From tss at iki.fi  Fri Jun  1 13:26:44 2012
From: tss at iki.fi (Timo Sirainen)
Date: Fri, 1 Jun 2012 13:26:44 +0300
Subject: [Dovecot] inet_listener imaps { port = 0 } question
In-Reply-To: <5748fd83f78445be8a644585a877b682@rootservers.in>
References: <5748fd83f78445be8a644585a877b682@rootservers.in>
Message-ID: <23CB1C0E-C328-45C9-980A-ABD79A0EB965@iki.fi>

On 31.5.2012, at 16.58, henrixd wrote:

> Why commenting out "inet_listener imaps {}" won't stop dovecot to listen port 993? I think this would be expected behavior. Just curious, finally got it working with port = 0. :)

When you comment out something, Dovecot uses the default settings for it. By default Dovecot listens on port 993.


From joe.beaubien at gmail.com  Fri Jun  1 18:36:02 2012
From: joe.beaubien at gmail.com (Joe Beaubien)
Date: Fri, 1 Jun 2012 11:36:02 -0400
Subject: [Dovecot] Inconsistent search results and crash on force-resync
Message-ID: <CAL7v5fsa8HjnnT2P4i9Hu+iVutj=pyyGi4FYrA8sEEFPOKc6LA@mail.gmail.com>

Hi,

I am seeing inconsistencies in search results (finding 2 emails when only 1
exists, finding the email when it has been moved to another folder, etc).

I figured I should run force-resync to fix any issues. I ran the following:
doveadm -v force-resync -u <user> <mailbox> and I got some worrysome logs.
  - I should mention that I have been seeing some crashes of fts-lucene in
my logs. I sent a traceback of this on the mailing list 1-2 days ago under
the subject "[Dovecot] fts_lucene crashing".
  - I should also mention that all the problems I am having are only in 1
email account. This email account contains folders of over 100k emails. Do
I need to tweak dovecot somehow for this? Up until now all I did was change
vsz_limit to 1024 MB for "service imap".


Here are the logs:

Jun  1 11:15:01 XXXXX dovecot: imap(form): Error: Recent flags state
corrupted for mailbox INBOX2
Jun  1 11:15:01 XXXXX dovecot: imap(form): Error:
/data/emails/form/mailboxes/INBOX2/dbox-Mails/dovecot.index reset, view is
now inconsistent
Jun  1 11:15:01 XXXXX dovecot: imap(form): Error:
/data/emails/form/mailboxes/INBOX2/dbox-Mails/dovecot.index reset, view is
now inconsistent
Jun  1 11:15:01 XXXXX dovecot: imap(form): Error: Recent flags state
corrupted for mailbox contrat
Jun  1 11:15:01 XXXXX dovecot: imap(form): Error:
/data/emails/form/mailboxes/contrat/dbox-Mails/dovecot.index reset, view is
now inconsistent
Jun  1 11:15:01 XXXXX dovecot: imap(form): Error:
/data/emails/form/mailboxes/rep_Immigation
soi-m&AOo-me/dbox-Mails/dovecot.index reset, view is now inconsistent
Jun  1 11:15:01 XXXXX dovecot: imap(form): Error:
/data/emails/form/mailboxes/Templates/dbox-Mails/dovecot.index reset, view
is now inconsistent
Jun  1 11:15:02 XXXXX dovecot: imap(form): Error: Recent flags state
corrupted for mailbox rep_eval_positive
Jun  1 11:15:02 XXXXX dovecot: imap(form): Error:
/data/emails/form/mailboxes/rep_eval_positive/dbox-Mails/dovecot.index
reset, view is now inconsistent
Jun  1 11:15:02 XXXXX dovecot: imap(form): Error: Recent flags state
corrupted for mailbox Sent
Jun  1 11:15:02 XXXXX dovecot: imap(form): Error:
/data/emails/form/mailboxes/Sent/dbox-Mails/dovecot.index reset, view is
now inconsistent
Jun  1 11:15:02 XXXXX dovecot: imap(form): Error: Recent flags state
corrupted for mailbox form_positif
Jun  1 11:15:02 XXXXX dovecot: imap(form): Error:
/data/emails/form/mailboxes/form_positif/dbox-Mails/dovecot.index reset,
view is now inconsistent
Jun  1 11:15:02 XXXXX dovecot: imap(form): Error:
/data/emails/form/mailboxes/Archives/contrat/dbox-Mails/dovecot.index
reset, view is now inconsistent
Jun  1 11:15:02 XXXXX dovecot: imap(form): Error:
/data/emails/form/mailboxes/form_positif/dbox-Mails/dovecot.index reset,
view is now inconsistent
Jun  1 11:15:02 XXXXX dovecot: imap(form): Error:
/data/emails/form/mailboxes/form_positif/dbox-Mails/dovecot.index reset,
view is now inconsistent
Jun  1 11:15:03 XXXXX dovecot: imap(form): Error:
/data/emails/form/mailboxes/Archives/form_indetermine/dbox-Mails/dovecot.index
reset, view is now inconsistent
Jun  1 11:15:03 XXXXX dovecot: imap(form): Error:
/data/emails/form/mailboxes/Archives/form_indetermine/dbox-Mails/dovecot.index
reset, view is now inconsistent
Jun  1 11:15:15 XXXXX dovecot: imap(form): Error: Recent flags state
corrupted for mailbox form_indetermine
Jun  1 11:15:15 XXXXX dovecot: imap(form): Error:
/data/emails/form/mailboxes/form_indetermine/dbox-Mails/dovecot.index
reset, view is now inconsistent
Jun  1 11:15:25 XXXXX dovecot: indexer-worker: Error: indexer-worker:
/home/jd/work/clucene-core-2.3.3.4/src/core/CLucene/index/DocumentsWriter.cpp:210:
std::string lucene::index::DocumentsWriter::closeDocStore(): Assertion
`numDocsInStore*8 == directory->fileLength( (docStoreSegment + "." +
IndexFileNames::FIELDS_INDEX_EXTENSION).c_str() )' failed.
Jun  1 11:15:25 XXXXX dovecot: indexer: Error: Indexer worker disconnected,
discarding 28 requests for form
Jun  1 11:15:25 XXXXX dovecot: indexer-worker(form): Fatal: master:
service(indexer-worker): child 9909 killed with signal 6 (core not dumped)


I have 3 questions:

  1) When the log says "/mailboxes/INBOX2/dbox-Mails/dovecot.index reset,
view is now inconsistent" should I be worried, or this will fix itself?

  2) Should I expect to see "Error: Recent flags state corrupted for
mailbox Sent"??? I ran the force-resync 3 times and I still see this
message.

  3) Any idea why clucene is crashing?


Regards,


-Joe

From matthijs at stdin.nl  Fri Jun  1 21:27:33 2012
From: matthijs at stdin.nl (Matthijs Kooijman)
Date: Fri, 1 Jun 2012 20:27:33 +0200
Subject: [Dovecot] Exposing global (default) sieve script through Managesieve
Message-ID: <20120601182659.GA19340@login.drsnuggles.stderr.nl>

Hi folks,

I'm setting up a dovecot server with managesieve support. I'd like to
offer spamfiltering through a Sieve script to my users by default,
but still allow them to modify the filtering rules through Managesieve.

I found the sieve_global_path configuration option, which seems perfect
for what I want. I can configure a default script there, which will work
for all users until they set upload their own sieve script using
managesieve.

However, when configured like this, the user experience isn't quite
perfect. When users open the managesieve interface on their client,
there is no trace of the default filters, so users might think the
spamfiltering is done in some other manner. Now, when they create a
filtering rule (e.g., to sort out mail to mailing lists), that rule will
overwrite the default spamfiltering rule causing all the spam to spill
into the user's mailbox. I'm afraid that most users won't realize they
have to manually recreate the spamfiltering rule to fix this. Also, they
might not know how to write the rule, even if they do...

I've considered a few existing ways to fix this:
 - Use sieve_before / sieve_after to make sure that the default script
   is always executed, in addition to any user-supplied scripts. This
   removes the surprise, but removes the option for users to tweak the
   spamfiltering rules.
 - Don't use sieve_global_path, but instead distribute the default
   script to each user's homedir on user creation. This prevents making
   changes to the default script for existing users and in my setup,
   user creation and (mail)homedir creation are nicely separated through
   an LDAP directory, I'd rather not go this route.
 - When using the Roundcube webmail application as the IMAP client, I
   can point Roundcube at the default sieve script. Now, when Roundcube
   sees there are no scripts through ManageSieve, it shows a (fake)
   "default" script with the correct contents. As soon as the user
   changes this script or creates a new script, it is actually uploaded
   to Dovecot, causing the edited script to be used instead of the
   global script.

   This option has the user experience I'm looking for, but having this
   out-of-band connection from Roundcube to the default script
   configured with dovecot is ugly (and tricky, since these run on
   different hosts in my setup). The biggest problem is of course that
   this only works for Roundcube, not for any other IMAP client my users
   might use.

So, I was wondering: Wouldn't it make sense for the managesieve plugin
to do something similar to roundcube: When the user has no sieve script
configured, let it fake a single "default" script, showing the contents
of the global script?

Since the ManageSieve protocol doesn't seem to support any way to flag
this situation, it would be fooling the clients a bit, but I'm not sure
if that's really a problem.

While the user has not script named "default" in his sieve_dir:
 - include a script called "default" in the LISTSCRIPTS output.
 - return the contents of the sieve_global_path in the GETSCRIPT
   "default" command.
 - remove any sieve symlink after a SETACTIVE "default" command (as if
   SETACTIVE "" was given). This causes dovecot to fall back to the
   sieve_global_path script.
 - the DELETESCRIPT "default" command should fail. This might confuse
   clients and users, since it is listed in LISTSCRIPTS but cannot be
   deleted, but I think most users will understand they can't delete the
   default script.
 - RENAMESCRIPT "default" "some_name" should copy the sieve_global_path
   script into the user's sieve_dir. This will effectively copy the
   script instead of renaming it (since it will still be magically
   listed in LISTSCRIPTS), so that might be confusing.

All other commands work just like they do now (in particular, 
PUTSCRIPT "default" uploads a script called "default" into the user's
sieve_dir, preventing all of the above from applying.

As noted above, this change might cause some confusion, but I think that
is manageable. On additional thing is that running SETACTIVE "" will not
completely disable sieve processing (as would be expected), but will
(again) cause the sieve_global_path script to be run. This is already
the case currently, though, and should probably be considered a separate
problem (whose root cause is the lack of a difference between "no script
script configured yet" and "active script disabled", both remove the
sieve symlink). Also, this problem might be a feature in some setups, so
fixing it might not be so easy...


So, any thoughts on this? Any fundamental problems I'm missing? (Not-so)
obvious alternatives?

Gr.

Matthijs
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: Digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20120601/0e0ebc8b/attachment.bin>

From p at state-of-mind.de  Fri Jun  1 23:58:39 2012
From: p at state-of-mind.de (Patrick Ben Koetter)
Date: Fri, 1 Jun 2012 22:58:39 +0200
Subject: [Dovecot] dovecot stats: useful data to gather
Message-ID: <20120601205839.GG2176@state-of-mind.de>

Timo,

following our discussion on dovecot stats at the LinuxTag 2012 my team and I
sat down and put together a list of stat items we think to be useful in daily
dovecot usage.

Besides pulling together all the data we also think it would be useful to have
an SNMP interface to access the stats. Our offer to create and contribute a
standalone web interface for dovecot stats stands.

Here are the stats we believe to be useful:

Login/Logout
- total number login success/time
- total number login failure/time
- total number per authentication mechanism
- total number plain sessions
- total number STARTTLS sessions
- total number of currently connected users (pop3/pop3s/imap/imaps/managesieve)
- login names of connected users (not really stats, but great for actions
  regarding those uses e.g. force logout)
- total number logout commands/time
- total number BYE responses (autologout)

Mailbox state
- Inflow rate (number incoming messages/time)
- Deleted rate (number \Deleted flagged messages/time)
- Expunge rate (number Expunge operations/time)
- total number current messages mailboxes normal storage
- total number current messages mailboxes alt storage
- total number read messages mailboxes normal storage
- total number read messages mailboxes alt storage
- per user number current messages mailboxes normal storage
- per user number current messages mailboxes alt storage
- per user number read messages mailboxes normal storage
- per user number read messages mailboxes alt storage

Mailbox Quota
- total number persons under soft-quota per quota
- total number persons above or equal soft-quota per quota
- total number persons above or equal hard-quota per quota

Performance
- minimum time to write a message
- maximum time to write a message
- average time to write a message
- minimum time to modify a message
- maximum time to modify a message
- average time to modify a message
- minimum time to delete a message
- maximum time to delete a message
- average time to delete a message
- minimum time search operations
- maximum time search operations
- average time search operations

Regards,

p at rick

-- 
state of mind ()

http://www.state-of-mind.de

Franziskanerstra?e 15      Telefon +49 89 3090 4664
81669 M?nchen              Telefax +49 89 3090 4666

Amtsgericht M?nchen        Partnerschaftsregister PR 563


From ghe at slsware.com  Fri Jun  1 23:26:30 2012
From: ghe at slsware.com (Glenn English)
Date: Fri, 1 Jun 2012 14:26:30 -0600
Subject: [Dovecot] auth trouble
Message-ID: <AFCD81EE-2ABF-454F-8234-642D89A0F63C@slsware.com>

Debian Lenny, Dovecot v 1.0.15.

I'm getting a lot of what I think is a local socket asking 
dovecot:auth to verify username/passwords:

> May 31 09:00:54 server dovecot-auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=admin rhost= 

Note the empty 'rhost='. That's why I think it's on the 
server. I see others that look like bots:

> May 30 23:08:43 server dovecot-auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=admin rhost=200.119.139.22 

And I know how to promote the latter to a firewall. But with no 
rhost, I'm stumped...

I've read books, googled, read docs, and asked for help on 
other mailing lists, and I've learned a lot. And I no longer 
think it really has much to do with Dovecot, other than the 
login attempt going through it to get to PAM.

But has anyone here seen this before? Is my current theory 
correct? What did you do to make it go away?

(I suspect that upgrading to Debian Squeeze might get rid of 
it, but I'm afraid that if I don't figure out what's going 
on, it might just come back.)

-- 
Glenn English
hand-wrapped from my Apple Mail




From tss at iki.fi  Sat Jun  2 01:15:44 2012
From: tss at iki.fi (Timo Sirainen)
Date: Sat, 2 Jun 2012 01:15:44 +0300
Subject: [Dovecot] dovecot stats: useful data to gather
In-Reply-To: <20120601205839.GG2176@state-of-mind.de>
References: <20120601205839.GG2176@state-of-mind.de>
Message-ID: <F4410821-2D85-4E32-AF5B-9815308E5504@iki.fi>

On 1.6.2012, at 23.58, Patrick Ben Koetter wrote:

> Besides pulling together all the data we also think it would be useful to have
> an SNMP interface to access the stats.

I had thought about SNMP before also, but for the current kind of stats that are exported I couldn't think of any reasonable way to export them.

> Here are the stats we believe to be useful:
> 
> Login/Logout
> - total number login success/time
> - total number login failure/time
..

I'll look at these later in more detail, but some important questions / design decisions:

Currently stats process only remembers things after Dovecot was started. I don't think getting these kind of numbers would really work like that. Perhaps all of the statistics should be permanently dumped to disk every ~minute or so + at shutdown and loaded at startup, so the numbers would at least normally always just increase since the first time Dovecot was started?

> Mailbox state
> - Inflow rate (number incoming messages/time)
> - Deleted rate (number \Deleted flagged messages/time)

These operations/time type of things I had hoped to be able to externalize :) If stats process simply gives the raw stats, the reader could do this kind of summing up. Otherwise .. well, I guess it could maybe keep track of the current ops/<last 60 secs> and the reader would then have to read the value about once a minute or half or something. It wouldn't give exact results though.

> Performance
> - minimum time to write a message
> - maximum time to write a message
> - average time to write a message

Within last .. day? hour? minute? ..

From ghe at slsware.com  Sat Jun  2 01:23:16 2012
From: ghe at slsware.com (Glenn English)
Date: Fri, 1 Jun 2012 16:23:16 -0600
Subject: [Dovecot] auth trouble
In-Reply-To: <AFCD81EE-2ABF-454F-8234-642D89A0F63C@slsware.com>
References: <AFCD81EE-2ABF-454F-8234-642D89A0F63C@slsware.com>
Message-ID: <41E18AC0-6F33-49C8-838B-F5F2B4132449@slsware.com>

I forgot to include this config info:

> # 1.0.15: /etc/dovecot/dovecot.conf
> log_timestamp: %Y-%m-%d %H:%M:%S 
> protocols: imap pop3
> ssl_listen: *
> ssl_disable: yes
> disable_plaintext_auth: no
> login_dir: /var/run/dovecot/login
> login_executable(default): /usr/lib/dovecot/imap-login
> login_executable(imap): /usr/lib/dovecot/imap-login
> login_executable(pop3): /usr/lib/dovecot/pop3-login
> login_max_processes_count: 12
> mail_privileged_group: mail
> mail_executable(default): /usr/lib/dovecot/imap
> mail_executable(imap): /usr/lib/dovecot/imap
> mail_executable(pop3): /usr/lib/dovecot/pop3
> mail_plugin_dir(default): /usr/lib/dovecot/modules/imap
> mail_plugin_dir(imap): /usr/lib/dovecot/modules/imap
> mail_plugin_dir(pop3): /usr/lib/dovecot/modules/pop3
> pop3_uidl_format(default): 
> pop3_uidl_format(imap): 
> pop3_uidl_format(pop3): %08Xu%08Xv
> auth default:
>   mechanisms: plain login
>   verbose: yes
>   passdb:
>     driver: pam
>   userdb:
>     driver: passwd
>   socket:
>     type: listen
>     client:
>       path: /var/spool/postfix/private/auth
>       mode: 432
>       user: postfix
>       group: postfix


-- 
Glenn English
hand-wrapped from my Apple Mail




From p at state-of-mind.de  Sat Jun  2 07:57:32 2012
From: p at state-of-mind.de (Patrick Ben Koetter)
Date: Sat, 2 Jun 2012 06:57:32 +0200
Subject: [Dovecot] dovecot stats: useful data to gather
In-Reply-To: <F4410821-2D85-4E32-AF5B-9815308E5504@iki.fi>
References: <20120601205839.GG2176@state-of-mind.de>
	<F4410821-2D85-4E32-AF5B-9815308E5504@iki.fi>
Message-ID: <20120602045732.GB16571@state-of-mind.de>

* Timo Sirainen <dovecot at dovecot.org>:
> On 1.6.2012, at 23.58, Patrick Ben Koetter wrote:
> 
> > Besides pulling together all the data we also think it would be useful to have
> > an SNMP interface to access the stats.
> 
> I had thought about SNMP before also, but for the current kind of stats that
> are exported I couldn't think of any reasonable way to export them.

I am not an expert on SNMP, others in my office are, but as I understand it
there's no need for Dovecot to export the data. AFAIK Dovecot would have to
offer a subagent, which could be queried by a SNMP server.

If we need more knowledge on SNMP I can ask my folks on the team to give some
guidance. For the moment I found this:
<http://net-snmp.sourceforge.net/wiki/index.php/TUT:Writing_a_Subagent>

> > Here are the stats we believe to be useful:
> > 
> > Login/Logout
> > - total number login success/time
> > - total number login failure/time
> ..
> 
> I'll look at these later in more detail, but some important questions / design decisions:
> 
> Currently stats process only remembers things after Dovecot was started. I
> don't think getting these kind of numbers would really work like that.
> Perhaps all of the statistics should be permanently dumped to disk every
> ~minute or so + at shutdown and loaded at startup, so the numbers would at
> least normally always just increase since the first time Dovecot was
> started?

ACK. My understanding is: Statistical data are moments in time. The
application provides these snapshots. It is up to other protocols (e.g. SNMP)
and software (e.g. RRD) to gather and create time series and also to relate
data to each other in order to come up with ratios, timelines etc.

This might be a good opportunity to check out Howard's MDB database (in order
to get around potential future law suits concerning BDB usage ...).
<http://highlandsun.com/hyc/mdb/>


> > Mailbox state
> > - Inflow rate (number incoming messages/time)
> > - Deleted rate (number \Deleted flagged messages/time)
> 
> These operations/time type of things I had hoped to be able to externalize
> :) If stats process simply gives the raw stats, the reader could do this
> kind of summing up. Otherwise .. well, I guess it could maybe keep track of
> the current ops/<last 60 secs> and the reader would then have to read the
> value about once a minute or half or something. It wouldn't give exact
> results though.

ACK. I'd externalize them too. So dump the /time aspect and only give raw data
at moment of query.


> > Performance
> > - minimum time to write a message
> > - maximum time to write a message
> > - average time to write a message
> 
> Within last .. day? hour? minute? ..

Concerning "message write time": the time the last message had to be written.

In general the stats update interval should be configurable in order to adapt
it to the overall system performance. Makes no sense to bring down the server
by gathering stats every nano second unless one likes self-induced DOS. ;)

It would probably be a useful strategy to update internal data on every event
and answer SNMP queries from memory but write the data to disc every once in a
while to have them when the server restarts. Besides that I don't see a use
case for sharing such data between processes such as exporting them to
memcache or anything alike. Do you?

p at rick

-- 
state of mind ()

http://www.state-of-mind.de

Franziskanerstra?e 15      Telefon +49 89 3090 4664
81669 M?nchen              Telefax +49 89 3090 4666

Amtsgericht M?nchen        Partnerschaftsregister PR 563


From lists at wildgooses.com  Sat Jun  2 12:20:14 2012
From: lists at wildgooses.com (Ed W)
Date: Sat, 02 Jun 2012 10:20:14 +0100
Subject: [Dovecot] interesting stats pattern
In-Reply-To: <0EA5B4DB-56B5-4BD1-9CD9-A40544BAEF2F@iki.fi>
References: <C08B696C-340F-4904-8B40-946011CD47B4@xs4all.nl>
	<A15CE429-C608-4616-9B87-485ABB219C6D@iki.fi>
	<3B402F75-31CE-47C1-8107-9F7C33D58A77@xs4all.nl>
	<0EA5B4DB-56B5-4BD1-9CD9-A40544BAEF2F@iki.fi>
Message-ID: <4FC9DACE.3010909@wildgooses.com>

On 29/05/2012 19:13, Timo Sirainen wrote:
> On 29.5.2012, at 21.03, Cor Bosman wrote:
>
>> es, I am getting a list of sessions/users every 5 minutes through cron. Im already using "doveadm stats dump session/user connected"
> Actually that's not really correct behavior either, since it ignores all the connections that happened during the 5 minutes if they don't exist at the time when you're asking for them. I'm not sure what the most correct way to do this kind of a graph would be :)

I muttered about some ideas for enhanced login/logout tracking some 
months back.  Perhaps this would be another example of a motivation to 
use it for something?  Could either the login scripting or a plugin be 
used to build this type of login tracking?

(My goal is to eventually do per user "are you logged in" tracking)

Just a thought

Ed W

From lists at wildgooses.com  Sat Jun  2 12:23:50 2012
From: lists at wildgooses.com (Ed W)
Date: Sat, 02 Jun 2012 10:23:50 +0100
Subject: [Dovecot] Strange Dovecot 2.0.20 auth chokes and cores
In-Reply-To: <4FC649FC.2010703@mssl.ucl.ac.uk>
References: <mailman.600.1338392761.3160.dovecot@dovecot.org>
	<4FC649FC.2010703@mssl.ucl.ac.uk>
Message-ID: <4FC9DBA6.80601@wildgooses.com>

On 30/05/2012 17:25, Alan Brown wrote:
>> Is any problem with epoll on 3.2.x kernels?
>
> Yes - and it's been discussed here.
>
> Some "bright spark" rewrote the kernel epoll code to prevent DoS 
> attacks caused by "excessive forking".
>

Do you have a link to the previous discussions?  This is new to me? 
Can't find it immediately in the list?

Cheers

Ed W

From lists at wildgooses.com  Sat Jun  2 12:53:36 2012
From: lists at wildgooses.com (Ed W)
Date: Sat, 02 Jun 2012 10:53:36 +0100
Subject: [Dovecot] Can we know when a user read our email?
In-Reply-To: <1337013487.4384.58.camel@innu>
References: <CAAJD-mAcEqzJcHYODkReWn6BuzV3B8c3MPE+ceWmtWqCDdmBuQ@mail.gmail.com>
	<1337013487.4384.58.camel@innu>
Message-ID: <4FC9E2A0.9070905@wildgooses.com>

On 14/05/2012 17:38, Timo Sirainen wrote:
> On Mon, 2012-05-14 at 08:56 -0700, Beto Moreno wrote:
>
>>   I have seen some emails servers that if I send a email to other
>> person I can see if that person have read our emails and with a option
>> to delete the email if the person hasn't read our email.
>>
>>   Does dovecot have some like this feature?
> This doesn't really work with IMAP/POP3 protocols. It requires Exchange
> or something else.
>
> What would be possible is to check if a user has _downloaded_ your
> message, but many clients download messages immediately when they arrive
> so it might not be very useful. And in any case Dovecot has no such
> feature.

Just to register interest, but at some point I will need to consider 
writing a plugin or similar to achieve exactly this.

Situation is that several of our competitors offer such a feature, ie 
known pool of users on dialup or intermittently connected systems, 
provide an alert back to the sender when your email has been 
"accessed/downloaded" by the remote user.

Personally I don't think it's a great feature and my competitor's 
implementations often cause mail loops and other nasties.  However, 
bottom line is that you can't win the bid if you can't offer the feature...

Feels like a plugin rather than core functionality, but would be cool if 
someone wanted to produce something...

Cheers

Ed W

From h.reindl at thelounge.net  Sat Jun  2 13:02:55 2012
From: h.reindl at thelounge.net (Reindl Harald)
Date: Sat, 02 Jun 2012 12:02:55 +0200
Subject: [Dovecot] Can we know when a user read our email?
In-Reply-To: <4FC9E2A0.9070905@wildgooses.com>
References: <CAAJD-mAcEqzJcHYODkReWn6BuzV3B8c3MPE+ceWmtWqCDdmBuQ@mail.gmail.com>
	<1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com>
Message-ID: <4FC9E4CF.9070108@thelounge.net>



Am 02.06.2012 11:53, schrieb Ed W:
> On 14/05/2012 17:38, Timo Sirainen wrote:
>> On Mon, 2012-05-14 at 08:56 -0700, Beto Moreno wrote:
>>
>>>   I have seen some emails servers that if I send a email to other
>>> person I can see if that person have read our emails and with a option
>>> to delete the email if the person hasn't read our email.
>>>
>>>   Does dovecot have some like this feature?
>> This doesn't really work with IMAP/POP3 protocols. It requires Exchange
>> or something else.
>>
>> What would be possible is to check if a user has _downloaded_ your
>> message, but many clients download messages immediately when they arrive
>> so it might not be very useful. And in any case Dovecot has no such
>> feature.
> 
> Situation is that several of our competitors offer such a feature

others doing something stupid is not a good argument

> provide an alert back to the sender when your email has been
> "accessed/downloaded" by the remote user.

you realize that this is only possible if the RCPT is on
your own server and not remote mails?

> Personally I don't think it's a great feature and my competitor's implementations 
> often cause mail loops and other nasties

which should be enough for argumentation why such things are
making more damage as they solve problems and they are only
working for non-relay mails

> However, bottom line is that you can't win the bid if you can't offer the feature...

surely YOU can win, you must learn to sell quality and explain
why you are not doing anything someone wishes if you are sure
that it is a bd idea

why would i want a customer which enforces me to impelement a solution
where i am sure that it is stupid - if he does not understand my
argumentation he better is not my customer

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 262 bytes
Desc: OpenPGP digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20120602/89580aa7/attachment.bin>

From CMarcus at Media-Brokers.com  Sat Jun  2 13:32:28 2012
From: CMarcus at Media-Brokers.com (Charles Marcus)
Date: Sat, 02 Jun 2012 06:32:28 -0400
Subject: [Dovecot] Strange Dovecot 2.0.20 auth chokes and cores
In-Reply-To: <4FC9DBA6.80601@wildgooses.com>
References: <mailman.600.1338392761.3160.dovecot@dovecot.org>
	<4FC649FC.2010703@mssl.ucl.ac.uk> <4FC9DBA6.80601@wildgooses.com>
Message-ID: <4FC9EBBC.4060207@Media-Brokers.com>

On 2012-06-02 5:23 AM, Ed W <lists at wildgooses.com> wrote:
> On 30/05/2012 17:25, Alan Brown wrote:
>>> Is any problem with epoll on 3.2.x kernels?
>>
>> Yes - and it's been discussed here.
>>
>> Some "bright spark" rewrote the kernel epoll code to prevent DoS
>> attacks caused by "excessive forking".

> Do you have a link to the previous discussions?  This is new to me?
> Can't find it immediately in the list?

http://dovecot.org/list/dovecot/2012-February/064004.html

-- 

Best regards,

Charles

From anmeyer at anup.de  Sat Jun  2 14:43:45 2012
From: anmeyer at anup.de (Andreas Meyer)
Date: Sat, 2 Jun 2012 13:43:45 +0200
Subject: [Dovecot] sieve with dovecot v1.x
Message-ID: <20120602134345.022f4473@itx.bitcorner.intern>

Hello!

Is there a chance to have sieve working with dovecot version 1.0.5?

/usr/lib/dovecot looks like this:

-rwxr-xr-x 1 root root  43932 22. Sep 2007  checkpassword-reply
-rwxr-xr-x 1 root root 538996 22. Sep 2007  deliver
-rwxr-xr-x 1 root root 127728 22. Sep 2007  dict
-rwxr-xr-x 1 root root 270248 22. Sep 2007  dovecot-auth
-rwxr-xr-x 1 root root  43952 22. Sep 2007  gdbhelper
-rwxr-xr-x 1 root root  48080 22. Sep 2007  idxview
-rwxr-xr-x 1 root root 596364 22. Sep 2007  imap
-rwxr-xr-x 1 root root 135912 22. Sep 2007  imap-login
-rwxr-xr-x 1 root root  43952 22. Sep 2007  logview
drwxr-xr-x 5 root root   4096 23. Dez 2008  modules
-rwxr-xr-x 1 root root 529512 22. Sep 2007  pop3
-rwxr-xr-x 1 root root 127660 22. Sep 2007  pop3-login
-rwxr-xr-x 1 root root  69056 22. Sep 2007  rawlog
-rwxr-xr-x 1 root root 134748 22. Sep 2007  sievec
-rwxr-xr-x 1 root root  68748 22. Sep 2007  sieved
-rwxr-xr-x 1 root root  44116 22. Sep 2007  ssl-build-param

so there is a sievec and a sieved, but in the dovecot.conf there
is no mention about sieve.

I would compile the latest version of dovecot if I knew, how the
running 1.0.5 was built. I need it for an openSUSE 10.3

Kind regards

  Andreas

From stephan at rename-it.nl  Sat Jun  2 14:51:50 2012
From: stephan at rename-it.nl (Stephan Bosch)
Date: Sat, 02 Jun 2012 13:51:50 +0200
Subject: [Dovecot] sieve with dovecot v1.x
In-Reply-To: <20120602134345.022f4473@itx.bitcorner.intern>
References: <20120602134345.022f4473@itx.bitcorner.intern>
Message-ID: <4FC9FE56.10701@rename-it.nl>

On 6/2/2012 1:43 PM, Andreas Meyer wrote:
> Hello!
>
> Is there a chance to have sieve working with dovecot version 1.0.5?

Yes, the old CMUSieve plugin should work for that. By the looks of it, 
it is already installed, so you'll only need to configure it:

http://wiki1.dovecot.org/LDA/Sieve/CMU#Configuring

Regards,

Stephan.



From anmeyer at anup.de  Sat Jun  2 15:22:55 2012
From: anmeyer at anup.de (Andreas Meyer)
Date: Sat, 2 Jun 2012 14:22:55 +0200
Subject: [Dovecot] sieve with dovecot v1.x
In-Reply-To: <4FC9FE56.10701@rename-it.nl>
References: <20120602134345.022f4473@itx.bitcorner.intern>
	<4FC9FE56.10701@rename-it.nl>
Message-ID: <20120602142255.2486c724@itx.bitcorner.intern>

Hello!

Stephan Bosch <stephan at rename-it.nl> wrote:

> On 6/2/2012 1:43 PM, Andreas Meyer wrote:
> > Hello!
> >
> > Is there a chance to have sieve working with dovecot version 1.0.5?
> 
> Yes, the old CMUSieve plugin should work for that. By the looks of it, 
> it is already installed, so you'll only need to configure it:
> 
> http://wiki1.dovecot.org/LDA/Sieve/CMU#Configuring

Ok, I have done that. How can I know, if sieve now works with dovecot?
When I login with roundcube, in the settings I have a "Filter-Tab" but
when I click on it it says "not possible to connect to server" or somesuch.

> Regards,
> 
> Stephan.

  Andreas

From stephan at rename-it.nl  Sat Jun  2 15:33:05 2012
From: stephan at rename-it.nl (Stephan Bosch)
Date: Sat, 02 Jun 2012 14:33:05 +0200
Subject: [Dovecot] Exposing global (default) sieve script through
	Managesieve
In-Reply-To: <20120601182659.GA19340@login.drsnuggles.stderr.nl>
References: <20120601182659.GA19340@login.drsnuggles.stderr.nl>
Message-ID: <4FCA0801.9040409@rename-it.nl>

Hi Matthijs,

On 6/1/2012 8:27 PM, Matthijs Kooijman wrote:
> I'm setting up a dovecot server with managesieve support. I'd like to
> offer spamfiltering through a Sieve script to my users by default,
> but still allow them to modify the filtering rules through Managesieve.
>
> I found the sieve_global_path configuration option, which seems perfect
> for what I want. I can configure a default script there, which will work
> for all users until they set upload their own sieve script using
> managesieve.
>
> However, when configured like this, the user experience isn't quite
> perfect. When users open the managesieve interface on their client,
> there is no trace of the default filters, so users might think the
> spamfiltering is done in some other manner. Now, when they create a
> filtering rule (e.g., to sort out mail to mailing lists), that rule will
> overwrite the default spamfiltering rule causing all the spam to spill
> into the user's mailbox. I'm afraid that most users won't realize they
> have to manually recreate the spamfiltering rule to fix this. Also, they
> might not know how to write the rule, even if they do...

You asked this one on IRC a while back right?

> I've considered a few existing ways to fix this:
>   - Use sieve_before / sieve_after to make sure that the default script
>     is always executed, in addition to any user-supplied scripts. This
>     removes the surprise, but removes the option for users to tweak the
>     spamfiltering rules.

Right.

>   - Don't use sieve_global_path, but instead distribute the default
>     script to each user's homedir on user creation. This prevents making
>     changes to the default script for existing users and in my setup,
>     user creation and (mail)homedir creation are nicely separated through
>     an LDAP directory, I'd rather not go this route.

Well, we could achieve something that looks very similar from the 
outside: we could do some sort of copy-on-write scheme in which users 
see the default script as the active one, until they first modify their 
Sieve configuration through ManageSieve. Once they modify their default 
script, they'll get their own copy. If they activate a script different 
from the default and then later decide to deactivate it, their default 
will not return as the (implicit) active one.  This would be very 
different from the current global default script behavior. It is more 
like an initial placeholder and template, than something that is always 
active when the user has no active script of its own.

>   - When using the Roundcube webmail application as the IMAP client, I
>     can point Roundcube at the default sieve script. Now, when Roundcube
>     sees there are no scripts through ManageSieve, it shows a (fake)
>     "default" script with the correct contents. As soon as the user
>     changes this script or creates a new script, it is actually uploaded
>     to Dovecot, causing the edited script to be used instead of the
>     global script
>
>     This option has the user experience I'm looking for, but having this
>     out-of-band connection from Roundcube to the default script
>     configured with dovecot is ugly (and tricky, since these run on
>     different hosts in my setup). The biggest problem is of course that
>     this only works for Roundcube, not for any other IMAP client my users
>     might use.

Agreed, this is ugly since it uses a side-channel. Client dependence is 
also very bad.

> So, I was wondering: Wouldn't it make sense for the managesieve plugin
> to do something similar to roundcube: When the user has no sieve script
> configured, let it fake a single "default" script, showing the contents
> of the global script?
>
> Since the ManageSieve protocol doesn't seem to support any way to flag
> this situation, it would be fooling the clients a bit, but I'm not sure
> if that's really a problem.
>
> While the user has not script named "default" in his sieve_dir:
>   - include a script called "default" in the LISTSCRIPTS output.
>   - return the contents of the sieve_global_path in the GETSCRIPT
>     "default" command.
>   - remove any sieve symlink after a SETACTIVE "default" command (as if
>     SETACTIVE "" was given). This causes dovecot to fall back to the
>     sieve_global_path script.
>   - the DELETESCRIPT "default" command should fail. This might confuse
>     clients and users, since it is listed in LISTSCRIPTS but cannot be
>     deleted, but I think most users will understand they can't delete the
>     default script.
>   - RENAMESCRIPT "default" "some_name" should copy the sieve_global_path
>     script into the user's sieve_dir. This will effectively copy the
>     script instead of renaming it (since it will still be magically
>     listed in LISTSCRIPTS), so that might be confusing.
>
> All other commands work just like they do now (in particular,
> PUTSCRIPT "default" uploads a script called "default" into the user's
> sieve_dir, preventing all of the above from applying.

This looks sensible. The only thing that may be an issue is the 
DELETESCRIPT "default" situation you describe above, but I'm confident 
most - if not all clients - will handle that gracefully.

> As noted above, this change might cause some confusion, but I think that
> is manageable. On additional thing is that running SETACTIVE "" will not
> completely disable sieve processing (as would be expected), but will
> (again) cause the sieve_global_path script to be run. This is already
> the case currently, though, and should probably be considered a separate
> problem (whose root cause is the lack of a difference between "no script
> script configured yet" and "active script disabled", both remove the
> sieve symlink). Also, this problem might be a feature in some setups, so
> fixing it might not be so easy...

The copy-on-write scheme I describe above may solve this, as it 
remembers (somehow) the status of the account: either an 
untouched/unconfigured account or an account with no active scripts. 
This behavior could be combined with the solution you describe above.

> Any fundamental problems I'm missing? (Not-so) obvious alternatives?

None that I see right now.

In my last release of Pigeonhole I added support for putting scripts 
inside a dict database (or any other storage facility once implemented). 
Support for ManageSieve accessing such alternative data stores is 
lacking still, but, once I implement that, I also intend to address the 
issue you describe here. I'm probably going to structure it very similar 
to Dovecot's own mail storage library, meaning that plugins can override 
certain aspects of the storage's behavior.  This should allow for all 
kinds of magic in the script storage, including what you describe above.

As always, such big changes will take some time...

Regards,

Stephan.




From stephan at rename-it.nl  Sat Jun  2 15:40:18 2012
From: stephan at rename-it.nl (Stephan Bosch)
Date: Sat, 02 Jun 2012 14:40:18 +0200
Subject: [Dovecot] sieve with dovecot v1.x
In-Reply-To: <20120602142255.2486c724@itx.bitcorner.intern>
References: <20120602134345.022f4473@itx.bitcorner.intern>
	<4FC9FE56.10701@rename-it.nl>
	<20120602142255.2486c724@itx.bitcorner.intern>
Message-ID: <4FCA09B2.9070900@rename-it.nl>

On 6/2/2012 2:22 PM, Andreas Meyer wrote:
> Ok, I have done that. How can I know, if sieve now works with dovecot? 
> When I login with roundcube, in the settings I have a "Filter-Tab" but 
> when I click on it it says "not possible to connect to server" or 
> somesuch.

Oh, you didn't mention using RoundCube earlier. That implies the need of 
ManageSieve. You'll need to configure the following as well:

http://wiki1.dovecot.org/ManageSieve

Your earlier directory listing indicates that it is not installed on 
your system; the managesieve and managesieve-login binaries would be 
located there if it were. Check whether that version of opensuse has a 
package for dovecot-managesieve or compile it yourself if it is missing. 
If that is difficult, the following could be an alternative:

http://www.gitorious.net/pysieved/pages/Home

Regards,

Stephan.

From anmeyer at anup.de  Sat Jun  2 16:50:22 2012
From: anmeyer at anup.de (Andreas Meyer)
Date: Sat, 2 Jun 2012 15:50:22 +0200
Subject: [Dovecot] sieve with dovecot v1.x
In-Reply-To: <4FCA09B2.9070900@rename-it.nl>
References: <20120602134345.022f4473@itx.bitcorner.intern>
	<4FC9FE56.10701@rename-it.nl>
	<20120602142255.2486c724@itx.bitcorner.intern>
	<4FCA09B2.9070900@rename-it.nl>
Message-ID: <20120602155022.46d523f8@itx.bitcorner.intern>

Hello!

Stephan Bosch <stephan at rename-it.nl> wrote:

> Oh, you didn't mention using RoundCube earlier. That implies the need of 
> ManageSieve. You'll need to configure the following as well:
> 
> http://wiki1.dovecot.org/ManageSieve
> 
> Your earlier directory listing indicates that it is not installed on 
> your system; the managesieve and managesieve-login binaries would be 
> located there if it were. Check whether that version of opensuse has a 
> package for dovecot-managesieve or compile it yourself if it is missing. 
> If that is difficult, the following could be an alternative:
> 
> http://www.gitorious.net/pysieved/pages/Home

I think pysieved is the only chance I have. I have installed it and
activated by xinetd. But now I have the problem that the dovecot.conf
says:

auth default {
  mechanisms = plain
  passdb passwd-file {
  args = /etc/dovecot/passwd
  }

and the install howto of pysieved says:

   auth default {
      socket listen {
        client {
          path = /var/run/dovecot/auth-client
          mode = 0666
        }
      }
    }

pysieved.ini :
    [Dovecot]
    mux = /var/run/dovecot/auth-client

what can I do now?

> 
> Regards,
> 
> Stephan.

  Andreas

From el07694 at mail.ntua.gr  Sat Jun  2 17:52:05 2012
From: el07694 at mail.ntua.gr (el07694)
Date: Sat, 02 Jun 2012 17:52:05 +0300
Subject: [Dovecot] postfix+dovecat: virtual domains with imap+lmtp
Message-ID: <736cef15e590276154fedb52401aa83b@mail.ntua.gr>

 Hi to all,

 I have tryed a few days to configure postfix/dovecot to run into a VPS 
 machine (CentOs)
 -->The machine has 2 domains (but more in the future)
 -->i want info at mail.domain1.com and info at mail.domain2.com to be 
 seperated mailboxes
 -->i want to use lmtp protocol to connect dovecot with postfix
 -->It will be perfect if i can use the system users for authentication

 I /etc/postfix/main.cf file looks like this

 smtpd_soft_error_limit = 10
 smtpd_hard_error_limit = 20
 masquerade_domains = mail.going-on.com mail.commundi.de
 masquerade_exceptions = root, papinhio
 relocated_maps = hash:/etc/postfix/relocated
 smtpd_client_restrictions = check_client_access 
 hash:/etc/postfix/access
 virtual_mailbox_domains = mail.going-on.com mail.commundi.de
 virtual_mailbox_base = /var/spool/virtual_hosts
 virtual_mailbox_maps = hash:/etc/postfix/virtual
 virtual_uid_maps = static:0
 virtual_gid_maps = static:0
 mailbox_command = /usr/libexec/dovecot/dovecot-lda -f "$SENDER" -a 
 "$RECIPIENT"
 dovecot_destination_recipient_limit = 1
 mailbox_transport = lmtp:unix:private/dovecot-lmtp

 /etc/postfix/relocated file has only comments
 the same for /etc/postfix/access file
 i have made /var/spool/virtual_hosts folder with chmod 777
 inside this folder i have made mail.going-on.com folder and 
 mail.commundi.de folder

 cat /etc/postfix/virtual produce this:
 papinhio at mail.going-on.com mail.going-on.com/papinhio

 papinhio is a system_user!!

 uid,gid = 0 (the root user)

 master.cf file


 #
 # Postfix master process configuration file.  For details on the format
 # of the file, see the master(5) manual page (command: "man 5 master").
 #
 # 
 ==========================================================================
 # service type  private unpriv  chroot  wakeup  maxproc command + args
 #               (yes)   (yes)   (yes)   (never) (100)
 # 
 ==========================================================================
 smtp      inet  n       -       n       -       -       smtpd
 submission inet n       -       n       -       -       smtpd
   -o smtpd_enforce_tls=yes
   -o smtpd_sasl_auth_enable=yes
   -o smtpd_sasl_type=dovecot
   -o smtpd_sasl_path=private/auth
   -o smtpd_sasl_security_options=noanonymous
   -o smtpd_sasl_local_domain=$myhostname
   -o smtpd_client_restrictions=permit_sasl_authenticated,reject
   -o smtpd_sender_login_maps=hash:/etc/postfix/virtual
 pickup    fifo  n       -       -       60      1       pickup
 cleanup   unix  n       -       -       -       0       cleanup
 qmgr      fifo  n       -       n       300     1       qmgr
 #qmgr     fifo  n       -       n       300     1       oqmgr
 tlsmgr    unix  -       -       n       1000?   1       tlsmgr
 rewrite   unix  -       -       n       -       -       trivial-rewrite
 bounce    unix  -       -       n       -       0       bounce
 defer     unix  -       -       n       -       0       bounce
 trace     unix  -       -       n       -       0       bounce
 verify    unix  -       -       n       -       1       verify
 flush     unix  n       -       n       1000?   0       flush
 proxymap  unix  -       -       n       -       -       proxymap
 smtp      unix  -       -       n       -       -       smtp

 relay     unix  -       -       n       -       -       smtp
         -o fallback_relay=

 showq     unix  n       -       n       -       -       showq
 error     unix  -       -       n       -       -       error
 discard   unix  -       -       n       -       -       discard
 local     unix  -       n       n       -       -       local
 virtual   unix  -       n       n       -       -       virtual
 lmtp      unix  -       -       n       -       -       lmtp
 anvil     unix  -       -       n       -       1       anvil
 scache    unix  -       -       n       -       1       scache


 maildrop  unix  -       n       n       -       -       pipe
   flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
 #
 # The Cyrus deliver program has changed incompatibly, multiple times.
 #
 old-cyrus unix  -       n       n       -       -       pipe
   flags=R user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -m 
 ${extension} ${user}
 # Cyrus 2.1.5 (Amos Gouaux)
 # Also specify in main.cf: cyrus_destination_recipient_limit=1
 cyrus     unix  -       n       n       -       -       pipe
   user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -r ${sender} -m 
 ${extension} ${user}
 #
 # See the Postfix UUCP_README file for configuration details.
 #
 uucp      unix  -       n       n       -       -       pipe
   flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail 
 ($recipient)

 ifmail    unix  -       n       n       -       -       pipe
   flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
 bsmtp     unix  -       n       n       -       -       pipe
   flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop 
 $recipient
 dovecot   unix  -       n       n       -       -       pipe
   flags=DRhu user=root:root argv=/usr/local/libexec/dovecot/dovecot-lda 
 -f ${sender} -d ${recipient}




 Ok, the /etc/dovecot/dovecot.conf file looks like this:

 !include conf.d/*.conf
 !include_try local.conf

 protocols = imap lmtp
 service lmtp {
  unix_listener /var/spool/postfix/private/dovecot-lmtp {
    group = postfix
    mode = 0660
    user = postfix
   }
 }


 protocol lmtp {
   mail_plugins = quota sieve
 }



 mail_location = mbox:/var/spool/virtual_hosts/%d/%n


 Both of the services can start this no errors/warnings
 I can send mail from bash with this command : /bin/mail -s "Hello" 
 "el07694 at mail.ntua.gr" < /etc/dovecot/dovecot.conf

 Can anyone help me, plz?
 I don't know what i do wrong

 Thanks in advance,
 Chris Pappas



From christian.rohmann at frittentheke.de  Sat Jun  2 17:57:50 2012
From: christian.rohmann at frittentheke.de (Christian Rohmann)
Date: Sat, 02 Jun 2012 16:57:50 +0200
Subject: [Dovecot] dovecot stats: useful data to gather
In-Reply-To: <20120601205839.GG2176@state-of-mind.de>
References: <20120601205839.GG2176@state-of-mind.de>
Message-ID: <4FCA29EE.80206@frittentheke.de>

On 01.06.2012 22:58, Patrick Ben Koetter wrote:
> [...] I sat down and put together a list of stat items we think to be useful in daily
> dovecot usage.

Quite a list. But I believe most of those values are quite useful and I 
would also love to see such a rich set of measurements being available.

> Besides pulling together all the data we also think it would be useful to have
> an SNMP interface to access the stats. Our offer to create and contribute a
> standalone web interface for dovecot stats stands.

Yes, I second that. Otherwise quite a few installation will just hook 
the dovecot commands to netsnmp handlers, which is not a pretty solution.

Maybe dovecot could also do the SNMP for statistics that plugins 
provide? I'm thinking managesieve access, sieve processing or expire here.




Regards


Christian

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4076 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20120602/edb90409/attachment.bin>

From arne at drlinux.no  Sat Jun  2 18:33:32 2012
From: arne at drlinux.no (Arne K. Haaje)
Date: Sat, 02 Jun 2012 17:33:32 +0200
Subject: [Dovecot] sieve with dovecot v1.x
In-Reply-To: <20120602155022.46d523f8@itx.bitcorner.intern>
References: <20120602134345.022f4473@itx.bitcorner.intern>
	<4FC9FE56.10701@rename-it.nl>
	<20120602142255.2486c724@itx.bitcorner.intern>
	<4FCA09B2.9070900@rename-it.nl>
	<20120602155022.46d523f8@itx.bitcorner.intern>
Message-ID: <4FCA324C.4070201@drlinux.no>

Den 02.06.2012 15:50, skrev Andreas Meyer:
[snip]

>
> what can I do now?
>
>>
>> Regards,
>>
>> Stephan.
>
>    Andreas

You also need to tell roundcube which port to connect to managesieve with.

Depending on which plugin you use for roundcube, find it's config-file 
and loook for an option like this;

$rcmail_config['managesieve_port'] = 4190;

With such an old verion, it may be that your port is 2000.

Regards,

Arne

-- 
Arne K. Haaje - Dr Linux
http://www.drlinux.no/  ::: arne at drlinux.no
LinkedIn: http://no.linkedin.com/pub/arne-haaje/27/189/bb

From me at junc.org  Sun Jun  3 01:12:40 2012
From: me at junc.org (Benny Pedersen)
Date: Sun, 03 Jun 2012 00:12:40 +0200
Subject: [Dovecot] postfix+dovecat: virtual domains with imap+lmtp
In-Reply-To: <736cef15e590276154fedb52401aa83b@mail.ntua.gr>
References: <736cef15e590276154fedb52401aa83b@mail.ntua.gr>
Message-ID: <db9cc49c4b5772cc715c7478c9b3dc93@junc.org>

Den 2012-06-02 16:52, el07694 skrev:

> virtual_uid_maps = static:0
> virtual_gid_maps = static:0

dont do this

> uid,gid = 0 (the root user)

root user cant read email

> dovecot   unix  -       n       n       -       -       pipe
>   flags=DRhu user=root:root
> argv=/usr/local/libexec/dovecot/dovecot-lda -f ${sender} -d
> ${recipient}

dont use root:root

http://wiki2.dovecot.org/LDA/Postfix

show postfix/dovecot logs for more help




From daniel.parthey at informatik.tu-chemnitz.de  Sun Jun  3 02:53:12 2012
From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey)
Date: Sun, 3 Jun 2012 01:53:12 +0200
Subject: [Dovecot] lmtp proxy timeout while waiting for reply to DATA
 reply
In-Reply-To: <1335833212.21461.82.camel@innu>
References: <20120428110023.GA9236@daniel.localdomain>
	<1335833212.21461.82.camel@innu>
Message-ID: <20120602235311.GA10756@daniel.localdomain>

Timo Sirainen wrote:
> On Sat, 2012-04-28 at 13:00 +0200, Daniel Parthey wrote:
> > we are experiencing similar sporadic data timeout issues with dovecot 2.0.20
> > as in http://dovecot.org/pipermail/dovecot/2011-June/059807.html
> > at least once a week. Some mails get temporarily deferred in the
> > postfix queue since dovecot director lmtp refuses them and the
> > mails are delivered at a later time.
> 
> [...] what isn't in v2.0 is the larger rewrite of the LMTP
> proxying code in v2.1, which I hope fixes also this timeout problem.

This Friday I did about 50 "sendmail -bv" commands in a loop to
check some postfix aliases, which resulted in a lot of mails to
the postmaster alias (which is distributed to about 10 people).

The result was about 11 bounces of the following type:

#####################################################################
Return-Path: <>
Received: from mail01.example.org ([10.129.3.233])
  by mail04.example.org (Dovecot) with LMTP id gl2gG3WyyE+faQAAUavrWA
  ; Fri, 01 Jun 2012 14:15:49 +0200
Return-Path: <>
Received: from mx01.example.org ([127.0.0.1])
  by mail01.example.org (Dovecot) with LMTP id zAL8MXCyyE8nLwAA3l+BKA
  ; Fri, 01 Jun 2012 14:15:49 +0200
RSET
RSET
#####################################################################

At the same time, the dovecot lmtp timeout errors occurred and
not all "sendmail -bv" mails got delivered.

Seems like a serious error and I will need to consider
upgrading to 2.1 if the bug cannot get fixed in 2.0.

Regards
Daniel

From daniel.parthey at informatik.tu-chemnitz.de  Sun Jun  3 03:10:49 2012
From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey)
Date: Sun, 3 Jun 2012 02:10:49 +0200
Subject: [Dovecot] dovecot stats: useful data to gather
In-Reply-To: <20120601205839.GG2176@state-of-mind.de>
References: <20120601205839.GG2176@state-of-mind.de>
Message-ID: <20120603001049.GA10970@daniel.localdomain>

Patrick Ben Koetter wrote:
> following our discussion on dovecot stats at the LinuxTag 2012 my team and I
> sat down and put together a list of stat items we think to be useful in daily
> dovecot usage.
> 
> Besides pulling together all the data we also think it would be useful to have
> an SNMP interface to access the stats. Our offer to create and contribute a
> standalone web interface for dovecot stats stands.

This should be done via SNMP subagent, but how could you differentiate
different dovecot instances on the same machine, different snmp ports
for the subagent, or different snmp trees?

> Here are the stats we believe to be useful:
> [...]

Here are the stats which I also consider to be useful:

Login/Logout:
- Hits/Misses for Logins via userdb cache

System resources:
- detailed memory usage of dovecot services (imap, worker, userdb cache)
- dovecot connections to mysql database
- dovecot connections to ldap
- director connections vs. backend connections

Regards,
Daniel

From daniel.parthey at informatik.tu-chemnitz.de  Sun Jun  3 03:18:18 2012
From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey)
Date: Sun, 3 Jun 2012 02:18:18 +0200
Subject: [Dovecot] lmtp proxy timeout while waiting for reply to DATA
 reply
In-Reply-To: <20120602235311.GA10756@daniel.localdomain>
References: <20120428110023.GA9236@daniel.localdomain>
	<1335833212.21461.82.camel@innu>
	<20120602235311.GA10756@daniel.localdomain>
Message-ID: <20120603001817.GB10970@daniel.localdomain>

Here are some additional errors from the logs:

# 2.0.20: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.32-40-server x86_64 Ubuntu 10.04.4 LTS 

Jun  1 10:43:37 10.129.3.233 dovecot: lmtp(16941): Panic: file lmtp-proxy.c: line 376 (lmtp_proxy_output_timeout): assertion failed: (proxy->data_input->eof)
Jun  1 10:43:37 10.129.3.233 dovecot: lmtp(16941): Error: Raw backtrace: /usr/lib/dovecot/libdovecot.so.0(+0x3a7ca) [0x7fa0d849c7ca] -> /usr/lib/dovecot/libdovecot.so.0(+0x3a816) [0x7fa0d849c816] -> /usr/lib/dovecot/libdovecot.so.0(+0x13e4a) [0x7fa0d8475e4a] -> dovecot/lmtp() [0x407477] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_handle_timeouts+0xd4) [0x7fa0d84a8224] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0x5b) [0x7fa0d84a8e3b] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_run+0x28) [0x7fa0d84a7e88] -> /usr/lib/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7fa0d8495d13] -> dovecot/lmtp(main+0x171) [0x404591] -> /lib/libc.so.6(__libc_start_main+0xfd) [0x7fa0d7cf1c4d] -> dovecot/lmtp() [0x404339]
Jun  1 11:27:09 10.129.3.200 dovecot: lmtp(32350): Panic: file lmtp-proxy.c: line 376 (lmtp_proxy_output_timeout): assertion failed: (proxy->data_input->eof)
Jun  1 11:27:09 10.129.3.200 dovecot: lmtp(32350): Error: Raw backtrace: /usr/lib/dovecot/libdovecot.so.0(+0x3a7ca) [0x7f18ec25b7ca] -> /usr/lib/dovecot/libdovecot.so.0(+0x3a816) [0x7f18ec25b816] -> /usr/lib/dovecot/libdovecot.so.0(+0x13e4a) [0x7f18ec234e4a] -> dovecot/lmtp() [0x407477] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_handle_timeouts+0xd4) [0x7f18ec267224] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0x5b) [0x7f18ec267e3b] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_run+0x28) [0x7f18ec266e88] -> /usr/lib/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7f18ec254d13] -> dovecot/lmtp(main+0x171) [0x404591] -> /lib/libc.so.6(__libc_start_main+0xfd) [0x7f18ebab0c4d] -> dovecot/lmtp() [0x404339]
Jun  1 11:27:37 10.129.3.200 dovecot: lmtp(32408): Panic: file lmtp-proxy.c: line 376 (lmtp_proxy_output_timeout): assertion failed: (proxy->data_input->eof)
Jun  1 11:27:37 10.129.3.200 dovecot: lmtp(32408): Error: Raw backtrace: /usr/lib/dovecot/libdovecot.so.0(+0x3a7ca) [0x7f97f07fe7ca] -> /usr/lib/dovecot/libdovecot.so.0(+0x3a816) [0x7f97f07fe816] -> /usr/lib/dovecot/libdovecot.so.0(+0x13e4a) [0x7f97f07d7e4a] -> dovecot/lmtp() [0x407477] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_handle_timeouts+0xd4) [0x7f97f080a224] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0x5b) [0x7f97f080ae3b] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_run+0x28) [0x7f97f0809e88] -> /usr/lib/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7f97f07f7d13] -> dovecot/lmtp(main+0x171) [0x404591] -> /lib/libc.so.6(__libc_start_main+0xfd) [0x7f97f0053c4d] -> dovecot/lmtp() [0x404339]

Regards,
Daniel

From daniel.parthey at informatik.tu-chemnitz.de  Sun Jun  3 03:37:09 2012
From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey)
Date: Sun, 3 Jun 2012 02:37:09 +0200
Subject: [Dovecot] lmtp proxy timeout while waiting for reply to DATA
 reply
In-Reply-To: <20120602235311.GA10756@daniel.localdomain>
References: <20120428110023.GA9236@daniel.localdomain>
	<1335833212.21461.82.camel@innu>
	<20120602235311.GA10756@daniel.localdomain>
Message-ID: <20120603003709.GA11672@daniel.localdomain>

Daniel Parthey wrote:
> This Friday I did about 50 "sendmail -bv" commands in a loop to
> check some postfix aliases, which resulted in a lot of mails to
> the postmaster alias (which is distributed to about 10 people).
> 
> The result was about 11 bounces
> 
> #####################################################################
> Return-Path: <>
> Received: from mail01.example.org ([10.129.3.233])
>   by mail04.example.org (Dovecot) with LMTP id gl2gG3WyyE+faQAAUavrWA
>   ; Fri, 01 Jun 2012 14:15:49 +0200
> Return-Path: <>
> Received: from mx01.example.org ([127.0.0.1])
>   by mail01.example.org (Dovecot) with LMTP id zAL8MXCyyE8nLwAA3l+BKA
>   ; Fri, 01 Jun 2012 14:15:49 +0200
> RSET
> RSET
> #####################################################################
> 
> At the same time, the dovecot lmtp timeout errors occurred and
> not all "sendmail -bv" mails got delivered.

Here's the backtrace which might be related to the bounces/timeout errors:

Jun  1 14:16:16 10.129.3.233 dovecot: lmtp(12093, username at example.de): Error: Transaction log /mail/dovecot/example.de/username/mail/mailboxes/INBOX/postmaster/dbox-Mails/dovecot.index.log: duplicate transaction log sequence (31)
Jun  1 14:16:16 10.129.3.233 dovecot: lmtp(12093, username at example.de): Panic: file mail-transaction-log-file.c: line 187 (mail_transaction_log_file_add_to_list): assertion failed: ((*p)->hdr.file_seq < file->hdr.file_seq)
Jun  1 14:16:16 10.129.3.233 dovecot: lmtp(12093, username at example.de): Error: Raw backtrace: /usr/lib/dovecot/libdovecot.so.0(+0x3a7ca) [0x7fbf514427ca] -> /usr/lib/dovecot/libdovecot.so.0(+0x3a816) [0x7fbf51442816] -> /usr/lib/dovecot/libdovecot.so.0(+0x13e4a) [0x7fbf5141be4a] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x9e0aa) [0x7fbf5192e0aa] -> /usr/lib/dovecot/libdovecot-storage.so.0(mail_transaction_log_file_open+0x1f8) [0x7fbf5192e328] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x9b363) [0x7fbf5192b363] -> /usr/lib/dovecot/libdovecot-storage.so.0(mail_transaction_log_find_file+0x3f) [0x7fbf5192b81f] -> /usr/lib/dovecot/libdovecot-storage.so.0(mail_transaction_log_view_set+0xcb) [0x7fbf5192fe3b] -> /usr/lib/dovecot/libdovecot-storage.so.0(mail_index_sync_map+0xbe) [0x7fbf5192713e] -> /usr/lib/dovecot/libdovecot-storage.so.0(mail_index_map+0x86) [0x7fbf51918976] -> /usr/lib/dovecot/libdovecot-storage.so.0(mail_index_refresh+0xe) [0x7fbf5191322e] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x80a65) [0x7fbf51910a65] -> /usr/lib/dovecot/libdovecot-storage.so.0(mail_cache_field_want_add+0x20) [0x7fbf51910c00] -> /usr/lib/dovecot/libdovecot-storage.so.0(index_mail_parse_header_init+0x198) [0x7fbf518d0d18] -> /usr/lib/dovecot/libdovecot-storage.so.0(index_mail_cache_parse_init+0x68) [0x7fbf518d11d8] -> /usr/lib/dovecot/libdovecot-storage.so.0(dbox_save_begin+0x68) [0x7fbf518eaf38] -> /usr/lib/dovecot/libdovecot-storage.so.0(mdbox_save_begin+0x85) [0x7fbf518e4b45] -> /usr/lib/dovecot/modules/lib10_quota_plugin.so(+0xb827) [0x7fbf5064a827] -> /usr/lib/dovecot/libdovecot-storage.so.0(mailbox_save_begin+0x46) [0x7fbf518ba0d6] -> /usr/lib/dovecot/libdovecot-storage.so.0(mail_storage_copy+0xa8) [0x7fbf518b45e8] -> /usr/lib/dovecot/libdovecot-storage.so.0(mdbox_copy+0x44) [0x7fbf518e4694] -> /usr/lib/dovecot/modules/lib10_quota_plugin.so(+0xb630) [0x7fbf5064a630] -> /usr/lib/dovecot/libdovecot-storage.so.0(mailbox_copy+0x5a) [0x7fbf518ba03a] -> /usr/lib/dovecot/libdovecot-sieve.so.0(+0x33293) [0x7fbf501f
Jun  1 14:16:16 10.129.3.233 dovecot: master: Error: service(lmtp): child 12093 killed with signal 6 (core dumps disabled)

Regards
Daniel

From brett.maxfield at gmail.com  Sun Jun  3 05:15:59 2012
From: brett.maxfield at gmail.com (Brett @Google)
Date: Sun, 3 Jun 2012 12:15:59 +1000
Subject: [Dovecot] Can we know when a user read our email?
In-Reply-To: <4FC9E4CF.9070108@thelounge.net>
References: <CAAJD-mAcEqzJcHYODkReWn6BuzV3B8c3MPE+ceWmtWqCDdmBuQ@mail.gmail.com>
	<1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com>
	<4FC9E4CF.9070108@thelounge.net>
Message-ID: <CAJiMZ94AdWYCRnactWKLv19PG92v=hHyCuVv3J1gJwTXnQDgxg@mail.gmail.com>

On Sat, Jun 2, 2012 at 8:02 PM, Reindl Harald <h.reindl at thelounge.net>wrote:

>
> Am 02.06.2012 11:53, schrieb Ed W:
> > On 14/05/2012 17:38, Timo Sirainen wrote:
> >> On Mon, 2012-05-14 at 08:56 -0700, Beto Moreno wrote:
> >>
> >>>   I have seen some emails servers that if I send a email to other
> >>> person I can see if that person have read our emails and with a option
> >>> to delete the email if the person hasn't read our email.
> >>>
> >>>   Does dovecot have some like this feature?
> >> This doesn't really work with IMAP/POP3 protocols. It requires Exchange
> >> or something else.
> >>
> >> What would be possible is to check if a user has _downloaded_ your
> >> message, but many clients download messages immediately when they arrive
> >> so it might not be very useful. And in any case Dovecot has no such
> >> feature.
>

As general thoughts..

This sounds more like a workgroup collaboration functionality. It assumes
that users in said workgroup all use the same outlook server (or they are
in an equivalent security domain or trust).

Outlook only lets you retract an email if the user is on the same outlook
server, and it has not been read/downloaded?. If the user is a different
email server or the mail has been read/downloaded?, the retract will always
fail.

So it would be no different in for dovecot. If the mail to be retracted was
on the local mailer spool then in theory it could be removed.. but it is
basically allowing a third party to delete things out of some other user's
mail spool, with the precondition that they sent the original email AND the
mail has not been read (downloaded) from the dovecot server. This would
mean that dovecot would need to somehow securely tag when an email is
authorized and delivered by dovecot, say from a the postfix lda, such that
it could later match up a subsequent request to retract said email, to the
user that sent it. Outlook is more like IMAP than POP, in that mail stays
on the server but is locally cached / downloaded.

Outlook can do this as it is both a mail sending agent and a mail receiving
agent, it unambiguously knows when a mail comes from an authenticated user,
and that it is a locally destined mail. Dovecot may or may not be
responsible for putting a mail from a user into the mail spool (in some
configurations postfix/sendmail can do this) so it cannot absolutely relate
who sent the email, to who wants to retract it.

So for this even to be possible, retractable messages would need be
present, and dovecot to unambiguously be able to relate an email received
by dovecot with it's original sender, which seems unlikely.

Even then there is a question of how you would provide the request for
deletion for dovecot to perform. This implies that there would be a new
command to POP/IMAP to trigger and authorize such a retraction also. Then
this new command would need to be standards-track so mail user agents would
know a server has such a feature to call it.

Sounds very difficult. I think outlook sends a specially crafted email, i
doubt it is standards track as it is all happening within the same
application in the case out outlook.

Cheers
Brett

-- 
*The only thing that interferes with my learning is my education.*
*
Albert Einstein*

From dovecot at tlinx.org  Sun Jun  3 11:06:18 2012
From: dovecot at tlinx.org (Linda Walsh)
Date: Sun, 03 Jun 2012 01:06:18 -0700
Subject: [Dovecot] Can we know when a user read our email?
In-Reply-To: <4FC9E2A0.9070905@wildgooses.com>
References: <CAAJD-mAcEqzJcHYODkReWn6BuzV3B8c3MPE+ceWmtWqCDdmBuQ@mail.gmail.com>	<1337013487.4384.58.camel@innu>
	<4FC9E2A0.9070905@wildgooses.com>
Message-ID: <4FCB1AFA.3040200@tlinx.org>

Ed W wrote:
>
> Just to register interest, but at some point I will need to consider 
> writing a plugin or similar to achieve exactly this.
>
> Situation is that several of our competitors offer such a feature, ie 
> known pool of users on dialup or intermittently connected systems, 
> provide an alert back to the sender when your email has been 
> "accessed/downloaded" by the remote user.
---
    My dentist used a service that claimed to provide a read-notification.

It was just an embedded web-bug in the email that I could choose to 
display or not ... if the client doesn't want to cooperate, you can't 
tell when the person read it.  All you could do is tell when a client 
downloaded it from dovecot...which doesn't say much for clients that are 
left on 24/7...




From lists at wildgooses.com  Sun Jun  3 11:43:43 2012
From: lists at wildgooses.com (Ed W)
Date: Sun, 03 Jun 2012 09:43:43 +0100
Subject: [Dovecot] Can we know when a user read our email?
In-Reply-To: <4FCB1AFA.3040200@tlinx.org>
References: <CAAJD-mAcEqzJcHYODkReWn6BuzV3B8c3MPE+ceWmtWqCDdmBuQ@mail.gmail.com>	<1337013487.4384.58.camel@innu>
	<4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org>
Message-ID: <4FCB23BF.20300@wildgooses.com>

On 03/06/2012 09:06, Linda Walsh wrote:
> Ed W wrote:
>>
>> Just to register interest, but at some point I will need to consider 
>> writing a plugin or similar to achieve exactly this.
>>
>> Situation is that several of our competitors offer such a feature, ie 
>> known pool of users on dialup or intermittently connected systems, 
>> provide an alert back to the sender when your email has been 
>> "accessed/downloaded" by the remote user.
> ---
>    My dentist used a service that claimed to provide a read-notification.
>
> It was just an embedded web-bug in the email that I could choose to 
> display or not ... if the client doesn't want to cooperate, you can't 
> tell when the person read it.  All you could do is tell when a client 
> downloaded it from dovecot...which doesn't say much for clients that 
> are left on 24/7...
>

Please folks - don't argue with me - I'm the wrong person!  The 
recipient who is receiving these emails, ie the person being "bugged" is 
demanding that they are "buggable".  If they demand it and it's a 
requirement for providing them service then I have to give it to them if 
I want the business.

The users are on satellite dialup and barely have enough bandwidth to 
download a few KB of emails, they certainly can't trigger web bugs to 
trigger read receipts.

Look, I can argue against the idea easily, personally my objection is 
mail loops, but the point is that the customer demands it, and at 
present that prevents me bidding for certain types of business...  
Basically the customer just wants to repro what they got with Exchange

Cheers for ideas though!

