_plugins = " listescape notify replication" mail_privileged_group = vmail namespace { location = maildir:/var/mail/vmail/?ffentliche Ordner:INDEXPVT=~/Maildir/?ffentliche Ordner mailbox "Gel?schte Elemente" { auto = subscribe special_use = \Trash } mailbox XYZ-Projekt { auto = subscribe } prefix = ?ffentliche Ordner/ separator = / subscriptions = no type = public } namespace inbox { inbox = yes location = mailbox "Gel?schte Elemente" { auto = subscribe special_use = \Trash } prefix = separator = / type = private } passdb { args = /etc/dovecot/mysql.conf driver = sql } plugin { mail_replica = tcps:10.162.70.70:22001 } protocols = imap replication_max_conns = 1 service aggregator { fifo_listener replication-notify-fifo { user = vmail } unix_listener replication-notify { user = vmail } } service doveadm { inet_listener { port = 22001 ssl = yes } } service replicator { process_min_avail = 1 unix_listener replicator-doveadm { mode = 0660 user = vmail } } ssl = required ssl_ca = References: <91bdfcbf-0804-f35a-df88-c2d9c9d184eb@indietorrent.org> <20160914023453.zazus5ai3sfmv5nf@thinkpad.my.domain> <2010994713.1333.1473827519702@appsuite-dev.open-xchange.com> Message-ID: On 9/14/2016 12:31 AM, Aki Tuomi wrote: > Can you post output of bt full? > > Aki Sure! It seems better suited to pastebin: http://pastebin.com/4xdGNXa6 Thanks for any help! -Ben From larryrtx at gmail.com Wed Sep 14 19:42:22 2016 From: larryrtx at gmail.com (Larry Rosenman) Date: Wed, 14 Sep 2016 14:42:22 -0500 Subject: No Autoindex? Message-ID: I used to get my mail auto-indexed, but something(tm) changed recently, but I'm not sure what. I do have fts_autoindex = yes in my dovecot config, and if I do a doveadm index \* it does the index. Ideas? doveconf -n attached -- Larry Rosenman http://www.lerctr.org/~ler Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com US Mail: 17716 Limpia Crk, Round Rock, TX 78664-7281 -------------- next part -------------- A non-text attachment was scrubbed... Name: dc.n Type: application/octet-stream Size: 4131 bytes Desc: not available URL: From piper at hrz.uni-marburg.de Thu Sep 15 05:25:34 2016 From: piper at hrz.uni-marburg.de (Piper Andreas) Date: Thu, 15 Sep 2016 07:25:34 +0200 Subject: 2.2.25 dumps core with "Panic: file imap-client.c: line 837 (client_check_command_hangs): assertion failed: (client->io != NULL)" In-Reply-To: <8930005b-96b1-5fa4-ad9d-e073001e49ce@dovecot.fi> References: <52dc785a-b2b6-33df-7d8a-e6f3520969e9@hrz.uni-marburg.de> <57b2f57f-3643-6198-f800-1cbb200ee6c8@dovecot.fi> <826ca1d4-ccec-6aae-68dd-6e08a7cff3dd@hrz.uni-marburg.de> <8930005b-96b1-5fa4-ad9d-e073001e49ce@dovecot.fi> Message-ID: <7533c513-12f6-7c7f-472c-311fea4eaa19@hrz.uni-marburg.de> Am 12.09.2016 um 08:16 schrieb Aki Tuomi: > > > On 12.09.2016 09:02, Piper Andreas wrote: >> Am 01.09.2016 um 14:17 schrieb Aki Tuomi: >>> >>> On 01.09.2016 14:20, Piper Andreas wrote: >>>> Hello Timo, >>>> >>>> with the newly build CSW-package the crashes still occur, today already >>>> twice within two hours. The log shows always the same: >>>> >>>> Sep 1 11:50:13 surz113 dovecot: [ID 583609 mail.crit] imap(user): >>>> Panic: file imap-client.c: line 837 (client_check_command_hangs): >>>> assertion failed: (client->io != NULL) >>>> Sep 1 11:50:13 surz113 dovecot: [ID 583609 mail.error] imap(user): >>>> Error: Raw backtrace: 0xffff80ffb633d88d -> 0xffff80ffb636ae82 -> >>>> 0x41eba0 -> 0x41ecf3 -> 0xffff80ffb635d248 -> 0xffff80ffb6350d2f -> >>>> 0xffff80ffb63519e0 -> 0xffff80ffb6350dce -> 0xffff80ffb6350f90 -> >>>> 0xffff80ffb62e3ebb -> 0x42f169 -> 0x41292c >>>> Sep 1 11:50:13 surz113 dovecot: [ID 583609 mail.crit] imap(user): >>>> Fatal: master: service(imap): child 11227 killed with signal 6 (core not >>>> dumped - set service imap { drop_priv_before_exec=yes }) >>>> >>>> This happens with different users, the last one with a relatively small >>>> mailbox of 600MB. >>>> >>>> doveconf -n is attached. >>>> >>>> Dovecot 2.2.25 >>>> OS: Solaris 11 (SunOS 5.11 11.3 i86pc i386 i86pc) >>>> Virtualization: VMware >>>> Filesystem: ZFS >>>> active users: ~4000 >>>> >>>> The system was transferred at beginning of last week from an old >>>> SPARC-station with Solaris 10 running dovecot-2.2.15 to this virtualized >>>> platform under VMware. The mailboxes (maildir-format) were transferred >>>> without change by switching the storage-hardware to the new server. I >>>> had to remove all dovecot.index*-files for errors of "CPU Architecture >>>> changed", but after doing this all seemed to work ok except for these >>>> occasional crashes. >>>> >>>> If you need more information, please let me know. >>>> >>>> Thanks for any help, >>>> Andreas >>>> >>>>> Hi Jake, >>>>> >>>>> thanks for fixing this. I have installed now the newly built package on >>>>> my production system and will report, if any more core dumps occur. >>>>> >>>>> Regards, >>>>> Andreas >>>>> >>> Hi! >>> >>> Is it possible for you test out a small patch (attached) to see if it >>> fixes this issue? >>> >>> Aki >>> >> Hello Aki, >> >> your patch missed a trailing '{', which was corrected by the >> OpenCSW-maintainer, who implemented the patch into a test-version of >> dovecot-2.2.25 for me. >> >> I started this version on my production system on Friday morning (09. >> Sep, 07:30). After that the server crashed once on Sunday evening >> (11.Sep, 20:40), but with a completely different error message: >> >> Sep 11 20:40:37 surz113 dovecot: [ID 583609 mail.crit] imap(user1): >> Panic: file imap-fetch.c: line 555 (imap_fetch_more): assertion failed: >> (ctx->client->output_cmd_lock == NULL || ctx->client->output_cmd_lock == >> cmd) >> Sep 11 20:40:37 surz113 dovecot: [ID 583609 mail.error] imap(user1): >> Error: Raw backtrace: 0xffff80ffb5fcd88d -> 0xffff80ffb5ffae82 -> >> 0x4225c1 -> 0x4153e5 -> 0x41ffae -> 0x41e4bf -> 0x41e865 -> 0x41ede4 -> >> 0xffff80ffb5fe0d2f -> 0xffff80ffb5fe19e0 -> 0xffff80ffb5fe0dce -> >> 0xffff80ffb5fe0f90 -> 0xffff80ffb5f73ebb -> 0x42f169 -> 0x41292c >> Sep 11 20:40:37 surz113 dovecot: [ID 583609 mail.crit] imap(user1): >> Fatal: master: service(imap): child 12150 killed with signal 6 (core not >> dumped - set service imap { drop_priv_before_exec=yes }) >> >> May this be related to your patch, or is it something completely different? >> >> Thanks and best regards, >> Andreas > Hi! > > Apologies, I forgot to send you an email about this, it should be fixed with > https://github.com/dovecot/core/commit/cd9cf45dcf9fcabc89e156117c4dcf464ec4eb85 > > Aki > Hello and thanks for this information, the OpenCSW-maintainer has implemented this fix into another test version, which is now running on my production system. I'll report, if there are any more problems. Best regards, Andreas -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 5176 bytes Desc: S/MIME Cryptographic Signature URL: From dovecot at nspace.de Thu Sep 15 14:10:02 2016 From: dovecot at nspace.de (dovecot at nspace.de) Date: Thu, 15 Sep 2016 16:10:02 +0200 Subject: dovecot --hostdomain Message-ID: <2b29d330-49b7-98fa-b8cf-97b32fceca66@nspace.de> Hi, I'm currently debugging replication issues and I found that both servers answer to a "dovecot --hostdomain" simply with localhost From what I've read, this can lead to problems. Where do I configure the dovecot hostdomain name? The machine itself has a valid name in /etc/hostname Thanks, Thomas From citrin+dovecot at citrin.ru Thu Sep 15 17:59:04 2016 From: citrin+dovecot at citrin.ru (Anton Yuzhaninov) Date: Thu, 15 Sep 2016 13:59:04 -0400 Subject: dovecot-keywords and mbox Message-ID: <06ff4463-3ec6-af14-2863-1cadc47f9148@citrin.ru> Hello, With Maildir++ it is possible to store list of IMAP message keyworkds (tags in Thunderbird) on server in dovecot-keywords file. Is it possible the same with mbox mailboxes? My mbox directory contains .subscriptions file, but no .dovecot-keywords file. -- WBR, Anton Yuzhaninov From tanstaafl at libertytrek.org Thu Sep 15 18:06:58 2016 From: tanstaafl at libertytrek.org (Tanstaafl) Date: Thu, 15 Sep 2016 14:06:58 -0400 Subject: dovecot-keywords and mbox In-Reply-To: <06ff4463-3ec6-af14-2863-1cadc47f9148@citrin.ru> References: <06ff4463-3ec6-af14-2863-1cadc47f9148@citrin.ru> Message-ID: <19ffbd5b-a4f6-5d2c-3e1e-c904c56fe430@libertytrek.org> On 9/15/2016 1:59 PM, Anton Yuzhaninov wrote: > With Maildir++ it is possible to store list of IMAP message keyworkds > (tags in Thunderbird) on server in dovecot-keywords file. > > Is it possible the same with mbox mailboxes? > > My mbox directory contains .subscriptions file, but no .dovecot-keywords > file. They are stored directly in the mbox file(s): http://wiki2.dovecot.org/MailboxFormat/mbox#Dovecot.27s_Metadata From info at netocean.de Fri Sep 16 09:54:14 2016 From: info at netocean.de (=?UTF-8?Q?Leander_Sch=c3=a4fer?=) Date: Fri, 16 Sep 2016 11:54:14 +0200 Subject: Bug: Shared Mailbox - Case Sensitivity Message-ID: <14031913-6e4c-1a0d-7e4e-090407c6dca2@netocean.de> Hi, unfortunately I found a bug in Dovecot's ACL handling for shared mailboxes. It turns out Dovecot doesn't enforce lower casing the privileged username to whom the mailbox should be shared to. This results in a invalid configuration. Users get confused, since they passed on a valid email address in their ACL setup. /usr/local/www/default/mail/test at mydomain.localdomain/maildir/.Spam/dovecot-acl user=leander at mydomain.localdomain eilrwts ^^ works /usr/local/www/default/mail/leander at mydomain.localdomain/maildir/dovecot-acl user=test at mydomain.localdomain eilrwts ^^ works /usr/local/www/default/mail/test at mydomain.localdomain/maildir/.Drafts/dovecot-acl user=Leander at MyDomain.LocalDomain eilrwts ^^ Doesn't work Best regards Leander Sch?fer From dovecot-e51 at deemzed.uk Fri Sep 16 10:39:48 2016 From: dovecot-e51 at deemzed.uk (Dave) Date: Fri, 16 Sep 2016 11:39:48 +0100 Subject: pop3 deleted count Message-ID: On pop3 logout, we're seeing log lines where the deleted count is blank (using default pop3_logout_format), so "del=%d/%m" is displaying in the logs as: "del=/1186" for example. In src/pop3/pop3-client.c:552: tab[4].value = client->delete_success ? dec2str(client->deleted_count) : 0; Shouldn't this be: tab[4].value = client->delete_success ? dec2str(client->deleted_count) : "0"; (very minor bug) -- Dave From dovecot-e51 at deemzed.uk Fri Sep 16 10:42:45 2016 From: dovecot-e51 at deemzed.uk (Dave) Date: Fri, 16 Sep 2016 11:42:45 +0100 Subject: pop3 deleted count In-Reply-To: References: Message-ID: <1f215f3c-727b-ecb3-c730-57d18f298ef9@deemzed.uk> On 16/09/2016 11:39, Dave wrote: > > On pop3 logout, we're seeing log lines where the deleted count is blank > (using default pop3_logout_format), so "del=%d/%m" is displaying in the > logs as: > > "del=/1186" ... > Shouldn't this be: > > tab[4].value = client->delete_success ? > dec2str(client->deleted_count) : "0"; Sorry, or even: tab[4].value = dec2str(client->delete_success ? client->deleted_count : 0); depending on cleanup? -- Dave -- Dave From aki.tuomi at dovecot.fi Fri Sep 16 10:53:49 2016 From: aki.tuomi at dovecot.fi (Aki Tuomi) Date: Fri, 16 Sep 2016 13:53:49 +0300 Subject: Bug: Shared Mailbox - Case Sensitivity In-Reply-To: <14031913-6e4c-1a0d-7e4e-090407c6dca2@netocean.de> References: <14031913-6e4c-1a0d-7e4e-090407c6dca2@netocean.de> Message-ID: <01c317c6-5b1b-d6ef-12fb-720b9c105cdd@dovecot.fi> On 16.09.2016 12:54, Leander Sch?fer wrote: > Hi, > > unfortunately I found a bug in Dovecot's ACL handling for shared > mailboxes. It turns out Dovecot doesn't enforce lower casing the > privileged username to whom the mailbox should be shared to. This > results in a invalid configuration. Users get confused, since they > passed on a valid email address in their ACL setup. > > /usr/local/www/default/mail/test at mydomain.localdomain/maildir/.Spam/dovecot-acl > > user=leander at mydomain.localdomain eilrwts > ^^ works > > /usr/local/www/default/mail/leander at mydomain.localdomain/maildir/dovecot-acl > > user=test at mydomain.localdomain eilrwts > ^^ works > > /usr/local/www/default/mail/test at mydomain.localdomain/maildir/.Drafts/dovecot-acl > > user=Leander at MyDomain.LocalDomain eilrwts > ^^ Doesn't work > > Best regards > Leander Sch?fer Hi! Did you know you can use %Lu instead of %u to force lowercasing? Aki From aki.tuomi at dovecot.fi Fri Sep 16 10:55:15 2016 From: aki.tuomi at dovecot.fi (Aki Tuomi) Date: Fri, 16 Sep 2016 13:55:15 +0300 Subject: pop3 deleted count In-Reply-To: <1f215f3c-727b-ecb3-c730-57d18f298ef9@deemzed.uk> References: <1f215f3c-727b-ecb3-c730-57d18f298ef9@deemzed.uk> Message-ID: On 16.09.2016 13:42, Dave wrote: > On 16/09/2016 11:39, Dave wrote: >> >> On pop3 logout, we're seeing log lines where the deleted count is blank >> (using default pop3_logout_format), so "del=%d/%m" is displaying in the >> logs as: >> >> "del=/1186" > > ... > >> Shouldn't this be: >> >> tab[4].value = client->delete_success ? >> dec2str(client->deleted_count) : "0"; > > Sorry, or even: > > tab[4].value = dec2str(client->delete_success ? > client->deleted_count : 0); > > depending on cleanup? > Hi! This has been fixed in unreleased version. Sorry about this. See https://github.com/dovecot/core/commit/7424d35ff1b7d17c0caf7b426c0ef3c2b8229afc Aki Tuomi Dovecot oy From tanstaafl at libertytrek.org Fri Sep 16 11:44:30 2016 From: tanstaafl at libertytrek.org (Tanstaafl) Date: Fri, 16 Sep 2016 07:44:30 -0400 Subject: Bug: Shared Mailbox - Case Sensitivity In-Reply-To: <01c317c6-5b1b-d6ef-12fb-720b9c105cdd@dovecot.fi> References: <14031913-6e4c-1a0d-7e4e-090407c6dca2@netocean.de> <01c317c6-5b1b-d6ef-12fb-720b9c105cdd@dovecot.fi> Message-ID: On 9/16/2016 6:53 AM, Aki Tuomi wrote: > On 16.09.2016 12:54, Leander Sch?fer wrote: >> user=Leander at MyDomain.LocalDomain eilrwts >> ^^ Doesn't work > Hi! Did you know you can use %Lu instead of %u to force lowercasing? In my opinion this should be the default... From info at netocean.de Fri Sep 16 12:21:13 2016 From: info at netocean.de (=?UTF-8?Q?Leander_Sch=c3=a4fer?=) Date: Fri, 16 Sep 2016 14:21:13 +0200 Subject: Bug: Shared Mailbox - Case Sensitivity In-Reply-To: <01c317c6-5b1b-d6ef-12fb-720b9c105cdd@dovecot.fi> References: <14031913-6e4c-1a0d-7e4e-090407c6dca2@netocean.de> <01c317c6-5b1b-d6ef-12fb-720b9c105cdd@dovecot.fi> Message-ID: <786ad6de-e1a1-974b-0285-65606ba3c010@netocean.de> Hi Aki, Thanks for your advice. Yes, I'm aware of this. Yet lowercasing should be the default since Dovecot 2.1.x., isn't it? Yet I wouldn't know where exactly to implement this %L, since the ACLs are set through IMAP commands through the users mailclient like Thunderbird. So in other words, the email address to whom the user want to grant ACLs provided by the user's mailclient, has nothing to do with my auth backend where e.g. %u => %Lu would apply. PLease correct me if I'm wrong here. It clearly looks like a bug of the internal processing of the "dovecot-acl-list" files. It simply lacks on a lowercase enforcement in the code, like it already seems to do for the "dovecot-acl" file. Best regards Leander Sch?fer Am 16.09.16 um 12:53 schrieb Aki Tuomi: > > On 16.09.2016 12:54, Leander Sch?fer wrote: >> Hi, >> >> unfortunately I found a bug in Dovecot's ACL handling for shared >> mailboxes. It turns out Dovecot doesn't enforce lower casing the >> privileged username to whom the mailbox should be shared to. This >> results in a invalid configuration. Users get confused, since they >> passed on a valid email address in their ACL setup. >> >> /usr/local/www/default/mail/test at mydomain.localdomain/maildir/.Spam/dovecot-acl >> >> user=leander at mydomain.localdomain eilrwts >> ^^ works >> >> /usr/local/www/default/mail/leander at mydomain.localdomain/maildir/dovecot-acl >> >> user=test at mydomain.localdomain eilrwts >> ^^ works >> >> /usr/local/www/default/mail/test at mydomain.localdomain/maildir/.Drafts/dovecot-acl >> >> user=Leander at MyDomain.LocalDomain eilrwts >> ^^ Doesn't work >> >> Best regards >> Leander Sch?fer > Hi! Did you know you can use %Lu instead of %u to force lowercasing? > > Aki From reuben-dovecot at reub.net Fri Sep 16 15:18:33 2016 From: reuben-dovecot at reub.net (Reuben Farrelly) Date: Sat, 17 Sep 2016 01:18:33 +1000 Subject: Crash with latest -git as of 2.2.devel (c06590c) Message-ID: <211cbf55-f050-4a1a-3f55-6522cd378ada@reub.net> Hi, Looks like something has been committed to master-2.2 in the last week which is causing crashes as soon as the remote user logs in: Sep 17 01:11:19 thunderstorm.reub.net dovecot: dsync-server(reuben): Error: read(lightning.reub.net) failed: EOF (last sent=mailbox_state, last recv=mail (EOL)) Sep 17 01:11:31 thunderstorm.reub.net dovecot: imap(reuben): Panic: file fts-api.c: line 128 (fts_backend_set_cur_mailbox): assertion failed: (ctx->cur_box != NULL) Sep 17 01:11:31 thunderstorm.reub.net dovecot: imap(reuben): Error: Raw backtrace: /usr/lib64/dovecot/libdovecot.so.0(+0xb7f9f) [0x7f4cd5b4cf9f] -> /usr/lib64/dovecot/libdovecot.so.0(+0xb9515) [0x7f4cd5b4e515] -> /usr/lib64/dovecot/libdovecot.so.0(i_fatal+0) [0x7f4cd5b4d332] -> /usr/lib64/dovecot/lib20_fts_plugin.so(+0x96b4) [0x7f4cd50b86b4] -> /usr/lib64/dovecot/lib20_fts_plugin.so(fts_backend_update_deinit+0x45) [0x7f4cd50b872b] -> /usr/lib64/dovecot/lib20_fts_plugin.so(+0x142ed) [0x7f4cd50c32ed] -> /usr/lib64/dovecot/libdovecot-storage.so.0(maildir_sync_index+0x98e) [0x7f4cd5e4eed7] -> /usr/lib64/dovecot/libdovecot-storage.so.0(+0x5f209) [0x7f4cd5e51209] -> /usr/lib64/dovecot/libdovecot-storage.so.0(+0x5f497) [0x7f4cd5e51497] -> /usr/lib64/dovecot/libdovecot-storage.so.0(maildir_storage_sync_init+0xb2) [0x7f4cd5e517de] -> /usr/lib64/dovecot/libdovecot-storage.so.0(mailbox_sync_init+0x6d) [0x7f4cd5e2cc41] -> dovecot/imap(imap_sync_init+0xc7) [0x42e408] -> dovecot/imap() [0x42f96b] -> dovecot/imap() [0x42febc] -> dovecot/imap(cmd_sync_delayed+0x34) [0x42fef2] -> dovecot/imap(client_handle_input+0x138) [0x41e9d1] -> dovecot/imap(client_input+0xf5) [0x41eb02] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_call_io+0xcd) [0x7f4cd5b6b054] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_handler_run_internal+0x209) [0x7f4cd5b6d5c1] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_handler_run+0x24) [0x7f4cd5b6b1fd] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_run+0xaf) [0x7f4cd5b6b149] -> /usr/lib64/dovecot/libdovecot.so.0(master_service_run+0x2e) [0x7f4cd5aca603] -> dovecot/imap(main+0x300) [0x431169] -> /lib64/libc.so.6(__libc_start_main+0xf0) [0x7f4cd571c710] -> dovecot/imap(_start+0x29) [0x40c7b9] Sep 17 01:11:31 thunderstorm.reub.net dovecot: imap(reuben): Fatal: master: service(imap): child 1740 killed with signal 6 (core dumped) thunderstorm reuben # file core core: ELF 64-bit LSB core file x86-64, version 1 (SYSV), SVR4-style, from 'dovecot/imap postlogin', real uid: 0, effective uid: 0, real gid: 0, effective gid: 0, execfn: '/usr/libexec/dovecot/imap', platform: 'x86_64' thunderstorm reuben # gdb /usr/libexec/dovecot/imap core GNU gdb (Gentoo 7.11.1 vanilla) 7.11.1 Copyright (C) 2016 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-pc-linux-gnu". Type "show configuration" for configuration details. For bug reporting instructions, please see: . Find the GDB manual and other documentation resources online at: . For help, type "help". Type "apropos word" to search for commands related to "word"... Reading symbols from /usr/libexec/dovecot/imap...done. [New LWP 1740] warning: Could not load shared library symbols for linux-vdso.so.1. Do you need "set solib-search-path" or "set sysroot"? [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib64/libthread_db.so.1". Core was generated by `dovecot/imap postlogin'. Program terminated with signal SIGABRT, Aborted. #0 0x00007f4cd572f1f8 in raise () from /lib64/libc.so.6 (gdb) bt full #0 0x00007f4cd572f1f8 in raise () from /lib64/libc.so.6 No symbol table info available. #1 0x00007f4cd573064a in abort () from /lib64/libc.so.6 No symbol table info available. #2 0x00007f4cd5b4cfee in default_fatal_finish (type=LOG_TYPE_PANIC, status=0) at failures.c:201 backtrace = 0x27446a0 "/usr/lib64/dovecot/libdovecot.so.0(+0xb7f9f) [0x7f4cd5b4cf9f] -> /usr/lib64/dovecot/libdovecot.so.0(+0xb9515) [0x7f4cd5b4e515] -> /usr/lib64/dovecot/libdovecot.so.0(i_fatal+0) [0x7f4cd5b4d332] -> /usr"... #3 0x00007f4cd5b4e515 in i_internal_fatal_handler (ctx=0x7fff509f3750, format=0x7f4cd50cb000 "file %s: line %d (%s): assertion failed: (%s)", args=0x7fff509f3770) at failures.c:670 status = 0 #4 0x00007f4cd5b4d332 in i_panic (format=0x7f4cd50cb000 "file %s: line %d (%s): assertion failed: (%s)") at failures.c:275 ctx = {type = LOG_TYPE_PANIC, exit_status = 0, timestamp = 0x0, timestamp_usecs = 0} args = #5 0x00007f4cd50b86b4 in fts_backend_set_cur_mailbox (ctx=0x26f6e70) at fts-api.c:128 __FUNCTION__ = "fts_backend_set_cur_mailbox" #6 0x00007f4cd50b872b in fts_backend_update_deinit (_ctx=0x268b3b8) at fts-api.c:143 ctx = 0x26f6e70 backend = 0x26825e0 ret = 32588 #7 0x00007f4cd50c32ed in fts_mailbox_sync_notify (box=0x268aaa0, uid=0, sync_type=(unknown: 0)) at fts-storage.c:665 flist = 0x2683000 fbox = 0x268b258 #8 0x00007f4cd5e4eed7 in maildir_sync_index (ctx=0x268eb40, partial=true) at maildir-sync-index.c:649 mbox = 0x268aaa0 view = 0x26f4f30 view2 = 0x0 iter = 0x0 trans = 0x270ef20 hdr = 0x268b8b0 empty_hdr = {major_version = 176 '\260', minor_version = 57 '9', base_header_size = 20639, header_size = 32767, record_size = 3588796538, compat_flags = 76 'L', unused = "\177\000", indexid = 1352612272, flags = 32512, uid_validity = 40955680, next_uid = 0, messages_count = 40849200, unused_old_recent_messages_count = 0, seen_messages_count = 40857728, deleted_messages_count = 0, first_recent_uid = 136, first_unseen_uid_lowwater = 0, first_deleted_uid_lowwater = 40428608, log_file_seq = 0, log_file_tail_offset = 1352612384, log_file_head_offset = 32767, unused_old_sync_size = 139967982787820, unused_old_sync_stamp = 40913568, day_stamp = 0, day_first_uid = { 41174496, 0, 41174440, 0, 40413856, 0, 1352612384, 32767}} rec = 0x26d7188 seq = 0 seq2 = 0 uid = 1043 prev_uid = 1043 uflags = (MAILDIR_UIDLIST_REC_FLAG_MOVED | MAILDIR_UIDLIST_REC_FLAG_RECENT | MAILDIR_UIDLIST_REC_FLAG_NONSYNCED) filename = 0x2711a00 "1474037293.M664229P7078.thunderstorm,S=18760,W=19334:2,Sd" uid_validity = 1466133870 next_uid = 3585376580 hdr_next_uid = 1044 first_recent_uid = 1044 first_uid = 1 changes = 1 ret = 0 time_before_sync = 1474038691 expunged_guid_128 = "\247\332=\207\337[1\a\367\217\025\307\024|-Y" private_flags_mask = 0 expunged = true full_rescan = false __FUNCTION__ = "maildir_sync_index" #9 0x00007f4cd5e51209 in maildir_sync_context (ctx=0x27445a8, forced=false, find_uid=0x0, lost_files_r=0x7fff509f3afa) at maildir-sync.c:951 sync_flags = MAILDIR_UIDLIST_SYNC_PARTIAL flags = (MAILDIR_UIDLIST_REC_FLAG_NEW_DIR | MAILDIR_UIDLIST_REC_FLAG_MOVED | MAILDIR_UIDLIST_REC_FLAG_RECENT | MAILDIR_UIDLIST_REC_FLAG_NONSYNCED | MAILDIR_UIDLIST_REC_FLAG_RACING | unknown: 32736) new_changed = false cur_changed = false lock_failure = false fname = 0x268aaa0 "" why = (unknown: 0) ret = 1 __FUNCTION__ = "maildir_sync_context" #10 0x00007f4cd5e51497 in maildir_sync_run (mbox=0x268aaa0, flags=MAILBOX_SYNC_FLAG_EXPUNGE, force_resync=false, uid=0x0, lost_files_r=0x7fff509f3afa) at maildir-sync.c:1024 _data_stack_cur_id = 5 ctx = 0x27445a8 retry = false lost_files = false ret = 0 #11 0x00007f4cd5e517de in maildir_storage_sync_init (box=0x268aaa0, flags=MAILBOX_SYNC_FLAG_EXPUNGE) at maildir-sync.c:1097 mbox = 0x268aaa0 lost_files = false force_resync = false ret = 0 __FUNCTION__ = "maildir_storage_sync_init" #12 0x00007f4cd5e2cc41 in mailbox_sync_init (box=0x268aaa0, flags=MAILBOX_SYNC_FLAG_EXPUNGE) at mail-storage.c:1728 _data_stack_cur_id = 4 ctx = 0x0 #13 0x000000000042e408 in imap_sync_init (client=0x2687680, box=0x268aaa0, imap_flags=IMAP_SYNC_FLAG_SAFE, flags=MAILBOX_SYNC_FLAG_EXPUNGE) at imap-sync.c:229 ctx = 0x268b770 __FUNCTION__ = "imap_sync_init" #14 0x000000000042f96b in cmd_sync_client (sync_cmd=0x2688280) at imap-sync.c:737 client = 0x2687680 ctx = 0x2 flags = MAILBOX_SYNC_FLAG_EXPUNGE imap_flags = IMAP_SYNC_FLAG_SAFE no_newmail = false #15 0x000000000042febc in cmd_sync_delayed_real (client=0x2687680) at imap-sync.c:858 cmd = 0x2688280 first_expunge = 0x2688280 first_nonexpunge = 0x0 __FUNCTION__ = "cmd_sync_delayed_real" #16 0x000000000042fef2 in cmd_sync_delayed (client=0x2687680) at imap-sync.c:866 _data_stack_cur_id = 3 ret = 80 #17 0x000000000041e9d1 in client_handle_input (client=0x2687680) at imap-client.c:1118 ret = false remove_io = false handled_commands = true __FUNCTION__ = "client_handle_input" #18 0x000000000041eb02 in client_input (client=0x2687680) at imap-client.c:1149 cmd = 0x7fff509f3cc0 output = 0x26880a0 bytes = 28 __FUNCTION__ = "client_input" #19 0x00007f4cd5b6b054 in io_loop_call_io (io=0x268ca30) at ioloop.c:564 ioloop = 0x264f760 t_id = 2 __FUNCTION__ = "io_loop_call_io" #20 0x00007f4cd5b6d5c1 in io_loop_handler_run_internal (ioloop=0x264f760) at ioloop-epoll.c:220 ctx = 0x2651270 events = 0x26520a0 event = 0x26520a0 list = 0x26881d0 io = 0x268ca30 tv = {tv_sec = 256, tv_usec = 707889} events_count = 5 msecs = 256708 ret = 1 i = 0 j = 0 call = true __FUNCTION__ = "io_loop_handler_run_internal" #21 0x00007f4cd5b6b1fd in io_loop_handler_run (ioloop=0x264f760) at ioloop.c:612 No locals. #22 0x00007f4cd5b6b149 in io_loop_run (ioloop=0x264f760) at ioloop.c:588 __FUNCTION__ = "io_loop_run" #23 0x00007f4cd5aca603 in master_service_run (service=0x264f600, callback=0x430dd6 ) at master-service.c:641 No locals. #24 0x0000000000431169 in main (argc=2, argv=0x264f390) at main.c:460 set_roots = {0x43bbe0 , 0x646340 , 0x0} login_set = {auth_socket_path = 0x2647048 "\001", postlogin_socket_path = 0x2647078 "z`\005", postlogin_timeout_secs = 60, callback = 0x430af0 , failure_callback = 0x430d41 , request_auth_token = 1} service_flags = MASTER_SERVICE_FLAG_KEEP_CONFIG_OPEN storage_service_flags = (MAIL_STORAGE_SERVICE_FLAG_DISALLOW_ROOT | MAIL_STORAGE_SERVICE_FLAG_AUTOEXPUNGE) username = 0x0 auth_socket_path = 0x43cd85 "auth-master" c = -1 (gdb) Reuben From citrin+dovecot at citrin.ru Fri Sep 16 15:50:25 2016 From: citrin+dovecot at citrin.ru (Anton Yuzhaninov) Date: Fri, 16 Sep 2016 11:50:25 -0400 Subject: converting maildir to mailbox Message-ID: <1b3d06e9-fd81-16ee-44eb-b9ec6ef83a74@citrin.ru> Hi all! There is a script to convert maildir to mailbox in wiki: http://wiki.dovecot.org/Migration/MailFormat but it doesn't convert any message flags (seen e.t.c.). I wrote a script, which converts most flags and labels: https://bitbucket.org/citrin/scripts/src/tip/dovecot-maildir2mbox.pl It doesn't convert recent flag and UIDs though, because it was not necessary in my case. Do you think link to the script should be added to dovecot wiki? -- WBR, Anton Yuzhaninov P. S. My use case was: get maildir from other server, convert to mbox, compress (gzip -9) and add to my mailbox as read-only archive. From me at junc.eu Fri Sep 16 16:34:41 2016 From: me at junc.eu (Benny Pedersen) Date: Fri, 16 Sep 2016 18:34:41 +0200 Subject: converting maildir to mailbox In-Reply-To: <1b3d06e9-fd81-16ee-44eb-b9ec6ef83a74@citrin.ru> References: <1b3d06e9-fd81-16ee-44eb-b9ec6ef83a74@citrin.ru> Message-ID: <800c0881f0fd8c16da405ee7710e5f3e@junc.eu> On 2016-09-16 17:50, Anton Yuzhaninov wrote: > Do you think link to the script should be added to dovecot wiki? may i ask for one that makes mbox2maildir ? would it be possible to make this into imapsync ? (also a perl script) thanks for the script anyway From aki.tuomi at dovecot.fi Fri Sep 16 16:48:01 2016 From: aki.tuomi at dovecot.fi (Aki Tuomi) Date: Fri, 16 Sep 2016 19:48:01 +0300 (EEST) Subject: converting maildir to mailbox In-Reply-To: <800c0881f0fd8c16da405ee7710e5f3e@junc.eu> References: <1b3d06e9-fd81-16ee-44eb-b9ec6ef83a74@citrin.ru> <800c0881f0fd8c16da405ee7710e5f3e@junc.eu> Message-ID: <2065445491.649.1474044482894@appsuite-dev.open-xchange.com> > On September 16, 2016 at 7:34 PM Benny Pedersen wrote: > > > On 2016-09-16 17:50, Anton Yuzhaninov wrote: > > > Do you think link to the script should be added to dovecot wiki? > > may i ask for one that makes mbox2maildir ? > > would it be possible to make this into imapsync ? (also a perl script) > > thanks for the script anyway Or you can use dovecot. doveadm import -u user -s mbox:/path/to/dir INBOX all Put mbox as file called inbox under some dir and make sure its readwritable by target user uid. Similarly you can use doveadm sync if you want to keep syncing it for a while or do on the fly migration. 1. Edit dovecot.conf and change mail_location to new format and location. 2. Run doveadm sync -u user mbox:path 3. Restart dovecot 4. Run sync again Aki From info at netocean.de Fri Sep 16 19:20:46 2016 From: info at netocean.de (=?UTF-8?Q?Leander_Sch=c3=a4fer?=) Date: Fri, 16 Sep 2016 21:20:46 +0200 Subject: BUG - DELETE Public/Folder not working with Thunderbird Message-ID: <2cd16d7e-ecb0-ed8f-bc7a-11ea375c7133@netocean.de> Hi, Unfortunately it looks like the parameter: "imap_client_workarounds = tb-extra-mailbox-sep" does not work. Neither inside nor outside "protocol imap {}" configuration section. ACLs are set correctly. Manual "DELETE Public/Test" via telnet is working as expected. Is this a known bug? See: - https://help.ubuntu.com/community/Dovecot#Thunderbird - http://wiki.dovecot.org/Clients#Thunderbird # 2.2.25 (7be1766): /usr/local/etc/dovecot/dovecot.conf # Pigeonhole version 0.4.15 (97b3da0) # OS: FreeBSD 10.3-RELEASE amd64 [...] imap_client_workarounds = delay-newmail tb-extra-mailbox-sep tb-lsub-flags [...] namespace { list = children location = maildir:%%h/maildir:INDEX=~/maildir/Shared/%%u:CONTROL=~/maildir/Shared/%%u:INDEXPVT=~/maildir/Shared prefix = Shared/%%u/ separator = / subscriptions = no type = shared } namespace { hidden = no list = children location = maildir:~/../Public:LAYOUT=fs:INDEX=~/../Public:CONTROL=~/../Public:INDEXPVT=~/maildir/Public prefix = Public/ separator = / subscriptions = no type = public } [...] Best regards Leander Sch?fer From citrin+dovecot at citrin.ru Fri Sep 16 19:33:42 2016 From: citrin+dovecot at citrin.ru (Anton Yuzhaninov) Date: Fri, 16 Sep 2016 15:33:42 -0400 Subject: BUG - DELETE Public/Folder not working with Thunderbird In-Reply-To: <2cd16d7e-ecb0-ed8f-bc7a-11ea375c7133@netocean.de> References: <2cd16d7e-ecb0-ed8f-bc7a-11ea375c7133@netocean.de> Message-ID: <43415813-7f09-fe70-0b09-1882f9ca88a6@citrin.ru> On 2016-09-16 15:20, Leander Sch?fer wrote: > Unfortunately it looks like the parameter: "imap_client_workarounds = > tb-extra-mailbox-sep" does not work. Neither inside nor outside > "protocol imap {}" configuration section. ACLs are set correctly. Manual > "DELETE Public/Test" via telnet is working as expected. Is this a known > bug? It will be useful to run Thunderbird with debug log and see which command Thunderbird sends and how dovecot reply. Example of script to run TB with debug log: https://bitbucket.org/snippets/citrin/Bp5Xa (don't share full log, it contain auth info, search for the command with error). From info at netocean.de Fri Sep 16 20:13:35 2016 From: info at netocean.de (=?UTF-8?Q?Leander_Sch=c3=a4fer?=) Date: Fri, 16 Sep 2016 22:13:35 +0200 Subject: BUG - DELETE Public/Folder not working with Thunderbird In-Reply-To: <43415813-7f09-fe70-0b09-1882f9ca88a6@citrin.ru> References: <2cd16d7e-ecb0-ed8f-bc7a-11ea375c7133@netocean.de> <43415813-7f09-fe70-0b09-1882f9ca88a6@citrin.ru> Message-ID: <5f316369-c803-29ec-d72f-6f4c245eeec7@netocean.de> Hi Anton, Thank you very much for your helpful hint. Thunderbird clearly wants to move Public/Test to the Trash of the user who subscribed the Public folder. Question is how to solve this from a Dovecot point of a view, so a user can also delete folders? 2020200448[10053c700]: proposed url = Public/Test folder for connection INBOX has To Wait = FALSE can run = FALSE 2020200448[10053c700]: proposed url = Public/Test folder for connection Public/Test has To Wait = FALSE can run = TRUE 31432704[11f53e080]: 1f581800:192.168.10.52:S-Public/Test:SendData: DONE 31432704[11f53e080]: ReadNextLine [stream=2ac7e870 nb=52 needmore=0] 31432704[11f53e080]: 1f581800:192.168.10.52:S-Public/Test:CreateNewLineFromSocket: 14 OK Idle completed (0.001 + 6.435 + 6.434 secs). 31432704[11f53e080]: 1f581800:192.168.10.52:S-Public/Test:ProcessCurrentURL: entering 31432704[11f53e080]: 1f581800:192.168.10.52:S-Public/Test:ProcessCurrentURL:imap://leander%40mydomain%2Elocaldomain at 192.168.10.52:143/movefolderhierarchy%3E%5EPublic/Test%3E%5ETrash: = currentUrl 31432704[11f53e080]: 1f581800:192.168.10.52:S-Public/Test:SendData: 15 list (subscribed) "" "Public/Test/*" return (special-use) 31432704[11f53e080]: ReadNextLine [stream=2ac7e870 nb=44 needmore=0] 31432704[11f53e080]: 1f581800:192.168.10.52:S-Public/Test:CreateNewLineFromSocket: 15 OK List completed (0.000 + 0.000 secs). 31432704[11f53e080]: 1f581800:192.168.10.52:S-Public/Test:SendData: 16 close 31432704[11f53e080]: ReadNextLine [stream=2ac7e870 nb=45 needmore=0] 31432704[11f53e080]: 1f581800:192.168.10.52:S-Public/Test:CreateNewLineFromSocket: 16 OK Close completed (0.000 + 0.000 secs). 31432704[11f53e080]: 1f581800:192.168.10.52:A:SendData: 17 rename "Public/Test" "Trash/Test" 31432704[11f53e080]: ReadNextLine [stream=2ac7e870 nb=91 needmore=0] 31432704[11f53e080]: 1f581800:192.168.10.52:A:CreateNewLineFromSocket: 17 NO [CANNOT] Renaming not supported across non-private namespaces (0.000 + 0.000 secs). Best regards Leander Sch?fer Am 16.09.16 um 21:33 schrieb Anton Yuzhaninov: > On 2016-09-16 15:20, Leander Sch?fer wrote: >> Unfortunately it looks like the parameter: "imap_client_workarounds = >> tb-extra-mailbox-sep" does not work. Neither inside nor outside >> "protocol imap {}" configuration section. ACLs are set correctly. Manual >> "DELETE Public/Test" via telnet is working as expected. Is this a known >> bug? > > It will be useful to run Thunderbird with debug log and see which > command Thunderbird sends and how dovecot reply. > > Example of script to run TB with debug log: > https://bitbucket.org/snippets/citrin/Bp5Xa > (don't share full log, it contain auth info, search for the command > with error). From info at netocean.de Fri Sep 16 22:44:12 2016 From: info at netocean.de (=?UTF-8?Q?Leander_Sch=c3=a4fer?=) Date: Sat, 17 Sep 2016 00:44:12 +0200 Subject: acl_group not working not working correctly Message-ID: <2416c979-e387-2301-f485-1d88d39ebcac@netocean.de> Hi, I'm trying to setup group based ACLs coming from OpenLDAP. My setup doesn't require a POSIX Group match. In the Dovecot configuration file I have this: "user_attrs = [...], mailAclGroups=acl_groups" as well as "acl = vfile:/usr/local/etc/dovecot/global-acls:cache_secs=300". The user has "public" in the LDAP attribute "mailAclGroups". It seems to get everything right. I checked with doveadm - and I see public ist listed as expected: cat /var/log/debug.log [...] Sep 16 23:39:04 WM-01 dovecot: auth: Debug: client passdb out: OK 1 user=leander at mydomain.localdomain acl_groups=public [...] cat /usr/local/etc/dovecot/global-acls INBOX owner lrwstipekxa Drafts owner lrwstipeka Sent owner lrwstipeka Spam owner lrwstipeka Trash owner lrwstipeka Public authenticated l Public group-override=public lrwstipekx Public/* group-override=public lrwstipekx doveadm mailbox list -u leander at mydomain.localdomain Drafts Sent Trash Spam Shared Public Public/Service Center Shared/test at mydomain.localdomain Shared/test at mydomain.localdomain/Drafts Shared/test at mydomain.localdomain/Sent Shared/test at mydomain.localdomain/Trash Shared/test at mydomain.localdomain/Spam INBOX But here comes the strange thing: telnet equal to Thunderbird: . LIST "" "*" * LIST (\HasNoChildren \Drafts) "/" Drafts * LIST (\HasNoChildren \Sent) "/" Sent * LIST (\HasNoChildren \Trash) "/" Trash * LIST (\HasNoChildren \Junk) "/" Spam * LIST (\Noselect \HasChildren) "/" Shared * LIST (\HasChildren) "/" Shared/test at mydomain.localdomain * LIST (\HasNoChildren) "/" Shared/test at mydomain.localdomain/Drafts * LIST (\HasNoChildren) "/" Shared/test at mydomain.localdomain/Sent * LIST (\HasNoChildren) "/" Shared/test at mydomain.localdomain/Trash * LIST (\HasNoChildren) "/" Shared/test at mydomain.localdomain/Spam * LIST (\HasNoChildren) "/" INBOX . OK List completed (0.000 + 0.000 + 0.092 secs). Public and Public/* shoul be listed as well, but it isn't. Any idea why it is behaving like this? Thanks Best regards Leander Sch?fer From voytek at sbt.net.au Fri Sep 16 23:03:48 2016 From: voytek at sbt.net.au (voytek at sbt.net.au) Date: Sat, 17 Sep 2016 09:03:48 +1000 Subject: how to mass delete after a hacked mail? Message-ID: <5af26ba839cca7bd76a52837a79a1d92.squirrel@www.sbt.net.au> I had a hacked user account resulting in several thousand bounces back to that email inbox, account now corrected, but, how can I mass delete bounces with say subject like: "Undelivered Mail Returned to Sender" (by from ? ""Mail Delivery System" ") or what other ways to clean the mess ? thanks, V From pch at myzel.net Fri Sep 16 23:26:44 2016 From: pch at myzel.net (Peter Chiochetti) Date: Sat, 17 Sep 2016 01:26:44 +0200 Subject: how to mass delete after a hacked mail? In-Reply-To: <5af26ba839cca7bd76a52837a79a1d92.squirrel@www.sbt.net.au> References: <5af26ba839cca7bd76a52837a79a1d92.squirrel@www.sbt.net.au> Message-ID: <4f9a4acc-9829-9fc8-25c1-dc324f6289c0@myzel.net> Am 2016-09-17 um 01:03 schrieb voytek at sbt.net.au: > I had a hacked user account resulting in several thousand bounces back to > that email inbox, account now corrected, but, how can I mass delete > bounces with say subject like: > > "Undelivered Mail Returned to Sender" > (by from ? ""Mail Delivery System" ") > > or what other ways to clean the mess ? > > thanks, > > V > Please excuse if you find my take objectionable: If the user invited the mischief, he or she ought to clean that up themselves ;) Otherwise, there is doveadm search and doveadm expunge ? -- peter From sean at seangreenslade.com Fri Sep 16 23:30:53 2016 From: sean at seangreenslade.com (Sean Greenslade) Date: Fri, 16 Sep 2016 19:30:53 -0400 Subject: how to mass delete after a hacked mail? In-Reply-To: <5af26ba839cca7bd76a52837a79a1d92.squirrel@www.sbt.net.au> References: <5af26ba839cca7bd76a52837a79a1d92.squirrel@www.sbt.net.au> Message-ID: <20160916233053.GB18014@coach.home> On Sat, Sep 17, 2016 at 09:03:48AM +1000, voytek at sbt.net.au wrote: > I had a hacked user account resulting in several thousand bounces back to > that email inbox, account now corrected, but, how can I mass delete > bounces with say subject like: > > "Undelivered Mail Returned to Sender" > (by from ? ""Mail Delivery System" ") > > or what other ways to clean the mess ? > > thanks, > > V Easiest way for a one-time thing is to use an IMAP client. I like mutt, so in mutt, I would connect to the account, then run a limit command (l) like so: ~s "Undelivered Mail Returned to Sender" (or perhaps limit by From, or both) Then manually check over the results to make sure it hasn't trapped anything important, then tag and delete the whole set. --Sean From per at computer.org Sat Sep 17 08:15:00 2016 From: per at computer.org (Per Jessen) Date: Sat, 17 Sep 2016 10:15:00 +0200 Subject: how to mass delete after a hacked mail? References: <5af26ba839cca7bd76a52837a79a1d92.squirrel@www.sbt.net.au> Message-ID: voytek at sbt.net.au wrote: > I had a hacked user account resulting in several thousand bounces back > to that email inbox, account now corrected, but, how can I mass delete > bounces with say subject like: > > "Undelivered Mail Returned to Sender" > (by from ? ""Mail Delivery System" ") > How about this - find /cur -type f -ctime -7 | xargs grep -l '^Subject:.*Undelivered Mail Returned to Sender' | xargs rm (the -7 will limit the search to files created in the last week). Obviously run some tests first _without_ "xargs rm". -- Per Jessen, Z?rich (15.8?C) http://www.dns24.ch/ - free dynamic DNS, made in Switzerland. From citrin+dovecot at citrin.ru Sat Sep 17 15:20:16 2016 From: citrin+dovecot at citrin.ru (Anton Yuzhaninov) Date: Sat, 17 Sep 2016 11:20:16 -0400 Subject: BUG - DELETE Public/Folder not working with Thunderbird In-Reply-To: <5f316369-c803-29ec-d72f-6f4c245eeec7@netocean.de> References: <2cd16d7e-ecb0-ed8f-bc7a-11ea375c7133@netocean.de> <43415813-7f09-fe70-0b09-1882f9ca88a6@citrin.ru> <5f316369-c803-29ec-d72f-6f4c245eeec7@netocean.de> Message-ID: <2d325d80-64c5-e5d4-4a7e-7d132ce3d5b8@citrin.ru> On 2016-09-16 16:13, Leander Sch?fer wrote: > Thank you very much for your helpful hint. Thunderbird clearly wants to > move Public/Test to the Trash of the user who subscribed the Public > folder. Question is how to solve this from a Dovecot point of a view, so > a user can also delete folders? > 31432704[11f53e080]: 1f581800:192.168.10.52:A:SendData: 17 rename > "Public/Test" "Trash/Test" > 31432704[11f53e080]: ReadNextLine [stream=2ac7e870 nb=91 needmore=0] > 31432704[11f53e080]: 1f581800:192.168.10.52:A:CreateNewLineFromSocket: > 17 NO [CANNOT] Renaming not supported across non-private namespaces > (0.000 + 0.000 secs). I don't sure something can be done by dovecot in this situation. You have to try workarounds in Thunderbird: http://kb.mozillazine.org/IMAP_folder_cannot_be_deleted I personally think, that MUA should delete folder (not rename) if folder is empty. From matwey.kornilov at gmail.com Sat Sep 17 17:22:33 2016 From: matwey.kornilov at gmail.com (Matwey V. Kornilov) Date: Sat, 17 Sep 2016 20:22:33 +0300 Subject: ldap sasl bind and auth_bind Message-ID: Hello, I am using # dovecot --version 2.2.18 # dovecot -n # 2.2.18: /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.8 (0c4ae064f307+) doveconf: Warning: NOTE: You can get a new clean config file with: doveconf -n > dovecot-new.conf doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:24: 'imaps' protocol can no longer be specified (use protocols=imap). to disable non-ssl imap, use service imap-login { inet_listener imap { port=0 } } doveconf: Warning: NOTE: You can get a new clean config file with: doveconf -n > dovecot-new.conf doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:24: 'imaps' protocol can no longer be specified (use protocols=imap). to disable non-ssl imap, use service imap-login { inet_listener imap { port=0 } } # OS: Linux 4.1.27-27-default x86_64 openSUSE 42.1 (x86_64) first_valid_uid = 1 mail_location = maildir:~/Maildir managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } plugin { sieve = file:~/sieve;active=~/.dovecot.sieve } protocols = lmtp imap service imap-login { inet_listener imap { port = 0 } } ssl = required ssl_ca = /etc/pki/trust/anchors/rootCA.pem ssl_cert = Hello Dovecot list, We've been running a really old CentOS 5 server with the stock dovecot from yum (1.0.7) for years and years with absolutely no problems. If it ain't broke, don't fix it, or something like that. Well it finally broke, but only due to the server no longer being able to handle the load of the increasing user base (many thousands now, with hundreds of concurrent IMAP connections any any given time) So we upgraded to a new CentOS 7 server with SSD RAID, fast CPUs and tons of RAM. No more load problems. We compiled the latest dovecot from source (as the version from CentOS yum repo is already quite old, figure we might as well run the latest version since we were upgrading anyway). Thanks to excellent documentation on dovecot.org and fairly thorough testing, the upgrade was quite smooth. We kept all the message UUIDs intact and tried to match the supported authentication methods etc to the old setup, and we didn't have any problems with clients re-downloading or re-syncing mail. We do however have one problem, which prompted me to join this list. It is the same problem as described in this thread from last month:?http://dovecot.org/list/dovecot/2016-July/104899.html Here's the excerpt from our maillog: Sep 17 19:34:57 mail dovecot: auth: Panic: file auth-request.c: line 1049 (auth_request_lookup_credentials): assertion failed: (request->credentials_scheme == scheme) Sep 17 19:34:57 mail dovecot: auth: Error: Raw backtrace: /usr/local/lib/dovecot/libdovecot.so.0(+0x89470) [0x7fa9cb8af470] -> /usr/local/lib/dovecot/libdovecot.so.0(+0x8954e) [0x7fa9cb8af54e] -> /usr/local/lib/dovecot/libdovecot.so.0(i_fatal+0) [0x7fa9cb851f75] -> dovecot/auth() [0x4165bc] -> dovecot/auth() [0x4221fb] -> dovecot/auth() [0x41620b] -> dovecot/auth(auth_request_lookup_credentials_callback+0x58) [0x4162f8] -> dovecot/auth(passdb_handle_credentials+0x6a) [0x4254ba] -> dovecot/auth() [0x425b62] -> dovecot/auth() [0x41c1f8] -> /usr/local/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x4c) [0x7fa9cb8c207c] -> /usr/local/lib/dovecot/libdovecot.so.0(io_loop_handler_run_internal+0xd7) [0x7fa9cb8c3377] -> /usr/local/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0x25) [0x7fa9cb8c2105] -> /usr/local/lib/dovecot/libdovecot.so.0(io_loop_run+0x38) [0x7fa9cb8c22b8] -> /usr/local/lib/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7fa9cb857f33] -> dovecot/auth(main+0x2eb) [0x40ccdb] -> /lib64/libc.so.6(__libc_start_main+0xf5) [0x7fa9c9dc2b15] -> dovecot/auth() [0x40cf15] On the client side, it manifests as an authentication failure, and the user is prompted to re-enter their password. The reports we've had are all from users who have their passwords saved in a local password manager, so the client is definitely sending the correct password. It's not related to a particular mail client. It is also definitely not related to the particular user or password, as the user will authenticate many times successfully and then (seemingly) randomly be hit by this bug and prompted to re-enter their password. We enabled verbose logging and even logging of passwords for failed authentication attempts in an attempt to find a pattern, but so far we have not found one. Similar to the original poster in the above thread, we are using a MySQL backend, and CentOS 7 on x86_64 It happens quite frequently: in the past 6 days it happened?49175 times, according to a grep of the maillog. In the same period there were?294167 successful IMAP logins and?160322 POP3 logins. For now we have downgraded to 2.2.4 and so far have not seen the crash recorded in the maillog. What can we do to help track down and fix this bug? # dovecot -n # 2.2.24 (a82c823): /usr/local/etc/dovecot/dovecot.conf # OS: Linux 3.10.0-327.28.3.el7.x86_64 x86_64 CentOS Linux release 7.2.1511 (Core) ?ext4 auth_debug = yes auth_debug_passwords = yes auth_mechanisms = plain login digest-md5 cram-md5 ntlm rpa apop auth_verbose = yes auth_verbose_passwords = plain debug_log_path = /var/log/dovecot-debug.log default_client_limit = 5000 default_process_limit = 1000 disable_plaintext_auth = no first_valid_uid = 89 mail_debug = yes mail_fsync = never mail_gid = 89 mail_location = maildir:/var/virtual/%d/%n mail_uid = 89 namespace inbox { ? inbox = yes ? location =? ? mailbox Drafts { ? ? special_use = \Drafts ? } ? mailbox Junk { ? ? special_use = \Junk ? } ? mailbox Sent { ? ? special_use = \Sent ? } ? mailbox "Sent Messages" { ? ? special_use = \Sent ? } ? mailbox Trash { ? ? special_use = \Trash ? } ? prefix =? } passdb { ? args = /usr/local/etc/dovecot/dovecot-sql.conf.ext ? driver = sql } pop3_client_workarounds = outlook-no-nuls oe-ns-eoh service auth { ? unix_listener /var/spool/postfix/private/auth { ? ? group = postfix ? ? mode = 0660 ? ? user = postfix ? } } ssl_ca = <*** ssl_cert = <*** ssl_key = <*** userdb { ? args = /usr/local/etc/dovecot/dovecot-sql.conf.ext ? driver = sql } verbose_ssl = yes protocol lmtp { ? mail_fsync = optimized } protocol lda { ? mail_fsync = optimized } protocol imap { ? mail_max_userip_connections = 50 } protocol pop3 { ? mail_max_userip_connections = 20 } -- Chris?Wik Anu?Internet?Services www.anu.net?