Ed W

From h.reindl at thelounge.net  Sun Jun  3 12:49:08 2012
From: h.reindl at thelounge.net (Reindl Harald)
Date: Sun, 03 Jun 2012 11:49:08 +0200
Subject: [Dovecot] Can we know when a user read our email?
In-Reply-To: <4FCB23BF.20300@wildgooses.com>
References: <CAAJD-mAcEqzJcHYODkReWn6BuzV3B8c3MPE+ceWmtWqCDdmBuQ@mail.gmail.com>
	<1337013487.4384.58.camel@innu>
	<4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org>
	<4FCB23BF.20300@wildgooses.com>
Message-ID: <4FCB3314.8030008@thelounge.net>



Am 03.06.2012 10:43, schrieb Ed W:
> Please folks - don't argue with me - I'm the wrong person!  The recipient who is receiving these emails, ie the
> person being "bugged" is demanding that they are "buggable".  If they demand it and it's a requirement for
> providing them service then I have to give it to them if I want the business.
> 
> The users are on satellite dialup and barely have enough bandwidth to download a few KB of emails, they certainly
> can't trigger web bugs to trigger read receipts.
> 
> Look, I can argue against the idea easily, personally my objection is mail loops, but the point is that the
> customer demands it, and at present that prevents me bidding for certain types of business...  Basically the
> customer just wants to repro what they got with Exchange

kiss him goodbye with exchange

what do you expect?
only some idiots are using such "features"

even if you find a opensource solution yiu can imagine how
well tested it would be and how many troubles you will have
after the setup

"if I want the business" -> do you need this business to survive?
if no -> kiss him goodbye, if yes -> i doubt you will not survive

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 262 bytes
Desc: OpenPGP digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20120603/b15b94b9/attachment.bin>

From robert at schetterer.org  Sun Jun  3 12:50:48 2012
From: robert at schetterer.org (Robert Schetterer)
Date: Sun, 03 Jun 2012 11:50:48 +0200
Subject: [Dovecot] Can we know when a user read our email?
In-Reply-To: <4FCB23BF.20300@wildgooses.com>
References: <CAAJD-mAcEqzJcHYODkReWn6BuzV3B8c3MPE+ceWmtWqCDdmBuQ@mail.gmail.com>	<1337013487.4384.58.camel@innu>
	<4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org>
	<4FCB23BF.20300@wildgooses.com>
Message-ID: <4FCB3378.3060402@schetterer.org>

Am 03.06.2012 10:43, schrieb Ed W:
> On 03/06/2012 09:06, Linda Walsh wrote:
>> Ed W wrote:
>>>
>>> Just to register interest, but at some point I will need to consider
>>> writing a plugin or similar to achieve exactly this.
>>>
>>> Situation is that several of our competitors offer such a feature, ie
>>> known pool of users on dialup or intermittently connected systems,
>>> provide an alert back to the sender when your email has been
>>> "accessed/downloaded" by the remote user.
>> ---
>>    My dentist used a service that claimed to provide a read-notification.
>>
>> It was just an embedded web-bug in the email that I could choose to
>> display or not ... if the client doesn't want to cooperate, you can't
>> tell when the person read it.  All you could do is tell when a client
>> downloaded it from dovecot...which doesn't say much for clients that
>> are left on 24/7...
>>
> 
> Please folks - don't argue with me - I'm the wrong person!  The
> recipient who is receiving these emails, ie the person being "bugged" is
> demanding that they are "buggable".  If they demand it and it's a
> requirement for providing them service then I have to give it to them if
> I want the business.
> 
> The users are on satellite dialup and barely have enough bandwidth to
> download a few KB of emails, they certainly can't trigger web bugs to
> trigger read receipts.
> 
> Look, I can argue against the idea easily, personally my objection is
> mail loops, but the point is that the customer demands it, and at
> present that prevents me bidding for certain types of business... 
> Basically the customer just wants to repro what they got with Exchange
> 
> Cheers for ideas though!
> 
> Ed W

Hi Ed, you can have dsn
http://www.postfix.org/DSN_README.html

you can have mdn
http://en.wikipedia.org/wiki/Return_receipt

so this is internet (smtp ) standards
and has nearly nothing to do with imap/dovecot

also whatever solution you use there is no way
to find out if a user has read a mail unless you asked him in person
( and then you might find out if the recipient has understood what he
had read *g)

the maximum you may reach is get notice if a mail has tec side  reached
the recipient, the user must not accept your wish to notice you if he
opens the mail ( which also would not mean he has read the mail )

this is with internet mail, by intranet mail systems
( which means the recipient is on the same mail system and storage)
typical for company mail sites with exchange and/or notes etc
you have a dediacted client i.e outlook for exchange , so here its
possible to implement inside actions whatever tec of this system is able
to do.

But as soon as you mail to internet, this features may
get useless , cause you never know what tec is used on the recipient side
so nobody may invest time in create useless internet standards

however youre free to code or pay someone to code for you what you want
specially for your wanted feature. But i see no real relate to dovecot,
cause mail is recent sent via smtp

Dont compare mail systems this way, they are totally different
however they do imap/pop3/smtp
specially with echange some stuff will only work with outlook and
active directory

-- 
Best Regards

MfG Robert Schetterer

Germany/Munich/Bavaria

From CMarcus at Media-Brokers.com  Sun Jun  3 16:46:15 2012
From: CMarcus at Media-Brokers.com (Charles Marcus)
Date: Sun, 03 Jun 2012 09:46:15 -0400
Subject: [Dovecot] Can we know when a user read our email?
In-Reply-To: <4FCB23BF.20300@wildgooses.com>
References: <CAAJD-mAcEqzJcHYODkReWn6BuzV3B8c3MPE+ceWmtWqCDdmBuQ@mail.gmail.com>	<1337013487.4384.58.camel@innu>
	<4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org>
	<4FCB23BF.20300@wildgooses.com>
Message-ID: <4FCB6AA7.4050200@Media-Brokers.com>

On 2012-06-03 4:43 AM, Ed W <lists at wildgooses.com> wrote:
> Look, I can argue against the idea easily, personally my objection is
> mail loops, but the point is that the customer demands it, and at
> present that prevents me bidding for certain types of business...
> Basically the customer just wants to repro what they got with Exchange

Then tell them their only option is to buy Exchange Server and Outlook 
for everyone - but explain that this 'feature' *still* will not work for 
recipients that are outside of your control (ie, it will only work for 
local recipients - and I *think* it is possible to set up Trusts with 
other external Exchange Servers, but not sure, and if it does, it 
requires the explicit cooperation of the other systems admin).

Bottom line: do NOT promise the impossible to a client just to win the 
business. It is a losing proposition, as you are beginning to see...

-- 

Best regards,

Charles

From michael at orlitzky.com  Sun Jun  3 17:24:53 2012
From: michael at orlitzky.com (Michael Orlitzky)
Date: Sun, 03 Jun 2012 10:24:53 -0400
Subject: [Dovecot] Can we know when a user read our email?
In-Reply-To: <4FCB23BF.20300@wildgooses.com>
References: <CAAJD-mAcEqzJcHYODkReWn6BuzV3B8c3MPE+ceWmtWqCDdmBuQ@mail.gmail.com>	<1337013487.4384.58.camel@innu>
	<4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org>
	<4FCB23BF.20300@wildgooses.com>
Message-ID: <4FCB73B5.9020807@orlitzky.com>

On 06/03/12 04:43, Ed W wrote:
> 
> Look, I can argue against the idea easily, personally my objection is 
> mail loops, but the point is that the customer demands it, and at 
> present that prevents me bidding for certain types of business...  
> Basically the customer just wants to repro what they got with Exchange


I for one think the plugin is a good idea.

I think read receipts are dumb, of course. But if the customer won't be
persuaded, I would rather have them give their money to you than to the
guy who thinks they're a great solution.

Plus, it will make Dovecot a little bit better as a side effect.

From robert at schetterer.org  Sun Jun  3 19:06:45 2012
From: robert at schetterer.org (Robert Schetterer)
Date: Sun, 03 Jun 2012 18:06:45 +0200
Subject: [Dovecot] Can we know when a user read our email?
In-Reply-To: <4FCB73B5.9020807@orlitzky.com>
References: <CAAJD-mAcEqzJcHYODkReWn6BuzV3B8c3MPE+ceWmtWqCDdmBuQ@mail.gmail.com>	<1337013487.4384.58.camel@innu>
	<4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org>
	<4FCB23BF.20300@wildgooses.com> <4FCB73B5.9020807@orlitzky.com>
Message-ID: <4FCB8B95.3000301@schetterer.org>

Am 03.06.2012 16:24, schrieb Michael Orlitzky:
> On 06/03/12 04:43, Ed W wrote:
>>
>> Look, I can argue against the idea easily, personally my objection is 
>> mail loops, but the point is that the customer demands it, and at 
>> present that prevents me bidding for certain types of business...  
>> Basically the customer just wants to repro what they got with Exchange
> 
> 
> I for one think the plugin is a good idea.

what the hell , should the plugin do and how ?
there is smtp dsn, nothing more makes sense

looking to the thread subject , you need to have new internet standard
called

"braindump over tcp"

this doesnt exist on exchange too

mail is smtp, dovecot is no smtp server


> 
> I think read receipts are dumb, of course. But if the customer won't be
> persuaded, I would rather have them give their money to you than to the
> guy who thinks they're a great solution.
> 
> Plus, it will make Dovecot a little bit better as a side effect.


-- 
Best Regards

MfG Robert Schetterer

Germany/Munich/Bavaria

From michael at orlitzky.com  Sun Jun  3 20:21:56 2012
From: michael at orlitzky.com (Michael Orlitzky)
Date: Sun, 03 Jun 2012 13:21:56 -0400
Subject: [Dovecot] Can we know when a user read our email?
In-Reply-To: <4FCB8B95.3000301@schetterer.org>
References: <CAAJD-mAcEqzJcHYODkReWn6BuzV3B8c3MPE+ceWmtWqCDdmBuQ@mail.gmail.com>	<1337013487.4384.58.camel@innu>
	<4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org>
	<4FCB23BF.20300@wildgooses.com> <4FCB73B5.9020807@orlitzky.com>
	<4FCB8B95.3000301@schetterer.org>
Message-ID: <4FCB9D34.7060902@orlitzky.com>

On 06/03/12 12:06, Robert Schetterer wrote:
> Am 03.06.2012 16:24, schrieb Michael Orlitzky:
>>
>> I for one think the plugin is a good idea.
> 
> what the hell , should the plugin do and how ?
> there is smtp dsn, nothing more makes sense
> 
> looking to the thread subject , you need to have new internet standard
> called
> 
> "braindump over tcp"
> 
> this doesnt exist on exchange too
> 
> mail is smtp, dovecot is no smtp server
> 

You could trigger on the 'seen' flag, and Dovecot is more than capable
of generating messages, especially to mailboxes under its control (see:
sieve).

But... who cares? The worst possible thing that can happen is that he
writes it and makes his customers happy and you pretend it doesn't exist.

From h.reindl at thelounge.net  Sun Jun  3 20:26:55 2012
From: h.reindl at thelounge.net (Reindl Harald)
Date: Sun, 03 Jun 2012 19:26:55 +0200
Subject: [Dovecot] Can we know when a user read our email?
In-Reply-To: <4FCB9D34.7060902@orlitzky.com>
References: <CAAJD-mAcEqzJcHYODkReWn6BuzV3B8c3MPE+ceWmtWqCDdmBuQ@mail.gmail.com>
	<1337013487.4384.58.camel@innu>
	<4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org>
	<4FCB23BF.20300@wildgooses.com> <4FCB73B5.9020807@orlitzky.com>
	<4FCB8B95.3000301@schetterer.org> <4FCB9D34.7060902@orlitzky.com>
Message-ID: <4FCB9E5F.9010709@thelounge.net>



Am 03.06.2012 19:21, schrieb Michael Orlitzky:
> On 06/03/12 12:06, Robert Schetterer wrote:
>> Am 03.06.2012 16:24, schrieb Michael Orlitzky:
>>>
>>> I for one think the plugin is a good idea.
>>
>> what the hell , should the plugin do and how ?
>> there is smtp dsn, nothing more makes sense
>>
>> looking to the thread subject , you need to have new internet standard
>> called
>>
>> "braindump over tcp"
>>
>> this doesnt exist on exchange too
>>
>> mail is smtp, dovecot is no smtp server
>>
> 
> You could trigger on the 'seen' flag, and Dovecot is more than capable
> of generating messages, especially to mailboxes under its control (see:
> sieve)

and now tell us how you "connect" YOUR sent message over SMTP
to any seen fleeg of another user?

> But... who cares?

people which cares about reality?

> The worst possible thing that can happen is that he
> writes it and makes his customers happy

if it is his business make people happy with lies, ok
my business is make people happy by telling them the truth

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 262 bytes
Desc: OpenPGP digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20120603/4b1f4e53/attachment.bin>

From michael at orlitzky.com  Sun Jun  3 21:11:55 2012
From: michael at orlitzky.com (Michael Orlitzky)
Date: Sun, 03 Jun 2012 14:11:55 -0400
Subject: [Dovecot] Can we know when a user read our email?
In-Reply-To: <4FCB9E5F.9010709@thelounge.net>
References: <CAAJD-mAcEqzJcHYODkReWn6BuzV3B8c3MPE+ceWmtWqCDdmBuQ@mail.gmail.com>
	<1337013487.4384.58.camel@innu>
	<4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org>
	<4FCB23BF.20300@wildgooses.com> <4FCB73B5.9020807@orlitzky.com>
	<4FCB8B95.3000301@schetterer.org> <4FCB9D34.7060902@orlitzky.com>
	<4FCB9E5F.9010709@thelounge.net>
Message-ID: <4FCBA8EB.8020203@orlitzky.com>

On 06/03/12 13:26, Reindl Harald wrote:
> 
> and now tell us how you "connect" YOUR sent message over SMTP
> to any seen fleeg of another user?
> 

Dovecot could write directly to their mailbox. Otherwise, it could do
whatever the sieve vacation plugin does.


>> The worst possible thing that can happen is that he
>> writes it and makes his customers happy
> 
> if it is his business make people happy with lies, ok
> my business is make people happy by telling them the truth

I don't think he plans to lie. I think he explained the limitations and
they don't care.

People have different tastes. I wouldn't personally use ~100% of the
things that I fix for other people.

From h.reindl at thelounge.net  Sun Jun  3 21:19:20 2012
From: h.reindl at thelounge.net (Reindl Harald)
Date: Sun, 03 Jun 2012 20:19:20 +0200
Subject: [Dovecot] Can we know when a user read our email?
In-Reply-To: <4FCBA8EB.8020203@orlitzky.com>
References: <CAAJD-mAcEqzJcHYODkReWn6BuzV3B8c3MPE+ceWmtWqCDdmBuQ@mail.gmail.com>
	<1337013487.4384.58.camel@innu>
	<4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org>
	<4FCB23BF.20300@wildgooses.com> <4FCB73B5.9020807@orlitzky.com>
	<4FCB8B95.3000301@schetterer.org> <4FCB9D34.7060902@orlitzky.com>
	<4FCB9E5F.9010709@thelounge.net> <4FCBA8EB.8020203@orlitzky.com>
Message-ID: <4FCBAAA8.2020107@thelounge.net>

Am 03.06.2012 20:11, schrieb Michael Orlitzky:
> On 06/03/12 13:26, Reindl Harald wrote:
>>
>> and now tell us how you "connect" YOUR sent message over SMTP
>> to any seen fleeg of another user?
>>
> Dovecot could write directly to their mailbox. Otherwise, it could do
> whatever the sieve vacation plugin does.

oh yeah, explain this the customers MUA when he clicks on "sent mail"

it is naive to believe some weird solution which
only works as long the sune shines is useable

>>> The worst possible thing that can happen is that he
>>> writes it and makes his customers happy
>>
>> if it is his business make people happy with lies, ok
>> my business is make people happy by telling them the truth
> 
> I don't think he plans to lie. I think he explained the limitations and
> they don't care.

if they don't care i would refuse them as customer

i saw way too often people saying "i do not care"
but later "oh but you did not explain THIS result exactly"

> People have different tastes. I wouldn't personally use ~100% of the
> things that I fix for other people

people are mostly to stupid to realize what they
are trying to accomplish and why it it a bad idea

this is why we professionals exist and if people
refuse what you are explaining them kiss them
goodbye - irt will be better for you over the long

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 262 bytes
Desc: OpenPGP digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20120603/9160ad9e/attachment.bin>

From jerry at seibercom.net  Sun Jun  3 21:54:32 2012
From: jerry at seibercom.net (Jerry)
Date: Sun, 3 Jun 2012 14:54:32 -0400
Subject: [Dovecot] Can we know when a user read our email?
In-Reply-To: <4FCBAAA8.2020107@thelounge.net>
References: <CAAJD-mAcEqzJcHYODkReWn6BuzV3B8c3MPE+ceWmtWqCDdmBuQ@mail.gmail.com>
	<1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com>
	<4FCB1AFA.3040200@tlinx.org> <4FCB23BF.20300@wildgooses.com>
	<4FCB73B5.9020807@orlitzky.com> <4FCB8B95.3000301@schetterer.org>
	<4FCB9D34.7060902@orlitzky.com> <4FCB9E5F.9010709@thelounge.net>
	<4FCBA8EB.8020203@orlitzky.com> <4FCBAAA8.2020107@thelounge.net>
Message-ID: <20120603145432.4229f957@scorpio>

On Sun, 03 Jun 2012 20:19:20 +0200
Reindl Harald articulated:

>people are mostly to stupid to realize what they
>are trying to accomplish and why it it a bad idea
>
>this is why we professionals exist and if people
>refuse what you are explaining them kiss them
>goodbye - irt will be better for you over the long

No offense, but considering your business attitude and disdain for
potential clients and your opinion of them, it would be a far better
thing if they steered clear of you all together. There are many
considerate, intelligent, compassionate professionals out there who
would be willing to take on the difficult client. Any "asshole" can
service the routine, run of the mill, client. It takes a true
professional to work with and service a difficult one.

-- 
Jerry ?

Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the Reply-To header.
__________________________________________________________________

From h.reindl at thelounge.net  Sun Jun  3 22:07:47 2012
From: h.reindl at thelounge.net (Reindl Harald)
Date: Sun, 03 Jun 2012 21:07:47 +0200
Subject: [Dovecot] Can we know when a user read our email?
In-Reply-To: <20120603145432.4229f957@scorpio>
References: <CAAJD-mAcEqzJcHYODkReWn6BuzV3B8c3MPE+ceWmtWqCDdmBuQ@mail.gmail.com>
	<1337013487.4384.58.camel@innu>
	<4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org>
	<4FCB23BF.20300@wildgooses.com> <4FCB73B5.9020807@orlitzky.com>
	<4FCB8B95.3000301@schetterer.org> <4FCB9D34.7060902@orlitzky.com>
	<4FCB9E5F.9010709@thelounge.net> <4FCBA8EB.8020203@orlitzky.com>
	<4FCBAAA8.2020107@thelounge.net> <20120603145432.4229f957@scorpio>
Message-ID: <4FCBB603.5090106@thelounge.net>



Am 03.06.2012 20:54, schrieb Jerry:
> On Sun, 03 Jun 2012 20:19:20 +0200
> Reindl Harald articulated:
> 
>> people are mostly to stupid to realize what they
>> are trying to accomplish and why it it a bad idea
>>
>> this is why we professionals exist and if people
>> refuse what you are explaining them kiss them
>> goodbye - irt will be better for you over the long
> 
> No offense, but considering your business attitude and disdain for
> potential clients and your opinion of them, it would be a far better
> thing if they steered clear of you all together.

by business attidue is perfectly OK

i do not offer things where i know they
will not work i the real world

> There are many considerate, intelligent, compassionate professionals 
> out there who would be willing to take on the difficult client. 

it is not intelligent to discuss about "can we know when a user read
our email?" - tis question has only one answer: no, forget it

if a customer thinks he must have any half baken solution
to make him happy i am fine he is the custoerm of someone
which is not interested in quality at all because both
are matching togehter

> Any "asshole" can service the routine, run of the mill, client. 
> It takes a true professional to work with and service a difficult 
> one

you need not to tell me about routine, really not

i have written admin-backends for nearly all types of services
including mail-backends (partly for options most people even
do not know that they exist) in the last years and after that
i know  what is NOT possible in a acceptable service quality

often it is much more important to know and realize what
you CAN NOT implement in acceptable quality as what you can

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 262 bytes
Desc: OpenPGP digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20120603/d1674cf2/attachment-0001.bin>

From robert at schetterer.org  Sun Jun  3 22:13:21 2012
From: robert at schetterer.org (Robert Schetterer)
Date: Sun, 03 Jun 2012 21:13:21 +0200
Subject: [Dovecot] Can we know when a user read our email?
In-Reply-To: <4FCB9E5F.9010709@thelounge.net>
References: <CAAJD-mAcEqzJcHYODkReWn6BuzV3B8c3MPE+ceWmtWqCDdmBuQ@mail.gmail.com>
	<1337013487.4384.58.camel@innu>
	<4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org>
	<4FCB23BF.20300@wildgooses.com> <4FCB73B5.9020807@orlitzky.com>
	<4FCB8B95.3000301@schetterer.org> <4FCB9D34.7060902@orlitzky.com>
	<4FCB9E5F.9010709@thelounge.net>
Message-ID: <4FCBB751.9070301@schetterer.org>

Am 03.06.2012 19:26, schrieb Reindl Harald:
> 
> 
> Am 03.06.2012 19:21, schrieb Michael Orlitzky:
>> On 06/03/12 12:06, Robert Schetterer wrote:
>>> Am 03.06.2012 16:24, schrieb Michael Orlitzky:
>>>>
>>>> I for one think the plugin is a good idea.
>>>
>>> what the hell , should the plugin do and how ?
>>> there is smtp dsn, nothing more makes sense
>>>
>>> looking to the thread subject , you need to have new internet standard
>>> called
>>>
>>> "braindump over tcp"
>>>
>>> this doesnt exist on exchange too
>>>
>>> mail is smtp, dovecot is no smtp server
>>>
>>
>> You could trigger on the 'seen' flag, and Dovecot is more than capable
>> of generating messages, especially to mailboxes under its control (see:
>> sieve)
> 
> and now tell us how you "connect" YOUR sent message over SMTP
> to any seen fleeg of another user?
> 
>> But... who cares?
> 
> people which cares about reality?
> 
>> The worst possible thing that can happen is that he
>> writes it and makes his customers happy
> 
> if it is his business make people happy with lies, ok
> my business is make people happy by telling them the truth
> 

the maximun with multi clients which "may" be goaled is a notice , if a
mail was/has seen-flagged-opened/downloaded ( pop3), as long as sender
and recipient are on the same server/storage/system

but seen-opened-flagged a mail is not "read the mail by the adressed
human recipient"
and human read a mail means not understand the content of the mail

nobody grant ever that is was the adressed recipient human in person
that opened the mail and did set the seen flag


"seen-flagged" means opened for display as/from a tec process !!!



by the way this differnce seems not to care by customers who want this
feature or may think its included elsewhere

i would recommand Mind melds over the wire like

http://en.wikipedia.org/wiki/Vulcan_%28Star_Trek%29#Mind_melds

as an ultimate solution for this problem *g
-- 
Best Regards

MfG Robert Schetterer

Germany/Munich/Bavaria

From matthijs at stdin.nl  Sun Jun  3 23:57:30 2012
From: matthijs at stdin.nl (Matthijs Kooijman)
Date: Sun, 3 Jun 2012 22:57:30 +0200
Subject: [Dovecot] Exposing global (default) sieve script
	through	Managesieve
In-Reply-To: <4FCA0801.9040409@rename-it.nl>
References: <20120601182659.GA19340@login.drsnuggles.stderr.nl>
	<4FCA0801.9040409@rename-it.nl>
Message-ID: <20120603205730.GY4023@login.drsnuggles.stderr.nl>

Hi Stephan,

> You asked this one on IRC a while back right?
Yup, that was me.

> The copy-on-write scheme I describe above may solve this, as it  
> remembers (somehow) the status of the account: either an  
> untouched/unconfigured account or an account with no active scripts.  
> This behavior could be combined with the solution you describe above.
Yeah, the copy-on-write approach is probably a good idea.

A downside of the copy-on-write approach is that if you change the
global script later on, it doesn't affect users that made any changes to
their sieve configuration (as opposed to my proposal, where only changes
to the actual "default" script would prevent this). However, I
mentioning this just for completeness, since I don't really think this
is much of a problem.

Also, the "no sieve configured" case could be detected by the existence
of a sieve_directory, perhaps?

> In my last release of Pigeonhole I added support for putting scripts  
> inside a dict database (or any other storage facility once implemented).  
> Support for ManageSieve accessing such alternative data stores is  
> lacking still, but, once I implement that, I also intend to address the  
> issue you describe here. I'm probably going to structure it very similar  
> to Dovecot's own mail storage library, meaning that plugins can override  
> certain aspects of the storage's behavior.  This should allow for all  
> kinds of magic in the script storage, including what you describe above.
Would it make sense to implement such magin inside the script storage,
or on top of it? The latter means the magic will work for every storage
implemented, which would be an advantage?

In any case, if there is some lookout onto this feature, I might
configure the Roundcube plugin thing now and upgrade to a real solution
at some later point.

Gr.

Matthijs
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: Digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20120603/dff0820c/attachment.bin>

From stephan at rename-it.nl  Mon Jun  4 01:16:54 2012
From: stephan at rename-it.nl (Stephan Bosch)
Date: Mon, 04 Jun 2012 00:16:54 +0200
Subject: [Dovecot] Exposing global (default) sieve script through
	Managesieve
In-Reply-To: <20120603205730.GY4023@login.drsnuggles.stderr.nl>
References: <20120601182659.GA19340@login.drsnuggles.stderr.nl>
	<4FCA0801.9040409@rename-it.nl>
	<20120603205730.GY4023@login.drsnuggles.stderr.nl>
Message-ID: <4FCBE256.6040903@rename-it.nl>

On 6/3/2012 10:57 PM, Matthijs Kooijman wrote:
>
> The copy-on-write scheme I describe above may solve this, as it
> remembers (somehow) the status of the account: either an
> untouched/unconfigured account or an account with no active scripts.
> This behavior could be combined with the solution you describe above.
> Yeah, the copy-on-write approach is probably a good idea.
>
> A downside of the copy-on-write approach is that if you change the
> global script later on, it doesn't affect users that made any changes to
> their sieve configuration (as opposed to my proposal, where only changes
> to the actual "default" script would prevent this). However, I
> mentioning this just for completeness, since I don't really think this
> is much of a problem.
>
> Also, the "no sieve configured" case could be detected by the existence
> of a sieve_directory, perhaps?

Something like that, yes.

>> In my last release of Pigeonhole I added support for putting scripts
>> inside a dict database (or any other storage facility once implemented).
>> Support for ManageSieve accessing such alternative data stores is
>> lacking still, but, once I implement that, I also intend to address the
>> issue you describe here. I'm probably going to structure it very similar
>> to Dovecot's own mail storage library, meaning that plugins can override
>> certain aspects of the storage's behavior.  This should allow for all
>> kinds of magic in the script storage, including what you describe above.
> Would it make sense to implement such magic inside the script storage,
> or on top of it? The latter means the magic will work for every storage
> implemented, which would be an advantage?

Definitely on top.

Regards,

Stephan.

From inbound-dovecot at listmail.innovate.net  Mon Jun  4 01:20:10 2012
From: inbound-dovecot at listmail.innovate.net (Richard)
Date: Sun, 03 Jun 2012 22:20:10 +0000
Subject: [Dovecot] Can we know when a user read our email?
Message-ID: <708007F287205FE8EB554EB9@ritz.innovate.net>



> Date: Sunday, June 03, 2012 02:54:32 PM -0400
> From: Jerry <jerry at seibercom.net>
> 
>> On Sun, 03 Jun 2012 20:19:20 +0200
>> Reindl Harald articulated:
>> 
>> people are mostly to stupid to realize what they
>> are trying to accomplish and why it it a bad idea
>> 
>> this is why we professionals exist and if people
>> refuse what you are explaining them kiss them
>> goodbye - irt will be better for you over the long
> 
> No offense, but considering your business attitude and disdain for
> potential clients and your opinion of them, it would be a far
> better thing if they steered clear of you all together. There are
> many considerate, intelligent, compassionate professionals out
> there who would be willing to take on the difficult client. Any
> "asshole" can service the routine, run of the mill, client. It
> takes a true professional to work with and service a difficult 
> one.

Something that seems to be missing from this discussion are
considerations of privacy and (personal) security. There are fairly
serious implications of a sender being able to tell that/when
someone has downloaded/opened a message -- including discovery of
daily patterns and potentially where the recipient is, or isn't.

I think it is our responsibility to understand these issues and
explain them to managers/clients in order to bring them along if we
refuse (as I would) to provide a capability such as this. [I always
set the sendmail "noreceipts" PrivacyOptions so it doesn't respond
to these disposition requests.]

One approach is to point out to managers/clients that if their
system is configured to return read receipts, anyone sending mail to
them on that system will be able to get these same types of
receipts. When they think about that they may not like the
implications and may reconsider their request. 

Just because it is technically possible to do something (and even if
other vendors provide the capability) does not mean that it is the
ethically or legally responsible thing to do.


   - Richard

 

From dovecot-list at mohtex.net  Mon Jun  4 04:17:20 2012
From: dovecot-list at mohtex.net (Tamsy)
Date: Mon, 04 Jun 2012 08:17:20 +0700
Subject: [Dovecot] Can we know when a user read our email?
In-Reply-To: <708007F287205FE8EB554EB9@ritz.innovate.net>
References: <708007F287205FE8EB554EB9@ritz.innovate.net>
Message-ID: <4FCC0CA0.6000003@mohtex.net>

Richard wrote the following on 04.06.2012 05:20:
>
>> Date: Sunday, June 03, 2012 02:54:32 PM -0400
>> From: Jerry<jerry at seibercom.net>
>>
>>> On Sun, 03 Jun 2012 20:19:20 +0200
>>> Reindl Harald articulated:
>>>
>>> people are mostly to stupid to realize what they
>>> are trying to accomplish and why it it a bad idea
>>>
>>> this is why we professionals exist and if people
>>> refuse what you are explaining them kiss them
>>> goodbye - irt will be better for you over the long
>> No offense, but considering your business attitude and disdain for
>> potential clients and your opinion of them, it would be a far
>> better thing if they steered clear of you all together. There are
>> many considerate, intelligent, compassionate professionals out
>> there who would be willing to take on the difficult client. Any
>> "asshole" can service the routine, run of the mill, client. It
>> takes a true professional to work with and service a difficult
>> one.
> Something that seems to be missing from this discussion are
> considerations of privacy and (personal) security. There are fairly
> serious implications of a sender being able to tell that/when
> someone has downloaded/opened a message -- including discovery of
> daily patterns and potentially where the recipient is, or isn't.
>
> I think it is our responsibility to understand these issues and
> explain them to managers/clients in order to bring them along if we
> refuse (as I would) to provide a capability such as this. [I always
> set the sendmail "noreceipts" PrivacyOptions so it doesn't respond
> to these disposition requests.]
>
> One approach is to point out to managers/clients that if their
> system is configured to return read receipts, anyone sending mail to
> them on that system will be able to get these same types of
> receipts. When they think about that they may not like the
> implications and may reconsider their request.
>
> Just because it is technically possible to do something (and even if
> other vendors provide the capability) does not mean that it is the
> ethically or legally responsible thing to do.
>
>
>     - Richard
>
>

I totally agree with Richard's point of few.

I would consider it as intrusive and even intimidating if the sender of 
an E-Mail can monitor whether and when I open/read his mail.
Just imagine this would happen with the good old hard printed mail the 
postman put into the mailbox at our door: As soon as we open the 
envelope and unfold the letter a microchip sends a note to the sender 
that his letter has been opened and read.
I can already see the public outcry if something like this would happen 
some day...

If somebody sends me a mail, it is up to me whether I want to open and 
read its content or whether I just want to bin it without having opened 
it. This is my right since the moment that mail has reached my mailbox, 
no matter whether it is a hardcopy mail or an E-Mail, it belongs to me 
and I can do with it whatever I like without letting the sender know how 
it has finally ended.


From jeetuindian at gmail.com  Mon Jun  4 13:20:06 2012
From: jeetuindian at gmail.com (Jitendra Bhaskar)
Date: Mon, 4 Jun 2012 15:50:06 +0530
Subject: [Dovecot] Frequently login problem
Message-ID: <CALucydm1MbfkJhHDp9fkO=nXafh1y7WJSTewguZuFyQi-ykHWg@mail.gmail.com>

Hi,

I am using dovecot 2.1.3 on centos 5.7. It was working fine but last few
days I need to restart or reload dovecot service because at that time users
are not able to login.

Each time I am getting information from doveco.log is as :
Jun 04 11:52:54 auth: Error: BUG: Authentication client gave a PID 17564 of
existing connection
Jun 04 11:52:54 auth: Error: BUG: Authentication client gave a PID 17566 of
existing connection
Jun 04 11:52:59 auth: Error: BUG: Authentication client gave a PID 17564 of
existing connection




-- 
* Thanks & Regards   *
*Jitendra Kumar Bhaskar*
Cell:- +91 7306311531
         +91 8102997821

From joshua at hybrid.pl  Mon Jun  4 14:44:11 2012
From: joshua at hybrid.pl (Jacek Osiecki)
Date: Mon, 4 Jun 2012 13:44:11 +0200 (CEST)
Subject: [Dovecot] Vacation stopped working
Message-ID: <alpine.LNX.2.00.1206041340180.11397@pingwin.sc>

Hi,

I'm sure that it WAS working, but I can't guarantee...

On a system with dovecot 2.0.16 and dovecot-pigeonhole-2.0_0.2.5.
Today a user reported that vacation autoreponse did not work for him.
As I have checked the dovecot logs, I see such a message:

Jun 04 13:39:51 lmtp(9986, user at xxx.com): Info: 
ZumtCleezE8CJwAAA1GDYg: sieve: 
msgid=<alpine.LNX.2.00.1206041336520.11397 at pingwin.sc>: discarding 
vacation response for implicitly delivered message; no known (envelope) 
recipient address found in message headers 
(recipient=<user at xxx.com>, and additional `:addresses' are 
specified)

Any idea what actually went wrong? I was browsing for this error message, 
but found only dovecot sources :(

Greetings,
-- 
Jacek Osiecki joshua at ceti.pl GG:3828944
I don't want something I need. I want something I want.

From lists at wildgooses.com  Mon Jun  4 16:36:35 2012
From: lists at wildgooses.com (Ed W)
Date: Mon, 04 Jun 2012 14:36:35 +0100
Subject: [Dovecot] Can we know when a user read our email?
In-Reply-To: <4FCB6AA7.4050200@Media-Brokers.com>
References: <CAAJD-mAcEqzJcHYODkReWn6BuzV3B8c3MPE+ceWmtWqCDdmBuQ@mail.gmail.com>	<1337013487.4384.58.camel@innu>
	<4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org>
	<4FCB23BF.20300@wildgooses.com>
	<4FCB6AA7.4050200@Media-Brokers.com>
Message-ID: <4FCCB9E3.3060702@wildgooses.com>

On 03/06/2012 14:46, Charles Marcus wrote:
> On 2012-06-03 4:43 AM, Ed W <lists at wildgooses.com> wrote:
>> Look, I can argue against the idea easily, personally my objection is
>> mail loops, but the point is that the customer demands it, and at
>> present that prevents me bidding for certain types of business...
>> Basically the customer just wants to repro what they got with Exchange
>
> Then tell them their only option is to buy Exchange Server and Outlook 
> for everyone - but explain that this 'feature' *still* will not work 
> for recipients that are outside of your control (ie, it will only work 
> for local recipients - and I *think* it is possible to set up Trusts 
> with other external Exchange Servers, but not sure, and if it does, it 
> requires the explicit cooperation of the other systems admin).
>
> Bottom line: do NOT promise the impossible to a client just to win the 
> business. It is a losing proposition, as you are beginning to see...
>

You have the situation backwards.

I think you know about the MailASail business.  We run small ISP selling 
mail accounts to customers.  *our customers* want to voluntarily tell 
senders when they have downloaded an email via POP.  The basic 
requirement is when the message is accessed via POP, then the sender 
(presumably defined by the FROM address) is sent a notification.

Please don't argue about the spam aspects, etc - we are all on the same 
page here.  However, it's not an entirely foolish request - because the 
customer is on dialup MDN implemented by the mail client isnt really 
feasible, and DSN doesn't help us realise that the remote user has at 
least connected and accessed the mail.  So they are kind of asking for a 
limited server side implementation of MDN.  In fact this isn't that 
unreasonable, it's just problematic and unusual.

Ed W

From lists at wildgooses.com  Mon Jun  4 16:49:08 2012
From: lists at wildgooses.com (Ed W)
Date: Mon, 04 Jun 2012 14:49:08 +0100
Subject: [Dovecot] Can we know when a user read our email?
In-Reply-To: <4FCB9E5F.9010709@thelounge.net>
References: <CAAJD-mAcEqzJcHYODkReWn6BuzV3B8c3MPE+ceWmtWqCDdmBuQ@mail.gmail.com>
	<1337013487.4384.58.camel@innu>
	<4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org>
	<4FCB23BF.20300@wildgooses.com> <4FCB73B5.9020807@orlitzky.com>
	<4FCB8B95.3000301@schetterer.org> <4FCB9D34.7060902@orlitzky.com>
	<4FCB9E5F.9010709@thelounge.net>
Message-ID: <4FCCBCD4.8090503@wildgooses.com>

On 03/06/2012 18:26, Reindl Harald wrote:
>
> Am 03.06.2012 19:21, schrieb Michael Orlitzky:
>> On 06/03/12 12:06, Robert Schetterer wrote:
>>> Am 03.06.2012 16:24, schrieb Michael Orlitzky:
>>>> I for one think the plugin is a good idea.
>>> what the hell , should the plugin do and how ?
>>> there is smtp dsn, nothing more makes sense
>>>
>>> looking to the thread subject , you need to have new internet standard
>>> called
>>>
>>> "braindump over tcp"
>>>
>>> this doesnt exist on exchange too
>>>
>>> mail is smtp, dovecot is no smtp server
>>>
>> You could trigger on the 'seen' flag, and Dovecot is more than capable
>> of generating messages, especially to mailboxes under its control (see:
>> sieve)
> and now tell us how you "connect" YOUR sent message over SMTP
> to any seen fleeg of another user?
>

I think we are talking cross purposes about the design here

In my case I have a customer base on *dialup* who connect very 
infrequently.  They kind of want MDN to work, however, at least my 
understanding is that this is typically implemented by first the MUA 
downloading all messages, then generating MDN responses which need to be 
sent out - however, in the case of dialup this may be very far after the 
fact.

Therefore they request a kind of server side MDN.  So when the message 
is downloaded from the POP server, the POP server generates some form of 
MDN-a-like response on their behalf.  There are clearly limitations 
here, but equally the limitations are quite clearly explained - all we 
learn is that the message was downloaded, but in the case of very 
infrequent dialup users, this at least teaches us the earliest time that 
the user could have read the message.  Many of these users are corporate 
and have defined processes, so they may require the user to actually 
read and action all the emails which have been downloaded, hence it 
might be inferred that usually the message will be read soon after we 
learn it's downloaded - I don't think the goal is to get 100% knowledge 
of read time though, just an estimate and that it did actually arrive at 
this remote user is helpful

To put some meat on this type of user, we are talking about a group of 
users who might be mid-ocean or perhaps hanging around north/south pole 
or somewhere similarly remote.  They would be using satellite dialup 
devices which have significant costs.  So for example if we see the user 
dial in we learn:
- They aren't dead...
- With some confidence that the message has crossed the most uncertain 
part of the link and is at least now close enough to the user we just 
need to hope they actually read it
- This type of user is typically only receiving a small handful of 
messages. At 2.4Kbit you are struggling to receive emails, it's not 
assume that this type of user is getting the kind of volumes that you or 
I get

This is a niche user, however, I think the basic feature is actually not 
entirely stupid.  My competitors implement this feature quite crudely 
with just a generic message mailed out to the sender the first time the 
recipient (ie on our server) accesses and downloads and accesses the 
email.  I don't see anyone trying to send MDN compatible receipts, they 
literally just send a "Your message was downloaded by the recipient" message

Cheers

Ed W

From h.reindl at thelounge.net  Mon Jun  4 17:14:49 2012
From: h.reindl at thelounge.net (Reindl Harald)
Date: Mon, 04 Jun 2012 16:14:49 +0200
Subject: [Dovecot] Can we know when a user read our email?
In-Reply-To: <4FCCB9E3.3060702@wildgooses.com>
References: <CAAJD-mAcEqzJcHYODkReWn6BuzV3B8c3MPE+ceWmtWqCDdmBuQ@mail.gmail.com>
	<1337013487.4384.58.camel@innu>
	<4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org>
	<4FCB23BF.20300@wildgooses.com>
	<4FCB6AA7.4050200@Media-Brokers.com>
	<4FCCB9E3.3060702@wildgooses.com>
Message-ID: <4FCCC2D9.3010209@thelounge.net>



Am 04.06.2012 15:36, schrieb Ed W:
>> Then tell them their only option is to buy Exchange Server and Outlook for everyone - but explain that this
>> 'feature' *still* will not work for recipients that are outside of your control (ie, it will only work for local
>> recipients - and I *think* it is possible to set up Trusts with other external Exchange Servers, but not sure,
>> and if it does, it requires the explicit cooperation of the other systems admin).
>>
>> Bottom line: do NOT promise the impossible to a client just to win the business. It is a losing proposition, as
>> you are beginning to see...
>>
> 
> We run small ISP selling mail accounts to customers.  *our customers* want to
> voluntarily tell senders when they have downloaded an email via POP.

and the sender for sure wants this too for every single message?
i doubt not

> The basic requirement is when the message is accessed via POP, then the 
> sender (presumably defined by  the FROM address) is sent a notification.

have fun if ONE user has enabled "leave messages on server" and
his machine crashs - the next time he will setup his account
again he would self-DOS the mail-system

> Please don't argue about the spam aspects, etc - we are all on the same page here

wait until one of the company get fired and leave you
a little "present" with a lot of forged senders

>  However, it's not an entirely foolish request

it IS a entirely foolish request

each mail client in this world supports "acknowledgment of receipt"
the sender has only to configure his account correctly and
the rcpt can decide if his client should send confirmations

* always
* per confirm on each message
* alaways for specific senders
* or even not send this bullshit at all

such things has CLEARLY not to be implemented on the server side

if the users are too stupid to user their mail-client and the
admins missing any knowledge to do this for the users solve
this problem by educate them in e-mail baiscs


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 262 bytes
Desc: OpenPGP digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20120604/8a90193d/attachment.bin>

From devurandom at gmx.net  Mon Jun  4 17:32:04 2012
From: devurandom at gmx.net (Dennis Schridde)
Date: Mon, 04 Jun 2012 16:32:04 +0200
Subject: [Dovecot] dovecot-metadata-9 released
Message-ID: <2115082.gk9Y8Dam5O@ernie>

Hello everyone!

I just released dovecot-metadata-8, which is an implementation of RFC 5464 
(IMAP METADATA), allowing to add comments/annotations/metadata to folders of 
an email account.

2012-06-04: Version 9
 * Added Dovecot 2.1 compatibility
 * Fixed compliance with RFC 5464 Section 3.2
 * Separated backend code into library
 * Synced code of imap-annotatemore with imap-metadata
 * Improved error messages
 * Several bugfixes (incl. segfaults)
 * Minor cleanups

Please get the code from [1] and send me an email for any problem you find.

For more information please refer to my email from Sun, 12 Jun 2011 15:55:57 
+0200 titled "dovecot-metadata-8 released".

Kind regards,
Dennis

[1] http://hg.dovecot.org/dovecot-metadata-plugin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: <http://dovecot.org/pipermail/dovecot/attachments/20120604/1c36c2bc/attachment.bin>

From stephan at rename-it.nl  Mon Jun  4 18:08:19 2012
From: stephan at rename-it.nl (Stephan Bosch)
Date: Mon, 04 Jun 2012 17:08:19 +0200
Subject: [Dovecot] dovecot-metadata-9 released
In-Reply-To: <2115082.gk9Y8Dam5O@ernie>
References: <2115082.gk9Y8Dam5O@ernie>
Message-ID: <4FCCCF63.3040703@rename-it.nl>

Op 6/4/2012 4:32 PM, Dennis Schridde schreef:
> For more information please refer to my email from Sun, 12 Jun 2011 15:55:57
> +0200 titled "dovecot-metadata-8 released".

http://www.dovecot.org/list/dovecot/2011-June/059630.html

Regards,

Stephan.

From malloc4k at gmail.com  Mon Jun  4 19:44:01 2012
From: malloc4k at gmail.com (Malloc Kilobyte)
Date: Mon, 4 Jun 2012 18:44:01 +0200
Subject: [Dovecot] Customization of "Rejected" message.
Message-ID: <CAE5arg-q4Mc5-+Y5ie3PPdOtxYbkF1EX5=K95+4zbngrMLxcCw@mail.gmail.com>

Helo,


I'm using Dovecot 2.1.1 with Postfix 2.3.3.
I've enabled the quota plugin, so that Dovecot LDA reject e-mails, when
user's mailbox is out of space.
By default, when mailbox is near quota, and someone tries to send huge
message, a reply is automatically send to the sender. It's being send from
postmaster named as Mail Delivery Subsystem. And here is my question: Is
there some way to customize that auto-reply, so that it is not only being
send to the sender but also to recipient gets some notice about failed
attempt ?

I've also noticed, that this reply has attachment, which is rejected
message, but it appears to be empty. Can I configure Dovecot to send back
whole rejected message ?






Regards
malloc4k

From robert at schetterer.org  Mon Jun  4 20:23:27 2012
From: robert at schetterer.org (Robert Schetterer)
Date: Mon, 04 Jun 2012 19:23:27 +0200
Subject: [Dovecot] Can we know when a user read our email?
In-Reply-To: <4FCCB9E3.3060702@wildgooses.com>
References: <CAAJD-mAcEqzJcHYODkReWn6BuzV3B8c3MPE+ceWmtWqCDdmBuQ@mail.gmail.com>	<1337013487.4384.58.camel@innu>
	<4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org>
	<4FCB23BF.20300@wildgooses.com>
	<4FCB6AA7.4050200@Media-Brokers.com>
	<4FCCB9E3.3060702@wildgooses.com>
Message-ID: <4FCCEF0F.3050708@schetterer.org>

Am 04.06.2012 15:36, schrieb Ed W:
> I think you know about the MailASail business.  We run small ISP selling
> mail accounts to customers.  *our customers* want to voluntarily tell
> senders when they have downloaded an email via POP.  The basic
> requirement is when the message is accessed via POP, then the sender
> (presumably defined by the FROM address) is sent a notification.

this isnt what you asked in the subject

"Can we know when a user read our email?"

the best and true answer: "never"

---snip

as long all senders and users
are on the same mailsystem/storage
you might wrote i.e some watch daemon
on your smtp mailsystem
with if mail in storage
with "Disposition-Notification-To"
from "your sender"
grepped by sasl header "Authenticated sender:"
has gone from new to cur in "your recipients" storage maildir and
subfolders

you may also try use complex
smtp transport header_checks combis
with i.e
/(^Disposition-Notification-To:.*)/           REPLACE X-$1
to mark mail etc

and/or policy servers , milters etc
perhaps with writings in dbs and comparing verbose dovecot logs etc

cause there are uni ways to setup smtp and dovecot servers
you must find your way fitting your setup

as i said , i see only small relates to dovecot
cause the only header which is standard in mail clients
is  Message Disposition Notification, so the sender has to use it anyway
and you have to filter this mails by it additional only for "your
senders" and "your recipients"
then you have to find a way checking status of this mails in "your storage"

if you allready have amavis included, you might code it there somehow

or look at

http://mailfud.org/postpals/

policy server for ideas who you might goal

another way.....

perhaps you might include a sieve global filter rule
with filtering Disposition-Notification-To only from "your sender
domains" and doing a simple mail notify action about it was delivered,
or using some no official sieve plugins for actions with external
binaries ( procmail etc )

-- 
Best Regards

MfG Robert Schetterer

Germany/Munich/Bavaria

From jeep at rahul.net  Tue Jun  5 05:33:19 2012
From: jeep at rahul.net (Jeff Lacki)
Date: Mon, 04 Jun 2012 19:33:19 -0700
Subject: [Dovecot] INBOX help needed, dovecot + squirrelmail
Message-ID: <20120605023319.7664B1298B0@aqua.rahul.net>


Im trying to figure out how to get dovecot to deliver to
my mail_location (example: /opt/imapdata/j/jeff/INBOX/inbox)
AND work with squirrelmail.  Ive worked on this for hours
reading the docs etc with no luck so far.

I get dovecot-lda to deliver to:
/opt/imapdata/j/jeff/INBOX/inbox

but when I use squirrelmail, I see the following in the log:

dovecot: imap(jeff): Debug: Effective uid=1006, gid=999, home=/opt/imapdata/j/jeff/INBOX/inbox
dovecot: imap(jeff): Error: chdir(/opt/imapdata/j/jeff/INBOX/inbox) failed: Not a directory
dovecot: imap(jeff): Debug: Namespace : type=private, prefix=INBOX/, sep=/, inbox=yes, hidden=no, list=yes, subscriptions=yes location=maildir:/opt/imapdata/j/jeff:INBOX=/opt/imapdata/j/jeff/INBOX:LAYOUT=fs:DIRNAME=mmDIR:INDEX=~/indexes

It complains that 'inbox' isnt a directory, but I want it to use:
/opt/imapdata/j/jeff/INBOX


What parameter do I need to tweak to get this to work?
Ive tried the 'folder options' in squirrelmail but that doesnt appear
to have any effect here (or at least at this point in my testing).

It seems that the only parameter to tweak is 'mail_location' which Im
having no luck getting to work correctly.  Also namespace may play a part
but every combination Ive tried does not result in getting it work thus far.

On a sidenote when I send more than 1 email, it doesnt seem to honor 'maildir',
it seems its doing 'mbox' instead?  I get one flat file.
Im lost and confused.

my variables:

mail_location = maildir:/opt/imapdata/%1n/%n:INBOX=/opt/imapdata/%1n/%n:LAYOUT=fs:DIRNAME=mmDIR:INDEX=~/indexes

namespace {
  type = private
  separator = /
  prefix = INBOX/
  inbox = yes
}

Your help is appreciated!
Thanks,
Jeff

/mf/home/jeep/shell/.signature

From jtam.home at gmail.com  Tue Jun  5 05:45:59 2012
From: jtam.home at gmail.com (Joseph Tam)
Date: Mon, 4 Jun 2012 19:45:59 -0700 (PDT)
Subject: [Dovecot] auth trouble
In-Reply-To: <mailman.660.1338628819.3160.dovecot@dovecot.org>
References: <mailman.660.1338628819.3160.dovecot@dovecot.org>
Message-ID: <Pine.GSO.4.64.1206041936170.24178@nodomain>

Glenn English writes:

> I'm getting a lot of what I think is a local socket asking
> dovecot:auth to verify username/passwords:
>
>> May 31 09:00:54 server dovecot-auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=admin rhost=

If dovecot-auth is getting input from a local socket, then rhost
information is irrelevant since the host doing the asking is the server
itself (maybe from another daemon connected to a remote host).

Maybe someone is brute forcing your server's Postfix authenticated
SMTP service since Postfix can be configured to use Dovecot's SASL
authentication framework.

Joseph Tam <jtam.home at gmail.com>

From a.kostyrev at serverc.ru  Tue Jun  5 06:14:44 2012
From: a.kostyrev at serverc.ru (=?koi8-r?B?68/T1NnSxdcg4czFy9PBzsTSIOHMxcvTxcXXyd4=?=)
Date: Tue, 5 Jun 2012 14:14:44 +1100
Subject: [Dovecot] best practises for mail systems
Message-ID: <213B51F00051AE48A9F0E112880177178F79D6@Delta.sc.local>

hello!

Can someone point me to some best practices in building high-available scalable mail system or! share your own success stories.

 

I've read article in LJ "Building a Scalable High-Availability E-Mail System with Active Directory and More"

but it seemed to be outdated and there's a single point of failure (Master node).

 

What I want to achieve:

high-available,

horizontaly scalable,

with no single point of failure

mail solution.

 

Available hardware:

intel mfsys25 modular server with 2 storage controllers, 2 switches, 4 power supply blocks

with

- 2 blade-servers in mfsys with:

2xIntel Xeon E5620 @ 2.40GHz with 8 cores each

- promise vtrak e610s (2 storage controllers, 2 power supply blocks)

- 6x 2TB SATA Hitachi HDS72302

 

We decided to go for KVM virtualization

and glusterfs for live migration for vm image but that's not what this is all about :)

 

We installed centos on host systems.

 

for now while we could think of two ways to go:

 

The first way (currently at testing stage):

 

On each host system we created one VM and passed through 3x2TB disks into it.

 

In guests vms on top of this disks we made XFS and fired up glusterfs with distributed replicated volumes for our mailstorage.

so it looks like this:

 

vm1??? replicate???? vm2

disk1 ------------> disk4

disk2 ------------> disk5

disk3 ------------> disk6

 

in each vm we mounted glusterfs and pointed dovecot to that dir for mail creation (as ltmp) and imap4 user access.

also we use exim as smtp.

 

So, with glusterfs as mailstorage we can go for LVS to load balancing for exim and dovecot.

so wherenever one of host systems (hence one of mail vms) goes down, users don't notice that 

'cause LVS points them to working smtp and imap4 servers 

and they get their mail 'cause of glusterfs.

 

Pros:

- high-available

- horizontaly scalable

- with no single point of failure

 

Cons:

- not quite sure if glusterfs is production ready solution 'cause I've experienced split-brains during setting it up

- IO performance issue. Though we didn't yet run any io tests, but glusterfs uses fuse to mount on clients. And guys on #gluster told me writing to the glusterfs mount will not be strictly local io.

 

The second way:

 

split up the users mail with:

 

two back-end VMs each other on DIFFERENT host system with

- fat mailstorage with raid1+linear mode (mdadm)+XFS

- dovecot/exim-back-ends

 

and

 

two VMs for nginx-based proxy servers for imap4 and smtp - nginx can redirect user to right back-end through HTTP-php-based logic.

 

Pros:

- we split up not only load for exim/dovecot but users mail IOs too

- no split-brains

 

Cons:

- If one of the host systems (hence one of back-end VMs with storage) goes down, half of our users is unhappy

 

P.S. Sorry if this place is way wrong to ask for such things.

 


From johannes at sipsolutions.net  Tue Jun  5 11:09:27 2012
From: johannes at sipsolutions.net (Johannes Berg)
Date: Tue, 05 Jun 2012 10:09:27 +0200
Subject: [Dovecot] Different but probably related issue
In-Reply-To: <442263FE-BEAE-47F5-A1FF-49DC0065DF17@canbasis.com>
References: <442263FE-BEAE-47F5-A1FF-49DC0065DF17@canbasis.com>
Message-ID: <1338883767.4514.23.camel@jlt3.sipsolutions.net>

Hi Marc,

[+list since I'm unlikely to be able to solve this problem myself]

> I am trying to setup a debian testing (wheeze) mail server using
> postfix, dovecot and amavisd-new with spamassassin. I have everything
> working fine, using mdbox mailboxes and system users. As a final touch
> for this setup, I wanted to be able to train the (global) bayes
> database directly through IMAP.
> 
> Hence, I installed your plugin (directly from the official debian
> repositories) and set it up to report mails to spamassassin. I am
> using the "pipe" backend to call a wrapper script, that stores the
> mail into a temporary file and launches sa-learn to learn it. My tests
> indicate that this is working properly.

Ok, nice.

> However, when the dovecot-antispam plugin is enabled, I have a weird
> problem sending emails. This is, whenever my MUA tries to save the
> just sent message to the "Sent" folder, dovecot shows the following
> error:

Hmm, ok, let's see

> > ---------------------------------------------------
> > Dovecot's error log:
> > ---------------------------------------------------
> > Jun  4 22:35:14 aiur dovecot: imap(user): Error: mdbox /home/user/.mdbox/mailboxes/Sent/dbox-Mails: map uid lost for uid 0
> > Jun  4 22:36:06 aiur dovecot: imap(user): Error: /home/user/.mdbox/mailboxes/Spam/dbox-Mails/dovecot.index reset, view is now inconsistent
> > Jun  4 22:36:09 aiur dovecot: imap(user): Error: Log synchronization error at seq=8,offset=27592 for /home/user/.mdbox/storage/dovecot.map.index: Append with UID 56056, but next_uid = 56057
> > Jun  4 22:36:09 aiur dovecot: lda(user): Error: Log synchronization error at seq=8,offset=27592 for /home/user/.mdbox/storage/dovecot.map.index: Append with UID 56056, but next_uid = 56057
> > Jun  4 22:36:10 aiur dovecot: imap(user): Error: /home/user/.mdbox/mailboxes/INBOX/dbox-Mails/dovecot.index reset, view is now inconsistent
> 
> 
> As a result, the MUA hangs for a while (some minute and a half). After
> that it closes the IMAP session properly, but I am left with two
> copies of the sent email in the "Sent" folder: one that is marked as
> unread and one that is not.

Curious. I think the problem is likely the mdbox storage... There have
always been some issues with it and the antispam plugin when combined.
The first issue was that we couldn't access the raw text or
something ... not sure what's up now.

> > IMAP Conversation (as logged by roundcube webmail)

> > [04-Jun-2012 22:35:14 +0200]: [4A68] C: A0005 APPEND INBOX.Sent (\Seen) {519+}
> > [04-Jun-2012 22:35:14 +0200]: [4A68] C: Received: from cpe-76-169-183-245.socal.res.rr.com ([76.169.183.245])
> >  by server.domain.tld
> >  with HTTP (HTTP/1.1 POST); Mon, 04 Jun 2012 22:35:14 +0200
> > MIME-Version: 1.0
...
> > [04-Jun-2012 22:36:10 +0200]: [4A68] S: A0005 OK [APPENDUID
> 1338488996 4274] Append completed.

That looks ... pretty normal.

> At this point, I do not know what else to try or how to fix this
> problem. Thus, I have had to disable your plugin for now. Do you have
> any ideas on how to proceed? I can give you access to this machine if
> need be (it's a personal server).

Unfortunately, I don't. I can only suggest, as a test, trying with some
other storage format -- I only use Maildir -- to see if the problem is
really in the interaction with mdbox. I'm fairly sure that's likely the
problem, maybe the plugin doesn't pass something through append that is
needed by mdbox, but I've never even attempted to understand mdbox.

Maybe Timo can comment. Timo, you can find the latest code here:
http://git.sipsolutions.net/?p=dovecot-antispam.git;a=summary


johannes


From tss at iki.fi  Tue Jun  5 13:02:10 2012
From: tss at iki.fi (Timo Sirainen)
Date: Tue, 5 Jun 2012 13:02:10 +0300
Subject: [Dovecot] best practises for mail systems
In-Reply-To: <213B51F00051AE48A9F0E112880177178F79D6@Delta.sc.local>
References: <213B51F00051AE48A9F0E112880177178F79D6@Delta.sc.local>
Message-ID: <DD5B9412-DA26-46D6-AE08-A2517BA9A336@iki.fi>

On 5.6.2012, at 6.14, ???????? ????????? ?????????? wrote:

> - not quite sure if glusterfs is production ready solution 'cause I've experienced split-brains during setting it up

Last I've heard glusterfs causes corruption problems with Dovecot. You should try stress testing it with imaptest: http://imapwiki.org/ImapTest


From me at junc.org  Tue Jun  5 14:23:02 2012
From: me at junc.org (Benny Pedersen)
Date: Tue, 05 Jun 2012 13:23:02 +0200
Subject: [Dovecot] INBOX help needed, dovecot + squirrelmail
In-Reply-To: <20120605023319.7664B1298B0@aqua.rahul.net>
References: <20120605023319.7664B1298B0@aqua.rahul.net>
Message-ID: <f1790c125422e5455e6d0c39adf48c8d@junc.org>

Den 2012-06-05 04:33, jeep at rahul.net skrev:
> Im trying to figure out how to get dovecot to deliver to
> my mail_location (example: /opt/imapdata/j/jeff/INBOX/inbox)
> AND work with squirrelmail.  Ive worked on this for hours
> reading the docs etc with no luck so far.

namespace is set to "" in squirrelmail, but it must be "INBOX."

run conf.pl and fix it :=)




From devurandom at gmx.net  Tue Jun  5 14:35:18 2012
From: devurandom at gmx.net (Dennis Schridde)
Date: Tue, 05 Jun 2012 13:35:18 +0200
Subject: [Dovecot] dovecot-metadata-9 released
In-Reply-To: <4FCDD13B.5080204@bunbun.be>
References: <2115082.gk9Y8Dam5O@ernie> <4FCDD13B.5080204@bunbun.be>
Message-ID: <4102204.vJ4X8dIaYX@samson>

Hello Nick!

I am sorry - I forgot to mention that you need attached patch for dovecot.

Kind regards,
Dennis

Am Dienstag, 5. Juni 2012, 11:28:27 schrieb Nick Rosier:
> Hi Dennis,
> 
> I'm trying to compile the plugin on FreeBSD 9 with Dovecot 2.1.7 and get
> the following error:
> 
> libtool: compile:  gcc -std=gnu99 -DHAVE_CONFIG_H -I. -I..
> -I/usr/local/include/dovecot -g -O2 -MT mailbox-ext.lo -MD -MP -MF
> .deps/mailbox-ext.Tpo -c mailbox-ext.c  -fPIC -DPIC -o
> .libs/mailbox-ext.o mailbox-ext.c:25:19: error: missing binary operator
> before token "("
> mailbox-ext.c: In function 'mailbox_get_guid_string': mailbox-ext.c:32:
> error: 'MAIL_GUID_128_SIZE' undeclared (first use in this function)
> mailbox-ext.c:32: error: (Each undeclared identifier is reported only
> once mailbox-ext.c:32: error: for each function it appears in.)
> mailbox-ext.c:33: warning: implicit declaration of function
> 'mailbox_get_guid'
> *** Error code 1
> Stop in /root/work/dovecot-metadata-plugin-6fe39779d758/src. *** Error
> code 1
> 
> Removing DOVECOT_PREREQ and "forcing" to use the 2.1 definition fixes
> that (I couldn't find anywhere where that macro was defined).
> 
> Next I get another error, again caused by the DOVECOT_PREREQ:
> 
> libtool: compile:  gcc -std=gnu99 -DHAVE_CONFIG_H -I. -I..
> -I/usr/local/include/dovecot -g -O2 -MT imap-metadata-plugin.lo -MD -MP
> -MF .deps/imap-metadata-plugin.Tpo -c imap-metadata-plugin.c  -fPIC
> -DPIC -o .libs/imap-metadata-plugin.o
> imap-metadata-plugin.c: In function 'is_valid_rfc5464_entry_name':
> imap-metadata-plugin.c:162: warning: comparison is always false due to
> limited range of data type
> imap-metadata-plugin.c:513:19: error: missing binary operator before
> token "("
> imap-metadata-plugin.c: In function 'cmd_getmetadata':
> imap-metadata-plugin.c:516: warning: passing argument 2 of
> 'mail_namespace_find' from incompatible pointer type
> imap-metadata-plugin.c: In function 'setmetadata_helper':
> imap-metadata-plugin.c:596: warning: 'return' with a value, in function
> returning void
> imap-metadata-plugin.c:672:19: error: missing binary operator before
> token "("
> imap-metadata-plugin.c: In function 'cmd_setmetadata':
> imap-metadata-plugin.c:675: warning: passing argument 2 of
> 'mail_namespace_find' from incompatible pointer type
> *** Error code 1
> 
> Am I missing something on my system?
> 
> Rgds,
> N.
> 
> Dennis Schridde wrote:
> > Hello everyone!
> > 
> > I just released dovecot-metadata-8, which is an implementation of RFC 5464
> > (IMAP METADATA), allowing to add comments/annotations/metadata to folders
> > of an email account.
> > 
> > 2012-06-04: Version 9
> > 
> >   * Added Dovecot 2.1 compatibility
> >   * Fixed compliance with RFC 5464 Section 3.2
> >   * Separated backend code into library
> >   * Synced code of imap-annotatemore with imap-metadata
> >   * Improved error messages
> >   * Several bugfixes (incl. segfaults)
> >   * Minor cleanups
> > 
> > Please get the code from [1] and send me an email for any problem you
> > find.
> > 
> > For more information please refer to my email from Sun, 12 Jun 2011
> > 15:55:57 +0200 titled "dovecot-metadata-8 released".
> > 
> > Kind regards,
> > Dennis
> > 
> > [1] http://hg.dovecot.org/dovecot-metadata-plugin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: dovecot-2.1-b144c7d3bb67+4ee2e23710fb-dovecot-prereq.patch
Type: text/x-patch
Size: 2036 bytes
Desc: not available
URL: <http://dovecot.org/pipermail/dovecot/attachments/20120605/15b413e7/attachment.bin>

From pw at wk-serv.de  Tue Jun  5 15:03:14 2012
From: pw at wk-serv.de (Patrick Westenberg)
Date: Tue, 05 Jun 2012 14:03:14 +0200
Subject: [Dovecot] dsync backup doubles quota
Message-ID: <4FCDF582.5050004@wk-serv.de>

Hi everyone,

I recognized a very strange behavior when doing backups of my mdbox 
mailboxes. After the backup the quota for each mailbox is twice as much
as before the backup and I have to recalculate the quota to get the
former/correct information.

root at mb01:~# doveadm quota get -u test at example.com
User quota STORAGE   5 10240
User quota MESSAGE   11    -

root at mb01:~# doveadm backup -u test at example.com mdbox:/home/example.com/test

root at mb01:~# doveadm quota get -u test at example.com
User quota STORAGE    10 10240
User quota MESSAGE    22  -

root at mb01:~# doveadm quota get -u test at example.com

root at mb01:~# doveadm quota get -u test at example.com
User quota STORAGE     5 10240
User quota MESSAGE    11   -

Is this a bug or normal behavior?

Regards
Patrick

From ott at mirix.org  Tue Jun  5 15:27:30 2012
From: ott at mirix.org (Matthias-Christian Ott)
Date: Tue, 05 Jun 2012 14:27:30 +0200
Subject: [Dovecot] best practises for mail systems
In-Reply-To: <213B51F00051AE48A9F0E112880177178F79D6@Delta.sc.local>
References: <213B51F00051AE48A9F0E112880177178F79D6@Delta.sc.local>
Message-ID: <4FCDFB32.2080302@mirix.org>

On 2012-06-05 05:14, ???????? ????????? ?????????? wrote:
> On each host system we created one VM and passed through 3x2TB disks into it.
> 
>  
> 
> In guests vms on top of this disks we made XFS and fired up glusterfs with distributed replicated volumes for our mailstorage.
> 
> so it looks like this:
> 
>  
> 
> vm1    replicate     vm2
> 
> disk1 ------------> disk4
> 
> disk2 ------------> disk5
> 
> disk3 ------------> disk6
> 
>  
> 
> in each vm we mounted glusterfs and pointed dovecot to that dir for mail creation (as ltmp) and imap4 user access.
> 
> also we use exim as smtp.
> 
>  
> 
> So, with glusterfs as mailstorage we can go for LVS to load balancing for exim and dovecot.
> 
> so wherenever one of host systems (hence one of mail vms) goes down, users don't notice that 
> 
> 'cause LVS points them to working smtp and imap4 servers 
> 
> and they get their mail 'cause of glusterfs.
> [...]
> Cons:
> 
> - not quite sure if glusterfs is production ready solution 'cause I've experienced split-brains during setting it up
> 
> - IO performance issue. Though we didn't yet run any io tests, but glusterfs uses fuse to mount on clients. And guys on #gluster told me writing to the glusterfs mount will not be strictly local io.

I'm not familiar with LVS, but from the project description it seems
that you need a "front server" that does the load balancing, so you
either have to run at least two of these servers in parallel or add to
your cons that you introduced a single point of failure. But you
mentioned that you only have two servers, so you really can do this.

I would rather ensure high availability by running the two servers as
masters and using either IP address takeover or DNS failover (with
dynamic DNS) and either use Dovecot's replication (I haven't tested it
yet and I'm not sure what happens in case of IP address takeover) or a
file system that can handle these kinds of errors (e.g. Coda). You could
do load balancing via round-robin DNS. This only protects you against
the failure of single machine and because IMAP sessions are not
replicated between the servers, connections will get reset if one server
fails, but it's cost-effective and uses software that already exists.

Regards,
Matthias-Christian

From a.kostyrev at serverc.ru  Tue Jun  5 15:59:47 2012
From: a.kostyrev at serverc.ru (=?koi8-r?B?68/T1NnSxdcg4czFy9PBzsTSIOHMxcvTxcXXyd4=?=)
Date: Tue, 5 Jun 2012 23:59:47 +1100
Subject: [Dovecot] best practises for mail systems
In-Reply-To: <4FCDFB32.2080302@mirix.org>
References: <213B51F00051AE48A9F0E112880177178F79D6@Delta.sc.local>
	<4FCDFB32.2080302@mirix.org>
Message-ID: <213B51F00051AE48A9F0E112880177178F79DB@Delta.sc.local>

I think LVS is just fine and it is not a SPOF 'cause it is actually 2 servers:
active master --> and standby slave.
LVS supports real time replication of connections from master to slave,
so if master dies slave knows which IP was connected to which dovecot server.

I'm more worried about right design of mailstorage.. should I use some cluster fs with all mail of all users
or should I split mailstorage across servers and somehow avoid long downtime if one of servers goes down.


-----Original Message-----
From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On Behalf Of Matthias-Christian Ott
Sent: Tuesday, June 05, 2012 11:28 PM
To: dovecot at dovecot.org
Subject: Re: [Dovecot] best practises for mail systems

On 2012-06-05 05:14, ???????? ????????? ?????????? wrote:
> On each host system we created one VM and passed through 3x2TB disks into it.
> 
>  
> 
> In guests vms on top of this disks we made XFS and fired up glusterfs with distributed replicated volumes for our mailstorage.
> 
> so it looks like this:
> 
>  
> 
> vm1    replicate     vm2
> 
> disk1 ------------> disk4
> 
> disk2 ------------> disk5
> 
> disk3 ------------> disk6
> 
>  
> 
> in each vm we mounted glusterfs and pointed dovecot to that dir for mail creation (as ltmp) and imap4 user access.
> 
> also we use exim as smtp.
> 
>  
> 
> So, with glusterfs as mailstorage we can go for LVS to load balancing for exim and dovecot.
> 
> so wherenever one of host systems (hence one of mail vms) goes down, users don't notice that 
> 
> 'cause LVS points them to working smtp and imap4 servers 
> 
> and they get their mail 'cause of glusterfs.
> [...]
> Cons:
> 
> - not quite sure if glusterfs is production ready solution 'cause I've experienced split-brains during setting it up
> 
> - IO performance issue. Though we didn't yet run any io tests, but glusterfs uses fuse to mount on clients. And guys on #gluster told me writing to the glusterfs mount will not be strictly local io.

I'm not familiar with LVS, but from the project description it seems
that you need a "front server" that does the load balancing, so you
either have to run at least two of these servers in parallel or add to
your cons that you introduced a single point of failure. But you
mentioned that you only have two servers, so you really can do this.

I would rather ensure high availability by running the two servers as
masters and using either IP address takeover or DNS failover (with
dynamic DNS) and either use Dovecot's replication (I haven't tested it
yet and I'm not sure what happens in case of IP address takeover) or a
file system that can handle these kinds of errors (e.g. Coda). You could
do load balancing via round-robin DNS. This only protects you against
the failure of single machine and because IMAP sessions are not
replicated between the servers, connections will get reset if one server
fails, but it's cost-effective and uses software that already exists.

Regards,
Matthias-Christian

From sf.rique at gmail.com  Tue Jun  5 16:02:47 2012
From: sf.rique at gmail.com (Henrique Santos Fernandes)
Date: Tue, 5 Jun 2012 10:02:47 -0300
Subject: [Dovecot] best practises for mail systems
In-Reply-To: <213B51F00051AE48A9F0E112880177178F79DB@Delta.sc.local>
References: <213B51F00051AE48A9F0E112880177178F79D6@Delta.sc.local>
	<4FCDFB32.2080302@mirix.org>
	<213B51F00051AE48A9F0E112880177178F79DB@Delta.sc.local>
Message-ID: <CAJpZ0xXhYih1FRaVuN-anu9260pnPXVJ7PNRozh__P2PrNL5Yw@mail.gmail.com>

We once try to use similar solution as your first.

3 servers for LVS -HA

This master server redirect users for 2 or 3 dovecot backends..