|?www.cwik.ch From aki.tuomi at dovecot.fi Sun Sep 18 06:06:20 2016 From: aki.tuomi at dovecot.fi (Aki Tuomi) Date: Sun, 18 Sep 2016 09:06:20 +0300 (EEST) Subject: Panic: file auth-request.c In-Reply-To: <960408505-4711@connect.anu.net> References: <960408505-4711@connect.anu.net> Message-ID: <624452738.55.1474178781196@appsuite-dev.open-xchange.com> > On September 17, 2016 at 9:15 PM Chris Wik wrote: > > > > Hello Dovecot list, > > > We've been running a really old CentOS 5 server with the stock dovecot from yum (1.0.7) for years and years with absolutely no problems. If it ain't broke, don't fix it, or something like that. > > > Well it finally broke, but only due to the server no longer being able to handle the load of the increasing user base (many thousands now, with hundreds of concurrent IMAP connections any any given time) > > > So we upgraded to a new CentOS 7 server with SSD RAID, fast CPUs and tons of RAM. No more load problems. We compiled the latest dovecot from source (as the version from CentOS yum repo is already quite old, figure we might as well run the latest version since we were upgrading anyway). > > > Thanks to excellent documentation on dovecot.org and fairly thorough testing, the upgrade was quite smooth. We kept all the message UUIDs intact and tried to match the supported authentication methods etc to the old setup, and we didn't have any problems with clients re-downloading or re-syncing mail. > > > We do however have one problem, which prompted me to join this list. It is the same problem as described in this thread from last month: http://dovecot.org/list/dovecot/2016-July/104899.html > > > Here's the excerpt from our maillog: > > > Sep 17 19:34:57 mail dovecot: auth: Panic: file auth-request.c: line 1049 (auth_request_lookup_credentials): assertion failed: (request->credentials_scheme == scheme) > Sep 17 19:34:57 mail dovecot: auth: Error: Raw backtrace: /usr/local/lib/dovecot/libdovecot.so.0(+0x89470) [0x7fa9cb8af470] -> /usr/local/lib/dovecot/libdovecot.so.0(+0x8954e) [0x7fa9cb8af54e] -> /usr/local/lib/dovecot/libdovecot.so.0(i_fatal+0) [0x7fa9cb851f75] -> dovecot/auth() [0x4165bc] -> dovecot/auth() [0x4221fb] -> dovecot/auth() [0x41620b] -> dovecot/auth(auth_request_lookup_credentials_callback+0x58) [0x4162f8] -> dovecot/auth(passdb_handle_credentials+0x6a) [0x4254ba] -> dovecot/auth() [0x425b62] -> dovecot/auth() [0x41c1f8] -> /usr/local/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x4c) [0x7fa9cb8c207c] -> /usr/local/lib/dovecot/libdovecot.so.0(io_loop_handler_run_internal+0xd7) [0x7fa9cb8c3377] -> /usr/local/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0x25) [0x7fa9cb8c2105] -> /usr/local/lib/dovecot/libdovecot.so.0(io_loop_run+0x38) [0x7fa9cb8c22b8] -> /usr/local/lib/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7fa9cb857f33] -> dovecot/auth(main+0x2eb) [0x40ccdb] -> /lib64/libc.so.6(__libc_start_main+0xf5) [0x7fa9c9dc2b15] -> dovecot/auth() [0x40cf15] > > > On the client side, it manifests as an authentication failure, and the user is prompted to re-enter their password. The reports we've had are all from users who have their passwords saved in a local password manager, so the client is definitely sending the correct password. It's not related to a particular mail client. It is also definitely not related to the particular user or password, as the user will authenticate many times successfully and then (seemingly) randomly be hit by this bug and prompted to re-enter their password. > > > We enabled verbose logging and even logging of passwords for failed authentication attempts in an attempt to find a pattern, but so far we have not found one. > > > Similar to the original poster in the above thread, we are using a MySQL backend, and CentOS 7 on x86_64 > > > It happens quite frequently: in the past 6 days it happened 49175 times, according to a grep of the maillog. In the same period there were 294167 successful IMAP logins and 160322 POP3 logins. > > > For now we have downgraded to 2.2.4 and so far have not seen the crash recorded in the maillog. > > > What can we do to help track down and fix this bug? > > > > # dovecot -n > # 2.2.24 (a82c823): /usr/local/etc/dovecot/dovecot.conf > # OS: Linux 3.10.0-327.28.3.el7.x86_64 x86_64 CentOS Linux release 7.2.1511 (Core) ext4 > auth_debug = yes > auth_debug_passwords = yes > auth_mechanisms = plain login digest-md5 cram-md5 ntlm rpa apop > auth_verbose = yes > auth_verbose_passwords = plain > debug_log_path = /var/log/dovecot-debug.log > default_client_limit = 5000 > default_process_limit = 1000 > disable_plaintext_auth = no > first_valid_uid = 89 > mail_debug = yes > mail_fsync = never > mail_gid = 89 > mail_location = maildir:/var/virtual/%d/%n > mail_uid = 89 > namespace inbox { > inbox = yes > location = > mailbox Drafts { > special_use = \Drafts > } > mailbox Junk { > special_use = \Junk > } > mailbox Sent { > special_use = \Sent > } > mailbox "Sent Messages" { > special_use = \Sent > } > mailbox Trash { > special_use = \Trash > } > prefix = > } > passdb { > args = /usr/local/etc/dovecot/dovecot-sql.conf.ext > driver = sql > } > pop3_client_workarounds = outlook-no-nuls oe-ns-eoh > service auth { > unix_listener /var/spool/postfix/private/auth { > group = postfix > mode = 0660 > user = postfix > } > } > ssl_ca = <*** > ssl_cert = <*** > ssl_key = <*** > userdb { > args = /usr/local/etc/dovecot/dovecot-sql.conf.ext > driver = sql > } > verbose_ssl = yes > protocol lmtp { > mail_fsync = optimized > } > protocol lda { > mail_fsync = optimized > } > protocol imap { > mail_max_userip_connections = 50 > } > protocol pop3 { > mail_max_userip_connections = 20 > } > -- > Chris Wik > Anu Internet Services > www.anu.net | www.cwik.ch Hi! This has been fixed with https://github.com/dovecot/core/commit/6c969ac21a43cc10ee1f1a91a4f39e4864c886cb Aki Tuomi Dovecot oy From chris at anu.net Sun Sep 18 10:50:23 2016 From: chris at anu.net (Chris Wik) Date: Sun, 18 Sep 2016 12:50:23 +0200 Subject: Panic: file auth-request.c In-Reply-To: <624452738.55.1474178781196@appsuite-dev.open-xchange.com> Message-ID: <1021813844-27377@connect.anu.net> From: Aki Tuomi ? To: Dovecot Mailing List , Chris Wik Sent: 18/09/2016 8:06 AM Subject: Re: Panic: file auth-request.c > Sep 17 19:34:57 mail dovecot: auth: Panic: file auth-request.c: line 1049 (auth_request_lookup_credentials): assertion failed: (request->credentials_scheme == scheme) > Sep 17 19:34:57 mail dovecot: auth: Error: Raw backtrace: /usr/local/lib/dovecot/libdovecot.so.0(+0x89470) [0x7fa9cb8af470] -> /usr/local/lib/dovecot/libdovecot.so.0(+0x8954e) [0x7fa9cb8af54e] -> /usr/local/lib/dovecot/libdovecot.so.0(i_fatal+0) [0x7fa9cb851f75] -> dovecot/auth() [0x4165bc] -> dovecot/auth() [0x4221fb] -> dovecot/auth() [0x41620b] -> dovecot/auth(auth_request_lookup_credentials_callback+0x58) [0x4162f8] -> dovecot/auth(passdb_handle_credentials+0x6a) [0x4254ba] -> dovecot/auth() [0x425b62] -> dovecot/auth() [0x41c1f8] -> /usr/local/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x4c) [0x7fa9cb8c207c] -> /usr/local/lib/dovecot/libdovecot.so.0(io_loop_handler_run_internal+0xd7) [0x7fa9cb8c3377] -> /usr/local/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0x25) [0x7fa9cb8c2105] -> /usr/local/lib/dovecot/libdovecot.so.0(io_loop_run+0x38) [0x7fa9cb8c22b8] -> /usr/local/lib/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7fa9cb857f33] -> dovecot/auth(main+0x2eb ) [0x40ccdb] -> /lib64/libc.so.6(__libc_start_main+0xf5) [0x7fa9c9dc2b15] -> dovecot/auth() [0x40cf15] Hi! This has been fixed with https://github.com/dovecot/core/commit/6c969ac21a43cc10ee1f1a91a4f39e4864c886cb Aki Tuomi Dovecot oy Great, good to hear! In my local source of 2.2.5, the deleted lines are lines 1048-1049. In the patch the lines are 1068-1069. I think maybe we'll wait for 2.2.6 and not try to patch it ourselves, we aren't using the new features in 2.2.5 yet and 2.2.4 has been stable for us... Chris -- Chris?Wik Anu?Internet?Services www.anu.net?|?www.cwik.ch From info at netocean.de Sun Sep 18 11:03:12 2016 From: info at netocean.de (=?UTF-8?Q?Leander_Sch=c3=a4fer?=) Date: Sun, 18 Sep 2016 13:03:12 +0200 Subject: BUG - DELETE Public/Folder not working with Thunderbird In-Reply-To: <2d325d80-64c5-e5d4-4a7e-7d132ce3d5b8@citrin.ru> References: <2cd16d7e-ecb0-ed8f-bc7a-11ea375c7133@netocean.de> <43415813-7f09-fe70-0b09-1882f9ca88a6@citrin.ru> <5f316369-c803-29ec-d72f-6f4c245eeec7@netocean.de> <2d325d80-64c5-e5d4-4a7e-7d132ce3d5b8@citrin.ru> Message-ID: <952744e4-6f52-817d-111e-24a3520fb618@netocean.de> Alright. Thank you Am 17.09.16 um 17:20 schrieb Anton Yuzhaninov: > On 2016-09-16 16:13, Leander Sch?fer wrote: >> Thank you very much for your helpful hint. Thunderbird clearly wants to >> move Public/Test to the Trash of the user who subscribed the Public >> folder. Question is how to solve this from a Dovecot point of a view, so >> a user can also delete folders? > >> 31432704[11f53e080]: 1f581800:192.168.10.52:A:SendData: 17 rename >> "Public/Test" "Trash/Test" >> 31432704[11f53e080]: ReadNextLine [stream=2ac7e870 nb=91 needmore=0] >> 31432704[11f53e080]: 1f581800:192.168.10.52:A:CreateNewLineFromSocket: >> 17 NO [CANNOT] Renaming not supported across non-private namespaces >> (0.000 + 0.000 secs). > > I don't sure something can be done by dovecot in this situation. You > have to try workarounds in Thunderbird: > http://kb.mozillazine.org/IMAP_folder_cannot_be_deleted > > I personally think, that MUA should delete folder (not rename) if > folder is empty. From azurit at pobox.sk Sun Sep 18 18:49:09 2016 From: azurit at pobox.sk (azurit at pobox.sk) Date: Sun, 18 Sep 2016 20:49:09 +0200 Subject: [Bug] Mailbox aliases still broken Message-ID: <20160918204909.Horde.hfqfbaYx60jylD3X3sRIwvX@webmail.inetadmin.eu> Hi, about an year ago i was reporting a bug in mailbox aliases, which remains unfixed and unasnwered (probably totally ignored, don't understand why). I thought it was because the bug is old and already fixed but yesterday i upgraded to Dovecot 2.2.24 and problem persists. Here is the original report, everything, except the Dovecot version, is still correct: http://dovecot.org/list/dovecot/2015-June/101176.html Will this be fixed? Thanks for info. azur From aki.tuomi at dovecot.fi Sun Sep 18 19:25:17 2016 From: aki.tuomi at dovecot.fi (Aki Tuomi) Date: Sun, 18 Sep 2016 22:25:17 +0300 (EEST) Subject: [Bug] Mailbox aliases still broken In-Reply-To: <20160918204909.Horde.hfqfbaYx60jylD3X3sRIwvX@webmail.inetadmin.eu> References: <20160918204909.Horde.hfqfbaYx60jylD3X3sRIwvX@webmail.inetadmin.eu> Message-ID: <769622110.72.1474226718578@appsuite-dev.open-xchange.com> > On September 18, 2016 at 9:49 PM azurit at pobox.sk wrote: > > > Hi, > > about an year ago i was reporting a bug in mailbox aliases, which > remains unfixed and unasnwered (probably totally ignored, don't > understand why). I thought it was because the bug is old and already > fixed but yesterday i upgraded to Dovecot 2.2.24 and problem persists. > > Here is the original report, everything, except the Dovecot version, > is still correct: > http://dovecot.org/list/dovecot/2015-June/101176.html > > Will this be fixed? Thanks for info. > > azur We will take a look at it. Thank you for taking the time to remind about this and sorry for lack of reply. Aki From me at junc.eu Sun Sep 18 19:51:18 2016 From: me at junc.eu (Benny Pedersen) Date: Sun, 18 Sep 2016 21:51:18 +0200 Subject: [Bug] Mailbox aliases still broken In-Reply-To: <769622110.72.1474226718578@appsuite-dev.open-xchange.com> References: <20160918204909.Horde.hfqfbaYx60jylD3X3sRIwvX@webmail.inetadmin.eu> <769622110.72.1474226718578@appsuite-dev.open-xchange.com> Message-ID: On 2016-09-18 21:25, Aki Tuomi wrote: > We will take a look at it. Thank you for taking the time to remind > about this and sorry for lack of reply. also postfix virtual alias to dovecot quota mailbox gives problems if the alias in postfix is not a mailbox, then dovecot says mailbox does not exists, and tell to reject it in postfix, but the error is just thst qouta plugin does not know postfix virtual aliases carefull with the auth on aliases btw From amk at spamfence.net Mon Sep 19 13:14:39 2016 From: amk at spamfence.net (Andreas M. Kirchwitz) Date: Mon, 19 Sep 2016 13:14:39 +0000 (UTC) Subject: Dovecot 2.2.25 fails on SSL References: Message-ID: Joseph Tam wrote: >> For every program I compile myself, I link it against my custom >> OpenSSL library (always newest version; distributions usually tend >> to stick with a specific version and only apply security fixes). > > OK, the origin of your problem becomes clearer. You can hardcode these > paths into the executables by doing something like > > env CFLAGS='-I/my'ssl/include' \ > LDFLAGS='-L/your/ssl/lib -Wl,-rpath,/my/ssl/lib' \ > configure ... Yes, exactly, that's my usual approach. I've used this as well for building other software with custom libraries. Unfortunately, I remember CFLAGS/LDFLAGS didn't play well with Dovecot, so I used SSL_CFLAGS/SSL_LIBS as suggested by the documentation and that worked well. > I use this myself (except the -Wl part since these libs are > symlinked to my shared library path). I think "-R/my/ssl/lib" > might also be synonymous with -Wl,... Based on your mail I've tried CFLAGS/LDFLAGS again, and now Dovecot didn't even compile any longer. I was close to giving up. But obviously, I didn't ... :-) After some investigation I found the non-default linker option "-Wl,--as-needed" as problem which is enabled by Dovecot for unknown reasons. Finally, this call to "configure" generates proper Makefile files to build Dovecot with a custom SSL library: env CPPFLAGS="-I/usr/local/ssl/include" LDFLAGS="-L/usr/local/ssl/lib -Wl,-R/usr/local/ssl/lib" LIBS="-Wl,--no-as-needed -lcrypto -lssl" SSL_CFLAGS="-I/usr/local/ssl/include" SSL_LIBS="-L/usr/local/ssl/lib -Wl,-R/usr/local/ssl/lib -Wl,--no-as-needed -lcrypto -lssl" ./configure --prefix=/usr/local/dovecot --with-ssl=openssl (chances are that SSL_CFLAGS/SSL_LIBS could be removed completely but it won't hurt) I've read the section in the "ld" manual but still don't understand why Dovecot enables --as-needed (never seen that before with other software) and why it's such a big problem. But I'm no expert here. > I don't have that problem -- I use configure to tell dovecot where to find > my self-compiled openssl, and the resulting executables load from where I > want. Thanks for pointing me at the proper direction again. Now Dovecot 2.2.25 compiles for me with a custom SSL. I understand that this issue might not have a high priority but maybe one of the developers could check if "--as-needed" is really needed (as it confuses people who try to use custom libraries) and what's the deeper meaning of SSL_CFLAGS/SSL_LIBS. My system is a regular CentOS 6 (latest sub-release with all patches), nothing special except for a custom SSL installation. Greetings, Andreas From leho at kraav.com Mon Sep 19 14:39:46 2016 From: leho at kraav.com (Leho Kraav) Date: Mon, 19 Sep 2016 17:39:46 +0300 Subject: [Dovecot] Plugins: virtuals vs acls In-Reply-To: <1316174628.12936.72.camel@hurina> References: <4E733793.3030304@kraav.com> <1316174628.12936.72.camel@hurina> Message-ID: <20160919143946.GD18604@papaya.meie.biz> On Fri, Sep 16, 2011 at 03:03:47PM +0300, Timo Sirainen wrote: ..On Fri, 2011-09-16 at 14:48 +0300, Leho Kraav wrote: .. ..> dovecot-virtual: ..> * ..> all ..> ..> when dovecot-acl files restrict some subset of * for a user, does ..> dovecot respect these ACLs when collecting messages for virtual folder? .. ..If they aren't respected, it's a bug. (dovecot-2.2.19) So, 5 years later, I got to implementing `dovecot-virtual` :) I'd like to set up a `LargeMailbox/Virtual/30d` mailbox that restricts the view of a hidden, and otherwise inaccessible `LargeMailbox` to "last 30 days" rolling window. `dovecot-virtual` for that is simple enough, but ACL-s get in the way. LargeMailbox ACL user=Moi none LargeMailbox/Virtual/30d ACL user=Moi lrwsip It looks like `docevot` is correctly restricting reading `LargeMailbox` - user Moi is able to subscribe the mailbox, but sees zero messages in there. How can I make `LargeMailbox` readable from a virtual without giving the mail client the ability to read all of `LargeMailbox` on its own? -- Leho Kraav, senior technology & marketing architect Mobile: +372-56-603673 G+: lkooglizmus at gmail.com From tanstaafl at libertytrek.org Mon Sep 19 15:26:27 2016 From: tanstaafl at libertytrek.org (Tanstaafl) Date: Mon, 19 Sep 2016 11:26:27 -0400 Subject: Supporting RFC 5466 (IMAP4 Extension for Named Searches (Filters)) In-Reply-To: <542C5424.2070006@rename-it.nl> References: <542BF6A1.9080306@jcea.es> <542C5424.2070006@rename-it.nl> Message-ID: <89c456c3-32a0-ae01-552e-9efe9b7cd716@libertytrek.org> On 10/1/2014 3:21 PM, Stephan Bosch wrote: > On 10/1/2014 2:42 PM, Jesus Cea wrote: >> I wonder if Dovecot supports RFC 5466 (IMAP4 Extension for Named >> Searches (Filters)) or if there is any plan about it. > I have a partial implementation in my patch queue. I haven't worked on > it for a few months now due to other projects that took precedence. It > still may take quite a while until I can continue that effort. I don't know if it is a good idea to resurrect such an old thread, but... Any chance there has been movement on this? There is a Thunderbird bug opened for supporting this: https://bugzilla.mozilla.org/show_bug.cgi?id=439047 and it would be much easier to try to push it forward if there was actually a server that supported it already. Thanks From francesco.fiore at par-tec.it Mon Sep 19 15:42:20 2016 From: francesco.fiore at par-tec.it (Francesco Fiore) Date: Mon, 19 Sep 2016 17:42:20 +0200 Subject: Logging of custom mail headers Message-ID: <065c9aee-d4c0-e709-767b-54cca80eee0d@par-tec.it> Hi, I need to configure Dovecot to log some custom mail headers. I red the documentation of the mail_log plugin but I didn't found which field I've to use as value for mail_log_fields parameter. So, I red the plugin code but in mail-log-plugin.c there're defined only "from" and "subject" fields that match some email header. I found three alternatives: 1. use the mail_filter plugin (spawning a new process, ecc.) 2. coding a new plugin using the notify plugin 3. propose a patch to the mail_log plugin that use a new configuration parameter (es. mail_log_headers) and log the specified mail headers Which is the better solution for you? Thanks in advance Francesco From tanstaafl at libertytrek.org Mon Sep 19 15:44:42 2016 From: tanstaafl at libertytrek.org (Tanstaafl) Date: Mon, 19 Sep 2016 11:44:42 -0400 Subject: Panic: file auth-request.c In-Reply-To: <960408505-4711@connect.anu.net> References: <960408505-4711@connect.anu.net> Message-ID: <15fccbde-afc0-39bc-8c0d-199176ea5265@libertytrek.org> On 9/17/2016 2:15 PM, Chris Wik wrote: > So we upgraded to a new CentOS 7 server with SSD RAID, fast CPUs and > tons of RAM. No more load problems. We compiled the latest dovecot > from source (as the version from CentOS yum repo is already quite > old, figure we might as well run the latest version since we were > upgrading anyway). Then on 9/18/2016 6:50 AM, Chris Wik wrote: > In my local source of 2.2.5, ??? Latest dovecot version is 2.2.25 - or was that (hopefully) a typo? http://www.dovecot.org/download.html From ml+dovecot at valo.at Mon Sep 19 15:57:47 2016 From: ml+dovecot at valo.at (Christian Kivalo) Date: Mon, 19 Sep 2016 17:57:47 +0200 Subject: dovecot --hostdomain In-Reply-To: <2b29d330-49b7-98fa-b8cf-97b32fceca66@nspace.de> References: <2b29d330-49b7-98fa-b8cf-97b32fceca66@nspace.de> Message-ID: <5B2B3075-F8A2-4FB8-8813-741FD07EF0A6@valo.at> Am 15. September 2016 16:10:02 MESZ, schrieb dovecot at nspace.de: >Hi, > >I'm currently debugging replication issues and I found that both >servers >answer to a "dovecot --hostdomain" simply with > >localhost > > From what I've read, this can lead to problems. >Where do I configure the dovecot hostdomain name? The machine itself >has >a valid name in /etc/hostname Whats the output of the command `hostname`? Whats in your /etc/hosts? >Thanks, >Thomas From chris at anu.net Mon Sep 19 17:23:23 2016 From: chris at anu.net (Chris Wik) Date: Mon, 19 Sep 2016 19:23:23 +0200 Subject: Panic: file auth-request.c In-Reply-To: <15fccbde-afc0-39bc-8c0d-199176ea5265@libertytrek.org> Message-ID: <1131968588-2373@connect.anu.net> From: Tanstaafl ? To: Sent: 19/09/2016 5:44 PM Subject: Re: Panic: file auth-request.c On 9/17/2016 2:15 PM, Chris Wik wrote: > So we upgraded to a new CentOS 7 server with SSD RAID, fast CPUs and > tons of RAM. No more load problems. We compiled the latest dovecot > from source (as the version from CentOS yum repo is already quite > old, figure we might as well run the latest version since we were > upgrading anyway). Then on 9/18/2016 6:50 AM, Chris Wik wrote: > In my local source of 2.2.5, ??? Latest dovecot version is 2.2.25 - or was that (hopefully) a typo? http://www.dovecot.org/download.html Yes, typo, sorry. I have 2.2.25 sources and the line numbers don't match the diff. We'll wait for 2.2.26, unless someone from Dovecot would like us to test the patch? In which case I'll try removing the 2 lines and recompiling and see if it works. Chris From aki.tuomi at dovecot.fi Mon Sep 19 17:31:21 2016 From: aki.tuomi at dovecot.fi (Aki Tuomi) Date: Mon, 19 Sep 2016 20:31:21 +0300 (EEST) Subject: Panic: file auth-request.c In-Reply-To: <1131968588-2373@connect.anu.net> References: <15fccbde-afc0-39bc-8c0d-199176ea5265@libertytrek.org> <1131968588-2373@connect.anu.net> Message-ID: <349142928.676.1474306282761@appsuite-dev.open-xchange.com> > On September 19, 2016 at 8:23 PM Chris Wik wrote: > > > From: Tanstaafl > > To: > Sent: 19/09/2016 5:44 PM > Subject: Re: Panic: file auth-request.c > > On 9/17/2016 2:15 PM, Chris Wik wrote: > > So we upgraded to a new CentOS 7 server with SSD RAID, fast CPUs and > > tons of RAM. No more load problems. We compiled the latest dovecot > > from source (as the version from CentOS yum repo is already quite > > old, figure we might as well run the latest version since we were > > upgrading anyway). > > Then on 9/18/2016 6:50 AM, Chris Wik wrote: > > In my local source of 2.2.5, > > ??? > > Latest dovecot version is 2.2.25 - or was that (hopefully) a typo? > > http://www.dovecot.org/download.html > > > Yes, typo, sorry. > > > I have 2.2.25 sources and the line numbers don't match the diff. > > > We'll wait for 2.2.26, unless someone from Dovecot would like us to test the patch? In which case I'll try removing the 2 lines and recompiling and see if it works. > > > Chris It should work, it's been tried out. Aki From jtam.home at gmail.com Mon Sep 19 19:23:46 2016 From: jtam.home at gmail.com (Joseph Tam) Date: Mon, 19 Sep 2016 12:23:46 -0700 (PDT) Subject: Dovecot 2.2.25 fails on SSL In-Reply-To: References: Message-ID: "Andreas M. Kirchwitz" writes: >> OK, the origin of your problem becomes clearer. You can hardcode these >> paths into the executables by doing something like >> >> env CFLAGS='-I/my'ssl/include' \ >> LDFLAGS='-L/your/ssl/lib -Wl,-rpath,/my/ssl/lib' \ >> configure ... > > Based on your mail I've tried CFLAGS/LDFLAGS again, and > now Dovecot didn't even compile any longer. I don't use the same OS as you, but what errors dis you get? Joseph Tam From emailgrant at gmail.com Mon Sep 19 21:45:37 2016 From: emailgrant at gmail.com (Grant) Date: Mon, 19 Sep 2016 14:45:37 -0700 Subject: Dovecot and imapproxy Message-ID: imapproxy sped things up a lot for me when I was using courier. I switched to dovecot a while back and kept using imapproxy. Lately I've been noticing weird TCP Queuing spikes in my munin graphs and discontinuing my use of imapproxy seems to have smoothed them out completely and I haven't noticed a slowdown in webmail. Is imapproxy generally not necessary with dovecot? - Grant From aki.tuomi at dovecot.fi Tue Sep 20 04:48:29 2016 From: aki.tuomi at dovecot.fi (Aki Tuomi) Date: Tue, 20 Sep 2016 07:48:29 +0300 (EEST) Subject: Dovecot and imapproxy In-Reply-To: References: Message-ID: <63777647.840.1474346910045@appsuite-dev.open-xchange.com> > On September 20, 2016 at 12:45 AM Grant wrote: > > > imapproxy sped things up a lot for me when I was using courier. I > switched to dovecot a while back and kept using imapproxy. Lately > I've been noticing weird TCP Queuing spikes in my munin graphs and > discontinuing my use of imapproxy seems to have smoothed them out > completely and I haven't noticed a slowdown in webmail. Is imapproxy > generally not necessary with dovecot? > > - Grant It's not needed indeed. Aki From leho at kraav.com Tue Sep 20 08:21:28 2016 From: leho at kraav.com (Leho Kraav) Date: Tue, 20 Sep 2016 11:21:28 +0300 Subject: [Dovecot] Plugins: virtuals vs acls In-Reply-To: <20160919143946.GD18604@papaya.meie.biz> References: <4E733793.3030304@kraav.com> <1316174628.12936.72.camel@hurina> <20160919143946.GD18604@papaya.meie.biz> Message-ID: <20160920082128.GG18604@papaya.meie.biz> >On Fri, 2011-09-16 at 14:48 +0300, Leho Kraav wrote: > >How can I make `LargeMailbox` readable from a virtual without giving the >mail client the ability to read all of `LargeMailbox` on its own? Symlinking a hidden "secret key" mailbox name works: 1. Symlink LargeMailbox -> LargeMailbox.sa0yaiy9Nah0thoo5do9iew1ciJaeXahphoox4si (secret key) 2. Start using `vfile:/etc/dovecot/global-acl` LargeMailbox.sa0yaiy9Nah0thoo5do9iew1ciJaeXahphoox4si user=Moi rwsi (hide mailbox, but allow modifications) LargeMailbox.Virtual.30d user=Moi lrwsip (full list + modification permissions) 3. `LargeMailbox.Virtual.30d/dovecot-virtual` !LargeMailbox.sa0yaiy9Nah0thoo5do9iew1ciJaeXahphoox4si (save to backing mailbox) all younger 2592000 Remaining excercise questions: * any more sensible / simpler techniques available? * any holes - is it possible for user=Moi to somehow learn the "secret key" name of the backing mailbox? From i.colombi at gmail.com Fri Sep 16 11:05:02 2016 From: i.colombi at gmail.com (Igor Colombi) Date: Fri, 16 Sep 2016 13:05:02 +0200 Subject: Dovecot lmtp support for SMTPUTF8 Message-ID: Hello, I'm using dovecot lmtp with Postfix. I'm enabling SMTPUTF8 (EAI), but when Postfix (v 3.1.2) tries to deliver the message to dovecot-lmtp it receive this error: status=bounced (SMTPUTF8 is required, but was not offered by host dlvmx.espsrv.net[private/dovecot-lmtp] I'm not sure if Dovecot lda and lmpt support EAI and how can I enable it. I've just found and old thread: http://www.dovecot.org/list/dovecot/2013-January/087756.html Thanks for your help. -- Igor Colombi From tss at iki.fi Tue Sep 20 09:38:27 2016 From: tss at iki.fi (Timo Sirainen) Date: Tue, 20 Sep 2016 12:38:27 +0300 Subject: [Bug] Mailbox aliases still broken In-Reply-To: <20160918204909.Horde.hfqfbaYx60jylD3X3sRIwvX@webmail.inetadmin.eu> References: <20160918204909.Horde.hfqfbaYx60jylD3X3sRIwvX@webmail.inetadmin.eu> Message-ID: <2835AB61-B28F-4113-BB86-42823EB7DA00@iki.fi> On 18 Sep 2016, at 21:49, azurit at pobox.sk wrote: > > Hi, > > about an year ago i was reporting a bug in mailbox aliases, which remains unfixed and unasnwered (probably totally ignored, don't understand why). I thought it was because the bug is old and already fixed but yesterday i upgraded to Dovecot 2.2.24 and problem persists. > > Here is the original report, everything, except the Dovecot version, is still correct: > http://dovecot.org/list/dovecot/2015-June/101176.html > > Will this be fixed? Thanks for info. Do you have mailbox_list_index=yes? That's at least buggy with aliases and the fix isn't easy. From azurit at pobox.sk Tue Sep 20 09:51:23 2016 From: azurit at pobox.sk (azurit at pobox.sk) Date: Tue, 20 Sep 2016 11:51:23 +0200 Subject: [Bug] Mailbox aliases still broken In-Reply-To: <2835AB61-B28F-4113-BB86-42823EB7DA00@iki.fi> References: <20160918204909.Horde.hfqfbaYx60jylD3X3sRIwvX@webmail.inetadmin.eu> <2835AB61-B28F-4113-BB86-42823EB7DA00@iki.fi> Message-ID: <20160920115123.Horde.LfhSAhePKsc3CneJ_KxpA-L@webmail.inetadmin.eu> > On 18 Sep 2016, at 21:49, azurit at pobox.sk wrote: >> >> Hi, >> >> about an year ago i was reporting a bug in mailbox aliases, which >> remains unfixed and unasnwered (probably totally ignored, don't >> understand why). I thought it was because the bug is old and >> already fixed but yesterday i upgraded to Dovecot 2.2.24 and >> problem persists. >> >> Here is the original report, everything, except the Dovecot >> version, is still correct: >> http://dovecot.org/list/dovecot/2015-June/101176.html >> >> Will this be fixed? Thanks for info. > > Do you have mailbox_list_index=yes? That's at least buggy with > aliases and the fix isn't easy. Yes, i have. Do i need to disable it? What impact will it have? From davidjw at calypso-it.co.uk Tue Sep 20 14:01:12 2016 From: davidjw at calypso-it.co.uk (David Williams) Date: Tue, 20 Sep 2016 15:01:12 +0100 Subject: Sieve vacation won't send second reply after timeout interval. Message-ID: <9694fb55-e47c-9a12-566b-a07a6326c0a2@calypso-it.co.uk> Hi there I'm having problems getting sieve to send a second vacation response. For testing I've set sieve_vacation_min_period = 500s and the seconds option in the script is 600. I send the first test message and get a reply fine I then wait about 12 minutes send a second message and get no reply. In the log I get "discarded duplicate response". I've restarted dovecot and removed the .dovecot.lda-dupes file before running the last test. I'm using LMTP for delivery to Dovecot. The sieve script is require ["vacation-seconds"]; # rule:[Vacation] if true { vacation :seconds 600 :addresses "username at mydomain.com" :subject "vacation" "test"; } and doveconf -n is # 2.2.19: /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.9 (357ac0a0e68b+) # OS: Linux 3.18.12-gentoo x86_64 Gentoo Base System release 2.2 ext4 auth_username_format = %Ln disable_plaintext_auth = no imap_capability = +XLIST mail_location = maildir:/srv/mail/%n/Maildir managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate vacation-seconds imapflags notify namespace inbox { inbox = yes location = mailbox Drafts { auto = subscribe special_use = \Drafts } mailbox "Sent Items" { auto = subscribe special_use = \Sent } mailbox Spam { auto = subscribe special_use = \Junk } mailbox Trash { auto = subscribe special_use = \Trash } prefix = } passdb { args = * driver = pam } plugin { sieve = file:~/sieve;active=~/.dovecot.sieve sieve_before = /var/lib/dovecot/sieve/default.sieve sieve_default = /var/lib/dovecot/sieve/default.sieve sieve_extensions = +notify +imapflags +vacation-seconds sieve_vacation_default_period = 1d sieve_vacation_min_period = 500s sieve_vacation_use_original_recipient = yes } postmaster_address = postmaster at mydomain.com protocols = imap lmtp sieve service auth { unix_listener auth-userdb { group = mode = 0777 user = } } service lmtp { inet_listener lmtp { address = 127.0.0.1 port = 10024 } } service managesieve-login { inet_listener sieve { port = 4190 } } ssl_cert = Hello folks? My first post, so please be gentle? :-) I have a client email server using SSDs for primary user mailboxes, but since the number of users keeps growing and they all seem to be very reluctant to delete anything, I?ve implemented an ?Archive? namespace that stores its mailboxes on a larger HD RAID. The idea is that, as the users approach their quota, they move messages to the Archive mailboxes to alleviate space in their primary Inbox namespace. This secondary storage part is working well, but I?m having trouble w/ getting the quotas to work right. Here are the basics of the setup: Mac Pro Server 2012 Mac OS X Server 10.6.8 Dovecot 1.1.20apple0.5 Here is how I?ve configured my namespaces (during testing): namespace private { separator = / prefix = inbox = yes } namespace private { separator = / prefix = testArchive/ location = maildir:/Shared Items/MailArchive/%u subscriptions = yes } My quota research has led me to try this: quota = maildir:User quota:ns= quota2 = maildir:ns=testArchive/ quota2_rule = *:storage=20G The first line is already in the default config, with the exception of the added ?:ns=? at the end. The 2nd line in the examples I saw had a middle component w/ the quota name, but when I tried that, like so: quota2 = maildir:Archive quota:ns=testArchive/ my server fails and shows this in the logs: > Fatal: IMAP(*): Quota root test backend maildir: Unknown parameter: ns=testArchive/ Any idea why it doesn?t like that? Also, do I need to add a quota_rule for the primary quota? It does not have one normally in the Mac OS X Server config? Thus far in my testing, I?ve been able to get the 2 quotas to show up in Roundcube and Mac Mail.app. It?s a little messy?the first shows up as ?User quota?, the 2nd as ?ns=testArchive/?, presumably because I cannot leave the description field in there. Unfortunately, both quotas show the same amount of space in use. If I drop the primary quota to a mere 4MB for testing, and if I have 5.2MB of messages in a testArchive folder, the space used for ?User quota? shows as 5.2MB (>100%), as does the ?ns=testArchive/? quota (which is 20GB). In actuality, the Inbox namespace is really only using a few KB? the 5.2MB is in the testArchive namespace. This means that I cannot move messages between either set of namespaces, and new messages are not delivered. So, the quota trouble here is negating the whole point of having the Archive namespace... Is there a way to get Dovecot to ?see? the 2 quotas as unique/discrete? It seems like I?m close to accomplishing what I want, but just can?t quite get it to cooperate. And that ?Unknown parameter? error is bewildering. Any ideas? Thx, Fred P.S. I can add my Dovecot config to the thread upon request?didn?t want to make this initial message even longer. From matwey.kornilov at gmail.com Tue Sep 20 18:50:47 2016 From: matwey.kornilov at gmail.com (Matwey V. Kornilov) Date: Tue, 20 Sep 2016 21:50:47 +0300 Subject: ldap sasl bind and auth_bind In-Reply-To: References: Message-ID: Hello, I believe there is a bug in logic. The following code snippet from db_ldap_connect() function: if (conn->set.sasl_bind) { #ifdef HAVE_LDAP_SASL struct db_ldap_sasl_bind_context context; memset(&context, 0, sizeof(context)); context.authcid = conn->set.dn; context.passwd = conn->set.dnpass; context.realm = conn->set.sasl_realm; context.authzid = conn->set.sasl_authz_id; /* There doesn't seem to be a way to do SASL binding asynchronously.. */ ret = ldap_sasl_interactive_bind_s(conn->ld, NULL, conn->set.sasl_mech, NULL, NULL, LDAP_SASL_QUIET, sasl_interact, &context); if (db_ldap_connect_finish(conn, ret) < 0) return -1; #else i_unreached(); /* already checked at init */ #endif conn->conn_state = LDAP_CONN_STATE_BOUND_DEFAULT; } else { if (db_ldap_bind(conn) < 0) return -1; } has to be inside db_ldap_bind() function. Because db_ldap_bind() is used to return the connection to the initial state which is sasl bounded as required in config file. 17.09.2016 20:22, Matwey V. Kornilov ?????: > Hello, > > I am using > > # dovecot --version > 2.2.18 > > # dovecot -n > # 2.2.18: /etc/dovecot/dovecot.conf > # Pigeonhole version 0.4.8 (0c4ae064f307+) > doveconf: Warning: NOTE: You can get a new clean config file with: > doveconf -n > dovecot-new.conf > doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:24: > 'imaps' protocol can no longer be specified (use protocols=imap). to > disable non-ssl imap, use service imap-login { inet_listener imap { > port=0 } } > doveconf: Warning: NOTE: You can get a new clean config file with: > doveconf -n > dovecot-new.conf > doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:24: > 'imaps' protocol can no longer be specified (use protocols=imap). to > disable non-ssl imap, use service imap-login { inet_listener imap { > port=0 } } > # OS: Linux 4.1.27-27-default x86_64 openSUSE 42.1 (x86_64) > first_valid_uid = 1 > mail_location = maildir:~/Maildir > managesieve_notify_capability = mailto > managesieve_sieve_capability = fileinto reject envelope > encoded-character vacation subaddress comparator-i;ascii-numeric > relational regex imap4flags copy include variables body enotify > environment mailbox date index ihave duplicate > namespace inbox { > inbox = yes > location = > mailbox Drafts { > special_use = \Drafts > } > mailbox Junk { > special_use = \Junk > } > mailbox Sent { > special_use = \Sent > } > mailbox "Sent Messages" { > special_use = \Sent > } > mailbox Trash { > special_use = \Trash > } > prefix = > } > passdb { > args = /etc/dovecot/dovecot-ldap.conf.ext > driver = ldap > } > plugin { > sieve = file:~/sieve;active=~/.dovecot.sieve > } > protocols = lmtp imap > service imap-login { > inet_listener imap { > port = 0 > } > } > ssl = required > ssl_ca = /etc/pki/trust/anchors/rootCA.pem > ssl_cert = ssl_dh_parameters_length = 2048 > ssl_key = ssl_options = no_compression > ssl_prefer_server_ciphers = yes > userdb { > args = /etc/dovecot/dovecot-ldap.conf.ext > driver = ldap > override_fields = uid=vmail gid=vmail home=/var/spool/mail/%d/%n > } > > I use LDAP for user and passwd databases as the following: > > uris = ldapi:/// > sasl_bind = yes > sasl_mech = EXTERNAL > auth_bind = yes > > And I found that only first authentication after dovecot restart is > successful, the others always fail with temp. > The reason is that dovecot rebinds to anonymous bind after succesful > auth bind instead of rebinding to external sasl bind. > From root at zoide.net Wed Sep 21 08:39:58 2016 From: root at zoide.net (Udo Waechter) Date: Wed, 21 Sep 2016 10:39:58 +0200 Subject: dsync-server: Configure lock-file location? Message-ID: Good day everyone, I have a situation where my mail-folder structure (mdbox) ist like this: My users have the following data: $ doveadm user XYZ at xx.com field value home /srv/mail/ mail mdbox:foo/XYZ at xx.com/ I also do replication between 2 nodes. Now, I sometimes (when a lot of replication is happening I get the following errors: dovecot: dsync-local(XYZ at xx.com): Error: Couldn't lock /srv/mail//.dovecot-sync.lock: Timed out after 60 seconds This of course not only for XYZ at xx.com It seems to me, that my mailbox structure should rather be: $ doveadm user XYZ at xx.com field value home /srv/mail/foo mail mdbox:XYZ at xx.com/ in order to get rid of these messages? Unfortunatly I cannot change that. I've searched around and took a look into the code of dsync-server, unfortunatly the path to the lockfile is not configurable. Is there a way to somehow configure the lock-file location for dsync-server? Thanks very much, udo. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 473 bytes Desc: OpenPGP digital signature URL: From webert.boss at gmail.com Wed Sep 21 16:16:17 2016 From: webert.boss at gmail.com (Webert de Souza Lima) Date: Wed, 21 Sep 2016 13:16:17 -0300 Subject: Director keeping IMAP connections alive Message-ID: Hello, I have a 2 director - 2 dovecot set up in a cluster. >From time to time I notice high usage of RAM by dovecot process, and analyzing with doveadm who, I see many users with dozens, even hundreds of PIDs. Inspecting those PIDs I see each one of them is an IMAP connection, coming from either director process, and ESTABILISHED. A deeper analysis shows me that there ltos of connections from the same users to BOTH dovecot instances, but as I am using director, this shouldn't happen, right? Ok. The thing is, one of the dovecot instances have only old connections (like 3 days old) and the other dovecot have some old and some newer connections. So, director is redirecting recent connections to the right dovecot, as expected, but it is keeping many of old and unused connections open, consuming resources. output of doveconf -n from dovecot: http://pastebin.com/trMEjeAs output of doveconf -n from director: http://pastebin.com/EUpHYMKY Thanks. From davidjw at calypso-it.co.uk Wed Sep 21 18:27:26 2016 From: davidjw at calypso-it.co.uk (David Williams) Date: Wed, 21 Sep 2016 19:27:26 +0100 Subject: Sieve vacation won't send second reply after timeout interval. Message-ID: <36f64a99-82eb-a14b-468e-0a67ff48f99d@calypso-it.co.uk> Hi I solved this by updating to Dovecot 2.2.24 David From francesco.fiore at par-tec.it Thu Sep 22 07:51:01 2016 From: francesco.fiore at par-tec.it (Francesco Fiore) Date: Thu, 22 Sep 2016 09:51:01 +0200 Subject: Logging of custom mail headers In-Reply-To: <065c9aee-d4c0-e709-767b-54cca80eee0d@par-tec.it> References: <065c9aee-d4c0-e709-767b-54cca80eee0d@par-tec.it> Message-ID: Hi all > Hi, > > I need to configure Dovecot to log some custom mail headers. > > I red the documentation of the mail_log plugin but I didn't found which > field I've to use as value for mail_log_fields parameter. > > So, I red the plugin code but in mail-log-plugin.c there're defined only > "from" and "subject" fields that match some email header. > > I found three alternatives: > > 1. use the mail_filter plugin (spawning a new process, ecc.) > > 2. coding a new plugin using the notify plugin > > 3. propose a patch to the mail_log plugin that use a new configuration > parameter (es. mail_log_headers) and log the specified mail headers > > Which is the better solution for you? Any suggestion? Is the devel team interested to this feature? In this case I could propose a patch on github. > > Thanks in advance > > Francesco Thanks Francesco -------------- next part -------------- A non-text attachment was scrubbed... Name: francesco_fiore.vcf Type: text/x-vcard Size: 319 bytes Desc: not available URL: From ygrishin at pyramidheadgroup.ca Fri Sep 23 00:16:47 2016 From: ygrishin at pyramidheadgroup.ca (ygrishin at pyramidheadgroup.ca) Date: Thu, 22 Sep 2016 20:16:47 -0400 Subject: Broken auth-* sockets. Message-ID: <6300f7e02cd8078b61ac02c88b8e053e@pyramidheadgroup.ca> Hello. I am migrating my servers to Ubuntu and have been having an issue with Dovecot authenticator service. Exim is set up to use dovecot-auth, anticipating the question whether exim binary was compiled with support of Dovecot authenticator, it was: --- # exim -bV Exim version 4.86_2 #1 built 05-Apr-2016 12:21:41 Copyright (c) University of Cambridge, 1995 - 2015 (c) The Exim Maintainers and contributors in ACKNOWLEDGMENTS file, 2007 - 2015 Berkeley DB: Berkeley DB 5.3.28: (September 9, 2013) Support for: crypteq iconv() IPv6 PAM Perl Expand_dlfunc GnuTLS move_frozen_messages Content_Scanning DKIM Old_Demime DNSSEC PRDR OCSP Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmjz dbmnz dnsdb dsearch ldap ldapdn ldapm mysql nis nis0 passwd pgsql sqlite Authenticators: cram_md5 cyrus_sasl dovecot plaintext spa tls Routers: accept dnslookup ipliteral iplookup manualroute queryprogram redirect Transports: appendfile/maildir/mailstore/mbx autoreply lmtp pipe smtp Fixed never_users: 0 Size of off_t: 8 Configuration file is /etc/exim4/exim4.conf --- The problem is sockets Dovecot creates are somehow broken. Exim reports something like: --- 2016-09-21 14:45:26 dovecot_plain authenticator failed for *** ([***]) [***]: 435 Unable to authenticate at present: authentication socket connection error 2016-09-21 14:45:26 dovecot_login authenticator failed for *** ([***]) [***]: 435 Unable to authenticate at present: authentication socket connection error --- and I initially thought it was wrong permissions for the socket, triple checked and they are 100% right. More than that, I temporarily chmodded it "rw" for the world as follows: --- # ls -l /var/dovecot/auth-* srw-rw-rw- 1 Debian-exim root 0 Aug 17 21:20 /var/dovecot/auth-client srw------- 1 dovecot root 0 Aug 17 21:20 /var/dovecot/auth-login srw-rw-rw- 1 Debian-exim root 0 Aug 17 21:20 /var/dovecot/auth-master -rw------- 1 root root 32 Aug 15 19:35 /var/dovecot/auth-token-secret.dat srw-rw-rw- 1 dovecot root 0 Aug 17 21:20 /var/dovecot/auth-userdb srw------- 1 dovecot root 0 Aug 17 21:20 /var/dovecot/auth-worker --- and Exim reports the same problem. What makes me think that it's Dovecot's and not Exim's problem? The fact that the socket is really broken, on the server where it's not working: --- # socat - UNIX-CONNECT:/var/dovecot/auth-client 2016/09/22 17:58:27 socat[15192] E connect(5, AF=1 "/var/dovecot/auth-client", 26): Connection refused --- on the server where it is working (version 2.2.13 is installed there), precisely same command: --- # socat - UNIX-CONNECT:/var/dovecot/auth-client VERSION 1 1 MECH PLAIN plaintext