The mail storage were maildir ontop of OCFS2

Our problem were that OCFS2 were too slow. We could not handle many users.

So we took an step back and now use only user one server.

But still thinking in go back to the first one. with LVS

When using LVS try to sticky user to the same backend, LVs can do ths by
source ip.

Where i work we have problens on testign storage. If you have any advices
for testing disk performance, i will be thankfull.

I wil be glad to answer anything else.

[]'sf.rique


On Tue, Jun 5, 2012 at 9:59 AM, ???????? ????????? ?????????? <
a.kostyrev at serverc.ru> wrote:

> I think LVS is just fine and it is not a SPOF 'cause it is actually 2
> servers:
> active master --> and standby slave.
> LVS supports real time replication of connections from master to slave,
> so if master dies slave knows which IP was connected to which dovecot
> server.
>
> I'm more worried about right design of mailstorage.. should I use some
> cluster fs with all mail of all users
> or should I split mailstorage across servers and somehow avoid long
> downtime if one of servers goes down.
>
>
> -----Original Message-----
> From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On
> Behalf Of Matthias-Christian Ott
> Sent: Tuesday, June 05, 2012 11:28 PM
> To: dovecot at dovecot.org
> Subject: Re: [Dovecot] best practises for mail systems
>
> On 2012-06-05 05:14, ???????? ????????? ?????????? wrote:
> > On each host system we created one VM and passed through 3x2TB disks
> into it.
> >
> >
> >
> > In guests vms on top of this disks we made XFS and fired up glusterfs
> with distributed replicated volumes for our mailstorage.
> >
> > so it looks like this:
> >
> >
> >
> > vm1    replicate     vm2
> >
> > disk1 ------------> disk4
> >
> > disk2 ------------> disk5
> >
> > disk3 ------------> disk6
> >
> >
> >
> > in each vm we mounted glusterfs and pointed dovecot to that dir for mail
> creation (as ltmp) and imap4 user access.
> >
> > also we use exim as smtp.
> >
> >
> >
> > So, with glusterfs as mailstorage we can go for LVS to load balancing
> for exim and dovecot.
> >
> > so wherenever one of host systems (hence one of mail vms) goes down,
> users don't notice that
> >
> > 'cause LVS points them to working smtp and imap4 servers
> >
> > and they get their mail 'cause of glusterfs.
> > [...]
> > Cons:
> >
> > - not quite sure if glusterfs is production ready solution 'cause I've
> experienced split-brains during setting it up
> >
> > - IO performance issue. Though we didn't yet run any io tests, but
> glusterfs uses fuse to mount on clients. And guys on #gluster told me
> writing to the glusterfs mount will not be strictly local io.
>
> I'm not familiar with LVS, but from the project description it seems
> that you need a "front server" that does the load balancing, so you
> either have to run at least two of these servers in parallel or add to
> your cons that you introduced a single point of failure. But you
> mentioned that you only have two servers, so you really can do this.
>
> I would rather ensure high availability by running the two servers as
> masters and using either IP address takeover or DNS failover (with
> dynamic DNS) and either use Dovecot's replication (I haven't tested it
> yet and I'm not sure what happens in case of IP address takeover) or a
> file system that can handle these kinds of errors (e.g. Coda). You could
> do load balancing via round-robin DNS. This only protects you against
> the failure of single machine and because IMAP sessions are not
> replicated between the servers, connections will get reset if one server
> fails, but it's cost-effective and uses software that already exists.
>
> Regards,
> Matthias-Christian
>

From jeep at rahul.net  Tue Jun  5 16:41:54 2012
From: jeep at rahul.net (Jeff Lacki)
Date: Tue, 05 Jun 2012 06:41:54 -0700
Subject: [Dovecot] INBOX help needed, dovecot + squirrelmail
In-Reply-To: <f1790c125422e5455e6d0c39adf48c8d@junc.org>
References: <20120605023319.7664B1298B0@aqua.rahul.net>
	<f1790c125422e5455e6d0c39adf48c8d@junc.org>
Message-ID: <20120605134154.2FBC616D400@maya.rahul.net>

Benny Pedersen <me at junc.org> wrote:

> Den 2012-06-05 04:33, jeep at rahul.net skrev:
> > Im trying to figure out how to get dovecot to deliver to
> > my mail_location (example: /opt/imapdata/j/jeff/INBOX/inbox)
> > AND work with squirrelmail.  Ive worked on this for hours
> > reading the docs etc with no luck so far.
>
> namespace is set to "" in squirrelmail, but it must be "INBOX."
>
> run conf.pl and fix it :=)
>
>

Thanks Benny.  I didnt see 'namespace' in my configure for squirrelmail 1.4.22,
but if you meant Folder Defaults->Default Folder Prefix = INBOX.

I just tried that and I still get:

Error: chdir(/opt/imapdata/j/jeff/INBOX/inbox) failed: Not a directory

Was that the setting you meant or was there another I missed?
Thanks

/mf/home/jeep/shell/.signature

From jeep at rahul.net  Tue Jun  5 18:03:22 2012
From: jeep at rahul.net (Jeff Lacki)
Date: Tue, 05 Jun 2012 08:03:22 -0700
Subject: [Dovecot] INBOX help needed, dovecot + squirrelmail
In-Reply-To: <20120605134154.2FBC616D400@maya.rahul.net>
References: <20120605023319.7664B1298B0@aqua.rahul.net>
	<f1790c125422e5455e6d0c39adf48c8d@junc.org>
	<20120605134154.2FBC616D400@maya.rahul.net>
Message-ID: <20120605150322.44ED616D414@maya.rahul.net>

jeep at rahul.net (Jeff Lacki) wrote:

> Thanks Benny.  I didnt see 'namespace' in my configure for squirrelmail 1.4.22,
> but if you meant Folder Defaults->Default Folder Prefix = INBOX.
>
> I just tried that and I still get:
>
> Error: chdir(/opt/imapdata/j/jeff/INBOX/inbox) failed: Not a directory
>
> Was that the setting you meant or was there another I missed?
> Thanks
>

Nevermind, I found the problem after your suggestion.
Turns out my DB was returning a home directory of:

/opt/imapdata/j/jeff/INBOX/inbox

from when I was playing with something earlier, that got me
past that issue, however I still dont know why its not
giving me maildir instead of mbox.

But thank you for helping me fix that issue!
Jeff
/mf/home/jeep/shell/.signature

From me at junc.org  Tue Jun  5 18:33:34 2012
From: me at junc.org (Benny Pedersen)
Date: Tue, 05 Jun 2012 17:33:34 +0200
Subject: [Dovecot] INBOX help needed, dovecot + squirrelmail
In-Reply-To: <20120605134154.2FBC616D400@maya.rahul.net>
References: <20120605023319.7664B1298B0@aqua.rahul.net>
	<f1790c125422e5455e6d0c39adf48c8d@junc.org>
	<20120605134154.2FBC616D400@maya.rahul.net>
Message-ID: <26bcc28cf6b7385e1326e2c8ec019448@junc.org>

Den 2012-06-05 15:41, jeep at rahul.net skrev:

> Error: chdir(/opt/imapdata/j/jeff/INBOX/inbox) failed: Not a 
> directory

this error is not squirrelmail :=)

# dovecot.conf
namespace:
   type: private
   inbox: yes
   list: yes
   subscriptions: yes

if you use sql auth in dovecot then the maildir must not end in / else 
it will be a mbox file

mail_location: maildir:/home/vmail/%d/%u/.maildir

~ must be set to mail_location: maildir:/home/vmail/%d/%u/ and the 
.maildir comes from sql concat if i remember my own setup :=)

squirrelmail will work without INBOX. but namespace in dovecot must 
math it



From andrei.michescu at miau.ca  Tue Jun  5 18:33:03 2012
From: andrei.michescu at miau.ca (Michescu Andrei)
Date: Tue, 5 Jun 2012 11:33:03 -0400
Subject: [Dovecot] [ Re:  best practises for mail systems]
Message-ID: <5f604e43b6b66676fc1e23b1c7c57afb.squirrel@web.miau.ca>

Hello,

If disk space and bandwidth are affordable (and from your setup it seems
that they are affordable as you have everything locally) I would split the
mail storage completely and use replication in between n-master servers
(n=2 for your case).

The replication is not yet fully tested, but Timo is actively working on
this feature.

The fear of lossing the imap session does not make sense (at least to me)
as the client will reconnect automatically in the background.

Like this you have no SPOF and no split-brain and you get the flexibility
(if needed) to geographically distribute your servers in the the future.

Keep each server with its own ip, connect to them via DNS (round robin etc
etc).

We are currently experimenting with a setup similar to this one, but with
geographically distributed servers (trans-continental) (bandwidth limited
and high cost).

Best regards,
Andrei

> We once try to use similar solution as your first.
>
> 3 servers for LVS -HA
>
> This master server redirect users for 2 or 3 dovecot backends..
>
> The mail storage were maildir ontop of OCFS2
>
> Our problem were that OCFS2 were too slow. We could not handle many users.
>
> So we took an step back and now use only user one server.
>
> But still thinking in go back to the first one. with LVS
>
> When using LVS try to sticky user to the same backend, LVs can do ths by
> source ip.
>
> Where i work we have problens on testign storage. If you have any advices
> for testing disk performance, i will be thankfull.
>
> I wil be glad to answer anything else.
>
> []'sf.rique
>
>
> On Tue, Jun 5, 2012 at 9:59 AM, ???????? ????????? ?????????? <
> a.kostyrev at serverc.ru> wrote:
>
>> I think LVS is just fine and it is not a SPOF 'cause it is actually 2
>> servers:
>> active master --> and standby slave.
>> LVS supports real time replication of connections from master to slave,
>> so if master dies slave knows which IP was connected to which dovecot
>> server.
>>
>> I'm more worried about right design of mailstorage.. should I use some
>> cluster fs with all mail of all users
>> or should I split mailstorage across servers and somehow avoid long
>> downtime if one of servers goes down.
>>
>>
>> -----Original Message-----
>> From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org]
>> On
>> Behalf Of Matthias-Christian Ott
>> Sent: Tuesday, June 05, 2012 11:28 PM
>> To: dovecot at dovecot.org
>> Subject: Re: [Dovecot] best practises for mail systems
>>
>> On 2012-06-05 05:14, ???????? ????????? ?????????? wrote:
>> > On each host system we created one VM and passed through 3x2TB disks
>> into it.
>> >
>> >
>> >
>> > In guests vms on top of this disks we made XFS and fired up glusterfs
>> with distributed replicated volumes for our mailstorage.
>> >
>> > so it looks like this:
>> >
>> >
>> >
>> > vm1    replicate     vm2
>> >
>> > disk1 ------------> disk4
>> >
>> > disk2 ------------> disk5
>> >
>> > disk3 ------------> disk6
>> >
>> >
>> >
>> > in each vm we mounted glusterfs and pointed dovecot to that dir for
>> mail
>> creation (as ltmp) and imap4 user access.
>> >
>> > also we use exim as smtp.
>> >
>> >
>> >
>> > So, with glusterfs as mailstorage we can go for LVS to load balancing
>> for exim and dovecot.
>> >
>> > so wherenever one of host systems (hence one of mail vms) goes down,
>> users don't notice that
>> >
>> > 'cause LVS points them to working smtp and imap4 servers
>> >
>> > and they get their mail 'cause of glusterfs.
>> > [...]
>> > Cons:
>> >
>> > - not quite sure if glusterfs is production ready solution 'cause I've
>> experienced split-brains during setting it up
>> >
>> > - IO performance issue. Though we didn't yet run any io tests, but
>> glusterfs uses fuse to mount on clients. And guys on #gluster told me
>> writing to the glusterfs mount will not be strictly local io.
>>
>> I'm not familiar with LVS, but from the project description it seems
>> that you need a "front server" that does the load balancing, so you
>> either have to run at least two of these servers in parallel or add to
>> your cons that you introduced a single point of failure. But you
>> mentioned that you only have two servers, so you really can do this.
>>
>> I would rather ensure high availability by running the two servers as
>> masters and using either IP address takeover or DNS failover (with
>> dynamic DNS) and either use Dovecot's replication (I haven't tested it
>> yet and I'm not sure what happens in case of IP address takeover) or a
>> file system that can handle these kinds of errors (e.g. Coda). You could
>> do load balancing via round-robin DNS. This only protects you against
>> the failure of single machine and because IMAP sessions are not
>> replicated between the servers, connections will get reset if one server
>> fails, but it's cost-effective and uses software that already exists.
>>
>> Regards,
>> Matthias-Christian
>>
>
>
> !DSPAM:4fce037e104291424646138!
>




From me at junc.org  Tue Jun  5 18:36:14 2012
From: me at junc.org (Benny Pedersen)
Date: Tue, 05 Jun 2012 17:36:14 +0200
Subject: [Dovecot] INBOX help needed, dovecot + squirrelmail
In-Reply-To: <20120605150322.44ED616D414@maya.rahul.net>
References: <20120605023319.7664B1298B0@aqua.rahul.net>
	<f1790c125422e5455e6d0c39adf48c8d@junc.org>
	<20120605134154.2FBC616D400@maya.rahul.net>
	<20120605150322.44ED616D414@maya.rahul.net>
Message-ID: <685aa8d8214058f45df1457c67f0acc5@junc.org>

Den 2012-06-05 17:03, jeep at rahul.net skrev:

> from when I was playing with something earlier, that got me
> past that issue, however I still dont know why its not
> giving me maildir instead of mbox.

remove last / in sql query auth path (concated here) dovecot have it 
well explained in wiki


From ghe at slsware.com  Tue Jun  5 18:38:49 2012
From: ghe at slsware.com (Glenn English)
Date: Tue, 5 Jun 2012 09:38:49 -0600
Subject: [Dovecot] auth trouble
In-Reply-To: <Pine.GSO.4.64.1206041936170.24178@nodomain>
References: <mailman.660.1338628819.3160.dovecot@dovecot.org>
	<Pine.GSO.4.64.1206041936170.24178@nodomain>
Message-ID: <DB69BBFB-5E98-43BF-B7EF-27DCEF4769DB@slsware.com>


On Jun 4, 2012, at 8:45 PM, Joseph Tam wrote:

> If dovecot-auth is getting input from a local socket, then rhost
> information is irrelevant since the host doing the asking is the server
> itself (maybe from another daemon connected to a remote host).

Thanks for the confirmation of my suspicions....

> Maybe someone is brute forcing your server's Postfix authenticated
> SMTP service since Postfix can be configured to use Dovecot's SASL
> authentication framework.

and for the suggestion -- I do have Postfix using Dovecot-Auth checking 
for SASL.

I think I'm going to re-install and run Tripwire...

-- 
Glenn English
hand-wrapped from my Apple Mail




From ott at mirix.org  Tue Jun  5 22:15:39 2012
From: ott at mirix.org (Matthias-Christian Ott)
Date: Tue, 05 Jun 2012 21:15:39 +0200
Subject: [Dovecot] [ Re:  best practises for mail systems]
In-Reply-To: <5f604e43b6b66676fc1e23b1c7c57afb.squirrel@web.miau.ca>
References: <5f604e43b6b66676fc1e23b1c7c57afb.squirrel@web.miau.ca>
Message-ID: <4FCE5ADB.8090208@mirix.org>

On 2012-06-05 17:33, Michescu Andrei wrote:
> The fear of lossing the imap session does not make sense (at least to me)
> as the client will reconnect automatically in the background.

I agree, in practice this is not an issue compared to the unavailability
of the service, but on longer IMAP sessions (e.g. transferring a big
file) the connection loss is noticeable.

> Like this you have no SPOF and no split-brain and you get the flexibility
> (if needed) to geographically distribute your servers in the the future.
> 
> Keep each server with its own ip, connect to them via DNS (round robin etc
> etc).

This depends on the resolver, operating systems and clients you want to
support, because I read that not all networks generate proper
ICMP/ICMPv6 Destination Unreachable messages and instead simple drop the
packets, so that the clients first try to connect to the failed server
until timeout and then connects to the second server. Since IMAP is a
stateful protocol the latency of the initial connect to the failed
server can be ignored, but if you want to eliminate this, you can use
dynamic DNS to automatically remove the corresponding RRs (depending on
your situation you need an external monitoring server for this to avoid
problems in case of net splits).

> We are currently experimenting with a setup similar to this one, but with
> geographically distributed servers (trans-continental) (bandwidth limited
> and high cost).

I also have some plans for a similar setup in the near future. Can you
share your results on the mailing list? I'm especially interested if
failover via DNS works in practice (I did some searches, but I'm not
fully convinced of it, but it seems quite simple compared to other
solutions).

Regards,
Matthias-Christian

From andrei.michescu at miau.ca  Tue Jun  5 23:33:25 2012
From: andrei.michescu at miau.ca (Michescu Andrei)
Date: Tue, 5 Jun 2012 16:33:25 -0400
Subject: [Dovecot] [ Re:  best practises for mail systems]
In-Reply-To: <4FCE5ADB.8090208@mirix.org>
References: <5f604e43b6b66676fc1e23b1c7c57afb.squirrel@web.miau.ca>
	<4FCE5ADB.8090208@mirix.org>
Message-ID: <c41bf59f57e1a7ea902194662e4a0973.squirrel@web.miau.ca>

Hello,

> I agree, in practice this is not an issue compared to the unavailability
> of the service, but on longer IMAP sessions (e.g. transferring a big
> file) the connection loss is noticeable.

It is noticeable for somebody that really waits for a large email. For the
standard user there is nothing visible because the synchronization starts
/ fails and starts again...

In corporate environment the servers are "close" and the network is
generally configured to have proper Destination Unreachable.

For road-warriors, the main concern is the uplink/downlink and generally
not the couple of seconds lost due to time-out.

For the DNS... use "fast-flux"-like configuration and any proper resolver
will behave correctly (at least in my experience).

For the road-warrior setup: DNS with geoip, and all locations with
split-dns (internally HA setup with failover on external locations).

Unfortunately the classical HA setup (with heart-beat monitor, update DNS
etc etc) it is not designed to be "internet-proof" (internet like in WAN).
The initial design of the internet was to be able to operate even when
significant segments are unavailable.

Picture the following scenario: master servers on each continent.
Catastrophic failure of the trans-continental network => 5 big
disconnected chunks of network fully functional. Any HA setup that I saw
will fail miserably. The simplest design with fully replicated masters
will continue to work.

Obviously planning for the scenario above is an overkill for most of the
companies out there. Once you trow in the advantage of have the emails
close to you anywhere where you go, then it starts making sense.

And you can top it up by segmenting you user base to replicate only the
users that are on the go, or are important enough.

As for the current status of the ideal implementation: waiting for Timo to
finalize the refactoring of dsync.

As a temporary solution: rsync replication with master-slave model (not
master-master).

This design makes sense to us, but I'm sure that it is under-optimal for
most other uses.

Andrei

>
>> Like this you have no SPOF and no split-brain and you get the
>> flexibility
>> (if needed) to geographically distribute your servers in the the future.
>>
>> Keep each server with its own ip, connect to them via DNS (round robin
>> etc
>> etc).
>
> This depends on the resolver, operating systems and clients you want to
> support, because I read that not all networks generate proper
> ICMP/ICMPv6 Destination Unreachable messages and instead simple drop the
> packets, so that the clients first try to connect to the failed server
> until timeout and then connects to the second server. Since IMAP is a
> stateful protocol the latency of the initial connect to the failed
> server can be ignored, but if you want to eliminate this, you can use
> dynamic DNS to automatically remove the corresponding RRs (depending on
> your situation you need an external monitoring server for this to avoid
> problems in case of net splits).
>
>> We are currently experimenting with a setup similar to this one, but
>> with
>> geographically distributed servers (trans-continental) (bandwidth
>> limited
>> and high cost).
>
> I also have some plans for a similar setup in the near future. Can you
> share your results on the mailing list? I'm especially interested if
> failover via DNS works in practice (I did some searches, but I'm not
> fully convinced of it, but it seems quite simple compared to other
> solutions).
>
> Regards,
> Matthias-Christian
>
> !DSPAM:4fce5ae0149132093961185!
>
>



From tss at iki.fi  Wed Jun  6 00:43:38 2012
From: tss at iki.fi (Timo Sirainen)
Date: Wed, 6 Jun 2012 00:43:38 +0300
Subject: [Dovecot] [ Re:  best practises for mail systems]
In-Reply-To: <c41bf59f57e1a7ea902194662e4a0973.squirrel@web.miau.ca>
References: <5f604e43b6b66676fc1e23b1c7c57afb.squirrel@web.miau.ca>
	<4FCE5ADB.8090208@mirix.org>
	<c41bf59f57e1a7ea902194662e4a0973.squirrel@web.miau.ca>
Message-ID: <C130702F-B502-4B85-BCD5-0FBCE433D144@iki.fi>

On 5.6.2012, at 23.33, Michescu Andrei wrote:

>> I agree, in practice this is not an issue compared to the unavailability
>> of the service, but on longer IMAP sessions (e.g. transferring a big
>> file) the connection loss is noticeable.
> 
> It is noticeable for somebody that really waits for a large email.

And there is actually some (any!) way this could be avoided?... One server dies, another continues sending the mail?

I have had some thoughts about transferring idling Dovecot connections between processes / servers so that clients wouldn't notice it, but I haven't even thought about moving active (long-running) connections.


From rob0 at gmx.co.uk  Wed Jun  6 00:53:25 2012
From: rob0 at gmx.co.uk (/dev/rob0)
Date: Tue, 5 Jun 2012 16:53:25 -0500
Subject: [Dovecot] auth trouble
In-Reply-To: <DB69BBFB-5E98-43BF-B7EF-27DCEF4769DB@slsware.com>
References: <mailman.660.1338628819.3160.dovecot@dovecot.org>
	<Pine.GSO.4.64.1206041936170.24178@nodomain>
	<DB69BBFB-5E98-43BF-B7EF-27DCEF4769DB@slsware.com>
Message-ID: <20120605215325.GC3672@harrier.slackbuilds.org>

On Tue, Jun 05, 2012 at 09:38:49AM -0600, Glenn English wrote:
> On Jun 4, 2012, at 8:45 PM, Joseph Tam wrote:
> > If dovecot-auth is getting input from a local socket, then rhost 
> > information is irrelevant since the host doing the asking is the 
> > server itself (maybe from another daemon connected to a remote 
> > host).
> 
> Thanks for the confirmation of my suspicions....

What suspicions were confirmed?

> > Maybe someone is brute forcing your server's Postfix 
> > authenticated SMTP service since Postfix can be configured to
> > use Dovecot's SASL authentication framework.

And these brute force attempts would be logged, each one.

> and for the suggestion -- I do have Postfix using Dovecot-Auth 
> checking for SASL.
> 
> I think I'm going to re-install and run Tripwire...

I think you are overreacting.
-- 
  http://rob0.nodns4.us/ -- system administration and consulting
  Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:

From jtam.home at gmail.com  Wed Jun  6 01:21:51 2012
From: jtam.home at gmail.com (Joseph Tam)
Date: Tue, 5 Jun 2012 15:21:51 -0700 (PDT)
Subject: [Dovecot] auth trouble
In-Reply-To: <mailman.739.1338932626.3160.dovecot@dovecot.org>
References: <mailman.739.1338932626.3160.dovecot@dovecot.org>
Message-ID: <Pine.GSO.4.64.1206051502370.25377@nodomain>


Glenn English wrote:

>> Maybe someone is brute forcing your server's Postfix authenticated
>> SMTP service since Postfix can be configured to use Dovecot's SASL
>> authentication framework.
>
> and for the suggestion -- I do have Postfix using Dovecot-Auth checking
> for SASL.
>
> I think I'm going to re-install and run Tripwire...

Tripwire?  If the purpose of your query is to automate blocking of brute
forcers, this software is not what you want (which detects tampering of
critical system files).

I suggest trying to find where Postfix failed login reports go, then use
your fail2ban or what-have-you to detect and block hosts that repeatedly
fail authentication.

 	(First Google hit I did on this subject)
 	http://scottlinux.com/2011/05/26/prevent-postfix-brute-force/

The log entries might look like

 	{timestamp} {servername} postfix/smtpd[{pid}]: lost connection after AUTH
 		from {remote-hostname}[{remote-ip}]

Joseph Tam <jtam.home at gmail.com>

From ghe at slsware.com  Wed Jun  6 02:08:07 2012
From: ghe at slsware.com (Glenn English)
Date: Tue, 5 Jun 2012 17:08:07 -0600
Subject: [Dovecot] auth trouble
In-Reply-To: <20120605215325.GC3672@harrier.slackbuilds.org>
References: <mailman.660.1338628819.3160.dovecot@dovecot.org>
	<Pine.GSO.4.64.1206041936170.24178@nodomain>
	<DB69BBFB-5E98-43BF-B7EF-27DCEF4769DB@slsware.com>
	<20120605215325.GC3672@harrier.slackbuilds.org>
Message-ID: <4087ECCF-8C69-4888-8CD9-44566A256F92@slsware.com>


On Jun 5, 2012, at 3:53 PM, /dev/rob0 wrote:

> What suspicions were confirmed?

At first I thought that somebody was TCP'ing in and somehow 
turning off the remote IP in the log so I couldn't block it. 
Then an answer from another mailing list, and a little thinking, 
made it occur to me that maybe my server had been penetrated.

> And these brute force attempts would be logged, each one.

They are, with no rhost. And there are other brute force attempts 
that *do* have IPs.

> I think you are overreacting.

I really hope so. What's your thinking? Have you seen this before? 
And most important: what is it, how does it work, and how do I get 
rid of it and keep it from coming back?

-- 
Glenn English
hand-wrapped from my Apple Mail




From achekalin at lazurit.com  Wed Jun  6 08:40:43 2012
From: achekalin at lazurit.com (Alexander Chekalin)
Date: Wed, 06 Jun 2012 08:40:43 +0300
Subject: [Dovecot] [ Re:  best practises for mail systems]
In-Reply-To: <c41bf59f57e1a7ea902194662e4a0973.squirrel@web.miau.ca>
References: <5f604e43b6b66676fc1e23b1c7c57afb.squirrel@web.miau.ca>
	<4FCE5ADB.8090208@mirix.org>
	<c41bf59f57e1a7ea902194662e4a0973.squirrel@web.miau.ca>
Message-ID: <4FCEED5B.90105@lazurit.com>

05.06.2012 23:33, Michescu Andrei ???????:
> Picture the following scenario: master servers on each continent.
> Catastrophic failure of the trans-continental network =>  5 big
> disconnected chunks of network fully functional. Any HA setup that I saw
> will fail miserably. The simplest design with fully replicated masters
> will continue to work.

Dispute the original topic, I'd say this looks like a good service idea, 
as many company may pay for such a service if it can be set up 
specifically for their needs (routing, logs, backups, redirections).

Gmail (and other big guys like them) won't be that fine-tunable (having 
point to service many customers with the same type of control), and 
companies sometime just won't deal with such a Big Brother to store 
their corporate mail due to internal regulations (read - 'corporate 
paranoia').

But the replication between "points of presence" (5 big datacenters, one 
per continent, won't be good topology) will be painful and we easily 
face split-brain situation, whichever replicaton scheme I can imagine.

Yours,
   Alexander


From joseba.torre at ehu.es  Wed Jun  6 16:01:19 2012
From: joseba.torre at ehu.es (Joseba Torre)
Date: Wed, 06 Jun 2012 15:01:19 +0200
Subject: [Dovecot] Director problems
Message-ID: <4FCF549F.70404@ehu.es>

Hi,

I've just setup a testing enviroment for director, and it's not working 
as expected. I have just 1 director (called director) and 2 dovecot 
servers (dovecot1 and dovecot2); these are exact copies.

First problem: when both dovecot servers are up, every imap connection 
is redirected to the same server as you can see here:

$ sudo doveadm director map
user                                          mail server ip expire time 

<unknown>                                     158.227.4.186  2012-06-06 
13:34:12
<unknown>                                     158.227.4.186  2012-06-06 
13:34:27
<unknown>                                     158.227.4.186  2012-06-06 
13:34:34

(I don't know if that <unknown> is good or not)

I've tried with 3 different users and ips to no change, users are always 
directed to the same host.

Second problem: if I try to add/remove/modify one of the dovecot 
servers, the output of doveadm director map/status seems to be ok, but 
any new user connection fails with this log:

Jun  6 14:51:59 director dovecot: director: Warning: Delaying new user 
requests until ring is synced
Jun  6 14:52:27 director dovecot: director: Error: director: User test1 
host lookup failed: Timeout - queued for 30 secs (Ring not synced for 73 
secs)
Jun  6 14:52:31 director dovecot: imap-login: Aborted login (auth 
failed, 1 attempts in 34 secs): user=<>, method=PLAIN, 
rip=158.227.4.186, lip=158.227.4.185, TLS, session=<Oyx9O83B/wCe4wS6>

Any clue?

This is the dovecot config -n output:

# 2.1.7: /usr/local/etc/dovecot/dovecot.conf
# OS: Linux 2.6.32-220.17.1.el6.x86_64 x86_64 Red Hat Enterprise Linux 
Server release 6.2 (Santiago)
director_mail_servers = dovecot1.example dovecot2.example
director_servers = director.example
lmtp_proxy = yes
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope 
encoded-character vacation subaddress comparator-i;ascii-numeric 
relational regex imap4flags copy include variables body enotify 
environment mailbox date ihave
passdb {
   args = proxy=y nopassword=y starttls=any-cert
   driver = static
}
service auth {
   unix_listener auth-userdb {
     group = mail
     mode = 0660
     user = dovecot
   }
}
service director {
   fifo_listener login/proxy-notify {
     mode = 0666
   }
   inet_listener {
     port = 9090
   }
   unix_listener director-userdb {
     mode = 0600
   }
   unix_listener login/director {
     mode = 0666
   }
}
service imap-login {
   executable = imap-login director
   service_count = 0
}
service lmtp {
   client_limit = 1
   inet_listener lmtp {
     port = 24
   }
   unix_listener /var/lib/dovecot/lmtp-socket {
     group = root
     mode = 0600
     user = root
   }
}
service pop3-login {
   executable = pop3-login director
   service_count = 0
}
service pop3 {
   process_limit = 5000
}
shutdown_clients = no
ssl_cert = </etc/ssl/private/dovecot.pem
ssl_key = </etc/ssl/private/dovecot.pem
userdb {
   driver = passwd
}
verbose_proctitle = yes
version_ignore = yes
protocol lmtp {
   auth_socket_path = director-userdb
}
protocol imap {
   mail_max_userip_connections = 100
}

From nick+dovecot at bunbun.be  Wed Jun  6 16:54:54 2012
From: nick+dovecot at bunbun.be (Nick Rosier)
Date: Wed, 06 Jun 2012 15:54:54 +0200
Subject: [Dovecot] dovecot-metadata-9 released
In-Reply-To: <4102204.vJ4X8dIaYX@samson>
References: <2115082.gk9Y8Dam5O@ernie> <4FCDD13B.5080204@bunbun.be>
	<4102204.vJ4X8dIaYX@samson>
Message-ID: <4FCF612E.4060303@bunbun.be>

Hi Dennis,

This fixed the problem. Thanks!

Rgds,
N.

Dennis Schridde wrote:
> Hello Nick!
>
> I am sorry - I forgot to mention that you need attached patch for dovecot.
>
> Kind regards,
> Dennis
>
> Am Dienstag, 5. Juni 2012, 11:28:27 schrieb Nick Rosier:
>> Hi Dennis,
>>
>> I'm trying to compile the plugin on FreeBSD 9 with Dovecot 2.1.7 and get
>> the following error:
>>
>> libtool: compile:  gcc -std=gnu99 -DHAVE_CONFIG_H -I. -I..
>> -I/usr/local/include/dovecot -g -O2 -MT mailbox-ext.lo -MD -MP -MF
>> .deps/mailbox-ext.Tpo -c mailbox-ext.c  -fPIC -DPIC -o
>> .libs/mailbox-ext.o mailbox-ext.c:25:19: error: missing binary operator
>> before token "("
>> mailbox-ext.c: In function 'mailbox_get_guid_string': mailbox-ext.c:32:
>> error: 'MAIL_GUID_128_SIZE' undeclared (first use in this function)
>> mailbox-ext.c:32: error: (Each undeclared identifier is reported only
>> once mailbox-ext.c:32: error: for each function it appears in.)
>> mailbox-ext.c:33: warning: implicit declaration of function
>> 'mailbox_get_guid'
>> *** Error code 1
>> Stop in /root/work/dovecot-metadata-plugin-6fe39779d758/src. *** Error
>> code 1
>>
>> Removing DOVECOT_PREREQ and "forcing" to use the 2.1 definition fixes
>> that (I couldn't find anywhere where that macro was defined).
>>
>> Next I get another error, again caused by the DOVECOT_PREREQ:
>>
>> libtool: compile:  gcc -std=gnu99 -DHAVE_CONFIG_H -I. -I..
>> -I/usr/local/include/dovecot -g -O2 -MT imap-metadata-plugin.lo -MD -MP
>> -MF .deps/imap-metadata-plugin.Tpo -c imap-metadata-plugin.c  -fPIC
>> -DPIC -o .libs/imap-metadata-plugin.o
>> imap-metadata-plugin.c: In function 'is_valid_rfc5464_entry_name':
>> imap-metadata-plugin.c:162: warning: comparison is always false due to
>> limited range of data type
>> imap-metadata-plugin.c:513:19: error: missing binary operator before
>> token "("
>> imap-metadata-plugin.c: In function 'cmd_getmetadata':
>> imap-metadata-plugin.c:516: warning: passing argument 2 of
>> 'mail_namespace_find' from incompatible pointer type
>> imap-metadata-plugin.c: In function 'setmetadata_helper':
>> imap-metadata-plugin.c:596: warning: 'return' with a value, in function
>> returning void
>> imap-metadata-plugin.c:672:19: error: missing binary operator before
>> token "("
>> imap-metadata-plugin.c: In function 'cmd_setmetadata':
>> imap-metadata-plugin.c:675: warning: passing argument 2 of
>> 'mail_namespace_find' from incompatible pointer type
>> *** Error code 1
>>
>> Am I missing something on my system?
>>
>> Rgds,
>> N.
>>
>> Dennis Schridde wrote:
>>> Hello everyone!
>>>
>>> I just released dovecot-metadata-8, which is an implementation of RFC 5464
>>> (IMAP METADATA), allowing to add comments/annotations/metadata to folders
>>> of an email account.
>>>
>>> 2012-06-04: Version 9
>>>
>>>    * Added Dovecot 2.1 compatibility
>>>    * Fixed compliance with RFC 5464 Section 3.2
>>>    * Separated backend code into library
>>>    * Synced code of imap-annotatemore with imap-metadata
>>>    * Improved error messages
>>>    * Several bugfixes (incl. segfaults)
>>>    * Minor cleanups
>>>
>>> Please get the code from [1] and send me an email for any problem you
>>> find.
>>>
>>> For more information please refer to my email from Sun, 12 Jun 2011
>>> 15:55:57 +0200 titled "dovecot-metadata-8 released".
>>>
>>> Kind regards,
>>> Dennis
>>>
>>> [1] http://hg.dovecot.org/dovecot-metadata-plugin

From mm at msfree.org  Wed Jun  6 17:47:59 2012
From: mm at msfree.org (Marco)
Date: Wed, 6 Jun 2012 07:47:59 -0700 (PDT)
Subject: [Dovecot] No ports listening
Message-ID: <20120606144801.C218C1AE876B@dovecot.org>

Please forgive my newbie post but this has me stumped.  I've been a happy
Dovecot 0.X and 1.X admin for years but something in my first 2.X
configuration is oddly broken.  It loads fine, logs no errors, but
doesn't listen to any network ports!  Thanks in advance for any help.

Marco


  # 2.0.19: /etc/dovecot/dovecot.conf
  # OS: Linux 2.6.35.14 x86_64 Ubuntu 10.10 ext4
  auth_debug = yes
  auth_mechanisms = plain login
  first_valid_gid = 111
  first_valid_uid = 111
  login_greeting = example.com pop/imap ready
  mail_location = mbox:/var/mail/%u.imap:INBOX=/var/mail/%u
  passdb {
    args = scheme=CRYPT username_format=%u /etc/dovecot/users
    driver = passwd-file
  }
  service auth {
    unix_listener /var/spool/postfix/private/auth {
      group = postfix
      mode = 0660
      user = postfix
    }
    unix_listener auth-master {
      mode = 0666
    }
  }
  service imap-login {
    inet_listener imap {
      address = *
      port = 143
    }
    inet_listener imaps {
      address = *
      port = 993
    }
    process_limit = 50
  }
  service pop3-login {
    inet_listener pop3 {
      address = *
      port = 110
    }
    inet_listener pop3s {
      address = *
      port = 995
    }
    process_limit = 50
  }
  ssl_cert = </etc/ssl/mail.example.com.crt
  ssl_key = </etc/ssl/mail.example.com.key
  syslog_facility = local0
  userdb {
    args = username_format=%u /etc/dovecot/users
    driver = passwd-file
  }
  valid_chroot_dirs = /var/mail
  verbose_proctitle = yes
  verbose_ssl = yes
  protocol lda {
    postmaster_address = postmaster at example.com
  }

From janfrode at tanso.net  Wed Jun  6 18:05:16 2012
From: janfrode at tanso.net (Jan-Frode Myklebust)
Date: Wed, 6 Jun 2012 17:05:16 +0200
Subject: [Dovecot] best practises for mail systems
In-Reply-To: <213B51F00051AE48A9F0E112880177178F79DB@Delta.sc.local>
References: <213B51F00051AE48A9F0E112880177178F79D6@Delta.sc.local>
	<4FCDFB32.2080302@mirix.org>
	<213B51F00051AE48A9F0E112880177178F79DB@Delta.sc.local>
Message-ID: <20120606150516.GA27555@dibs.tanso.net>

On Tue, Jun 05, 2012 at 11:59:47PM +1100, ???????? ????????? ?????????? wrote:
> 
> I'm more worried about right design of mailstorage.. should I use some cluster fs with all mail of all users
> or should I split mailstorage across servers and somehow avoid long downtime if one of servers goes down.

A clusterfs gives you active/active high availability and balanced
distribution of users over your servers, at the cost of somewhat
degraded I/O performance all the time. If a single node will be able
to serve your load, I think it's much more sensible to create a
passive/standby availability solution based on a local filesystem (XFS).

If you need to split your mailstorage across servers, you can do
active/standby server pairs -- but then it gets difficult to balance
your users over your servers, and you *might* want to cheat and use a
clusterfs instead..


  -jf

From andrei.michescu at miau.ca  Wed Jun  6 18:22:05 2012
From: andrei.michescu at miau.ca (Michescu Andrei)
Date: Wed, 6 Jun 2012 11:22:05 -0400
Subject: [Dovecot] [ Re:  best practises for mail systems]
In-Reply-To: <4FCEED5B.90105@lazurit.com>
References: <5f604e43b6b66676fc1e23b1c7c57afb.squirrel@web.miau.ca>
	<4FCE5ADB.8090208@mirix.org>
	<c41bf59f57e1a7ea902194662e4a0973.squirrel@web.miau.ca>
	<4FCEED5B.90105@lazurit.com>
Message-ID: <6ce224c850798d4551d678fdd4b13b78.squirrel@web.miau.ca>

Hello Alexander,
>
> But the replication between "points of presence" (5 big datacenters, one
> per continent, won't be good topology) will be painful and we easily
> face split-brain situation, whichever replication scheme I can imagine.

The split-brain is indeed the biggest problem of common replication
schema. But IMAP was designed to work in disconnected mode most of the
time and have only quick synchronizations.

So by design IMAP standard works in master-master models.

Getting back to the above picture (catastrophic failure of all the
transcontinental links): one synchronizes his laptop in Europe (EU),
crosses the ocean to North America (NA) and synchronizes again his laptop.
In this moment all the changes on the EU hub up to the point of last
synchronization are merged into the NA hub. This is the beauty of IMAP.

The biggest challenge on the the above scenario is the post-catastrophic
synchronization which would move huge amounts of data across the links.

Best wishes,
Andrei

> Yours,
>    Alexander
>
>
> !DSPAM:4fceed61217344232183410!
>
>



From andrei.michescu at miau.ca  Wed Jun  6 18:27:29 2012
From: andrei.michescu at miau.ca (Michescu Andrei)
Date: Wed, 6 Jun 2012 11:27:29 -0400
Subject: [Dovecot] [ Re:  best practises for mail systems]
In-Reply-To: <C130702F-B502-4B85-BCD5-0FBCE433D144@iki.fi>
References: <5f604e43b6b66676fc1e23b1c7c57afb.squirrel@web.miau.ca>
	<4FCE5ADB.8090208@mirix.org>
	<c41bf59f57e1a7ea902194662e4a0973.squirrel@web.miau.ca>
	<C130702F-B502-4B85-BCD5-0FBCE433D144@iki.fi>
Message-ID: <97ebe4043a16aa82e668e24202d3892d.squirrel@web.miau.ca>

Hello Timo,

>
> And there is actually some (any!) way this could be avoided?... One server
> dies, another continues sending the mail?
>
> I have had some thoughts about transferring idling Dovecot connections
> between processes / servers so that clients wouldn't notice it, but I
> haven't even thought about moving active (long-running) connections.
>

Here it is to be researched if this is specified in the IMAP standard (if
there any RFC that mentions this?), or if we propose a new RFC with such
an extension.

Until there is an RFC, even if you implement such a feature, there will be
no clients out there that will support it.

A good start, if there is no RFC, is the http protocol, that has
implemented the resume option. Like this you could even support parallel
download from couple of imap servers that are synchronized, getting from
each a small chunk (BitTorrent like with the seeds list being set to only
the servers).

Best regards,
Andrei


From jaldeguer at safnow.org  Wed Jun  6 19:19:41 2012
From: jaldeguer at safnow.org (Joe V Aldeguer)
Date: Wed, 6 Jun 2012 12:19:41 -0400
Subject: [Dovecot] Email auto purging applied to all mail folders
Message-ID: <sig.1504b152e9.60B9A1AA-CCC3-4524-A36B-F90FBE08A747@safnow.org>

Hello,

Is it possible to have this done not only for spam and trash folder but lets say like the user inbox and any user created mail folders too?  My ultimate goal is to have a way to automate the email deletion process of emails stored in the user inbox or mail folders when it reaches a specified date.  My boss wants to force users to keep emails only a month old anything beyond that will be deleted.  Has anyone done this using dovecot and are there any guides available?  I am also open to suggestions for commercial solutions but so far searching online for solutions only comes up with email archiving. 

The dovecot version I have installed is version 2.0.19.

Thanks in advance.

- Joe





From lists at wildgooses.com  Thu Jun  7 00:59:57 2012
From: lists at wildgooses.com (Ed W)
Date: Wed, 06 Jun 2012 22:59:57 +0100
Subject: [Dovecot] Can we know when a user read our email?
In-Reply-To: <4FCCC2D9.3010209@thelounge.net>
References: <CAAJD-mAcEqzJcHYODkReWn6BuzV3B8c3MPE+ceWmtWqCDdmBuQ@mail.gmail.com>
	<1337013487.4384.58.camel@innu>
	<4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org>
	<4FCB23BF.20300@wildgooses.com>
	<4FCB6AA7.4050200@Media-Brokers.com>
	<4FCCB9E3.3060702@wildgooses.com> <4FCCC2D9.3010209@thelounge.net>
Message-ID: <4FCFD2DD.7030109@wildgooses.com>

On 04/06/2012 15:14, Reindl Harald wrote:
>
> Am 04.06.2012 15:36, schrieb Ed W:
>>> Then tell them their only option is to buy Exchange Server and Outlook for everyone - but explain that this
>>> 'feature' *still* will not work for recipients that are outside of your control (ie, it will only work for local
>>> recipients - and I *think* it is possible to set up Trusts with other external Exchange Servers, but not sure,
>>> and if it does, it requires the explicit cooperation of the other systems admin).
>>>
>>> Bottom line: do NOT promise the impossible to a client just to win the business. It is a losing proposition, as
>>> you are beginning to see...
>>>
>> We run small ISP selling mail accounts to customers.  *our customers* want to
>> voluntarily tell senders when they have downloaded an email via POP.
> and the sender for sure wants this too for every single message?
> i doubt not
>

I'm not sure why this is so hard to believe.  There is literally a class 
of customers that have a specification which says that there must be a 
notification sent back to the sender whenever they download their 
emails.  I cannot currently bid for their business.

A spec is a spec - either you can meet the spec or you can't bid for the 
business...

Ed W

From fxmulder at gmail.com  Thu Jun  7 01:07:36 2012
From: fxmulder at gmail.com (James Devine)
Date: Wed, 6 Jun 2012 16:07:36 -0600
Subject: [Dovecot] Dovecot over NFS
Message-ID: <CAPmoJaOJz0mmoGQmmpB4es-YPwmBTArLHXMo=cRx2RFjv6krPw@mail.gmail.com>

I'm playing with running dovecot over NFS and I am running into some
issues.  I have followed the guide at  http://wiki2.dovecot.org/NFS and my
setup includes 1 nfs server and 1 client running postfix/dovecot.  In
testing I am running postal via the command:

postal -t 10 -c 10 localhost users399

The test file has a list of 399 users to deliver to.  I've provided a
sample of the errors I'm receiving and my configuration below, I am running
dovecot 2.0.19.  Any idea what I might be doing wrong and what I might do
to resolve it?  My ultimate goal is to setup multiple clients with director
so each user is still handled on a single machine, however with a single
machine I still seem to be having issues.





Here is a sample of some of the errors I'm seeing:

Jun  6 15:55:12 test-gluster-client1 dovecot: lmtp(12072, testuser130):
Error: mdbox /mnt/testuser130/mdbox/mailboxes/INBOX/dbox-Mails: Invalid
dbox header size: 0
Jun  6 15:55:12 test-gluster-client1 dovecot: lmtp(11999, testuser99):
Error: Log synchronization error at seq=2,offset=556 for
/mnt/testuser99/mdbox/storage/dovecot.map.index: Append with UID 2, but
next_uid = 3
Jun  6 15:55:14 test-gluster-client1 dovecot: lmtp(12047, testuser41):
Error: mdbox /mnt/testuser41/mdbox/mailboxes/INBOX/dbox-Mails: Invalid dbox
header size: 0
Jun  6 15:55:18 test-gluster-client1 dovecot: lmtp(12133, testuser138):
Error: Log synchronization error at seq=2,offset=556 for
/mnt/testuser138/mdbox/storage/dovecot.map.index: Append with UID 2, but
next_uid = 3
Jun  6 15:55:19 test-gluster-client1 dovecot: lmtp(12076, testuser217):
Error: mdbox /mnt/testuser217/mdbox/mailboxes/INBOX/dbox-Mails: Invalid
dbox header size: 0
Jun  6 15:55:19 test-gluster-client1 dovecot: lmtp(12047, testuser41):
Error: mdbox /mnt/testuser41/mdbox/mailboxes/INBOX/dbox-Mails: Invalid dbox
header size: 0
Jun  6 15:55:23 test-gluster-client1 dovecot: lmtp(11985, testuser166):
Error: mdbox /mnt/testuser166/mdbox/mailboxes/INBOX/dbox-Mails: Invalid
dbox header size: 0
Jun  6 15:55:23 test-gluster-client1 dovecot: lmtp(12072, testuser130):
Error: Log synchronization error at seq=2,offset=204 for
/mnt/testuser130/mdbox/mailboxes/INBOX/dbox-Mails/dovecot.index:
uid_validity updated unexpectedly: 1339019655 -> 1339019656
Jun  6 15:55:23 test-gluster-client1 dovecot: lmtp(11928, testuser130):
Error: Log synchronization error at seq=2,offset=204 for
/mnt/testuser130/mdbox/mailboxes/INBOX/dbox-Mails/dovecot.index:
uid_validity updated unexpectedly: 1339019655 -> 1339019656
Jun  6 15:55:24 test-gluster-client1 dovecot: lmtp(11954, testuser192):
Error: mdbox /mnt/testuser192/mdbox/mailboxes/INBOX/dbox-Mails: Invalid
dbox header size: 0
Jun  6 15:55:24 test-gluster-client1 dovecot: lmtp(12130, testuser128):
Error: mdbox /mnt/testuser128/mdbox/mailboxes/INBOX/dbox-Mails: Invalid
dbox header size: 0
Jun  6 15:55:27 test-gluster-client1 dovecot: lmtp(12076, testuser217):
Error: mdbox /mnt/testuser217/mdbox/mailboxes/INBOX/dbox-Mails: Invalid
dbox header size: 0
Jun  6 15:55:27 test-gluster-client1 dovecot: lmtp(12211, testuser60):
Error: mdbox /mnt/testuser60/mdbox/mailboxes/INBOX/dbox-Mails: Invalid dbox
header size: 0
Jun  6 15:55:27 test-gluster-client1 dovecot: lmtp(12112, testuser190):
Error: mdbox /mnt/testuser190/mdbox/mailboxes/INBOX/dbox-Mails: Invalid
dbox header size: 0
Jun  6 15:55:27 test-gluster-client1 dovecot: lmtp(12047, testuser41):
Error: Log synchronization error at seq=2,offset=204 for
/mnt/testuser41/mdbox/mailboxes/INBOX/dbox-Mails/dovecot.index:
uid_validity updated unexpectedly: 1339019658 -> 1339019659
Jun  6 15:55:27 test-gluster-client1 dovecot: lmtp(11937, testuser41):
Error: Log synchronization error at seq=2,offset=204 for
/mnt/testuser41/mdbox/mailboxes/INBOX/dbox-Mails/dovecot.index:
uid_validity updated unexpectedly: 1339019658 -> 1339019659
Jun  6 15:55:28 test-gluster-client1 dovecot: lmtp(11985, testuser166):
Error: mdbox /mnt/testuser166/mdbox/mailboxes/INBOX/dbox-Mails: Invalid
dbox header size: 0
Jun  6 15:55:30 test-gluster-client1 dovecot: lmtp(12130, testuser128):
Error: mdbox /mnt/testuser128/mdbox/mailboxes/INBOX/dbox-Mails: Invalid
dbox header size: 0






My dovecot config is:

auth_debug = yes
auth_debug_passwords = yes
auth_username_format = %Ln
auth_verbose = yes
base_dir = /var/run/dovecot-service/
disable_plaintext_auth = no
instance_name = dovecot-service
mail_debug = yes
mail_fsync = always
mail_location = mdbox:~/mdbox
mail_nfs_index = yes
mail_nfs_storage = yes
mail_plugins = quota
mdbox_rotate_size = 16 M
mmap_disable = yes
passdb {
  driver = pam
}
plugin {
  quota = dict:User quota::file:%h/mdbox/dovecot-quota
}
protocols = " imap lmtp pop3"
service auth {
  unix_listener auth-userdb {
    group = postfix
    mode = 0666
    user = postfix
  }
}
service imap-login {
  inet_listener imap {
    port = 10143
  }
}
service lmtp {
  inet_listener lmtp {
    port = 10024
  }
}
service pop3-login {
  inet_listener pop3 {
    port = 10110
  }
}
ssl = no
ssl_cert = </etc/ssl/certs/dovecot.pem
ssl_key = </etc/ssl/private/dovecot.pem
userdb {
  driver = passwd
}

From root at yuma.acns.colostate.edu  Wed Jun  6 23:27:46 2012
From: root at yuma.acns.colostate.edu (root at yuma.acns.colostate.edu)
Date: Wed, 6 Jun 2012 14:27:46 -0600 (MDT)
Subject: [Dovecot] Dovecot 1.x on AIX -> Dovecot 2.x on Ubuntu
Message-ID: <Pine.A41.4.58.1206061423300.62752@yuma.acns.colostate.edu>

We are working on migrating Dovecot 1.2.17 running on AIX 5.3 (believe it
or not!) to Dovecot 2.0.13 running on Ubuntu.  We have hundreds of users
mboxes we will be migrating.  My question is regarding the index files.
Should we remove those after the migration, but before we open it up to
users so Dovecot can create new ones?

I did a test migration of a single user, and Dovecot detects the
architecture change and put out some panic errors, corrupt files and
backtrace messages in syslog on Ubuntu.  The messages are shown below.  If
every user is going to generate these types of errors, I'm thinking maybe
it makes sense to remove all the .imap directories and let Dovecot create
new clean ones.  I realize that may slow things down for awhile while
Dovecot is rebuilding new files.

Thanks for any info.

Jackie Hunt
Acad Computing & Networking Srvcs
Colorado State University

Jun  6 13:43:02 newlamar dovecot: imap-login: Login: user=<cacti>,
method=PLAIN, rip=129.82.100.64, lip=129.82.100.124, mpid=19593, TLS
Jun  6 13:43:21 newlamar dovecot: imap-login: Login: user=<cacti>,
method=PLAIN, rip=129.82.100.64, lip=129.82.100.124, mpid=19597, TLS
Jun  6 13:43:21 newlamar dovecot: imap-login: Login: user=<cacti>,
method=PLAIN, rip=129.82.100.64, lip=129.82.100.124, mpid=19600, TLS
Jun  6 13:44:11 newlamar dovecot: imap(cacti): Disconnected: Logged out
bytes=107/441
Jun  6 13:44:11 newlamar dovecot: imap(cacti): Disconnected: Logged out
bytes=1676/2724868
Jun  6 13:44:11 newlamar dovecot: imap(cacti): Disconnected: Logged out
bytes=129/759
Jun  6 13:51:49 newlamar dovecot: imap-login: Login: user=<cacti>,
method=PLAIN, rip=129.82.100.64, lip=129.82.100.124, mpid=19657, TLS
Jun  6 13:51:49 newlamar dovecot: imap(cacti): Error: Rebuilding index
file /adhome/cacti/.imap/INBOX/dovecot.index: CPU architecture changed
Jun  6 13:51:58 newlamar dovecot: imap-login: Login: user=<cacti>,
method=PLAIN, rip=129.82.100.64, lip=129.82.100.124, mpid=19662, TLS
Jun  6 13:51:58 newlamar dovecot: imap(cacti): Error: Corrupted
transaction log file /adhome/cacti/.imap/Trash/dovecot.index.log seq
16777216: log file shrank (1428 < 6144) (sync_offset=6144)
Jun  6 13:51:58 newlamar dovecot: imap(cacti): Panic: file buffer.c: line
295 (buffer_set_used_size): assertion failed: (used_size <= buf->alloc)
Jun  6 13:51:58 newlamar dovecot: imap(cacti): Error: Raw backtrace:
/usr/lib/dovecot/libdovecot.so.0(+0x374fa) [0x7f3ada59c4fa] ->
/usr/lib/dovecot/libdovecot.so.0(+0x3753e) [0x7f3ada59c53e] ->
/usr/lib/dovecot/libdovecot.so.0(i_fatal+0) [0x7f3ada576837] ->
/usr/lib/dovecot/libdovecot.so.0(+0x35319) [0x7f3ada59a319] ->
/usr/lib/dovecot/libdovecot-storage.so.0(mail_transaction_log_file_open+0x21e)
[0x7f3ada87acee] ->
/usr/lib/dovecot/libdovecot-storage.so.0(mail_transaction_log_open+0xb8)
[0x7f3ada877a68] ->
/usr/lib/dovecot/libdovecot-storage.so.0(mail_index_open+0xe5)
[0x7f3ada860e75] ->
/usr/lib/dovecot/libdovecot-storage.so.0(index_storage_mailbox_open+0xbc)
[0x7f3ada826eac] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x5f7fb)
[0x7f3ada8417fb] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x28c4c)
[0x7f3ada80ac4c] ->
/usr/lib/dovecot/libdovecot-storage.so.0(index_storage_mailbox_enable+0x24)
[0x7f3ada827584] -> dovecot/imap(imap_status_get+0xfd) [0x7f3adacead8d] ->
doveco
 t/imap(cmd_status+0x182) [0x7f3adace1f92] -> dovecot/imap(+0x1105d)
[0x7f3adace405d] -> dovecot/imap(+0x11135) [0x7f3adace4135] ->
dovecot/imap(client_handle_input+0x125) [0x7f3adace4385] ->
dovecot/imap(client_input+0x65) [0x7f3adace4c35] ->
/usr/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x48) [0x7f3ada5a8048] ->
/usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0xa7)
[0x7f3ada5a90c7] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_run+0x28)
[0x7f3ada5a7fd8] ->
/usr/lib/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7f3ada5962c3]
-> dovecot/imap(main+0x2f4) [0x7f3adacdc544] ->
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xed) [0x7f3ada1e530d]
-> dovecot/imap(+0x95d5) [0x7f3adacdc5d5]
Jun  6 13:51:59 newlamar dovecot: imap-login: Login: user=<cacti>,
method=PLAIN, rip=129.82.100.64, lip=129.82.100.124, mpid=19664, TLS
Jun  6 13:51:59 newlamar dovecot: imap(cacti): Error: Transaction log file
/adhome/cacti/.imap/Trash/dovecot.index.log: marked corrupted
Jun  6 13:51:59 newlamar dovecot: imap(cacti): Error: Rebuilding index
file /adhome/cacti/.imap/Trash/dovecot.index: CPU architecture changed

From trever.adams at gmail.com  Thu Jun  7 09:05:25 2012
From: trever.adams at gmail.com (Trever L. Adams)
Date: Thu, 07 Jun 2012 00:05:25 -0600
Subject: [Dovecot] Problems since upgrading to 2.1.6 from 2.0.20
Message-ID: <4FD044A5.2000000@gmail.com>

Hello Everyone,

I saw the text about the change and needing to define an inbox namespace. Everything seems to work fine except doveadm. I get the following from a cronjob that has worked well for years now.

doveadm(account at example.com): Error: Syncing mailbox TRASH failed: Mailbox doesn't exist: TRASH
doveadm(account at example.com): Error: Syncing mailbox TRASH failed: Mailbox doesn't exist: TRASH
doveadm(account at example.com): Error: Syncing mailbox TRASH failed: Mailbox doesn't exist: TRASH

The cronjob is:

1 4 * * * doveadm expunge -A mailbox TRASH SAVEDBEFORE 30D


What is the problem? I have tried to find documentation and do searches for others having the same problem. I do not know if I am just missing something or what.

Any help would be greatly appreciated.

Thank you,
Trever


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 262 bytes
Desc: OpenPGP digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20120607/63a07a01/attachment.bin>

From tlx at leuxner.net  Thu Jun  7 11:15:57 2012
From: tlx at leuxner.net (Thomas Leuxner)
Date: Thu, 7 Jun 2012 10:15:57 +0200
Subject: [Dovecot] dsync backup doubles quota
In-Reply-To: <4FCDF582.5050004@wk-serv.de>
References: <4FCDF582.5050004@wk-serv.de>
Message-ID: <CC129E97-613E-47F9-9DBA-F26FF5145C65@leuxner.net>

Am 05.06.2012 um 14:03 schrieb Patrick Westenberg:

> Is this a bug or normal behavior?

There's an older thread regarding this:

http://www.dovecot.org/list/dovecot/2012-February/063585.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 203 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://dovecot.org/pipermail/dovecot/attachments/20120607/eed511f4/attachment-0001.bin>

From fumiyas at osstech.jp  Thu Jun  7 06:06:03 2012
From: fumiyas at osstech.jp (SATOH Fumiyasu)
Date: Thu, 07 Jun 2012 12:06:03 +0900
Subject: [Dovecot] Dovecot auth process delays exiting if LDAPS passdb
	used
In-Reply-To: <1338305505.8270.10.camel@hurina>
References: <87y5oi51ka.wl%fumiyas@osstech.jp>
	<87vcjm50kr.wl%fumiyas@osstech.jp>
	<1338305505.8270.10.camel@hurina>
Message-ID: <87txynzuqs.wl%fumiyas@osstech.jp>

At Tue, 29 May 2012 18:31:45 +0300,
Timo Sirainen wrote:
> > > If Dovecot passdb is configured with LDAP (no TLS/SSL),
> > > it is no problem. But if Dovecot passdb is configured with
> > > LDAPS (or LDAP+TLS), Dovecot auth process has a problem
> > > that Dovecot auth delays exiting about between 20 and
> > > 60 seconds when Dovecot dovecot (master) process is already
> > > terminated by an administrator.
> > 
> > I can reproduce this problem with LDAP (no TLS/SSL) passdb.
> 
> And I suppose you can reproduce it even when not using LDAP?

Yes. I can reproduce with dovecot 1:2.1.7-1 (Debian unstable package)
with PAM passdb. This PAM environment is configured for
local UNIX passwd file only (no LDAP).

> All of the Dovecot processes are supposed to close all listeners
> immediately when the master process dies. If this doesn't happen then
> something strange is going on.

My dovecot config (PAM version) is below:

# dovecot -n
# 2.1.7: /etc/dovecot/dovecot.conf
# OS: Linux 3.2.0-2-amd64 x86_64 Debian wheezy/sid
namespace inbox {
  inbox = yes
  location =
  prefix =
}
passdb {
  driver = pam
}
plugin {
  sieve = ~/.dovecot.sieve
  sieve_dir = ~/sieve
}
protocols = " imap pop3"
service auth {
  unix_listener /var/spool/postfix/private/dovecot-auth {
    mode = 0666
  }
}
ssl_cert = </etc/ssl/certs/dovecot.pem
ssl_key = </etc/ssl/private/dovecot.pem
userdb {
  driver = passwd
}

-- 
-- Name: SATOH Fumiyasu (fumiyas @ osstech co jp)
-- Business Home: http://www.OSSTech.co.jp/
-- GitHub Home: https://GitHub.com/fumiyas/

From joseba.torre at ehu.es  Thu Jun  7 12:07:06 2012
From: joseba.torre at ehu.es (Joseba Torre)
Date: Thu, 07 Jun 2012 11:07:06 +0200
Subject: [Dovecot] Email auto purging applied to all mail folders
In-Reply-To: <sig.1504b152e9.60B9A1AA-CCC3-4524-A36B-F90FBE08A747@safnow.org>
References: <sig.1504b152e9.60B9A1AA-CCC3-4524-A36B-F90FBE08A747@safnow.org>
Message-ID: <4FD06F3A.6030903@ehu.es>

El 06/06/12 18:19, Joe V Aldeguer escribi?:
> Hello,
>
> Is it possible to have this done not only for spam and trash folder but lets say like the user inbox and any user created mail folders too?  My ultimate goal is to have a way to automate the email deletion process of emails stored in the user inbox or mail folders when it reaches a specified date.  My boss wants to force users to keep emails only a month old anything beyond that will be deleted.  Has anyone done this using dovecot and are there any guides available?  I am also open to suggestions for commercial solutions but so far searching online for solutions only comes up with email archiving.
>

Something like

doveadm expunge -A mailbox '*' savedbefore 1m

should do that, depending on your userdb. But check with doveadm search 
before expunging anything!

HTH

From amateo at um.es  Thu Jun  7 14:52:51 2012
From: amateo at um.es (Angel L. Mateo)
Date: Thu, 07 Jun 2012 13:52:51 +0200
Subject: [Dovecot] director and IPs shown at the backends
Message-ID: <4FD09613.6000405@um.es>

Hello,

	I am configuring a dovecot imap/pop servers with a dovecot director in 
front of them. Because I am using director proxy, connections in the 
backends are show as coming from director IPs. Is there any way to 
configure director (or backends) so the backends know (and report) the 
original IP instead of the director IP?

From bind at enas.net  Thu Jun  7 15:12:32 2012
From: bind at enas.net (Urban Loesch)
Date: Thu, 07 Jun 2012 14:12:32 +0200
Subject: [Dovecot] director and IPs shown at the backends
In-Reply-To: <4FD09613.6000405@um.es>
References: <4FD09613.6000405@um.es>
Message-ID: <4FD09AB0.6020500@enas.net>


Hi,

try it with "login_trusted_networks" option on the backends:

# Space separated list of trusted network ranges. Connections from these
# IPs are allowed to override their IP addresses and ports (for logging and
# for authentication checks). disable_plaintext_auth is also ignored for
# these networks. Typically you'd specify your IMAP proxy servers here.
login_trusted_networks =

But for POP this will only working with version 2.1.x

regards
Urban



On 07.06.2012 13:52, Angel L. Mateo wrote:
> Hello,
>
> I am configuring a dovecot imap/pop servers with a dovecot director in front of them. Because I am using director proxy, connections in the backends
> are show as coming from director IPs. Is there any way to configure director (or backends) so the backends know (and report) the original IP instead
> of the director IP?
>

From h.reindl at thelounge.net  Thu Jun  7 15:36:58 2012
From: h.reindl at thelounge.net (Reindl Harald)
Date: Thu, 07 Jun 2012 14:36:58 +0200
Subject: [Dovecot] Can we know when a user read our email?
In-Reply-To: <4FCFD2DD.7030109@wildgooses.com>
References: <CAAJD-mAcEqzJcHYODkReWn6BuzV3B8c3MPE+ceWmtWqCDdmBuQ@mail.gmail.com>
	<1337013487.4384.58.camel@innu>
	<4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org>
	<4FCB23BF.20300@wildgooses.com>
	<4FCB6AA7.4050200@Media-Brokers.com>
	<4FCCB9E3.3060702@wildgooses.com> <4FCCC2D9.3010209@thelounge.net>
	<4FCFD2DD.7030109@wildgooses.com>
Message-ID: <4FD0A06A.50008@thelounge.net>



Am 06.06.2012 23:59, schrieb Ed W:
> I'm not sure why this is so hard to believe.  There is literally a class of customers that have a specification
> which says that there must be a notification sent back to the sender whenever they download their emails.  I cannot
> currently bid for their business.
> 
> A spec is a spec - either you can meet the spec or you can't bid for the business...

i'm not sure why it is so hard to believe that nobody should
bid for such idiotic specs - techs should act professional
and not like whores while try impossible and stupid things
which can sovle each mail-client since > 10 years and is not
the job of a mailserver


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 262 bytes
Desc: OpenPGP digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20120607/6bbffc60/attachment.bin>

From phil25lsbin at gmail.com  Thu Jun  7 16:33:34 2012
From: phil25lsbin at gmail.com (phil25lsbin)
Date: Thu, 7 Jun 2012 15:33:34 +0200
Subject: [Dovecot] Postfix don't relay to dovecot virtual user
Message-ID: <CA+=yFg-UD3a6L=HRxgqDNiUYhtxN9-+HYfn1Cg5eqFptsMVD-w@mail.gmail.com>

Hi,

I run a mail server on debian squeeze system , i installed the following
software

postfix
dovecot
spamassassin
postgrey

I configured a virtual domain and virtual mailbox but postfix don't pipe
mail in dovecot.

In log, it's appear that the relay mode is local and the delivery message
is delivered to mailbox)

Jun  7 15:23:01 ns230370 postfix/smtpd[27501]: 66BBA4D40F0:
client=localhost.localdomain[127.0.0.1]
Jun  7 15:23:01 ns230370 postfix/cleanup[8017]: 66BBA4D40F0: message-id=<
E1Sccg1-00029S-9I at ns231581.ovh.net>
Jun  7 15:23:01 ns230370 postfix/qmgr[27490]: 66BBA4D40F0: from=<
admlb at lebest.fr>, size=1807, nrcpt=1 (queue active)
Jun  7 15:23:01 ns230370 postfix/local[7907]: 66BBA4D40F0: to=<
admlb at lebest.fr>, relay=local, delay=0, delays=0/0/0/0, dsn=2.0.0,
status=sent (delivered to mailbox)
Jun  7 15:23:01 ns230370 postfix/qmgr[27490]: 66BBA4D40F0: removed


My dovecot.conf:

protocols = imap imaps pop3 pop3s
log_timestamp = "%Y-%m-%d %H:%M:%S "
log_path = /var/log/dovecot/dovecot.log
info_log_path = /var/log/dovecot/dovecot-info.log
mail_privileged_group = mail
disable_plaintext_auth = no
mail_location = maildir:/home/smtp/%d/%n:INDEX=/home/smtp/%d/%n/indexes
protocol imap {
}

protocol pop3 {
}
protocol managesieve {
}
protocol lda {
  postmaster_address = admlb at XXX.FR
  mail_plugin_dir = /usr/lib/dovecot/modules/lda
  auth_socket_path = /var/run/dovecot/auth-master
}
auth default {
        userdb sql {
        args = /etc/dovecot/dovecot-mysql.conf
        }
        passdb sql {
        args = /etc/dovecot/dovecot-mysql.conf
        }
 socket listen {
  master {
  path = /var/run/dovecot/auth-master
  mode = 0600
  user = smtp
  }
  client {
  path = /var/spool/postfix/private/auth
  mode = 0660
  user = postfix
  group = postfix
  }
 }
}
dict {
}
plugin {
}


My main.cf

myhostname = smtp.XXX.FR
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = XXX.FR
mydestination = XXX.FR, smtp.XXX.FR, localhost.XXX.FRr, localhost
relayhost =
mynetworks = 172.16.0.0/12 127.0.0.0/8
mailbox_size_limit = 0
inet_interfaces = all
virtual_uid_maps = static:3000
virtual_gid_maps = static:3000
virtual_mailbox_base = /home/smtp
virtual_transport = dovecot
virtual_mailbox_domains = mysql:/etc/postfix/
mysql_virtual_mailbox_domains.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
relay_domains = mysql:/etc/postfix/mysql_relay_domains.cf

smtpd_recipient_restrictions =
  permit_mynetworks,
  permit_sasl_authenticated,
  reject_non_fqdn_hostname,
  reject_non_fqdn_sender,
  reject_non_fqdn_recipient,
  reject_unauth_destination,
  reject_unauth_pipelining,
  check_policy_service inet:127.0.0.1:10023,
  reject_invalid_hostname

smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
content_filter = amavis:[127.0.0.1]:10024
receive_override_options = no_address_mappings
inet_protocols = ipv4

The end of  master.cf file

dovecot   unix  -       n       n       -       -       pipe
  flags=DRhu user=smtp:smtp argv=/usr/lib/dovecot/deliver -f ${sender} -d
${user}@${nexthop}
amavis unix - - - - 2 smtp
        -o smtp_data_done_timeout=1200
        -o smtp_send_xforward_command=yes

127.0.0.1:10025 inet n - - - - smtpd
        -o content_filter=
        -o local_recipient_maps=
        -o relay_recipient_maps=
        -o smtpd_restriction_classes=
        -o smtpd_client_restrictions=
        -o smtpd_helo_restrictions=
        -o smtpd_sender_restrictions=
        -o smtpd_recipient_restrictions=permit_mynetworks,reject
        -o mynetworks=127.0.0.0/8
        -o strict_rfc821_envelopes=yes
        -o
receive_override_options=no_unknown_recipient_checks,no_header_body_checks
        -o smtpd_bind_address=127.0.0.1

Thanks

From CMarcus at Media-Brokers.com  Thu Jun  7 17:02:53 2012
From: CMarcus at Media-Brokers.com (Charles Marcus)
Date: Thu, 07 Jun 2012 10:02:53 -0400
Subject: [Dovecot] Postfix don't relay to dovecot virtual user
In-Reply-To: <CA+=yFg-UD3a6L=HRxgqDNiUYhtxN9-+HYfn1Cg5eqFptsMVD-w@mail.gmail.com>
References: <CA+=yFg-UD3a6L=HRxgqDNiUYhtxN9-+HYfn1Cg5eqFptsMVD-w@mail.gmail.com>
Message-ID: <4FD0B48D.9090200@Media-Brokers.com>

Please do not provide copy/paste from conf files...

Always ONLY provide UNEDITED output of:

doveconf -n

postconf -n

On 2012-06-07 9:33 AM, phil25lsbin <phil25lsbin at gmail.com> wrote:
> Hi,
>
> I run a mail server on debian squeeze system , i installed the following
> software
>
> postfix
> dovecot
> spamassassin
> postgrey
>
> I configured a virtual domain and virtual mailbox but postfix don't pipe
> mail in dovecot.
>
> In log, it's appear that the relay mode is local and the delivery message
> is delivered to mailbox)
>
> Jun  7 15:23:01 ns230370 postfix/smtpd[27501]: 66BBA4D40F0:
> client=localhost.localdomain[127.0.0.1]
> Jun  7 15:23:01 ns230370 postfix/cleanup[8017]: 66BBA4D40F0: message-id=<
> E1Sccg1-00029S-9I at ns231581.ovh.net>
> Jun  7 15:23:01 ns230370 postfix/qmgr[27490]: 66BBA4D40F0: from=<
> admlb at lebest.fr>, size=1807, nrcpt=1 (queue active)
> Jun  7 15:23:01 ns230370 postfix/local[7907]: 66BBA4D40F0: to=<
> admlb at lebest.fr>, relay=local, delay=0, delays=0/0/0/0, dsn=2.0.0,
> status=sent (delivered to mailbox)
> Jun  7 15:23:01 ns230370 postfix/qmgr[27490]: 66BBA4D40F0: removed
>
>
> My dovecot.conf:
>
> protocols = imap imaps pop3 pop3s
> log_timestamp = "%Y-%m-%d %H:%M:%S "
> log_path = /var/log/dovecot/dovecot.log
> info_log_path = /var/log/dovecot/dovecot-info.log
> mail_privileged_group = mail
> disable_plaintext_auth = no
> mail_location = maildir:/home/smtp/%d/%n:INDEX=/home/smtp/%d/%n/indexes
> protocol imap {
> }
>
> protocol pop3 {
> }
> protocol managesieve {
> }
> protocol lda {
>    postmaster_address = admlb at XXX.FR
>    mail_plugin_dir = /usr/lib/dovecot/modules/lda
>    auth_socket_path = /var/run/dovecot/auth-master
> }
> auth default {
>          userdb sql {
>          args = /etc/dovecot/dovecot-mysql.conf
>          }
>          passdb sql {
>          args = /etc/dovecot/dovecot-mysql.conf
>          }
>   socket listen {
>    master {
>    path = /var/run/dovecot/auth-master
>    mode = 0600
>    user = smtp
>    }
>    client {
>    path = /var/spool/postfix/private/auth
>    mode = 0660
>    user = postfix
>    group = postfix
>    }
>   }
> }
> dict {
> }
> plugin {
> }
>
>
> My main.cf
>
> myhostname = smtp.XXX.FR
> alias_maps = hash:/etc/aliases
> alias_database = hash:/etc/aliases
> myorigin = XXX.FR
> mydestination = XXX.FR, smtp.XXX.FR, localhost.XXX.FRr, localhost
> relayhost =
> mynetworks = 172.16.0.0/12 127.0.0.0/8
> mailbox_size_limit = 0
> inet_interfaces = all
> virtual_uid_maps = static:3000
> virtual_gid_maps = static:3000
> virtual_mailbox_base = /home/smtp
> virtual_transport = dovecot
> virtual_mailbox_domains = mysql:/etc/postfix/
> mysql_virtual_mailbox_domains.cf
> virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
> virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
> relay_domains = mysql:/etc/postfix/mysql_relay_domains.cf
>
> smtpd_recipient_restrictions =
>    permit_mynetworks,
>    permit_sasl_authenticated,
>    reject_non_fqdn_hostname,
>    reject_non_fqdn_sender,
>    reject_non_fqdn_recipient,
>    reject_unauth_destination,
>    reject_unauth_pipelining,
>    check_policy_service inet:127.0.0.1:10023,
>    reject_invalid_hostname
>
> smtpd_sasl_auth_enable = yes
> smtpd_sasl_security_options = noanonymous
> content_filter = amavis:[127.0.0.1]:10024
> receive_override_options = no_address_mappings
> inet_protocols = ipv4
>
> The end of  master.cf file
>
> dovecot   unix  -       n       n       -       -       pipe
>    flags=DRhu user=smtp:smtp argv=/usr/lib/dovecot/deliver -f ${sender} -d
> ${user}@${nexthop}
> amavis unix - - - - 2 smtp
>          -o smtp_data_done_timeout=1200
>          -o smtp_send_xforward_command=yes
>
> 127.0.0.1:10025 inet n - - - - smtpd
>          -o content_filter=
>          -o local_recipient_maps=
>          -o relay_recipient_maps=
>          -o smtpd_restriction_classes=
>          -o smtpd_client_restrictions=
>          -o smtpd_helo_restrictions=
>          -o smtpd_sender_restrictions=
>          -o smtpd_recipient_restrictions=permit_mynetworks,reject
>          -o mynetworks=127.0.0.0/8
>          -o strict_rfc821_envelopes=yes
>          -o
> receive_override_options=no_unknown_recipient_checks,no_header_body_checks
>          -o smtpd_bind_address=127.0.0.1
>
> Thanks

From at_hacker at mail.ru  Thu Jun  7 17:28:02 2012
From: at_hacker at mail.ru (=?UTF-8?B?0JDQu9C10LrRgdC10Lkg0J/QtdGA0LXQutC70LDQtA==?=)
Date: Thu, 07 Jun 2012 18:28:02 +0400
Subject: [Dovecot] =?utf-8?q?Problem_with_Dovecot_and_AD_LDAP_auth?=
Message-ID: <1339079282.133745848@f31.mail.ru>

Hi.

Seems it's a bug in dovecot auth. I have??FreeBSD 8.1-RELEASE-p1 and I tried 1.2.17 and 2.1.7 versions of Dovecot, and still no luck.

The problem: when I set in dovecot-ldap.conf:?base = CN=Users,DC=domain,DC=local

everything works fine. But if I set:?base = DC=domain,DC=local

mail client can't authorize. /var/log/dovecot.log says:
===============================================?
Jun 07 18:07:17 auth: Debug: auth client connected (pid=14611)
Jun 07 18:08:11 auth: Debug: client in: AUTH 1 PLAIN service=imap session=G1//aeLB6wAKAABu lip=10.0.0.3 rip=10.0.0.110 lport=143 rport=55787 resp=AGdhdGV3YXkAVU82eUpuUXQ=
Jun 07 18:08:11 auth: Debug: ldap(gateway,10.0.0.110,<G1//aeLB6wAKAABu>): bind search: base=DC=domain,DC=local filter=(&(objectClass=person)(sAMAccountName=gateway))
Jun 07 18:08:11 auth: Debug: ldap(gateway,10.0.0.110,<G1//aeLB6wAKAABu>): result: uid missing
Jun 07 18:10:18 imap-login: Info: Disconnected: Inactivity during authentication (disconnected while authenticating, waited 127 secs): user=<>, method=PLAIN, rip=10.0.0.110, lip=10.0.0.3, session=<G1//aeLB6wAKAABu>
Jun 07 18:10:18 auth: Debug: client in: CANCEL 1
Jun 07 18:10:18 auth: Debug: auth client connected (pid=14706)
Jun 07 18:10:26 auth: Debug: client in: AUTH 1 PLAIN service=imap session=n6IBcuLB7AAKAABu lip=10.0.0.3 rip=10.0.0.110 lport=143 rport=55788 resp=AGdhdGV3YXkAVU82eUpuUXQ=
Jun 07 18:10:26 auth: Debug: ldap(gateway,10.0.0.110,<n6IBcuLB7AAKAABu>): bind search: base=DC=domain,DC=local filter=(&(objectClass=person)(sAMAccountName=gateway))
Jun 07 18:10:26 auth: Error: ldap(gateway,10.0.0.110,<n6IBcuLB7AAKAABu>): Connection appears to be hanging, reconnecting
Jun 07 18:10:26 auth: Debug: ldap(gateway,10.0.0.110,<n6IBcuLB7AAKAABu>): result: uid missing
Jun 07 18:10:26 auth: Error: ldap(gateway,10.0.0.110,<G1//aeLB6wAKAABu>): Request lost
Jun 07 18:10:26 auth: Error: ldap(gateway,10.0.0.110,<n6IBcuLB7AAKAABu>): ldap_search(base=DC=domain,DC=local filter=(&(objectClass=person)(sAMAccountName=gateway))) failed: Operations error
Jun 07 18:10:26 auth: Error: LDAP: Reply with unknown msgid 2
Jun 07 18:10:26 auth: Error: LDAP: Reply with unknown msgid 2
Jun 07 18:10:26 auth: Error: LDAP: Reply with unknown msgid 2
Jun 07 18:10:26 auth: Error: LDAP: Reply with unknown msgid 2
Jun 07 18:10:28 auth: Debug: client out: FAIL 1 user=gateway temp
Jun 07 18:10:28 auth: Debug: client out: FAIL 1 user=gateway temp
Jun 07 18:13:18 imap-login: Info: Disconnected: Inactivity (auth failed, 1 attempts in 172 secs): user=<gateway>, method=PLAIN, rip=10.0.0.110, lip=10.0.0.3, session=<n6IBcuLB7AAKAABu>
============================================

My dovecot-ldap.conf:

===============================
ldap_version = 3
hosts = ad.domain.local
base = DC=hrom,DC=local
scope = subtree

dn = CN=mailserver,CN=Users,DC=domain,DC=local
dnpass = here_is_pass
auth_bind = yes
pass_attrs = uid=user
pass_filter = "(&(objectClass=person)(sAMAccountName=%u))"
user_attrs = name=mail=maildir:/var/mail/virtual/hrom.local/%n
user_filter = "(&(objectClass=person)(sAMAccountName=%u))"
===================================================?
?
?I need base = DC=domain,DC=local for searching for user's accounts in different OU of my AD. If I set base = CN=Users,DC=domain,DC=local, Dovecot can't authorize user accounts from OU.

P.S.: Postfix with base = DC=domain,DC=local works perfectly, so the problem is not with our domain controller (LDAP server as well) .

From jerry at seibercom.net  Thu Jun  7 17:41:48 2012
From: jerry at seibercom.net (Jerry)
Date: Thu, 7 Jun 2012 10:41:48 -0400
Subject: [Dovecot] Postfix don't relay to dovecot virtual user
In-Reply-To: <CA+=yFg-UD3a6L=HRxgqDNiUYhtxN9-+HYfn1Cg5eqFptsMVD-w@mail.gmail.com>
References: <CA+=yFg-UD3a6L=HRxgqDNiUYhtxN9-+HYfn1Cg5eqFptsMVD-w@mail.gmail.com>
Message-ID: <20120607104148.6254a7e8@scorpio>

On Thu, 7 Jun 2012 15:33:34 +0200
phil25lsbin articulated:

>I run a mail server on debian squeeze system , i installed the
>following software
>
>postfix
>dovecot
>spamassassin
>postgrey
>
>I configured a virtual domain and virtual mailbox but postfix don't
>pipe mail in dovecot.

{SNIP}

1) Do not paste & copy your config files. Use:
	dovecot -n
	postconf -n

Paste the output of those commands in you post.

If Postfix is not relaying the mail you would probably be better served
on the Postfix forum. Its not that no one here could help you, I am
sure they will; however, it is really not a dovecot problem. For
Postfix, you might want to investigate the
<http://www.postfix.com/DEBUG_README.html> page, specifically:
<http://www.postfix.com/DEBUG_README.html#mail> Check out the
postfinger tool. This can be found at http://ftp.wl0.org/SOURCES/postfinger.

Also, be sure to state the versions of the software that you are using
and you OS system version as well.

-- 
Jerry ?

Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the Reply-To header.
__________________________________________________________________


From karl.oulmi at ibl.fr  Thu Jun  7 18:26:59 2012
From: karl.oulmi at ibl.fr (Karl Oulmi)
Date: Thu, 07 Jun 2012 17:26:59 +0200
Subject: [Dovecot] Accessing maildir snapshots through dovecot / namespace
Message-ID: <4FD0C843.4070503@ibl.fr>

Hi,

I've the following setup :

- FreeBSD 9.0 / Dovecot 2.1.7
- Maildir storage over iSCSI (Dell MD3200i)
- Virtual users over LDAP

to render the storage snapshots available through
dovecot (to allow my users to browse their mail history).

Here is my conf :

namespace {
type = private
inbox = yes
list = yes
prefix = INBOX.
location = 
maildir:/home/%u/Maildir:CONTROL=/home/dovecot/control/%u:INDEX=/home/dovecot/indexes/%u
}


namespace snap {
prefix = INBOX.snapshot.h0.
hidden = no
inbox = no
list = yes
location = 
maildir:/da1/%u/Maildir:INDEX=/da1/dovecot/indexes/%u:CONTROL=/da1/dovecot/control/%u
type = private
}


The problem is that I don't see the content of the inbox folder 
contained in the snapshots whereas subfolders are perfectly viewed !

Inbox cur|new are is /da1/%u/Maildir/

If anyone have a tip, It would be nice...

Regards,
Karl.

-- 
_______________________________________________________________
Karl OULMI
Centre de Ressources Informatiques
Institut de Biologie de Lille - CNRS GDS3366

_______________________________________________________________




-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2879 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20120607/01e7b017/attachment.bin>

From weber at zackbummfertig.de  Thu Jun  7 18:53:00 2012
From: weber at zackbummfertig.de (Marko Weber)
Date: Thu, 07 Jun 2012 17:53:00 +0200
Subject: [Dovecot] auth-worker problem here.
Message-ID: <1e9f63c2b3bdacfe8f03c89eca19d6a4@zackbummfertig.de>


hello,


in howto for gentoo i found this:

To tell Postfix about the maps that you've just set up, add the 
following (substituting mysql for pgsql if you're on PostgreSQL) to the 
bottom of /etc/postfix/main.cf:
virtual_alias_maps = mysql:/etc/postfix/sql_virtual_alias_maps.cf
virtual_mailbox_domains = mysql:/etc/postfix/sql_virtual_domain_maps.cf
virtual_mailbox_maps = mysql:/etc/postfix/sql_virtual_mailbox_maps.cf

Tip: Because this is using the Dovecot's LDA, all results from 
virtual_mailbox_maps are ignored beyond checking if they exist.

I added in the mysql db an alias postmaster at domainn.tld that should be 
forwarded to name at domainn.tld.
The tip above tells me when using dovecot lda the virtual_alias_maps is 
ignored by dovecot.

now when i send a mail to postmaster at domainn.tld the mail is not 
transported to name at domainn.tld.

in logfile i see this:

dovecot: auth-worker: sql(postmaster at zbfmail.de): Unknown user

how can i tell dovecot to also use the virtual_alias_maps?

thank you

marko


From phil25lsbin at gmail.com  Thu Jun  7 19:05:25 2012
From: phil25lsbin at gmail.com (phil25lsbin)
Date: Thu, 7 Jun 2012 18:05:25 +0200
Subject: [Dovecot] Postfix don't relay to dovecot virtual user
In-Reply-To: <20120607104148.6254a7e8@scorpio>
References: <CA+=yFg-UD3a6L=HRxgqDNiUYhtxN9-+HYfn1Cg5eqFptsMVD-w@mail.gmail.com>
	<20120607104148.6254a7e8@scorpio>
Message-ID: <CA+=yFg98HANoj9FdCdVqEaWb4imFTUKbKY6+kyH174hNtBzQXQ@mail.gmail.com>

Sorry,

dovecot -n
# 1.2.15: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.38.2-grsec-xxxx-grs-ipv6-
64 x86_64 Debian 6.0.5 ext3
log_path: /var/log/dovecot/dovecot.log
info_log_path: /var/log/dovecot/dovecot-info.log
log_timestamp: %Y-%m-%d %H:%M:%S
protocols: imap imaps pop3 pop3s
disable_plaintext_auth: no
login_dir: /var/run/dovecot/login
login_executable(default): /usr/lib/dovecot/imap-login
login_executable(imap): /usr/lib/dovecot/imap-login
login_executable(pop3): /usr/lib/dovecot/pop3-login
mail_privileged_group: mail
mail_location: maildir:/home/smtp/%d/%n:INDEX=/home/smtp/%d/%n/indexes
mbox_write_locks: fcntl dotlock
mail_executable(default): /usr/lib/dovecot/imap
mail_executable(imap): /usr/lib/dovecot/imap
mail_executable(pop3): /usr/lib/dovecot/pop3
mail_plugin_dir(default): /usr/lib/dovecot/modules/imap
mail_plugin_dir(imap): /usr/lib/dovecot/modules/imap
mail_plugin_dir(pop3): /usr/lib/dovecot/modules/pop3
lda:
  postmaster_address: admlb at XXX.fr
  mail_plugin_dir: /usr/lib/dovecot/modules/lda
  auth_socket_path: /var/run/dovecot/auth-master
auth default:
  passdb:
    driver: sql
    args: /etc/dovecot/dovecot-mysql.conf
  userdb:
    driver: sql
    args: /etc/dovecot/dovecot-mysql.conf
  socket:
    type: listen
    client:
      path: /var/spool/postfix/private/auth
      mode: 432
      user: postfix
      group: postfix
    master:
      path: /var/run/dovecot/auth-master
      mode: 384
      user: smtp

postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
config_directory = /etc/postfix

content_filter = amavis:[127.0.0.1]:10024
inet_interfaces = all
inet_protocols = ipv4
mailbox_size_limit = 0
mydestination = XXX.fr, smtp.XXX.fr, localhost.XXX.fr, localhost
myhostname = smtp.XXX.fr
mynetworks = 172.16.0.0/12 127.0.0.0/8
myorigin = XXX.fr
receive_override_options = no_address_mappings
relay_domains = mysql:/etc/postfix/mysql_relay_domains.cf
relayhost =

smtpd_recipient_restrictions = permit_mynetworks,
permit_sasl_authenticated,  reject_non_fqdn_hostname,
reject_non_fqdn_sender,  reject_non_fqdn_recipient,
reject_unauth_destination,  reject_unauth_pipelining,  check_policy_service
inet:127.0.0.1:10023,  reject_invalid_hostname
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf

virtual_gid_maps = static:3000
virtual_mailbox_base = /home/smtp
virtual_mailbox_domains = mysql:/etc/postfix/
mysql_virtual_mailbox_domains.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_transport = dovecot
virtual_uid_maps = static:3000

Thanks for help


2012/6/7 Jerry <jerry at seibercom.net>

> On Thu, 7 Jun 2012 15:33:34 +0200
> phil25lsbin articulated:
>
> >I run a mail server on debian squeeze system , i installed the
> >following software
> >
> >postfix
> >dovecot
> >spamassassin
> >postgrey
> >
> >I configured a virtual domain and virtual mailbox but postfix don't
> >pipe mail in dovecot.
>
> {SNIP}
>
> 1) Do not paste & copy your config files. Use:
>        dovecot -n
>        postconf -n
>
> Paste the output of those commands in you post.
>
> If Postfix is not relaying the mail you would probably be better served
> on the Postfix forum. Its not that no one here could help you, I am
> sure they will; however, it is really not a dovecot problem. For
> Postfix, you might want to investigate the
> <http://www.postfix.com/DEBUG_README.html> page, specifically:
> <http://www.postfix.com/DEBUG_README.html#mail> Check out the
> postfinger tool. This can be found at
> http://ftp.wl0.org/SOURCES/postfinger.
>
> Also, be sure to state the versions of the software that you are using
> and you OS system version as well.
>
> --
> Jerry ?
>
> Disclaimer: off-list followups get on-list replies or get ignored.
> Please do not ignore the Reply-To header.
> __________________________________________________________________
>
>

From rago at lal.in2p3.fr  Thu Jun  7 20:56:19 2012
From: rago at lal.in2p3.fr (Emiliano Rago)
Date: Thu, 07 Jun 2012 19:56:19 +0200
Subject: [Dovecot] Authentication issue
Message-ID: <4FD0EB43.8070104@lal.in2p3.fr>

Hi,

I need to set up a weird dovecot configuration:

1) outside a ssl tunnel I'd like to authenticate only with cram-md5 scheme
2) inside a ssl tunnel  I'd like to authenticate only with plain auth

The first is easily satisfied with

auth_mechanisms = plain cram-md5
disable_plaintext_auth = yes

but I don't know how to satisfy the second condition, if it's possible.

Thanks for help,
Emiliano Rago

From toml at engr.orst.edu  Fri Jun  8 03:34:29 2012
From: toml at engr.orst.edu (Tom Lieuallen)
Date: Thu, 07 Jun 2012 17:34:29 -0700
Subject: [Dovecot] how to announce shared folders to clients using
 non-default mail prefix
Message-ID: <4FD14895.8040707@engr.orst.edu>

We're using dovecot 2.1.3 and I've been doing some testing with 2.1.7. 
We have shared mail (maildir) folders working along with our default 
mbox mailboxes.  Our problem is trying to get this to work in a 
reasonable fashion with our iPhone or iPad mail.app clients.  It's well 
known that they don't honor the subscription list; they show all 
available mail folders and do not collapse trees of folders.  I have 381 
folders in directories under mail.  Normal clients are fine, but this is 
unmanageable in IOS.

What we have been doing is changing the mail prefix for the iPhone to a 
subfolder, then using soft links to point to the most commonly used 
folders we use.  This works, but when one changes the mail prefix, any 
shared folders are not presented.  I'm suspicious that this is a design 
decision.  If there is some way to make it work, I'd be very grateful.

Note the two 'sharedimap' folders listed in the first 'list'.

Note that if I change the prefix for that shared namespace to 
'iphonemail/', it does present my shared folders as well as anything in 
a personal iphonemail directory.  However, 'select' didn't work with the 
personal folders.  My guess is it's mostly due to the difference in mail 
formats between the two (mbox & maildir).  But, it does show that 
somewhere in the code it's checking the mail prefix against namespaces 
and not displaying shared folders in non-default prefixes.  I wish this 
were a configurable option.

thank you

Tom Lieuallen
Oregon State University

. list "" *
* LIST (\Noselect \HasChildren) "/" "foo1"
* LIST (\NoInferiors \UnMarked) "/" "foo1/folder1"
* LIST (\Noselect \HasChildren) "/" "iphonemail"
* LIST (\NoInferiors \Marked) "/" "iphonemail/foo1"
* LIST (\NoInferiors \UnMarked) "/" "Sent"
* LIST (\NoInferiors \UnMarked) "/" "Trash"
* LIST (\HasNoChildren) "/" "INBOX"
* LIST (\HasNoChildren) "/" "sharedimap/cesupport"
* LIST (\HasNoChildren) "/" "sharedimap/mimesupport"
. OK List completed.
. list "iphonemail/" *
* LIST (\NoInferiors \Marked) "/" "iphonemail/foo1"
. OK List completed.


===============

# 2.1.7: /private/dovecot/etc/dovecot/dovecot.conf
# OS: SunOS 5.10 sun4v
auth_debug = yes
auth_verbose = yes
default_client_limit = 10245
default_process_limit = 5120
first_valid_uid = 100
mail_location = mbox:~/mail:INBOX=/var/mail/%u:INDEX=/a2/imap-index/%u
mail_nfs_storage = yes
mail_plugins = quota acl
namespace {
   inbox = yes
   location =
   prefix =
   separator = /
   type = private
}
namespace {
   hidden = yes
   inbox = no
   list = children
   location = maildir:/a1/dove-shared:INDEX=/a2/imap-index/dove-shared/%u
   prefix = sharedimap/
   separator = /
   type = shared
}
passdb {
   driver = pam
}
passdb {
   args = scheme=CRYPT username_format=%u /private/dovecot/etc/passwd
   driver = passwd-file
}
plugin {
   acl = vfile
   quota = fs:INBOX:mount=/a1
   quota2 = fs:Home quota:mount=%h
}
protocols = imap lmtp
service imap-login {
   inet_listener imaps {
     port = 993
     ssl = yes
   }
   process_min_avail = 16
   service_count = 1
}
service imap {
   process_limit = 2048
}
ssl_ca = </private/ssl/certs/SSL_CA_Bundle.pem
ssl_cert = </private/ssl/certs/mail.crt
ssl_key = </private/ssl/certs/mail.key
userdb {
   driver = passwd
}
userdb {
   args = username_format=%u /private/dovecot/etc/passwd
   driver = passwd-file
}
protocol imap {
   mail_plugins = quota acl imap_quota imap_acl
}
protocol pop3 {
   pop3_uidl_format = %08Xv%08Xu
}

From a.kostyrev at serverc.ru  Fri Jun  8 04:25:56 2012
From: a.kostyrev at serverc.ru (=?koi8-r?B?68/T1NnSxdcg4czFy9PBzsTSIOHMxcvTxcXXyd4=?=)
Date: Fri, 8 Jun 2012 12:25:56 +1100
Subject: [Dovecot] director: backend health monitoring
Message-ID: <213B51F00051AE48A9F0E112880177178F79E0@Delta.sc.local>

Hello!

I am wonder if there are plans to include backend health monitoring feature to Dovecot Director ?
Yes, I'm aware of poolmon by Brad Davidson but I think it's kind of must-have feature out of box.

 

thanks


From daniel.parthey at informatik.tu-chemnitz.de  Fri Jun  8 06:16:22 2012
From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey)
Date: Fri, 8 Jun 2012 05:16:22 +0200
Subject: [Dovecot] Corrupted mdbox on LMTP director delivery while user is
 logged in via IMAP
Message-ID: <20120608031622.GA13898@daniel.localdomain>

Hi,

we get errors about corrupted indexes and we are losing flags with mdbox on NFSv4:

Error: Recent flags state corrupted for mailbox
Error: Corrupted dbox file
Error: Corrupted transaction log file

It looks like a LMTP director problem. The user has IMAP IDLE connections
open and lmtp delivers to another host. This leads to nfs corruption problems.

The user is logged into mail04 and has some IMAP IDLE mailbox connections open:

mail04:~# ps -ef|grep someuser
vmail 5217 23918 0 Jun07 ? 00:00:00 dovecot/imap [someuser at example.de 10.129.3.190 IDLE]
vmail 8623 23918 0 Jun07 ? 00:00:00 dovecot/imap [someuser at example.de 10.129.3.233 IDLE]
vmail 20279 23918 0 00:37 ? 00:00:00 dovecot/imap [someuser at example.de 10.129.3.213 IDLE]

If postfix on mail01/dcmailbox01 receives an incoming mail now, the director on mail01
does NOT direct LMTP to the responsible host mail04/dcmailbox04 (10.129.3.190),
but delivers it locally to mail01 (10.129.3.193), which leads to file corruption.

mail01:~# doveadm -c /etc/dovecot-director/dovecot-director.conf director status someuser at example.de
Current: not assigned
Hashed: 10.129.3.193
Initial config: 10.129.3.193

mail01:~# host 10.129.3.193
193.3.129.10.in-addr.arpa domain name pointer dcmailbox01.example.net.

mail01 runs the lmtp proxy and lmtp delivery,
even though the user is logged in via IMAP IDLE on mail04:

mail01:~# grep "^Jun 8 03:36:.*someuser at example.de" /var/log/server/dovecot.log
Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124): Debug: auth input: someuser at example.de home=/mail/dovecot/example.de/someuser uid=501 gid=123 quota_rule=*:bytes=5000M:messages=0
Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124, someuser at example.de): Debug: Effective uid=501, gid=123, home=/mail/dovecot/example.de/someuser
Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124, someuser at example.de): Debug: Quota root: name=User quota backend=dict args=:proxy::quota
Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124, someuser at example.de): Debug: Quota rule: root=User quota mailbox=* bytes=5242880000 messages=0
Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124, someuser at example.de): Debug: Quota rule: root=User quota mailbox=Trash bytes=+104857600 messages=0
Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124, someuser at example.de): Debug: Quota warning: bytes=4980736000 (95%) messages=0 reverse=no command=quota-warning 95 someuser at example.de
Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124, someuser at example.de): Debug: Quota warning: bytes=4194304000 (80%) messages=0 reverse=no command=quota-warning 80 someuser at example.de
Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124, someuser at example.de): Debug: dict quota: user=someuser at example.de, uri=proxy::quota, noenforcing=0
Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124, someuser at example.de): Debug: fs: root=/mail/dovecot/example.de/someuser/mail, index=, control=, inbox=, alt=
Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124, someuser at example.de): Debug: Namespace : Using permissions from /mail/dovecot/example.de/someuser/mail: mode=0700 gid=-1
Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124, someuser at example.de): Debug: sieve: include: sieve_global_dir is not set; it is currently not possible to include `:global' scripts.
Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124, someuser at example.de): Debug: jOv8JgJX0U/0aQAA3l+BKA: sieve: using sieve path for user's script: /mail/dovecot/example.de/someuser/.dovecot.sieve
Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124, someuser at example.de): Debug: jOv8JgJX0U/0aQAA3l+BKA: sieve: opening script /mail/dovecot/example.de/someuser/.dovecot.sieve
Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124, someuser at example.de): Debug: jOv8JgJX0U/0aQAA3l+BKA: sieve: script binary /mail/dovecot/example.de/someuser/.dovecot.svbin successfully loaded
Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124, someuser at example.de): Debug: jOv8JgJX0U/0aQAA3l+BKA: sieve: binary save: not saving binary /mail/dovecot/example.de/someuser/.dovecot.svbin, because 
it is already stored
Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124, someuser at example.de): Debug: jOv8JgJX0U/0aQAA3l+BKA: sieve: executing script from /mail/dovecot/example.de/someuser/.dovecot.svbin
Jun 8 03:36:02 10.129.3.213 dovecot: lmtp(23404): Debug: auth input: user=someuser at example.de proxy port=19024 host=10.129.3.193 proxy_refresh=450
Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124, someuser at example.de): jOv8JgJX0U/0aQAA3l+BKA: sieve: mailbox: deliver: msgid=<201206080136.q581a1Rc024891 at iolite.ham.srv.mcs.de> 
from=service at cityline.net: stored mail into mailbox 'INBOX'
Jun 8 03:36:02 10.129.3.213 dovecot: lmtp(23406): Debug: auth input: user=someuser at example.de proxy port=19024 host=10.129.3.193 proxy_refresh=450
Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125): Debug: auth input: someuser at example.de home=/mail/dovecot/example.de/someuser uid=501 gid=123 quota_rule=*:bytes=5000M:messages=0
Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125, someuser at example.de): Debug: Effective uid=501, gid=123, home=/mail/dovecot/example.de/someuser
Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125, someuser at example.de): Debug: Quota root: name=User quota backend=dict args=:proxy::quota
Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125, someuser at example.de): Debug: Quota rule: root=User quota mailbox=* bytes=5242880000 messages=0
Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125, someuser at example.de): Debug: Quota rule: root=User quota mailbox=Trash bytes=+104857600 messages=0
Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125, someuser at example.de): Debug: Quota warning: bytes=4980736000 (95%) messages=0 reverse=no command=quota-warning 95 someuser at example.de
Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125, someuser at example.de): Debug: Quota warning: bytes=4194304000 (80%) messages=0 reverse=no command=quota-warning 80 someuser at example.de
Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125, someuser at example.de): Debug: dict quota: user=someuser at example.de, uri=proxy::quota, noenforcing=0
Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125, someuser at example.de): Debug: fs: root=/mail/dovecot/example.de/someuser/mail, index=, control=, inbox=, alt=
Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125, someuser at example.de): Debug: Namespace : Using permissions from /mail/dovecot/example.de/someuser/mail: mode=0700 gid=-1
Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125, someuser at example.de): Debug: sieve: include: sieve_global_dir is not set; it is currently not possible to include `:global' scripts.
Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125, someuser at example.de): Debug: gWijMAJX0U/1aQAA3l+BKA: sieve: using sieve path for user's script: /mail/dovecot/example.de/someuser/.dovecot.sieve
Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125, someuser at example.de): Debug: gWijMAJX0U/1aQAA3l+BKA: sieve: opening script /mail/dovecot/example.de/someuser/.dovecot.sieve
Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125, someuser at example.de): Debug: gWijMAJX0U/1aQAA3l+BKA: sieve: script binary /mail/dovecot/example.de/someuser/.dovecot.svbin successfully loaded
Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125, someuser at example.de): Debug: gWijMAJX0U/1aQAA3l+BKA: sieve: binary save: not saving binary /mail/dovecot/example.de/someuser/.dovecot.svbin, because 
it is already stored
Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125, someuser at example.de): Debug: gWijMAJX0U/1aQAA3l+BKA: sieve: executing script from /mail/dovecot/example.de/someuser/.dovecot.svbin
Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125, someuser at example.de): gWijMAJX0U/1aQAA3l+BKA: sieve: mailbox: deliver: msgid=<201206080136.q581a1t0024890 at iolite.ham.srv.mcs.de> 
from=service at cityline.net: stored mail into mailbox 'INBOX'

The "user logged on via IMAP on mail04" and "lmtp delivery on mail01"
seems to lead to corruption of mdbox indexes:

Jun 8 03:36:03 10.129.3.200 dovecot: mailbox: mail: imap(someuser at example.de): Error: Corrupted transaction log file /mail/dovecot/example.de/someuser/mail/mailboxes/INBOX/dbox-
Mails/dovecot.index.log seq 82: Invalid transaction log size (32856 vs 32824): /mail/dovecot/example.de/someuser/mail/mailboxes/INBOX/dbox-Mails/dovecot.index.log (sync_offset=32856)
Jun 8 03:36:03 10.129.3.200 dovecot: mailbox: mail: imap(someuser at example.de): Error: Index /mail/dovecot/example.de/someuser/mail/mailboxes/INBOX/dbox-Mails/dovecot.index: Lost log for seq=82 
offset=32856
Jun 8 03:36:03 10.129.3.200 dovecot: mailbox: mail: imap(someuser at example.de): Warning: fscking index file /mail/dovecot/example.de/someuser/mail/mailboxes/INBOX/dbox-Mails/dovecot.index
Jun 8 03:36:03 10.129.3.200 dovecot: mailbox: mail: imap(someuser at example.de): Error: Fixed index file /mail/dovecot/example.de/someuser/mail/mailboxes/INBOX/dbox-Mails/dovecot.index: log_file_seq 82 
-> 83
Jun 8 03:36:38 10.129.3.200 dovecot: mailbox: mail: imap(someuser at example.de): Error: Transaction log file /mail/dovecot/example.de/someuser/mail/mailboxes/INBOX/dbox-Mails/dovecot.index.log.2: 
marked corrupted


How to enable the LMTP director to deliver to the correct mailbox host?

Configuration of mailbox and director of mail01 is attached.

Regards,
Daniel
-------------- next part --------------
# 2.0.20: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.32-40-server x86_64 Ubuntu 10.04.4 LTS 
auth_cache_negative_ttl = 0
auth_cache_size = 10 M
auth_cache_ttl = 1 mins
auth_debug = yes
auth_verbose = yes
auth_verbose_passwords = sha1
deliver_log_format = mailbox: deliver: msgid=%m from=%f: %$
dict {
  quota = mysql:/etc/dovecot/conf.d/dovecot-dict-sql.conf.ext
}
disable_plaintext_auth = no
instance_name = dovecot-mailbox
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes
login_greeting = Mailbox
login_log_format = mailbox: login: %$: %s
login_trusted_networks = 10.129.3.0/24
mail_debug = yes
mail_fsync = always
mail_gid = vmail
mail_home = /mail/dovecot/%d/%n
mail_location = mdbox:~/mail
mail_log_prefix = "mailbox: mail: %s(%u): "
mail_plugins = quota
mail_privileged_group = vmail
mail_uid = vmail
managesieve_implementation_string = Sieve
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave
mdbox_rotate_interval = 1 weeks
mdbox_rotate_size = 50 M
mmap_disable = yes
passdb {
  args = /etc/dovecot/conf.d/dovecot-sql.conf.ext
  driver = sql
}
plugin {
  quota = dict:User quota::proxy::quota
  quota_rule = *:storage=10G
  quota_rule2 = Trash:storage=+100M
  quota_warning = storage=95%% quota-warning 95 %u
  quota_warning2 = storage=80%% quota-warning 80 %u
  sieve = ~/.dovecot.sieve
  sieve_dir = ~/sieve
}
protocols = imap pop3 lmtp sieve
service auth {
  unix_listener auth-userdb {
    group = dovecot
    mode = 0660
    user = dovecot
  }
}
service dict {
  unix_listener dict {
    group = vmail
    mode = 0660
  }
}
service imap-login {
  inet_listener imap {
    port = 19143
  }
}
service lmtp {
  inet_listener lmtp {
    address = *
    port = 19024
  }
}
service managesieve-login {
  inet_listener sieve {
    port = 19200
  }
}
service pop3-login {
  inet_listener pop3 {
    port = 19110
  }
}
service quota-warning {
  executable = script /usr/local/bin/quota-warning
  extra_groups = dovecot
  unix_listener quota-warning {
    user = vmail
  }
  user = vmail
}
ssl = no
userdb {
  driver = prefetch
}
userdb {
  args = /etc/dovecot/conf.d/dovecot-sql.conf.ext
  driver = sql
}
verbose_proctitle = yes
protocol imap {
  imap_client_workarounds = delay-newmail tb-extra-mailbox-sep
  mail_plugins = quota imap_quota
}
protocol lmtp {
  mail_plugins = quota sieve
}
-------------- next part --------------
# 2.0.20: /etc/dovecot-director/dovecot-director.conf
# OS: Linux 2.6.32-40-server x86_64 Ubuntu 10.04.4 LTS 
auth_debug = yes
auth_verbose = yes
auth_verbose_passwords = sha1
base_dir = /var/run/dovecot-director
deliver_log_format = director: deliver: msgid=%m from=%f: %$
director_mail_servers = 10.129.3.193 10.129.3.192 10.129.3.191 10.129.3.190
director_servers = 10.129.3.193 10.129.3.192 10.129.3.191 10.129.3.190
instance_name = dovecot-director
lmtp_proxy = yes
login_greeting = Mail Balancer
login_log_format = director: login: %$: %s
login_trusted_networks = 10.129.3.0/24
mail_debug = yes
mail_fsync = always
mail_gid = vmail
mail_home = /mail/dovecot/%d/%n
mail_location = mdbox:~/mail
mail_log_prefix = "director: mail: %s(%u): "
mail_privileged_group = vmail
mail_uid = vmail
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave
mmap_disable = yes
passdb {
  args = proxy=y nopassword=y user=%n at dovecotmail.%d
  driver = static
}
protocols = imap pop3 lmtp sieve
service auth {
  unix_listener auth-userdb {
    user = dovecot
  }
}
service director {
  fifo_listener login/proxy-notify {
    mode = 0666
  }
  inet_listener {
    port = 9090
  }
  unix_listener director-userdb {
    mode = 0600
  }
  unix_listener login/director {
    mode = 0666
  }
}
service imap-login {
  executable = imap-login director
  inet_listener imap {
    port = 20143
  }
  inet_listener imaps {
    port = 20993
    ssl = yes
  }
}
service lmtp {
  inet_listener lmtp {
    address = *
    port = 20024
  }
}
service managesieve-login {
  inet_listener sieve {
    port = 20200
  }
}
service pop3-login {
  executable = pop3-login director
  inet_listener pop3 {
    port = 20110
  }
  inet_listener pop3s {
    port = 20995
    ssl = yes
  }
}
ssl_cert = </etc/certs/wildcard.example.net.crt
ssl_key = </etc/certs/wildcard.example.net.key
verbose_proctitle = yes
protocol lmtp {
  auth_socket_path = director-userdb
  passdb {
    args = proxy=y nopassword=y port=19024
    driver = static
  }
}
protocol sieve {
  auth_socket_path = director-userdb
  passdb {
    args = proxy=y nopassword=y port=19200
    driver = static
  }
}
protocol imap {
  imap_client_workarounds = delay-newmail tb-extra-mailbox-sep
}

From a.kostyrev at serverc.ru  Fri Jun  8 07:32:58 2012
From: a.kostyrev at serverc.ru (=?koi8-r?B?68/T1NnSxdcg4czFy9PBzsTSIOHMxcvTxcXXyd4=?=)
Date: Fri, 8 Jun 2012 15:32:58 +1100
Subject: [Dovecot] Director pop3 real ips v2.1.1
Message-ID: <213B51F00051AE48A9F0E112880177178F79E3@Delta.sc.local>

good day!

I'm experiencing problem with pop3 proxying:
on backend servers in logs there's director's ip instead of remote's
like this:
Jun  8 15:21:23 host-01 dovecot: pop3-login: Login: user=<test1 at example.com>, method=PLAIN, rip=192.168.5.102, lip=192.168.5.100, mpid=26170, secured
Jun  8 15:32:16 host-01 dovecot: pop3-login: Login: user=<test1 at example.com>, method=PLAIN, rip=192.168.5.102, lip=192.168.5.100, mpid=26426, secured



--
? ?????????,
???????? ?????????
????????? ?????????????
??? "??????-?????"
???.: (423) 262-02-62 (???. 2037)
????: (423) 262-02-10
a.kostyrev at serverc.ru
icq: 404-198-497



From a.kostyrev at serverc.ru  Fri Jun  8 07:39:13 2012
From: a.kostyrev at serverc.ru (=?koi8-r?B?68/T1NnSxdcg4czFy9PBzsTSIOHMxcvTxcXXyd4=?=)
Date: Fri, 8 Jun 2012 15:39:13 +1100
Subject: [Dovecot] Director pop3 real ips v2.1.1
In-Reply-To: <213B51F00051AE48A9F0E112880177178F79E3@Delta.sc.local>
References: <213B51F00051AE48A9F0E112880177178F79E3@Delta.sc.local>
Message-ID: <213B51F00051AE48A9F0E112880177178F79E4@Delta.sc.local>

*sorry, accidently send to soon.
continue:

but with imap it's ok

I've read thread "Dovecot Proxy and environment variables"
and as I understood there was no solution.

yes, I use v.2.1.1 on both director and backends
and yes, I've added 
login_trusted_networks = 192.168.5.0/24 on all of them
but it didn't help.

any workarounds? 
thanks






--
? ?????????,
???????? ?????????
????????? ?????????????
??? "??????-?????"
???.: (423) 262-02-62 (???. 2037)
????: (423) 262-02-10
a.kostyrev at serverc.ru
icq: 404-198-497

-----Original Message-----
From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On Behalf Of ???????? ????????? ??????????
Sent: Friday, June 08, 2012 3:33 PM
To: dovecot at dovecot.org
Subject: [Dovecot] Director pop3 real ips v2.1.1

good day!

I'm experiencing problem with pop3 proxying:
on backend servers in logs there's director's ip instead of remote's
like this:
Jun  8 15:21:23 host-01 dovecot: pop3-login: Login: user=<test1 at example.com>, method=PLAIN, rip=192.168.5.102, lip=192.168.5.100, mpid=26170, secured
Jun  8 15:32:16 host-01 dovecot: pop3-login: Login: user=<test1 at example.com>, method=PLAIN, rip=192.168.5.102, lip=192.168.5.100, mpid=26426, secured



--
? ?????????,
???????? ?????????
????????? ?????????????
??? "??????-?????"
???.: (423) 262-02-62 (???. 2037)
????: (423) 262-02-10
a.kostyrev at serverc.ru
icq: 404-198-497



From amateo at um.es  Fri Jun  8 12:34:19 2012
From: amateo at um.es (Angel L. Mateo)
Date: Fri, 08 Jun 2012 11:34:19 +0200
Subject: [Dovecot] director and IPs shown at the backends
In-Reply-To: <4FD09AB0.6020500@enas.net>
References: <4FD09613.6000405@um.es> <4FD09AB0.6020500@enas.net>
Message-ID: <4FD1C71B.4040109@um.es>

El 07/06/12 14:12, Urban Loesch escribi?:
>
> Hi,
>
> try it with "login_trusted_networks" option on the backends:
>
> # Space separated list of trusted network ranges. Connections from these
> # IPs are allowed to override their IP addresses and ports (for logging and
> # for authentication checks). disable_plaintext_auth is also ignored for
> # these networks. Typically you'd specify your IMAP proxy servers here.
> login_trusted_networks =
>
> But for POP this will only working with version 2.1.x
>
	I didn't find that option in any example config file, but it's working. 
Maybe it must be documented in somewhere.

	Thank you.
-- 
Angel L. Mateo Mart?nez
Secci?n de Telem?tica
?rea de Tecnolog?as de la Informaci?n       _o)
y las Comunicaciones Aplicadas (ATICA)      / \\
http://www.um.es/atica                    _(___V
Tfo: 868887590
Fax: 868888337

From amateo at um.es  Fri Jun  8 12:41:52 2012
From: amateo at um.es (Angel L. Mateo)
Date: Fri, 08 Jun 2012 11:41:52 +0200
Subject: [Dovecot] director and doveadm server
Message-ID: <4FD1C8E0.4010807@um.es>

Hi,

	I've been reading doc at http://wiki2.dovecot.org/Director to configure 
my servers. My question is regarding configuration of doveadm server.

	I have configured both, director and backend servers, as described in 
that doc, but I don't know how to run doveadm commands in director servers.

	doveadm is working, because I can run commands, but they are executed 
in local (director) server. For example:

root at myotis40:/etc/dovecot/conf.d# doveadm director status
mail server ip vhosts                           users
155.54.211.169    100                               1

	but doveadm who seems to be executed just in local:

(backend server)
root at myotis30:/etc/dovecot/conf.d# doveadm who
username   # proto (pids)        (ips)
angel.luis 2 imap  (11931 11936) (155.54.67.5)

(director server)
root at myotis40:/etc/dovecot/conf.d# doveadm who
username # proto (pids) (ips)

	And another question about this... what is the local config option? I 
haven't found it documented anywhere.

-- 
Angel L. Mateo Mart?nez
Secci?n de Telem?tica
?rea de Tecnolog?as de la Informaci?n       _o)
y las Comunicaciones Aplicadas (ATICA)      / \\
http://www.um.es/atica                    _(___V
Tfo: 868887590
Fax: 868888337

From CMarcus at Media-Brokers.com  Fri Jun  8 13:05:09 2012
From: CMarcus at Media-Brokers.com (Charles Marcus)
Date: Fri, 08 Jun 2012 06:05:09 -0400
Subject: [Dovecot] Director pop3 real ips v2.1.1
In-Reply-To: <213B51F00051AE48A9F0E112880177178F79E4@Delta.sc.local>
References: <213B51F00051AE48A9F0E112880177178F79E3@Delta.sc.local>
	<213B51F00051AE48A9F0E112880177178F79E4@Delta.sc.local>
Message-ID: <4FD1CE55.4050701@Media-Brokers.com>

On 2012-06-08 12:39 AM, ???????? ????????? ?????????? 
<a.kostyrev at serverc.ru> wrote:
> yes, I use v.2.1.1 on both director and backends

The first/obvious answer is, did you try 2.1.7? 2.1 introduced a lot of 
changes, so you should *expect* to be sure and test the latest version 
before assuming it is/may be a bug...

From amateo at um.es  Fri Jun  8 13:24:37 2012
From: amateo at um.es (Angel L. Mateo)
Date: Fri, 08 Jun 2012 12:24:37 +0200
Subject: [Dovecot] difference between client_limit and process_limit
Message-ID: <4FD1D2E5.3020901@um.es>

Hi,

	What is the real difference between client and process limit? According 
to documentation (http://wiki2.dovecot.org/Services#Service_limits):

client_limit: Maximum number of simultaneous client connections. If set 
to 0, default_client_limit is used instead.
process_limit: Maximum number of processes that can exist for this 
service. If set to 0, default_process_limit is used instead.

	But what does "client connection" exactly means? Is a user (login)? Is 
a user opens a few TCP connections (as many clients do) are they count 
as different connections?

-- 
Angel L. Mateo Mart?nez
Secci?n de Telem?tica
?rea de Tecnolog?as de la Informaci?n       _o)
y las Comunicaciones Aplicadas (ATICA)      / \\
http://www.um.es/atica                    _(___V
Tfo: 868887590
Fax: 868888337

From anmeyer at anup.de  Fri Jun  8 14:05:11 2012
From: anmeyer at anup.de (Andreas Meyer)
Date: Fri, 8 Jun 2012 13:05:11 +0200
Subject: [Dovecot] upgrade from 1.0.5 to 2.1.7
Message-ID: <20120608130511.1d55d814@itx.bitcorner.intern>

Hello!

I want to upgrade the docevot-installation from v 1.0.5 to 2.1..7

Now I get the following executing
doveconf -n -c /etc/dovecot/dovecot.conf > /home/mail1/dovecot-2.conf

doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:217: add auth_ prefix to all settings inside auth {} and remove the auth {} section completely
doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:219: passdb passwd-file {} has been replaced by passdb { driver=passwd-file }
doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:222: userdb passwd-file {} has been replaced by userdb { driver=passwd-file }

The section  at line 217 looks like this:

auth default {
  mechanisms = plain
  passdb passwd-file {
  args = /etc/dovecot/passwd
  }
  userdb passwd-file {
  args = /etc/dovecot/passwd
  }

How do I change it to fullfill the new needs?

And how do I handle line 217?
add auth_ prefix to all settings inside auth {} and remove the auth {} section completely
?

Thanks for help!

 Andreas

From amateo at um.es  Fri Jun  8 14:12:25 2012
From: amateo at um.es (Angel L. Mateo)
Date: Fri, 08 Jun 2012 13:12:25 +0200
Subject: [Dovecot] difference between client_limit and process_limit
In-Reply-To: <4FD1D2E5.3020901@um.es>
References: <4FD1D2E5.3020901@um.es>
Message-ID: <4FD1DE19.4050903@um.es>

El 08/06/12 12:24, Angel L. Mateo escribi?:
> Hi,
>
> What is the real difference between client and process limit? According
> to documentation (http://wiki2.dovecot.org/Services#Service_limits):
>
> client_limit: Maximum number of simultaneous client connections. If set
> to 0, default_client_limit is used instead.
> process_limit: Maximum number of processes that can exist for this
> service. If set to 0, default_process_limit is used instead.
>
> But what does "client connection" exactly means? Is a user (login)? Is a
> user opens a few TCP connections (as many clients do) are they count as
> different connections?
>
	Sorry, it's friday, my mind is on the weekend :-(

	I understand that client_limit is how many connections (imap 
connections, for example) could be handle by one dovecot process, so if 
I have client_limit=2 and process_limit=1024, then I could 2048 
concurrent connections, right?

-- 
Angel L. Mateo Mart?nez
Secci?n de Telem?tica
?rea de Tecnolog?as de la Informaci?n       _o)
y las Comunicaciones Aplicadas (ATICA)      / \\
http://www.um.es/atica                    _(___V
Tfo: 868887590
Fax: 868888337

From acrow at integrafin.co.uk  Fri Jun  8 14:13:57 2012
From: acrow at integrafin.co.uk (Alex Crow)
Date: Fri, 08 Jun 2012 12:13:57 +0100
Subject: [Dovecot] 2.1.7 altmove not working
Message-ID: <4FD1DE75.5000606@integrafin.co.uk>

Hi list,

I've just set up a 2.1.7 server, and have migrated a couple of accounts 
across from a 2.0.15 server, keeping the old configs. I have a strange 
problem on the new box in that altmove just doesn't work. I have my main 
storage under /home/email, indexes under /home/indexes and ALT under 
/home/email_archive.

When I run the altmove command, the following broken symlink is created 
in /home/email/integrafin.co.uk/acrow:

lrwxrwxrwx.  1 email email     54 Jun  8 10:46 dbox-alt-root -> 
/home/email_archive/integrafin.co.uk/a/acrow/mailboxes

But nothing is created in the archive other than the empty directory: 
/home/email_archive/integrafin.co.uk/a/acrow.

My mail_location is:

mail_location = 
mdbox:/home/email/%d/%n:INDEX=/home/indexes/%d/%1n/%n:ALT=/home/email_archive/%d/%1n/%n

This worked perfectly on the older server. I have attached my doveconf 
-a output.

Any help much appreciated.

Regards

Alex
-------------- next part --------------
# 2.1.7: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.32-220.el6.x86_64 x86_64 CentOS release 6.2 (Final) ext4
auth_anonymous_username = anonymous
auth_cache_negative_ttl = 1 hours
auth_cache_size = 0
auth_cache_ttl = 1 hours
auth_debug = yes
auth_debug_passwords = no
auth_default_realm = 
auth_failure_delay = 2 secs
auth_first_valid_uid = 500
auth_gssapi_hostname = 
auth_krb5_keytab = 
auth_last_valid_uid = 0
auth_master_user_separator = 
auth_mechanisms = plain
auth_proxy_self = 
auth_realms = 
auth_socket_path = auth-userdb
auth_ssl_require_client_cert = no
auth_ssl_username_from_cert = no
auth_use_winbind = no
auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@'
auth_username_format = %Lu
auth_username_translation = 
auth_verbose = yes
auth_verbose_passwords = no
auth_winbind_helper_path = /usr/bin/ntlm_auth
auth_worker_max_count = 30
base_dir = /var/run/dovecot/
config_cache_size = 1 M
debug_log_path = 
default_client_limit = 1000
default_idle_kill = 1 mins
default_internal_user = dovecot
default_login_user = dovenull
default_process_limit = 100
default_vsz_limit = 256 M
deliver_log_format = msgid=%m: %$
dict_db_config = 
director_doveadm_port = 0
director_mail_servers = 
director_servers = 
director_user_expire = 15 mins
director_username_hash = %u
disable_plaintext_auth = no
dotlock_use_excl = yes
doveadm_allowed_commands = 
doveadm_password = 
doveadm_proxy_port = 0
doveadm_socket_path = doveadm-server
doveadm_worker_count = 0
dsync_alt_char = _
dsync_remote_cmd = ssh -l%{login} %{host} doveadm dsync-server -u%u -l%{lock_timeout} -n%{namespace}
first_valid_gid = 1
first_valid_uid = 500
hostname = 
imap_capability = 
imap_client_workarounds = 
imap_id_log = 
imap_id_send = 
imap_idle_notify_interval = 2 mins
imap_logout_format = in=%i out=%o
imap_max_line_length = 64 k
imapc_features = 
imapc_host = 
imapc_list_prefix = 
imapc_master_user = 
imapc_password = 
imapc_port = 143
imapc_rawlog_dir = 
imapc_ssl = no
imapc_ssl_ca_dir = 
imapc_ssl_verify = yes
imapc_user = %u
import_environment = TZ
info_log_path = 
instance_name = dovecot
last_valid_gid = 0
last_valid_uid = 0
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = no
lda_original_recipient_header = 
libexec_dir = /usr/libexec/dovecot
listen = *
lmtp_proxy = no
lmtp_save_to_detail_mailbox = no
lock_method = fcntl
log_path = syslog
log_timestamp = "%b %d %H:%M:%S "
login_access_sockets = 
login_greeting = Dovecot ready.
login_log_format = %$: %s
login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c session=<%{session}>
login_trusted_networks = 
mail_access_groups = 
mail_attachment_dir = /home/email_archive/attachments
mail_attachment_fs = sis posix
mail_attachment_hash = %{sha1}
mail_attachment_min_size = 128 k
mail_cache_fields = flags
mail_cache_min_mail_count = 0
mail_chroot = 
mail_debug = yes
mail_fsync = never
mail_full_filesystem_access = no
mail_gid = email
mail_home = 
mail_location = mdbox:/home/email/%d/%n:INDEX=/home/indexes/%d/%1n/%n:ALT=/home/email_archive/%d/%1n/%n
mail_log_prefix = "%s(%u): "
mail_max_keyword_length = 50
mail_max_lock_timeout = 0
mail_max_userip_connections = 10
mail_never_cache_fields = imap.envelope
mail_nfs_index = no
mail_nfs_storage = no
mail_plugin_dir = /usr/lib64/dovecot
mail_plugins = 
mail_prefetch_count = 0
mail_privileged_group = 
mail_save_crlf = no
mail_shared_explicit_inbox = yes
mail_temp_dir = /tmp
mail_temp_scan_interval = 1 weeks
mail_uid = email
mailbox_idle_check_interval = 30 secs
mailbox_list_index = no
maildir_broken_filename_sizes = no
maildir_copy_with_hardlinks = yes
maildir_stat_dirs = no
maildir_very_dirty_syncs = no
managesieve_client_workarounds = 
managesieve_implementation_string = Dovecot Pigeonhole
managesieve_logout_format = bytes=%i/%o
managesieve_max_compile_errors = 5
managesieve_max_line_length = 65536
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave
master_user_separator = 
mbox_dirty_syncs = yes
mbox_dotlock_change_timeout = 2 mins
mbox_lazy_writes = yes
mbox_lock_timeout = 5 mins
mbox_md5 = apop3d
mbox_min_index_size = 0
mbox_read_locks = fcntl
mbox_very_dirty_syncs = no
mbox_write_locks = dotlock fcntl
mdbox_preallocate_space = yes
mdbox_rotate_interval = 1 days
mdbox_rotate_size = 2 M
mmap_disable = no
namespace {
  hidden = no
  ignore_on_failure = no
  inbox = yes
  list = yes
  location = 
  prefix = INBOX/
  separator = /
  subscriptions = yes
  type = private
}
namespace {
  hidden = no
  ignore_on_failure = no
  inbox = no
  list = children
  location = mdbox:/home/email/%%d/%%n:ALT=/home/email_archive/%%d/%%1n/%%n:INDEX=/home/indexes/%d/%1n/%n/shared/%%u
  prefix = shared/%%u/
  separator = /
  subscriptions = no
  type = shared
}
passdb {
  args = /etc/dovecot/dovecot-ldap.conf.ext
  default_fields = 
  deny = no
  driver = ldap
  master = no
  override_fields = 
  pass = no
}
plugin {
  acl = vfile:/etc/dovecot/global-acls:cache_secs=300
  acl_shared_dict = file:/var/mail/dovecot/shared-mailboxes
  mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename
  mail_log_fields = uid box msgid size
  sieve = ~/.dovecot.sieve
  sieve_dir = ~/sieve
}
pop3_client_workarounds = 
pop3_enable_last = no
pop3_fast_size_lookups = no
pop3_lock_session = no
pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s
pop3_no_flag_updates = no
pop3_reuse_xuidl = no
pop3_save_uidl = no
pop3_uidl_duplicates = allow
pop3_uidl_format = %08Xu%08Xv
pop3c_host = 
pop3c_password = 
pop3c_port = 110
pop3c_rawlog_dir = 
pop3c_ssl = no
pop3c_ssl_ca_dir = 
pop3c_ssl_verify = yes
pop3c_user = %u
postmaster_address = 
protocols = imap pop3 lmtp
quota_full_tempfail = no
recipient_delimiter = +
rejection_reason = Your message to <%t> was automatically rejected:%n%r
rejection_subject = Rejected: %s
replication_full_sync_interval = 12 hours
replication_max_conns = 10
replicator_host = replicator
replicator_port = 0
sendmail_path = /usr/sbin/sendmail
service aggregator {
  chroot = .
  client_limit = 0
  drop_priv_before_exec = no
  executable = aggregator
  extra_groups = 
  fifo_listener replication-notify-fifo {
    group = 
    mode = 0600
    user = 
  }
  group = 
  idle_kill = 0
  privileged_group = 
  process_limit = 0
  process_min_avail = 0
  protocol = 
  service_count = 0
  type = 
  unix_listener replication-notify {
    group = 
    mode = 0600
    user = 
  }
  user = $default_internal_user
  vsz_limit = 18446744073709551615 B
}
service anvil {
  chroot = empty
  client_limit = 0
  drop_priv_before_exec = no
  executable = anvil
  extra_groups = 
  group = 
  idle_kill = 4294967295 secs
  privileged_group = 
  process_limit = 1
  process_min_avail = 1
  protocol = 
  service_count = 0
  type = anvil
  unix_listener anvil-auth-penalty {
    group = 
    mode = 0600
    user = 
  }
  unix_listener anvil {
    group = 
    mode = 0600
    user = 
  }
  user = $default_internal_user
  vsz_limit = 18446744073709551615 B
}
service auth-worker {
  chroot = 
  client_limit = 1
  drop_priv_before_exec = no
  executable = auth -w
  extra_groups = 
  group = 
  idle_kill = 0
  privileged_group = 
  process_limit = 0
  process_min_avail = 0
  protocol = 
  service_count = 1
  type = 
  unix_listener auth-worker {
    group = 
    mode = 0600
    user = $default_internal_user
  }
  user = 
  vsz_limit = 18446744073709551615 B
}
service auth {
  chroot = 
  client_limit = 8524
  drop_priv_before_exec = no
  executable = auth
  extra_groups = 
  group = 
  idle_kill = 0
  privileged_group = 
  process_limit = 1
  process_min_avail = 0
  protocol = 
  service_count = 0
  type = 
  unix_listener auth-client {
    group = 
    mode = 0600
    user = 
  }
  unix_listener auth-login {
    group = 
    mode = 0600
    user = $default_internal_user
  }
  unix_listener auth-master {
    group = 
    mode = 0600
    user = 
  }
  unix_listener auth-userdb {
    group = email
    mode = 0600
    user = email
  }
  unix_listener login/login {
    group = 
    mode = 0666
    user = 
  }
  user = $default_internal_user
  vsz_limit = 18446744073709551615 B
}
service config {
  chroot = 
  client_limit = 0
  drop_priv_before_exec = no
  executable = config
  extra_groups = 
  group = 
  idle_kill = 0
  privileged_group = 
  process_limit = 0
  process_min_avail = 0
  protocol = 
  service_count = 0
  type = config
  unix_listener config {
    group = 
    mode = 0600
    user = 
  }
  user = 
  vsz_limit = 18446744073709551615 B
}
service dict {
  chroot = 
  client_limit = 1
  drop_priv_before_exec = no
  executable = dict
  extra_groups = 
  group = 
  idle_kill = 0
  privileged_group = 
  process_limit = 0
  process_min_avail = 0
  protocol = 
  service_count = 0
  type = 
  unix_listener dict {
    group = 
    mode = 0600
    user = 
  }
  user = $default_internal_user
  vsz_limit = 18446744073709551615 B
}
service director {
  chroot = .
  client_limit = 0
  drop_priv_before_exec = no
  executable = director
  extra_groups = 
  fifo_listener login/proxy-notify {
    group = 
    mode = 00
    user = 
  }
  group = 
  idle_kill = 4294967295 secs
  inet_listener {
    address = 
    port = 0
    ssl = no
  }
  privileged_group = 
  process_limit = 1
  process_min_avail = 0
  protocol = 
  service_count = 0
  type = 
  unix_listener director-admin {
    group = 
    mode = 0600
    user = 
  }
  unix_listener director-userdb {
    group = 
    mode = 0600
    user = 
  }
  unix_listener login/director {
    group = 
    mode = 00
    user = 
  }
  user = $default_internal_user
  vsz_limit = 18446744073709551615 B
}
service dns_client {
  chroot = 
  client_limit = 1
  drop_priv_before_exec = no
  executable = dns-client
  extra_groups = 
  group = 
  idle_kill = 0
  privileged_group = 
  process_limit = 0
  process_min_avail = 0
  protocol = 
  service_count = 0
  type = 
  unix_listener dns-client {
    group = 
    mode = 0666
    user = 
  }
  unix_listener login/dns-client {
    group = 
    mode = 0666
    user = 
  }
  user = $default_internal_user
  vsz_limit = 18446744073709551615 B
}
service doveadm {
  chroot = 
  client_limit = 1
  drop_priv_before_exec = no
  executable = doveadm-server
  extra_groups = 
  group = 
  idle_kill = 0
  privileged_group = 
  process_limit = 0
  process_min_avail = 0
  protocol = 
  service_count = 1
  type = 
  unix_listener doveadm-server {
    group = 
    mode = 0600
    user = 
  }
  user = 
  vsz_limit = 18446744073709551615 B
}
service imap-login {
  chroot = login
  client_limit = 256
  drop_priv_before_exec = no
  executable = imap-login
  extra_groups = 
  group = 
  idle_kill = 0
  inet_listener imap {
    address = 
    port = 143
    ssl = no
  }
  inet_listener imaps {
    address = 
    port = 993
    ssl = yes
  }
  privileged_group = 
  process_limit = 16
  process_min_avail = 8
  protocol = imap
  service_count = 0
  type = login
  user = $default_login_user
  vsz_limit = 128 M
}
service imap {
  chroot = 
  client_limit = 1
  drop_priv_before_exec = no
  executable = imap
  extra_groups = 
  group = 
  idle_kill = 0
  privileged_group = 
  process_limit = 4096
  process_min_avail = 0
  protocol = imap
  service_count = 1
  type = 
  unix_listener login/imap {
    group = 
    mode = 0666
    user = 
  }
  user = 
  vsz_limit = 18446744073709551615 B
}
service indexer-worker {
  chroot = 
  client_limit = 1
  drop_priv_before_exec = no
  executable = indexer-worker
  extra_groups = 
  group = 
  idle_kill = 0
  privileged_group = 
  process_limit = 10
  process_min_avail = 0
  protocol = 
  service_count = 0
  type = 
  unix_listener indexer-worker {
    group = 
    mode = 0600
    user = $default_internal_user
  }
  user = 
  vsz_limit = 18446744073709551615 B
}
service indexer {
  chroot = 
  client_limit = 0
  drop_priv_before_exec = no
  executable = indexer
  extra_groups = 
  group = 
  idle_kill = 0
  privileged_group = 
  process_limit = 1
  process_min_avail = 0
  protocol = 
  service_count = 0
  type = 
  unix_listener indexer {
    group = 
    mode = 0666
    user = 
  }
  user = $default_internal_user
  vsz_limit = 18446744073709551615 B
}
service ipc {
  chroot = empty
  client_limit = 0
  drop_priv_before_exec = no
  executable = ipc
  extra_groups = 
  group = 
  idle_kill = 0
  privileged_group = 
  process_limit = 1
  process_min_avail = 0
  protocol = 
  service_count = 0
  type = 
  unix_listener ipc {
    group = 
    mode = 0600
    user = 
  }
  unix_listener login/ipc-proxy {
    group = 
    mode = 0600
    user = $default_login_user
  }
  user = $default_internal_user
  vsz_limit = 18446744073709551615 B
}
service lmtp {
  chroot = 
  client_limit = 1
  drop_priv_before_exec = no
  executable = lmtp
  extra_groups = 
  group = 
  idle_kill = 0
  privileged_group = 
  process_limit = 0
  process_min_avail = 0
  protocol = lmtp
  service_count = 0
  type = 
  unix_listener lmtp {
    group = 
    mode = 0666
    user = 
  }
  user = 
  vsz_limit = 18446744073709551615 B
}
service log {
  chroot = 
  client_limit = 0
  drop_priv_before_exec = no
  executable = log
  extra_groups = 
  group = 
  idle_kill = 4294967295 secs
  privileged_group = 
  process_limit = 1
  process_min_avail = 0
  protocol = 
  service_count = 0
  type = log
  unix_listener log-errors {
    group = 
    mode = 0600
    user = 
  }
  user = 
  vsz_limit = 18446744073709551615 B
}
service managesieve-login {
  chroot = login
  client_limit = 0
  drop_priv_before_exec = no
  executable = managesieve-login
  extra_groups = 
  group = 
  idle_kill = 0
  inet_listener sieve {
    address = 
    port = 4190
    ssl = no
  }
  privileged_group = 
  process_limit = 0
  process_min_avail = 0
  protocol = sieve
  service_count = 1
  type = login
  user = $default_login_user
  vsz_limit = 18446744073709551615 B
}
service managesieve {
  chroot = 
  client_limit = 1
  drop_priv_before_exec = no
  executable = managesieve
  extra_groups = 
  group = 
  idle_kill = 0
  privileged_group = 
  process_limit = 0
  process_min_avail = 0
  protocol = sieve
  service_count = 1
  type = 
  unix_listener login/sieve {
    group = 
    mode = 0666
    user = 
  }
  user = 
  vsz_limit = 18446744073709551615 B
}
service pop3-login {
  chroot = login
  client_limit = 256
  drop_priv_before_exec = no
  executable = pop3-login
  extra_groups = 
  group = 
  idle_kill = 0
  inet_listener pop3 {
    address = 
    port = 110
    ssl = no
  }
  inet_listener pop3s {
    address = 
    port = 995
    ssl = yes
  }
  privileged_group = 
  process_limit = 16
  process_min_avail = 8
  protocol = pop3
  service_count = 0
  type = login
  user = $default_login_user
  vsz_limit = 128 M
}
service pop3 {
  chroot = 
  client_limit = 1
  drop_priv_before_exec = no
  executable = pop3
  extra_groups = 
  group = 
  idle_kill = 0
  privileged_group = 
  process_limit = 4096
  process_min_avail = 0
  protocol = pop3
  service_count = 1
  type = 
  unix_listener login/pop3 {
    group = 
    mode = 0666
    user = 
  }
  user = 
  vsz_limit = 18446744073709551615 B
}
service replicator {
  chroot = 
  client_limit = 0
  drop_priv_before_exec = no
  executable = replicator
  extra_groups = 
  group = 
  idle_kill = 4294967295 secs
  privileged_group = 
  process_limit = 1
  process_min_avail = 0
  protocol = 
  service_count = 0
  type = 
  unix_listener replicator {
    group = 
    mode = 0600
    user = $default_internal_user
  }
  user = 
  vsz_limit = 18446744073709551615 B
}
service ssl-params {
  chroot = 
  client_limit = 0
  drop_priv_before_exec = no
  executable = ssl-params
  extra_groups = 
  group = 
  idle_kill = 0
  privileged_group = 
  process_limit = 0
  process_min_avail = 0
  protocol = 
  service_count = 0
  type = startup
  unix_listener login/ssl-params {
    group = 
    mode = 0666
    user = 
  }
  user = 
  vsz_limit = 18446744073709551615 B
}
service stats {
  chroot = empty
  client_limit = 0
  drop_priv_before_exec = no
  executable = stats
  extra_groups = 
  fifo_listener stats-mail {
    group = 
    mode = 0600
    user = 
  }
  group = 
  idle_kill = 4294967295 secs
  privileged_group = 
  process_limit = 1
  process_min_avail = 0
  protocol = 
  service_count = 0
  type = 
  unix_listener stats {
    group = 
    mode = 0600
    user = 
  }
  user = $default_internal_user
  vsz_limit = 18446744073709551615 B
}
shutdown_clients = yes
ssl = yes
ssl_ca = 
ssl_cert = </etc/ssl/certs/ifanetcertkey.pem
ssl_cert_username_field = commonName
ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL
ssl_client_cert = 
ssl_client_key = 
ssl_crypto_device = 
ssl_key = </etc/ssl/certs/ifanetcertkey.pem
ssl_key_password = 
ssl_parameters_regenerate = 1 weeks
ssl_protocols = !SSLv2
ssl_require_crl = yes
ssl_verify_client_cert = no
stats_command_min_time = 1 mins
stats_domain_min_time = 12 hours
stats_ip_min_time = 12 hours
stats_memory_limit = 16 M
stats_session_min_time = 15 mins
stats_user_min_time = 1 hours
submission_host = 
syslog_facility = mail
userdb {
  args = 
  default_fields = 
  driver = prefetch
  override_fields = 
}
userdb {
  args = /etc/dovecot/dovecot-ldap.conf.ext
  default_fields = 
  driver = ldap
  override_fields = 
}
valid_chroot_dirs = 
verbose_proctitle = no
verbose_ssl = yes
version_ignore = no
protocol lmtp {
  mail_fsync = optimized
}
protocol lda {
  mail_fsync = optimized
  mail_plugins = sieve
}
protocol imap {
  mail_plugins = acl imap_acl
}

From h.reindl at thelounge.net  Fri Jun  8 14:30:20 2012
From: h.reindl at thelounge.net (Reindl Harald)
Date: Fri, 08 Jun 2012 13:30:20 +0200
Subject: [Dovecot] upgrade from 1.0.5 to 2.1.7
In-Reply-To: <20120608130511.1d55d814@itx.bitcorner.intern>
References: <20120608130511.1d55d814@itx.bitcorner.intern>
Message-ID: <4FD1E24C.1030906@thelounge.net>



Am 08.06.2012 13:05, schrieb Andreas Meyer:
> I want to upgrade the docevot-installation from v 1.0.5 to 2.1..7
> Now I get the following executing
> doveconf -n -c /etc/dovecot/dovecot.conf > /home/mail1/dovecot-2.conf
> 
> doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:217: add auth_ prefix to all settings inside auth {} and remove the auth {} section completely
> doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:219: passdb passwd-file {} has been replaced by passdb { driver=passwd-file }
> doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:222: userdb passwd-file {} has been replaced by userdb { driver=passwd-file }
> 
> The section  at line 217 looks like this:
> 
> auth default {
>   mechanisms = plain
>   passdb passwd-file {
>   args = /etc/dovecot/passwd
>   }
>   userdb passwd-file {
>   args = /etc/dovecot/passwd
>   }
> 
> How do I change it to fullfill the new needs?
> 
> And how do I handle line 217?
> add auth_ prefix to all settings inside auth {} and remove the auth {} section completely

what exactly are you not understanding here?
this is a very clear message
below a partly output from a working 2.1.7

auth_mechanisms                = CRAM-MD5 DIGEST-MD5 APOP LOGIN PLAIN
auth_worker_max_count          = 100
auth_cache_size                = 32768
auth_cache_ttl                 = 1800
auth_cache_negative_ttl        = 1800
auth_username_chars            = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@%
auth_username_translation      = %@AaBbCcDdEeFfGgHhIiJjKkLlMmNnOoPpQqRrSsTtUuVvWwXxYyZz
auth_debug                     = no
auth_debug_passwords           = no
auth_verbose                   = no

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 262 bytes
Desc: OpenPGP digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20120608/adf30175/attachment.bin>

From voytek at sbt.net.au  Fri Jun  8 14:34:39 2012
From: voytek at sbt.net.au (Voytek Eymont)
Date: Fri, 08 Jun 2012 21:34:39 +1000
Subject: [Dovecot] Restoring older messages to new server?
Message-ID: <98f7622f-e52b-4b88-8c65-db05c11e71f6@email.android.com>

I had Dovcot 1.x setup, all was working well (till...)