MECH LOGIN plaintext MECH CRAM-MD5 dictionary active MECH DIGEST-MD5 dictionary active mutual-auth MECH APOP private dictionary active SPID 535 CUID 880 COOKIE 0311e84ed191fb63334819b1fc3bf2e3 DONE --- with a different result!!! The system: --- uname -a Linux *** 4.4.0-38-generic #57-Ubuntu SMP Tue Sep 6 15:41:41 UTC 2016 i686 i686 i686 GNU/Linux --- Doveconf: --- # dovecot -n # 2.2.22 (fe789d2): /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.13 (7b14904) # OS: Linux 4.4.0-38-generic i686 Ubuntu 16.04.1 LTS ext3 auth_debug = yes auth_debug_passwords = yes auth_mechanisms = plain login cram-md5 digest-md5 apop debug_log_path = /var/log/dovecot-debug.log default_internal_user = dovenull disable_plaintext_auth = no first_valid_uid = 114 log_path = /var/log/dovecot.log login_greeting = IMAP/POP3 server is ready. login_log_format_elements = user=<%u> method=%m rip=%r lip=%l %c mail_location = maildir:/var/mail/exim/%d/%n mail_log_prefix = "%Us(%u): " namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { driver = pam } passdb { args = /etc/dovecot/dovecot-sql.conf driver = sql } protocols = imap pop3 service auth { unix_listener auth-client { mode = 0660 user = Debian-exim } unix_listener auth-master { mode = 0600 user = Debian-exim } user = root } service imap-login { chroot = login client_limit = 8 inet_listener imap { address = * port = 143 } inet_listener imaps { address = * port = 10143 } process_limit = 8 process_min_avail = 5 service_count = 1 user = dovenull vsz_limit = 64 M } service imap { drop_priv_before_exec = yes process_limit = 64 vsz_limit = 2 G } service pop3-login { chroot = login client_limit = 8 inet_listener pop3 { address = * port = 110 } inet_listener pop3s { address = * port = 10110 } process_limit = 8 process_min_avail = 5 service_count = 1 user = dovenull vsz_limit = 64 M } service pop3 { drop_priv_before_exec = yes process_limit = 64 vsz_limit = 2 G } ssl = no ssl_cert = References: <6300f7e02cd8078b61ac02c88b8e053e@pyramidheadgroup.ca> Message-ID: <81496485.1727.1474609642474@appsuite-dev.open-xchange.com> > On September 23, 2016 at 3:16 AM ygrishin at pyramidheadgroup.ca wrote: > > > Hello. > > I am migrating my servers to Ubuntu and have been having an issue with > Dovecot authenticator service. > > Exim is set up to use dovecot-auth, anticipating the question whether > exim binary was compiled with support of Dovecot authenticator, it was: > --- I thought that dovecot sockets are under /var/run/dovecot, not /var/dovecot, by default on Ubuntu 16.04. Anyways, to make sure dovecot actually is configured to listen on those sockets, you could stop dovecot, rm the socket files, and start dovecot to see if those sockets get created. Aki From aki.tuomi at dovecot.fi Fri Sep 23 06:05:28 2016 From: aki.tuomi at dovecot.fi (Aki Tuomi) Date: Fri, 23 Sep 2016 09:05:28 +0300 Subject: Dict protocol changes string In-Reply-To: <09ccc308-80b2-f245-00f4-8134e7f7ab96@fsn.hu> References: <09ccc308-80b2-f245-00f4-8134e7f7ab96@fsn.hu> Message-ID: <4ee8769a-6462-eac2-5ab2-2887a2aeebe7@dovecot.fi> On 29.07.2016 15:35, Nagy, Attila wrote: > Hi, > > I use pass and userdb with dict protocol in a similar way: > > key passdb { > key = passdb^MAuth-User: %u^MAuth-Pass: %w^MAuth-Protocol: > %s^MClient-IP: %r > format = json > } > > (^M is an \r character, inserted with vi CTRL-v + enter) > > Until 2.2.24 this has worked, but 2.2.25 seems to convert that ASCII > 13 into an ASCII 1 and an "r". > > Python printout from what I get with 2.2.25: > > 'Lshared/passdb\x01rAuth-User: user\x01rAuth-Pass: > pass\x01rAuth-Protocol: pop3\x01rClient-IP: 1.2.3.4' > > Is this change intentional? Why? Hi! Dict protocol escapes you newlines. You are expected to de-escape them yourself. Following escapes are done, you can de-escape them with your client. \x00 => \x10 \x01 => \x11 \t => \x1t \r => \x1r \n => \x1n The change has been made to avoid breakage if newlines or NULLs are injected into the data. Aki From rblayzor.bulk at inoc.net Fri Sep 23 12:31:53 2016 From: rblayzor.bulk at inoc.net (Robert Blayzor) Date: Fri, 23 Sep 2016 08:31:53 -0400 Subject: NFSv4 and Maildir Message-ID: <2B043C3E-CB05-4942-9AB5-0AF2402A77CE@inoc.net> Recently moving to newer storage platforms for mailbox storage so looking at moving mounts from NFSv3 with lots of issues with locking and caching to NFSv4. There seems to be a lot of benefits to v4 along with some other new features, namely ?delegation?. So the question boils down to, to delegate or not delegate on Maildir storage. There may be many reasons based on actual platform why to do (or not to do this), but I want to get the general opinion from others that may have more experience with this. Our setup is several FreeBSD 10.x clients running Dovecot/Exim, NetApp NFS mail storage (probably moving to TrueNAS) and using F5 load balancers for client side connections/SSL offload. From what I?ve found (and what i?ve read in the RFC) is that delegation seems to work best when there is NOT a lot of file contention from clients accessing the same files. I realize that in some situations many people are using director to try and keep users on the same client; in our case we?re doing it with F5 iRules. The F5 iRules work great for POP3 and IMAP session persistence, but unfortunately that doesn?t work for SMTP and Dovecot LDA, so we still have possible race conditions from the MTA?s delivering into ?INBOX?. (mostly dovecot indexes updating at the same time). So the big question is, who is using Dovecot with maildirs with NFSv4 mounts. What has your experience been? Are you using delegation? By choice and why did you come to that decision. I?m drawing up the conclusion that if you can *mostly* control client control to specific files (ie: directing access to a mailbox to come from one client), then delegation might be ok. However, if you?re not using director and have several NFS mail clients racing to access mailboxes, then delegation might turn into chaos. Your comments welcome and appreciated. -- Robert inoc.net!rblayzor XMPP: rblayzor.AT.inoc.net PGP Key: 78BEDCE1 @ pgp.mit.edu From ygrishin at pyramidheadgroup.ca Fri Sep 23 13:51:57 2016 From: ygrishin at pyramidheadgroup.ca (ygrishin at pyramidheadgroup.ca) Date: Fri, 23 Sep 2016 09:51:57 -0400 Subject: Broken auth-* sockets. In-Reply-To: <81496485.1727.1474609642474@appsuite-dev.open-xchange.com> References: <6300f7e02cd8078b61ac02c88b8e053e@pyramidheadgroup.ca> <81496485.1727.1474609642474@appsuite-dev.open-xchange.com> Message-ID: <96c93c60a6fa6cc31e203cfe4a50e48b@pyramidheadgroup.ca> On 2016-09-23 01:47, Aki Tuomi wrote: >> On September 23, 2016 at 3:16 AM ygrishin at pyramidheadgroup.ca wrote: >> >> >> Hello. >> >> I am migrating my servers to Ubuntu and have been having an issue with >> Dovecot authenticator service. >> >> Exim is set up to use dovecot-auth, anticipating the question whether >> exim binary was compiled with support of Dovecot authenticator, it >> was: >> --- > > I thought that dovecot sockets are under /var/run/dovecot, not > /var/dovecot, by default on Ubuntu 16.04. > > Anyways, to make sure dovecot actually is configured to listen on > those sockets, you could stop dovecot, rm the socket files, and start > dovecot to see if those sockets get created. > > Aki Ah, that's precisely right! Leftover sockets from previous configuration. Thank you very much, glad I asked. From webert.boss at gmail.com Fri Sep 23 14:55:36 2016 From: webert.boss at gmail.com (Webert de Souza Lima) Date: Fri, 23 Sep 2016 11:55:36 -0300 Subject: Director keeping IMAP connections alive In-Reply-To: References: Message-ID: Such connections do not exist on the front-end that connects to director hosts, so it's something between director and dovecot only. On Wed, Sep 21, 2016 at 1:16 PM, Webert de Souza Lima wrote: > Hello, > > I have a 2 director - 2 dovecot set up in a cluster. > > From time to time I notice high usage of RAM by dovecot process, and > analyzing with doveadm who, > I see many users with dozens, even hundreds of PIDs. > > Inspecting those PIDs I see each one of them is an IMAP connection, coming > from either director process, and ESTABILISHED. > > A deeper analysis shows me that there ltos of connections from the same > users to BOTH dovecot instances, but as I am using director, this shouldn't > happen, right? Ok. The thing is, one of the dovecot instances have only old > connections (like 3 days old) and the other dovecot have some old and some > newer connections. > > So, director is redirecting recent connections to the right dovecot, as > expected, but it is keeping many of old and unused connections open, > consuming resources. > > output of doveconf -n from dovecot: > http://pastebin.com/trMEjeAs > > output of doveconf -n from director: > http://pastebin.com/EUpHYMKY > > Thanks. > From darryl.p.baker at gmail.com Fri Sep 23 17:07:42 2016 From: darryl.p.baker at gmail.com (Darryl Baker) Date: Fri, 23 Sep 2016 12:07:42 -0500 Subject: Self-Signed Certificate issue Message-ID: My apologies if this is a repeat but my search of the archive did not turn it up in the recent past. If this has been covered just point me at the previous thread, please. I am running a small email site which I am moving from uw-imapd and Solaris to Ubuntu and Dovecot imaps and pop3s. I am trying to use a self-signed certificate for this site. I am using Thunderbird as the test client. I've tried both the pre-built snakeoil certificate and building a special one for dovecot. In /var/log/mail.err I keep getting what I am interpreting as a missing CA cert. The message is: dovecot: imap-login: Error: SSL: Stacked error: error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca: SSL alert number 48 The certificate was created by: openssl req -new -x509 -days 365 -nodes -out /etc/ssl/certs/dovecot.pem -keyout /etc/ssl/private/dovecot.pem The Dovecot version is 2.2.22 (fe789d2) The Ubuntu version is 16.04 LTS current patches. *Darryl Baker* From luis.santos at redehost.com.br Fri Sep 23 19:06:50 2016 From: luis.santos at redehost.com.br (Luis Miguel Flores dos Santos) Date: Fri, 23 Sep 2016 19:06:50 +0000 Subject: Proxy IMAP/POP Message-ID: Hello, I'm try configure dovecot to proxy imap and pop but I can't, follow my configurations: dovecot version = 2.2.10 My configuration: dovecot -n # 2.2.10: /etc/dovecot/dovecot.conf # OS: Linux 3.18.35 x86_64 CentOS Linux release 7.2.1511 (Core) auth_mechanisms = plain login auth_username_format = %n disable_plaintext_auth = no mail_location = maildir:~/Maildir mbox_write_locks = fcntl namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { driver = pam } passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } ssl = no ssl_cert = Try this: Create a directory and do the following in that directory. Create the file openssl.cnf with the following information: [ req ] default_md = sha2 distinguished_name = req_distinguished_name [ req_distinguished_name ] countryName = US localityName = Boulder organizationName = Your orginizations name here organizationalUnitName = IT Department emailAddress = some email address at your company commonName = "Just a simple statement about the company" [ certauth ] subjectKeyIdentifier = hash authorityKeyIdentifier = keyid:always,issuer:always basicConstraints = CA:true [ client ] basicConstraints = critical,CA:FALSE keyUsage = digitalSignature, keyEncipherment, dataEncipherment extendedKeyUsage = clientAuth Just change the things you need to for you. Then issue the following command. openssl req -config ./openssl.cnf -newkey rsa:2048 -nodes -keyform PEM -keyout dovecot.key -x509 - days 365 -extensions certauth -outform PEM -out dovecot.pem -subj "/C=US/postalCode=00000/ST=state/L=city/streetAddress=some street/O=company name/OU=IT Department/CN=dovecort cert/emailAddress=email at yourcompany.com" Just change the C, O, OU, etc for your needs. Then verify the contents via: openssl x509 -noout -in dovecot.pem -subject openssl x509 -noout -in dovecot.pem -issuer openssl x509 -noout -in dovecot.pem -enddate openssl x509 -noout -in dovecot.pem -text This will show what is in the certificate. Now copy the pem & key files to where you want them. Restart dovecot. You may have to change the configuration to use the names just created. Dave Ryan On 09/23/16 11:07, Darryl Baker wrote: > My apologies if this is a repeat but my search of the archive did not turn > it up in the recent past. If this has been covered just point me at the > previous thread, please. > > I am running a small email site which I am moving from uw-imapd and Solaris > to Ubuntu and Dovecot imaps and pop3s. I am trying to use a self-signed > certificate for this site. I am using Thunderbird as the test client. I've > tried both the pre-built snakeoil certificate and building a special one > for dovecot. In /var/log/mail.err I keep getting what I am interpreting as > a missing CA cert. The message is: > > dovecot: imap-login: Error: SSL: Stacked error: error:14094418:SSL > routines:ssl3_read_bytes:tlsv1 alert unknown ca: SSL alert number 48 > > > The certificate was created by: > > openssl req -new -x509 -days 365 -nodes -out /etc/ssl/certs/dovecot.pem > -keyout /etc/ssl/private/dovecot.pem > > > The Dovecot version is 2.2.22 (fe789d2) The Ubuntu version is 16.04 LTS > current patches. > > > *Darryl Baker* > > From yacinechaouche at yahoo.com Sun Sep 25 10:19:12 2016 From: yacinechaouche at yahoo.com (chaouche yacine) Date: Sun, 25 Sep 2016 10:19:12 +0000 (UTC) Subject: Self-Signed Certificate issue In-Reply-To: References: Message-ID: <1034514658.4301800.1474798752443@mail.yahoo.com> From: Darryl Baker To: dovecot at dovecot.org Sent: Friday, September 23, 2016 6:07 PM Subject: Self-Signed Certificate issue I keep getting what I am interpreting as a missing CA cert. The message is: dovecot: imap-login: Error: SSL: Stacked error: error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca: SSL alert number 48 That's because your client doesn't know about the certificate *issuer* so it doesn't trust it (the certificate), it's not an *authority* (the A in CA). What you need to do is include the *issuer's* certificate in your server's. But even then, the issuer was yourself, and your are not trusted either on the client's side. So what you need to do is install the root certificate in the client's machine so that certificates signed with it are trusted. When root cert is trusted on the client side, it will trust the intermediate (issuer) certificate because it was signed by it, and trust the server's certificate because it was signed by the intermediate (this is why it's called a certificate *chain* which often has only one intermediate CA although many intermediates are possible). So it's ROOT CA CERT >>signs>> INTERMEDIATE CA CERT >>signs>> SERVER CERT From christophebricout at yahoo.fr Sun Sep 25 13:54:45 2016 From: christophebricout at yahoo.fr (Christophe Bricout) Date: Sun, 25 Sep 2016 13:54:45 +0000 (UTC) Subject: dovecot-2.2.18 / net_listen_unix(...) failed: Value too large for defined data type References: <1635930432.8180940.1474811685960.ref@mail.yahoo.com> Message-ID: <1635930432.8180940.1474811685960@mail.yahoo.com> Dear All, SUMMARY: Dovecot shows an issue when "localstatedir" path is too long The issue exists also with dovecot-2.2.25 CONFIGURATION: The configure options are: ./configure --prefix=${TARGET_DIR} \ --sysconfdir=${TARGET_DIR}/cfg \ --localstatedir=${TARGET_DIR}/var \ --with-ssl=openssl \ --with-sqlite \ --disable-shared RESULTS: When executing dovecot (as root), the followin message appears: Error: service(dict): net_listen_unix(//localbin/minnowboard-turbot-applications/1.0/linux/x86_64-linux/localbin/dovecot/2.2.18/linux/x86_64-linux/var/run/dovecot/dict) failed: Value too large for defined data type Error: service(config): net_listen_unix(/localbin/minnowboard-turbot-applications/1.0/linux/x86_64-linux/localbin/dovecot/2.2.18/linux/x86_64-linux/var/run/dovecot/config) failed: Value too large for defined data type --- WORKAROUND: The problem is solved by defining shorten localstatedir or using base_dir = /var/run/dovecot. It seems the path lengh causing a such issue. Path Lengh > 127 Available for additional experiments Best Regards From aki.tuomi at dovecot.fi Sun Sep 25 14:39:44 2016 From: aki.tuomi at dovecot.fi (Aki Tuomi) Date: Sun, 25 Sep 2016 17:39:44 +0300 (EEST) Subject: dovecot-2.2.18 / net_listen_unix(...) failed: Value too large for defined data type In-Reply-To: <1635930432.8180940.1474811685960@mail.yahoo.com> References: <1635930432.8180940.1474811685960.ref@mail.yahoo.com> <1635930432.8180940.1474811685960@mail.yahoo.com> Message-ID: <752994080.4029.1474814385731@appsuite-dev.open-xchange.com> > On September 25, 2016 at 4:54 PM Christophe Bricout wrote: > > > Dear All, > > SUMMARY: > Dovecot shows an issue when "localstatedir" path is too long > The issue exists also with dovecot-2.2.25 > > CONFIGURATION: > The configure options are: > > ./configure --prefix=${TARGET_DIR} \ > --sysconfdir=${TARGET_DIR}/cfg \ > --localstatedir=${TARGET_DIR}/var \ > --with-ssl=openssl \ > --with-sqlite \ > --disable-shared > > RESULTS: > When executing dovecot (as root), the followin message appears: > > Error: service(dict): net_listen_unix(//localbin/minnowboard-turbot-applications/1.0/linux/x86_64-linux/localbin/dovecot/2.2.18/linux/x86_64-linux/var/run/dovecot/dict) failed: Value too large for defined data type > Error: service(config): net_listen_unix(/localbin/minnowboard-turbot-applications/1.0/linux/x86_64-linux/localbin/dovecot/2.2.18/linux/x86_64-linux/var/run/dovecot/config) failed: Value too large for defined data type > --- > > WORKAROUND: > The problem is solved by defining shorten localstatedir or using base_dir = /var/run/dovecot. > > It seems the path lengh causing a such issue. Path Lengh > 127 > > Available for additional experiments > Best Regards Hi! Unix socket maximum path len is 108 characters. This is *nix limitation, not dovecot. --- Aki Tuomi Dovecot oy From aki.tuomi at dovecot.fi Sun Sep 25 14:58:30 2016 From: aki.tuomi at dovecot.fi (Aki Tuomi) Date: Sun, 25 Sep 2016 17:58:30 +0300 (EEST) Subject: Proxy IMAP/POP In-Reply-To: References: Message-ID: <881540828.4036.1474815511523@appsuite-dev.open-xchange.com> > On September 23, 2016 at 10:06 PM Luis Miguel Flores dos Santos wrote: > > > Hello, I'm try configure dovecot to proxy imap and pop but I can't, follow my configurations: > > dovecot version = 2.2.10 > > My configuration: > > dovecot -n > # 2.2.10: /etc/dovecot/dovecot.conf > # OS: Linux 3.18.35 x86_64 CentOS Linux release 7.2.1511 (Core) > auth_mechanisms = plain login > auth_username_format = %n > disable_plaintext_auth = no > mail_location = maildir:~/Maildir > mbox_write_locks = fcntl > namespace inbox { > inbox = yes > location = > mailbox Drafts { > special_use = \Drafts > } > mailbox Junk { > special_use = \Junk > } > mailbox Sent { > special_use = \Sent > } > mailbox "Sent Messages" { > special_use = \Sent > } > mailbox Trash { > special_use = \Trash > } > prefix = > } > passdb { > driver = pam > } > passdb { > args = /etc/dovecot/dovecot-sql.conf.ext > driver = sql > } > ssl = no > ssl_cert = ssl_key = userdb { > driver = passwd > } > userdb { > args = /etc/dovecot/dovecot-sql.conf.ext > driver = sql > } > > grep -v '^ *\(#.*\)\?$' dovecot-sql.conf > > driver = mysql > connect = "host=127.0.0.1 dbname=mail user=root password=PASS" > password_query = SELECT NULL AS password, 'Y' as nopassword, host, destuser, 'Y' AS proxy FROM proxy WHERE user = '%u' > > /var/log/maillog: > > RHDOVECOT dovecot: auth: Fatal: Unknown database driver 'mysql' > > > **OBS: I followed this wiki: http://wiki2.dovecot.org/PasswordDatabase/ExtraFields/Proxy > and installed dovecot-mysql.x86_64, > My server is a CentOS Linux release 7.2.1511 (Core) > > Anyone can help me? > > Thanks. > > > -------- > Atenciosamente, > > Luis Miguel Your dovecot has no mysql support. Aki From sca at andreasschulze.de Sun Sep 25 16:23:00 2016 From: sca at andreasschulze.de (A. Schulze) Date: Sun, 25 Sep 2016 18:23:00 +0200 Subject: configure fail if libssl is named libssl-opt Message-ID: <9a5113d1-b7e1-1f45-67bd-addf5c054433@andreasschulze.de> Hello, I try to build dovecot with my own version of openssl. It's compiled in a way the libraries can coexist without symbol conflict with the real OpenSSL in /usr: They are named libssl-opt and libcrypto-opt. Now configure fail to find my libssl-opt: CFLAGS="..." CXXFLAGS="..." CPPFLAGS="..." LDFLAGS="..." SSL_LIBS='-lssl-opt -lcrypto-opt' ./configure ... --with-ssl=openssl ... checking for SSL_read in -lssl... no configure: error: Can't build with OpenSSL: libssl not found Is there an other way to tell configure the ssl libraries have other names? Andreas From darryl.p.baker at gmail.com Sun Sep 25 18:19:42 2016 From: darryl.p.baker at gmail.com (Darryl Baker) Date: Sun, 25 Sep 2016 13:19:42 -0500 Subject: Self-Signed Certificate issue In-Reply-To: <1034514658.4301800.1474798752443@mail.yahoo.com> References: <1034514658.4301800.1474798752443@mail.yahoo.com> Message-ID: Building a new certificate as described in a previous email worked. *Darryl Baker* On Sun, Sep 25, 2016 at 5:19 AM, chaouche yacine wrote: > *From:* Darryl Baker > > > *To:* dovecot at dovecot.org > *Sent:* Friday, September 23, 2016 6:07 PM > *Subject:* Self-Signed Certificate issue > > I keep getting what I am interpreting as > a missing CA cert. The message is: > > dovecot: imap-login: Error: SSL: Stacked error: error:14094418:SSL > routines:ssl3_read_bytes:tlsv1 alert unknown ca: SSL alert number 48 > > That's because your client doesn't know about the certificate *issuer* so > it doesn't trust it (the certificate), it's not an *authority* (the A in > CA). What you need to do is include the *issuer's* certificate in your > server's. But even then, the issuer was yourself, and your are not trusted > either on the client's side. So what you need to do is install the root > certificate in the client's machine so that certificates signed with it are > trusted. When root cert is trusted on the client side, it will trust the > intermediate (issuer) certificate because it was signed by it, and trust > the server's certificate because it was signed by the intermediate (this is > why it's called a certificate *chain* which often has only one intermediate > CA although many intermediates are possible). > > So it's ROOT CA CERT >>signs>> INTERMEDIATE CA CERT >>signs>> SERVER CERT > > > > From sca at andreasschulze.de Sun Sep 25 18:25:15 2016 From: sca at andreasschulze.de (A. Schulze) Date: Sun, 25 Sep 2016 20:25:15 +0200 Subject: configure fail if libssl is named libssl-opt In-Reply-To: <9a5113d1-b7e1-1f45-67bd-addf5c054433@andreasschulze.de> References: <9a5113d1-b7e1-1f45-67bd-addf5c054433@andreasschulze.de> Message-ID: <0f5c4c1f-bc26-209a-b6c1-22434a6220fe@andreasschulze.de> Am 25.09.2016 um 18:23 schrieb A. Schulze: > Is there an other way to tell configure the ssl libraries have other names? solved: using pkg-config and correct .pc files :-) Andreas From sca at