Server got stuffed up and same Dovecot 1.x was rebuilt, put back in service, all's working well.

I have recovered data from Maildirs messages from the old server, 

As some of the inboxes now have new messages, what is correct way to copy older messages from old server to new server ? (There are no duplicates, simply old messages from past server,  data is physically on new server)

Thanks for pointers, 
Voytek
-- 
Swyped on my Motrix with K-9 Mail. Please excuse my brevity.

From h.reindl at thelounge.net  Fri Jun  8 14:37:12 2012
From: h.reindl at thelounge.net (Reindl Harald)
Date: Fri, 08 Jun 2012 13:37:12 +0200
Subject: [Dovecot] Restoring older messages to new server?
In-Reply-To: <98f7622f-e52b-4b88-8c65-db05c11e71f6@email.android.com>
References: <98f7622f-e52b-4b88-8c65-db05c11e71f6@email.android.com>
Message-ID: <4FD1E3E8.8020103@thelounge.net>



Am 08.06.2012 13:34, schrieb Voytek Eymont:
> I had Dovcot 1.x setup, all was working well (till...)
> 
> Server got stuffed up and same Dovecot 1.x was rebuilt, put back in service, all's working well.
> 
> I have recovered data from Maildirs messages from the old server, 
> As some of the inboxes now have new messages, what is correct way to copy older messages from old server to new server ? (There are no duplicates, simply old messages from past server,  data is physically on new server)

imapsync is your friend

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 262 bytes
Desc: OpenPGP digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20120608/d41cab38/attachment.bin>

From trever.adams at gmail.com  Fri Jun  8 16:11:50 2012
From: trever.adams at gmail.com (Trever L. Adams)
Date: Fri, 08 Jun 2012 07:11:50 -0600
Subject: [Dovecot] Problems since upgrading to 2.1.6 from 2.0.20
In-Reply-To: <4FD044A5.2000000@gmail.com>
References: <4FD044A5.2000000@gmail.com>
Message-ID: <4FD1FA16.7090004@gmail.com>

On 06/07/2012 12:05 AM, Trever L. Adams wrote:
> Hello Everyone,
>
> I saw the text about the change and needing to define an inbox namespace. Everything seems to work fine except doveadm. I get the following from a cronjob that has worked well for years now.
>
> doveadm(account at example.com): Error: Syncing mailbox TRASH failed: Mailbox doesn't exist: TRASH
> doveadm(account at example.com): Error: Syncing mailbox TRASH failed: Mailbox doesn't exist: TRASH
> doveadm(account at example.com): Error: Syncing mailbox TRASH failed: Mailbox doesn't exist: TRASH
>
> The cronjob is:
>
> 1 4 * * * doveadm expunge -A mailbox TRASH SAVEDBEFORE 30D
>
>
> What is the problem? I have tried to find documentation and do searches for others having the same problem. I do not know if I am just missing something or what.
>
> Any help would be greatly appreciated.
>
> Thank you,
> Trever
>
>
Sorry everyone. Trash was the right name. This used to work. The other
boxes I am seeing the problem on are created when used. I am sorry to
have sounded an alarm.

Trever
-- 
"Advise your legislators, when they make laws for larceny, burglary, or
any felony, to make the penalty applicable to work upon roads, public
works, or any place where the culprit can be taught more wisdom and more
virtue, and become more enlightened. Rigor and seclusion will never do
as much to reform the propensities of men as reason and friendship." --
Joseph Smith, Jr.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 262 bytes
Desc: OpenPGP digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20120608/93d5efbb/attachment.bin>

From mcbdovecot at robuust.nl  Fri Jun  8 16:12:41 2012
From: mcbdovecot at robuust.nl (Maarten Bezemer)
Date: Fri, 8 Jun 2012 15:12:41 +0200 (CEST)
Subject: [Dovecot] Can we know when a user read our email?
In-Reply-To: <4FD0A06A.50008@thelounge.net>
References: <CAAJD-mAcEqzJcHYODkReWn6BuzV3B8c3MPE+ceWmtWqCDdmBuQ@mail.gmail.com>
	<1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com>
	<4FCB1AFA.3040200@tlinx.org> <4FCB23BF.20300@wildgooses.com>
	<4FCB6AA7.4050200@Media-Brokers.com> <4FCCB9E3.3060702@wildgooses.com>
	<4FCCC2D9.3010209@thelounge.net> <4FCFD2DD.7030109@wildgooses.com>
	<4FD0A06A.50008@thelounge.net>
Message-ID: <Pine.LNX.4.64.1206081503550.17531@wormhole.robuust.nl>


On Thu, 7 Jun 2012, Reindl Harald wrote:

> Am 06.06.2012 23:59, schrieb Ed W:
>> I'm not sure why this is so hard to believe.  There is literally a class of customers that have a specification
>> which says that there must be a notification sent back to the sender whenever they download their emails.  I cannot
>> currently bid for their business.
>>
>> A spec is a spec - either you can meet the spec or you can't bid for the business...
>
> i'm not sure why it is so hard to believe that nobody should
> bid for such idiotic specs - techs should act professional
> and not like whores while try impossible and stupid things
> which can sovle each mail-client since > 10 years and is not
> the job of a mailserver

Does the spec say how to conform to it? I mean: does "the system" have to 
support the transmission of receipts?
Most bidding rounds I've been part of only had very rough descriptions of 
what should be possible. Not exactly how. (Too detailed specs, pointing 
heavily in the direction of one type of solution provider, can be easily 
challenged!)
So, even without Dovecot supporting DSN-stuff, it would be possible to bid 
for these types of clients. The system as a whole does support DSN's, when 
MUA is conforming to relevant specs. Most MUA's support some form of DSN 
of read notification. What's more: whatever choice you make, server side 
or client side, handling of these status messages (and ways to request 
them) heavily depend on the remote party's technology as well.

So, claiming you conform to the read-notification spec can be as easy as 
saying "yes, as long as you use a proper MUA".

-- 
Maarten

From anmeyer at anup.de  Fri Jun  8 16:33:07 2012
From: anmeyer at anup.de (Andreas Meyer)
Date: Fri, 8 Jun 2012 15:33:07 +0200
Subject: [Dovecot] upgrade from 1.0.5 to 2.1.7
In-Reply-To: <4FD1E24C.1030906@thelounge.net>
References: <20120608130511.1d55d814@itx.bitcorner.intern>
	<4FD1E24C.1030906@thelounge.net>
Message-ID: <20120608153307.751e3865@itx.bitcorner.intern>

Reindl Harald <h.reindl at thelounge.net> wrote:

> 
> 
> Am 08.06.2012 13:05, schrieb Andreas Meyer:
> > I want to upgrade the docevot-installation from v 1.0.5 to 2.1..7
> > Now I get the following executing
> > doveconf -n -c /etc/dovecot/dovecot.conf > /home/mail1/dovecot-2.conf
> > 
> > doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:217: add auth_ prefix to all settings inside auth {} and remove the auth {} section completely
> > doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:219: passdb passwd-file {} has been replaced by passdb { driver=passwd-file }
> > doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:222: userdb passwd-file {} has been replaced by userdb { driver=passwd-file }
> > 
> > The section  at line 217 looks like this:
> > 
> > auth default {
> >   mechanisms = plain
> >   passdb passwd-file {
> >   args = /etc/dovecot/passwd
> >   }
> >   userdb passwd-file {
> >   args = /etc/dovecot/passwd
> >   }
> > 
> > How do I change it to fullfill the new needs?
> > 
> > And how do I handle line 217?
> > add auth_ prefix to all settings inside auth {} and remove the auth {} section completely
> 
> what exactly are you not understanding here?
> this is a very clear message

I find the message very confusing. It says to do all settings inside auth {} and
then to remove the auth {} section. With v1.0.5 I do have an auth default {} section
and a section ## Authentication processes.

> below a partly output from a working 2.1.7
> 
> auth_mechanisms                = CRAM-MD5 DIGEST-MD5 APOP LOGIN PLAIN
> auth_worker_max_count          = 100
> auth_cache_size                = 32768
> auth_cache_ttl                 = 1800
> auth_cache_negative_ttl        = 1800
> auth_username_chars            = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@%
> auth_username_translation      = %@AaBbCcDdEeFfGgHhIiJjKkLlMmNnOoPpQqRrSsTtUuVvWwXxYyZz
> auth_debug                     = no
> auth_debug_passwords           = no
> auth_verbose                   = no
> 

Thank you! I found section ## Authentication processes but when I add

auth_passdb {
    args = /etc/dovecot/passwd
      driver = passwd-file
    }
auth_userdb {
    args = /etc/dovecot/passwd
      driver = passwd-file
    }

I get an error:
doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf line 709: Unknown setting: auth_passdb

Where do I put the passdb and userdb sections?

  Andreas

From weber at zackbummfertig.de  Fri Jun  8 16:56:34 2012
From: weber at zackbummfertig.de (Marko Weber)
Date: Fri, 08 Jun 2012 15:56:34 +0200
Subject: [Dovecot] =?utf-8?q?dovecot_ignores_entries_in_virtual=5Falias=5F?=
 =?utf-8?q?maps_when_using_dovecot_lda?=
Message-ID: <c266c9e5578b0e79129d24794a7110b4@zackbummfertig.de>


hello list,
i need help. dovecot dont look into my virtual_alias_maps .
i set via postzfixadmin an alias postmaster at domain.tld to 
newmail at domainother.tld.
when i send mails to postmaster at domain.tld mails are rejected. dovecot 
authworker tells
me in log: user unknown.
but i can request the data via postmap -v -q postmaster at domain.tld 
mysql:/etc/postfix/mysql_virtual_alias.cf
and get result "newmail at domainother.tld".

any ideas, hwo to get dovecot to look into my alias maps?

marko


From steeeeeveee at gmx.net  Fri Jun  8 17:12:01 2012
From: steeeeeveee at gmx.net (Steve)
Date: Fri, 08 Jun 2012 16:12:01 +0200
Subject: [Dovecot] dovecot ignores entries in virtual_alias_maps when
 using dovecot lda
In-Reply-To: <c266c9e5578b0e79129d24794a7110b4@zackbummfertig.de>
References: <c266c9e5578b0e79129d24794a7110b4@zackbummfertig.de>
Message-ID: <20120608141201.318640@gmx.net>


-------- Original-Nachricht --------
> Datum: Fri, 08 Jun 2012 15:56:34 +0200
> Von: Marko Weber <weber at zackbummfertig.de>
> An: Dovecot <dovecot at dovecot.org>
> Betreff: [Dovecot] dovecot ignores entries in virtual_alias_maps when using dovecot lda

> 
> hello list,
> i need help. dovecot dont look into my virtual_alias_maps .
> i set via postzfixadmin an alias postmaster at domain.tld to 
> newmail at domainother.tld.
> when i send mails to postmaster at domain.tld mails are rejected. dovecot 
> authworker tells
> me in log: user unknown.
> but i can request the data via postmap -v -q postmaster at domain.tld 
> mysql:/etc/postfix/mysql_virtual_alias.cf
> and get result "newmail at domainother.tld".
> 
This is postfix related. You need to look into your /etc/dovecot/conf.d/10-auth.conf and there you have referenced (probably with an !include) a auth-sql.conf.ext file. The content of that file is important to us. Probably there you have a userdb {} entry with an driver = sql and an args entry. The file you reference there in the args entry is important to us too. Can you post the content of those files?


> any ideas, hwo to get dovecot to look into my alias maps?
> 
> marko
> 
// Steve
-- 
NEU: FreePhone 3-fach-Flat mit kostenlosem Smartphone!                                  
Jetzt informieren: http://mobile.1und1.de/?ac=OM.PW.PW003K20328T7073a

From h.reindl at thelounge.net  Fri Jun  8 17:35:49 2012
From: h.reindl at thelounge.net (Reindl Harald)
Date: Fri, 08 Jun 2012 16:35:49 +0200
Subject: [Dovecot] upgrade from 1.0.5 to 2.1.7
In-Reply-To: <20120608153307.751e3865@itx.bitcorner.intern>
References: <20120608130511.1d55d814@itx.bitcorner.intern>
	<4FD1E24C.1030906@thelounge.net>
	<20120608153307.751e3865@itx.bitcorner.intern>
Message-ID: <4FD20DC5.7000500@thelounge.net>



Am 08.06.2012 15:33, schrieb Andreas Meyer:
> Reindl Harald <h.reindl at thelounge.net> wrote:
> 
>>
>>
>> Am 08.06.2012 13:05, schrieb Andreas Meyer:
>>> I want to upgrade the docevot-installation from v 1.0.5 to 2.1..7
>>> Now I get the following executing
>>> doveconf -n -c /etc/dovecot/dovecot.conf > /home/mail1/dovecot-2.conf
>>>
>>> doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:217: add auth_ prefix to all settings inside auth {} and remove the auth {} section completely
>>> doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:219: passdb passwd-file {} has been replaced by passdb { driver=passwd-file }
>>> doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:222: userdb passwd-file {} has been replaced by userdb { driver=passwd-file }
>>>
>>> The section  at line 217 looks like this:
>>>
>>> auth default {
>>>   mechanisms = plain
>>>   passdb passwd-file {
>>>   args = /etc/dovecot/passwd
>>>   }
>>>   userdb passwd-file {
>>>   args = /etc/dovecot/passwd
>>>   }
>>>
>>> How do I change it to fullfill the new needs?
>>>
>>> And how do I handle line 217?
>>> add auth_ prefix to all settings inside auth {} and remove the auth {} section completely
>>
>> what exactly are you not understanding here?
>> this is a very clear message
> 
> I find the message very confusing. It says to do all settings inside auth {} and
> then to remove the auth {} section.

no, it says you should MOVE all settings OUT from auth {}
in the main part and add a prefix auth_ to them

you quoted your auth{} section

in a pure 2.x setup this would not exist

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 262 bytes
Desc: OpenPGP digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20120608/5f1f1dca/attachment-0001.bin>

From anmeyer at anup.de  Fri Jun  8 17:50:51 2012
From: anmeyer at anup.de (Andreas Meyer)
Date: Fri, 8 Jun 2012 16:50:51 +0200
Subject: [Dovecot] upgrade from 1.0.5 to 2.1.7
In-Reply-To: <4FD20DC5.7000500@thelounge.net>
References: <20120608130511.1d55d814@itx.bitcorner.intern>
	<4FD1E24C.1030906@thelounge.net>
	<20120608153307.751e3865@itx.bitcorner.intern>
	<4FD20DC5.7000500@thelounge.net>
Message-ID: <20120608165051.6001b856@itx.bitcorner.intern>

Reindl Harald <h.reindl at thelounge.net> wrote:

> >>> The section  at line 217 looks like this:
> >>>
> >>> auth default {
> >>>   mechanisms = plain
> >>>   passdb passwd-file {
> >>>   args = /etc/dovecot/passwd
> >>>   }
> >>>   userdb passwd-file {
> >>>   args = /etc/dovecot/passwd
> >>>   }
> >>>
> >>> How do I change it to fullfill the new needs?
> >>>
> >>> And how do I handle line 217?
> >>> add auth_ prefix to all settings inside auth {} and remove the auth {} section completely
> >>
> >> what exactly are you not understanding here?
> >> this is a very clear message
> > 
> > I find the message very confusing. It says to do all settings inside auth {} and
> > then to remove the auth {} section.
> 
> no, it says you should MOVE all settings OUT from auth {}
> in the main part and add a prefix auth_ to them
> 
> you quoted your auth{} section
> 
> in a pure 2.x setup this would not exist
> 

I get this output when I move the passwd settings to the main section:

# doveconf -n -c /etc/dovecot/dovecot.conf > /home/mail1/dovecot-2.conf
doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf line 710: Unknown setting: auth_passdb

Also if I use !include /etc/dovecot/auth-passwdfile.conf in the main section,
the auth-passwdfile.conf weems to be ignored. It has the following content:

passdb {
  driver = passwd-file
  #args = scheme=CRYPT username_format=%u /etc/dovecot/passwd
  args = /etc/dovecot/passwd
}

userdb {
  driver = passwd-file
  #args = username_format=%u /etc/dovecot/passwd
  args = /etc/dovecot/passwd

  # Default fields that can be overridden by passwd-file
  #default_fields = quota_rule=*:storage=1G
              
  # Override fields from passwd-file
  #override_fields = home=/home/virtual/%u
}

I don't know where to put the passwd section.

  Andreas

From h.reindl at thelounge.net  Fri Jun  8 17:58:53 2012
From: h.reindl at thelounge.net (Reindl Harald)
Date: Fri, 08 Jun 2012 16:58:53 +0200
Subject: [Dovecot] upgrade from 1.0.5 to 2.1.7
In-Reply-To: <20120608165051.6001b856@itx.bitcorner.intern>
References: <20120608130511.1d55d814@itx.bitcorner.intern>
	<4FD1E24C.1030906@thelounge.net>
	<20120608153307.751e3865@itx.bitcorner.intern>
	<4FD20DC5.7000500@thelounge.net>
	<20120608165051.6001b856@itx.bitcorner.intern>
Message-ID: <4FD2132D.1090302@thelounge.net>



Am 08.06.2012 16:50, schrieb Andreas Meyer:
> Reindl Harald <h.reindl at thelounge.net> wrote:
> 
>>>>> The section  at line 217 looks like this:
>>>>>
>>>>> auth default {
>>>>>   mechanisms = plain
>>>>>   passdb passwd-file {
>>>>>   args = /etc/dovecot/passwd
>>>>>   }
>>>>>   userdb passwd-file {
>>>>>   args = /etc/dovecot/passwd
>>>>>   }
>>>>>
>>>>> How do I change it to fullfill the new needs?
>>>>>
>>>>> And how do I handle line 217?
>>>>> add auth_ prefix to all settings inside auth {} and remove the auth {} section completely
>>>>
>>>> what exactly are you not understanding here?
>>>> this is a very clear message
>>>
>>> I find the message very confusing. It says to do all settings inside auth {} and
>>> then to remove the auth {} section.
>>
>> no, it says you should MOVE all settings OUT from auth {}
>> in the main part and add a prefix auth_ to them
>>
>> you quoted your auth{} section
>>
>> in a pure 2.x setup this would not exist
>>
> 
> I get this output when I move the passwd settings to the main section:
> 
> # doveconf -n -c /etc/dovecot/dovecot.conf > /home/mail1/dovecot-2.conf
> doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf line 710: Unknown setting: auth_passdb

because this does not belong here
consider take a look at dovecot2 manuals

http://wiki2.dovecot.org/AuthDatabase/
http://wiki2.dovecot.org/AuthDatabase/PasswdFile

below the auth/passdb config of a 2.1.7 dovecot.conf which
was dovecot 1.x until upgraded to 2.x a very long time ago
within a few minutes by reading error-messages and docs

in this case it is a proxy-only setup accessing dbmail's
user-database for authentication
___________________________

# authentication process
auth_worker_max_count          = 100
auth_cache_size                = 32768
auth_cache_ttl                 = 1800
auth_cache_negative_ttl        = 1800
auth_username_chars            = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@%
auth_username_translation      = %@AaBbCcDdEeFfGgHhIiJjKkLlMmNnOoPpQqRrSsTtUuVvWwXxYyZz

# debug options
auth_debug                     = no
auth_debug_passwords           = no
auth_verbose                   = no
mail_debug                     = no
verbose_ssl                    = no

# configure proxy-database
passdb {
 driver                        = sql
 args                          = /etc/dovecot/sql.conf
}

# we are not using local users
userdb {
 driver                        = static
 args                          = static uid=5000 gid=5000 home=/dev/null
}

# configure backend for postfix sasl-auth
service auth {
  unix_listener /var/spool/postfix/private/auth {
  mode                         = 0660
  user                         = postfix
  group                        = postfix
 }
}

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 262 bytes
Desc: OpenPGP digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20120608/7300c07b/attachment.bin>

From anmeyer at anup.de  Fri Jun  8 18:36:41 2012
From: anmeyer at anup.de (Andreas Meyer)
Date: Fri, 8 Jun 2012 17:36:41 +0200
Subject: [Dovecot] upgrade from 1.0.5 to 2.1.7
In-Reply-To: <4FD2132D.1090302@thelounge.net>
References: <20120608130511.1d55d814@itx.bitcorner.intern>
	<4FD1E24C.1030906@thelounge.net>
	<20120608153307.751e3865@itx.bitcorner.intern>
	<4FD20DC5.7000500@thelounge.net>
	<20120608165051.6001b856@itx.bitcorner.intern>
	<4FD2132D.1090302@thelounge.net>
Message-ID: <20120608173641.329d4c79@itx.bitcorner.intern>

Reindl Harald <h.reindl at thelounge.net> wrote:

> Am 08.06.2012 16:50, schrieb Andreas Meyer:
> > Reindl Harald <h.reindl at thelounge.net> wrote:

> >> you quoted your auth{} section
> >>
> >> in a pure 2.x setup this would not exist
> >>
> > 
> > I get this output when I move the passwd settings to the main section:
> > 
> > # doveconf -n -c /etc/dovecot/dovecot.conf > /home/mail1/dovecot-2.conf
> > doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf line 710: Unknown setting: auth_passdb
> 
> because this does not belong here
> consider take a look at dovecot2 manuals
> 
> http://wiki2.dovecot.org/AuthDatabase/
> http://wiki2.dovecot.org/AuthDatabase/PasswdFile

thanks again! I think I got this one right now.

I risked to restat dovecot with the new version and got this
in the logfile now:

Jun 08 17:20:19 imap: Error: dlopen(/usr/lib/dovecot/modules/imap/lib10_quota_plugin.so) failed: /usr/lib/dovecot/modules/imap/lib10_quota_plugin.so: 
undefined symbol: mail_storage_module_id
Jun 08 17:20:19 imap: Fatal: Couldn't load required plugins
Jun 08 17:20:19 imap-login: Warning: SSL alert: where=0x4008, ret=256: warning close notify [84.179.59.203]

The /usr/lib/dovecot/modules/imap/lib10_quota_plugin.so is a symlink to
/usr/lib/dovecot/modules/lib10_quota_plugin.so

What can I do? Wouldn't it be great to get the new dovecot working with
my users and the old passwd file?

  Andreas

From weber at zackbummfertig.de  Fri Jun  8 18:44:32 2012
From: weber at zackbummfertig.de (Marko Weber)
Date: Fri, 08 Jun 2012 17:44:32 +0200
Subject: [Dovecot]
 =?utf-8?q?dovecot_ignores_entries_in_virtual=5Falias=5F?=
 =?utf-8?q?maps_when_using_dovecot_lda?=
In-Reply-To: <20120608141201.318640@gmx.net>
References: <c266c9e5578b0e79129d24794a7110b4@zackbummfertig.de>
	<20120608141201.318640@gmx.net>
Message-ID: <6b4775adce81aa5a7b9a8e7ccfe4a372@zackbummfertig.de>



Am 08.06.2012 16:12, schrieb Steve:
> -------- Original-Nachricht --------
>> Datum: Fri, 08 Jun 2012 15:56:34 +0200
>> Von: Marko Weber <weber at zackbummfertig.de>
>> An: Dovecot <dovecot at dovecot.org>
>> Betreff: [Dovecot] dovecot ignores entries in virtual_alias_maps 
>> when using dovecot lda
>
>>
>> hello list,
>> i need help. dovecot dont look into my virtual_alias_maps .
>> i set via postzfixadmin an alias postmaster at domain.tld to
>> newmail at domainother.tld.
>> when i send mails to postmaster at domain.tld mails are rejected. 
>> dovecot
>> authworker tells
>> me in log: user unknown.
>> but i can request the data via postmap -v -q postmaster at domain.tld
>> mysql:/etc/postfix/mysql_virtual_alias.cf
>> and get result "newmail at domainother.tld".
>>
> This is postfix related. You need to look into your
> /etc/dovecot/conf.d/10-auth.conf and there you have referenced
> (probably with an !include) a auth-sql.conf.ext file. The content of
> that file is important to us. Probably there you have a userdb {}
> entry with an driver = sql and an args entry. The file you reference
> there in the args entry is important to us too. Can you post the
> content of those files?



10-auth.conf:

auth_mechanisms = plain login digest-md5 cram-md5

!include auth-system.conf.ext
!include auth-sql.conf.ext

(thats all in the 10-auth.conf file)



auth-sql.conf.ext:

passdb {
   driver = sql

   # Path for SQL configuration file, see 
example-config/dovecot-sql.conf.ext
   args = /etc/dovecot/dovecot-sql.conf.ext
}

userdb {
   driver = sql
   args = /etc/dovecot/dovecot-sql.conf.ext
}


/etc/dovecot/dovecot-sql.conf.ext:

connect = \
   host=/var/run/mysqld/mysqld.sock \
   dbname=postfixadmin \
   user=wurst \
   password=irgendetwaspasswort

default_pass_scheme = MD5


user_query = \
         SELECT \
         CONCAT('/home/vmail/',maildir) AS home, \
         CONCAT('maildir:/home/vmail/',maildir) AS mail, \
         maildir, 5000 AS uid, 5000 AS gid, \
         CONCAT('*:bytes=', CAST(quota AS CHAR)) AS quota_rule \
                 FROM mailbox \
                         WHERE username = '%u' AND active = '1' LIMIT 1

password_query = \
   SELECT \
     username AS user, \
     password, \
     CONCAT('/home/vmail',maildir) AS userdb_home, \
     CONCAT('maildir:/home/vmail/',maildir) AS userdb_mail, \
     5000 AS userdb_uid, \
     5000 AS userdb_gid \
         FROM mailbox \
                 WHERE username='%u' AND active='1' LIMIT 1


thats all.

do you need more information , lemme know.

marko





>
>
>> any ideas, hwo to get dovecot to look into my alias maps?
>>
>> marko
>>
> // Steve


From tss at iki.fi  Fri Jun  8 19:12:44 2012
From: tss at iki.fi (Timo Sirainen)
Date: Fri, 8 Jun 2012 19:12:44 +0300
Subject: [Dovecot] upgrade from 1.0.5 to 2.1.7
In-Reply-To: <20120608130511.1d55d814@itx.bitcorner.intern>
References: <20120608130511.1d55d814@itx.bitcorner.intern>
Message-ID: <809542A3-5306-49C5-AB70-3F195A85BD84@iki.fi>

On 8.6.2012, at 14.05, Andreas Meyer wrote:

> I want to upgrade the docevot-installation from v 1.0.5 to 2.1..7
> 
> Now I get the following executing
> doveconf -n -c /etc/dovecot/dovecot.conf > /home/mail1/dovecot-2.conf

Didn't this command produce a working dovecot-2.conf file? If not, it's probably a bug.

> doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:217: add auth_ prefix to all settings inside auth {} and remove the auth {} section completely
> doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:219: passdb passwd-file {} has been replaced by passdb { driver=passwd-file }
> doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:222: userdb passwd-file {} has been replaced by userdb { driver=passwd-file }
..
> How do I change it to fullfill the new needs?

doveconf should have done all of those changes for you and placed them to dovecot-2.conf


From tss at iki.fi  Fri Jun  8 19:15:24 2012
From: tss at iki.fi (Timo Sirainen)
Date: Fri, 8 Jun 2012 19:15:24 +0300
Subject: [Dovecot] upgrade from 1.0.5 to 2.1.7
In-Reply-To: <20120608173641.329d4c79@itx.bitcorner.intern>
References: <20120608130511.1d55d814@itx.bitcorner.intern>
	<4FD1E24C.1030906@thelounge.net>
	<20120608153307.751e3865@itx.bitcorner.intern>
	<4FD20DC5.7000500@thelounge.net>
	<20120608165051.6001b856@itx.bitcorner.intern>
	<4FD2132D.1090302@thelounge.net>
	<20120608173641.329d4c79@itx.bitcorner.intern>
Message-ID: <E9B27EF2-2424-46B7-B801-CDA255114BCE@iki.fi>

On 8.6.2012, at 18.36, Andreas Meyer wrote:

> Jun 08 17:20:19 imap: Error: dlopen(/usr/lib/dovecot/modules/imap/lib10_quota_plugin.so) failed: /usr/lib/dovecot/modules/imap/lib10_quota_plugin.so: 
> 
> What can I do? Wouldn't it be great to get the new dovecot working with
> my users and the old passwd file?

The quota plugin isn't against the same version of Dovecot.. So you have two Dovecot versions now somehow all mixed up. One solution would be to delete all files related to Dovecot and install 2.1.7 again.


From tss at iki.fi  Fri Jun  8 19:17:48 2012
From: tss at iki.fi (Timo Sirainen)
Date: Fri, 8 Jun 2012 19:17:48 +0300
Subject: [Dovecot] difference between client_limit and process_limit
In-Reply-To: <4FD1DE19.4050903@um.es>
References: <4FD1D2E5.3020901@um.es> <4FD1DE19.4050903@um.es>
Message-ID: <A1BAE7E0-1F08-4FDA-8FC8-D045E5E7987A@iki.fi>

On 8.6.2012, at 14.12, Angel L. Mateo wrote:

>> What is the real difference between client and process limit? According
>> to documentation (http://wiki2.dovecot.org/Services#Service_limits):
>> 
> 	Sorry, it's friday, my mind is on the weekend :-(
> 
> 	I understand that client_limit is how many connections (imap connections, for example) could be handle by one dovecot process, so if I have client_limit=2 and process_limit=1024, then I could 2048 concurrent connections, right?

Yes, but like the wiki page also says, it's not a good idea increase client_limit for imap/pop3 processes.


From tss at iki.fi  Fri Jun  8 19:20:09 2012
From: tss at iki.fi (Timo Sirainen)
Date: Fri, 8 Jun 2012 19:20:09 +0300
Subject: [Dovecot] Director pop3 real ips v2.1.1
In-Reply-To: <213B51F00051AE48A9F0E112880177178F79E4@Delta.sc.local>
References: <213B51F00051AE48A9F0E112880177178F79E3@Delta.sc.local>
	<213B51F00051AE48A9F0E112880177178F79E4@Delta.sc.local>
Message-ID: <1415FF99-54F4-4D17-BC8A-7ACC9E0FE6F4@iki.fi>

On 8.6.2012, at 7.39, ???????? ????????? ?????????? wrote:

> yes, I use v.2.1.1 on both director and backends
> and yes, I've added 
> login_trusted_networks = 192.168.5.0/24 on all of them
> but it didn't help.


Missing feature:

v2.1.2 2012-03-15  Timo Sirainen <tss at iki.fi>

        + Proxying: POP3 now supports sending remote IP+port from proxy to
          backend server via Dovecot-specific XCLIENT extension.


From tss at iki.fi  Fri Jun  8 19:25:50 2012
From: tss at iki.fi (Timo Sirainen)
Date: Fri, 8 Jun 2012 19:25:50 +0300
Subject: [Dovecot] auth trouble
In-Reply-To: <4087ECCF-8C69-4888-8CD9-44566A256F92@slsware.com>
References: <mailman.660.1338628819.3160.dovecot@dovecot.org>
	<Pine.GSO.4.64.1206041936170.24178@nodomain>
	<DB69BBFB-5E98-43BF-B7EF-27DCEF4769DB@slsware.com>
	<20120605215325.GC3672@harrier.slackbuilds.org>
	<4087ECCF-8C69-4888-8CD9-44566A256F92@slsware.com>
Message-ID: <9816DBD9-ED12-4834-9D13-EB70140054CE@iki.fi>

On 6.6.2012, at 2.08, Glenn English wrote:

>> And these brute force attempts would be logged, each one.
> 
> They are, with no rhost. And there are other brute force attempts 
> that *do* have IPs.

I think the answer to this is simply that Dovecot v1.0 didn't tell PAM the rhost. Upgrade.


From rnalrd at gmail.com  Fri Jun  8 17:53:21 2012
From: rnalrd at gmail.com (Leonardo)
Date: Fri, 08 Jun 2012 16:53:21 +0200
Subject: [Dovecot] ntlm_auth in Dovecot
Message-ID: <1339167201.4285.90.camel@df1844j>

Hi,

I'm trying getting NTLM auth working against AD in my Dovecot 2.0.15.

I'm getting the following error:


Jun 08 14:18:11 auth: Info: winbind(?,10.44.3.151): user not
authenticated: NT_STATUS_UNSUCCESSFUL


"wbinfo -u" reports all the users of the domain and "ntlm_auth
--username=%name% --domain="%domain%" gets authenticated successfully.


Debugging winbind I can see the following error:


[2012/06/08 14:18:11.129611, 10]
winbindd/winbindd.c:651(process_request)
  process_request: unknown request fn number 14
[2012/06/08 14:18:11.129671, 10]
winbindd/winbindd.c:738(winbind_client_response_written)
  winbind_client_response_written[2822:unknown request]: delivered
response to client


My dovecot.conf is the following:



auth_mechanisms = plain ntlm login
auth_username_format = %n
auth_verbose = yes
auth_winbind_helper_path = /usr/bin/ntlm_auth
auth_use_winbind = yes
auth_debug = yes
disable_plaintext_auth = no
info_log_path = /var/log/dovecot-info.log
log_path = /var/log/dovecot.log
mail_location = maildir:/var/mail/domains/%d/%n

plugin {
  autocreate = Trash
  autocreate2 = Spam
  autocreate3 = Sent
  autosubscribe = Trash
  autosubscribe2 = Spam
  autosubscribe3 = Sent
}

protocols = imap

ssl = no

userdb {
  driver = static
  args = uid=100 gid=101 home=/var/mail/domains/%d/%n
first_valid_uid=100
}

passdb ldap {
  driver = ldap
  args = /etc/dovecot/dovecot-ldap.conf
}

protocol imap {
  mail_plugins = autocreate
}


Sounds like there is an issue when Dovecot runs "ntlm_auth". It doesn't
appear to be a permission issue (perms are 755).

Any help is appreciated. Thank you in advance.

-- leonardo.


From at_hacker at mail.ru  Fri Jun  8 19:32:54 2012
From: at_hacker at mail.ru (=?UTF-8?B?0JDQu9C10LrRgdC10Lkg0J/QtdGA0LXQutC70LDQtA==?=)
Date: Fri, 08 Jun 2012 20:32:54 +0400
Subject: [Dovecot] =?utf-8?q?Fwd=3A__ntlm=5Fauth_in_Dovecot?=
Message-ID: <1339173174.822111746@f215.mail.ru>

Try to delete your server from domain and add it again by "net ads join..."


> I'm trying getting NTLM auth working against AD in my Dovecot 2.0.15.
> 
> I'm getting the following error:
> 
> 
> Jun 08 14:18:11 auth: Info: winbind(?,10.44.3.151): user not
> authenticated: NT_STATUS_UNSUCCESSFUL

From h.reindl at thelounge.net  Fri Jun  8 19:33:26 2012
From: h.reindl at thelounge.net (Reindl Harald)
Date: Fri, 08 Jun 2012 18:33:26 +0200
Subject: [Dovecot] difference between client_limit and process_limit
In-Reply-To: <A1BAE7E0-1F08-4FDA-8FC8-D045E5E7987A@iki.fi>
References: <4FD1D2E5.3020901@um.es> <4FD1DE19.4050903@um.es>
	<A1BAE7E0-1F08-4FDA-8FC8-D045E5E7987A@iki.fi>
Message-ID: <4FD22956.20904@thelounge.net>



Am 08.06.2012 18:17, schrieb Timo Sirainen:
> On 8.6.2012, at 14.12, Angel L. Mateo wrote:
> 
>>> What is the real difference between client and process limit? According
>>> to documentation (http://wiki2.dovecot.org/Services#Service_limits):
>>>
>> 	Sorry, it's friday, my mind is on the weekend :-(
>>
>> 	I understand that client_limit is how many connections (imap connections, for example) could be handle by one dovecot process, so if I have client_limit=2 and process_limit=1024, then I could 2048 concurrent connections, right?
> 
> Yes, but like the wiki page also says, it's not a good idea increase client_limit for imap/pop3 processes.

depends on the usecase / workload

having dovecot as proxy for other imap-backends and 1 process per connection
will heavily raise up process-count and memory-overhead while memory
may be needed for the imap-backend (like dbmail) and datanases

process_limit                = 15
client_limit                 = 300

this way you can have 4500 proxy-connections and use most time
not more than 4-5 processes



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 262 bytes
Desc: OpenPGP digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20120608/d823fb47/attachment.bin>

From tss at iki.fi  Fri Jun  8 19:43:16 2012
From: tss at iki.fi (Timo Sirainen)
Date: Fri, 8 Jun 2012 19:43:16 +0300
Subject: [Dovecot] difference between client_limit and process_limit
In-Reply-To: <4FD22956.20904@thelounge.net>
References: <4FD1D2E5.3020901@um.es> <4FD1DE19.4050903@um.es>
	<A1BAE7E0-1F08-4FDA-8FC8-D045E5E7987A@iki.fi>
	<4FD22956.20904@thelounge.net>
Message-ID: <3E0F7337-B1BA-426F-84AF-D1D7710B80A3@iki.fi>

On 8.6.2012, at 19.33, Reindl Harald wrote:

>> Yes, but like the wiki page also says, it's not a good idea increase client_limit for imap/pop3 processes.
> 
> depends on the usecase / workload
> 
> having dovecot as proxy for other imap-backends and 1 process per connection
> will heavily raise up process-count and memory-overhead while memory
> may be needed for the imap-backend (like dbmail) and datanases
> 
> process_limit                = 15
> client_limit                 = 300
> 
> this way you can have 4500 proxy-connections and use most time
> not more than 4-5 processes

Proxying is done by imap-login process, not imap process. For login processes there are different recommendations.


From anmeyer at anup.de  Fri Jun  8 19:57:21 2012
From: anmeyer at anup.de (Andreas Meyer)
Date: Fri, 8 Jun 2012 18:57:21 +0200
Subject: [Dovecot] upgrade from 1.0.5 to 2.1.7
In-Reply-To: <809542A3-5306-49C5-AB70-3F195A85BD84@iki.fi>
References: <20120608130511.1d55d814@itx.bitcorner.intern>
	<809542A3-5306-49C5-AB70-3F195A85BD84@iki.fi>
Message-ID: <20120608185721.46b98e9f@itx.bitcorner.intern>

Timo Sirainen <tss at iki.fi> wrote:

> On 8.6.2012, at 14.05, Andreas Meyer wrote:
> 
> > I want to upgrade the docevot-installation from v 1.0.5 to 2.1..7
> > 
> > Now I get the following executing
> > doveconf -n -c /etc/dovecot/dovecot.conf > /home/mail1/dovecot-2.conf
> 
> Didn't this command produce a working dovecot-2.conf file? If not, it's probably a bug.

Yes, it did. I was wondering, it just containes a few lines. ;) Took it
and placed it in /usr/etc as dovecot.conf. But then I got this error with
the quota_plugin, see they other thread.

> > doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:217: add auth_ prefix to all settings inside auth {} and remove the auth {} section completely
> > doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:219: passdb passwd-file {} has been replaced by passdb { driver=passwd-file }
> > doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:222: userdb passwd-file {} has been replaced by userdb { driver=passwd-file }
> ..
> > How do I change it to fullfill the new needs?
> 
> doveconf should have done all of those changes for you and placed them to dovecot-2.conf
> 

Yes, it did.

  Andreas

From l.messner at physik.tu-berlin.de  Fri Jun  8 19:59:02 2012
From: l.messner at physik.tu-berlin.de (Leon =?iso-8859-15?Q?Me=DFner?=)
Date: Fri, 8 Jun 2012 18:59:02 +0200
Subject: [Dovecot] auth_krb5_keytab ignored ?
Message-ID: <20120608165902.GI89928@rosa.physik.tu-berlin.de>

Hi list,

i noticed that when doing imap gssapi authentication with kerberos,
dovecot (here 2.1.7) always searches /etc/krb5.keytab although i have
auth_krb5_keytab = /etc/mail3.krb5.keytab in my etc/dovecot/dovecot.conf
and doveconf -n also show this setting. If i combine the keytabs in
krb5.keytab it works. Is there another location where i should put my
configuration regarding gssapi/kerberos ?

Thanks,
Leon

logs:
18:48_root at mail3:/root# cat /var/log/dovecot.log | tail -n 8
Jun 08 18:48:16 auth: Debug: client in: AUTH    1       GSSAPI  service=imap    secured session=gexTxPjBZACClTqR        lip=130.149.58.164      rip=130.149.58.145      lport=993 rport=31076
Jun 08 18:48:16 auth: Debug: gssapi(?,130.149.58.145,<gexTxPjBZACClTqR>): Obtaining credentials for imap at mail3.physik-pool.tu-berlin.de
Jun 08 18:48:16 auth: Debug: client out: CONT   1
Jun 08 18:48:16 auth: Debug: client in: CONT<hidden>
Jun 08 18:48:16 auth: Info: gssapi(?,130.149.58.145,<gexTxPjBZACClTqR>): While processing incoming data:  Miscellaneous failure (see text)
Jun 08 18:48:16 auth: Info: gssapi(?,130.149.58.145,<gexTxPjBZACClTqR>): While processing incoming data: Failed to find imap/mail3.physik-pool.tu-berlin.de at PCPOOL.PHYSIK.TU-BERLIN.DE(kvno 1) in keytab FILE:/etc/krb5.keytab (des3-cbc-sha1)
Jun 08 18:48:18 auth: Debug: client out: FAIL   1
Jun 08 18:48:23 imap-login: Info: Aborted login (auth failed, 1 attempts in 7 secs): user=<>, method=GSSAPI, rip=130.149.58.145, lip=130.149.58.164, TLS, session=<gexTxPjBZACClTqR>


# 2.1.7: /usr/local/etc/dovecot/dovecot.conf
# OS: FreeBSD 8.2-RELEASE-p3 amd64
auth_debug = yes
auth_gssapi_hostname = mail3.physik-pool.tu-berlin.de
auth_krb5_keytab = /etc/mail3.krb5.keytab
auth_mechanisms = gssapi plain login
auth_verbose = yes
auth_worker_max_count = 120
first_valid_gid = 300
first_valid_uid = 200
lda_mailbox_autocreate = yes
listen = mail3.physik.tu-berlin.de
log_path = /var/log/dovecot.log
mail_fsync = always
mail_location = maildir:~/maildir
mail_nfs_index = yes
mail_nfs_storage = yes
mail_privileged_group = mail
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave
mmap_disable = yes
namespace {
  inbox = yes
  location =
  prefix =
  separator = /
  type = private
}
namespace {
  location = mbox:~/mail
  prefix = mail/
  separator = /
  type = private
}
passdb {
  args = session=yes failure_show_msg=yes max_requests=100 dovecot
  driver = pam
}
plugin {
  quota = fs
  sieve = ~/.dovecot.sieve
  sieve_dir = ~/.sieve
}
protocols = imap pop3
service auth {
  unix_listener auth-client {
    mode = 0660
  }
  unix_listener auth-master {
    mode = 0600
  }
  user = root
}
service imap-login {
  inet_listener imap {
    port = 0
  }
  process_limit = 256
  process_min_avail = 6
}
service managesieve-login {
  process_limit = 256
  process_min_avail = 6
}
service pop3-login {
  inet_listener pop3 {
    port = 0
  }
  process_limit = 256
  process_min_avail = 6
}
ssl_cert = </etc/private/mail3.physik.tu-berlin.de.pem
ssl_key = </etc/private/physik.tu-berlin.de_privatekey.pem
userdb {
  args = blocking=yes
  driver = passwd
}
verbose_proctitle = yes
protocol lda {
  info_log_path = /var/log/dovecot-lda.log
  log_path = /var/log/dovecot-lda.log
  mail_plugins = " sieve quota"
}

From anmeyer at anup.de  Fri Jun  8 20:02:43 2012
From: anmeyer at anup.de (Andreas Meyer)
Date: Fri, 8 Jun 2012 19:02:43 +0200
Subject: [Dovecot] upgrade from 1.0.5 to 2.1.7
In-Reply-To: <E9B27EF2-2424-46B7-B801-CDA255114BCE@iki.fi>
References: <20120608130511.1d55d814@itx.bitcorner.intern>
	<4FD1E24C.1030906@thelounge.net>
	<20120608153307.751e3865@itx.bitcorner.intern>
	<4FD20DC5.7000500@thelounge.net>
	<20120608165051.6001b856@itx.bitcorner.intern>
	<4FD2132D.1090302@thelounge.net>
	<20120608173641.329d4c79@itx.bitcorner.intern>
	<E9B27EF2-2424-46B7-B801-CDA255114BCE@iki.fi>
Message-ID: <20120608190243.1ccf5aa8@itx.bitcorner.intern>

Timo Sirainen <tss at iki.fi> wrote:

> On 8.6.2012, at 18.36, Andreas Meyer wrote:
> 
> > Jun 08 17:20:19 imap: Error: dlopen(/usr/lib/dovecot/modules/imap/lib10_quota_plugin.so) failed: /usr/lib/dovecot/modules/imap/lib10_quota_plugin.so: 
> > 
> > What can I do? Wouldn't it be great to get the new dovecot working with
> > my users and the old passwd file?
> 
> The quota plugin isn't against the same version of Dovecot.. So you have two Dovecot versions now somehow all mixed up. One solution would be to delete all files related to Dovecot and install 2.1.7 again.
> 

I wonder ./configure, make and make install went through, but for some
reason the /usr/lib/dovecot/modules directory was not updated. Could
it be because there was the old version 1.0.5 still running while
installing the new one?

I'll try to do a make install again while the dovecot is stopped
and then start the new version and see what happens.

  Andreas

From h.reindl at thelounge.net  Fri Jun  8 20:10:35 2012
From: h.reindl at thelounge.net (Reindl Harald)
Date: Fri, 08 Jun 2012 19:10:35 +0200
Subject: [Dovecot] upgrade from 1.0.5 to 2.1.7
In-Reply-To: <20120608190243.1ccf5aa8@itx.bitcorner.intern>
References: <20120608130511.1d55d814@itx.bitcorner.intern>
	<4FD1E24C.1030906@thelounge.net>
	<20120608153307.751e3865@itx.bitcorner.intern>
	<4FD20DC5.7000500@thelounge.net>
	<20120608165051.6001b856@itx.bitcorner.intern>
	<4FD2132D.1090302@thelounge.net>
	<20120608173641.329d4c79@itx.bitcorner.intern>
	<E9B27EF2-2424-46B7-B801-CDA255114BCE@iki.fi>
	<20120608190243.1ccf5aa8@itx.bitcorner.intern>
Message-ID: <4FD2320B.6070107@thelounge.net>



Am 08.06.2012 19:02, schrieb Andreas Meyer:
> Timo Sirainen <tss at iki.fi> wrote:
> 
>> On 8.6.2012, at 18.36, Andreas Meyer wrote:
>>
>>> Jun 08 17:20:19 imap: Error: dlopen(/usr/lib/dovecot/modules/imap/lib10_quota_plugin.so) failed: /usr/lib/dovecot/modules/imap/lib10_quota_plugin.so: 
>>>
>>> What can I do? Wouldn't it be great to get the new dovecot working with
>>> my users and the old passwd file?
>>
>> The quota plugin isn't against the same version of Dovecot.. So you have two Dovecot versions now somehow all mixed up. One solution would be to delete all files related to Dovecot and install 2.1.7 again.
>>
> 
> I wonder ./configure, make and make install went through, but for some
> reason the /usr/lib/dovecot/modules directory was not updated. Could
> it be because there was the old version 1.0.5 still running while
> installing the new one?

ouch - why are you doing such rough installs instead taking some time
to learn how to build packages for your OS?

the benefit of package-systems like rpm/deb is that obsolete files
are removed on updates and you have clean installs over many years
and major upgrades of any software

as example for Fedora&RHEL it is quite easy to setup rpmbuild, install a
recent src.rpm and replace rebuild new versions for older releases

the additional benefit is that you can do this on  a dedicated virtual
machine with devel-packages, GCC and so on which is all not needed on
the production systems AND you can easily use this packages on
testing machines followed by a crontrolled rollout

even for software with a handful of scripts -> on my servers and
workstations NEVER get any software installed without a package
and there are only two exceptions: VMware Workstation and ZendStudio

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 262 bytes
Desc: OpenPGP digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20120608/b25a0cf7/attachment.bin>

From anmeyer at anup.de  Fri Jun  8 20:31:02 2012
From: anmeyer at anup.de (Andreas Meyer)
Date: Fri, 8 Jun 2012 19:31:02 +0200
Subject: [Dovecot] upgrade from 1.0.5 to 2.1.7
In-Reply-To: <4FD2320B.6070107@thelounge.net>
References: <20120608130511.1d55d814@itx.bitcorner.intern>
	<4FD1E24C.1030906@thelounge.net>
	<20120608153307.751e3865@itx.bitcorner.intern>
	<4FD20DC5.7000500@thelounge.net>
	<20120608165051.6001b856@itx.bitcorner.intern>
	<4FD2132D.1090302@thelounge.net>
	<20120608173641.329d4c79@itx.bitcorner.intern>
	<E9B27EF2-2424-46B7-B801-CDA255114BCE@iki.fi>
	<20120608190243.1ccf5aa8@itx.bitcorner.intern>
	<4FD2320B.6070107@thelounge.net>
Message-ID: <20120608193102.37d4662d@itx.bitcorner.intern>

Reindl Harald <h.reindl at thelounge.net> wrote:

> > I wonder ./configure, make and make install went through, but for some
> > reason the /usr/lib/dovecot/modules directory was not updated. Could
> > it be because there was the old version 1.0.5 still running while
> > installing the new one?
> 
> ouch - why are you doing such rough installs instead taking some time
> to learn how to build packages for your OS?
> 
> the benefit of package-systems like rpm/deb is that obsolete files
> are removed on updates and you have clean installs over many years
> and major upgrades of any software
> 
> as example for Fedora&RHEL it is quite easy to setup rpmbuild, install a
> recent src.rpm and replace rebuild new versions for older releases
> 
> the additional benefit is that you can do this on  a dedicated virtual
> machine with devel-packages, GCC and so on which is all not needed on
> the production systems AND you can easily use this packages on
> testing machines followed by a crontrolled rollout
> 
> even for software with a handful of scripts -> on my servers and
> workstations NEVER get any software installed without a package
> and there are only two exceptions: VMware Workstation and ZendStudio

;-) I never ever built a rpm using sources since years. I always
build and install from the sources.

So ok, made a fresh make install and found out that the directory
/usr/lib/dovecot/modules and its contents were not created after
deleting manually the old /usr/lib/dovecot directory.

Got this snipped from the make install output:

make[4]: Leaving directory `/home/mail1/dovecot-2.1.7/src/plugins/imap-stats'
make[3]: Leaving directory `/home/mail1/dovecot-2.1.7/src/plugins/imap-stats'
Making install in trash
make[3]: Entering directory `/home/mail1/dovecot-2.1.7/src/plugins/trash'
make[4]: Entering directory `/home/mail1/dovecot-2.1.7/src/plugins/trash'
make[4]: F?r das Ziel ?install-exec-am? ist nichts zu tun.
test -z "/usr/lib/dovecot" || /bin/mkdir -p "/usr/lib/dovecot"
 /bin/sh ../../../libtool   --mode=install /usr/bin/install -c   lib11_trash_plugin.la '/usr/lib/dovecot'
libtool: install: warning: relinking `lib11_trash_plugin.la'
libtool: install: (cd /home/mail1/dovecot-2.1.7/src/plugins/trash; /bin/sh /home/mail1/dovecot-2.1.7/libtool  --tag CC --mode=relink gcc -std=gnu99 -g -O2 -Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime -Wstrict-aliasing=2 -module -avoid-version -o lib11_trash_plugin.la -rpath /usr/lib/dovecot trash-plugin.lo ../quota/lib10_quota_plugin.la -lrt )

*** Warning: Linking the shared library lib11_trash_plugin.la against the loadable module
*** lib10_quota_plugin.so is not portable!
libtool: relink: gcc -shared  -fPIC -DPIC  .libs/trash-plugin.o   -Wl,-rpath -Wl,/usr/lib/dovecot -L/usr/lib/dovecot -l10_quota_plugin -lrt  -O2   -Wl,-soname -Wl,lib11_trash_plugin.so -o .libs/lib11_trash_plugin.so
libtool: install: /usr/bin/install -c .libs/lib11_trash_plugin.soT /usr/lib/dovecot/lib11_trash_plugin.so
libtool: install: /usr/bin/install -c .libs/lib11_trash_plugin.lai /usr/lib/dovecot/lib11_trash_plugin.la
libtool: install: /usr/bin/install -c .libs/lib11_trash_plugin.a /usr/lib/dovecot/lib11_trash_plugin.a
libtool: install: chmod 644 /usr/lib/dovecot/lib11_trash_plugin.a
libtool: install: ranlib /usr/lib/dovecot/lib11_trash_plugin.a
libtool: finish: PATH="/usr/local/bin:/usr/bin:/sbin:/usr/sbin:/bin:/usr/X11R6/bin:/usr/games:/usr/lib/mit/bin:/usr/lib/mit/sbin:/sbin" ldconfig -n /usr/lib/dovecot

  Andreas

From h.reindl at thelounge.net  Fri Jun  8 20:36:18 2012
From: h.reindl at thelounge.net (Reindl Harald)
Date: Fri, 08 Jun 2012 19:36:18 +0200
Subject: [Dovecot] upgrade from 1.0.5 to 2.1.7
In-Reply-To: <20120608193102.37d4662d@itx.bitcorner.intern>
References: <20120608130511.1d55d814@itx.bitcorner.intern>
	<4FD1E24C.1030906@thelounge.net>
	<20120608153307.751e3865@itx.bitcorner.intern>
	<4FD20DC5.7000500@thelounge.net>
	<20120608165051.6001b856@itx.bitcorner.intern>
	<4FD2132D.1090302@thelounge.net>
	<20120608173641.329d4c79@itx.bitcorner.intern>
	<E9B27EF2-2424-46B7-B801-CDA255114BCE@iki.fi>
	<20120608190243.1ccf5aa8@itx.bitcorner.intern>
	<4FD2320B.6070107@thelounge.net>
	<20120608193102.37d4662d@itx.bitcorner.intern>
Message-ID: <4FD23812.4070204@thelounge.net>



Am 08.06.2012 19:31, schrieb Andreas Meyer:
> Reindl Harald <h.reindl at thelounge.net> wrote:
>> even for software with a handful of scripts -> on my servers and
>> workstations NEVER get any software installed without a package
>> and there are only two exceptions: VMware Workstation and ZendStudio
> 
> ;-) I never ever built a rpm using sources since years. I always
> build and install from the sources

a good time to start again :-)

i missed to tell another benefit: you have to specify every
installed file in the %files section, so you are aware of
changes in any folder-structure, as long it builds wtihout
complaining with a new source-version you can be pretty sure
all is sane

this time virtualization is a real improvement

* build packages outside production environment
* provide local repos in the own LAN
* setup testing machins with real data
* test upgrades with real data

in this life i will never ever setup a server on bare metal
without having VMware ESXi as backend (clone, snapshots..)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 262 bytes
Desc: OpenPGP digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20120608/06da3ca2/attachment.bin>

From acrow at integrafin.co.uk  Fri Jun  8 20:58:24 2012
From: acrow at integrafin.co.uk (Alex Crow)
Date: Fri, 08 Jun 2012 18:58:24 +0100
Subject: [Dovecot] 2.1.7 altmove not working
In-Reply-To: <4FD1DE75.5000606@integrafin.co.uk>
References: <4FD1DE75.5000606@integrafin.co.uk>
Message-ID: <4FD23D40.2050001@integrafin.co.uk>

On 08/06/12 12:13, Alex Crow wrote:
> Hi list,
>
> I've just set up a 2.1.7 server, and have migrated a couple of 
> accounts across from a 2.0.15 server, keeping the old configs. I have 
> a strange problem on the new box in that altmove just doesn't work. I 
> have my main storage under /home/email, indexes under /home/indexes 
> and ALT under /home/email_archive.
>
> When I run the altmove command, the following broken symlink is 
> created in /home/email/integrafin.co.uk/acrow:
>
> lrwxrwxrwx.  1 email email     54 Jun  8 10:46 dbox-alt-root -> 
> /home/email_archive/integrafin.co.uk/a/acrow/mailboxes
>
> But nothing is created in the archive other than the empty directory: 
> /home/email_archive/integrafin.co.uk/a/acrow.
>
> My mail_location is:
>
> mail_location = 
> mdbox:/home/email/%d/%n:INDEX=/home/indexes/%d/%1n/%n:ALT=/home/email_archive/%d/%1n/%n
>
> This worked perfectly on the older server. I have attached my doveconf 
> -a output.
>
> Any help much appreciated.
>
> Regards
>
> Alex
>

BTW I need to add that even with -v -D there were no complaints from 
dovecot altmove, and nothing untoward in /var/log/maillog. I also forgot 
to specify that I'm running on Centos6.2, all updates applied, package 
was built with a combo of the spec file from ATRPMs and the latest 
source tarball.

I previously had the ATRPMS 2.1.1 package installed, same issue.

Please feel free to tell me if I'm doing something wrong (ie something 
has changed between 2.0 and 2.1 re ALT: storage.

Cheers

Alex

From anmeyer at anup.de  Fri Jun  8 21:49:26 2012
From: anmeyer at anup.de (Andreas Meyer)
Date: Fri, 8 Jun 2012 20:49:26 +0200
Subject: [Dovecot] upgrade from 1.0.5 to 2.1.7
In-Reply-To: <4FD23812.4070204@thelounge.net>
References: <20120608130511.1d55d814@itx.bitcorner.intern>
	<4FD1E24C.1030906@thelounge.net>
	<20120608153307.751e3865@itx.bitcorner.intern>
	<4FD20DC5.7000500@thelounge.net>
	<20120608165051.6001b856@itx.bitcorner.intern>
	<4FD2132D.1090302@thelounge.net>
	<20120608173641.329d4c79@itx.bitcorner.intern>
	<E9B27EF2-2424-46B7-B801-CDA255114BCE@iki.fi>
	<20120608190243.1ccf5aa8@itx.bitcorner.intern>
	<4FD2320B.6070107@thelounge.net>
	<20120608193102.37d4662d@itx.bitcorner.intern>
	<4FD23812.4070204@thelounge.net>
Message-ID: <20120608204926.3fbf6344@itx.bitcorner.intern>

Reindl Harald <h.reindl at thelounge.net> wrote:

> > ;-) I never ever built a rpm using sources since years. I always
> > build and install from the sources
> 
> a good time to start again :-)
> 
> i missed to tell another benefit: you have to specify every
> installed file in the %files section, so you are aware of
> changes in any folder-structure, as long it builds wtihout
> complaining with a new source-version you can be pretty sure
> all is sane
> 
> this time virtualization is a real improvement
> 
> * build packages outside production environment
> * provide local repos in the own LAN
> * setup testing machins with real data
> * test upgrades with real data
> 
> in this life i will never ever setup a server on bare metal
> without having VMware ESXi as backend (clone, snapshots..)
> 

I have that beast running. There was an entry in the docecot.conf
like this, created by
doveconf -n -c /etc/dovecot/dovecot.conf > /home/mail1/dovecot-2.conf

protocol imap {
  mail_plugin_dir = /usr/lib/dovecot/modules/imap
  mail_plugins = quota imap_quota
}
protocol pop3 {
  mail_plugin_dir = /usr/lib/dovecot/modules/pop3
  mail_plugins = quota
  pop3_uidl_format = %08Xu%08Xv
}


I commented it out and I can retrieved mail furthermore. :-)
Now I want to install dovecot-2.1-pigeonhole-0.3.1 to get sieve
running.

Thank you everybody for the help and that great piece of software!

  Andreas

From ghe at slsware.com  Fri Jun  8 22:27:43 2012
From: ghe at slsware.com (Glenn English)
Date: Fri, 8 Jun 2012 13:27:43 -0600
Subject: [Dovecot] auth trouble
In-Reply-To: <9816DBD9-ED12-4834-9D13-EB70140054CE@iki.fi>
References: <mailman.660.1338628819.3160.dovecot@dovecot.org>
	<Pine.GSO.4.64.1206041936170.24178@nodomain>
	<DB69BBFB-5E98-43BF-B7EF-27DCEF4769DB@slsware.com>
	<20120605215325.GC3672@harrier.slackbuilds.org>
	<4087ECCF-8C69-4888-8CD9-44566A256F92@slsware.com>
	<9816DBD9-ED12-4834-9D13-EB70140054CE@iki.fi>
Message-ID: <F0BF42E6-169D-44F1-8D34-58A03C03222F@slsware.com>


On Jun 8, 2012, at 10:25 AM, Timo Sirainen wrote:

> I think the answer to this is simply that Dovecot v1.0 didn't tell PAM the rhost. Upgrade.

Will do. What you say fits with what I see in the logs and 
is a lot simpler than many other suggestions. And you do 
have some credibility in this area :-)

Thanks.

-- 
Glenn English
hand-wrapped from my Apple Mail




From anmeyer at anup.de  Fri Jun  8 23:34:32 2012
From: anmeyer at anup.de (Andreas Meyer)
Date: Fri, 8 Jun 2012 22:34:32 +0200
Subject: [Dovecot] per user quota
Message-ID: <20120608223432.390c71d0@itx.bitcorner.intern>

Hello!

I activated quota

plugin {
    quota = maildir:User quota
    quota_rule = *:storage=1GB
    # 10% of 1GB = 100MB
    quota_rule2 = Trash:storage=+10%%
}

But when I want to do per user quota in the passwd-file
...vhosts/anup.de/anmeyer::userdb_mail=maildir:~/userdb_quota_rule=*:bytes=10G

I get this in the logfile and can't login:

Jun 08 22:25:52 imap(anmeyer at anup.de): Error: user anmeyer at anup.de: Initialization failed: Initializing mail storage from mail_location setting failed: Unknown setting: bytes
Jun 08 22:25:52 imap(anmeyer at anup.de): Error: Invalid user settings. Refer to server log for more information.

Same with 'storage' in the passwd-file. What's wrong?

  Andreas

From acrow at integrafin.co.uk  Sat Jun  9 00:25:39 2012
From: acrow at integrafin.co.uk (Alex Crow)
Date: Fri, 08 Jun 2012 22:25:39 +0100
Subject: [Dovecot] 2.1.7 altmove not working
In-Reply-To: <4FD23D40.2050001@integrafin.co.uk>
References: <4FD1DE75.5000606@integrafin.co.uk>
	<4FD23D40.2050001@integrafin.co.uk>
Message-ID: <4FD26DD3.10109@integrafin.co.uk>


>
> BTW I need to add that even with -v -D there were no complaints from 
> dovecot altmove, and nothing untoward in /var/log/maillog. I also 
> forgot to specify that I'm running on Centos6.2, all updates applied, 
> package was built with a combo of the spec file from ATRPMs and the 
> latest source tarball.
>
> I previously had the ATRPMS 2.1.1 package installed, same issue.
>
> Please feel free to tell me if I'm doing something wrong (ie something 
> has changed between 2.0 and 2.1 re ALT: storage.
>
> Cheers
>
> Alex
>
I don't know how I did it (I didn't change *any* config directive) but 
now it magically seems to work after a reboot and umount/remount of the 
ALT storage area. However I still have that dangling symlink:

lrwxrwxrwx   1 email email     54 Jun  8 22:05 dbox-alt-root -> 
/home/email_archive/integrafin.co.uk/a/acrow/mailboxes

Where the target doesn't exist...

Cheers

Alex

From agt at ucsd.edu  Sat Jun  9 00:53:02 2012
From: agt at ucsd.edu (Adam G Tilghman)
Date: Fri, 8 Jun 2012 14:53:02 -0700
Subject: [Dovecot] Upgrading 1.2.17 -> 2.1.x
Message-ID: <20120608215302.GA29690@acsmail.ucsd.edu>


We're planning to upgrade our site from 1.2.17 to 2.1.x within the
next few months, but we must ensure our ability to revert to 1.2.17
if problems arise.

I don't expect our maildir storage would present a problem,
but am less certain about 2.1.x index/control files remaining
readable under 1.2.17.

Should I have any reason to worry?

-- 
Adam Tilghman   Systems Support / Academic Computing & Media Services
 agt at ucsd.edu    858-822-0711     University of California, San Diego   

From freebsd at grem.de  Sat Jun  9 03:58:15 2012
From: freebsd at grem.de (Michael Gmelin)
Date: Sat, 09 Jun 2012 02:58:15 +0200
Subject: [Dovecot] Maildir filename has wrong S value
In-Reply-To: <20120515102352.GA24117@uil.winnipeg.nl>
References: <20120515102352.GA24117@uil.winnipeg.nl>
Message-ID: <4FD29FA7.8040300@grem.de>

On 15.5.12 12:23, Wouter de Geus wrote:
> Hello folks,
>
> This morning I tried to open an old archive mail folder using Mutt.
> However, while fetching headers it aborted.
> Checking the dovecot log gave me this:
>
> @400000004fb21996267d37d4 imap(benv): Error: Cached message size smaller than expected (9115 < 9420)
> @400000004fb21996267e8bac imap(benv): Error: Maildir filename has wrong S value, renamed the file from /home/vpopmail/domains/benv.junerules.com/benv/Maildir/.Old.2009/cur/1260395566.28175.black,S=9115:2,S to /home/vpopmail/domains/benv.junerules.com/benv/Maildir/.Old.2009/cur/1260395566.28175.black,S=9420:2,S
> @400000004fb21996267e937c imap(benv): Error: Corrupted index cache file /home/vpopmail/domains/benv.junerules.com/benv/Maildir/.Old.2009/dovecot.index.cache: Broken physical size for mail UID 294
> @400000004fb21996267eaaec imap(benv): Error: read(/home/vpopmail/domains/benv.junerules.com/benv/Maildir/.Old.2009/cur/1260395566.28175.black,S=9115:2,S) failed: Input/output error (uid=294)
> @400000004fb219962680683c imap(benv): Info: Disconnected: Internal error occurred. Refer to server log for more information. [2012-05-15 10:53:32] in=6503 out=192718
>
> I've retried opening this folder several times, but each time Dovecot only fixes 1 file and then aborts.
> (the folder apparently has a lot more files with incorrect sizes).
> My question here is: Why does dovecot abort? Isn't the issue fixed after the rename?
>
> Also: The files are not corrupted or unreadable, reading them through the commandline works fine.
> I've looked through my backups and saw that at least half a year ago this mismatch in size was already present.
>
> I've been running dovecot for quite a while, so the cause of this size mismatch might very well be a issue in an older version of dovecot / my configuration.
> Right now I'm running dovecot 2.1.6, but I've been running the v1.2 version for quite a while before that.
>
> Is this something that can be improved in dovecot so it doesn't abort after 1 rename?
> (of course I could script a rename operation, but that seems like a workaround to me)
>
> Thanks for reading.
>
> Wouter.
>
>
>
>
> My current configuration:
> =========================
> # 2.1.6: /etc/dovecot/dovecot.conf
> # OS: Linux 2.6.32.32-g3d14ce7 x86_64 Slackware 11.0.0
> base_dir = /var/run/dovecot2/
> disable_plaintext_auth = no
> first_valid_uid = 89
> info_log_path = /dev/stderr
> last_valid_uid = 89
> log_path = /dev/stderr
> log_timestamp =
> mail_debug = yes
> mail_location = maildir:~/Maildir
> mail_max_userip_connections = 50
> managesieve_notify_capability = mailto
> managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify e
> nvironment mailbox date
> namespace {
>   inbox = yes
>   location =
>   prefix = INBOX.
>   separator = .
>   type = private
> }
> passdb {
>   driver = vpopmail
> }
> plugin {
>   autocreate = INBOX.Spam
>   quota = maildir
>   sieve = ~/.sieve/dovecot.sieve
>   sieve_dir = ~/.sieve
>   sieve_global_dir = /etc/dovecot/sieve/
>   sieve_subaddress_sep = -+
> }
> protocols = imap pop3 sieve
> service auth {
>   unix_listener auth-master {
>     group = vchkpw
>     mode = 0660
>   }
>   unix_listener auth-userdb {
>     group = vchkpw
>     mode = 0660
>   }
> }
> service imap-login {
>   inet_listener imap {
>     address = [::] *
>     port = 143
>   }
>   inet_listener imaps {
>     address = [::] *
>     port = 993
>   }
>   process_limit = 256
>   process_min_avail = 3
>   service_count = 1
>   user = dovecot
> }
> service managesieve-login {
>   process_limit = 256
>   process_min_avail = 3
>   service_count = 1
>   user = dovecot
> }
> service pop3-login {
>   inet_listener pop3 {
>     address = [::] *
>     port = 110
>   }
>   inet_listener pop3s {
>     address = [::] *
>     port = 995
>   }
>   process_limit = 256
>   process_min_avail = 3
>   service_count = 1
>   user = dovecot
> }
> ssl_cert = </var/qmail/control/servercert.pem
> ssl_cipher_list = ALL:!LOW
> ssl_key = </var/qmail/control/servercert.pem
> userdb {
>   driver = vpopmail
> }
> verbose_proctitle = yes
> protocol lda {
>   hostname = mail.benv.junerules.com
>   info_log_path = /var/log/dovecot/dovecot2-deliver.log
>   log_path = /var/log/dovecot/dovecot2-deliver-errors.log
>   mail_plugins = sieve
>   postmaster_address = postmaster at benv.junerules.com
>   sendmail_path = /var/qmail/bin/sendmail
> }
> protocol imap {
>   imap_max_line_length = 64 k
>   mail_plugins = quota imap_quota autocreate
> }
> protocol pop3 {
>   mail_plugins = quota autocreate
>   pop3_no_flag_updates = no
>   pop3_uidl_format = %v-%u
> }
> =================================
>
I've been facing the same issue today in a similar setup (qmail +
vpopmail + dovecot) and figured, that the qmail maildir++ patch I'm
using miscalculates the size of mail, since it ignores Delivered-To and
Return-Path in the size calculation. Fixing this and reinstalling
qmail-local ( plus fixing existing mail using doveadm fetch -u username
text all > /dev/null ) solved the problem for me.