andreasschulze.de Sun Sep 25 18:32:28 2016 From: sca at andreasschulze.de (A. Schulze) Date: Sun, 25 Sep 2016 20:32:28 +0200 Subject: fail to compile with openssl-1.1.x Message-ID: Hi again, now I get compile errors. Is openssl-1.1.xy supported? iostream-openssl.c: In function 'openssl_iostream_verify_client_cert': iostream-openssl.c:118:37: error: dereferencing pointer to incomplete type subject = X509_get_subject_name(ctx->current_cert); ^ iostream-openssl.c:127:37: error: dereferencing pointer to incomplete type X509_verify_cert_error_string(ctx->error), certname)); Andreas ^ From ariep at xs4all.nl Sun Sep 25 18:34:30 2016 From: ariep at xs4all.nl (Arie Peterson) Date: Sun, 25 Sep 2016 20:34:30 +0200 Subject: Setting hostdomain Message-ID: <9279318.mtD3ICWaku@pook> Hi all, Preparing for a replication setup, I read (at the bottom of ) that `dovecot --hostdomain` should give a different output on the two servers. This is not the case for me: both give "localhost". I'm trying to change my configuration to set the hostdomain to another value, but I can't find how to do this. I tried: ? setting the environment variable DOVECOT_HOSTDOMAIN=mydomain in /etc/default/dovecot (which is read by the init script); ? adding the line import_environment = TZ DOVECOT_HOSTDOMAIN=mydomain to dovecot.conf; ? the combination of both of the above. However, after restarting dovecot none of these changes seem to have any effect: `dovecot --hostdomain` still returns "localhost". This is with dovecot version 2.2.13. How should one change this setting? Thanks, Arie From aki.tuomi at dovecot.fi Sun Sep 25 18:46:16 2016 From: aki.tuomi at dovecot.fi (Aki Tuomi) Date: Sun, 25 Sep 2016 21:46:16 +0300 (EEST) Subject: fail to compile with openssl-1.1.x In-Reply-To: References: Message-ID: <661702930.4170.1474829177251@appsuite-dev.open-xchange.com> > On September 25, 2016 at 9:32 PM "A. Schulze" wrote: > > > Hi again, > > now I get compile errors. Is openssl-1.1.xy supported? > > iostream-openssl.c: In function 'openssl_iostream_verify_client_cert': > iostream-openssl.c:118:37: error: dereferencing pointer to incomplete type > subject = X509_get_subject_name(ctx->current_cert); > ^ > iostream-openssl.c:127:37: error: dereferencing pointer to incomplete type > X509_verify_cert_error_string(ctx->error), certname)); > > Andreas ^ Only with master branch. And it's not yet officially supported. Aki Tuomi Dovecot oy From ml+dovecot at valo.at Sun Sep 25 19:07:00 2016 From: ml+dovecot at valo.at (Christian Kivalo) Date: Sun, 25 Sep 2016 21:07:00 +0200 Subject: Setting hostdomain In-Reply-To: <9279318.mtD3ICWaku@pook> References: <9279318.mtD3ICWaku@pook> Message-ID: <7872d083c227a52378f56a996ececef5@valo.at> On 2016-09-25 20:34, Arie Peterson wrote: > Hi all, > > > Preparing for a replication setup, I read (at the bottom of > ) that `dovecot --hostdomain` > should > give a different output on the two servers. This is not the case for > me: both > give "localhost". I'm trying to change my configuration to set the > hostdomain > to another value, but I can't find how to do this. > > I tried: > > ? setting the environment variable DOVECOT_HOSTDOMAIN=mydomain in > /etc/default/dovecot (which is read by the init script); > > ? adding the line > import_environment = TZ DOVECOT_HOSTDOMAIN=mydomain > to dovecot.conf; > > ? the combination of both of the above. > > However, after restarting dovecot none of these changes seem to have > any > effect: `dovecot --hostdomain` still returns "localhost". > whats the output of 'hostname -f' whats in your /etc/hostname and /etc/hosts? there was a thead a few weeks ago on how to have dovecot use a different hostname than the system hostname see http://www.dovecot.org/list/dovecot/2016-August/105284.html > This is with dovecot version 2.2.13. > > How should one change this setting? > > > Thanks, > > Arie -- Christian Kivalo From ariep at xs4all.nl Sun Sep 25 20:35:46 2016 From: ariep at xs4all.nl (Arie Peterson) Date: Sun, 25 Sep 2016 22:35:46 +0200 Subject: Setting hostdomain In-Reply-To: <7872d083c227a52378f56a996ececef5@valo.at> References: <9279318.mtD3ICWaku@pook> <7872d083c227a52378f56a996ececef5@valo.at> Message-ID: <2300919.l4Q1EcbsK4@pook> Christian Kivalo wrote: > whats the output of 'hostname -f' > > whats in your /etc/hostname and /etc/hosts? That was indeed the problem. The output of `hostname -f` was "localhost", indicating how dovecot gets that result as well for its "hostdomain". Changing the first line of /etc/hosts to 127.0.0.1 full.domain.name nameofthisparticularcomputer localhost , `dovecot --hostdomain` now returns "full.domain.name", as I wanted. Thanks a lot for your quick responses Christian! Kind regards, Arie From jtam.home at gmail.com Sun Sep 25 22:21:58 2016 From: jtam.home at gmail.com (Joseph Tam) Date: Sun, 25 Sep 2016 15:21:58 -0700 (PDT) Subject: Self-Signed Certificate issue In-Reply-To: References: Message-ID: Darryl Baker writes: > I am running a small email site which I am moving from uw-imapd and Solaris > to Ubuntu and Dovecot imaps and pop3s. I am trying to use a self-signed > certificate for this site. I am using Thunderbird as the test client. I've > tried both the pre-built snakeoil certificate and building a special one > for dovecot. In /var/log/mail.err I keep getting what I am interpreting as > a missing CA cert. The message is: > > dovecot: imap-login: Error: SSL: Stacked error: error:14094418:SSL > routines:ssl3_read_bytes:tlsv1 alert unknown ca: SSL alert number 48 > > The certificate was created by: > > openssl req -new -x509 -days 365 -nodes -out /etc/ssl/certs/dovecot.pem > -keyout /etc/ssl/private/dovecot.pem Are you using this as a server certificate or as a client certificate? Please output your dovecot's configuration, esp. your SSL setup. doveconf -n | grep ssl Joseph Tam From stephan at rename-it.nl Mon Sep 26 10:59:28 2016 From: stephan at rename-it.nl (Stephan Bosch) Date: Mon, 26 Sep 2016 12:59:28 +0200 Subject: Sieve Script Replication Gliches (Report #2) In-Reply-To: <373eb6ad-a770-76c7-9683-b0a76255a807@reub.net> References: <4ece61c7-5950-9231-7efe-cf2eb9e270b1@reub.net> <7bf64b2f-fb63-316c-fe92-98da90b1b8f5@rename-it.nl> <8e809d23-d5b5-a35b-31a7-13f3c3e49250@reub.net> <76071c04-b7af-be38-a7e6-6d167814f021@rename-it.nl> <373eb6ad-a770-76c7-9683-b0a76255a807@reub.net> Message-ID: <009504c6-6f15-8b93-8679-5f42b4b330a4@rename-it.nl> Hi, Could you guys send us your current configuration (output from `dovecot -n`)? First of all, we would like to compare it to a configuration-related problem we've seen in the wild. That is a bit of a long shot. That issue revolves around the target username not always being the same for one physical user (e.g. when aliases are involved). In any case, the configuration may be useful for reproducing the problem at our end. Regards, Stephan. Op 7-9-2016 om 11:44 schreef Reuben Farrelly: > > > On 24/08/2016 10:58 AM, Stephan Bosch wrote: >> Op 8/1/2016 om 3:37 AM schreef Reuben Farrelly: >>> In other words, the rules did eventually get propagated across, and >>> based on the file sizes they are complete. >>> >>> But there is obviously something amiss with handling of dates (which >>> in turn may relate to how the system determines that the file on each >>> server is up to date or not, I guess). In this case the two systems >>> are in different timezones - the primary is GMT+10 and the secondary >>> GMT+8. >>> >>> Also the status of active users is not always replicated either. On >>> one host the output of 'doveadm sieve list -A' shows my own account as >>> ACTIVE but the other host shows all users - except for my account - as >>> being active, and the sieve script for my account is not being >>> replicated. >> This should fix the file timestamps getting set at unix time_t 0: >> >> https://github.com/dovecot/pigeonhole/commit/af91dd3f2d78da752292dce27f9e76d2c936868c >> >> >> I haven't been able to replicate the situation where this occurs though, >> since my current replication setup is very simple. >> >> I need to extend my replication setup to test this more thoroughly. >> >> So, please test this at your end first. >> >> Regards, >> >> Stephan. > > Thanks Stephan. I have re-tested and the dates are now all look to be > correct on the replicated scripts. We can cross that off as fixed now. > > There is still a problem with the scripts not being replicated though > between replicated hosts. They do eventually catch up many hours > later. I don't know what the trigger is for them updating but it's > not triggered by delivery attempts (as every time a delivery was > attempted the secondary complained about the missing sieve script). > > Thanks, > Reuben From tanstaafl at libertytrek.org Mon Sep 26 13:14:34 2016 From: tanstaafl at libertytrek.org (Tanstaafl) Date: Mon, 26 Sep 2016 09:14:34 -0400 Subject: Supporting RFC 5466 (IMAP4 Extension for Named Searches (Filters)) In-Reply-To: <89c456c3-32a0-ae01-552e-9efe9b7cd716@libertytrek.org> References: <542BF6A1.9080306@jcea.es> <542C5424.2070006@rename-it.nl> <89c456c3-32a0-ae01-552e-9efe9b7cd716@libertytrek.org> Message-ID: <6e91562c-294e-e7ed-a9d8-9794d46c26be@libertytrek.org> On 9/19/2016 11:26 AM, Tanstaafl wrote: > On 10/1/2014 3:21 PM, Stephan Bosch wrote: >> On 10/1/2014 2:42 PM, Jesus Cea wrote: >>> I wonder if Dovecot supports RFC 5466 (IMAP4 Extension for Named >>> Searches (Filters)) or if there is any plan about it. > >> I have a partial implementation in my patch queue. I haven't worked on >> it for a few months now due to other projects that took precedence. It >> still may take quite a while until I can continue that effort. > > I don't know if it is a good idea to resurrect such an old thread, but... > > Any chance there has been movement on this? > > There is a Thunderbird bug opened for supporting this: > > https://bugzilla.mozilla.org/show_bug.cgi?id=439047 > > and it would be much easier to try to push it forward if there was > actually a server that supported it already. Timo? Aki? Anyone? From aki.tuomi at dovecot.fi Mon Sep 26 15:51:12 2016 From: aki.tuomi at dovecot.fi (Aki Tuomi) Date: Mon, 26 Sep 2016 18:51:12 +0300 (EEST) Subject: Supporting RFC 5466 (IMAP4 Extension for Named Searches (Filters)) In-Reply-To: <6e91562c-294e-e7ed-a9d8-9794d46c26be@libertytrek.org> References: <542BF6A1.9080306@jcea.es> <542C5424.2070006@rename-it.nl> <89c456c3-32a0-ae01-552e-9efe9b7cd716@libertytrek.org> <6e91562c-294e-e7ed-a9d8-9794d46c26be@libertytrek.org> Message-ID: <1238885663.6122.1474905073813@appsuite-dev.open-xchange.com> > On September 26, 2016 at 4:14 PM Tanstaafl wrote: > > > On 9/19/2016 11:26 AM, Tanstaafl wrote: > > On 10/1/2014 3:21 PM, Stephan Bosch wrote: > >> On 10/1/2014 2:42 PM, Jesus Cea wrote: > >>> I wonder if Dovecot supports RFC 5466 (IMAP4 Extension for Named > >>> Searches (Filters)) or if there is any plan about it. > > > >> I have a partial implementation in my patch queue. I haven't worked on > >> it for a few months now due to other projects that took precedence. It > >> still may take quite a while until I can continue that effort. > > > > I don't know if it is a good idea to resurrect such an old thread, but... > > > > Any chance there has been movement on this? > > > > There is a Thunderbird bug opened for supporting this: > > > > https://bugzilla.mozilla.org/show_bug.cgi?id=439047 > > > > and it would be much easier to try to push it forward if there was > > actually a server that supported it already. > > Timo? Aki? Anyone? Hi! We need to discuss this internally Aki From tanstaafl at libertytrek.org Mon Sep 26 16:35:18 2016 From: tanstaafl at libertytrek.org (Tanstaafl) Date: Mon, 26 Sep 2016 12:35:18 -0400 Subject: Supporting RFC 5466 (IMAP4 Extension for Named Searches (Filters)) In-Reply-To: <1238885663.6122.1474905073813@appsuite-dev.open-xchange.com> References: <542BF6A1.9080306@jcea.es> <542C5424.2070006@rename-it.nl> <89c456c3-32a0-ae01-552e-9efe9b7cd716@libertytrek.org> <6e91562c-294e-e7ed-a9d8-9794d46c26be@libertytrek.org> <1238885663.6122.1474905073813@appsuite-dev.open-xchange.com> Message-ID: On 9/26/2016 11:51 AM, Aki Tuomi wrote: > >> On September 26, 2016 at 4:14 PM Tanstaafl wrote: >> >> >> On 9/19/2016 11:26 AM, Tanstaafl wrote: >>> On 10/1/2014 3:21 PM, Stephan Bosch wrote: >>>> On 10/1/2014 2:42 PM, Jesus Cea wrote: >>>>> I wonder if Dovecot supports RFC 5466 (IMAP4 Extension for Named >>>>> Searches (Filters)) or if there is any plan about it. >>> >>>> I have a partial implementation in my patch queue. I haven't worked on >>>> it for a few months now due to other projects that took precedence. It >>>> still may take quite a while until I can continue that effort. >>> >>> I don't know if it is a good idea to resurrect such an old thread, but... >>> >>> Any chance there has been movement on this? >>> >>> There is a Thunderbird bug opened for supporting this: >>> >>> https://bugzilla.mozilla.org/show_bug.cgi?id=439047 >>> >>> and it would be much easier to try to push it forward if there was >>> actually a server that supported it already. >> >> Timo? Aki? Anyone? > > Hi! > > We need to discuss this internally Ok, thanks... hope something will come of it... :) From doctor at doctor.nl2k.ab.ca Mon Sep 26 19:21:12 2016 From: doctor at doctor.nl2k.ab.ca (The Doctor) Date: Mon, 26 Sep 2016 13:21:12 -0600 Subject: FreeBSD port Message-ID: <20160926192112.GA89751@doctor.nl2k.ab.ca> Is the person responsible for the FreeBSD port on this list? There might be a minor bug in a small piece of correction code issues in the last 4 days. -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Time for the USA to hold a referendum on its republic and vote to dissolve!! From darryl.p.baker at gmail.com Mon Sep 26 19:43:25 2016 From: darryl.p.baker at gmail.com (Darryl Baker) Date: Mon, 26 Sep 2016 14:43:25 -0500 Subject: Drac Plugin Message-ID: I now have the drac plugin compiled and working. The plugin binary might even work with the Debian/Ubuntu binary. It was a one line change. I need to talk to the sendmail folks about their macro for the DRAC feature. My custom sendmail.cf code works in a way that makes using drac and SpamHaus for anyone on a blacklisted IP such as non-comercial Comcast users. I am hoping that the drac plugin will get fixed in the core distribution and possible the new binary make it into the Debian/Ubuntu binary build. *** dovecot-2.2.22/src/plugins/drac/drac-plugin.c 2016-09-23 22:49:56.345568783 -0500 --- dovecot-2.2.22/src/plugins/drac/drac-plugin.c-orig 2016-09-26 14:33:46.828670909 -0500 *************** *** 25,31 **** /* libdrac function */ int dracauth(char *, unsigned long, char **); ! const char *drac_plugin_version = DOVECOT_ABI_VERSION; static struct timeout *to_drac = NULL; static const char *drachost = NULL; /* dracd host */ --- 25,31 ---- /* libdrac function */ int dracauth(char *, unsigned long, char **); ! const char *drac_plugin_version = DOVECOT_VERSION; static struct timeout *to_drac = NULL; static const char *drachost = NULL; /* dracd host */ *Darryl Baker* From felix at kngnt.org Mon Sep 26 21:31:55 2016 From: felix at kngnt.org (Felix Rubio Dalmau) Date: Mon, 26 Sep 2016 23:31:55 +0200 Subject: Shared mailboxes nightmare (for me :-( ) Message-ID: <6225295.2o4u6NpScd@polaris> Hi everybody, I am honestly desperate: I have spent/invested the whole day in trying to set a shared mailbox, with quite partial success. The INBOX is merged with the top level mailbox, and there are many more folders. To give an idea, for the shared account sharedacc at domain.org, this is how looks the folder structure: sharedacc |-folderA |-folderB \-folderC in the account for usera at domain.org, I see the following: usera |-folderD |-folderE |-folderF \-shared \-sharedacc So, I do not get to see folderA, folderB, folderC, etc. My configuration is: # 2.2.25 (7be1766): /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.14 (099a97c) # OS: Linux 4.5.4-0 x86_64 Debian stretch/sid zfs mail_plugins = zlib expire acl plugin { acl = vfile acl_shared_dict = proxy::acl } dict { acl = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext } namespace { list = children location = mdbox:/mnt/vmail/%%d/%%n:INDEXPVT=/mnt/vmail/indexes/shared/%%d/%%n prefix = shared/%%n/ separator = / subscriptions = yes type = shared } protocol lmtp { mail_plugins = zlib expire acl sieve } protocol imap { mail_plugins = zlib expire acl antispam imap_acl } the files I have one the account for sharedacc are: sharedacc |-dovecot-acl |-dovecot-acl-list \-mailboxes |-dovecot-acl |-folderA | \-dbox-Mails | \-dovecot-acl |-folderB | \-dbox-Mails | \-dovecot-acl \-folderC \-dbox-Mails \-dovecot-acl In dovecot-acl-list I have the following contents: 1474920778 folderA 1474920778 folderB 1474920778 folderC and in every dovecot-acl, I have: user=usera at domain.org akxeilprwts All the files on the filesystem are owned by the same vmail user. What is strange is that I can see all these folderA, folderB, folderC in roundcube, and I can click to subscribe to them. However, when I go back to the general view, the subscriptions have been reset and I see only sharedacc, without a thing inside. Finally, in kmail I can see the subscribed folders without a problem (??!) Can please somebody help me? From felix at kngnt.org Tue Sep 27 06:33:38 2016 From: felix at kngnt.org (Felix Rubio) Date: Tue, 27 Sep 2016 08:33:38 +0200 Subject: Shared mailboxes nightmare (for me :-( ) In-Reply-To: <1e1bd64c-fec4-72d7-b775-4a7e05cbf68e@avv.solutions> References: <6225295.2o4u6NpScd@polaris> <1e1bd64c-fec4-72d7-b775-4a7e05cbf68e@avv.solutions> Message-ID: Hi KR, Just checked the folders, and they do not contain any of these subfolders. This is the structure I see: . ??? dovecot-acl-list ??? dovecot.list.index ??? dovecot.list.index.log ??? dovecot.list.index.log.2 ??? dovecot.mailbox.log ??? dovecot-uidvalidity ??? dovecot-uidvalidity.570e9b2d ??? mailboxes ??? ??? folderB ??? ??? ??? dbox-Mails ??? ??? ??? dovecot.index ??? ??? ??? dovecot.index.backup ??? ??? ??? dovecot.index.cache ??? ??? ??? dovecot.index.log ??? ??? ??? dovecot.index.thread ??? ??? dovecot-acl ??? ??? folderA ??? ??? ??? dbox-Mails ??? ??? ??? dovecot.index.cache ??? ??? ??? dovecot.index.log ??? ??? folderC ??? ??? ??? dbox-Mails ??? ??? ??? dovecot.index ??? ??? ??? dovecot.index.backup ??? ??? ??? dovecot.index.cache ??? ??? ??? dovecot.index.log ??? ??? INBOX ??? ??? ??? dbox-Mails ??? ??? ??? dovecot.index ??? ??? ??? dovecot.index.backup ??? ??? ??? dovecot.index.cache ??? ??? ??? dovecot.index.log ??? ??? Junk ??? ??? ??? dbox-Mails ??? ??? ??? dovecot.index.log ??? ??? Sent ??? ??? ??? dbox-Mails ??? ??? ??? dovecot.index.cache ??? ??? ??? dovecot.index.log ??? ??? Trash ??? ??? dbox-Mails ??? ??? dovecot.index.log ??? sieve ??? ??? dovecot.sieve ??? ??? dovecot.svbin ??? ??? tmp ??? spamassassin ??? ??? bayes.mutex ??? ??? bayes_seen ??? ??? bayes_toks ??? storage ??? ??? dovecot.map.index ??? ??? dovecot.map.index.log ??? ??? m.1 ??? ??? m.10 ??? ??? m.11 ??? ??? m.12 ??? ??? m.13 ??? ??? m.14 ??? ??? m.2 ??? ??? m.3 ??? ??? m.4 ??? ??? m.5 ??? ??? m.6 ??? ??? m.7 ??? ??? m.8 ??? ??? m.9 ??? subscriptions Update: I have finally managed to see these folders in roundcube, after setting subscriptions=no (instead of yes) in the shared namespace. Also, I have been able to keep it working with the single dovecot-acl file I have inside mailboxes. Is this structure correct? I am asking becaus I have another user, for which I migrated the format to mdbox, for which I have these folders (curr, tmp, new) but also the structure I have for the shared :s. Are both formats mixed for that user? Thank you, Felix On 27 September 2016 00:25:40 CEST, "dovecot at avv.solutions" wrote: >Quick thought: are the sub-folder structure complete? > >I mean, do they have their cur+new+tmp directories? > >With their rights ownership+permissions? > >KR > >On 09/26/2016 11:31 PM, Felix Rubio Dalmau wrote: >> Hi everybody, >> >> I am honestly desperate: I have spent/invested the whole day in >trying to set a shared mailbox, with quite partial success. The INBOX >is merged with the top level mailbox, and there are many more folders. >To give an idea, for the shared account sharedacc at domain.org, this is >how looks the folder structure: >> >> sharedacc >> |-folderA >> |-folderB >> \-folderC >> >> in the account for usera at domain.org, I see the following: >> >> usera >> |-folderD >> |-folderE >> |-folderF >> \-shared >> \-sharedacc >> >> So, I do not get to see folderA, folderB, folderC, etc. >> >> My configuration is: >> >> # 2.2.25 (7be1766): /etc/dovecot/dovecot.conf >> # Pigeonhole version 0.4.14 (099a97c) >> # OS: Linux 4.5.4-0 x86_64 Debian stretch/sid zfs >> >> mail_plugins = zlib expire acl >> >> plugin { >> acl = vfile >> acl_shared_dict = proxy::acl >> } >> >> dict { >> acl = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext >> } >> >> namespace { >> list = children >> location = >mdbox:/mnt/vmail/%%d/%%n:INDEXPVT=/mnt/vmail/indexes/shared/%%d/%%n >> prefix = shared/%%n/ >> separator = / >> subscriptions = yes >> type = shared >> } >> >> protocol lmtp { >> mail_plugins = zlib expire acl sieve >> } >> >> protocol imap { >> mail_plugins = zlib expire acl antispam imap_acl >> } >> >> the files I have one the account for sharedacc are: >> sharedacc >> |-dovecot-acl >> |-dovecot-acl-list >> \-mailboxes >> |-dovecot-acl >> |-folderA >> | \-dbox-Mails >> | \-dovecot-acl >> |-folderB >> | \-dbox-Mails >> | \-dovecot-acl >> \-folderC >> \-dbox-Mails >> \-dovecot-acl >> >> In dovecot-acl-list I have the following contents: >> 1474920778 folderA >> 1474920778 folderB >> 1474920778 folderC >> >> and in every dovecot-acl, I have: >> user=usera at domain.org akxeilprwts >> >> All the files on the filesystem are owned by the same vmail user. >> What is strange is that I can see all these folderA, folderB, folderC >in roundcube, and I can click to subscribe to them. However, when I go >back to the general view, the subscriptions have been reset and I see >only sharedacc, without a thing inside. Finally, in kmail I can see the >subscribed folders without a problem (??!) >> >> Can please somebody help me? -- Sent from my phone. Please excuse my brevity. -- Sent from my phone. Please excuse my brevity. From stephan at rename-it.nl Tue Sep 27 08:07:06 2016 From: stephan at rename-it.nl (Stephan Bosch) Date: Tue, 27 Sep 2016 10:07:06 +0200 Subject: Drac Plugin In-Reply-To: References: Message-ID: Op 9/26/2016 om 9:43 PM schreef Darryl Baker: > I now have the drac plugin compiled and working. The plugin binary might > even work with the Debian/Ubuntu binary. It was a one line change. I need > to talk to the sendmail folks about their macro for the DRAC feature. My > custom sendmail.cf code works in a way that makes using drac and SpamHaus > for anyone on a blacklisted IP such as non-comercial Comcast users. > > I am hoping that the drac plugin will get fixed in the core distribution > and possible the new binary make it into the Debian/Ubuntu binary build. Why do you still use DRAC/POPbeforeSMTP? There