The problematic line in qmail-local.c is:

s += fmt_ulong(s,st.st_size); *s++ = 0;

which should be:

s += fmt_ulong(s,st.st_size+rpline.len+dtline.len); *s++ = 0;

(for FreeBSD users: I submitted a patch to the qmail port, fixing this)
http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/168870

Fixing this also fixed fts_squat for me (dovecot 2.1.7)

--
Michael


From freebsd at grem.de  Sat Jun  9 04:07:56 2012
From: freebsd at grem.de (Michael Gmelin)
Date: Sat, 09 Jun 2012 03:07:56 +0200
Subject: [Dovecot] squat not working in 2.1
In-Reply-To: <4F4DF7F7.8020405@in.tum.de>
References: <E1RySqv-00010H-Qi@moltke28.b.shuttle.de>	<4F3FA5D3.8050101@jkart.de>	<761E2C44-272D-4F6A-8A33-7FAFB1F011E1@leuxner.net>	<4F428323.8050404@fastmail.fm>
	<6A93411B-4058-4A7D-9F94-452403AE83ED@iki.fi>
	<4F4DF7F7.8020405@in.tum.de>
Message-ID: <4FD2A1EC.4000304@grem.de>


On 29.2.12 11:03, Christoph Bu?enius wrote:
> On 21.02.2012 01:18, Timo Sirainen wrote:
>> On 20.2.2012, at 19.30, Metro Domain Admin wrote:
>>
>>> Squat is apparently deprecated: 
>>> http://dovecot.org/list/dovecot/2011-December/062630.html
>>
>> Yes, but it should still work..
>
> As far as I can tell from my tests, squat has stopped working in 2.1.
>
> Let's take a user who does not have any mails yet, and deliver a first
> mail to him:
>
> echo -e 'From: <test at example.org>\nSubject: test\n\ntest\ntest' |
> /usr/local/dovecot/libexec/dovecot/dovecot-lda -d testuser
>
> Now create an IMAP session, select INBOX, and do a search:
>
> * 1 EXISTS
> * 1 RECENT
> * OK [UNSEEN 1] First unseen.
> * OK [UIDVALIDITY 1330509552] UIDs valid
> * OK [UIDNEXT 2] Predicted next UID
> * OK [HIGHESTMODSEQ 1] Highest
> . OK [READ-WRITE] Select completed.
> >>> . search text test
> * SEARCH
> . OK Search completed (0.006 secs).
>
> (Should have returned 1 message.)
>
> Deliver the same message again:
> echo -e 'From: <test at example.org>\nSubject: test\n\ntest\ntest' |
> /usr/local/dovecot/libexec/dovecot/dovecot-lda -d testuser
>
> Now in the existing session, run the search command three more times:
>
> >>> . search text test
> * SEARCH
> * 2 EXISTS
> * 2 RECENT
> . OK Search completed (0.000 secs).
> >>> . search text test
> * SEARCH 2
> . OK Search completed (0.002 secs).
> >>> . search text test
> * SEARCH
> . OK Search completed (0.000 secs).
>
> It found the message once, but the next time it didn't.  So the squat
> search does not actually seem to work any more.  I know it's
> deprecated, I just wanted to note this.
>
> Cheers,
> Christoph
>
I had the same symptoms (dovecot 2.1.7), but in my case the reason were
corrupted Maildir filenames (S=xxxx and the actual file size differed,
which among other things also caused trouble in fts_squat). Those files
were a result of a bug in the qmail-maildir++ patch.

For details see http://www.dovecot.org/list/dovecot/2012-June/066281.html

--
Michael


From ott at mirix.org  Sat Jun  9 04:55:12 2012
From: ott at mirix.org (Matthias-Christian Ott)
Date: Sat, 09 Jun 2012 03:55:12 +0200
Subject: [Dovecot] [ Re:  best practises for mail systems]
In-Reply-To: <C130702F-B502-4B85-BCD5-0FBCE433D144@iki.fi>
References: <5f604e43b6b66676fc1e23b1c7c57afb.squirrel@web.miau.ca>
	<4FCE5ADB.8090208@mirix.org>
	<c41bf59f57e1a7ea902194662e4a0973.squirrel@web.miau.ca>
	<C130702F-B502-4B85-BCD5-0FBCE433D144@iki.fi>
Message-ID: <4FD2AD00.2050805@mirix.org>

On 2012-06-05 23:43, Timo Sirainen wrote:
> On 5.6.2012, at 23.33, Michescu Andrei wrote:
> 
>>> I agree, in practice this is not an issue compared to the unavailability
>>> of the service, but on longer IMAP sessions (e.g. transferring a big
>>> file) the connection loss is noticeable.
>>
>> It is noticeable for somebody that really waits for a large email.
> 
> And there is actually some (any!) way this could be avoided?... One server dies, another continues sending the mail?

Yes, there is. You have to replicate the entire state of the IMAP
session (protocol states, buffers, TLS state etc.) and the TCP state of
the connection. The state of the IMAP session is (in theory) easily
replicable (although you probably have to rely on internals of the TLS
implementation; OpenSSL can serialise TLS sessions from/into ASN.1 via
i2d_SSL_SESSION, though this is meant to resume session via TLS) and for
TCP there is RTCP [1]. RTCP intercepts the TCP session is able to
recover the TCP state. It works without any modification of the
operating system (at the moment limited to Linux).

If this would be implemented in Dovecot it would really set it apart
from other IMAP servers and software that I've seen so far. Being able
to transparently handle failover of a TCP connection is unique.

> I have had some thoughts about transferring idling Dovecot connections between processes / servers so that clients wouldn't notice it, but I haven't even thought about moving active (long-running) connections.

Load rebalancing would probably be another feature that separates
Dovecot from other IMAP servers.

Regards,
Matthias-Christian

[1] http://rtcp.sourceforge.net/

From rnalrd at gmail.com  Sat Jun  9 16:04:13 2012
From: rnalrd at gmail.com (Leonardo)
Date: Sat, 09 Jun 2012 15:04:13 +0200
Subject: [Dovecot] ntlm_auth in Dovecot
In-Reply-To: <1339167201.4285.90.camel@df1844j>
References: <1339167201.4285.90.camel@df1844j>
Message-ID: <1339247053.4285.92.camel@df1844j>

On Fri, 2012-06-08 at 16:53 +0200, Leonardo wrote:
> Hi,
> 
> I'm trying getting NTLM auth working against AD in my Dovecot 2.0.15.
> 
> I'm getting the following error:
> 
> 
> Jun 08 14:18:11 auth: Info: winbind(?,10.44.3.151): user not
> authenticated: NT_STATUS_UNSUCCESSFUL

BTW I forgot to say that I've already disjoined and rejoined the server
to the domain. I saw someone suggested that on the list (I wasn't
subscribe until now).

-- leonardo



From tss at iki.fi  Sat Jun  9 17:11:07 2012
From: tss at iki.fi (Timo Sirainen)
Date: Sat, 9 Jun 2012 17:11:07 +0300
Subject: [Dovecot] [ Re:  best practises for mail systems]
In-Reply-To: <4FD2AD00.2050805@mirix.org>
References: <5f604e43b6b66676fc1e23b1c7c57afb.squirrel@web.miau.ca>
	<4FCE5ADB.8090208@mirix.org>
	<c41bf59f57e1a7ea902194662e4a0973.squirrel@web.miau.ca>
	<C130702F-B502-4B85-BCD5-0FBCE433D144@iki.fi>
	<4FD2AD00.2050805@mirix.org>
Message-ID: <7A128C1A-E861-42D2-A7AF-07353FFEE027@iki.fi>

On 9.6.2012, at 4.55, Matthias-Christian Ott wrote:

> Yes, there is. You have to replicate the entire state of the IMAP
> session (protocol states, buffers, TLS state etc.) and the TCP state of
> the connection. The state of the IMAP session is (in theory) easily
> replicable (although you probably have to rely on internals of the TLS
> implementation; OpenSSL can serialise TLS sessions from/into ASN.1 via
> i2d_SSL_SESSION, though this is meant to resume session via TLS)

Interesting! I thought OpenSSL didn't have a way to [de]serialize the session state. The first time I wanted to do that was 13 years ago. I see there are some google hits for i2d_SSL_SESSION, but do you already know a good web page / example code I could look at?

> and for
> TCP there is RTCP [1]. RTCP intercepts the TCP session is able to
> recover the TCP state. It works without any modification of the
> operating system (at the moment limited to Linux).

Thanks for this too.

> If this would be implemented in Dovecot it would really set it apart
> from other IMAP servers and software that I've seen so far. Being able
> to transparently handle failover of a TCP connection is unique.

Yes.

From ott at mirix.org  Sat Jun  9 17:35:42 2012
From: ott at mirix.org (Matthias-Christian Ott)
Date: Sat, 09 Jun 2012 16:35:42 +0200
Subject: [Dovecot] [ Re:  best practises for mail systems]
In-Reply-To: <7A128C1A-E861-42D2-A7AF-07353FFEE027@iki.fi>
References: <5f604e43b6b66676fc1e23b1c7c57afb.squirrel@web.miau.ca>
	<4FCE5ADB.8090208@mirix.org>
	<c41bf59f57e1a7ea902194662e4a0973.squirrel@web.miau.ca>
	<C130702F-B502-4B85-BCD5-0FBCE433D144@iki.fi>
	<4FD2AD00.2050805@mirix.org>
	<7A128C1A-E861-42D2-A7AF-07353FFEE027@iki.fi>
Message-ID: <4FD35F3E.8040901@mirix.org>

On 2012-06-09 16:11, Timo Sirainen wrote:
> On 9.6.2012, at 4.55, Matthias-Christian Ott wrote:
> 
>> Yes, there is. You have to replicate the entire state of the IMAP
>> session (protocol states, buffers, TLS state etc.) and the TCP state of
>> the connection. The state of the IMAP session is (in theory) easily
>> replicable (although you probably have to rely on internals of the TLS
>> implementation; OpenSSL can serialise TLS sessions from/into ASN.1 via
>> i2d_SSL_SESSION, though this is meant to resume session via TLS)
> 
> Interesting! I thought OpenSSL didn't have a way to [de]serialize the session state. The first time I wanted to do that was 13 years ago. I see there are some google hits for i2d_SSL_SESSION, but do you already know a good web page / example code I could look at?

The Apache httpd module mod_ssl uses it.

GnuTLS has similar functions with gnutls_db_*, although it's also only
intended to be used to resume a session. Have look at the Apache httpd
module mod_gnutls.

Regards,
Matthias-Christian

From rnalrd at gmail.com  Sat Jun  9 18:49:41 2012
From: rnalrd at gmail.com (Leonardo)
Date: Sat, 09 Jun 2012 17:49:41 +0200
Subject: [Dovecot] ntlm_auth in Dovecot
In-Reply-To: <1339167201.4285.90.camel@df1844j>
References: <1339167201.4285.90.camel@df1844j>
Message-ID: <1339256981.4285.99.camel@df1844j>

On Fri, 2012-06-08 at 16:53 +0200, Leonardo wrote:
> Hi,
> 
> I'm trying getting NTLM auth working against AD in my Dovecot 2.0.15.
> 
> I'm getting the following error:
> 
> 
> Jun 08 14:18:11 auth: Info: winbind(?,10.44.3.151): user not
> authenticated: NT_STATUS_UNSUCCESSFUL
> 
> 
> "wbinfo -u" reports all the users of the domain and "ntlm_auth
> --username=%name% --domain="%domain%" gets authenticated successfully.
> 
> 
> Debugging winbind I can see the following error:
> 
> 
> [2012/06/08 14:18:11.129611, 10]
> winbindd/winbindd.c:651(process_request)
>   process_request: unknown request fn number 14
> [2012/06/08 14:18:11.129671, 10]
> winbindd/winbindd.c:738(winbind_client_response_written)
>   winbind_client_response_written[2822:unknown request]: delivered
> response to client

Upgrading to Dovecot 2.1.5 did not help.

-- leo


From daniel.parthey at informatik.tu-chemnitz.de  Sat Jun  9 19:51:27 2012
From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey)
Date: Sat, 9 Jun 2012 18:51:27 +0200
Subject: [Dovecot] Corrupted mdbox on LMTP director delivery while user
 [solved] is logged in via IMAP
In-Reply-To: <20120608031622.GA13898@daniel.localdomain>
References: <20120608031622.GA13898@daniel.localdomain>
Message-ID: <20120609165127.GA9833@daniel.localdomain>

Daniel Parthey wrote:
> we get errors about corrupted indexes and we are losing flags with mdbox on NFSv4:
> 
> Error: Recent flags state corrupted for mailbox
> Error: Corrupted dbox file
> Error: Corrupted transaction log file
> 
> It looks like a LMTP director problem. The user has IMAP IDLE connections
> open and lmtp delivers to another host. This leads to nfs corruption problems.
> 
> Jun 8 03:36:03 10.129.3.200 dovecot: mailbox: mail: imap(someuser at example.de): Error: Corrupted transaction log file /mail/dovecot/example.de/someuser/mail/mailboxes/INBOX/dbox-
> Mails/dovecot.index.log seq 82: Invalid transaction log size (32856 vs 32824): /mail/dovecot/example.de/someuser/mail/mailboxes/INBOX/dbox-Mails/dovecot.index.log (sync_offset=32856)
> Jun 8 03:36:03 10.129.3.200 dovecot: mailbox: mail: imap(someuser at example.de): Error: Index /mail/dovecot/example.de/someuser/mail/mailboxes/INBOX/dbox-Mails/dovecot.index: Lost log for seq=82 
> offset=32856
> Jun 8 03:36:03 10.129.3.200 dovecot: mailbox: mail: imap(someuser at example.de): Warning: fscking index file /mail/dovecot/example.de/someuser/mail/mailboxes/INBOX/dbox-Mails/dovecot.index
> Jun 8 03:36:03 10.129.3.200 dovecot: mailbox: mail: imap(someuser at example.de): Error: Fixed index file /mail/dovecot/example.de/someuser/mail/mailboxes/INBOX/dbox-Mails/dovecot.index: log_file_seq 82 
> -> 83
> Jun 8 03:36:38 10.129.3.200 dovecot: mailbox: mail: imap(someuser at example.de): Error: Transaction log file /mail/dovecot/example.de/someuser/mail/mailboxes/INBOX/dbox-Mails/dovecot.index.log.2: 
> marked corrupted
> 
> How to enable the LMTP director to deliver to the correct mailbox host?

The reason were different usernames for different protocols (lmtp and imap)
of the same user, which resulted in different target hosts in the director:

LMTP director was using username at example.org              -> Host mail01
IMAP director was using username at dovecotmail.example.org  -> Host mail04

> # 2.0.20: /etc/dovecot-director/dovecot-director.conf
> passdb {
>   args = proxy=y nopassword=y user=%n at dovecotmail.%d
>   driver = static
> }

Removing the user mapping in the static imap passdb solved the problem:

passdb {
  args = proxy=y nopassword=y
  driver = static
}

Now the user is directed to the same host for all protocols again.

Regards,
Daniel

From daniel.parthey at informatik.tu-chemnitz.de  Sat Jun  9 20:09:30 2012
From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey)
Date: Sat, 9 Jun 2012 19:09:30 +0200
Subject: [Dovecot] per user quota
In-Reply-To: <20120608223432.390c71d0@itx.bitcorner.intern>
References: <20120608223432.390c71d0@itx.bitcorner.intern>
Message-ID: <20120609170930.GA10032@daniel.localdomain>

Hello Andreas,

Andreas Meyer wrote:
> I activated quota
> 
> plugin {
>     quota = maildir:User quota
>     quota_rule = *:storage=1GB
>     # 10% of 1GB = 100MB
>     quota_rule2 = Trash:storage=+10%%
> }
> 
> But when I want to do per user quota in the passwd-file
> ...vhosts/anup.de/anmeyer::userdb_mail=maildir:~/userdb_quota_rule=*:bytes=10G

It looks like you are at least missing a space between userdb_mail=maildir:~/
and userdb_quota_rule.

> I get this in the logfile and can't login:
> 
> Jun 08 22:25:52 imap(anmeyer at anup.de): Error: user anmeyer at anup.de: Initialization failed: Initializing mail storage from mail_location setting failed: Unknown setting: bytes
> Jun 08 22:25:52 imap(anmeyer at anup.de): Error: Invalid user settings. Refer to server log for more information.
>
> Same with 'storage' in the passwd-file. What's wrong?

You forgot to attach your "doveconf -n" output.

Regards,
Daniel

From daniel.parthey at informatik.tu-chemnitz.de  Sat Jun  9 21:20:47 2012
From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey)
Date: Sat, 9 Jun 2012 20:20:47 +0200
Subject: [Dovecot] director and IPs shown at the backends
In-Reply-To: <4FD1C71B.4040109@um.es>
References: <4FD09613.6000405@um.es> <4FD09AB0.6020500@enas.net>
	<4FD1C71B.4040109@um.es>
Message-ID: <20120609182047.GA10833@daniel.localdomain>

Angel L. Mateo wrote:
> El 07/06/12 14:12, Urban Loesch escribi?:
> ># Space separated list of trusted network ranges. Connections from these
> ># IPs are allowed to override their IP addresses and ports (for logging and
> ># for authentication checks). disable_plaintext_auth is also ignored for
> ># these networks. Typically you'd specify your IMAP proxy servers here.
> >login_trusted_networks =
> >
> I didn't find that option in any example config file, but it's
> working. Maybe it must be documented in somewhere.

This command lists all available options of your release:

doveconf

Regards
Daniel

From daniel.parthey at informatik.tu-chemnitz.de  Sat Jun  9 21:40:18 2012
From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey)
Date: Sat, 9 Jun 2012 20:40:18 +0200
Subject: [Dovecot] Dovecot over NFS
In-Reply-To: <CAPmoJaOJz0mmoGQmmpB4es-YPwmBTArLHXMo=cRx2RFjv6krPw@mail.gmail.com>
References: <CAPmoJaOJz0mmoGQmmpB4es-YPwmBTArLHXMo=cRx2RFjv6krPw@mail.gmail.com>
Message-ID: <20120609184018.GA10990@daniel.localdomain>

James Devine wrote:
> I'm playing with running dovecot over NFS and I am running into some
> issues.  I have followed the guide at  http://wiki2.dovecot.org/NFS and my
> setup includes 1 nfs server and 1 client running postfix/dovecot.  In
> testing I am running postal via the command:
> 
> postal -t 10 -c 10 localhost users399
> 
> The test file has a list of 399 users to deliver to.  I've provided a
> sample of the errors I'm receiving and my configuration below, I am running
> dovecot 2.0.19.  Any idea what I might be doing wrong and what I might do
> to resolve it?  My ultimate goal is to setup multiple clients with director
> so each user is still handled on a single machine, however with a single
> machine I still seem to be having issues.

Have a look at
http://wiki2.dovecot.org/Director

> Here is a sample of some of the errors I'm seeing:
> 
> Jun  6 15:55:12 test-gluster-client1 dovecot: lmtp(12072, testuser130):
> Error: mdbox /mnt/testuser130/mdbox/mailboxes/INBOX/dbox-Mails: Invalid
> dbox header size: 0
> Jun  6 15:55:12 test-gluster-client1 dovecot: lmtp(11999, testuser99):
> Error: Log synchronization error at seq=2,offset=556 for
> /mnt/testuser99/mdbox/storage/dovecot.map.index: Append with UID 2, but
> next_uid = 3

mdbox format requires a correct index and you will lose flags,
if you lose the index file. The index will be automatically tried
to restore from mails in the storage.

You should avoid accessing the same user directory from different
NFS clients, since this often leads to corruptions or invalid files.

You need a director which ensures that one directory is only accessed
from one host at the same time. This applies to IMAP, POP3, LMTP etc,
which are all writing to the mailbox.

Then you should access all mailboxes only via the director listener ports.

> My dovecot config is:

You posted only the configuration of your mailbox instance
and might have a look your director configuration too:

doveconf -c /etc/dovecot-director/dovecot-director.conf -n

(or wherever your director configuration is located)

Regards
Daniel

From daniel.parthey at informatik.tu-chemnitz.de  Sat Jun  9 21:48:53 2012
From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey)
Date: Sat, 9 Jun 2012 20:48:53 +0200
Subject: [Dovecot] Dovecot 1.x on AIX -> Dovecot 2.x on Ubuntu
In-Reply-To: <Pine.A41.4.58.1206061423300.62752@yuma.acns.colostate.edu>
References: <Pine.A41.4.58.1206061423300.62752@yuma.acns.colostate.edu>
Message-ID: <20120609184853.GA11176@daniel.localdomain>

root at yuma.acns.colostate.edu wrote:
> We are working on migrating Dovecot 1.2.17 running on AIX 5.3 (believe it
> or not!) to Dovecot 2.0.13 running on Ubuntu.  We have hundreds of users
> mboxes we will be migrating.  My question is regarding the index files.
> Should we remove those after the migration, but before we open it up to
> users so Dovecot can create new ones?
> 
> I did a test migration of a single user, and Dovecot detects the
> architecture change and put out some panic errors, corrupt files and
> backtrace messages in syslog on Ubuntu.  The messages are shown below.  If
> every user is going to generate these types of errors, I'm thinking maybe
> it makes sense to remove all the .imap directories and let Dovecot create
> new clean ones.  I realize that may slow things down for awhile while
> Dovecot is rebuilding new files.

Which mail storage format (mbox,maildir,sdbox,mdbox)
are you using and is it stored on NFS?

Would you provide your "doveconf -n" output for dovecot 2.0.13, please?

You might also have a look at imapsync[1] for clean mass migration
from one architecture to another.

Regards
Daniel

[1] http://imapsync.lamiral.info/

From daniel.parthey at informatik.tu-chemnitz.de  Sat Jun  9 22:11:04 2012
From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey)
Date: Sat, 9 Jun 2012 21:11:04 +0200
Subject: [Dovecot] Deliver quota-warning via director
Message-ID: <20120609191104.GA11812@daniel.localdomain>

Hi there,

I'm using NFS with Dovecot 2.0.20 and would like to deliver
a quota warning to the user using the LMTP director.
I have configured quota warnings according to
http://wiki2.dovecot.org/Quota/Configuration

But it seems that lda delivers the mail directly to
the local filesystem and is not using our lmtp director,
which prevents NFS mailboxes from getting corrupted.

Is there a way to tell lda to use LMTP or the director
and ignore the quota while delivering the notification?

Regards
Daniel

From daniel.parthey at informatik.tu-chemnitz.de  Sat Jun  9 22:19:58 2012
From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey)
Date: Sat, 9 Jun 2012 21:19:58 +0200
Subject: [Dovecot] Authentication issue
In-Reply-To: <4FD0EB43.8070104@lal.in2p3.fr>
References: <4FD0EB43.8070104@lal.in2p3.fr>
Message-ID: <20120609191958.GA12009@daniel.localdomain>

Hi Emiliano,

Emiliano Rago wrote:
> I need to set up a weird dovecot configuration:
> 
> 1) outside a ssl tunnel I'd like to authenticate only with cram-md5 scheme
> 2) inside a ssl tunnel  I'd like to authenticate only with plain auth

You might try to set up two instances of dovecot, one for plain, one for ssl:

http://wiki2.dovecot.org/RunningDovecot#Running_Multiple_Invocations_of_Dovecot

Regards
Daniel

From daniel.parthey at informatik.tu-chemnitz.de  Sat Jun  9 23:04:53 2012
From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey)
Date: Sat, 9 Jun 2012 22:04:53 +0200
Subject: [Dovecot] director and doveadm server
In-Reply-To: <4FD1C8E0.4010807@um.es>
References: <4FD1C8E0.4010807@um.es>
Message-ID: <20120609200453.GA12401@daniel.localdomain>

Hello Angel,

Angel L. Mateo wrote:
>	I've been reading doc at http://wiki2.dovecot.org/Director to
> configure my servers. My question is regarding configuration of
> doveadm server.
> 
>	I have configured both, director and backend servers, as described
> in that doc, but I don't know how to run doveadm commands in
> director servers.
> 
>	doveadm is working, because I can run commands, but they are
> executed in local (director) server.

See
http://wiki2.dovecot.org/Tools/Doveadm/Mailbox
doveadm help
doveadm help who

A few doveadm commands allow the -S socket_path argument
where socket_path can be a hostname:port combination of
your director doveadm service:

  altmove      [-u <user>|-A] [-S <socket_path>] [-r] <search query>
  expunge      [-u <user>|-A] [-S <socket_path>] <search query>
  fetch        [-u <user>|-A] [-S <socket_path>] <fields> <search query>
  force-resync [-u <user>|-A] [-S <socket_path>] <mailbox>
  import       [-u <user>|-A] [-S <socket_path>] <source mail location> <dest parent mailbox> <search query>
  index        [-u <user>|-A] [-S <socket_path>] <mailbox mask>
  move         [-u <user>|-A] [-S <socket_path>] <destination> <search query>
  purge        [-u <user>|-A] [-S <socket_path>]
  search       [-u <user>|-A] [-S <socket_path>] <search query>

The http://wiki2.dovecot.org/Director article explains
how to set up a "Doveadm server" on a specific port.

After you have set up your doveadm server correctly,
an example command might look like this:

doveadm search -A -S director:24245 mailbox "*" all

>	but doveadm who seems to be executed just in local:

For "doveadm who" however, you need a local anvil socket,
which provides the necessary information:

doveadm who -a /var/run/dovecot/anvil

Remember there is also the proxy list command,
since the director is just a proxy with a hash table
which always proxies the same username to the same backend:

doveadm proxy list

> And another question about this... what is the local config option?
> I haven't found it documented anywhere.

I assume the local { } section is to restrict the inside
options to client IPs located in a specific subnet.

Regards
Daniel

From anmeyer at anup.de  Sat Jun  9 23:22:11 2012
From: anmeyer at anup.de (Andreas Meyer)
Date: Sat, 9 Jun 2012 22:22:11 +0200
Subject: [Dovecot] per user quota
In-Reply-To: <20120609170930.GA10032@daniel.localdomain>
References: <20120608223432.390c71d0@itx.bitcorner.intern>
	<20120609170930.GA10032@daniel.localdomain>
Message-ID: <20120609222211.375f54d3@itx.bitcorner.intern>

Daniel Parthey <daniel.parthey at informatik.tu-chemnitz.de> wrote:

> Hello Andreas,
> 
> Andreas Meyer wrote:
> > I activated quota
> > 
> > plugin {
> >     quota = maildir:User quota
> >     quota_rule = *:storage=1GB
> >     # 10% of 1GB = 100MB
> >     quota_rule2 = Trash:storage=+10%%
> > }
> > 
> > But when I want to do per user quota in the passwd-file
> > ...vhosts/anup.de/anmeyer::userdb_mail=maildir:~/userdb_quota_rule=*:bytes=10G
> 
> It looks like you are at least missing a space between userdb_mail=maildir:~/
> and userdb_quota_rule.

Wow, great! The space was missing and now it works.

> You forgot to attach your "doveconf -n" output.

ok, next time.
 
> Regards,
> Daniel

   Andreas

From tss at iki.fi  Sun Jun 10 00:00:52 2012
From: tss at iki.fi (Timo Sirainen)
Date: Sun, 10 Jun 2012 00:00:52 +0300
Subject: [Dovecot] Dovecot 1.x on AIX -> Dovecot 2.x on Ubuntu
In-Reply-To: <Pine.A41.4.58.1206061423300.62752@yuma.acns.colostate.edu>
References: <Pine.A41.4.58.1206061423300.62752@yuma.acns.colostate.edu>
Message-ID: <073BC709-698B-4C65-B06E-05ED5D0E7343@iki.fi>

On 6.6.2012, at 23.27, root at yuma.acns.colostate.edu wrote:

> We are working on migrating Dovecot 1.2.17 running on AIX 5.3 (believe it
> or not!) to Dovecot 2.0.13 running on Ubuntu.  We have hundreds of users
> mboxes we will be migrating.  My question is regarding the index files.
> Should we remove those after the migration, but before we open it up to
> users so Dovecot can create new ones?
> 
> I did a test migration of a single user, and Dovecot detects the
> architecture change and put out some panic errors, corrupt files and

Yeah, there's still some problem with properly handling index file recreation when CPU architecture (endianess) change is detected. Better just delete your index files, since they have to be regenerated anyway.


From tss at iki.fi  Sun Jun 10 00:10:23 2012
From: tss at iki.fi (Timo Sirainen)
Date: Sun, 10 Jun 2012 00:10:23 +0300
Subject: [Dovecot] Deliver quota-warning via director
In-Reply-To: <20120609191104.GA11812@daniel.localdomain>
References: <20120609191104.GA11812@daniel.localdomain>
Message-ID: <80D54D29-C13A-405C-9528-2591F2296108@iki.fi>

On 9.6.2012, at 22.11, Daniel Parthey wrote:

> But it seems that lda delivers the mail directly to
> the local filesystem and is not using our lmtp director,
> which prevents NFS mailboxes from getting corrupted.
> 
> Is there a way to tell lda to use LMTP or the director
> and ignore the quota while delivering the notification?

That's a bit tricky problem. Even if LDA used LMTP, it couldn't ignore quota since LMTP server is the one enforcing it. Perhaps you need to create two LMTP ports, one with a "quota ignored" configuration. Then you need to somehow get the mail delivered there (maybe send it to your MTA and route it from there). Or write a script that sends the mail directly to the LMTP port on director.


From tss at iki.fi  Sun Jun 10 00:12:57 2012
From: tss at iki.fi (Timo Sirainen)
Date: Sun, 10 Jun 2012 00:12:57 +0300
Subject: [Dovecot] Upgrading 1.2.17 -> 2.1.x
In-Reply-To: <20120608215302.GA29690@acsmail.ucsd.edu>
References: <20120608215302.GA29690@acsmail.ucsd.edu>
Message-ID: <F5E4D392-5928-43FA-A873-049068BAFFB4@iki.fi>

On 9.6.2012, at 0.53, Adam G Tilghman wrote:

> 
> We're planning to upgrade our site from 1.2.17 to 2.1.x within the
> next few months, but we must ensure our ability to revert to 1.2.17
> if problems arise.
> 
> I don't expect our maildir storage would present a problem,
> but am less certain about 2.1.x index/control files remaining
> readable under 1.2.17.
> 
> Should I have any reason to worry?

1.2.17 can read v2.0 indexes without problems (it has some forwards compatibility code). I don't think I added any incompatible changes to v2.1 either, at least nothing major..


From tss at iki.fi  Sun Jun 10 00:17:14 2012
From: tss at iki.fi (Timo Sirainen)
Date: Sun, 10 Jun 2012 00:17:14 +0300
Subject: [Dovecot] Director problems
In-Reply-To: <4FCF549F.70404@ehu.es>
References: <4FCF549F.70404@ehu.es>
Message-ID: <DCE2FF6E-BD1A-4DD0-9E2C-29A7DB7B7CC9@iki.fi>

On 6.6.2012, at 16.01, Joseba Torre wrote:

> I've just setup a testing enviroment for director, and it's not working as expected. I have just 1 director (called director) and 2 dovecot servers (dovecot1 and dovecot2); these are exact copies.
> 
> First problem: when both dovecot servers are up, every imap connection is redirected to the same server as you can see here:
> 
> $ sudo doveadm director map
> user                                          mail server ip expire time 
> <unknown>                                     158.227.4.186  2012-06-06 13:34:12
> <unknown>                                     158.227.4.186  2012-06-06 13:34:27
> <unknown>                                     158.227.4.186  2012-06-06 13:34:34
> 
> (I don't know if that <unknown> is good or not)
> 
> I've tried with 3 different users and ips to no change, users are always directed to the same host.

Perhaps you just managed to use such usernames that map to the same director.. You can try with "doveadm director status <user>" to see where they should go.

> Second problem: if I try to add/remove/modify one of the dovecot servers, the output of doveadm director map/status seems to be ok, but any new user connection fails with this log:
> 
> Jun  6 14:51:59 director dovecot: director: Warning: Delaying new user requests until ring is synced

Looks like there's a bug when only one director is used. I'll try and fix it later..

From tss at iki.fi  Sun Jun 10 00:19:15 2012
From: tss at iki.fi (Timo Sirainen)
Date: Sun, 10 Jun 2012 00:19:15 +0300
Subject: [Dovecot] director: backend health monitoring
In-Reply-To: <213B51F00051AE48A9F0E112880177178F79E0@Delta.sc.local>
References: <213B51F00051AE48A9F0E112880177178F79E0@Delta.sc.local>
Message-ID: <289A7537-83E1-4EBF-BCF8-C06C67403839@iki.fi>

On 8.6.2012, at 4.25, ???????? ????????? ?????????? wrote:

> I am wonder if there are plans to include backend health monitoring feature to Dovecot Director ?

Yes, but it's not a very high priority right now.

From petr at bravenec.eu  Sat Jun  9 23:23:05 2012
From: petr at bravenec.eu (Petr Bravenec)
Date: Sat, 09 Jun 2012 22:23:05 +0200
Subject: [Dovecot] Dovecot antispam plugin bug: got an empty message
Message-ID: <1543861.4fk9cArhjB@hrabos>

It is few months ago I requested help with combination dovecot - dovecot-
antispam plugin and dspam.

Now I got into troubles with a lot of spam delivering to users inbox. Problem 
described bellow is now better hidden but stil remains:

When moving a message from INBOX to Junk, dspam got an empty message. 
I made a wrapper about dspamc and there is no input on stdio. The dspam was 
not trained (got an empty message).

Looking to source code of dspam and antispam plugin I suspect the dovecot not 
to sending any content to plugin when moving from inbox to junk.

Petr Bravenec

Dne Wednesday 25 of January 2012 17:19:18 Tom Hendrikx napsal(a):
> On 25-01-12 08:05, Petr Bravenec wrote:
> > Few weeks ago I upgraded dovecot from 1.2 to 2.0.16 and antispam plugin
> > to 2.0_pre20101222. Since the upgrade I'm not able to move messages to
> > my Junk folder. In the maillog I have found this message:
> > 
> > dspam[25060]: empty message (no data received)
> 
> Gentoo has included the antispam plugin from Johannes historically, but
> added the fork by Eugene to support upgrades to dovecot 2.0. It is not
> really made clear by the gentoo ebuild is that the forked plugin needs a
> slightly different config.
> 
> I use the config below with dovecot 2.0.17 and a git checkout for
> dovecot-antispam:
> 
> ===8<========
> plugin {
>         antispam_signature = X-DSPAM-Signature
>         antispam_signature_missing = move
>         antispam_spam_pattern_ignorecase = Junk;Junk.*
>         antispam_trash_pattern_ignorecase = Trash;Deleted Items;Deleted
> Messages
> 
>         # Backend specific
>         antispam_backend = dspam
>         antispam_dspam_binary = /usr/bin/dspamc
>         antispam_dspam_args =
> --user;%u;--deliver=;--source=error;--signature=%%s
>         antispam_dspam_spam = --class=spam
>         antispam_dspam_notspam = --class=innocent
>         #antispam_dspam_result_header = X-DSPAM-Result
> }
> 
> 
> --
> Regards,
> 	Tom

From yggdrasil at gmx.co.uk  Sun Jun 10 01:09:57 2012
From: yggdrasil at gmx.co.uk (Johnny)
Date: Sat, 09 Jun 2012 23:09:57 +0100
Subject: [Dovecot] Dovecot setup fails w. multiple mail locations
	(gnus/dovecot/offlineimap)
Message-ID: <87vcj087d6.fsf@gmx.co.uk>

Hi,

I am trying to setup a Gnus - Dovecot - Offlineimap - Webmail (Gmail /
Fastmail) chain and cannot configure the correct behaviour. 

Any advice to get this working properly would be very appreciated!

I have set up Offlineimap to synchronise two mail accounts into separate
folders under ~/Maildir. After running Offlineimap, the folders look as
below. 

Maildir/
|-- Gmail
|   |-- cur
|   |-- dovecot.index.log
|   |-- dovecot-uidlist
|   |-- dovecot-uidvalidity
|   |-- dovecot-uidvalidity.4fd3b80e
|   |-- [Gmail].All\ Mail
|   |-- [Gmail].Drafts
|   |-- [Gmail].Important
|   |-- [Gmail].Sent\ Mail
|   |-- [Gmail].Spam
|   |-- [Gmail].Starred
|   |-- [Gmail].Trash
|   |-- INBOX
|   |-- new
|   |-- Personal
|   |-- Receipts
|   |-- tmp
|   |-- Travel
|   `-- Work
`-- Fastmail
    |-- cur
    |-- dovecot.index.log
    |-- dovecot.mailbox.log
    |-- dovecot-uidlist
    |-- dovecot-uidvalidity
    |-- dovecot-uidvalidity.4fd3b75e
    |-- INBOX
    |-- INBOX.Drafts
    |-- INBOX.Sent\ Items
    `-- INBOX.Trash

The Dovecot config is below. (I have set up a blank "MailTest" directory
as inbox, believing that this may preserve the two imap directories
better for offlineimap synching (not sure if this is correct)).

,----
| mail_location = maildir:~/Maildir:LAYOUT=fs
| 
| namespace inbox   {
|   location = maildir:~/MailTest
|   inbox = yes
| }
| 
| namespace mygmail   {
|   type = private
|   separator = .
|   prefix = "mygmail."
|   location = maildir:%h/Maildir/Gmail/:LAYOUT=fs
|   inbox = no
|   hidden = no
|   list = yes
|   subscriptions = yes
| }
| 
| namespace myfastmail   {
|   type = private
|   separator = .
|   prefix = "myfastmail."
|   location = maildir:%h/Maildir/FASTMAIL/:LAYOUT=fs
|   inbox = no
|   hidden = no
|   list = yes
|   subscriptions = yes
| }
`----

Accessing dovecot through gnus with this setup only sees the files in
the directories that are not prefixed (e.g. under Fastmail, INBOX is the only
seen folder, all INBOX.subfolder are not there). Removing the prefix
manually they can be seen again however (e.g. INBOX.subfolder ->
subfolder). If I remove LAYOUT=fs in the dovecot config, nothing is
seen at all, although the directories look like proper Maildirs! 

A second issue is that running Offlineimap a second time seems to work
ok for gmail, but Fastmail complains that "cannot create directory
'.'"? 

Thanks!
-- 
Johnny
Dovecot 2.1.6
Offlineimap 6.5.2.1
Ma Gnus v0.6

From daniel.parthey at informatik.tu-chemnitz.de  Sun Jun 10 02:56:03 2012
From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey)
Date: Sun, 10 Jun 2012 01:56:03 +0200
Subject: [Dovecot] Error: doveadm client attempted non-PLAIN authentication
Message-ID: <20120609235603.GA17490@daniel.localdomain>

Hi

doveadm search -u user at example.org -S localhost:19000 all
produces the following error in the logs:
dovecot: doveadm: Error: doveadm client attempted non-PLAIN authentication

What am I missing?

* tcpdump of tcp communication on port 19000 is attached
* dovecot.conf is attached

Regards
Daniel
-------------- next part --------------
A non-text attachment was scrubbed...
Name: dump
Type: application/octet-stream
Size: 1239 bytes
Desc: tcpdump.dat
URL: <http://dovecot.org/pipermail/dovecot/attachments/20120610/262544ba/attachment.obj>
-------------- next part --------------
# 2.0.20: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.32-40-server x86_64 Ubuntu 10.04.4 LTS 
auth_cache_negative_ttl = 0
auth_cache_size = 10 M
auth_cache_ttl = 1 mins
auth_verbose = yes
auth_verbose_passwords = sha1
deliver_log_format = mailbox: deliver: msgid=%m from=%f: %$
dict {
  quota = mysql:/etc/dovecot/conf.d/dovecot-dict-sql.conf.ext
}
disable_plaintext_auth = no
doveadm_password = bf79a088601795554d6d428ece2ea92a1c91ae11
instance_name = dovecot-mailbox
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes
login_greeting = Mailbox
login_log_format = mailbox: login: %$: %s
login_trusted_networks = 10.129.3.0/24
mail_debug = yes
mail_fsync = always
mail_gid = vmail
mail_home = /mail/dovecot/%d/%n
mail_location = mdbox:~/mail
mail_log_prefix = "mailbox: mail: %s(%u): "
mail_plugins = quota
mail_privileged_group = vmail
mail_uid = vmail
managesieve_implementation_string = Sieve
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave
mdbox_rotate_interval = 1 weeks
mdbox_rotate_size = 50 M
mmap_disable = yes
passdb {
  args = /etc/dovecot/conf.d/dovecot-sql.conf.ext
  driver = sql
}
plugin {
  quota = dict:User quota::proxy::quota
  quota_rule = *:storage=10G
  quota_rule2 = Trash:storage=+100M
  quota_warning = storage=95%% quota-warning 95 %u
  quota_warning2 = storage=80%% quota-warning 80 %u
  sieve = ~/.dovecot.sieve
  sieve_dir = ~/sieve
}
protocols = imap pop3 lmtp sieve
service auth {
  unix_listener auth-userdb {
    group = dovecot
    mode = 0660
    user = dovecot
  }
}
service dict {
  unix_listener dict {
    group = vmail
    mode = 0660
  }
}
service doveadm {
  inet_listener doveadm-server {
    port = 19000
  }
}
service imap-login {
  inet_listener imap {
    port = 19143
  }
}
service imap-postlogin {
  executable = script-login /usr/local/bin/dovecot-postlogin
  user = $default_internal_user
}
service imap {
  executable = imap imap-postlogin
}
service lmtp {
  inet_listener lmtp {
    address = *
    port = 19024
  }
}
service managesieve-login {
  inet_listener sieve {
    port = 19200
  }
}
service pop3-login {
  inet_listener pop3 {
    port = 19110
  }
}
service pop3-postlogin {
  executable = script-login /usr/local/bin/dovecot-postlogin
  user = $default_internal_user
}
service pop3 {
  executable = pop3 pop3-postlogin
}
service quota-warning {
  executable = script /usr/local/bin/quota-warning
  extra_groups = dovecot
  unix_listener quota-warning {
    user = vmail
  }
  user = vmail
}
ssl = no
userdb {
  driver = prefetch
}
userdb {
  args = /etc/dovecot/conf.d/dovecot-sql.conf.ext
  driver = sql
}
verbose_proctitle = yes
protocol imap {
  imap_client_workarounds = delay-newmail tb-extra-mailbox-sep
  mail_plugins = quota imap_quota
}
protocol lmtp {
  mail_plugins = quota sieve
}

From voytek at sbt.net.au  Sun Jun 10 05:41:33 2012
From: voytek at sbt.net.au (Voytek Eymont)
Date: Sun, 10 Jun 2012 12:41:33 +1000
Subject: [Dovecot] Restoring older messages to new server?
In-Reply-To: <4FD1E3E8.8020103@thelounge.net>
References: <98f7622f-e52b-4b88-8c65-db05c11e71f6@email.android.com>
	<4FD1E3E8.8020103@thelounge.net>
Message-ID: <057f0c34-b168-4d1d-885d-4de87f969f4c@email.android.com>



Reindl

>imapsync is your friend

Thanks for suggestion. After a few false starts, with impasync saying source server dropped connection, it seemed to have worked.

But, now, my K9 email client seems to download entire inbox... rather than last 25 messages...

Also, in Squirrel, recent messages before sync seems preceded by old messages, then, messages since sync... any tips on this..?

Voytek
-- 
Sent from my Moom with K-9 Mail. Please excuse my brevity.

From a.kostyrev at serverc.ru  Sun Jun 10 13:48:36 2012
From: a.kostyrev at serverc.ru (=?koi8-r?B?68/T1NnSxdcg4czFy9PBzsTSIOHMxcvTxcXXyd4=?=)
Date: Sun, 10 Jun 2012 21:48:36 +1100
Subject: [Dovecot] director userdb problem
Message-ID: <213B51F00051AE48A9F0E112880177178F79EB@Delta.sc.local>

hello !

I'm trying to get users from dovecot director server:
doveadm director map
doveadm(root): Error: User listing returned failure
doveadm(root): Error: user listing failed
user                                                                mail server ip expire time        
<unknown>                                                           192.168.5.101  2012-06-10 21:54:06

in logs I get:
Jun 10 21:41:14 mail-lvsm dovecot: auth-worker(17510): mysql(172.5.14.1): Connected to database EXIM
Jun 10 21:41:14 mail-lvsm dovecot: auth-worker(17510): Warning: mysql: Query failed, retrying: Table 'EXIM.users' doesn't exist
Jun 10 21:41:14 mail-lvsm dovecot: auth-worker(17510): Error: sql: Iterate query failed: Table 'EXIM.users' doesn't exist (using built-in default iterate_query: SELECT username, domain FROM users)

in my dovecot.conf I have:
userdb {
  driver = sql
  args = /etc/dovecot/dovecot-sql.conf
}
passdb {
  driver = static
  args = proxy=y nopassword=y
}
and in /etc/dovecot/dovecot-sql.conf:
user_query = select MBOX_NAME AS user from M_MAILBOX WHERE (MBOX_NAME = '%u');

Do I have to use special table named users ? is it hard-coded?


From a.kostyrev at serverc.ru  Sun Jun 10 14:05:28 2012
From: a.kostyrev at serverc.ru (=?koi8-r?B?68/T1NnSxdcg4czFy9PBzsTSIOHMxcvTxcXXyd4=?=)
Date: Sun, 10 Jun 2012 22:05:28 +1100
Subject: [Dovecot] director userdb problem
In-Reply-To: <213B51F00051AE48A9F0E112880177178F79EB@Delta.sc.local>
References: <213B51F00051AE48A9F0E112880177178F79EB@Delta.sc.local>
Message-ID: <213B51F00051AE48A9F0E112880177178F79EC@Delta.sc.local>

It seemed I had to add something like that in dovecot-sql.conf
iterate_query = select MBOX_NAME AS username from M_MAILBOX WHERE MBOX_NAME = '%n';

so I did but I'm still getting no usernames

so I enabled general_log in mysql

that what I get:
select MBOX_NAME AS username from M_MAILBOX WHERE MBOX_NAME = ''

It seems like direcotor don't expand variables, I've tried both -  %n and %u - nothing
any help ?




-----Original Message-----
From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On Behalf Of ???????? ????????? ??????????
Sent: Sunday, June 10, 2012 9:49 PM
To: dovecot at dovecot.org
Subject: [Dovecot] director userdb problem

hello !

I'm trying to get users from dovecot director server:
doveadm director map
doveadm(root): Error: User listing returned failure
doveadm(root): Error: user listing failed
user                                                                mail server ip expire time        
<unknown>                                                           192.168.5.101  2012-06-10 21:54:06

in logs I get:
Jun 10 21:41:14 mail-lvsm dovecot: auth-worker(17510): mysql(172.5.14.1): Connected to database EXIM
Jun 10 21:41:14 mail-lvsm dovecot: auth-worker(17510): Warning: mysql: Query failed, retrying: Table 'EXIM.users' doesn't exist
Jun 10 21:41:14 mail-lvsm dovecot: auth-worker(17510): Error: sql: Iterate query failed: Table 'EXIM.users' doesn't exist (using built-in default iterate_query: SELECT username, domain FROM users)

in my dovecot.conf I have:
userdb {
  driver = sql
  args = /etc/dovecot/dovecot-sql.conf
}
passdb {
  driver = static
  args = proxy=y nopassword=y
}
and in /etc/dovecot/dovecot-sql.conf:
user_query = select MBOX_NAME AS user from M_MAILBOX WHERE (MBOX_NAME = '%u');

Do I have to use special table named users ? is it hard-coded?


From a.kostyrev at serverc.ru  Sun Jun 10 14:30:49 2012
From: a.kostyrev at serverc.ru (=?koi8-r?B?68/T1NnSxdcg4czFy9PBzsTSIOHMxcvTxcXXyd4=?=)
Date: Sun, 10 Jun 2012 22:30:49 +1100
Subject: [Dovecot] director userdb problem [solved]
In-Reply-To: <213B51F00051AE48A9F0E112880177178F79EC@Delta.sc.local>
References: <213B51F00051AE48A9F0E112880177178F79EB@Delta.sc.local>
	<213B51F00051AE48A9F0E112880177178F79EC@Delta.sc.local>
Message-ID: <213B51F00051AE48A9F0E112880177178F79EE@Delta.sc.local>

Faxe on #dovecot helped me:
iterate_query = select MBOX_NAME AS username from M_MAILBOX; with no where clause

sorry for wasting your time.


--
? ?????????,
???????? ?????????
????????? ?????????????
??? "??????-?????"
???.: (423) 262-02-62 (???. 2037)
????: (423) 262-02-10
a.kostyrev at serverc.ru
icq: 404-198-497


-----Original Message-----
From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On Behalf Of ???????? ????????? ??????????
Sent: Sunday, June 10, 2012 10:05 PM
To: dovecot at dovecot.org
Subject: Re: [Dovecot] director userdb problem

It seemed I had to add something like that in dovecot-sql.conf
iterate_query = select MBOX_NAME AS username from M_MAILBOX WHERE MBOX_NAME = '%n';

so I did but I'm still getting no usernames

so I enabled general_log in mysql

that what I get:
select MBOX_NAME AS username from M_MAILBOX WHERE MBOX_NAME = ''

It seems like direcotor don't expand variables, I've tried both -  %n and %u - nothing
any help ?




-----Original Message-----
From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On Behalf Of ???????? ????????? ??????????
Sent: Sunday, June 10, 2012 9:49 PM
To: dovecot at dovecot.org
Subject: [Dovecot] director userdb problem

hello !

I'm trying to get users from dovecot director server:
doveadm director map
doveadm(root): Error: User listing returned failure
doveadm(root): Error: user listing failed
user                                                                mail server ip expire time        
<unknown>                                                           192.168.5.101  2012-06-10 21:54:06

in logs I get:
Jun 10 21:41:14 mail-lvsm dovecot: auth-worker(17510): mysql(172.5.14.1): Connected to database EXIM
Jun 10 21:41:14 mail-lvsm dovecot: auth-worker(17510): Warning: mysql: Query failed, retrying: Table 'EXIM.users' doesn't exist
Jun 10 21:41:14 mail-lvsm dovecot: auth-worker(17510): Error: sql: Iterate query failed: Table 'EXIM.users' doesn't exist (using built-in default iterate_query: SELECT username, domain FROM users)

in my dovecot.conf I have:
userdb {
  driver = sql
  args = /etc/dovecot/dovecot-sql.conf
}
passdb {
  driver = static
  args = proxy=y nopassword=y
}
and in /etc/dovecot/dovecot-sql.conf:
user_query = select MBOX_NAME AS user from M_MAILBOX WHERE (MBOX_NAME = '%u');

Do I have to use special table named users ? is it hard-coded?


From dovecot at bravenec.eu  Sun Jun 10 14:41:51 2012
From: dovecot at bravenec.eu (Petr Bravenec)
Date: Sun, 10 Jun 2012 13:41:51 +0200
Subject: [Dovecot] Dovecot antispam plugin bug: got an empty message
In-Reply-To: <1543861.4fk9cArhjB@hrabos>
References: <1543861.4fk9cArhjB@hrabos>
Message-ID: <1664144.As4LCKexvr@hrabos>

It looks that I have misconfigured the dovecot plugin:

plugin {

         antispam_dspam_binary = /usr/bin/dspam # should be dspam
#	   antispam_dspam_binary = /usr/bin/dspamc # does not work

         antispam_signature = X-DSPAM-Signature
         antispam_signature_missing = move
         antispam_spam_pattern_ignorecase = Junk;Junk.*
         antispam_trash_pattern_ignorecase = Trash;Deleted Items
         antispam_backend = dspam
         antispam_dspam_args = --user;%u;--deliver=;--source=error;--
signature=%%s
         antispam_dspam_spam = --class=spam
         antispam_dspam_notspam = --class=innocent
 
 }

Petr Bravenec

Dne So 9. ?ervna 2012 22:23:05 Petr Bravenec napsal(a):
> It is few months ago I requested help with combination dovecot - dovecot-
> antispam plugin and dspam.
> 
> Now I got into troubles with a lot of spam delivering to users inbox.
> Problem described bellow is now better hidden but stil remains:
> 
> When moving a message from INBOX to Junk, dspam got an empty message.
> I made a wrapper about dspamc and there is no input on stdio. The dspam was
> not trained (got an empty message).
> 
> Looking to source code of dspam and antispam plugin I suspect the dovecot
> not to sending any content to plugin when moving from inbox to junk.
> 
> Petr Bravenec
> 
> Dne Wednesday 25 of January 2012 17:19:18 Tom Hendrikx napsal(a):
> > On 25-01-12 08:05, Petr Bravenec wrote:
> > > Few weeks ago I upgraded dovecot from 1.2 to 2.0.16 and antispam plugin
> > > to 2.0_pre20101222. Since the upgrade I'm not able to move messages to
> > > my Junk folder. In the maillog I have found this message:
> > > 
> > > dspam[25060]: empty message (no data received)
> > 
> > Gentoo has included the antispam plugin from Johannes historically, but
> > added the fork by Eugene to support upgrades to dovecot 2.0. It is not
> > really made clear by the gentoo ebuild is that the forked plugin needs a
> > slightly different config.
> > 
> > I use the config below with dovecot 2.0.17 and a git checkout for
> > dovecot-antispam:
> > 
> > ===8<========
> > plugin {
> > 
> >         antispam_signature = X-DSPAM-Signature
> >         antispam_signature_missing = move
> >         antispam_spam_pattern_ignorecase = Junk;Junk.*
> >         antispam_trash_pattern_ignorecase = Trash;Deleted Items;Deleted
> > 
> > Messages
> > 
> >         # Backend specific
> >         antispam_backend = dspam
> >         antispam_dspam_binary = /usr/bin/dspamc
> >         antispam_dspam_args =
> > 
> > --user;%u;--deliver=;--source=error;--signature=%%s
> > 
> >         antispam_dspam_spam = --class=spam
> >         antispam_dspam_notspam = --class=innocent
> >         #antispam_dspam_result_header = X-DSPAM-Result
> > 
> > }
> > 
> > 
> > --
> > Regards,
> > 
> > 	Tom

From fxmulder at gmail.com  Mon Jun 11 06:38:09 2012
From: fxmulder at gmail.com (James Devine)
Date: Sun, 10 Jun 2012 21:38:09 -0600
Subject: [Dovecot] Dovecot over NFS
In-Reply-To: <20120609184018.GA10990@daniel.localdomain>
References: <CAPmoJaOJz0mmoGQmmpB4es-YPwmBTArLHXMo=cRx2RFjv6krPw@mail.gmail.com>
	<20120609184018.GA10990@daniel.localdomain>
Message-ID: <CAPmoJaNYS4hz3Wn6-noGHuMG7MO05Oqs3KXSo7bag8KNa8qvWQ@mail.gmail.com>

On Sat, Jun 9, 2012 at 12:40 PM, Daniel Parthey <
daniel.parthey at informatik.tu-chemnitz.de> wrote:

> James Devine wrote:
> > I'm playing with running dovecot over NFS and I am running into some
> > issues.  I have followed the guide at  http://wiki2.dovecot.org/NFS and
> my
> > setup includes 1 nfs server and 1 client running postfix/dovecot.  In
> > testing I am running postal via the command:
> >
> > postal -t 10 -c 10 localhost users399
> >
> > The test file has a list of 399 users to deliver to.  I've provided a
> > sample of the errors I'm receiving and my configuration below, I am
> running
> > dovecot 2.0.19.  Any idea what I might be doing wrong and what I might do
> > to resolve it?  My ultimate goal is to setup multiple clients with
> director
> > so each user is still handled on a single machine, however with a single
> > machine I still seem to be having issues.
>
> Have a look at
> http://wiki2.dovecot.org/Director
>
> > Here is a sample of some of the errors I'm seeing:
> >
> > Jun  6 15:55:12 test-gluster-client1 dovecot: lmtp(12072, testuser130):
> > Error: mdbox /mnt/testuser130/mdbox/mailboxes/INBOX/dbox-Mails: Invalid
> > dbox header size: 0
> > Jun  6 15:55:12 test-gluster-client1 dovecot: lmtp(11999, testuser99):
> > Error: Log synchronization error at seq=2,offset=556 for
> > /mnt/testuser99/mdbox/storage/dovecot.map.index: Append with UID 2, but
> > next_uid = 3
>
> mdbox format requires a correct index and you will lose flags,
> if you lose the index file. The index will be automatically tried
> to restore from mails in the storage.
>
> You should avoid accessing the same user directory from different
> NFS clients, since this often leads to corruptions or invalid files.
>
> You need a director which ensures that one directory is only accessed
> from one host at the same time. This applies to IMAP, POP3, LMTP etc,
> which are all writing to the mailbox.
>
> Then you should access all mailboxes only via the director listener ports.
>
> > My dovecot config is:
>
> You posted only the configuration of your mailbox instance
> and might have a look your director configuration too:
>
> doveconf -c /etc/dovecot-director/dovecot-director.conf -n
>
> (or wherever your director configuration is located)
>
> Regards
> Daniel
>

Right now there is no director, I am only trying to get a single client
running postfix/dovecot talking to a single nfs server without error and
that's where I am having trouble

From fxmulder at gmail.com  Mon Jun 11 06:41:49 2012
From: fxmulder at gmail.com (James Devine)
Date: Sun, 10 Jun 2012 21:41:49 -0600
Subject: [Dovecot] Dovecot over NFS
In-Reply-To: <CAPmoJaNYS4hz3Wn6-noGHuMG7MO05Oqs3KXSo7bag8KNa8qvWQ@mail.gmail.com>
References: <CAPmoJaOJz0mmoGQmmpB4es-YPwmBTArLHXMo=cRx2RFjv6krPw@mail.gmail.com>
	<20120609184018.GA10990@daniel.localdomain>
	<CAPmoJaNYS4hz3Wn6-noGHuMG7MO05Oqs3KXSo7bag8KNa8qvWQ@mail.gmail.com>
Message-ID: <CAPmoJaNa9UKacDSMijHFn12TJ78J1qi-kVOdKUPwfJSAznGrAQ@mail.gmail.com>

By client I meant NFS client running postfix/dovecot servers

On Sun, Jun 10, 2012 at 9:38 PM, James Devine <fxmulder at gmail.com> wrote:

>
> On Sat, Jun 9, 2012 at 12:40 PM, Daniel Parthey <
> daniel.parthey at informatik.tu-chemnitz.de> wrote:
>
>> James Devine wrote:
>> > I'm playing with running dovecot over NFS and I am running into some
>> > issues.  I have followed the guide at  http://wiki2.dovecot.org/NFSand my
>> > setup includes 1 nfs server and 1 client running postfix/dovecot.  In
>> > testing I am running postal via the command:
>> >
>> > postal -t 10 -c 10 localhost users399
>> >
>> > The test file has a list of 399 users to deliver to.  I've provided a
>> > sample of the errors I'm receiving and my configuration below, I am
>> running
>> > dovecot 2.0.19.  Any idea what I might be doing wrong and what I might
>> do
>> > to resolve it?  My ultimate goal is to setup multiple clients with
>> director
>> > so each user is still handled on a single machine, however with a single
>> > machine I still seem to be having issues.
>>
>> Have a look at
>> http://wiki2.dovecot.org/Director
>>
>> > Here is a sample of some of the errors I'm seeing:
>> >
>> > Jun  6 15:55:12 test-gluster-client1 dovecot: lmtp(12072, testuser130):
>> > Error: mdbox /mnt/testuser130/mdbox/mailboxes/INBOX/dbox-Mails: Invalid
>> > dbox header size: 0
>> > Jun  6 15:55:12 test-gluster-client1 dovecot: lmtp(11999, testuser99):
>> > Error: Log synchronization error at seq=2,offset=556 for
>> > /mnt/testuser99/mdbox/storage/dovecot.map.index: Append with UID 2, but
>> > next_uid = 3
>>
>> mdbox format requires a correct index and you will lose flags,
>> if you lose the index file. The index will be automatically tried
>> to restore from mails in the storage.
>>
>> You should avoid accessing the same user directory from different
>> NFS clients, since this often leads to corruptions or invalid files.
>>
>> You need a director which ensures that one directory is only accessed
>> from one host at the same time. This applies to IMAP, POP3, LMTP etc,
>> which are all writing to the mailbox.
>>
>> Then you should access all mailboxes only via the director listener ports.
>>
>> > My dovecot config is:
>>
>> You posted only the configuration of your mailbox instance
>> and might have a look your director configuration too:
>>
>> doveconf -c /etc/dovecot-director/dovecot-director.conf -n
>>
>> (or wherever your director configuration is located)
>>
>> Regards
>> Daniel
>>
>
> Right now there is no director, I am only trying to get a single client
> running postfix/dovecot talking to a single nfs server without error and
> that's where I am having trouble
>

From werb at hasos.com  Mon Jun 11 08:20:47 2012
From: werb at hasos.com (Roland)
Date: Mon, 11 Jun 2012 07:20:47 +0200
Subject: [Dovecot] dovecot does not find libpam when compiling with
	customized prefix
Message-ID: <201206110720.47881.werb@hasos.com>

Hello everybody,

I try to compile dovecot 2.1.7 with a customized --prefix setting and --with-pam . Although I installed libpam into the same --prefix, dovecot does not find it:

checking for pam_start in -lpam... no
configure: error: Can't build with PAM support: libpam not found

The same or a similar problem seems to have appeared 4 years ago:
http://www.dovecot.org/list/dovecot/2008-February/028750.html

Which libpam file does dovecot expect in which directory? And possibly there is something wrong with the pam_start function?


Thanks in advance,

Roland

From jeetuindian at gmail.com  Mon Jun 11 08:56:48 2012
From: jeetuindian at gmail.com (Jitendra Bhaskar)
Date: Mon, 11 Jun 2012 11:26:48 +0530
Subject: [Dovecot] Frequently login problem
In-Reply-To: <CALucydm1MbfkJhHDp9fkO=nXafh1y7WJSTewguZuFyQi-ykHWg@mail.gmail.com>
References: <CALucydm1MbfkJhHDp9fkO=nXafh1y7WJSTewguZuFyQi-ykHWg@mail.gmail.com>
Message-ID: <CALucydkOrGr5nVdaFckkoOsRW7a8ycmjvGHu81VdwS-zzqO9=A@mail.gmail.com>

Hi guys,

   Any updates on it.
I observed that when no of connections increasing then its getting
disconnected. Means when increasing no of users then its happening.

On Mon, Jun 4, 2012 at 3:50 PM, Jitendra Bhaskar <jeetuindian at gmail.com>wrote:

> Hi,
>
> I am using dovecot 2.1.3 on centos 5.7. It was working fine but last few
> days I need to restart or reload dovecot service because at that time users
> are not able to login.
>
> Each time I am getting information from doveco.log is as :
> Jun 04 11:52:54 auth: Error: BUG: Authentication client gave a PID 17564
> of existing connection
> Jun 04 11:52:54 auth: Error: BUG: Authentication client gave a PID 17566
> of existing connection
> Jun 04 11:52:59 auth: Error: BUG: Authentication client gave a PID 17564
> of existing connection
>
>
>
>
> --
> * Thanks & Regards   *
> *Jitendra Kumar Bhaskar*
> Cell:- +91 7306311531
>          +91 8102997821
>
>


-- 
* Thanks & Regards   *
*Jitendra Kumar Bhaskar*
Cell:- +91 7306311531
         +91 8102997821

From jesper at dahlnyerup.dk  Mon Jun 11 11:09:07 2012
From: jesper at dahlnyerup.dk (Jesper Dahl Nyerup)
Date: Mon, 11 Jun 2012 10:09:07 +0200
Subject: [Dovecot] Very High Load on Dovecot 2 and Errors in mail.err.
In-Reply-To: <4FB8FFD7.5040301@enas.net>
References: <4FB35038.1000600@enas.net> <1337454348.4384.144.camel@innu>
	<4FB8C07B.5050604@enas.net>
	<4c605c0b2bc041f7f90300b36c716c22@us.es>
	<4FB8FFD7.5040301@enas.net>
Message-ID: <20120611080907.GA11882@jespernyerup.dk>

On May 20  16:29, Urban Loesch wrote:
> I checked my kernel and the patch mentioned in
> https://bugzilla.redhat.com/show_bug.cgi?id=681578
> 
> (comment 31) is not applied. It comes in version 3.0.30 and 3.2.17.
> 
> I will see what tomorrow happens under more load.
> If I have the problem again, I give 3.2.17 a chance.

We've seen similar behavior on a similar system with a similar workload.

We've tried a 3.0.31 - after the epoll patch was applied upstream -
without seeing a difference. Right now we're running a 3.3.7 with
vs2.3.3.4, and this has reduced the problem quite a bit, but not
eliminated it completely.

Stracing the processes in D state from before they hang has just
revealed something interesting, however, pointing to an issue with
inotify rather than epoll.

[snip]
[...]
15414 23:27:36 inotify_init()           = 12 <0.000024>
[...]
15414 23:27:36 close(12 <unfinished ...>
15414 23:28:51 <... close resumed> )    = 0 <74.593917>
15414 23:28:51 close(9 <unfinished ...>
15414 23:28:51 <... close resumed> )    = 0 <0.000080>
15414 23:28:51 exit_group(0)            = ?
[/snip]

In short, as far as we can tell, all the processes in D state appear to
be waiting to close the file handle they got from their inotify_init(),
and eventually all these close()s go through almost simultaneously.

Right now we're trawling for locking issues related to inotify, with our
focus mainly at the VServer patch set. I would very much appreciate
updates on your - or anyone else's - findings and progress.

Yours,

Jesper Nyerup.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20120611/930695fb/attachment.bin>

From a.kostyrev at serverc.ru  Mon Jun 11 12:27:01 2012
From: a.kostyrev at serverc.ru (=?koi8-r?B?68/T1NnSxdcg4czFy9PBzsTSIOHMxcvTxcXXyd4=?=)
Date: Mon, 11 Jun 2012 20:27:01 +1100
Subject: [Dovecot] director: non standart ports at backends
Message-ID: <213B51F00051AE48A9F0E112880177178F79EF@Delta.sc.local>

hello,
I'm trying to figure out how to proxy pop3 and pop3s that listens on non-standart ports at backends.
For example, pop3 is at 1110 and pop3s at 1995 (on backend side).
is it possible? 
how should I separate this ports in director's config?
it's easy for one port:
for example lmtp - you just use passdb in protocol lmtp {}

From amateo at um.es  Mon Jun 11 13:19:39 2012
From: amateo at um.es (Angel L. Mateo)
Date: Mon, 11 Jun 2012 12:19:39 +0200
Subject: [Dovecot] difference between client_limit and process_limit
In-Reply-To: <3E0F7337-B1BA-426F-84AF-D1D7710B80A3@iki.fi>
References: <4FD1D2E5.3020901@um.es> <4FD1DE19.4050903@um.es>
	<A1BAE7E0-1F08-4FDA-8FC8-D045E5E7987A@iki.fi>
	<4FD22956.20904@thelounge.net>
	<3E0F7337-B1BA-426F-84AF-D1D7710B80A3@iki.fi>
Message-ID: <4FD5C63B.7040904@um.es>

El 08/06/12 18:43, Timo Sirainen escribi?:
> On 8.6.2012, at 19.33, Reindl Harald wrote:
>
>>> Yes, but like the wiki page also says, it's not a good idea increase client_limit for imap/pop3 processes.
>>
>> depends on the usecase / workload
>>
>> having dovecot as proxy for other imap-backends and 1 process per connection
>> will heavily raise up process-count and memory-overhead while memory
>> may be needed for the imap-backend (like dbmail) and datanases
>>
>> process_limit                = 15
>> client_limit                 = 300
>>
>> this way you can have 4500 proxy-connections and use most time
>> not more than 4-5 processes
>
> Proxying is done by imap-login process, not imap process. For login processes there are different recommendations.
>
	What are those recommendations? The ones at 
http://wiki2.dovecot.org/LoginProcess?

	Let's suppose... I have 4 mainly imap backend servers (but they admit 
also pop3 connections) with a process_limit of 5120 for service imap 
(and default_client_limit of 1000 applied to pop3). And I have 2 
director servers (configured as active-active behind a load balancer), 
so I need director servers to handle (more or less) 10240 imap connections.

	What is it better for the director's? Increasing process_limit for 
imap-login (so each process should handle less connections) or 
increasing client_limit (less processes handling more connections each)?

From joseba.torre at ehu.es  Mon Jun 11 13:43:03 2012
From: joseba.torre at ehu.es (Joseba Torre)
Date: Mon, 11 Jun 2012 12:43:03 +0200
Subject: [Dovecot] Director problems
In-Reply-To: <DCE2FF6E-BD1A-4DD0-9E2C-29A7DB7B7CC9@iki.fi>
References: <4FCF549F.70404@ehu.es>
	<DCE2FF6E-BD1A-4DD0-9E2C-29A7DB7B7CC9@iki.fi>
Message-ID: <4FD5CBB7.9010301@ehu.es>

El 09/06/12 23:17, Timo Sirainen escribi?:
> On 6.6.2012, at 16.01, Joseba Torre wrote:
>
>> I've just setup a testing enviroment for director, and it's not working as expected. I have just 1 director (called director) and 2 dovecot servers (dovecot1 and dovecot2); these are exact copies.
>>
>> First problem: when both dovecot servers are up, every imap connection is redirected to the same server as you can see here:
>>
>> $ sudo doveadm director map
>> user                                          mail server ip expire time
>> <unknown>                                      158.227.4.186  2012-06-06 13:34:12
>> <unknown>                                      158.227.4.186  2012-06-06 13:34:27
>> <unknown>                                      158.227.4.186  2012-06-06 13:34:34
>>
>> (I don't know if that<unknown>  is good or not)
>>
>> I've tried with 3 different users and ips to no change, users are always directed to the same host.
>
> Perhaps you just managed to use such usernames that map to the same director.. You can try with "doveadm director status<user>" to see where they should go.

I was thinking that users where sent to one server or another in a more 
or less random way. As always, your guess was right, test[1-4] are all 
sent to the same server, but for example jorge is sent to the other one.
>
>> Second problem: if I try to add/remove/modify one of the dovecot servers, the output of doveadm director map/status seems to be ok, but any new user connection fails with this log:
>>
>> Jun  6 14:51:59 director dovecot: director: Warning: Delaying new user requests until ring is synced
>
> Looks like there's a bug when only one director is used. I'll try and fix it later..

Thanks a lot for your support

From trybowski at aeropolis.pl  Mon Jun 11 14:23:23 2012
From: trybowski at aeropolis.pl (Krzysztof Trybowski)
Date: Mon, 11 Jun 2012 13:23:23 +0200
Subject: [Dovecot] Dovecot 2.1 stable packages for Debian?
Message-ID: <CAC=fBB=VvVnArPZWe=UC5dKwqYb9NA_SaHySi9uoeD0rpwnwBQ@mail.gmail.com>

Hello all,
it is strange, but Dovecot 2.x still didn't make it into Debian (not
even backports). It exists in testing, but that's still a long wait.
OTOH there are official packages built every day (referenced from the
download page). This puzzles me: why isn't there a build created from
each stable, released version of Dovecot, so that users of Debian
Stable could benefit from the new version, and run it on production
environment? Could you (I mean ? the Dovecot team) provide such
packages? This wouldn't require any major amount of work, since you
already have daily builds produced. You would just have to run that
building system once per each released version and keep it available
for download.

The reason for this is relatively simple: I'm about to implement a new
mail server, and I'd like to keep to Debian Stable while using Dovecot
2.x. This will make future updates much easier, as I won't have to
face 1.2 -> 2.0 migration on a production system.

Regards, KT

From tss at iki.fi  Mon Jun 11 14:45:43 2012
From: tss at iki.fi (Timo Sirainen)
Date: Mon, 11 Jun 2012 14:45:43 +0300
Subject: [Dovecot] difference between client_limit and process_limit
In-Reply-To: <4FD5C63B.7040904@um.es>
References: <4FD1D2E5.3020901@um.es> <4FD1DE19.4050903@um.es>
	<A1BAE7E0-1F08-4FDA-8FC8-D045E5E7987A@iki.fi>
	<4FD22956.20904@thelounge.net>
	<3E0F7337-B1BA-426F-84AF-D1D7710B80A3@iki.fi>
	<4FD5C63B.7040904@um.es>
Message-ID: <D226FD99-8113-4F4A-87E9-F54F5DF69807@iki.fi>

On 11.6.2012, at 13.19, Angel L. Mateo wrote:

>> Proxying is done by imap-login process, not imap process. For login processes there are different recommendations.
>> 
> 	What are those recommendations? The ones at http://wiki2.dovecot.org/LoginProcess?

Yes.

> 	Let's suppose... I have 4 mainly imap backend servers (but they admit also pop3 connections) with a process_limit of 5120 for service imap (and default_client_limit of 1000 applied to pop3). And I have 2 director servers (configured as active-active behind a load balancer), so I need director servers to handle (more or less) 10240 imap connections.
> 
> 	What is it better for the director's? Increasing process_limit for imap-login (so each process should handle less connections) or increasing client_limit (less processes handling more connections each)?

If you increase process_limit to more than the number of CPU cores you have, then you increase the number of context switched done by the kernel, which decreases your performance. So I'd say increase client_limit.


From tss at iki.fi  Mon Jun 11 14:48:33 2012
From: tss at iki.fi (Timo Sirainen)
Date: Mon, 11 Jun 2012 14:48:33 +0300
Subject: [Dovecot] Frequently login problem
In-Reply-To: <CALucydm1MbfkJhHDp9fkO=nXafh1y7WJSTewguZuFyQi-ykHWg@mail.gmail.com>
References: <CALucydm1MbfkJhHDp9fkO=nXafh1y7WJSTewguZuFyQi-ykHWg@mail.gmail.com>
Message-ID: <49EE70D0-58D7-462D-82A8-FB56B02986CA@iki.fi>

On 4.6.2012, at 13.20, Jitendra Bhaskar wrote:

> I am using dovecot 2.1.3 on centos 5.7. It was working fine but last few
> days I need to restart or reload dovecot service because at that time users
> are not able to login.
> 
> Each time I am getting information from doveco.log is as :
> Jun 04 11:52:54 auth: Error: BUG: Authentication client gave a PID 17564 of
> existing connection

This happens before restart, not during it? doveconf -n output? Are you using Dovecot auth for anything external, like Postfix/Exim?


From tss at iki.fi  Mon Jun 11 14:51:48 2012
From: tss at iki.fi (Timo Sirainen)
Date: Mon, 11 Jun 2012 14:51:48 +0300
Subject: [Dovecot] Very High Load on Dovecot 2 and Errors in mail.err.
In-Reply-To: <20120611080907.GA11882@jespernyerup.dk>
References: <4FB35038.1000600@enas.net> <1337454348.4384.144.camel@innu>
	<4FB8C07B.5050604@enas.net>
	<4c605c0b2bc041f7f90300b36c716c22@us.es>
	<4FB8FFD7.5040301@enas.net>
	<20120611080907.GA11882@jespernyerup.dk>
Message-ID: <E9D12C34-52A2-4DFF-9B9F-A95F29CD65F5@iki.fi>

On 11.6.2012, at 11.09, Jesper Dahl Nyerup wrote:

> Stracing the processes in D state from before they hang has just
> revealed something interesting, however, pointing to an issue with
> inotify rather than epoll.
> 
> [snip]
> [...]
> 15414 23:27:36 inotify_init()           = 12 <0.000024>
> [...]
> 15414 23:27:36 close(12 <unfinished ...>
> 15414 23:28:51 <... close resumed> )    = 0 <74.593917>
> 15414 23:28:51 close(9 <unfinished ...>
> 15414 23:28:51 <... close resumed> )    = 0 <0.000080>
> 15414 23:28:51 exit_group(0)            = ?
> [/snip]
> 
> In short, as far as we can tell, all the processes in D state appear to
> be waiting to close the file handle they got from their inotify_init(),
> and eventually all these close()s go through almost simultaneously.

Yeah. Looks like a kernel bug. You could try if it goes away by disabling inotify in Dovecot. Either recompile with "configure --with-notify=none" or maybe you can disable inotify globally with:

echo 0 > /proc/sys/fs/inotify/max_user_watches
echo 0 > /proc/sys/fs/inotify/max_user_instances

From tss at iki.fi  Mon Jun 11 14:55:32 2012
From: tss at iki.fi (Timo Sirainen)
Date: Mon, 11 Jun 2012 14:55:32 +0300
Subject: [Dovecot] Dovecot over NFS
In-Reply-To: <CAPmoJaOJz0mmoGQmmpB4es-YPwmBTArLHXMo=cRx2RFjv6krPw@mail.gmail.com>
References: <CAPmoJaOJz0mmoGQmmpB4es-YPwmBTArLHXMo=cRx2RFjv6krPw@mail.gmail.com>
Message-ID: <708F1898-C96C-4F01-88D6-61833EFBF531@iki.fi>

On 7.6.2012, at 1.07, James Devine wrote:

> I'm playing with running dovecot over NFS and I am running into some
> issues.  I have followed the guide at  http://wiki2.dovecot.org/NFS and my
> setup includes 1 nfs server and 1 client running postfix/dovecot.

Which NFS server? Which NFS client (Linux)?

>  In
> testing I am running postal via the command:
> 
> postal -t 10 -c 10 localhost users399
> 
> The test file has a list of 399 users to deliver to.  I've provided a
> sample of the errors I'm receiving and my configuration below, I am running
> dovecot 2.0.19.  Any idea what I might be doing wrong and what I might do
> to resolve it?  My ultimate goal is to setup multiple clients with director
> so each user is still handled on a single machine, however with a single
> machine I still seem to be having issues.
..
> Jun  6 15:55:12 test-gluster-client1 dovecot: lmtp(12072, testuser130):
> Error: mdbox /mnt/testuser130/mdbox/mailboxes/INBOX/dbox-Mails: Invalid
> dbox header size: 0

Yeah, something's broken. I'd try:

1. Try Dovecot v2.1.7. I don't think v2.0.19 had these problems anymore but wouldn't hurt to try.

2. Try if you can reproduce the same problem with local filesystem.

3. Try another NFS server or client..

From tss at iki.fi  Mon Jun 11 14:59:06 2012
From: tss at iki.fi (Timo Sirainen)
Date: Mon, 11 Jun 2012 14:59:06 +0300
Subject: [Dovecot] dovecot does not find libpam when compiling with
	customized prefix
In-Reply-To: <201206110720.47881.werb@hasos.com>
References: <201206110720.47881.werb@hasos.com>
Message-ID: <191E7B2A-41D1-4595-A584-C13DC8076CFF@iki.fi>

On 11.6.2012, at 8.20, Roland wrote:

> I try to compile dovecot 2.1.7 with a customized --prefix setting and --with-pam . Although I installed libpam into the same --prefix, dovecot does not find it:
> 
> checking for pam_start in -lpam... no
> configure: error: Can't build with PAM support: libpam not found
> 
> The same or a similar problem seems to have appeared 4 years ago:
> http://www.dovecot.org/list/dovecot/2008-February/028750.html
> 
> Which libpam file does dovecot expect in which directory? And possibly there is something wrong with the pam_start function?

Dovecot doesn't expect anything. gcc/ld expects things. You'll need to use the generic options to tell where the PAM files are, something like:

LDFLAGS=-L/where/is/pam/lib CPPFLAGS=-I/where/is/pam/include ./configure


From tss at iki.fi  Mon Jun 11 15:01:27 2012
From: tss at iki.fi (Timo Sirainen)
Date: Mon, 11 Jun 2012 15:01:27 +0300
Subject: [Dovecot] director: non standart ports at backends
In-Reply-To: <213B51F00051AE48A9F0E112880177178F79EF@Delta.sc.local>
References: <213B51F00051AE48A9F0E112880177178F79EF@Delta.sc.local>
Message-ID: <BB82CF1C-7AB9-49C4-BF90-03A9059BA5E3@iki.fi>

On 11.6.2012, at 12.27, ???????? ????????? ?????????? wrote:

> hello,
> I'm trying to figure out how to proxy pop3 and pop3s that listens on non-standart ports at backends.
> For example, pop3 is at 1110 and pop3s at 1995 (on backend side).
> is it possible? 
> how should I separate this ports in director's config?
> it's easy for one port:
> for example lmtp - you just use passdb in protocol lmtp {}

The passdb needs to return the "port" field. You can't use static passdb for this, since it has no conditionals and you can't do per-port configuration. Maybe use sqlite (simply to use it as a scripting engine - empty database) or checkpassword as your passdb.


From tss at iki.fi  Mon Jun 11 15:09:04 2012
From: tss at iki.fi (Timo Sirainen)
Date: Mon, 11 Jun 2012 15:09:04 +0300
Subject: [Dovecot] Error: doveadm client attempted non-PLAIN
	authentication
In-Reply-To: <20120609235603.GA17490@daniel.localdomain>
References: <20120609235603.GA17490@daniel.localdomain>
Message-ID: <65A804FB-2F80-497C-9A96-3CC34B522FBF@iki.fi>

On 10.6.2012, at 2.56, Daniel Parthey wrote:

> doveadm search -u user at example.org -S localhost:19000 all
> produces the following error in the logs:
> dovecot: doveadm: Error: doveadm client attempted non-PLAIN authentication
> 
> What am I missing?

It's possible that this is just broken in v2.0. Try v2.1.


From tss at iki.fi  Mon Jun 11 15:16:16 2012
From: tss at iki.fi (Timo Sirainen)
Date: Mon, 11 Jun 2012 15:16:16 +0300
Subject: [Dovecot] auth_krb5_keytab ignored ?
In-Reply-To: <20120608165902.GI89928@rosa.physik.tu-berlin.de>
References: <20120608165902.GI89928@rosa.physik.tu-berlin.de>
Message-ID: <1339416976.5967.29.camel@hurina>

On Fri, 2012-06-08 at 18:59 +0200, Leon Me?ner wrote:
> Hi list,
> 
> i noticed that when doing imap gssapi authentication with kerberos,
> dovecot (here 2.1.7) always searches /etc/krb5.keytab although i have
> auth_krb5_keytab = /etc/mail3.krb5.keytab in my etc/dovecot/dovecot.conf
> and doveconf -n also show this setting. If i combine the keytabs in
> krb5.keytab it works. Is there another location where i should put my
> configuration regarding gssapi/kerberos ?

Try if this works:

import_environment = TZ GDB DEBUG_SILENT KRB5_KTNAME 

Then start Dovecot with:

KRB5_KTNAME=/etc/mail3.krb5.keytab dovecot

I'm wondering if the code in mech-gssapi.c that sets KRB5_KTNAME
environment is being called too late.



From tss at iki.fi  Mon Jun 11 15:21:08 2012
From: tss at iki.fi (Timo Sirainen)
Date: Mon, 11 Jun 2012 15:21:08 +0300
Subject: [Dovecot] how to announce shared folders to clients using
	non-default mail prefix
In-Reply-To: <4FD14895.8040707@engr.orst.edu>
References: <4FD14895.8040707@engr.orst.edu>
Message-ID: <63F00218-4FBE-418F-9477-CBEA8E7A35B9@iki.fi>

On 8.6.2012, at 3.34, Tom Lieuallen wrote:

> Note that if I change the prefix for that shared namespace to 'iphonemail/', it does present my shared folders as well as anything in a personal iphonemail directory.  However, 'select' didn't work with the personal folders.  My guess is it's mostly due to the difference in mail formats between the two (mbox & maildir).  

You should be able to use prefix=iphonemail/shared/


From oni-neko at gmx.net  Mon Jun 11 15:28:37 2012
From: oni-neko at gmx.net (oni-neko at gmx.net)
Date: Mon, 11 Jun 2012 14:28:37 +0200
Subject: [Dovecot] question about changing certificate
Message-ID: <20120611122837.317410@gmx.net>

Good day!

I'm having trouble changing certificate/keys for my dovecot(version 1.2.9).
When I set up the server (unbuntu lts 10.4.4) I did it with a self-signed certificate. I can't remember exactly what I did, just that I followed the wiki and it worked fine =)

Now I have to change the certificate because a friend bought an official one (from thawte) and I'm a bit stumped.
As dovecot can use supposedly use the same file for both key and cert file, I copied the new certificate to /etc/ssl/private/dovecot.pem and to /etc/ssl/certs/dovecot.pem.

next I get from managesieve-login, pop3-login and imap-login the following log entries:
Fatal: Can't load private key file /etc/ssl/private/dovecot.pem: Key is for a different cert than /etc/ssl/certs/dovecot.pem

some googling brought up the file ssl-cert-snakeoil.key in /etc/ssl/private and /etc/ssl/certs that some people change in that context. As I also have a symlink /etc/ssl/private/ssl-mail.key that points to /etc/ssl/private/ssl-cert-snakeoil.key I'm starting to be confused (even more). dovecot is using the dovecot.pem-files, who/what uses the ssl-mail.key? 

I'm pretty sure I'm just overlooking something completely obvious, but what? =)

greetings
silvia


-- 
NEU: FreePhone 3-fach-Flat mit kostenlosem Smartphone!                                  
Jetzt informieren: http://mobile.1und1.de/?ac=OM.PW.PW003K20328T7073a

From tss at iki.fi  Mon Jun 11 15:30:59 2012
From: tss at iki.fi (Timo Sirainen)
Date: Mon, 11 Jun 2012 15:30:59 +0300
Subject: [Dovecot] Dovecot auth process delays exiting if LDAPS passdb
	used
In-Reply-To: <87txynzuqs.wl%fumiyas@osstech.jp>
References: <87y5oi51ka.wl%fumiyas@osstech.jp>
	<87vcjm50kr.wl%fumiyas@osstech.jp>
	<1338305505.8270.10.camel@hurina>
	<87txynzuqs.wl%fumiyas@osstech.jp>
Message-ID: <4C795253-9E52-40AF-912F-AF044EB9DF28@iki.fi>

On 7.6.2012, at 6.06, SATOH Fumiyasu wrote:

>>>> Dovecot auth process has a problem
>>>> that Dovecot auth delays exiting about between 20 and
>>>> 60 seconds when Dovecot dovecot (master) process is already
>>>> terminated by an administrator.
> 
> Yes. I can reproduce with dovecot 1:2.1.7-1 (Debian unstable package)
> with PAM passdb. This PAM environment is configured for
> local UNIX passwd file only (no LDAP).

I can't reproduce this. I installed the 1:2.1.7-1 Debian unstable package. Put your dovecot.conf to /etc/dovecot/. Did:

/etc/init.d/dovecot start
telnet localhost 143
x login foo bar
x logout
/etc/init.d/dovecot stop

No dovecot processes left.


From tss at iki.fi  Mon Jun 11 15:33:32 2012
From: tss at iki.fi (Timo Sirainen)
Date: Mon, 11 Jun 2012 15:33:32 +0300
Subject: [Dovecot] Accessing maildir snapshots through dovecot /
	namespace
In-Reply-To: <4FD0C843.4070503@ibl.fr>
References: <4FD0C843.4070503@ibl.fr>
Message-ID: <BCDDD91A-A9B8-4A56-AD97-7287C37A9D01@iki.fi>

On 7.6.2012, at 18.26, Karl Oulmi wrote:

> namespace snap {
> prefix = INBOX.snapshot.h0.
> hidden = no
> inbox = no
> list = yes
> location = maildir:/da1/%u/Maildir:INDEX=/da1/dovecot/indexes/%u:CONTROL=/da1/dovecot/control/%u
> type = private
> }
> 
> 
> The problem is that I don't see the content of the inbox folder contained in the snapshots whereas subfolders are perfectly viewed !

The INBOX should be accessible as the INBOX.snapshot.h0 itself.


From a.kostyrev at serverc.ru  Mon Jun 11 15:39:00 2012
From: a.kostyrev at serverc.ru (=?koi8-r?B?68/T1NnSxdcg4czFy9PBzsTSIOHMxcvTxcXXyd4=?=)
Date: Mon, 11 Jun 2012 23:39:00 +1100
Subject: [Dovecot] director: non standart ports at backends
In-Reply-To: <BB82CF1C-7AB9-49C4-BF90-03A9059BA5E3@iki.fi>
References: <213B51F00051AE48A9F0E112880177178F79EF@Delta.sc.local>
	<BB82CF1C-7AB9-49C4-BF90-03A9059BA5E3@iki.fi>
Message-ID: <213B51F00051AE48A9F0E112880177178F79F0@Delta.sc.local>

thanks Timo, for you time
but I still don't get it)
should I return "port" with just "port_num1,port_num2" value or how?
I've tried to google an example but with no success.

-----Original Message-----
From: Timo Sirainen [mailto:tss at iki.fi] 
Sent: Monday, June 11, 2012 11:01 PM
To: ???????? ????????? ??????????
Cc: dovecot at dovecot.org
Subject: Re: [Dovecot] director: non standart ports at backends

On 11.6.2012, at 12.27, ???????? ????????? ?????????? wrote:

> hello,
> I'm trying to figure out how to proxy pop3 and pop3s that listens on non-standart ports at backends.
> For example, pop3 is at 1110 and pop3s at 1995 (on backend side).
> is it possible? 
> how should I separate this ports in director's config?
> it's easy for one port:
> for example lmtp - you just use passdb in protocol lmtp {}

The passdb needs to return the "port" field. You can't use static passdb for this, since it has no conditionals and you can't do per-port configuration. Maybe use sqlite (simply to use it as a scripting engine - empty database) or checkpassword as your passdb.


From tss at iki.fi  Mon Jun 11 15:43:52 2012
From: tss at iki.fi (Timo Sirainen)
Date: Mon, 11 Jun 2012 15:43:52 +0300
Subject: [Dovecot] Different but probably related issue
In-Reply-To: <1338883767.4514.23.camel@jlt3.sipsolutions.net>
References: <442263FE-BEAE-47F5-A1FF-49DC0065DF17@canbasis.com>
	<1338883767.4514.23.camel@jlt3.sipsolutions.net>
Message-ID: <DEB4E058-011D-4673-B7CB-68CB51DCB2C5@iki.fi>

On 5.6.2012, at 11.09, Johannes Berg wrote:

> Unfortunately, I don't. I can only suggest, as a test, trying with some
> other storage format -- I only use Maildir -- to see if the problem is
> really in the interaction with mdbox. I'm fairly sure that's likely the
> problem, maybe the plugin doesn't pass something through append that is
> needed by mdbox, but I've never even attempted to understand mdbox.
> 
> Maybe Timo can comment. Timo, you can find the latest code here:
> http://git.sipsolutions.net/?p=dovecot-antispam.git;a=summary

I don't see anything obviously wrong in there.. Perhaps antispam_save_finish() returns failure for some reason and dbox doesn't handle that properly?


From tss at iki.fi  Mon Jun 11 15:47:50 2012
From: tss at iki.fi (Timo Sirainen)
Date: Mon, 11 Jun 2012 15:47:50 +0300
Subject: [Dovecot] director: non standart ports at backends
In-Reply-To: <213B51F00051AE48A9F0E112880177178F79F0@Delta.sc.local>
References: <213B51F00051AE48A9F0E112880177178F79EF@Delta.sc.local>
	<BB82CF1C-7AB9-49C4-BF90-03A9059BA5E3@iki.fi>
	<213B51F00051AE48A9F0E112880177178F79F0@Delta.sc.local>
Message-ID: <8568BABD-F72C-47B2-B9A4-4902410404C6@iki.fi>

Looking at your old mails, you seem to be using passdb static for director, but userdb sql? So you could switch to:

passdb {
 driver = sql
 args = /etc/dovecot/dovecot-sql.conf
}

password_query = select 'y' as proxy, 'y' as nopassword, if('%a'=143, 1430, 9930) as port

where you'd change the if() to something that handles %s=imap vs %s=pop3 vs %s=lmtp and %a=143 vs %a=993 vs %a=110 vs %a=995. Maybe a "case" statement would be less ugly. Or simply make it a real table in sql. Anyway, that's the basic idea.

On 11.6.2012, at 15.39, ???????? ????????? ?????????? wrote:

> thanks Timo, for you time
> but I still don't get it)
> should I return "port" with just "port_num1,port_num2" value or how?
> I've tried to google an example but with no success.
> 
> -----Original Message-----
> From: Timo Sirainen [mailto:tss at iki.fi] 
> Sent: Monday, June 11, 2012 11:01 PM
> To: ???????? ????????? ??????????
> Cc: dovecot at dovecot.org
> Subject: Re: [Dovecot] director: non standart ports at backends
> 
> On 11.6.2012, at 12.27, ???????? ????????? ?????????? wrote:
> 
>> hello,
>> I'm trying to figure out how to proxy pop3 and pop3s that listens on non-standart ports at backends.
>> For example, pop3 is at 1110 and pop3s at 1995 (on backend side).
>> is it possible? 
>> how should I separate this ports in director's config?
>> it's easy for one port:
>> for example lmtp - you just use passdb in protocol lmtp {}
> 
> The passdb needs to return the "port" field. You can't use static passdb for this, since it has no conditionals and you can't do per-port configuration. Maybe use sqlite (simply to use it as a scripting engine - empty database) or checkpassword as your passdb.
> 


From tss at iki.fi  Mon Jun 11 16:16:06 2012
From: tss at iki.fi (Timo Sirainen)
Date: Mon, 11 Jun 2012 16:16:06 +0300
Subject: [Dovecot] fts_lucene crashing
In-Reply-To: <CAL7v5fsCWc-RGvTPqs9N_FeVzT7gtNz+9j9JcXzHUPze=DvJUQ@mail.gmail.com>
References: <CAL7v5fuPNc0kkNLCrhMnonZQwGj28GhzwVK0jH=YSeeTjBRG_A@mail.gmail.com>
	<B4861DB2-FD88-4686-BAB3-5CB85A90A1AA@iki.fi>
	<CAL7v5fvb1JXzicMrvb37CYc4B4p+vKAsxDYNiU0dHHKDExJQkg@mail.gmail.com>
	<CAL7v5ft7omHS-XN_DH_UPiBThUCTpjRq1M84kRSf+o9TpdsSng@mail.gmail.com>
	<CAL7v5fsCWc-RGvTPqs9N_FeVzT7gtNz+9j9JcXzHUPze=DvJUQ@mail.gmail.com>
Message-ID: <080D29B1-72BD-40DE-B9D6-7E7838B97DB9@iki.fi>

On 30.5.2012, at 22.13, Joe Beaubien wrote:

>>>>>> May 22 14:51:51 mba dovecot: imap(formulaire): Panic: file
>>>>>> lucene-wrapper.cc: line 196: unreached
> 
> Thanks for the new release. Unfortunately, it doesn't seem to have fixed my
> specific issue. I got you a gdb trace like you asked in a previous mail. I
> hope that can help. If I didn't get the correct backtrace, or if you need
> some other info from gdb let me know.


Thanks. The problem was pretty far away from where I thought it was. Fixed: http://hg.dovecot.org/dovecot-2.1/rev/0fde692cb565


From tss at iki.fi  Mon Jun 11 16:25:37 2012
From: tss at iki.fi (Timo Sirainen)
Date: Mon, 11 Jun 2012 16:25:37 +0300
Subject: [Dovecot] dsync migration with preserving pop3 uidl
In-Reply-To: <4FBE0A9C.8090406@stable.cz>
References: <4FBE0A9C.8090406@stable.cz>
Message-ID: <BB74B916-1980-4E10-BE93-6675ED150F5B@iki.fi>

On 24.5.2012, at 13.17, Tom?? Herceg wrote:

> I'm trying to migrate messages from icewarp (merak) mailserver to dovecot via
> dsync, IMAP migration is looking fine, but I'm unable to migrate pop3 uidls from
> originating server, probably is something wrong with configuration, but I don't
> know what. The only documentation i found is on the wiki:
> http://wiki2.dovecot.org/Migration/Dsync where is bad writen mail_plugins =
> pop3-migration, i corrected it to mail_plugins = pop3_migration, but it still
> didn't work, here is my configuration:
..
> namespace {
>  hidden = yes
>  list = yes

list=no would be better so clients don't accidentally access this.

>  location = pop3c:
>  prefix = POP3/
> }
> I'm runnig dsync this way:
> /usr/bin/time -f "%E" doveadm -vD -o imapc_user=test1 at irock.cz -o
> imapc_password=***** backup -u test1 at irock.cz -f -R imapc:/tmp-ram/imapc-test1

You need to change pop3c_user and pop3c_password also in this command line.

> dsync(test1 at irock.cz): Error: stat((null)) failed: Bad address
> dsync(test1 at irock.cz): Error: stat((null)) failed: Bad address

I wonder what these are.

Also I wonder why the weren't any messages about missing/wrong user+pass for pop3c.

From tss at iki.fi  Mon Jun 11 16:32:11 2012
From: tss at iki.fi (Timo Sirainen)
Date: Mon, 11 Jun 2012 16:32:11 +0300
Subject: [Dovecot] multi-instance doveadm user -m woes
In-Reply-To: <7D5EC3A3-CD1C-4C50-B8D5-B737560235EC@geneseo.edu>
References: <7D5EC3A3-CD1C-4C50-B8D5-B737560235EC@geneseo.edu>
Message-ID: <E134ED2C-6E4C-42F2-A0FE-7F9F0CAC1F91@iki.fi>

On 11.5.2012, at 18.06, David Warden wrote:

> I'm having difficulty with the doveadm who command on a multi-instance setup of dovecot. When I run the who command on the non-standard instance with the -m flag (to see their mail location), this happens:
> 
> [root at wardentest3 dovecot]# doveadm -i mailtest user -m warden
> doveadm(root): Error: user warden: Initialization failed: Namespace 'INBOX.': Ambiguous mail location setting, don't know what to do with it: /var/spool/mail/root (try prefixing it with mbox: or maildir:)

Thanks, fixed:

http://hg.dovecot.org/dovecot-2.1/rev/98f2c12eccdb


From tss at iki.fi  Mon Jun 11 16:56:31 2012
From: tss at iki.fi (Timo Sirainen)
Date: Mon, 11 Jun 2012 16:56:31 +0300
Subject: [Dovecot] Director problems
In-Reply-To: <4FD5CBB7.9010301@ehu.es>
References: <4FCF549F.70404@ehu.es>
	<DCE2FF6E-BD1A-4DD0-9E2C-29A7DB7B7CC9@iki.fi>
	<4FD5CBB7.9010301@ehu.es>
Message-ID: <7D649FE2-6FB4-4892-8FF2-EDA8ED4F2057@iki.fi>

On 11.6.2012, at 13.43, Joseba Torre wrote:

>>> I've tried with 3 different users and ips to no change, users are always directed to the same host.
>> 
>> Perhaps you just managed to use such usernames that map to the same director.. You can try with "doveadm director status<user>" to see where they should go.
> 
> I was thinking that users where sent to one server or another in a more or less random way. As always, your guess was right, test[1-4] are all sent to the same server, but for example jorge is sent to the other one.

The "randomness" is basically md5(username)%2.

>>> Second problem: if I try to add/remove/modify one of the dovecot servers, the output of doveadm director map/status seems to be ok, but any new user connection fails with this log:
>>> 
>>> Jun  6 14:51:59 director dovecot: director: Warning: Delaying new user requests until ring is synced
>> 
>> Looks like there's a bug when only one director is used. I'll try and fix it later..
> 
> Thanks a lot for your support

Fixed: http://hg.dovecot.org/dovecot-2.1/rev/46d01b728647


From tomislav.mihalicek at gmail.com  Mon Jun 11 17:03:46 2012
From: tomislav.mihalicek at gmail.com (Tomislav Mihalicek)
Date: Mon, 11 Jun 2012 07:03:46 -0700 (PDT)
Subject: [Dovecot] Dovecot 2.1 stable packages for Debian?
In-Reply-To: <CAC=fBB=VvVnArPZWe=UC5dKwqYb9NA_SaHySi9uoeD0rpwnwBQ@mail.gmail.com>
References: <CAC=fBB=VvVnArPZWe=UC5dKwqYb9NA_SaHySi9uoeD0rpwnwBQ@mail.gmail.com>
Message-ID: <33993325.post@talk.nabble.com>


Here you go...

cat /etc/apt/sources.list

# latest dovecot
# apt-get install debian-dovecot-auto-keyring
deb http://xi.rename-it.nl/debian/ stable-auto/dovecot-2.1 main
deb-src http://xi.rename-it.nl/debian/ stable-auto/dovecot-2.1 main


Krzysztof Trybowski wrote:
> 
> Hello all,
> it is strange, but Dovecot 2.x still didn't make it into Debian (not
> even backports). It exists in testing, but that's still a long wait.
> OTOH there are official packages built every day (referenced from the
> download page). This puzzles me: why isn't there a build created from
> each stable, released version of Dovecot, so that users of Debian
> Stable could benefit from the new version, and run it on production
> environment? Could you (I mean ? the Dovecot team) provide such
> packages? This wouldn't require any major amount of work, since you
> already have daily builds produced. You would just have to run that
> building system once per each released version and keep it available
> for download.
> 
> The reason for this is relatively simple: I'm about to implement a new
> mail server, and I'd like to keep to Debian Stable while using Dovecot
> 2.x. This will make future updates much easier, as I won't have to
> face 1.2 -> 2.0 migration on a production system.
> 
> Regards, KT
> 
> 
-- 
View this message in context: http://old.nabble.com/Dovecot-2.1-stable-packages-for-Debian--tp33992548p33993325.html
Sent from the Dovecot mailing list archive at Nabble.com.


From joseba.torre at ehu.es  Mon Jun 11 17:15:36 2012
From: joseba.torre at ehu.es (Joseba Torre)
Date: Mon, 11 Jun 2012 16:15:36 +0200
Subject: [Dovecot] Director problems
In-Reply-To: <7D649FE2-6FB4-4892-8FF2-EDA8ED4F2057@iki.fi>
References: <4FCF549F.70404@ehu.es>
	<DCE2FF6E-BD1A-4DD0-9E2C-29A7DB7B7CC9@iki.fi>
	<4FD5CBB7.9010301@ehu.es>
	<7D649FE2-6FB4-4892-8FF2-EDA8ED4F2057@iki.fi>
Message-ID: <4FD5FD88.6000005@ehu.es>


>>>> Second problem: if I try to add/remove/modify one of the dovecot servers, the output of doveadm director map/status seems to be ok, but any new user connection fails with this log:
>>>>
>>>> Jun  6 14:51:59 director dovecot: director: Warning: Delaying new user requests until ring is synced
>>>
>>> Looks like there's a bug when only one director is used. I'll try and fix it later..
>>
>> Thanks a lot for your support
>
> Fixed: http://hg.dovecot.org/dovecot-2.1/rev/46d01b728647
>

Works perfectly, thank you

From trybowski at aeropolis.pl  Mon Jun 11 17:31:10 2012
From: trybowski at aeropolis.pl (Krzysztof Trybowski)
Date: Mon, 11 Jun 2012 16:31:10 +0200
Subject: [Dovecot] Dovecot 2.1 stable packages for Debian?
In-Reply-To: <33993325.post@talk.nabble.com>
References: <CAC=fBB=VvVnArPZWe=UC5dKwqYb9NA_SaHySi9uoeD0rpwnwBQ@mail.gmail.com>
	<33993325.post@talk.nabble.com>
Message-ID: <CAC=fBBmPYT8eE8cobxfgF6-j9mUxZWb00tbBhPZhFjh2tcDLcQ@mail.gmail.com>

On Mon, Jun 11, 2012 at 4:03 PM, Tomislav Mihalicek
<tomislav.mihalicek at gmail.com> wrote:
>
> Here you go...
>
> cat /etc/apt/sources.list
>
> # latest dovecot
> # apt-get install debian-dovecot-auto-keyring
> deb http://xi.rename-it.nl/debian/ stable-auto/dovecot-2.1 main
> deb-src http://xi.rename-it.nl/debian/ stable-auto/dovecot-2.1 main

Hello Tomislav,
it doesn't seem to be what I'm looking for. These repositories are
referenced from the download site, but with an information that these
are built hourly and thus include any newest changes to the source.
Also a warning follows: ?Needless to say: do NOT use these
repositories for systems that need to be STABLE.?

What I'm looking for are packages of a released versions of 2.1, that
can be used in a production environment.

Regards, KT

From gedalya at gedalya.net  Mon Jun 11 17:36:31 2012
From: gedalya at gedalya.net (Gedalya)
Date: Mon, 11 Jun 2012 10:36:31 -0400
Subject: [Dovecot] Dovecot 2.1 stable packages for Debian?
In-Reply-To: <CAC=fBBmPYT8eE8cobxfgF6-j9mUxZWb00tbBhPZhFjh2tcDLcQ@mail.gmail.com>
References: <CAC=fBB=VvVnArPZWe=UC5dKwqYb9NA_SaHySi9uoeD0rpwnwBQ@mail.gmail.com>
	<33993325.post@talk.nabble.com>
	<CAC=fBBmPYT8eE8cobxfgF6-j9mUxZWb00tbBhPZhFjh2tcDLcQ@mail.gmail.com>
Message-ID: <4FD6026F.4070704@gedalya.net>

On 6/11/2012 10:31 AM, Krzysztof Trybowski wrote:
> On Mon, Jun 11, 2012 at 4:03 PM, Tomislav Mihalicek
> <tomislav.mihalicek at gmail.com> wrote:
>> Here you go...
>>
>> cat /etc/apt/sources.list
>>
>> # latest dovecot
>> # apt-get install debian-dovecot-auto-keyring
>> deb http://xi.rename-it.nl/debian/ stable-auto/dovecot-2.1 main
>> deb-src http://xi.rename-it.nl/debian/ stable-auto/dovecot-2.1 main
> Hello Tomislav,
> it doesn't seem to be what I'm looking for. These repositories are
> referenced from the download site, but with an information that these
> are built hourly and thus include any newest changes to the source.
> Also a warning follows: ?Needless to say: do NOT use these
> repositories for systems that need to be STABLE.?
>
> What I'm looking for are packages of a released versions of 2.1, that
> can be used in a production environment.
>
> Regards, KT

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=592959
http://www.prato.linux.it/~mnencia/debian/dovecot-squeeze/   - I'm using 
this and can say it works
http://people.debian.org/~morph/dovecot2-bpo60/


From nerijus.kislauskas at ktu.lt  Mon Jun 11 17:38:51 2012
From: nerijus.kislauskas at ktu.lt (Nerijus Kislauskas)
Date: Mon, 11 Jun 2012 17:38:51 +0300
Subject: [Dovecot] Dovecot 2.1 stable packages for Debian?
In-Reply-To: <33993325.post@talk.nabble.com>
References: <CAC=fBB=VvVnArPZWe=UC5dKwqYb9NA_SaHySi9uoeD0rpwnwBQ@mail.gmail.com>
	<33993325.post@talk.nabble.com>
Message-ID: <4FD602FB.1030406@ktu.lt>

On 06/11/2012 05:03 PM, Tomislav Mihalicek wrote:
> 
> Here you go...
> 
> cat /etc/apt/sources.list
> 
> # latest dovecot
> # apt-get install debian-dovecot-auto-keyring
> deb http://xi.rename-it.nl/debian/ stable-auto/dovecot-2.1 main
> deb-src http://xi.rename-it.nl/debian/ stable-auto/dovecot-2.1 main

They are not official packages. As I understand, questioner asks for
official ones. As a matter of fact - there are none for stable.

You can try to use it from testing with apt pinning and package
priorities. For example:

/etc/apt/apt.conf or /etc/apt/apt.conf.d/99stable:
APT::Default-Release "stable";

/etc/apt/preferences.d/dovecot
Package: dovecot*
Pin: release a=testing
Pin-Priority: 999

and use "apt-policy show dovecot-<whatever>" to check.
Testing packages still receives a lot of changes, so it will be a little
bit annoying for frequent updates. Let me know if you choose that way
and if it works for you.
-- 
Sincerely,
Nerijus Kislauskas

From l.messner at physik.tu-berlin.de  Mon Jun 11 17:43:45 2012
From: l.messner at physik.tu-berlin.de (Leon =?iso-8859-15?Q?Me=DFner?=)
Date: Mon, 11 Jun 2012 16:43:45 +0200
Subject: [Dovecot] auth_krb5_keytab ignored ?
In-Reply-To: <1339416976.5967.29.camel@hurina>
References: <20120608165902.GI89928@rosa.physik.tu-berlin.de>
	<1339416976.5967.29.camel@hurina>
Message-ID: <20120611144345.GK89928@rosa.physik.tu-berlin.de>

On Mon, Jun 11, 2012 at 03:16:16PM +0300, Timo Sirainen wrote:
> On Fri, 2012-06-08 at 18:59 +0200, Leon Me?ner wrote:
> > Hi list,
> > 
> > i noticed that when doing imap gssapi authentication with kerberos,
> > dovecot (here 2.1.7) always searches /etc/krb5.keytab although i have
> > auth_krb5_keytab = /etc/mail3.krb5.keytab in my etc/dovecot/dovecot.conf
> > and doveconf -n also show this setting. If i combine the keytabs in
> > krb5.keytab it works. Is there another location where i should put my
> > configuration regarding gssapi/kerberos ?
> 
> Try if this works:
> 
> import_environment = TZ GDB DEBUG_SILENT KRB5_KTNAME 
> 
> Then start Dovecot with:
> 
> KRB5_KTNAME=/etc/mail3.krb5.keytab dovecot
> 
> I'm wondering if the code in mech-gssapi.c that sets KRB5_KTNAME
> environment is being called too late.

It's still looking inside the default krb5.keytab .

/var/log/dovecot.log:
Jun 11 16:26:55 master: Info: Dovecot v2.1.7 starting up
Jun 11 16:26:55 auth: Debug: Loading modules from directory: /usr/local/lib/dovecot/auth
Jun 11 16:26:55 auth: Debug: auth client connected (pid=82646)
Jun 11 16:26:55 auth: Debug: auth client connected (pid=82648)
Jun 11 16:26:55 auth: Debug: auth client connected (pid=82647)
Jun 11 16:26:55 auth: Debug: auth client connected (pid=82649)
Jun 11 16:26:55 auth: Debug: auth client connected (pid=82651)
Jun 11 16:26:55 auth: Debug: auth client connected (pid=82653)
Jun 11 16:26:55 auth: Debug: auth client connected (pid=82655)
Jun 11 16:26:55 auth: Debug: auth client connected (pid=82652)
Jun 11 16:26:55 auth: Debug: auth client connected (pid=82656)
Jun 11 16:26:55 auth: Debug: auth client connected (pid=82657)
Jun 11 16:26:55 auth: Debug: auth client connected (pid=82650)
Jun 11 16:26:55 auth: Debug: auth client connected (pid=82654)
Jun 11 16:27:05 auth: Debug: auth client connected (pid=82669)
Jun 11 16:27:06 auth: Debug: client in: AUTH    1       GSSAPI  service=imap    secured session=DLX+JDPCLwCClTqR        lip=130.149.58.164      rip=130.149.58.145      lport=993       rport=29743
Jun 11 16:27:06 auth: Debug: gssapi(?,130.149.58.145,<DLX+JDPCLwCClTqR>): Obtaining credentials for imap at mail3.physik-pool.tu-berlin.de
Jun 11 16:27:06 auth: Debug: client out: CONT   1
Jun 11 16:27:06 auth: Debug: client in: CONT<hidden>
Jun 11 16:27:06 auth: Info: gssapi(?,130.149.58.145,<DLX+JDPCLwCClTqR>): While processing incoming data:  Miscellaneous failure (see text)
Jun 11 16:27:06 auth: Info: gssapi(?,130.149.58.145,<DLX+JDPCLwCClTqR>): While processing incoming data: Failed to find imap/mail3.physik-pool.tu-berlin.de at PCPOOL.PHYSIK.TU-BERLIN.DE(kvno 1) in keytab FILE:/etc/krb5.keytab (des3-cbc-sha1)
Jun 11 16:27:08 auth: Debug: client out: FAIL   1
Jun 11 16:27:18 auth: Debug: auth client connected (pid=82673)
Jun 11 16:27:18 imap-login: Info: Aborted login (no auth attempts in 0 secs): user=<>, rip=130.149.58.149, lip=130.149.58.164, TLS, session=<Vy6wJTPCAgCClTqV>
Jun 11 16:27:22 imap-login: Info: Aborted login (auth failed, 1 attempts in 16 secs): user=<>, method=GSSAPI, rip=130.149.58.145, lip=130.149.58.164, TLS, session=<DLX+JDPCLwCClTqR>
Jun 11 16:27:38 auth: Debug: auth client connected (pid=82681)
Jun 11 16:27:38 pop3-login: Info: Aborted login (no auth attempts in 0 secs): user=<>, rip=130.149.58.149, lip=130.149.58.164, TLS, session=<lhjfJjPCWwCClTqV>
Jun 11 16:27:45 master: Warning: Killed with signal 15 (by pid=82684 uid=0 code=kill)

From michael at orlitzky.com  Mon Jun 11 18:07:52 2012
From: michael at orlitzky.com (Michael Orlitzky)
Date: Mon, 11 Jun 2012 11:07:52 -0400
Subject: [Dovecot] Dovecot 2.1 stable packages for Debian?
In-Reply-To: <CAC=fBB=VvVnArPZWe=UC5dKwqYb9NA_SaHySi9uoeD0rpwnwBQ@mail.gmail.com>
References: <CAC=fBB=VvVnArPZWe=UC5dKwqYb9NA_SaHySi9uoeD0rpwnwBQ@mail.gmail.com>
Message-ID: <4FD609C8.9060809@orlitzky.com>

On 06/11/12 07:23, Krzysztof Trybowski wrote:
> Hello all,
> it is strange, but Dovecot 2.x still didn't make it into Debian (not
> even backports). It exists in testing, but that's still a long wait.
> OTOH there are official packages built every day (referenced from the
> download page). This puzzles me: why isn't there a build created from
> each stable, released version of Dovecot, so that users of Debian
> Stable could benefit from the new version, and run it on production
> environment? Could you (I mean ? the Dovecot team) provide such
> packages? This wouldn't require any major amount of work, since you
> already have daily builds produced. You would just have to run that
> building system once per each released version and keep it available
> for download.
> 
> The reason for this is relatively simple: I'm about to implement a new
> mail server, and I'd like to keep to Debian Stable while using Dovecot
> 2.x. This will make future updates much easier, as I won't have to
> face 1.2 -> 2.0 migration on a production system.

To wind up in Debian stable, a package has to go through a bunch of
testing, and that takes a long time. So you're never going to have
official packages for new software in Debian stable.

That's kind of the point of stable =)

From joe.beaubien at gmail.com  Mon Jun 11 18:13:17 2012
From: joe.beaubien at gmail.com (Joe Beaubien)
Date: Mon, 11 Jun 2012 11:13:17 -0400
Subject: [Dovecot] fts_lucene crashing
In-Reply-To: <080D29B1-72BD-40DE-B9D6-7E7838B97DB9@iki.fi>
References: <CAL7v5fuPNc0kkNLCrhMnonZQwGj28GhzwVK0jH=YSeeTjBRG_A@mail.gmail.com>
	<B4861DB2-FD88-4686-BAB3-5CB85A90A1AA@iki.fi>
	<CAL7v5fvb1JXzicMrvb37CYc4B4p+vKAsxDYNiU0dHHKDExJQkg@mail.gmail.com>
	<CAL7v5ft7omHS-XN_DH_UPiBThUCTpjRq1M84kRSf+o9TpdsSng@mail.gmail.com>
	<CAL7v5fsCWc-RGvTPqs9N_FeVzT7gtNz+9j9JcXzHUPze=DvJUQ@mail.gmail.com>
	<080D29B1-72BD-40DE-B9D6-7E7838B97DB9@iki.fi>
Message-ID: <CAL7v5fvymhYFrh=OPRFhnu1fuTJJVPwbVZGpxRT7ePV-OZnKVw@mail.gmail.com>

Thank you sir for the fix.


On Mon, Jun 11, 2012 at 9:16 AM, Timo Sirainen <tss at iki.fi> wrote:

> On 30.5.2012, at 22.13, Joe Beaubien wrote:
>
> >>>>>> May 22 14:51:51 mba dovecot: imap(formulaire): Panic: file
> >>>>>> lucene-wrapper.cc: line 196: unreached
> >
> > Thanks for the new release. Unfortunately, it doesn't seem to have fixed
> my
> > specific issue. I got you a gdb trace like you asked in a previous mail.
> I
> > hope that can help. If I didn't get the correct backtrace, or if you need
> > some other info from gdb let me know.
>
>
> Thanks. The problem was pretty far away from where I thought it was.
> Fixed: http://hg.dovecot.org/dovecot-2.1/rev/0fde692cb565
>
>

From fumiyas at osstech.jp  Mon Jun 11 18:24:44 2012
From: fumiyas at osstech.jp (SATOH Fumiyasu)
Date: Tue, 12 Jun 2012 00:24:44 +0900
Subject: [Dovecot] Dovecot auth process delays exiting if LDAPS passdb
	used
In-Reply-To: <4C795253-9E52-40AF-912F-AF044EB9DF28@iki.fi>
References: <87y5oi51ka.wl%fumiyas@osstech.jp>
	<87vcjm50kr.wl%fumiyas@osstech.jp>
	<1338305505.8270.10.camel@hurina>
	<87txynzuqs.wl%fumiyas@osstech.jp>
	<4C795253-9E52-40AF-912F-AF044EB9DF28@iki.fi>
Message-ID: <87d3557txf.wl%fumiyas@osstech.jp>

At Mon, 11 Jun 2012 15:30:59 +0300,
Timo Sirainen wrote:
> >>>> Dovecot auth process has a problem
> >>>> that Dovecot auth delays exiting about between 20 and
> >>>> 60 seconds when Dovecot dovecot (master) process is already
> >>>> terminated by an administrator.
> > 
> > Yes. I can reproduce with dovecot 1:2.1.7-1 (Debian unstable package)
> > with PAM passdb. This PAM environment is configured for
> > local UNIX passwd file only (no LDAP).
> 
> I can't reproduce this. I installed the 1:2.1.7-1 Debian unstable package. Put your dovecot.conf to /etc/dovecot/. Did:
> 
> /etc/init.d/dovecot start
> telnet localhost 143
> x login foo bar
> x logout
> /etc/init.d/dovecot stop
> 
> No dovecot processes left.

If an auth client remains a connection to dovecot/auth,
dovecot/auth does NOT exit immediately when dovecot master exits.

(1) Install Postfix and Dovecot.

      # apt-get install postfix dovecot

(2) Configure Postfix /etc/postfix/main.cf with the following:

      smtpd_sasl_auth_enable = yes
      smtpd_sasl_security_options =
      smtpd_sasl_type = dovecot
      smtpd_sasl_path = private/auth

(3) Configre Dovecot /etc/dovecot/conf.d/10-master with the following:

      service auth {
        unix_listener auth-userdb {
        }
        unix_listener /var/spool/postfix/private/auth {
          mode = 0666
        }
      }

(4) Start postfix and dovecot service.

  # /etc/init.d/dovecot start
  # /etc/init.d/postfix start

(5) Invoke Postfix smtpd(8), it connects to dovecot/auth socket.

      $ telnet localhost 25
      Trying 127.0.0.1...
      Connected to localhost.
      Escape character is '^]'.
      220 sugar.osstech.co.jp ESMTP Postfix
      AUTH PLAIN dummy
      535 5.7.8 Error: authentication failed:
      QUIT
      221 2.0.0 Bye
      Connection closed by foreign host.

    Or use netcat-openbsd to connect to dovecot/auth socket:

      # nc.openbsd -U /var/spool/postfix/private/dovecot-auth &
   
(6) Stop dovecot service.

  # /etc/init.d/dovecot stop

-- 
-- Name: SATOH Fumiyasu (fumiyas @ osstech co jp)
-- Business Home: http://www.OSSTech.co.jp/
-- GitHub Home: https://GitHub.com/fumiyas/

From tss at iki.fi  Mon Jun 11 18:26:57 2012
From: tss at iki.fi (Timo Sirainen)
Date: Mon, 11 Jun 2012 18:26:57 +0300
Subject: [Dovecot] auth_krb5_keytab ignored ?
In-Reply-To: <20120611144345.GK89928@rosa.physik.tu-berlin.de>
References: <20120608165902.GI89928@rosa.physik.tu-berlin.de>
	<1339416976.5967.29.camel@hurina>
	<20120611144345.GK89928@rosa.physik.tu-berlin.de>
Message-ID: <B6985F72-6E34-4D67-8470-3CEF77A17EDE@iki.fi>

On 11.6.2012, at 17.43, Leon Me?ner wrote:

>> Try if this works:
>> 
>> import_environment = TZ GDB DEBUG_SILENT KRB5_KTNAME 
>> 
>> Then start Dovecot with:
>> 
>> KRB5_KTNAME=/etc/mail3.krb5.keytab dovecot
>> 
>> I'm wondering if the code in mech-gssapi.c that sets KRB5_KTNAME
>> environment is being called too late.
> 
> It's still looking inside the default krb5.keytab .

Which Kerberos library are you using? Maybe it doesn't support this way of giving the keytab.


From tss at iki.fi  Mon Jun 11 18:32:35 2012
From: tss at iki.fi (Timo Sirainen)
Date: Mon, 11 Jun 2012 18:32:35 +0300
Subject: [Dovecot] Dovecot auth process delays exiting if LDAPS passdb
	used
In-Reply-To: <87d3557txf.wl%fumiyas@osstech.jp>
References: <87y5oi51ka.wl%fumiyas@osstech.jp>
	<87vcjm50kr.wl%fumiyas@osstech.jp>
	<1338305505.8270.10.camel@hurina>
	<87txynzuqs.wl%fumiyas@osstech.jp>
	<4C795253-9E52-40AF-912F-AF044EB9DF28@iki.fi>
	<87d3557txf.wl%fumiyas@osstech.jp>
Message-ID: <EF621718-076D-4214-90C2-E17A46F49492@iki.fi>

On 11.6.2012, at 18.24, SATOH Fumiyasu wrote:

> If an auth client remains a connection to dovecot/auth,
> dovecot/auth does NOT exit immediately when dovecot master exits.

Ah, now we're getting somewhere :) Yes, this is correct and intentional. But it should still close the listeners, so this shouldn't happen:

May 24 00:42:10 build-aix6 mail:err|error dovecot: master: Error: service(auth): Socket already exists: /opt/osstech/var/run/dovecot/auth-login

> (1) Install Postfix and Dovecot.
> 
>      # apt-get install postfix dovecot
> 
> (2) Configure Postfix /etc/postfix/main.cf with the following:
> 
>      smtpd_sasl_auth_enable = yes
>      smtpd_sasl_security_options =
>      smtpd_sasl_type = dovecot
>      smtpd_sasl_path = private/auth
> 
> (3) Configre Dovecot /etc/dovecot/conf.d/10-master with the following:
> 
>      service auth {
>        unix_listener auth-userdb {
>        }
>        unix_listener /var/spool/postfix/private/auth {
>          mode = 0666
>        }
>      }
> 
> (4) Start postfix and dovecot service.
> 
>  # /etc/init.d/dovecot start
>  # /etc/init.d/postfix start
> 
> (5) Invoke Postfix smtpd(8), it connects to dovecot/auth socket.
> 
>      $ telnet localhost 25
>      Trying 127.0.0.1...
>      Connected to localhost.
>      Escape character is '^]'.
>      220 sugar.osstech.co.jp ESMTP Postfix
>      AUTH PLAIN dummy
>      535 5.7.8 Error: authentication failed:
>      QUIT
>      221 2.0.0 Bye
>      Connection closed by foreign host.
> 
>    Or use netcat-openbsd to connect to dovecot/auth socket:
> 
>      # nc.openbsd -U /var/spool/postfix/private/dovecot-auth &
> 
> (6) Stop dovecot service.
> 
>  # /etc/init.d/dovecot stop

And (7) /etc/init.d/dovecot start fails?

From l.messner at physik.tu-berlin.de  Mon Jun 11 18:51:24 2012
From: l.messner at physik.tu-berlin.de (Leon =?iso-8859-15?Q?Me=DFner?=)
Date: Mon, 11 Jun 2012 17:51:24 +0200
Subject: [Dovecot] auth_krb5_keytab ignored ?
In-Reply-To: <B6985F72-6E34-4D67-8470-3CEF77A17EDE@iki.fi>
References: <20120608165902.GI89928@rosa.physik.tu-berlin.de>
	<1339416976.5967.29.camel@hurina>
	<20120611144345.GK89928@rosa.physik.tu-berlin.de>
	<B6985F72-6E34-4D67-8470-3CEF77A17EDE@iki.fi>
Message-ID: <20120611155124.GM89928@rosa.physik.tu-berlin.de>

On Mon, Jun 11, 2012 at 06:26:57PM +0300, Timo Sirainen wrote:
> On 11.6.2012, at 17.43, Leon Me?ner wrote:
> 
> >> Try if this works:
> >> 
> >> import_environment = TZ GDB DEBUG_SILENT KRB5_KTNAME 
> >> 
> >> Then start Dovecot with:
> >> 
> >> KRB5_KTNAME=/etc/mail3.krb5.keytab dovecot
> >> 
> >> I'm wondering if the code in mech-gssapi.c that sets KRB5_KTNAME
> >> environment is being called too late.
> > 
> > It's still looking inside the default krb5.keytab .
> 
> Which Kerberos library are you using? Maybe it doesn't support this way of giving the keytab.

I'm using the stock FreeBSD 8.2-RELEASE one which is heimdal-1.1.0 .
I will update the machine to 8.3 (which is the latest release in 8.x),
recompile and report my findings tomorrow.

thanks,
Leon

From fumiyas at osstech.jp  Mon Jun 11 19:39:47 2012
From: fumiyas at osstech.jp (SATOH Fumiyasu)
Date: Tue, 12 Jun 2012 01:39:47 +0900
Subject: [Dovecot] Dovecot auth process delays exiting if LDAPS passdb
	used
In-Reply-To: <EF621718-076D-4214-90C2-E17A46F49492@iki.fi>
References: <87y5oi51ka.wl%fumiyas@osstech.jp>
	<87vcjm50kr.wl%fumiyas@osstech.jp>
	<1338305505.8270.10.camel@hurina>
	<87txynzuqs.wl%fumiyas@osstech.jp>
	<4C795253-9E52-40AF-912F-AF044EB9DF28@iki.fi>
	<87d3557txf.wl%fumiyas@osstech.jp>
	<EF621718-076D-4214-90C2-E17A46F49492@iki.fi>
Message-ID: <87bokp7qgc.wl%fumiyas@osstech.jp>

At Mon, 11 Jun 2012 18:32:35 +0300,
Timo Sirainen wrote:
> > If an auth client remains a connection to dovecot/auth,
> > dovecot/auth does NOT exit immediately when dovecot master exits.
> 
> Ah, now we're getting somewhere :) Yes, this is correct and intentional. But it should still close the listeners, so this shouldn't happen:
> 
> May 24 00:42:10 build-aix6 mail:err|error dovecot: master: Error: service(auth): Socket already exists: /opt/osstech/var/run/dovecot/auth-login

> > (6) Stop dovecot service.
> > 
> >  # /etc/init.d/dovecot stop
> 
> And (7) /etc/init.d/dovecot start fails?

Yes: AIX 6.1, 7.1
No: Debian GNU/Linux stable, testing, unstable / Solaris 10

-- 
-- Name: SATOH Fumiyasu (fumiyas @ osstech co jp)
-- Business Home: http://www.OSSTech.co.jp/
-- GitHub Home: https://GitHub.com/fumiyas/

> > (1) Install Postfix and Dovecot.
> > 
> >      # apt-get install postfix dovecot
> > 
> > (2) Configure Postfix /etc/postfix/main.cf with the following:
> > 
> >      smtpd_sasl_auth_enable = yes
> >      smtpd_sasl_security_options =
> >      smtpd_sasl_type = dovecot
> >      smtpd_sasl_path = private/auth
> > 
> > (3) Configre Dovecot /etc/dovecot/conf.d/10-master with the following:
> > 
> >      service auth {
> >        unix_listener auth-userdb {
> >        }
> >        unix_listener /var/spool/postfix/private/auth {
> >          mode = 0666
> >        }
> >      }
> > 
> > (4) Start postfix and dovecot service.
> > 
> >  # /etc/init.d/dovecot start
> >  # /etc/init.d/postfix start
> > 
> > (5) Invoke Postfix smtpd(8), it connects to dovecot/auth socket.
> > 
> >      $ telnet localhost 25
> >      Trying 127.0.0.1...
> >      Connected to localhost.
> >      Escape character is '^]'.
> >      220 sugar.osstech.co.jp ESMTP Postfix
> >      AUTH PLAIN dummy
> >      535 5.7.8 Error: authentication failed:
> >      QUIT
> >      221 2.0.0 Bye
> >      Connection closed by foreign host.
> > 
> >    Or use netcat-openbsd to connect to dovecot/auth socket:
> > 
> >      # nc.openbsd -U /var/spool/postfix/private/dovecot-auth &
> > 
> > (6) Stop dovecot service.
> > 
> >  # /etc/init.d/dovecot stop
> 
> And (7) /etc/init.d/dovecot start fails?

From acrow at integrafin.co.uk  Mon Jun 11 22:05:57 2012
From: acrow at integrafin.co.uk (Alex Crow)
Date: Mon, 11 Jun 2012 20:05:57 +0100
Subject: [Dovecot] 2.1.7 shared folder index issued
Message-ID: <4FD64195.5070006@integrafin.co.uk>

Hi,

Sorry to bother the list again so soon after fixing my own problem, but 
I now have this issue when clients try to view shared folders in 
Thunderbird (v12). They can see the shared folder, but the first time 
they click on in nothing happens. The second time they get an 
authentication failure. The third or fourth time it finally loads the 
shared mailbox, and I see this a few times in the logs:

Jun 11 19:57:43 alsace dovecot: imap(sharedviewer at integrafin.co.uk): 
Error: mdbox map 
/home/indexes/integrafin.co.uk/t/sharedviewer/shared/sharedviewee at integrafin.co.uk/storage/dovecot.map.index 
corrupted: U
nexpectedly lost shared/viewee at integrafin.co.uk/INBOX uid=73129 
map_uid=74192
Jun 11 19:57:43 alsace dovecot: imap(sharedviewer at integrafin.co.uk): 
Disconnected: Internal error occurred. Refer to server log for more 
information. [2012-06-11 19:57:43] in=308 out=820
Jun 11 19:57:43 alsace dovecot: auth: Debug: auth client connected 
(pid=1957)

Ideally I'd like shared mailboxes to work in the first click - any ideas?

Cheers

Alex

From gedalya at gedalya.net  Mon Jun 11 22:39:39 2012
From: gedalya at gedalya.net (Gedalya)
Date: Mon, 11 Jun 2012 15:39:39 -0400
Subject: [Dovecot] question about changing certificate
In-Reply-To: <20120611122837.317410@gmx.net>
References: <20120611122837.317410@gmx.net>
Message-ID: <4FD6497B.6090007@gedalya.net>

On 06/11/2012 08:28 AM, oni-neko at gmx.net wrote:
> Good day!
>
> I'm having trouble changing certificate/keys for my dovecot(version 1.2.9).
> When I set up the server (unbuntu lts 10.4.4) I did it with a self-signed certificate. I can't remember exactly what I did, just that I followed the wiki and it worked fine =)
>
> Now I have to change the certificate because a friend bought an official one (from thawte) and I'm a bit stumped.
> As dovecot can use supposedly use the same file for both key and cert file, I copied the new certificate to /etc/ssl/private/dovecot.pem and to /etc/ssl/certs/dovecot.pem.

Are both files identical, do they both contain the private key?

Why keep two copies of the same file? That's confusing. If you don't 
want to use separate files for the certificate and the private key then 
just concatenate them both in a single file, private key first, and make 
sure it's owned by root and readable by no one but root.

Then just point ssl_cert_file and ssl_key_file to the same file. That 
should be more clear and consistent.

Your file should look like this:

-----BEGIN PRIVATE KEY-----
....etc...
-----END PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
....etc...
-----END CERTIFICATE-----

Followed by any intermediate CA certificates that might be necessary.

> some googling brought up the file ssl-cert-snakeoil.key in /etc/ssl/private and /etc/ssl/certs that some people change in that context. As I also have a symlink /etc/ssl/private/ssl-mail.key that points to /etc/ssl/private/ssl-cert-snakeoil.key I'm starting to be confused (even more). dovecot is using the dovecot.pem-files, who/what uses the ssl-mail.key?

If there's no reference to this file in dovecot's configuration then 
dovecot isn't using it. Maybe someone else e.g. postfix, maybe someone 
used to use it.. does it matter? It doesn't look like this is the source 
of your trouble.


From tss at iki.fi  Mon Jun 11 22:56:06 2012
From: tss at iki.fi (Timo Sirainen)
Date: Mon, 11 Jun 2012 22:56:06 +0300
Subject: [Dovecot] Dovecot auth process delays exiting if LDAPS passdb
	used
In-Reply-To: <87bokp7qgc.wl%fumiyas@osstech.jp>
References: <87y5oi51ka.wl%fumiyas@osstech.jp>
	<87vcjm50kr.wl%fumiyas@osstech.jp>
	<1338305505.8270.10.camel@hurina>
	<87txynzuqs.wl%fumiyas@osstech.jp>
	<4C795253-9E52-40AF-912F-AF044EB9DF28@iki.fi>
	<87d3557txf.wl%fumiyas@osstech.jp>
	<EF621718-076D-4214-90C2-E17A46F49492@iki.fi>
	<87bokp7qgc.wl%fumiyas@osstech.jp>
Message-ID: <6DEAF109-1B51-4060-BD38-D05BEC09BABB@iki.fi>

On 11.6.2012, at 19.39, SATOH Fumiyasu wrote:

> At Mon, 11 Jun 2012 18:32:35 +0300,
> Timo Sirainen wrote:
>>> If an auth client remains a connection to dovecot/auth,
>>> dovecot/auth does NOT exit immediately when dovecot master exits.
>> 
>> Ah, now we're getting somewhere :) Yes, this is correct and intentional. But it should still close the listeners, so this shouldn't happen:
>> 
>> May 24 00:42:10 build-aix6 mail:err|error dovecot: master: Error: service(auth): Socket already exists: /opt/osstech/var/run/dovecot/auth-login
> 
>>> (6) Stop dovecot service.
>>> 
>>> # /etc/init.d/dovecot stop
>> 
>> And (7) /etc/init.d/dovecot start fails?
> 
> Yes: AIX 6.1, 7.1
> No: Debian GNU/Linux stable, testing, unstable / Solaris 10

OK, so this is AIX specific. Two problems: 1) I have no access to AIX to test and debug this, 2) even if I did, I'm not very motivated in debugging possibly hours for a system that is very rarely used in email servers.. (If any AIX user wanted to buy one of the Dovecot support services, I could look into this and get it fixed in some way.)

It would also be possible to modify the sources a bit to get the pending processes killed immediately at shutdown.

From tss at iki.fi  Mon Jun 11 22:58:03 2012
From: tss at iki.fi (Timo Sirainen)
Date: Mon, 11 Jun 2012 22:58:03 +0300
Subject: [Dovecot] 2.1.7 shared folder index issued
In-Reply-To: <4FD64195.5070006@integrafin.co.uk>
References: <4FD64195.5070006@integrafin.co.uk>
Message-ID: <9243C1F4-94EF-4259-A37F-D32DC3A63902@iki.fi>

On 11.6.2012, at 22.05, Alex Crow wrote:

> Sorry to bother the list again so soon after fixing my own problem, but I now have this issue when clients try to view shared folders in Thunderbird (v12). They can see the shared folder, but the first time they click on in nothing happens. The second time they get an authentication failure. The third or fourth time it finally loads the shared mailbox, and I see this a few times in the logs:
> 
> Jun 11 19:57:43 alsace dovecot: imap(sharedviewer at integrafin.co.uk): Error: mdbox map /home/indexes/integrafin.co.uk/t/sharedviewer/shared/sharedviewee at integrafin.co.uk/storage/dovecot.map.index corrupted: U
> nexpectedly lost shared/viewee at integrafin.co.uk/INBOX uid=73129 map_uid=74192

http://wiki2.dovecot.org/SharedMailboxes/Shared#dbox


From acrow at integrafin.co.uk  Mon Jun 11 23:35:33 2012
From: acrow at integrafin.co.uk (Alex Crow)
Date: Mon, 11 Jun 2012 21:35:33 +0100
Subject: [Dovecot] 2.1.7 shared folder index issued
In-Reply-To: <9243C1F4-94EF-4259-A37F-D32DC3A63902@iki.fi>
References: <4FD64195.5070006@integrafin.co.uk>
	<9243C1F4-94EF-4259-A37F-D32DC3A63902@iki.fi>
Message-ID: <4FD65695.1030100@integrafin.co.uk>

On 11/06/12 20:58, Timo Sirainen wrote:
> On 11.6.2012, at 22.05, Alex Crow wrote:
>
>> Sorry to bother the list again so soon after fixing my own problem, but I now have this issue when clients try to view shared folders in Thunderbird (v12). They can see the shared folder, but the first time they click on in nothing happens. The second time they get an authentication failure. The third or fourth time it finally loads the shared mailbox, and I see this a few times in the logs:
>>
>> Jun 11 19:57:43 alsace dovecot: imap(sharedviewer at integrafin.co.uk): Error: mdbox map /home/indexes/integrafin.co.uk/t/sharedviewer/shared/sharedviewee at integrafin.co.uk/storage/dovecot.map.index corrupted: U
>> nexpectedly lost shared/viewee at integrafin.co.uk/INBOX uid=73129 map_uid=74192
> http://wiki2.dovecot.org/SharedMailboxes/Shared#dbox
>
>

Thanks Timo,

So should I just remove the INDEX part from the shared namespace? Or 
should I have the INDEX point to the sharer's indexes rather than the 
"sharee"?

I would like the person viewing the shared box to be able to see the 
message status set by the sharing party.

Cheers

Alex

From jesper at dahlnyerup.dk  Tue Jun 12 00:37:13 2012
From: jesper at dahlnyerup.dk (Jesper Dahl Nyerup)
Date: Mon, 11 Jun 2012 23:37:13 +0200
Subject: [Dovecot] Very High Load on Dovecot 2 and Errors in mail.err.
In-Reply-To: <E9D12C34-52A2-4DFF-9B9F-A95F29CD65F5@iki.fi>
References: <4FB35038.1000600@enas.net> <1337454348.4384.144.camel@innu>
	<4FB8C07B.5050604@enas.net>
	<4c605c0b2bc041f7f90300b36c716c22@us.es>
	<4FB8FFD7.5040301@enas.net>
	<20120611080907.GA11882@jespernyerup.dk>
	<E9D12C34-52A2-4DFF-9B9F-A95F29CD65F5@iki.fi>
Message-ID: <20120611213713.GA28704@jespernyerup.dk>

On Jun 11  14:51, Timo Sirainen wrote:
> On 11.6.2012, at 11.09, Jesper Dahl Nyerup wrote:
>
> > In short, as far as we can tell, all the processes in D state appear to
> > be waiting to close the file handle they got from their inotify_init(),
> > and eventually all these close()s go through almost simultaneously.
> 
> Yeah. Looks like a kernel bug. You could try if it goes away by disabling inotify in Dovecot. Either recompile with "configure --with-notify=none" or maybe you can disable inotify globally with:
> 
> echo 0 > /proc/sys/fs/inotify/max_user_watches
> echo 0 > /proc/sys/fs/inotify/max_user_instances

I can confirm that this removes the symptoms, and that it doesn't affect
the service. Obviously IDLEing users are now only notified upon polling
of the file system, but the I/O overhead of doing this seems minimal.

It may be important to note, that even though load on our servers
surpass 2000, both Dovecot and the server as a whole is responsive and
servicing requests, up until the point where Dovecot reaches its
configured maximal number of child processes.

We're still chasing the root cause in the kernel or the VServer patch
set. We'll of course make sure to post our findings here, and I'd very
much appreciate to hear about other people's progress.

Jesper.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20120611/c6c97bc4/attachment.bin>

From tss at iki.fi  Tue Jun 12 00:51:32 2012
From: tss at iki.fi (Timo Sirainen)
Date: Tue, 12 Jun 2012 00:51:32 +0300
Subject: [Dovecot] v2.0.21 released
Message-ID: <C1E80BFC-9F5E-4E7F-9C5F-CE69A7F0EEBB@iki.fi>

http://dovecot.org/releases/2.0/dovecot-2.0.21.tar.gz
http://dovecot.org/releases/2.0/dovecot-2.0.21.tar.gz.sig

        + dict: file backend supports now also fcntl/flock locking optionally
        - imap-login: Memory leak fixed
        - imap: Non-UTF8 input on SEARCH command parameters could have crashed
        - auth: Fixed crash with DIGEST-MD5 when attempting to do master user
          login without master passdbs. 
        - sdbox: Don't use more fds than necessary when copying mails.
        - mdbox kept the user's storage locked a bit longer than it needed to


From tss at iki.fi  Tue Jun 12 00:55:00 2012
From: tss at iki.fi (Timo Sirainen)
Date: Tue, 12 Jun 2012 00:55:00 +0300
Subject: [Dovecot] 2.1.7 shared folder index issued
In-Reply-To: <4FD65695.1030100@integrafin.co.uk>
References: <4FD64195.5070006@integrafin.co.uk>
	<9243C1F4-94EF-4259-A37F-D32DC3A63902@iki.fi>
	<4FD65695.1030100@integrafin.co.uk>
Message-ID: <E0B43005-C164-4CC5-853A-0429F12FAD39@iki.fi>

On 11.6.2012, at 23.35, Alex Crow wrote:

>>> Jun 11 19:57:43 alsace dovecot: imap(sharedviewer at integrafin.co.uk): Error: mdbox map /home/indexes/integrafin.co.uk/t/sharedviewer/shared/sharedviewee at integrafin.co.uk/storage/dovecot.map.index corrupted: U
>>> nexpectedly lost shared/viewee at integrafin.co.uk/INBOX uid=73129 map_uid=74192
>> http://wiki2.dovecot.org/SharedMailboxes/Shared#dbox
>> 
>> 
> 
> Thanks Timo,
> 
> So should I just remove the INDEX part from the shared namespace? Or should I have the INDEX point to the sharer's indexes rather than the "sharee"?

That depends on if the regular mail_location has any INDEX or not. In any case they must point to the same index.


From tss at iki.fi  Tue Jun 12 00:57:21 2012
From: tss at iki.fi (Timo Sirainen)
Date: Tue, 12 Jun 2012 00:57:21 +0300
Subject: [Dovecot] Very High Load on Dovecot 2 and Errors in mail.err.
In-Reply-To: <20120611213713.GA28704@jespernyerup.dk>
References: <4FB35038.1000600@enas.net> <1337454348.4384.144.camel@innu>
	<4FB8C07B.5050604@enas.net>
	<4c605c0b2bc041f7f90300b36c716c22@us.es>
	<4FB8FFD7.5040301@enas.net>
	<20120611080907.GA11882@jespernyerup.dk>
	<E9D12C34-52A2-4DFF-9B9F-A95F29CD65F5@iki.fi>
	<20120611213713.GA28704@jespernyerup.dk>
Message-ID: <722AEC19-15CD-4569-ADDD-CEDB355E1EAB@iki.fi>

On 12.6.2012, at 0.37, Jesper Dahl Nyerup wrote:

>> Yeah. Looks like a kernel bug. You could try if it goes away by disabling inotify in Dovecot. Either recompile with "configure --with-notify=none" or maybe you can disable inotify globally with:
>> 
>> echo 0 > /proc/sys/fs/inotify/max_user_watches
>> echo 0 > /proc/sys/fs/inotify/max_user_instances
> 
> I can confirm that this removes the symptoms, and that it doesn't affect
> the service. Obviously IDLEing users are now only notified upon polling
> of the file system, but the I/O overhead of doing this seems minimal.