should be no reason to do so these days, since SMTP AUTH is broadly supported. Also, it is generally considered a bad idea. Regards, Stephan. > *** dovecot-2.2.22/src/plugins/drac/drac-plugin.c 2016-09-23 > 22:49:56.345568783 -0500 > --- dovecot-2.2.22/src/plugins/drac/drac-plugin.c-orig 2016-09-26 > 14:33:46.828670909 -0500 > *************** > *** 25,31 **** > /* libdrac function */ > int dracauth(char *, unsigned long, char **); > > ! const char *drac_plugin_version = DOVECOT_ABI_VERSION; > > static struct timeout *to_drac = NULL; > static const char *drachost = NULL; /* dracd host */ > --- 25,31 ---- > /* libdrac function */ > int dracauth(char *, unsigned long, char **); > > ! const char *drac_plugin_version = DOVECOT_VERSION; > > static struct timeout *to_drac = NULL; > static const char *drachost = NULL; /* dracd host */ > > > *Darryl Baker* From bra at fsn.hu Tue Sep 27 13:05:22 2016 From: bra at fsn.hu (Nagy, Attila) Date: Tue, 27 Sep 2016 15:05:22 +0200 Subject: imapc fetch optimization In-Reply-To: <55954918.6020708@fsn.hu> References: <553FF242.80308@fsn.hu> <8D901FAD-3F75-456B-A30D-4385E2235C4C@iki.fi> <55477B26.3090507@fsn.hu> <55954918.6020708@fsn.hu> Message-ID: <41779d5b-763a-3e77-038f-4175251d38c7@fsn.hu> On 07/02/2015 04:22 PM, Nagy, Attila wrote: > On 05/04/15 17:45, Timo Sirainen wrote: >> On 04 May 2015, at 16:59, Nagy, Attila wrote: >>> Hi, >>> >>> On 05/04/15 10:59, Timo Sirainen wrote: >>>> On 28 Apr 2015, at 23:49, Nagy, Attila wrote: >>>>> Hi, >>>>> >>>>> imapc does a lot of UID FETCH $UID (BODY.PEEK[]), which is nice, >>>>> because it works even with the dumbest IMAP server, altough it >>>>> really kills performance, especially on high latency lines. >>>>> >>>>> I wonder: if IMAP servers can effectively handle boundless fetches >>>>> (like a list with all wanted UIDs, or simply 1:* if all are >>>>> needed), do you see this as a good addition to develop? >>>> Set mail_prefetch_count = 10 or 100 or something and it'll do >>>> larger FETCHes. The higher the value, the more memory/disk space is >>>> used for storing the received mails. >>>> >>> I'm aware of that, but it doesn't, or at least not always. >>> For example Thunderbird issues this: >>> 13 UID fetch 333574:333601,333630:333801 (UID RFC822.SIZE FLAGS >>> BODY.PEEK[HEADER.FIELDS (From To Cc Bcc Subject Date Message-ID >>> Priority X-Priority References Newsgroups In-Reply-To Content-Type >>> Reply-To)]) >>> Dovecot does this to the IMAP backend >>> 18 UID FETCH 333574 (BODY.PEEK[]) >> Oh, there were several bugs related to that. Fixed: >> >> http://hg.dovecot.org/dovecot-2.2/rev/8f20aa806bcc >> http://hg.dovecot.org/dovecot-2.2/rev/d350a23207c2 >> http://hg.dovecot.org/dovecot-2.2/rev/8c49fb6d789b > I've just tried 2.2.18, which has the above modifications, but the > effect is the same. > I have these in the config: > # doveconf -n | egrep 'prefe|imapc' > imapc_features = rfc822.size fetch-headers > imapc_host = 10.3.34.12 > mail_location = imapc:~/imapc > mail_prefetch_count = 100 > > With an empty imapc directory a POP3 login yields these on the backend > IMAP server: > 2 LOGIN "user" "pass" > 1 LIST "" "" > 3 SELECT "INBOX" > 4 NOOP > 5 UID FETCH 1:* (FLAGS) > 6 UID FETCH 2 (RFC822.SIZE) > 7 UID FETCH 3 (RFC822.SIZE) > 8 UID FETCH 4 (RFC822.SIZE) > 9 UID FETCH 5 (RFC822.SIZE) > 10 UID FETCH 6 (RFC822.SIZE) > 11 UID FETCH 7 (RFC822.SIZE) > 12 UID FETCH 8 (RFC822.SIZE) > [...] > so on, for every message... > > The response times for each of the FETCHes are around 13-16 ms, so > logging into dovecot for the first time takes more than a minute with > 5000 mails in the INBOX and a half day with around a million... > > It would be good to have a: > 6 UID FETCH 1:* (RFC822.SIZE) > or even a: > 5 UID FETCH 1:* (FLAGS RFC822.SIZE) > if needed (dovecot first fills up its cache, or other cases when the > full list is needed) > > If dovecot would issue the latter for this 5000-mail inbox, the first > fetch (and POP login) would take only 500 ms instead of the 75 seconds > that it takes now... > Could you please tweak this some more? :) Running 2.2.25 I can observe the same behaviour: Dovecot fetches each message's RFC822.SIZE independently, instead of doing a much more efficient fetch 1:* for all messages. This delays the first login way too long, most clients just time out which Dovecot is busy fetching the sizes and try again and again and again, eating up all resources for some time. Any chance that this will be fixed? Thanks, From goetz.reinicke at filmakademie.de Tue Sep 27 14:42:12 2016 From: goetz.reinicke at filmakademie.de (=?UTF-8?Q?G=c3=b6tz_Reinicke_-_IT_Koordinator?=) Date: Tue, 27 Sep 2016 16:42:12 +0200 Subject: Login just at special timeslots / working hours Message-ID: Hi, is there a dovecot feature I did not found yet, which can limit the access to the server to special timeslots like working hours? Or is that a serverside / sssd / auth / pam / account feature? Thanks for hints to some helpfull documentation and sugesstions. Regards . G?tz -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 5571 bytes Desc: S/MIME Cryptographic Signature URL: From aki.tuomi at dovecot.fi Tue Sep 27 15:03:09 2016 From: aki.tuomi at dovecot.fi (Aki Tuomi) Date: Tue, 27 Sep 2016 18:03:09 +0300 (EEST) Subject: Login just at special timeslots / working hours In-Reply-To: References: Message-ID: <1604701070.7979.1474988590120@appsuite-dev.open-xchange.com> > On September 27, 2016 at 5:42 PM G?tz Reinicke - IT Koordinator wrote: > > > Hi, > > is there a dovecot feature I did not found yet, which can limit the > access to the server to special timeslots like working hours? > > Or is that a serverside / sssd / auth / pam / account feature? > > Thanks for hints to some helpfull documentation and sugesstions. > > Regards . G?tz > > At least this is doable with PAM. See http://www.linux-pam.org/Linux-PAM-html/sag-pam_time.html Aki From tom at whyscream.net Tue Sep 27 15:07:31 2016 From: tom at whyscream.net (Tom Hendrikx) Date: Tue, 27 Sep 2016 17:07:31 +0200 Subject: Login just at special timeslots / working hours In-Reply-To: <1604701070.7979.1474988590120@appsuite-dev.open-xchange.com> References: <1604701070.7979.1474988590120@appsuite-dev.open-xchange.com> Message-ID: <39101a9e-f66c-303f-c2e4-1d8419be0cc7@whyscream.net> On 27-09-16 17:03, Aki Tuomi wrote: > >> On September 27, 2016 at 5:42 PM G?tz Reinicke - IT Koordinator wrote: >> >> >> Hi, >> >> is there a dovecot feature I did not found yet, which can limit the >> access to the server to special timeslots like working hours? >> >> Or is that a serverside / sssd / auth / pam / account feature? >> >> Thanks for hints to some helpfull documentation and sugesstions. >> >> Regards . G?tz >> >> > > At least this is doable with PAM. See > http://www.linux-pam.org/Linux-PAM-html/sag-pam_time.html > > Aki > You could also use http://wiki.dovecot.org/PostLoginScripting . There is a nice example named 'Denying connection from some IP/User'. Regards, Tom From markus at petzsch.eu Tue Sep 27 19:32:44 2016 From: markus at petzsch.eu (Markus Petzsch) Date: Tue, 27 Sep 2016 21:32:44 +0200 Subject: Dovecot Pro Community Edition Message-ID: <73bdd9c2-a149-5f5e-a8e9-e02c264e207b@petzsch.eu> Hi, I'm trying to setup push notifications for Open-Xchange (OX) and struggle with finding the push_notification plugin. According to https://oxpedia.org/wiki/index.php?title=AppSuite:OX_Mail#Requirements it should be found in the Dovecot Pro Community Edition. I'm currently running dovecot that came with CentOS 7.2 but am intrested in OX's push feature. Can someone point me in the right direction where to find the community edition repos? https://oxpedia.org/wiki/index.php?title=Dovecot:Main_Page_Dovecot#dovecotquickinstall only lists password protected repos. Thx for your help in advance. Best Regards Markus Petzsch From rick.jones2 at hpe.com Tue Sep 27 20:36:25 2016 From: rick.jones2 at hpe.com (Rick Jones) Date: Tue, 27 Sep 2016 13:36:25 -0700 Subject: Trying to regain access to my email archive after an upgrade. Message-ID: <5abbb573-4c8b-5899-7b0b-c3e3eec31da8@hpe.com> Hi - I had been running an Ubuntu 12.04 system on which I receive email, with an inbox in /var/mail/ and a bunch of folders under ~/Maildir. When I upgraded from 14.04 there were a bunch of questions about keeping old/new config files and my muddling through it has me seeing only the inbox, and then a Drafts, Sent and Trash Folder. I would like to regain access to the messages stored under ~/Maildir, but have been thoroughly unsuccessful. I seem to run into duplicate prefix issues and I suspect I have other issues, when I try to add: namespace rest { separator = / prefix = location = maildir:~/Maildir } to what is already present. I've seen a few of the wiki pages, but not fully understanding what is going-on I'm afraid I've not groked them terribly well. any help/pointers for this cluser would be much appreciated. rick jones raj at tardy:~$ dovecot --version 2.2.9 raj at tardy:~$ dovecot -n # 2.2.9: /etc/dovecot/dovecot.conf doveconf: Warning: NOTE: You can get a new clean config file with: doveconf -n > dovecot-new.conf doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:25: 'imaps' protocol is no longer necessary, remove it doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:732: protocol managesieve {} has been replaced by protocol sieve { } doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:904: add auth_ prefix to all settings inside auth {} and remove the auth {} section completely doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:942: passdb pam {} has been replaced by passdb { driver=pam } doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:1055: userdb passwd {} has been replaced by userdb { driver=passwd } doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:1117: auth_user has been replaced by service auth { user } # OS: Linux 3.13.0-95-generic x86_64 Ubuntu 14.04.5 LTS auth_mechanisms = plain login log_timestamp = "%Y-%m-%d %H:%M:%S " mail_location = mbox:~/mail:INBOX=/var/mail/%u mail_privileged_group = mail namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { driver = pam } passdb { driver = pam } protocols = imap service auth { user = root } ssl_cert = References: <73bdd9c2-a149-5f5e-a8e9-e02c264e207b@petzsch.eu> Message-ID: <3976aa78-392b-fe29-fd63-7cd66e7a53e4@skye.it> Il 27/09/2016 21:32, Markus Petzsch ha scritto: > Hi, > > I'm trying to setup push notifications for Open-Xchange (OX) and > struggle with finding the push_notification plugin. According to > https://oxpedia.org/wiki/index.php?title=AppSuite:OX_Mail#Requirements > it should be found in the Dovecot Pro Community Edition. > > I'm currently running dovecot that came with CentOS 7.2 but am intrested > in OX's push feature. Can someone point me in the right direction where > to find the community edition repos? Hi, "and community edition" not "Dovecot Pro Community Edition". Push notification for OX is available in Dovecot standard repo here: https://github.com/dovecot/core/tree/master/src/plugins/push-notification Ciao -- Alessio Cecchi Postmaster @ http://www.qboxmail.it https://www.linkedin.com/in/alessice From goetz.reinicke at filmakademie.de Wed Sep 28 07:03:43 2016 From: goetz.reinicke at filmakademie.de (=?UTF-8?Q?G=c3=b6tz_Reinicke_-_IT_Koordinator?=) Date: Wed, 28 Sep 2016 09:03:43 +0200 Subject: Login just at special timeslots / working hours In-Reply-To: <39101a9e-f66c-303f-c2e4-1d8419be0cc7@whyscream.net> References: <1604701070.7979.1474988590120@appsuite-dev.open-xchange.com> <39101a9e-f66c-303f-c2e4-1d8419be0cc7@whyscream.net> Message-ID: Hi thanks, Am 27.09.16 um 17:07 schrieb Tom Hendrikx: > > On 27-09-16 17:03, Aki Tuomi wrote: >>> On September 27, 2016 at 5:42 PM G?tz Reinicke - IT Koordinator wrote: >>> >>> >>> Hi, >>> >>> is there a dovecot feature I did not found yet, which can limit the >>> access to the server to special timeslots like working hours? >>> >>> Or is that a serverside / sssd / auth / pam / account feature? >>> >>> Thanks for hints to some helpfull documentation and sugesstions. >>> >>> Regards . G?tz >>> >>> >> At least this is doable with PAM. See >> http://www.linux-pam.org/Linux-PAM-html/sag-pam_time.html >> >> Aki >> > > You could also use http://wiki.dovecot.org/PostLoginScripting . There is > a nice example named 'Denying connection from some IP/User'. > > Regards, > Tom the PostLoginScripting looks like the best option right now. Our Users aren't authenticated by pam on the dovecot server, so I'll check the script. Regards . G?tz -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 5571 bytes Desc: S/MIME Cryptographic Signature URL: From aki.tuomi at dovecot.fi Wed Sep 28 10:48:43 2016 From: aki.tuomi at dovecot.fi (Aki Tuomi) Date: Wed, 28 Sep 2016 13:48:43 +0300 Subject: FreeBSD port In-Reply-To: <20160926192112.GA89751@doctor.nl2k.ab.ca> References: <20160926192112.GA89751@doctor.nl2k.ab.ca> Message-ID: <69bfa48b-46d3-6b44-5e2a-98d26c74a05a@dovecot.fi> On 26.09.2016 22:21, The Doctor wrote: > Is the person responsible for the FreeBSD port on this list? > > There might be a minor bug in a small piece of correction code issues in the > last 4 days. > Can you provide more details, I can try reaching out to the maintainer(s). Aki From jerry at seibercom.net Wed Sep 28 12:32:12 2016 From: jerry at seibercom.net (Jerry) Date: Wed, 28 Sep 2016 08:32:12 -0400 Subject: FreeBSD port In-Reply-To: <20160926192112.GA89751@doctor.nl2k.ab.ca> References: <20160926192112.GA89751@doctor.nl2k.ab.ca> Message-ID: <20160928083212.0000111f@seibercom.net> On Mon, 26 Sep 2016 13:21:12 -0600, The Doctor stated: >Is the person responsible for the FreeBSD port on this list? > >There might be a minor bug in a small piece of correction code issues >in the last 4 days. The maintainers email address is: . Why don't you just contact him directly, or CC him via this forum? -- Jerry From webert.boss at gmail.com Wed Sep 28 13:15:25 2016 From: webert.boss at gmail.com (Webert de Souza Lima) Date: Wed, 28 Sep 2016 10:15:25 -0300 Subject: dovecot is moving messages to spam Message-ID: Hi, is there any dovecot rule settings besides X-Spam-Flag header? Can it move messages via IMAP? I have a message that is being moved to spam folder after delivered in the INBOX but it has no X-Spam-Flag and it's not beeing done by the user (I changed his password, suspended his account and made his login impossible). This happens only when certain "FROM" address is present in the body, like the following message (sent via telnet): From: Subject: Test teste . Dovecot logs: Sep 28 13:08:00 lmtp(my.user at my.domain): Info: OOKlA3rA61dNbwAAkzG9Ng: sieve: msgid=unspecified: stored mail into mailbox 'INBOX' Sep 28 13:08:01 imap(my.user at my.domain): Info: copy from INBOX: box=INBOX.Spam, uid=154, msgid=, size=340, subject=Test Sep 28 13:08:01 imap(my.user at my.domain): Info: expunge: box=INBOX, uid=18147, msgid=, size=340, subject=Test Thanks in advance From miguelmclara at gmail.com Wed Sep 28 13:16:33 2016 From: miguelmclara at gmail.com (Miguel C) Date: Wed, 28 Sep 2016 14:16:33 +0100 Subject: FreeBSD port In-Reply-To: <20160928083212.0000111f@seibercom.net> References: <20160926192112.GA89751@doctor.nl2k.ab.ca> <20160928083212.0000111f@seibercom.net> Message-ID: On Wed, Sep 28, 2016 at 1:32 PM, Jerry wrote: > On Mon, 26 Sep 2016 13:21:12 -0600, The Doctor stated: > > >Is the person responsible for the FreeBSD port on this list? > > > >There might be a minor bug in a small piece of correction code issues > >in the last 4 days. > > The maintainers email address is: . Why don't you > just contact him directly, or CC him via this forum? > > I would suggest report the bug in https://bugs.freebsd.org/bugzilla/ it will get assigned to the maintainer, you can submit a patch there too. If its a confirmed bug, I would say its the preferred way so others can see the report and possibly try the proposed patches locally. Melhores Cumprimentos // Best Regards ----------------------------------------------- *Miguel Clara* *IT - Sys Admin & Developer* > -- > Jerry > From flatworm at users.sourceforge.net Wed Sep 28 13:30:10 2016 From: flatworm at users.sourceforge.net (Konstantin Khomoutov) Date: Wed, 28 Sep 2016 16:30:10 +0300 Subject: dovecot is moving messages to spam In-Reply-To: References: Message-ID: <20160928163010.88d25cd8d4574feac316ff4c@domain007.com> On Wed, 28 Sep 2016 10:15:25 -0300 Webert de Souza Lima wrote: > is there any dovecot rule settings besides X-Spam-Flag header? Can it > move messages via IMAP? > > I have a message that is being moved to spam folder after delivered > in the INBOX but it has no X-Spam-Flag and it's not beeing done by > the user (I changed his password, suspended his account and made his > login impossible). > > This happens only when certain "FROM" address is present in the body, > like the following message (sent via telnet): [...] > Sep 28 13:08:00 lmtp(my.user at my.domain): Info: OOKlA3rA61dNbwAAkzG9Ng: > sieve: msgid=unspecified: stored mail into mailbox 'INBOX' > > Sep 28 13:08:01 imap(my.user at my.domain): Info: copy from INBOX: > box=INBOX.Spam, uid=154, msgid=, size=340, subject=Test > > Sep 28 13:08:01 imap(my.user at my.domain): Info: expunge: box=INBOX, > uid=18147, msgid=, size=340, subject=Test [...] Are you sure there's no Sieve script active for this user? (Note that there also could be a global Sieve script or scripts which are executed before/after those of a user.) And have you really verified nothing logs into the server for sure using that user's credentials (such as a Thunderbird instance with mail filters enabled)? Another thing to check is that this user's INBOX folder is not shared with someone else (if at all possible). From webert.boss at gmail.com Wed Sep 28 13:39:39 2016 From: webert.boss at gmail.com (Webert de Souza Lima) Date: Wed, 28 Sep 2016 10:39:39 -0300 Subject: dovecot is moving messages to spam In-Reply-To: <20160928163010.88d25cd8d4574feac316ff4c@domain007.com> References: <20160928163010.88d25cd8d4574feac316ff4c@domain007.com> Message-ID: Hi Konstantin, There is no sieve for the user (checked his dovecot mail directory, sieve folder is empty and there is no sieve file) and the only global sieve present is regarding the X-Spam-Flag header, which is not the case. There is no login happening for this user and this occur, for sure. The only thing I can imagine is some e-mail client as you said is holding an old connection open, previously authenticated (before I disabled his login) and moving the messages with some filter. Looking at the logs, it surely looks like an e-mail client software. I'll take a deeper look into this. On Wed, Sep 28, 2016 at 10:30 AM, Konstantin Khomoutov < flatworm at users.sourceforge.net> wrote: > On Wed, 28 Sep 2016 10:15:25 -0300 > Webert de Souza Lima wrote: > > > is there any dovecot rule settings besides X-Spam-Flag header? Can it > > move messages via IMAP? > > > > I have a message that is being moved to spam folder after delivered > > in the INBOX but it has no X-Spam-Flag and it's not beeing done by > > the user (I changed his password, suspended his account and made his > > login impossible). > > > > This happens only when certain "FROM" address is present in the body, > > like the following message (sent via telnet): > [...] > > Sep 28 13:08:00 lmtp(my.user at my.domain): Info: OOKlA3rA61dNbwAAkzG9Ng: > > sieve: msgid=unspecified: stored mail into mailbox 'INBOX' > > > > Sep 28 13:08:01 imap(my.user at my.domain): Info: copy from INBOX: > > box=INBOX.Spam, uid=154, msgid=, size=340, subject=Test > > > > Sep 28 13:08:01 imap(my.user at my.domain): Info: expunge: box=INBOX, > > uid=18147, msgid=, size=340, subject=Test > [...] > > Are you sure there's no Sieve script active for this user? > (Note that there also could be a global Sieve script or scripts which > are executed before/after those of a user.) > > And have you really verified nothing logs into the server for sure > using that user's credentials (such as a Thunderbird instance with mail > filters enabled)? Another thing to check is that this user's INBOX > folder is not shared with someone else (if at all possible). > From aki.tuomi at dovecot.fi Wed Sep 28 14:13:39 2016 From: aki.tuomi at dovecot.fi (Aki Tuomi) Date: Wed, 28 Sep 2016 17:13:39 +0300 (EEST) Subject: dovecot is moving messages to spam In-Reply-To: References: <20160928163010.88d25cd8d4574feac316ff4c@domain007.com> Message-ID: <518577544.9431.1475072020448@appsuite-dev.open-xchange.com> Hi, you could try doveadm who and doveadm kick. These might help you out. Aki > On September 28, 2016 at 4:39 PM Webert de Souza Lima wrote: > > > Hi Konstantin, > > There is no sieve for the user (checked his dovecot mail directory, sieve > folder is empty and there is no sieve file) and the only global sieve > present is regarding the X-Spam-Flag header, which is not the case. > There is no login happening for this user and this occur, for sure. > > The only thing I can imagine is some e-mail client as you said is holding > an old connection open, previously authenticated (before I disabled his > login) and moving the messages with some filter. > Looking at the logs, it surely looks like an e-mail client software. > > I'll take a deeper look into this. > > On Wed, Sep 28, 2016 at 10:30 AM, Konstantin Khomoutov < > flatworm at users.sourceforge.net> wrote: > > > On Wed, 28 Sep 2016 10:15:25 -0300 > > Webert de Souza Lima wrote: > > > > > is there any dovecot rule settings besides X-Spam-Flag header? Can it > > > move messages via IMAP? > > > > > > I have a message that is being moved to spam folder after delivered > > > in the INBOX but it has no X-Spam-Flag and it's not beeing done by > > > the user (I changed his password, suspended his account and made his > > > login impossible). > > > > > > This happens only when certain "FROM" address is present in the body, > > > like the following message (sent via telnet): > > [...] > > > Sep 28 13:08:00 lmtp(my.user at my.domain): Info: OOKlA3rA61dNbwAAkzG9Ng: > > > sieve: msgid=unspecified: stored mail into mailbox 'INBOX' > > > > > > Sep 28 13:08:01 imap(my.user at my.domain): Info: copy from INBOX: > > > box=INBOX.Spam, uid=154, msgid=, size=340, subject=Test > > > > > > Sep 28 13:08:01 imap(my.user at my.domain): Info: expunge: box=INBOX, > > > uid=18147, msgid=, size=340, subject=Test > > [...] > > > > Are you sure there's no Sieve script active for this user? > > (Note that there also could be a global Sieve script or scripts which > > are executed before/after those of a user.) > > > > And have you really verified nothing logs into the server for sure > > using that user's credentials (such as a Thunderbird instance with mail > > filters enabled)? Another thing to check is that this user's INBOX > > folder is not shared with someone else (if at all possible). > > From doctor at doctor.nl2k.ab.ca Wed Sep 28 14:20:57 2016 From: doctor at doctor.nl2k.ab.ca (The Doctor) Date: Wed, 28 Sep 2016 08:20:57 -0600 Subject: FreeBSD port In-Reply-To: <20160928083212.0000111f@seibercom.net> References: <20160926192112.GA89751@doctor.nl2k.ab.ca> <20160928083212.0000111f@seibercom.net> Message-ID: <20160928142057.GB33422@doctor.nl2k.ab.ca> On Wed, Sep 28, 2016 at 08:32:12AM -0400, Jerry wrote: > On Mon, 26 Sep 2016 13:21:12 -0600, The Doctor stated: > > >Is the person responsible for the FreeBSD port on this list? > > > >There might be a minor bug in a small piece of correction code issues > >in the last 4 days. > > The maintainers email address is: . Why don't you > just contact him directly, or CC him via this forum? > Already done. > -- > Jerry -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Time for the USA to hold a referendum on its republic and vote to dissolve!! From webert.boss at gmail.com Wed Sep 28 16:29:07 2016 From: webert.boss at gmail.com (Webert de Souza Lima) Date: Wed, 28 Sep 2016 13:29:07 -0300 Subject: dovecot is moving messages to spam In-Reply-To: <518577544.9431.1475072020448@appsuite-dev.open-xchange.com> References: <20160928163010.88d25cd8d4574feac316ff4c@domain007.com> <518577544.9431.1475072020448@appsuite-dev.open-xchange.com> Message-ID: Hello, it worked just fine. thank your for your help. After change this user's password and kicked him, I resent the e-mail and it didn't move. Surely he has some MUA set somewhere but he has no clue where. Thank you for your time. On Wed, Sep 28, 2016 at 11:13 AM, Aki Tuomi wrote: > Hi, > > you could try doveadm who and doveadm kick. These might help you out. > > Aki > > On September 28, 2016 at 4:39 PM Webert de Souza Lima < > webert.boss at gmail.com> wrote: > > > > > > Hi Konstantin, > > > > There is no sieve for the user (checked his dovecot mail directory, sieve > > folder is empty and there is no sieve file) and the only global sieve > > present is regarding the X-Spam-Flag header, which is not the case. > > There is no login happening for this user and this occur, for sure. > > > > The only thing I can imagine is some e-mail client as you said is holding > > an old connection open, previously authenticated (before I disabled his > > login) and moving the messages with some filter. > > Looking at the logs, it surely looks like an e-mail client software. > > > > I'll take a deeper look into this. > > > > On Wed, Sep 28, 2016 at 10:30 AM, Konstantin Khomoutov < > > flatworm at users.sourceforge.net> wrote: > > > > > On Wed, 28 Sep 2016 10:15:25 -0300 > > > Webert de Souza Lima wrote: > > > > > > > is there any dovecot rule settings besides X-Spam-Flag header? Can it > > > > move messages via IMAP? > > > > > > > > I have a message that is being moved to spam folder after delivered > > > > in the INBOX but it has no X-Spam-Flag and it's not beeing done by > > > > the user (I changed his password, suspended his account and made his > > > > login impossible). > > > > > > > > This happens only when certain "FROM" address is present in the body, > > > > like the following message (sent via telnet): > > > [...] > > > > Sep 28 13:08:00 lmtp(my.user at my.domain): Info: > OOKlA3rA61dNbwAAkzG9Ng: > > > > sieve: msgid=unspecified: stored mail into mailbox 'INBOX' > > > > > > > > Sep 28 13:08:01 imap(my.user at my.domain): Info: copy from INBOX: > > > > box=INBOX.Spam, uid=154, msgid=, size=340, subject=Test > > > > > > > > Sep 28 13:08:01 imap(my.user at my.domain): Info: expunge: box=INBOX, > > > > uid=18147, msgid=, size=340, subject=Test > > > [...] > > > > > > Are you sure there's no Sieve script active for this user? > > > (Note that there also could be a global Sieve script or scripts which > > > are executed before/after those of a user.) > > > > > > And have you really verified nothing logs into the server for sure > > > using that user's credentials (such as a Thunderbird instance with mail > > > filters enabled)? Another thing to check is that this user's INBOX > > > folder is not shared with someone else (if at all possible). > > > > From chris2014 at postbox.xyz Wed Sep 28 19:51:09 2016 From: chris2014 at postbox.xyz (Chris) Date: Wed, 28 Sep 2016 21:51:09 +0200 Subject: Softlinks Message-ID: <76d4a1be88e1e46c225bed899e9c14a3.squirrel@mail2.postbox.xyz> All, I'm using Maildir. Is it possible to move all (or only some) maildirs with softlinks to another partition? - Chris From skdovecot at smail.inf.fh-brs.de Thu Sep 29 07:04:34 2016 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Thu, 29 Sep 2016 09:04:34 +0200 (CEST) Subject: Softlinks In-Reply-To: <76d4a1be88e1e46c225bed899e9c14a3.squirrel@mail2.postbox.xyz> References: <76d4a1be88e1e46c225bed899e9c14a3.squirrel@mail2.postbox.xyz> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, 28 Sep 2016, Chris wrote: > I'm using Maildir. Is it possible to move all (or only some) maildirs with > softlinks to another partition? I did this, but be prepared that you have left-overs when the user deletes the mailbox (mail folder). I have mapped for instance SPAM / HAM reporting and some widely folders folders into user's Maildir, this works without any problems. Well, no user tried to delete those linked ones so far. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBV+y9Anz1H7kL/d9rAQLkswf+K71RLMNh6DsehPjgd4jb8Rk9MvixcINa 1RYZqowHvfEf/zWGF+uOZxIycSTxf+84K3Qiac6EjHSQXsVbosy7o4v6S1EZOeAi n9mK9itDjXhDGnY1MlYgpJ1C/pK+UqbYzgelR1WgBH8AiI+zEzEHv4RCEvLaFSxB RfizZ66Nz2kaw9PnXkwmN5R8wzasdT3+1DKiekGzMRi4U/Rc61PuWEwNBZKllfnc 5jQAopi7PsEX8eO11xWtGbyTtLj2qm/k9odphiWl8fJlZpTICdtuyFxVpbsZf/t/ TRO5meXfIAHs4+BI/LYmHnCNiELUlwaGJAyRBzPNcMO7aDtANqSatw== =9vGQ -----END PGP SIGNATURE----- From skdovecot at smail.inf.fh-brs.de Thu Sep 29 08:15:04 2016 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Thu, 29 Sep 2016 10:15:04 +0200 (CEST) Subject: Login just at special timeslots / working hours In-Reply-To: <1604701070.7979.1474988590120@appsuite-dev.open-xchange.com> References: <1604701070.7979.1474988590120@appsuite-dev.open-xchange.com> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 27 Sep 2016, Aki Tuomi wrote: >> On September 27, 2016 at 5:42 PM G?tz Reinicke - IT Koordinator wrote: >> >> is there a dovecot feature I did not found yet, which can limit the >> access to the server to special timeslots like working hours? >> >> Or is that a serverside / sssd / auth / pam / account feature? >> >> Thanks for hints to some helpfull documentation and sugesstions. > > At least this is doable with PAM. See > http://www.linux-pam.org/Linux-PAM-html/sag-pam_time.html Should be also doable with SQL-based passdb by adding the check to the WHERE clause - even by user. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBV+zNiHz1H7kL/d9rAQL0Lwf8Ca4frRhb/99pLgFw90XcSnUqbT/AU2dw Nr4xb5uQaT3mkO67aME0jA+0yRW8Bz74qV+ULkC/KxzMo1Oh5f1t+4eeSseZWUBe TZik2z1ypzzAvMOdf8Z/ldkmNibAjiAdE1/WOioefTVL+LYmRwwrc4BBRQGXtLvO Ef3ZcHWPwPJ6JCji0GsYbfR8is2vNj9YJEdhjROAPokWQ6up5fpULWUAVvk5vTxd d6YGrmBpUFydgK36uxB11LefVawd0hFJN+ogFtFiP2J+gZEx+AQ0NgKA+CFwYGxL 4ltCEAN1NYbyuPTezZaZWZBBu2uUXwdXT7oxzzKhZqtpBIJXQUl/NA== =R0HA -----END PGP SIGNATURE----- From webert.boss at gmail.com Thu Sep 29 12:33:39 2016 From: webert.boss at gmail.com (Webert de Souza Lima) Date: Thu, 29 Sep 2016 09:33:39 -0300 Subject: doveadm backup fails (compromised single attachment storage) Message-ID: Hi, A couple of months ago I had a problem with Single Attachment Storage after infrastructure migration; All mailboxes were rsynced to another filesystem, and that may have broken Single Attachment Storage. Many, many (if not all) mailboxes show the below logs on dovecot: imap(foo at bar.com): Error: read(attachments-connector(zlib(/dovecotdir/mail/ bar.com/foo/mailboxes/INBOX/dbox-Mails/u.26426))) failed: read(/dovecotdir/attach/ bar.com/de/86/de8673894d6fb3f4460e3c26436eefa9a73517fa0f000452f553822367220761502e1d0ce220eee5aa9acf232df0adebf40cce90b57d2e60e1eb9c9ef21671fa-b0d3411772c14957536100009331bd36-43cea6154b3275573b0800009331bd36-26426[base64:19 b/l]) failed: open(/dovecotdir/attach/ bar.com/de/86/de8673894d6fb3f4460e3c26436eefa9a73517fa0f000452f553822367220761502e1d0ce220eee5aa9acf232df0adebf40cce90b57d2e60e1eb9c9ef21671fa-b0d3411772c14957536100009331bd36-43cea6154b3275573b0800009331bd36-26426) failed: No such file or directory When that happens, the MUA keeps syncing forever. Now, I need to migrate all mailboxes (again) to another dovecot instance (with no SAS), which works perfectly for new users but when I try to migrate users from my current dovecot server for this new server, I get such errors again, and I can't migrate: 2016-09-29T12:20:50.995934059Z Sep 29 12:20:50 dsync-server(foo at bar.com): Error: dsync(cf7d091311eb): read(attachments-connector(zlib(/dovecotdir/mdbox/bar.com/foo/storage/m.1))) failed: read(/dovecotdir/attach/ bar.com/0c/df/0cdf86b1920938fe3a043f87e2ee9e63dda276bd5b9fba687e4a0c63d181c3b6ebdb96a9517f048c963db71404ad5d14e896e2e67b7abb0c9e107aed5c15ecf1-430ea904dff46757ba1700009331bd36[base64:18 b/l]) failed: open(/dovecotdir/attach/ bar.com/0c/df/0cdf86b1920938fe3a043f87e2ee9e63dda276bd5b9fba687e4a0c63d181c3b6ebdb96a9517f048c963db71404ad5d14e896e2e67b7abb0c9e107aed5c15ecf1-430ea904dff46757ba1700009331bd36) failed: No such file or directory (last sent=mail, last recv=mail_request (EOL)) Is there a way to fix the attachments problem? (I know I can't recover such files, that's Ok) Is there a way to migrate (dsync backup) ignoring such problems? Thanks in advance. From chris2014 at postbox.xyz Thu Sep 29 15:51:39 2016 From: chris2014 at postbox.xyz (Chris) Date: Thu, 29 Sep 2016 17:51:39 +0200 Subject: Softlinks In-Reply-To: References: <76d4a1be88e1e46c225bed899e9c14a3.squirrel@mail2.postbox.xyz> Message-ID: <59c195e21830cad101fb83a2ec1ba1d4.squirrel@mail2.postbox.xyz> Steffen Kaiser wrote: > On Wed, 28 Sep 2016, Chris wrote: >> I'm using Maildir. Is it possible to move all (or only some) maildirs >> with >> softlinks to another partition? > > I did this, but be prepared that you have left-overs when the user deletes > the mailbox (mail folder). Ok, thank you. I would just link top-level folders, e.g. /var/vmail/users/userA -> /data/vmail2/users/userA for some extra big mailboxes. - Chris From amk at spamfence.net Fri Sep 30 00:26:57 2016 From: amk at spamfence.net (Andreas M. Kirchwitz) Date: Fri, 30 Sep 2016 00:26:57 +0000 (UTC) Subject: Dovecot 2.2.25 fails on SSL References: Message-ID: Joseph Tam wrote: >>> OK, the origin of your problem becomes clearer. You can hardcode these >>> paths into the executables by doing something like >>> >>> env CFLAGS='-I/my'ssl/include' \ >>> LDFLAGS='-L/your/ssl/lib -Wl,-rpath,/my/ssl/lib' \ >>> configure ... >> >> Based on your mail I've tried CFLAGS/LDFLAGS again, and >> now Dovecot didn't even compile any longer. > > I don't use the same OS as you, but what errors dis you get? To be exact here, it's not the compiler but the linker failing (of course, the whole problem is about the linking process). With "--as-needed", the crypto/ssl libraries are not linked at all with the object files. I don't quite understand why it doesn't fall back to the system crypto/ssl libraries because they are in the default pathes with all other libraries. (That's basically what most other software packages do if my custom pathes for "-L" "-Wl,-R" somehow get ignored in the building process.) IMHO, the unusual option "--as-needed" should be removed. There seems to be no benefit but it basically keeps Dovecot to be linked against any custom-specified library. Maybe it's just a problem with RHEL/CentOS 6 and the GCC that ships with it. I'm compiling a lot of software myself and link it against my custom OpenSSL. Never had this problem before, otherwise I would have known to specify "-Wl,--no-as-needed" to reverse ld's behavior to the default. Well, at least I've learned something new. :-) Regards, Andreas From aki.tuomi at dovecot.fi Fri Sep 30 03:42:52 2016 From: aki.tuomi at dovecot.fi (Aki Tuomi) Date: Fri, 30 Sep 2016 06:42:52 +0300 (EEST) Subject: Dovecot 2.2.25 fails on SSL In-Reply-To: References: Message-ID: <357520769.6613.1475206973513@appsuite-dev.open-xchange.com> > On September 30, 2016 at 3:26 AM "Andreas M. Kirchwitz" wrote: > > > Joseph Tam wrote: > > >>> OK, the origin of your problem becomes clearer. You can hardcode these > >>> paths into the executables by doing something like > >>> > >>> env CFLAGS='-I/my'ssl/include' \ > >>> LDFLAGS='-L/your/ssl/lib -Wl,-rpath,/my/ssl/lib' \ > >>> configure ... > >> > >> Based on your mail I've tried CFLAGS/LDFLAGS again, and > >> now Dovecot didn't even compile any longer. > > > > I don't use the same OS as you, but what errors dis you get? > > To be exact here, it's not the compiler but the linker failing > (of course, the whole problem is about the linking process). > > With "--as-needed", the crypto/ssl libraries are not linked at all with > the object files. I don't quite understand why it doesn't fall back to > the system crypto/ssl libraries because they are in the default pathes > with all other libraries. (That's basically what most other software > packages do if my custom pathes for "-L" "-Wl,-R" somehow get ignored > in the building process.) > > IMHO, the unusual option "--as-needed" should be removed. There seems > to be no benefit but it basically keeps Dovecot to be linked against > any custom-specified library. > > Maybe it's just a problem with RHEL/CentOS 6 and the GCC that ships > with it. I'm compiling a lot of software myself and link it against > my custom OpenSSL. Never had this problem before, otherwise I would > have known to specify "-Wl,--no-as-needed" to reverse ld's behavior > to the default. > > Well, at least I've learned something new. :-) > > Regards, Andreas Hi, The as-needed issue has been hopefully fixed in https://github.com/dovecot/core/commit/f49f1c5fa6a9a55a194e5ada042df134907278f4 Aki From alessio at skye.it Fri Sep 30 07:31:19 2016 From: alessio at skye.it (Alessio Cecchi) Date: Fri, 30 Sep 2016 09:31:19 +0200 Subject: NFSv4 and Maildir In-Reply-To: <2B043C3E-CB05-4942-9AB5-0AF2402A77CE@inoc.net> References: <2B043C3E-CB05-4942-9AB5-0AF2402A77CE@inoc.net> Message-ID: <5d65c671-2831-c1fb-620f-d9d6d1fdfc69@skye.it> Il 23/09/2016 14:31, Robert Blayzor ha scritto: > Recently moving to newer storage platforms for mailbox storage so looking at moving mounts from NFSv3 with lots of issues with locking and caching to NFSv4. > > There seems to be a lot of benefits to v4 along with some other new features, namely ?delegation?. > > So the question boils down to, to delegate or not delegate on Maildir storage. There may be many reasons based on actual platform why to do (or not to do this), but I want to get the general opinion from others that may have more experience with this. Our setup is several FreeBSD 10.x clients running Dovecot/Exim, NetApp NFS mail storage (probably moving to TrueNAS) and using F5 load balancers for client side connections/SSL offload. > > From what I?ve found (and what i?ve read in the RFC) is that delegation seems to work best when there is NOT a lot of file contention from clients accessing the same files. I realize that in some situations many people are using director to try and keep users on the same client; in our case we?re doing it with F5 iRules. The F5 iRules work great for POP3 and IMAP session persistence, but unfortunately that doesn?t work for SMTP and Dovecot LDA, so we still have possible race conditions from the MTA?s delivering into ?INBOX?. (mostly dovecot indexes updating at the same time). > > So the big question is, who is using Dovecot with maildirs with NFSv4 mounts. What has your experience been? Are you using delegation? By choice and why did you come to that decision. > > I?m drawing up the conclusion that if you can *mostly* control client control to specific files (ie: directing access to a mailbox to come from one client), then delegation might be ok. However, if you?re not using director and have several NFS mail clients racing to access mailboxes, then delegation might turn into chaos. > > > Your comments welcome and appreciated. Hi Robert, we have a setup with (CentOS 6) Director+Dovecot, Maildir as storage on NetApp NFS v3. Every time I try to switch to NFS v4 I found issue with lock (and others). So for me NFSv4 with Maildir is "unstable" or need a fine tuning that I don't know. -- Alessio Cecchi Postmaster @ http://www.qboxmail.it https://www.linkedin.com/in/alessice From robert.munteanu at gmail.com Fri Sep 30 10:01:16 2016 From: robert.munteanu at gmail.com (Robert Munteanu) Date: Fri, 30 Sep 2016 13:01:16 +0300 Subject: [patch] Improved error checking for the dovecot-antispam-plugin In-Reply-To: References: Message-ID: Hi, Has this slipped off the radar or is it somehow not suitable for inclusion? Thanks, Robert On Thu, Aug 18, 2016 at 6:16 PM, Robert Munteanu wrote: > (snip) > >> I have no issue in resending a new version of the patch with better >> error reporting, will do so in the following days. >> >> Robert > > I've attached a second version of the patch, feel free to consider any > of them for inclusion. > > Thanks, > > Robert > > > -- > http://robert.muntea.nu/ -- http://robert.muntea.nu/ From webert.boss at gmail.com Fri Sep 30 13:18:47 2016 From: webert.boss at gmail.com (Webert de Souza Lima) Date: Fri, 30 Sep 2016 13:18:47 +0000 Subject: doveadm backup fails (compromised single attachment storage) In-Reply-To: References: Message-ID: by SAS I meant SIAS (Single Instance Attachment Storage). On Thu, Sep 29, 2016 at 9:33 AM Webert de Souza Lima wrote: > Hi, > > A couple of months ago I had a problem with Single Attachment Storage > after infrastructure migration; > > All mailboxes were rsynced to another filesystem, and that may have broken > Single Attachment Storage. Many, many (if not all) mailboxes show the below > logs on dovecot: > > imap(foo at bar.com): Error: > read(attachments-connector(zlib(/dovecotdir/mail/ > bar.com/foo/mailboxes/INBOX/dbox-Mails/u.26426))) failed: > read(/dovecotdir/attach/ > bar.com/de/86/de8673894d6fb3f4460e3c26436eefa9a73517fa0f000452f553822367220761502e1d0ce220eee5aa9acf232df0adebf40cce90b57d2e60e1eb9c9ef21671fa-b0d3411772c14957536100009331bd36-43cea6154b3275573b0800009331bd36-26426[base64:19 > > b/l]) failed: open(/dovecotdir/attach/ > bar.com/de/86/de8673894d6fb3f4460e3c26436eefa9a73517fa0f000452f553822367220761502e1d0ce220eee5aa9acf232df0adebf40cce90b57d2e60e1eb9c9ef21671fa-b0d3411772c14957536100009331bd36-43cea6154b3275573b0800009331bd36-26426) > failed: No such file or directory > > > When that happens, the MUA keeps syncing forever. > > Now, I need to migrate all mailboxes (again) to another dovecot instance > (with no SAS), which works perfectly for new users but when I try to > migrate users from my current dovecot server for this new server, I get > such errors again, and I can't migrate: > > 2016-09-29T12:20:50.995934059Z Sep 29 12:20:50 dsync-server(foo at bar.com): > Error: dsync(cf7d091311eb): > read(attachments-connector(zlib(/dovecotdir/mdbox/bar.com/foo/storage/m.1))) > failed: read(/dovecotdir/attach/ > bar.com/0c/df/0cdf86b1920938fe3a043f87e2ee9e63dda276bd5b9fba687e4a0c63d181c3b6ebdb96a9517f048c963db71404ad5d14e896e2e67b7abb0c9e107aed5c15ecf1-430ea904dff46757ba1700009331bd36[base64:18 > > b/l]) failed: open(/dovecotdir/attach/ > bar.com/0c/df/0cdf86b1920938fe3a043f87e2ee9e63dda276bd5b9fba687e4a0c63d181c3b6ebdb96a9517f048c963db71404ad5d14e896e2e67b7abb0c9e107aed5c15ecf1-430ea904dff46757ba1700009331bd36) > failed: No such file or directory (last sent=mail, last recv=mail_request > (EOL)) > > Is there a way to fix the attachments problem? (I know I can't recover > such files, that's Ok) > Is there a way to migrate (dsync backup) ignoring such problems? > > Thanks in advance. > From steven.xu at lba.ca Fri Sep 30 13:39:25 2016 From: steven.xu at lba.ca (Steven Xu) Date: Fri, 30 Sep 2016 09:39:25 -0400 Subject: Maildir Expunged GUID mismatch for UID Message-ID: <0c7b01d21b20$0f5c3410$2e149c30$@lba.ca> Dovecot version:2.2.25 Since we used to keep our email files on widows server, I made the following changes in maildir-storage.h #define MAILDIR_EXTRA_SEP ',' #define MAILDIR_INFO_SEP_S ":" to "+". Everything seems working except EXPUNG, The dovecot log is flooded by messages like following: imap(xxxxx): Error: Mailbox INBOX: Expunged GUID mismatch for UID 7039 Then I read the source code, and found the following lines in maildir-sync-index.c T_BEGIN { guid = maildir_uidlist_lookup_ext(ctx->mbox->uidlist, uid, MAILDIR_UIDLIST_REC_EXT_GUID); if (guid == NULL) guid = t_strcut(filename, ':'); mail_generate_guid_128_hash(guid, guid_128); } T_END; I have to change the code to guid = t_strcut(filename, '+'); So, should MAILDIR_EXTRA_SEP be used here instead of ':'? Thanks, Steven From p.heinlein at heinlein-support.de Fri Sep 30 14:10:16 2016 From: p.heinlein at heinlein-support.de (Peer Heinlein) Date: Fri, 30 Sep 2016 16:10:16 +0200 Subject: Shared folder in a sharded cluster setup Message-ID: <57EE7248.5070001@heinlein-support.de> Hi! With Dovecot Director and Proxy or the new (great!) TAG-feature from Dovecot it's easy to set up a shared IMAP-Cluster with individual local filesystems. But I'm unsure if it's possible to build a setup where shared mailboxes still can work. If user A is on Cluster (1) and user B is on (2), and Cluster (1) does not have access to the mail-home from B on (2), then user A can not reach the shared folders provided from User B on (2). I hope that there is a kind of backend-proxy-mechanism, so that the imap process of A on (1) can imap-proxy the requests for the shared folder to a node from cluster shard (2). And: To be exact, the imap process on (1) should forward the request to cluster (2) by the director system to make sure, that the connection will terminate on the right active backend of User B. This sounds like a special problem if local filesystems with mdbox are used and I now the great features of using Dovecot on Object Store, where every node can check out all mail-locations from all users. But especially on obox-systems it is very important that requests for a user are always terminated on the same backend. So how can shared folders work there?! Node (1) can not checkout the shared folders from User B if his obox storage is already active on another host (2)! Peer -- Heinlein Support GmbH Schwedter Str. 8/9b, 10119 Berlin http://www.heinlein-support.de Tel: 030 / 405051-42 Fax: 030 / 405051-19 Zwangsangaben lt. ?35a GmbHG: HRB 93818 B / Amtsgericht Berlin-Charlottenburg, Gesch?ftsf?hrer: Peer Heinlein -- Sitz: Berlin From jtam.home at gmail.com Fri Sep 30 22:27:51 2016 From: jtam.home at gmail.com (Joseph Tam) Date: Fri, 30 Sep 2016 15:27:51 -0700 (PDT) Subject: NFSv4 and Maildir In-Reply-To: References: Message-ID: > we have a setup with (CentOS 6) Director+Dovecot, Maildir as storage on > NetApp NFS v3. Every time I try to switch to NFS v4 I found issue with > lock (and others). So for me NFSv4 with Maildir is "unstable" or need a > fine tuning that I don't know. I found the same thing, and turning off write delegation seemed to have solved the problem. I still don't know why, though. Joseph Tam