It actually doesn't increase I/O overhead at all. Dovecot always does polling, even with inotify, since inotify doesn't necessarily work with shared filesystems (e.g. NFS). The main difference is that users don't get immediate notifications of new mails now, but have to wait for mailbox_idle_check_interval.


From lists at sfricke.de  Tue Jun 12 02:32:45 2012
From: lists at sfricke.de (Stefan Fricke)
Date: Tue, 12 Jun 2012 01:32:45 +0200
Subject: [Dovecot] Sieve: Mailbox doesn't exist
Message-ID: <1660278.PoqUOhb7Bf@x>

I have just set up a mail server on Ubuntu, using Postfix and Dovecot 2.0.19. 
It works well but I can't get Sieve working. I always get the error that the 
target mailbox doesn't exist. In fact it doesn't but isn'r Dovecot supposed to 
create it?

Here is my doveconf -n:

# 2.0.19: /etc/dovecot/dovecot.conf
# OS: Linux 3.2.0-24-generic x86_64 Ubuntu 12.04 LTS 
mail_debug = yes
mail_location = maildir:~/Maildir
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character 
vacation subaddress comparator-i;ascii-numeric relational regex imap4flags 
copy include variables body enotify environment mailbox date ihave
passdb {
  driver = pam
}
plugin {
  sieve = ~/.dovecot.sieve
  sieve_dir = ~/sieve                                                                                                                       
}                                                                                                                                           
protocols = imap pop3 sieve
service auth {
  unix_listener /var/spool/postfix/private/dovecot-auth {
    group = postfix
    mode = 0660
    user = postfix
  }
}
service managesieve-login {
  inet_listener sieve {
    port = 4190
  }
  service_count = 1
}
ssl_cert = </etc/ssl/certs/dovecot.pem
ssl_cipher_list = ALL:!LOW:!SSLv2:ALL:!aNULL:!ADH:!eNULL:!EXP:RC4+RSA:+HIGH:
+MEDIUM
ssl_key = </etc/ssl/private/dovecot.pem
userdb {
  driver = passwd
}
protocol imap {
  imap_client_workarounds = delay-newmail
  mail_max_userip_connections = 10
}
protocol pop3 {
  mail_max_userip_connections = 10
  pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
}
protocol lda {
  deliver_log_format = msgid=%m: %$
  mail_plugins = sieve
  postmaster_address = postmaster
  quota_full_tempfail = yes
  rejection_reason = Your message to <%t> was automatically rejected:%n%r
}




From walkerrichardj at gmail.com  Tue Jun 12 06:44:10 2012
From: walkerrichardj at gmail.com (Richard Walker)
Date: Tue, 12 Jun 2012 13:44:10 +1000
Subject: [Dovecot] Getting duplicates despite trying hard to match lock
	styles
Message-ID: <CAFyNgSGPfEnq=BE8J_Sgsp6D42WaWGmi4HNTVdb7NZXwYcBgmg@mail.gmail.com>

I'm attempting to replace (a) a very old setup that has POP (qpopper)
access to inboxes and a separate UW IMAP server that provides folders,
with (b) a shiny new mail setup with dovecot providing both inboxes
and IMAP support.

For the new mail server I created a virtual machine running a minimal
Fedora 16 installation and installed sendmail, MIMEDefang,
SpamAssassin, ClamAV, procmail, and dovecot.  I have kept installing
updates as they become available.

For now I'm running the old and new mail setups in parallel; I have
configured the original sendmail server to forward copies of incoming
messages to the new sendmail running on the virtual machine.  I then
compare the results (e.g., how spam filtering is working).

I've kept as much as possible of the original _style_ of setup as
possible, which in particular means using sendmail, and message
delivery through procmail to mbox files in /var/spool/mail.  The key
difference is the use of dovecot to provide IMAP access to the inbox
and IMAP folders.

Because of the legacy setup, my desktop access to email is via
Thunderbird 2.0.0.22 on a very old Mac PowerBook G4 to work with both
old and new setups and I have two windows open to make comparison
possible.  (Yes, both mail servers are on separate computers, not on
this notebook.)

Mostly this is working fine (after a fair bit of tweaking, including
adding custom SELinux rules to get rid of all AVCs).  I put the
notebook to sleep overnight, and in the morning I open it up and see
what happens.  After a few minutes, the window with the old setup does
its POP fetch; the window with the new setup almost straightaway shows
the new messages in its version of the inbox.

Not quite: again, for legacy reasons I have some Thunderbird filters,
and I have duplicated those (still within Thunderbird) for the new
setup.  The filters are:
1. Move messages tagged as spam by SpamAssassin to the Junk folder.
2. Move messages from GeoNetwork-related senders to a "GeoNetwork"
   folder.
3. Move all remaining messages to the "In" folder.

Most mornings this works just fine.  But not always.  Sometimes I get
duplicates in the "In" and "GeoNetwork" folders of the new
dovecot-based setup.  I used to get _garbled_ duplicates (with extra
random bits of other messages at the end of the duplicates) in the new
setup, which I presumed must be due to a locking configuration
mismatch.  Having fixed that (see below) I no longer get garbled
duplicates, but I do still sometimes (including today) get identical
duplicates.  This seems to happen when one of the incoming messages
has a very large attachment - but you may wish to treat that as
hearsay.

I attach below:
0. The line from /etc/mtab on the new server that covers the
   filesystem (i.e., including /var/spool and /home).
1. Output of "doveconf -n" and a note about how I modified locking
   from the Fedora default.
2. Output of "procmail -v".
3. Sendmail procmail mailer config (for good measure; I don't think
   you need this).
4. An excerpt from /var/log/maillog on the new server showing the
   beginning of dovecot processing this morning when I opened my
   notebook.
5. A link to the dovecot raw log files of my "INBOX" and "In" folder
   processing from this morning.

You'll see from the dovecot log files that Thunderbird sends expunge
commands, but the expunged messages hang around -- indeed, the same
messages get expunged several times!  And eventually they get fetched
again -- hence the duplicates I see in Thunderbird.

Given that INBOX.out contains:

08:56:53.765423 * 537 EXISTS
08:56:53.765423 * 533 RECENT

and then, after many expunges:

08:56:58.441341 * 16 EXPUNGE
08:56:58.441341 * 11 EXPUNGE
08:56:58.441341 * 3 EXPUNGE
08:56:58.441341 * 539 EXISTS
08:56:58.441341 * 536 RECENT
08:56:58.441341 9 OK Expunge completed.

it looks like I still have a locking problem.  I have tried very hard
to understand the locking options in dovecot.conf and to match dovecot
with procmail -- apparently, there is more to do.


0. The line from /etc/mtab for the filesystem:

----------
/dev/mapper/vg_f16i386serverbasic-lv_root / ext4
rw,seclabel,relatime,user_xattr,acl,barrier=1,data=ordered 0 0
----------


1. doveconf -n says:

----------
# 2.0.20: /etc/dovecot/dovecot.conf
# OS: Linux 3.3.6-3.fc16.i686.PAE i686 Fedora release 16 (Verne)
mail_debug = yes
mail_privileged_group = mail
namespace {
  hidden = yes
  inbox = yes
  list = no
  location = mbox:~/mail:INBOX=/var/spool/mail/%u
  prefix = "#mbox/"
  separator = /
  type = private
}
namespace {
  inbox = no
  location = maildir:~/Maildir
  prefix =
  separator = /
  type = private
}
passdb {
  driver = pam
}
service imap-login {
  inet_listener imap {
    address = localhost
  }
}
service imap {
  executable = imap postlogin
}
service pop3-login {
  inet_listener pop3 {
    address = localhost
  }
}
service postlogin {
  executable = script-login -d rawlog -t
}
ssl_cert = </etc/pki/dovecot/certs/dovecot.pem
ssl_key = </etc/pki/dovecot/private/dovecot.pem
userdb {
  driver = passwd
}
----------

Note that the default Fedora installation specifies:

  mbox_write_locks = fcntl

and I commented that out.  This seems  to restore the default setting of:

  mbox_write_locks = dotlock fcntl

to match procmail.


2. procmail -v (run as me) says:

----------
procmail v3.22 2001/09/10
    Copyright (c) 1990-2001, Stephen R. van den Berg    <srb at cuci.nl>
    Copyright (c) 1997-2001, Philip A. Guenther         <guenther at sendmail.com>

Submit questions/answers to the procmail-related mailinglist by sending to:
        <procmail-users at procmail.org>

And of course, subscription and information requests for this list to:
        <procmail-users-request at procmail.org>

Locking strategies:     dotlocking, fcntl()
Default rcfile:         $HOME/.procmailrc
        It may be writable by your primary group
Your system mailbox:    /var/spool/mail/rw
----------

(There is no $HOME/.procmailrc or other system-wide procmailrc.)

3. The mailer as defined in sendmail.cf says:

----------
Mlocal,         P=/usr/bin/procmail, F=lsDFMAw5:/|@qSPfhn9,
S=EnvFromL/HdrFromL, R=EnvToL/HdrToL,
                T=DNS/RFC822/X-Unix,
                A=procmail -t -Y -a $h -d $u
----------

4. The relevant lines from /var/log/maillog:

----------
Jun 12 08:56:53 localhost dovecot: imap-login: Login: user=<rw>,
method=PLAIN, rip=192.168.2.200, lip=192.168.2.188, mpid=21618, TLS
Jun 12 08:56:53 localhost dovecot: imap(rw): Debug: Effective
uid=1000, gid=100, home=/home/rw
Jun 12 08:56:53 localhost dovecot: imap(rw): Debug: Namespace :
type=private, prefix=#mbox/, sep=/, inbox=yes, hidden=yes, list=no,
subscriptions=yes location=mbox:~/mail:INBOX=/var/spool/mail/rw
Jun 12 08:56:53 localhost dovecot: imap(rw): Debug: fs:
root=/home/rw/mail, index=, control=, inbox=/var/spool/mail/rw, alt=
Jun 12 08:56:53 localhost dovecot: imap(rw): Debug: Namespace :
type=private, prefix=, sep=/, inbox=no, hidden=no, list=yes,
subscriptions=yes location=maildir:~/Maildir
Jun 12 08:56:53 localhost dovecot: imap(rw): Debug: maildir++:
root=/home/rw/Maildir, index=, control=, inbox=, alt=
Jun 12 08:56:58 localhost dovecot: imap-login: Login: user=<rw>,
method=PLAIN, rip=192.168.2.200, lip=192.168.2.188, mpid=21625, TLS
Jun 12 08:56:58 localhost dovecot: imap(rw): Debug: Effective
uid=1000, gid=100, home=/home/rw
Jun 12 08:56:58 localhost dovecot: imap(rw): Debug: Namespace :
type=private, prefix=#mbox/, sep=/, inbox=yes, hidden=yes, list=no,
subscriptions=yes location=mbox:~/mail:INBOX=/var/spool/mail/rw
Jun 12 08:56:58 localhost dovecot: imap(rw): Debug: fs:
root=/home/rw/mail, index=, control=, inbox=/var/spool/mail/rw, alt=
Jun 12 08:56:58 localhost dovecot: imap(rw): Debug: Namespace :
type=private, prefix=, sep=/, inbox=no, hidden=no, list=yes,
subscriptions=yes location=maildir:~/Maildir
Jun 12 08:56:58 localhost dovecot: imap(rw): Debug: maildir++:
root=/home/rw/Maildir, index=, control=, inbox=, alt=
Jun 12 08:57:03 localhost dovecot: imap-login: Login: user=<rw>,
method=PLAIN, rip=192.168.2.200, lip=192.168.2.188, mpid=21632, TLS
Jun 12 08:57:03 localhost dovecot: imap(rw): Debug: Effective
uid=1000, gid=100, home=/home/rw
Jun 12 08:57:03 localhost dovecot: imap(rw): Debug: Namespace :
type=private, prefix=#mbox/, sep=/, inbox=yes, hidden=yes, list=no,
subscriptions=yes location=mbox:~/mail:INBOX=/var/spool/mail/rw
Jun 12 08:57:03 localhost dovecot: imap(rw): Debug: fs:
root=/home/rw/mail, index=, control=, inbox=/var/spool/mail/rw, alt=
Jun 12 08:57:03 localhost dovecot: imap(rw): Debug: Namespace :
type=private, prefix=, sep=/, inbox=no, hidden=no, list=yes,
subscriptions=yes location=maildir:~/Maildir
Jun 12 08:57:03 localhost dovecot: imap(rw): Debug: maildir++:
root=/home/rw/Maildir, index=, control=, inbox=, alt=
----------

5. dovecot raw logs for "INBOX" and "In".

Because I have trouble comparing times in epoch format, I've run the
logs through a little filter that replaces the timestamps at the
beginning of each line with a timestamp in HH:MM:SS.nanosecond format
in local time.

I've carefully deleted lots of (what I hope are) lines you don't need
from the logs.  E.g., I deleted the middle section of a block of FETCH
statements, leaving the first few and the last few.  Please let me
know if I deleted too much -- I was trying to be helpful.

And of course I replaced e-mail address/subject lines/etc with
XXXXXXXXXX.

Although the Thunderbird filters are "supposed" to be run in the order
I listed above, it seems that Thunderbird fetches all headers, works
out what messages should be filtered to which folders, and then sends
corresponding IMAP commands that copy the messages to the other
folders in a _different_ order of the filters.  (I.e., the INBOX log
shows copy/store/expunge operations in the order "In", "Junk", then
"GeoNetwork", rather than "Junk", "GeoNetwork", "In".)

I have renamed the in/out log files as
INBOX.in, INBOX.out, In.in, In.out and uploaded them to:

https://sites.google.com/site/rwdownloadssite/dovecot-logs

Thanks in advance to anyone who is willing to take a look and advise
what I need to do.

From walkerrichardj at gmail.com  Tue Jun 12 06:58:33 2012
From: walkerrichardj at gmail.com (Richard Walker)
Date: Tue, 12 Jun 2012 13:58:33 +1000
Subject: [Dovecot] Getting duplicates despite trying hard to match lock
	styles
In-Reply-To: <CAFyNgSGPfEnq=BE8J_Sgsp6D42WaWGmi4HNTVdb7NZXwYcBgmg@mail.gmail.com>
References: <CAFyNgSGPfEnq=BE8J_Sgsp6D42WaWGmi4HNTVdb7NZXwYcBgmg@mail.gmail.com>
Message-ID: <CAFyNgSF1KT-_cAOaws_dwgSEjGi97AN1SBKnkDDdv=tj4=a5Ng@mail.gmail.com>

On 12/06/2012, Richard Walker <walkerrichardj at gmail.com> wrote:
> 1. Output of "doveconf -n" and a note about how I modified locking
>    from the Fedora default.

Oops, I can send more of the config if necessary -- again, I
was trying to be "helpful" by cutting out the default settings.

The output of "doveconf | grep lock" is:

dotlock_use_excl = yes
lock_method = fcntl
mail_max_lock_timeout = 0
mbox_dotlock_change_timeout = 2 mins
mbox_lock_timeout = 5 mins
mbox_read_locks = fcntl
mbox_write_locks = dotlock fcntl
pop3_lock_session = no

From a.kostyrev at serverc.ru  Tue Jun 12 10:29:03 2012
From: a.kostyrev at serverc.ru (=?koi8-r?B?68/T1NnSxdcg4czFy9PBzsTSIOHMxcvTxcXXyd4=?=)
Date: Tue, 12 Jun 2012 18:29:03 +1100
Subject: [Dovecot] director: non standart ports at backends
In-Reply-To: <8568BABD-F72C-47B2-B9A4-4902410404C6@iki.fi>
References: <213B51F00051AE48A9F0E112880177178F79EF@Delta.sc.local>
	<BB82CF1C-7AB9-49C4-BF90-03A9059BA5E3@iki.fi>
	<213B51F00051AE48A9F0E112880177178F79F0@Delta.sc.local>
	<8568BABD-F72C-47B2-B9A4-4902410404C6@iki.fi>
Message-ID: <213B51F00051AE48A9F0E112880177178F79F1@Delta.sc.local>

Thanks, that worked!

I ended up with:
password_query = select 'y' as proxy, \
NULL AS password, \
'y' as nopassword, \
case '%a' \
when 110  then 2110  \
when 995  then 2995  \
when 143  then 2143  \
when 993  then 2993  \
when 24   then 224   \
when 4190 then 24190 end \
as port, \
case '%a' \
when 995 then 'any-cert' \
when 993 then 'any-cert' end \
as `ssl`;




-----Original Message-----
From: Timo Sirainen [mailto:tss at iki.fi] 
Sent: Monday, June 11, 2012 11:48 PM
To: ???????? ????????? ??????????
Cc: dovecot at dovecot.org
Subject: Re: [Dovecot] director: non standart ports at backends

Looking at your old mails, you seem to be using passdb static for director, but userdb sql? So you could switch to:

passdb {
 driver = sql
 args = /etc/dovecot/dovecot-sql.conf
}

password_query = select 'y' as proxy, 'y' as nopassword, if('%a'=143, 1430, 9930) as port

where you'd change the if() to something that handles %s=imap vs %s=pop3 vs %s=lmtp and %a=143 vs %a=993 vs %a=110 vs %a=995. Maybe a "case" statement would be less ugly. Or simply make it a real table in sql. Anyway, that's the basic idea.

On 11.6.2012, at 15.39, ???????? ????????? ?????????? wrote:

> thanks Timo, for you time
> but I still don't get it)
> should I return "port" with just "port_num1,port_num2" value or how?
> I've tried to google an example but with no success.
> 
> -----Original Message-----
> From: Timo Sirainen [mailto:tss at iki.fi] 
> Sent: Monday, June 11, 2012 11:01 PM
> To: ???????? ????????? ??????????
> Cc: dovecot at dovecot.org
> Subject: Re: [Dovecot] director: non standart ports at backends
> 
> On 11.6.2012, at 12.27, ???????? ????????? ?????????? wrote:
> 
>> hello,
>> I'm trying to figure out how to proxy pop3 and pop3s that listens on non-standart ports at backends.
>> For example, pop3 is at 1110 and pop3s at 1995 (on backend side).
>> is it possible? 
>> how should I separate this ports in director's config?
>> it's easy for one port:
>> for example lmtp - you just use passdb in protocol lmtp {}
> 
> The passdb needs to return the "port" field. You can't use static passdb for this, since it has no conditionals and you can't do per-port configuration. Maybe use sqlite (simply to use it as a scripting engine - empty database) or checkpassword as your passdb.
> 


From rago at lal.in2p3.fr  Tue Jun 12 12:41:47 2012
From: rago at lal.in2p3.fr (Emiliano Rago)
Date: Tue, 12 Jun 2012 11:41:47 +0200
Subject: [Dovecot] Authentication issue
In-Reply-To: <20120609191958.GA12009@daniel.localdomain>
References: <4FD0EB43.8070104@lal.in2p3.fr>
	<20120609191958.GA12009@daniel.localdomain>
Message-ID: <4FD70EDB.6060105@lal.in2p3.fr>

On 06/09/2012 09:19 PM, Daniel Parthey wrote:
 > Hi Emiliano,
 >
 > Emiliano Rago wrote:
 >> I need to set up a weird dovecot configuration:
 >>
 >> 1) outside a ssl tunnel I'd like to authenticate only with cram-md5 
scheme
 >> 2) inside a ssl tunnel  I'd like to authenticate only with plain auth
 >
 > You might try to set up two instances of dovecot, one for plain, one 
for ssl:
 >
 > 
http://wiki2.dovecot.org/RunningDovecot#Running_Multiple_Invocations_of_Dovecot

Uhmmm, I don't like too much that solution,
anyway, thank you very much!

Regards,
Emiliano

From amateo at um.es  Tue Jun 12 13:23:28 2012
From: amateo at um.es (Angel L. Mateo)
Date: Tue, 12 Jun 2012 12:23:28 +0200
Subject: [Dovecot] Problem with lmtp director proxy
Message-ID: <4FD718A0.50605@um.es>

Hi,

	I have a timeout problem only when I have heavy load in my system. I 
have two director servers directing to 4 backend servers.

	The problem is when my smtp relays tries to deliver mail to my users 
via lmtp (proxied with director).

	In the smtp logs I have:

Jun 12 11:41:18 xenon13 postfix/lmtp[4248]: 4433E5D5A0: 
to=<myuser at um.es>, relay=pop.um.es[155.54.212.106]:24, delay=31, 
delays=0.41/0.06/0/30, dsn=4.4.0, status=deferred (host 
pop.um.es[155.54.212.106] said: 451 4.4.0 Remote server not answering 
(timeout while waiting for reply to DATA reply) (in reply to end of DATA 
command))

	If I look for this connection in the director servers I have:

Jun 12 11:40:39 myotis41 dovecot: lmtp(6595): Connect from 155.54.212.167
Jun 12 11:40:39 myotis41 dovecot: lmtp(6595): Debug: auth input: 
user=user1 proxy host=155.54.211.163 proxy_refresh=450
Jun 12 11:40:39 myotis41 dovecot: lmtp(6595): Debug: auth input: 
user=user2 proxy host=155.54.211.163 proxy_refresh=450
....  (more users, a total of 34 recipients)
Jun 12 11:40:39 myotis41 dovecot: lmtp(6595): Debug: auth input: 
user=myuser proxy host=155.54.211.164 proxy_refresh=450
...
Jun 12 11:41:09 myotis41 dovecot: lmtp(6595): Disconnect from 
155.54.212.167: Client quit (in reset)

	and in one of the final server (the one for the user in question):

Jun 12 11:40:38 myotis34 dovecot: lmtp(16824): Connect from 155.54.211.186
Jun 12 11:40:38 myotis34 dovecot: lmtp(16824, <user1>): wJ9BD7YM10
+4QQAAG5O5Qg: sieve: 
msgid=<182283367.48.1339494011054.JavaMail.tomcat at sakai-prod4>: stored 
mail into mailbox 'INBOX'
...
Jun 12 11:41:10 myotis34 dovecot: lmtp(16824, <myuser>): wJ9BD7YM10+4QQA
AG5O5Qg: sieve: 
msgid=<182283367.48.1339494011054.JavaMail.tomcat at sakai-prod4>: stored 
mail into mailbox 'INBOX'
...
Jun 12 11:41:11 myotis34 dovecot: lmtp(16824): Disconnect from 
155.54.211.186: Connection closed (in reset)

	So the mail seems to be correctly delivered in about 30 seconds. All my 
postfix timeouts are bigger than this time:

lmtp_connect_timeout = 0s
lmtp_connection_cache_time_limit = 2s
lmtp_connection_reuse_time_limit = 300s
lmtp_data_done_timeout = 600s
lmtp_data_init_timeout = 120s
lmtp_data_xfer_timeout = 180s
lmtp_lhlo_timeout = 300s
lmtp_mail_timeout = 300s
lmtp_pix_workaround_delay_time = 10s
lmtp_pix_workaround_threshold_time = 500s
lmtp_quit_timeout = 300s
lmtp_rcpt_timeout = 300s
lmtp_rset_timeout = 20s
lmtp_sasl_auth_cache_time = 90d
lmtp_starttls_timeout = 300s
lmtp_tls_session_cache_timeout = 3600s
lmtp_xforward_timeout = 300s

	So... why do I have this error?

	As a side effect this mail was delivered twice in the user's  mailbox, 
this is one and the other when postfix retries again.

	Any help? Thank you


-- 
Angel L. Mateo Mart?nez
Secci?n de Telem?tica
?rea de Tecnolog?as de la Informaci?n       _o)
y las Comunicaciones Aplicadas (ATICA)      / \\
http://www.um.es/atica                    _(___V
Tfo: 868887590
Fax: 868888337

From janfrode at tanso.net  Tue Jun 12 13:38:54 2012
From: janfrode at tanso.net (Jan-Frode Myklebust)
Date: Tue, 12 Jun 2012 12:38:54 +0200
Subject: [Dovecot] Problem with lmtp director proxy
In-Reply-To: <4FD718A0.50605@um.es>
References: <4FD718A0.50605@um.es>
Message-ID: <20120612103854.GA29754@dibs.tanso.net>

On Tue, Jun 12, 2012 at 12:23:28PM +0200, Angel L. Mateo wrote:
> I have two director servers directing to 4 backend servers.

Which dovecot version are you running on your directors and backends?

We're running 2.0.14 plus the below linked patches and have not
since this problem since applying the last one.


	http://hg.dovecot.org/dovecot-2.0/raw-rev/8de8752b2e94
	http://hg.dovecot.org/dovecot-2.0/rev/71084b799a6c


  -jf

From amateo at um.es  Tue Jun 12 13:47:40 2012
From: amateo at um.es (Angel L. Mateo)
Date: Tue, 12 Jun 2012 12:47:40 +0200
Subject: [Dovecot] Problem with lmtp director proxy
In-Reply-To: <20120612103854.GA29754@dibs.tanso.net>
References: <4FD718A0.50605@um.es> <20120612103854.GA29754@dibs.tanso.net>
Message-ID: <4FD71E4C.1010509@um.es>

El 12/06/12 12:38, Jan-Frode Myklebust escribi?:
> On Tue, Jun 12, 2012 at 12:23:28PM +0200, Angel L. Mateo wrote:
>> I have two director servers directing to 4 backend servers.
>
> Which dovecot version are you running on your directors and backends?
>
	2.1.5

> We're running 2.0.14 plus the below linked patches and have not
> since this problem since applying the last one.
>
>
> 	http://hg.dovecot.org/dovecot-2.0/raw-rev/8de8752b2e94
> 	http://hg.dovecot.org/dovecot-2.0/rev/71084b799a6c
>
	I have checked if those patchs are included:

* The first one seems not to apply, because it's for lmtp-proxy.c and 
this file seems completely different than the one in the patch
* The second is already applied

-- 
Angel L. Mateo Mart?nez
Secci?n de Telem?tica
?rea de Tecnolog?as de la Informaci?n       _o)
y las Comunicaciones Aplicadas (ATICA)      / \\
http://www.um.es/atica                    _(___V
Tfo: 868887590
Fax: 868888337

From rago at lal.in2p3.fr  Tue Jun 12 15:08:31 2012
From: rago at lal.in2p3.fr (Emiliano Rago)
Date: Tue, 12 Jun 2012 14:08:31 +0200
Subject: [Dovecot] doveadm doesn't subscribe to public folders
Message-ID: <4FD7313F.9060406@lal.in2p3.fr>

Hi,

I'd like to subscribe folder with doveadm:

doveadm mailbox subscribe -u rago public.Conferences

This command doesn't work, while it works with an ordinary folder.
However it's possible to subscribe to the folder with an imap connection:

1 login rago "mypasswd"
1 OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE 
IDLE SORTSORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT 
CHILDREN NAMESPCE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC 
ESEARCH ESORT SEARCHRES ITHIN CONTEXT=SEARCH LIST-STATUS ACL 
RIGHTS=texk] Logged in
2 LSUB "" *
* LSUB () "." "INBOX"
2 OK Lsub completed.
3 SUBSCRIBE "public.Conferences"
3 OK Subscribe completed.
4 LSUB "" *
* LSUB () "." "INBOX"
* LSUB () "." "public.Conferences"
4 OK Lsub completed.

Am I doing anything wrong?

This is my conf, thx for help,
Emiliano

# 2.0.9: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.32-220.4.1.el6.x86_64 x86_64 Red Hat Enterprise Linux 
Server release 5 (Tikanga) ext4
auth_cache_size = 128 M
auth_master_user_separator = *
auth_mechanisms = plain cram-md5
mail_location = 
maildir:/data/MAIL/MAILDIR/%u:INBOX=/data/MAIL/INBOX/%u:INDEX=/data/MAIL/METADATA/%u
maildir_very_dirty_syncs = yes
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope 
encoded-character vacation subaddress comparator-i;ascii-numeric 
relational regex imap4flags copy include variables body enotify 
environment mailbox date
mbox_write_locks = fcntl
namespace {
   inbox = yes
   location =
   prefix =
   separator = .
   type = private
}
namespace {
   list = children
   location = 
maildir:/data/MAIL/MAILDIR/%%u:INDEX=/data/MAIL/METADATA/SHARED/%u/%%u
   prefix = shared.%%u.
   separator = .
   subscriptions = no
   type = shared
}
namespace {
   list = children
   location = maildir:/data/MAIL/PUBLIC:INDEX=/data/MAIL/METADATA/PUBLIC
   prefix = public.
   separator = .
   subscriptions = no
   type = public
}
passdb {
   args = scheme=cram-md5 /data/PWDDB/cram_dovecot.txt
   driver = passwd-file
}
passdb {
   args = /etc/dovecot/master-shared
   driver = passwd-file
   master = yes
}
passdb {
   args = /etc/dovecot/master-shared
   driver = passwd-file
}
plugin {
   acl = vfile:/etc/dovecot/global-acls:cache_secs=300
   acl_anyone = allow
   acl_shared_dict = file:/data/MAIL/SHAREDDB/shared-mailboxes.db
   sieve = /data/MAIL/SIEVE/%u/dovecot.sieve
   sieve_dir = /data/MAIL/SIEVE/%u
}
postmaster_address = root
protocols = imap sieve
service auth {
   unix_listener /var/spool/postfix/private/auth {
     mode = 0666
   }
   unix_listener auth-userdb {
     group = mailreader
     mode = 0600
     user = mailreader
   }
}
service imap-login {
   process_min_avail = 8
   service_count = 0
   vsz_limit = 512 M
}
service imap-postlogin {
   executable = script-login /etc/dovecot/postlogin.sh
   user = $default_internal_user
}
service imap {
   executable = imap imap-postlogin
}
ssl_cert = </etc/dovecot/ssl/imaps.lal.in2p3.fr.crt
ssl_key = </etc/dovecot/ssl/imaps.lal.in2p3.fr.key
userdb {
   args = /etc/dovecot/master-shared
   driver = passwd-file
}
userdb {
   args = uid=mailreader gid=mailreader home=/data/MAIL/SIEVE/%u 
allow_all_users=yes
   driver = static
}
protocol lda {
   mail_plugins = acl sieve
}
protocol imap {
   mail_max_userip_connections = 128
   mail_plugins = acl imap_acl
}

From a.kostyrev at serverc.ru  Tue Jun 12 15:31:09 2012
From: a.kostyrev at serverc.ru (=?koi8-r?B?68/T1NnSxdcg4czFy9PBzsTSIOHMxcvTxcXXyd4=?=)
Date: Tue, 12 Jun 2012 23:31:09 +1100
Subject: [Dovecot] commercial support  -- feedback
Message-ID: <213B51F00051AE48A9F0E112880177178F79F2@Delta.sc.local>

good day!
Did anybody in here decide to go for commercial support from Dovecot Solutions Oy ?
I'd like to know if you are satisfied with what they provide?
if time of support reaction is really as what is stated at their site and stuff like that.






From forall at stalowka.info  Tue Jun 12 16:15:13 2012
From: forall at stalowka.info (For@ll)
Date: Tue, 12 Jun 2012 15:15:13 +0200
Subject: [Dovecot] Dovecot 2.1 stable packages for Debian?
In-Reply-To: <33993325.post@talk.nabble.com>
References: <CAC=fBB=VvVnArPZWe=UC5dKwqYb9NA_SaHySi9uoeD0rpwnwBQ@mail.gmail.com>
	<33993325.post@talk.nabble.com>
Message-ID: <jr7faf$ab0$1@dough.gmane.org>

On 11.06.2012 16:03, Tomislav Mihalicek wrote:
>
> Here you go...
>
> cat /etc/apt/sources.list
>
> # latest dovecot
> # apt-get install debian-dovecot-auto-keyring
> deb http://xi.rename-it.nl/debian/ stable-auto/dovecot-2.1 main
> deb-src http://xi.rename-it.nl/debian/ stable-auto/dovecot-2.1 main
>

I'm looking the same version but for Ubuntu Server 12.04.



From lists at kokelnet.de  Tue Jun 12 16:49:33 2012
From: lists at kokelnet.de (Tobias Hachmer)
Date: Tue, 12 Jun 2012 15:49:33 +0200
Subject: [Dovecot]
 =?utf-8?q?Dovecot_2=2E1_stable_packages_for_Debian=3F?=
In-Reply-To: <jr7faf$ab0$1@dough.gmane.org>
References: <CAC=fBB=VvVnArPZWe=UC5dKwqYb9NA_SaHySi9uoeD0rpwnwBQ@mail.gmail.com>
	<33993325.post@talk.nabble.com> <jr7faf$ab0$1@dough.gmane.org>
Message-ID: <f4fb334294587dd8827ff1a6f2baf132@hachmer.de>

Am 12.06.2012 15:15, schrieb For at ll:
> I'm looking the same version but for Ubuntu Server 12.04.

I use the packages from 
https://launchpad.net/~christian-roessner-net/+archive/ppa in 
production.
Also the description of this ppa warns to use these packages only if 
you're able to help youself and it's a development ppa.
But I have had no problems yet with these packages.

I think there aren't packages out there someone would provide support 
for. So, compile it or use those development/ community packages or wait 
until dovecot 2.1 will get into debian/ubuntu stable.

Regards,
Tobias Hachmer

From e-frog at gmx.de  Tue Jun 12 19:17:54 2012
From: e-frog at gmx.de (e-frog)
Date: Tue, 12 Jun 2012 18:17:54 +0200
Subject: [Dovecot] Dovecot 2.1 stable packages for Debian?
In-Reply-To: <jr7faf$ab0$1@dough.gmane.org>
References: <CAC=fBB=VvVnArPZWe=UC5dKwqYb9NA_SaHySi9uoeD0rpwnwBQ@mail.gmail.com>
	<33993325.post@talk.nabble.com> <jr7faf$ab0$1@dough.gmane.org>
Message-ID: <4FD76BB2.7040906@gmx.de>

On 12.06.2012 15:15, wrote For at ll:
> On 11.06.2012 16:03, Tomislav Mihalicek wrote:
>>
>> Here you go...
>>
>> cat /etc/apt/sources.list
>>
>> # latest dovecot
>> # apt-get install debian-dovecot-auto-keyring
>> deb http://xi.rename-it.nl/debian/ stable-auto/dovecot-2.1 main
>> deb-src http://xi.rename-it.nl/debian/ stable-auto/dovecot-2.1 main
>>
>
> I'm looking the same version but for Ubuntu Server 12.04.
>

2.1.7 just landed in quantal yesterday:

https://launchpad.net/ubuntu/+source/dovecot

From user+dovecot at localhost.localdomain.org  Tue Jun 12 20:00:27 2012
From: user+dovecot at localhost.localdomain.org (Pascal Volk)
Date: Tue, 12 Jun 2012 19:00:27 +0200
Subject: [Dovecot] Sieve: Mailbox doesn't exist
In-Reply-To: <1660278.PoqUOhb7Bf@x>
References: <1660278.PoqUOhb7Bf@x>
Message-ID: <4FD775AB.8010503@localhost.localdomain.org>

On 06/12/2012 01:32 AM Stefan Fricke wrote:
> I have just set up a mail server on Ubuntu, using Postfix and Dovecot 2.0.19. 
> It works well but I can't get Sieve working. I always get the error that the 
> target mailbox doesn't exist. In fact it doesn't but isn'r Dovecot supposed to 
> create it?

Not with your current configuration. See:
http://hg.dovecot.org/dovecot-2.0/file/2.0.19/doc/example-config/conf.d/15-lda.conf#l39

> 
> Here is my doveconf -n:
> 
> # 2.0.19: /etc/dovecot/dovecot.conf
> # OS: Linux 3.2.0-24-generic x86_64 Ubuntu 12.04 LTS 
> mail_debug = yes
> mail_location = maildir:~/Maildir
> managesieve_notify_capability = mailto
> managesieve_sieve_capability = fileinto reject envelope encoded-character 
> vacation subaddress comparator-i;ascii-numeric relational regex imap4flags 
> copy include variables body enotify environment mailbox date ihave
> passdb {
>   driver = pam
> }
> plugin {
>   sieve = ~/.dovecot.sieve
>   sieve_dir = ~/sieve                                                                                                                       
> }                                                                                                                                           
> protocols = imap pop3 sieve
> service auth {
>   unix_listener /var/spool/postfix/private/dovecot-auth {
>     group = postfix
>     mode = 0660
>     user = postfix
>   }
> }
> service managesieve-login {
>   inet_listener sieve {
>     port = 4190
>   }
>   service_count = 1
> }
> ssl_cert = </etc/ssl/certs/dovecot.pem
> ssl_cipher_list = ALL:!LOW:!SSLv2:ALL:!aNULL:!ADH:!eNULL:!EXP:RC4+RSA:+HIGH:
> +MEDIUM
> ssl_key = </etc/ssl/private/dovecot.pem
> userdb {
>   driver = passwd
> }
> protocol imap {
>   imap_client_workarounds = delay-newmail
>   mail_max_userip_connections = 10
> }
> protocol pop3 {
>   mail_max_userip_connections = 10
>   pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
> }
> protocol lda {
>   deliver_log_format = msgid=%m: %$
>   mail_plugins = sieve
>   postmaster_address = postmaster
>   quota_full_tempfail = yes
>   rejection_reason = Your message to <%t> was automatically rejected:%n%r
> }
> 
> 
> 


Regards,
Pascal

-- 
The trapper recommends today: cafefeed.1216418 at localdomain.org

From tss at iki.fi  Tue Jun 12 20:15:22 2012
From: tss at iki.fi (Timo Sirainen)
Date: Tue, 12 Jun 2012 20:15:22 +0300
Subject: [Dovecot] Sieve: Mailbox doesn't exist
In-Reply-To: <4FD775AB.8010503@localhost.localdomain.org>
References: <1660278.PoqUOhb7Bf@x> <4FD775AB.8010503@localhost.localdomain.org>
Message-ID: <854C866C-44BB-4EF4-95A3-D765ED980833@iki.fi>

On 12.6.2012, at 20.00, Pascal Volk wrote:

> On 06/12/2012 01:32 AM Stefan Fricke wrote:
>> I have just set up a mail server on Ubuntu, using Postfix and Dovecot 2.0.19. 
>> It works well but I can't get Sieve working. I always get the error that the 
>> target mailbox doesn't exist. In fact it doesn't but isn'r Dovecot supposed to 
>> create it?
> 
> Not with your current configuration. See:
> http://hg.dovecot.org/dovecot-2.0/file/2.0.19/doc/example-config/conf.d/15-lda.conf#l39

Even better (more standard): Use fileinto :create "box";


From toml at engr.orst.edu  Tue Jun 12 21:16:52 2012
From: toml at engr.orst.edu (Tom Lieuallen)
Date: Tue, 12 Jun 2012 11:16:52 -0700
Subject: [Dovecot] how to announce shared folders to clients using
 non-default mail prefix
In-Reply-To: <63F00218-4FBE-418F-9477-CBEA8E7A35B9@iki.fi>
References: <4FD14895.8040707@engr.orst.edu>
	<63F00218-4FBE-418F-9477-CBEA8E7A35B9@iki.fi>
Message-ID: <4FD78794.1030905@engr.orst.edu>



On 6/11/12 5:21 AM, Timo Sirainen wrote:
> On 8.6.2012, at 3.34, Tom Lieuallen wrote:
>
>> Note that if I change the prefix for that shared namespace to 'iphonemail/', it does present my shared folders as well as anything in a personal iphonemail directory.  However, 'select' didn't work with the personal folders.  My guess is it's mostly due to the difference in mail formats between the two (mbox&  maildir).
>
> You should be able to use prefix=iphonemail/shared/

Timo et all,

Unfortunately, that did not work.


l list "" *
* LIST (\Noselect \HasChildren) "/" "foo1"
* LIST (\NoInferiors \UnMarked) "/" "foo1/folder1"
* LIST (\Noselect \HasChildren) "/" "iphonemail"
* LIST (\NoInferiors \Marked) "/" "iphonemail/foo1"
* LIST (\NoInferiors \UnMarked) "/" "Sent"
* LIST (\NoInferiors \UnMarked) "/" "Trash"
* LIST (\HasNoChildren) "/" "INBOX"
* LIST (\HasNoChildren) "/" "sharedimap/cesupport"
* LIST (\HasNoChildren) "/" "sharedimap/mimesupport"
* LIST (\HasNoChildren) "/" "iphonemail/sharedimap/cesupport"
* LIST (\HasNoChildren) "/" "iphonemail/sharedimap/mimesupport"
l OK List completed.

l list "iphonemail/" *
* LIST (\NoInferiors \Marked) "/" "iphonemail/foo1"
l OK List completed.


So, the shared folders are listed twice when I do not include a prefix 
and neither are shown at all when I do include a prefix.

namespace {
   hidden = yes
   inbox = no
   list = children
   location = maildir:/a1/dove-shared:INDEX=/a2/imap-index/dove-shared/%u
   prefix = iphonemail/sharedimap/
   separator = /
   type = shared
}

I'm assuming I'm testing this correctly and in the best way. :-)

thank you

Tom Lieuallen

From l.messner at physik.tu-berlin.de  Tue Jun 12 21:56:13 2012
From: l.messner at physik.tu-berlin.de (Leon =?iso-8859-15?Q?Me=DFner?=)
Date: Tue, 12 Jun 2012 20:56:13 +0200
Subject: [Dovecot] auth_krb5_keytab ignored ?
In-Reply-To: <20120611155124.GM89928@rosa.physik.tu-berlin.de>
References: <20120608165902.GI89928@rosa.physik.tu-berlin.de>
	<1339416976.5967.29.camel@hurina>
	<20120611144345.GK89928@rosa.physik.tu-berlin.de>
	<B6985F72-6E34-4D67-8470-3CEF77A17EDE@iki.fi>
	<20120611155124.GM89928@rosa.physik.tu-berlin.de>
Message-ID: <20120612185613.GB80625@rosa.physik.tu-berlin.de>

On Mon, Jun 11, 2012 at 05:51:24PM +0200, Leon Me?ner wrote:
> On Mon, Jun 11, 2012 at 06:26:57PM +0300, Timo Sirainen wrote:
> > On 11.6.2012, at 17.43, Leon Me?ner wrote:
> > 
> > >> import_environment = TZ GDB DEBUG_SILENT KRB5_KTNAME 
> > >> 
i > >> KRB5_KTNAME=/etc/mail3.krb5.keytab dovecot
> > >> 
> > >> I'm wondering if the code in mech-gssapi.c that sets KRB5_KTNAME
> > >> environment is being called too late.
> > > 
> > > It's still looking inside the default krb5.keytab .
> > 
> > Which Kerberos library are you using? Maybe it doesn't support this way of giving the keytab.
> 
> I'm using the stock FreeBSD 8.2-RELEASE one which is heimdal-1.1.0 .
> I will update the machine to 8.3 (which is the latest release in 8.x),

Updating and recompiling did not help. I don't know where to look for
the problem though. If i use the kerberos utilities with KRB5_KTNAME the
environment variable is beeing picked up ok.

19:22_root at mail3:/usr/ports/mail/dovecot# KRB5_KTNAME=/etc/mail3.krb5.keytab ktutil list
/etc/mail3.krb5.keytab:

Vno  Type           Principal
  1  des-cbc-crc    imap/mail3.physik-pool.tu-berlin.de at PCPOOL.PHYSIK.TU-BERLIN.DE
  1  des-cbc-md4    imap/mail3.physik-pool.tu-berlin.de at PCPOOL.PHYSIK.TU-BERLIN.DE
  1  des-cbc-md5    imap/mail3.physik-pool.tu-berlin.de at PCPOOL.PHYSIK.TU-BERLIN.DE
  1  des3-cbc-sha1  imap/mail3.physik-pool.tu-berlin.de at PCPOOL.PHYSIK.TU-BERLIN.DE

19:34_root at mail3:/usr/ports/mail/dovecot# KRB5_KTNAME=/etc/mail3.krb5.keytab kinit -k imap/mail3.physik-pool.tu-berlin.de
19:39_root at mail3:/usr/ports/mail/dovecot# klist
Credentials cache: FILE:/tmp/krb5cc_0
        Principal: imap/mail3.physik-pool.tu-berlin.de at PCPOOL.PHYSIK.TU-BERLIN.DE

  Issued           Expires          Principal
Jun 12 19:39:11  Jun 13 05:39:11  krbtgt/PCPOOL.PHYSIK.TU-BERLIN.DE at PCPOOL.PHYSIK.TU-BERLIN.DE


From dmiller at amfes.com  Tue Jun 12 21:56:45 2012
From: dmiller at amfes.com (Daniel L. Miller)
Date: Tue, 12 Jun 2012 11:56:45 -0700
Subject: [Dovecot] gnutls support
In-Reply-To: <1284640879.3030.460.camel@kurkku.sapo.corppt.com>
References: <4C918E28.1020301@amfes.com>
	<1284640879.3030.460.camel@kurkku.sapo.corppt.com>
Message-ID: <assp.151093838d.4FD790ED.8020400@amfes.com>

On 9/16/2010 5:41 AM, Timo Sirainen wrote:
> On Wed, 2010-09-15 at 20:25 -0700, Daniel L. Miller wrote:
>> Other than license issues, is there an advantage to using gnutls vs
>> openssl?  Or is openssl superior - at least in the current implementations?
> Dovecot's GNUTLS support was written long time ago and its API has
> changed since. It doesn't work. But a working GNUTLS support would still
> be nice some day. I don't much like OpenSSL.
>
>
With 2.1.7 - is GNUTLS supported?

-- 
Daniel

From tss at iki.fi  Tue Jun 12 21:59:44 2012
From: tss at iki.fi (Timo Sirainen)
Date: Tue, 12 Jun 2012 21:59:44 +0300
Subject: [Dovecot] gnutls support
In-Reply-To: <assp.151093838d.4FD790ED.8020400@amfes.com>
References: <4C918E28.1020301@amfes.com>
	<1284640879.3030.460.camel@kurkku.sapo.corppt.com>
	<assp.151093838d.4FD790ED.8020400@amfes.com>
Message-ID: <22E936E6-12A6-449E-A82F-6E1B5061FA9E@iki.fi>

On 12.6.2012, at 21.56, Daniel L. Miller wrote:

> On 9/16/2010 5:41 AM, Timo Sirainen wrote:
>> On Wed, 2010-09-15 at 20:25 -0700, Daniel L. Miller wrote:
>>> Other than license issues, is there an advantage to using gnutls vs
>>> openssl?  Or is openssl superior - at least in the current implementations?
>> Dovecot's GNUTLS support was written long time ago and its API has
>> changed since. It doesn't work. But a working GNUTLS support would still
>> be nice some day. I don't much like OpenSSL.
> With 2.1.7 - is GNUTLS supported?

No, and I have no plans to add it. But I don't mind if someone sends a patch.


From acrow at integrafin.co.uk  Tue Jun 12 22:34:50 2012
From: acrow at integrafin.co.uk (Alex Crow)
Date: Tue, 12 Jun 2012 20:34:50 +0100
Subject: [Dovecot] 2.1.7 shared folder index issued
In-Reply-To: <E0B43005-C164-4CC5-853A-0429F12FAD39@iki.fi>
References: <4FD64195.5070006@integrafin.co.uk>
	<9243C1F4-94EF-4259-A37F-D32DC3A63902@iki.fi>
	<4FD65695.1030100@integrafin.co.uk>
	<E0B43005-C164-4CC5-853A-0429F12FAD39@iki.fi>
Message-ID: <4FD799DA.6020508@integrafin.co.uk>


> That depends on if the regular mail_location has any INDEX or not. In any case they must point to the same index.
>
>

Timo,

Thanks, I pointed them both the to same location (I keep my indexes on 
an SSD array) and now shared folders seem to work fine.

Cheers for your help,

Alex





From anmeyer at anup.de  Tue Jun 12 23:41:33 2012
From: anmeyer at anup.de (Andreas Meyer)
Date: Tue, 12 Jun 2012 22:41:33 +0200
Subject: [Dovecot] v2.0.21 released
In-Reply-To: <C1E80BFC-9F5E-4E7F-9C5F-CE69A7F0EEBB@iki.fi>
References: <C1E80BFC-9F5E-4E7F-9C5F-CE69A7F0EEBB@iki.fi>
Message-ID: <20120612224133.6ae2eedb@itx.bitcorner.intern>

Timo Sirainen <tss at iki.fi> wrote:

> http://dovecot.org/releases/2.0/dovecot-2.0.21.tar.gz
> http://dovecot.org/releases/2.0/dovecot-2.0.21.tar.gz.sig
> 
>         + dict: file backend supports now also fcntl/flock locking optionally
>         - imap-login: Memory leak fixed
>         - imap: Non-UTF8 input on SEARCH command parameters could have crashed
>         - auth: Fixed crash with DIGEST-MD5 when attempting to do master user
>           login without master passdbs. 
>         - sdbox: Don't use more fds than necessary when copying mails.
>         - mdbox kept the user's storage locked a bit longer than it needed to
> 

Please can some soul explain the naming conventions used to release this software?

Tue Jun 12 00:51:56 EEST 2012
Released v2.0.21.
Tue May 29 22:24:49 EEST 2012
Released v2.1.7.

I don't understand the numbering.

  Andreas

From Ralf.Hildebrandt at charite.de  Tue Jun 12 23:42:58 2012
From: Ralf.Hildebrandt at charite.de (Ralf Hildebrandt)
Date: Tue, 12 Jun 2012 22:42:58 +0200
Subject: [Dovecot] v2.0.21 released
In-Reply-To: <20120612224133.6ae2eedb@itx.bitcorner.intern>
References: <C1E80BFC-9F5E-4E7F-9C5F-CE69A7F0EEBB@iki.fi>
	<20120612224133.6ae2eedb@itx.bitcorner.intern>
Message-ID: <20120612204258.GE13775@charite.de>

* Andreas Meyer <anmeyer at anup.de>:
> Timo Sirainen <tss at iki.fi> wrote:
> 
> > http://dovecot.org/releases/2.0/dovecot-2.0.21.tar.gz
> > http://dovecot.org/releases/2.0/dovecot-2.0.21.tar.gz.sig
> > 
> >         + dict: file backend supports now also fcntl/flock locking optionally
> >         - imap-login: Memory leak fixed
> >         - imap: Non-UTF8 input on SEARCH command parameters could have crashed
> >         - auth: Fixed crash with DIGEST-MD5 when attempting to do master user
> >           login without master passdbs. 
> >         - sdbox: Don't use more fds than necessary when copying mails.
> >         - mdbox kept the user's storage locked a bit longer than it needed to
> > 
> 
> Please can some soul explain the naming conventions used to release this software?
> 
> Tue Jun 12 00:51:56 EEST 2012
> Released v2.0.21.
> Tue May 29 22:24:49 EEST 2012
> Released v2.1.7.
> 
> I don't understand the numbering.

2.0 and 2.1 are different branches.

-- 
Ralf Hildebrandt
  Gesch?ftsbereich IT | Abteilung Netzwerk
  Charit? - Universit?tsmedizin Berlin
  Campus Benjamin Franklin
  Hindenburgdamm 30 | D-12203 Berlin
  Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962
  ralf.hildebrandt at charite.de | http://www.charite.de
	    

From h.reindl at thelounge.net  Tue Jun 12 23:45:40 2012
From: h.reindl at thelounge.net (Reindl Harald)
Date: Tue, 12 Jun 2012 22:45:40 +0200
Subject: [Dovecot] v2.0.21 released
In-Reply-To: <20120612224133.6ae2eedb@itx.bitcorner.intern>
References: <C1E80BFC-9F5E-4E7F-9C5F-CE69A7F0EEBB@iki.fi>
	<20120612224133.6ae2eedb@itx.bitcorner.intern>
Message-ID: <4FD7AA74.7030504@thelounge.net>



Am 12.06.2012 22:41, schrieb Andreas Meyer:
> Please can some soul explain the naming conventions used to release this software?
> 
> Tue Jun 12 00:51:56 EEST 2012
> Released v2.0.21.
> Tue May 29 22:24:49 EEST 2012
> Released v2.1.7.
> 
> I don't understand the numbering

the same as PHP

http://www.php.net/archive/2012.php#id2012-05-08-1
PHP 5.4.3 and PHP 5.3.13 Released

be happy that there is software where you not forced to
upgrade as soon as a new manjor/minor version is out

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 262 bytes
Desc: OpenPGP digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20120612/7f8822f8/attachment.bin>

From amateo at um.es  Wed Jun 13 09:58:46 2012
From: amateo at um.es (Angel L. Mateo)
Date: Wed, 13 Jun 2012 08:58:46 +0200
Subject: [Dovecot] Problem with lmtp director proxy
In-Reply-To: <4FD718A0.50605@um.es>
References: <4FD718A0.50605@um.es>
Message-ID: <4FD83A26.3030209@um.es>

Hi,

	I have checked in almost every error I had that the error is produced 
whenever happens a timeout of 30 seconds between opening the connection 
between the director and backend server and the final delivery of the 
message in the user's mailbox.

	When I have mails with just a few of recipients, I have no problem 
because this 30 seconds timeout is never reached. But when I have mails 
with more recipients and my storage has workload it is sometimes reached.

	But I haven't found any configuration for this 30 seconds timeout. What 
could it be this option? Because I have configured proxy_timeout=120 in 
proxy configuration:

pass_attrs = 
irisMailbox=userdb_mail,homeDirectory=userdb_home,uidNumber=userdb_uid,gidNumber=userdb_gid,=proxy=y,=proxy_timeout=120,irisMailHost=host


	Looking for this timeout in the code, I have found these defines:

director/director.c:#define DIRECTOR_RECONNECT_TIMEOUT_MSECS (30*1000)
director/director.c:#define DIRECTOR_USER_MOVE_TIMEOUT_MSECS (30*1000)
director/director-connection.c:#define 
DIRECTOR_CONNECTION_SEND_USERS_TIMEOUT_MSECS (30*1000)
director/director-connection.c:#define 
DIRECTOR_CONNECTION_DONE_TIMEOUT_MSECS (30*1000)
director/director-request.c:#define DIRECTOR_REQUEST_TIMEOUT_SECS 30

lmtp/commands.c:#define LMTP_PROXY_DEFAULT_TIMEOUT_MSECS (1000*30)

	Could it be one of these timeouts? In this case... is there any way to 
configure it without changing code?

-- 
Angel L. Mateo Mart?nez
Secci?n de Telem?tica
?rea de Tecnolog?as de la Informaci?n       _o)
y las Comunicaciones Aplicadas (ATICA)      / \\
http://www.um.es/atica                    _(___V
Tfo: 868887590
Fax: 868888337



From oni-neko at gmx.net  Wed Jun 13 10:47:02 2012
From: oni-neko at gmx.net (oni-neko at gmx.net)
Date: Wed, 13 Jun 2012 09:47:02 +0200
Subject: [Dovecot] question about changing certificate
In-Reply-To: <4FD6497B.6090007@gedalya.net>
References: <20120611122837.317410@gmx.net> <4FD6497B.6090007@gedalya.net>
Message-ID: <20120613074702.115300@gmx.net>

thank you for your answer!

-------- Original-Nachricht --------
> Datum: Mon, 11 Jun 2012 15:39:39 -0400
> Von: Gedalya <gedalya at gedalya.net>
> An: dovecot at dovecot.org
> Betreff: Re: [Dovecot] question about changing certificate

> Are both files identical, do they both contain the private key?

umm, no, ok, I think I see at least part of the problem: I have only the certificate, but no key =/ durr, ok, that is way obvious as a problem.

next question: do I need the key to use the certificate or can I only use the certificate and leave the value of ssl_key_file empty?

thank you for answering my obviously quite, umm, uninformed questions =)

greetings
silvia

-- 
NEU: FreePhone 3-fach-Flat mit kostenlosem Smartphone!                                  
Jetzt informieren: http://mobile.1und1.de/?ac=OM.PW.PW003K20328T7073a

From rago at lal.in2p3.fr  Wed Jun 13 12:59:15 2012
From: rago at lal.in2p3.fr (Emiliano Rago)
Date: Wed, 13 Jun 2012 11:59:15 +0200
Subject: [Dovecot] doveadm doesn't subscribe to public folders
In-Reply-To: <4FD7313F.9060406@lal.in2p3.fr>
References: <4FD7313F.9060406@lal.in2p3.fr>
Message-ID: <4FD86473.8010104@lal.in2p3.fr>

Hi,

what it's happening with the doveadm command below is that
the file modified is /data/MAIL/PUBLIC/subscriptions
while I'd like to modify the file /data/MAIL/rago/subscriptions

With subscriptions=no every user can subscribe to public folder,
so perhaps this behaviour is inappropriate; suggestions?

Thanks,
Emiliano Rago


On 06/12/2012 02:08 PM, Emiliano Rago wrote:
> Hi,
>
> I'd like to subscribe folder with doveadm:
>
> doveadm mailbox subscribe -u rago public.Conferences
>
> This command doesn't work, while it works with an ordinary folder.
> However it's possible to subscribe to the folder with an imap connection:
>
> 1 login rago "mypasswd"
> 1 OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE
> IDLE SORTSORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT
> CHILDREN NAMESPCE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC
> ESEARCH ESORT SEARCHRES ITHIN CONTEXT=SEARCH LIST-STATUS ACL
> RIGHTS=texk] Logged in
> 2 LSUB "" *
> * LSUB () "." "INBOX"
> 2 OK Lsub completed.
> 3 SUBSCRIBE "public.Conferences"
> 3 OK Subscribe completed.
> 4 LSUB "" *
> * LSUB () "." "INBOX"
> * LSUB () "." "public.Conferences"
> 4 OK Lsub completed.
>
> Am I doing anything wrong?
>
> This is my conf, thx for help,
> Emiliano
>
> # 2.0.9: /etc/dovecot/dovecot.conf
> # OS: Linux 2.6.32-220.4.1.el6.x86_64 x86_64 Red Hat Enterprise Linux
> Server release 5 (Tikanga) ext4
> auth_cache_size = 128 M
> auth_master_user_separator = *
> auth_mechanisms = plain cram-md5
> mail_location =
> maildir:/data/MAIL/MAILDIR/%u:INBOX=/data/MAIL/INBOX/%u:INDEX=/data/MAIL/METADATA/%u
>
> maildir_very_dirty_syncs = yes
> managesieve_notify_capability = mailto
> managesieve_sieve_capability = fileinto reject envelope
> encoded-character vacation subaddress comparator-i;ascii-numeric
> relational regex imap4flags copy include variables body enotify
> environment mailbox date
> mbox_write_locks = fcntl
> namespace {
> inbox = yes
> location =
> prefix =
> separator = .
> type = private
> }
> namespace {
> list = children
> location =
> maildir:/data/MAIL/MAILDIR/%%u:INDEX=/data/MAIL/METADATA/SHARED/%u/%%u
> prefix = shared.%%u.
> separator = .
> subscriptions = no
> type = shared
> }
> namespace {
> list = children
> location = maildir:/data/MAIL/PUBLIC:INDEX=/data/MAIL/METADATA/PUBLIC
> prefix = public.
> separator = .
> subscriptions = no
> type = public
> }
> passdb {
> args = scheme=cram-md5 /data/PWDDB/cram_dovecot.txt
> driver = passwd-file
> }
> passdb {
> args = /etc/dovecot/master-shared
> driver = passwd-file
> master = yes
> }
> passdb {
> args = /etc/dovecot/master-shared
> driver = passwd-file
> }
> plugin {
> acl = vfile:/etc/dovecot/global-acls:cache_secs=300
> acl_anyone = allow
> acl_shared_dict = file:/data/MAIL/SHAREDDB/shared-mailboxes.db
> sieve = /data/MAIL/SIEVE/%u/dovecot.sieve
> sieve_dir = /data/MAIL/SIEVE/%u
> }
> postmaster_address = root
> protocols = imap sieve
> service auth {
> unix_listener /var/spool/postfix/private/auth {
> mode = 0666
> }
> unix_listener auth-userdb {
> group = mailreader
> mode = 0600
> user = mailreader
> }
> }
> service imap-login {
> process_min_avail = 8
> service_count = 0
> vsz_limit = 512 M
> }
> service imap-postlogin {
> executable = script-login /etc/dovecot/postlogin.sh
> user = $default_internal_user
> }
> service imap {
> executable = imap imap-postlogin
> }
> ssl_cert = </etc/dovecot/ssl/imaps.lal.in2p3.fr.crt
> ssl_key = </etc/dovecot/ssl/imaps.lal.in2p3.fr.key
> userdb {
> args = /etc/dovecot/master-shared
> driver = passwd-file
> }
> userdb {
> args = uid=mailreader gid=mailreader home=/data/MAIL/SIEVE/%u
> allow_all_users=yes
> driver = static
> }
> protocol lda {
> mail_plugins = acl sieve
> }
> protocol imap {
> mail_max_userip_connections = 128
> mail_plugins = acl imap_acl
> }


From gedalya at gedalya.net  Wed Jun 13 13:14:51 2012
From: gedalya at gedalya.net (Gedalya)
Date: Wed, 13 Jun 2012 06:14:51 -0400
Subject: [Dovecot] question about changing certificate
In-Reply-To: <20120613074702.115300@gmx.net>
References: <20120611122837.317410@gmx.net> <4FD6497B.6090007@gedalya.net>
	<20120613074702.115300@gmx.net>
Message-ID: <4FD8681B.4070609@gedalya.net>

On 06/13/2012 03:47 AM, oni-neko at gmx.net wrote:
> next question: do I need the key to use the certificate or can I only use the certificate and leave the value of ssl_key_file empty?
You certainly can't use the certificate without the key. And I guess 
dovecot needs ssl_key_file, unless it would be smart enough to figure it 
out for itself when you omit it. Either way, here is basically how it 
works. A certificate is not a secret, you in fact push it down to every 
connecting client. A certificate is something that identifies a server, 
and the private key is what makes it possible for you to demonstrate 
that you are the owner of the certificate.
When a CA signs your certificate, you send them the public half of your 
key, and they make a certificate from it, and sign it, and that 
basically says: we were convinced that the entity that holds this key 
has a legitimate connection to this domain name. All that remains is for 
you to prove to the world that you are actually you = you are in 
possession of the private key. So, dovecot actually needs the key to do 
this mathematical magic every time a client connects.


From amateo at um.es  Wed Jun 13 14:15:00 2012
From: amateo at um.es (Angel L. Mateo)
Date: Wed, 13 Jun 2012 13:15:00 +0200
Subject: [Dovecot] difference between client_limit and process_limit
In-Reply-To: <D226FD99-8113-4F4A-87E9-F54F5DF69807@iki.fi>
References: <4FD1D2E5.3020901@um.es> <4FD1DE19.4050903@um.es>
	<A1BAE7E0-1F08-4FDA-8FC8-D045E5E7987A@iki.fi>
	<4FD22956.20904@thelounge.net>
	<3E0F7337-B1BA-426F-84AF-D1D7710B80A3@iki.fi>
	<4FD5C63B.7040904@um.es>
	<D226FD99-8113-4F4A-87E9-F54F5DF69807@iki.fi>
Message-ID: <4FD87634.9000407@um.es>

On 11/06/12 13:45, Timo Sirainen wrote:
> On 11.6.2012, at 13.19, Angel L. Mateo wrote:
>
>>> Proxying is done by imap-login process, not imap process. For login processes there are different recommendations.
>>>
>> 	What are those recommendations? The ones at http://wiki2.dovecot.org/LoginProcess?
>
> Yes.
>
>> 	Let's suppose... I have 4 mainly imap backend servers (but they admit also pop3 connections) with a process_limit of 5120 for service imap (and default_client_limit of 1000 applied to pop3). And I have 2 director servers (configured as active-active behind a load balancer), so I need director servers to handle (more or less) 10240 imap connections.
>>
>> 	What is it better for the director's? Increasing process_limit for imap-login (so each process should handle less connections) or increasing client_limit (less processes handling more connections each)?
>
> If you increase process_limit to more than the number of CPU cores you have, then you increase the number of context switched done by the kernel, which decreases your performance. So I'd say increase client_limit.
>
	I'm trying to configure it this way, so I have configure process_limit 
to the number of cores and client_limit big enough to attempt the 
maximum number of connections configured at the backends.

	In my test environment I have configured (this is extracted from 
doveconf -n output):

service imap-login {
   client_limit = 10740
   executable = imap-login director
   process_limit = 1
   process_min_avail = 1
}

	When I made the first connection, there's no problem, but if I try a 
second while the first is still open, I get:

Jun 13 13:09:12 myotis40 dovecot: master: Warning: service(imap-login): 
client_limit (1) reached, client connections are being dropped

	Why is telling me that client_limit is reached? What client_limit is used?

-- 
Angel L. Mateo Mart?nez
Secci?n de Telem?tica
?rea de Tecnolog?as de la Informaci?n       _o)
y las Comunicaciones Aplicadas (ATICA)      / \\
http://www.um.es/atica                    _(___V
Tfo: 868887590
Fax: 868888337



From tss at iki.fi  Wed Jun 13 15:06:01 2012
From: tss at iki.fi (Timo Sirainen)
Date: Wed, 13 Jun 2012 15:06:01 +0300
Subject: [Dovecot] difference between client_limit and process_limit
In-Reply-To: <4FD87634.9000407@um.es>
References: <4FD1D2E5.3020901@um.es> <4FD1DE19.4050903@um.es>
	<A1BAE7E0-1F08-4FDA-8FC8-D045E5E7987A@iki.fi>
	<4FD22956.20904@thelounge.net>
	<3E0F7337-B1BA-426F-84AF-D1D7710B80A3@iki.fi> <4FD5C63B.7040904@um.es>
	<D226FD99-8113-4F4A-87E9-F54F5DF69807@iki.fi> <4FD87634.9000407@um.es>
Message-ID: <1339589161.25551.0.camel@innu>

On Wed, 2012-06-13 at 13:15 +0200, Angel L. Mateo wrote:
> 	In my test environment I have configured (this is extracted from 
> doveconf -n output):
> 
> service imap-login {
>    client_limit = 10740
>    executable = imap-login director
>    process_limit = 1
>    process_min_avail = 1
> }
> 
> 	When I made the first connection, there's no problem, but if I try a 
> second while the first is still open, I get:
> 
> Jun 13 13:09:12 myotis40 dovecot: master: Warning: service(imap-login): 
> client_limit (1) reached, client connections are being dropped
> 
> 	Why is telling me that client_limit is reached? What client_limit is used?

Dunno. What Dovecot version? Show the whole doveconf -n? You don't have
multiple dovecot.confs, right?



From amateo at um.es  Wed Jun 13 15:15:30 2012
From: amateo at um.es (Angel L. Mateo)
Date: Wed, 13 Jun 2012 14:15:30 +0200
Subject: [Dovecot] difference between client_limit and process_limit
In-Reply-To: <1339589161.25551.0.camel@innu>
References: <4FD1D2E5.3020901@um.es> <4FD1DE19.4050903@um.es>
	<A1BAE7E0-1F08-4FDA-8FC8-D045E5E7987A@iki.fi>
	<4FD22956.20904@thelounge.net>
	<3E0F7337-B1BA-426F-84AF-D1D7710B80A3@iki.fi>
	<4FD5C63B.7040904@um.es>
	<D226FD99-8113-4F4A-87E9-F54F5DF69807@iki.fi>
	<4FD87634.9000407@um.es> <1339589161.25551.0.camel@innu>
Message-ID: <4FD88462.5070908@um.es>

On 13/06/12 14:06, Timo Sirainen wrote:
> On Wed, 2012-06-13 at 13:15 +0200, Angel L. Mateo wrote:
>> 	In my test environment I have configured (this is extracted from
>> doveconf -n output):
>>
>> service imap-login {
>>     client_limit = 10740
>>     executable = imap-login director
>>     process_limit = 1
>>     process_min_avail = 1
>> }
>>
>> 	When I made the first connection, there's no problem, but if I try a
>> second while the first is still open, I get:
>>
>> Jun 13 13:09:12 myotis40 dovecot: master: Warning: service(imap-login):
>> client_limit (1) reached, client connections are being dropped
>>
>> 	Why is telling me that client_limit is reached? What client_limit is used?
>
> Dunno. What Dovecot version? Show the whole doveconf -n? You don't have
> multiple dovecot.confs, right?
>
>
	2.1.5. Whole doveconf is attached. As far as I could find, I don't have 
multiple.confs but, because I'm managing configuration with puppet, is 
easier for me to have a few "service imap-login" entries in the 
10-master.conf file. In previous checks I did, it seems to be mixed 
without problems, but I'm going to try to manually mixed them. What I 
have is:

service imap-login {
   inet_listener imap {
     #port = 143
   }
   inet_listener imaps {
     #port = 993
     #ssl = yes
   }

   # Number of connections to handle before starting a new process. 
Typically
   # the only useful values are 0 (unlimited) or 1. 1 is more secure, but 0
   # is faster. <doc/wiki/LoginProcess.txt>
   #service_count = 1

   # Number of processes to always keep waiting for more connections.
   #process_min_avail = 0

   # If you set service_count=0, you probably need to grow this.
   #vsz_limit = $default_vsz_limit
}

...

service imap-login {
   executable = imap-login director
   client_limit = 10740
   process_limit = 1
   process_min_avail = 1
}



-- 
Angel L. Mateo Mart?nez
Secci?n de Telem?tica
?rea de Tecnolog?as de la Informaci?n       _o)
y las Comunicaciones Aplicadas (ATICA)      / \\
http://www.um.es/atica                    _(___V
Tfo: 868887590
Fax: 868888337


-------------- next part --------------
# 2.1.5: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.32-4-amd64 x86_64 Ubuntu 10.04.4 LTS 
auth_cache_size = 20 M
auth_cache_ttl = 1 days
auth_debug = yes
auth_master_user_separator = *
auth_username_format = %n
auth_verbose = yes
default_process_limit = 1000
director_mail_servers = 155.54.211.161-155.54.211.164
director_servers = 155.54.211.187
disable_plaintext_auth = no
lmtp_proxy = yes
log_timestamp = %Y-%m-%d %H:%M:%S
mail_debug = yes
namespace {
  hidden = no
  inbox = yes
  list = yes
  location = 
  prefix = 
  separator = /
  subscriptions = yes
  type = private
}
namespace {
  hidden = yes
  inbox = no
  list = no
  location = maildir:~/Maildir/expunged:INDEX=/var/indexes/%n
  prefix = .EXPUNGED/
  separator = /
  subscriptions = no
  type = private
}
namespace {
  hidden = yes
  inbox = no
  list = no
  location = maildir:~/Maildir/deleted:INDEX=/var/indexes/%n
  prefix = .DELETED/
  separator = /
  subscriptions = no
  type = private
}
namespace {
  hidden = yes
  inbox = no
  list = no
  location = maildir:~/Maildir/deleted/expunged:INDEX=/var/indexes/%n
  prefix = .DELETED/.EXPUNGED/
  separator = /
  subscriptions = no
  type = private
}
namespace {
  inbox = yes
  location = 
  prefix = 
  separator = /
}
passdb {
  args = /etc/dovecot/master-users
  driver = passwd-file
  master = yes
  pass = yes
}
passdb {
  args = proxy=y nopassword=y
  driver = static
}
passdb {
  args = session=yes dovecot
  driver = pam
}
plugin {
  sieve = ~/.dovecot.sieve
  sieve_dir = ~/sieve
  sieve_extensions = +imapflags
  sieve_max_redirects = 15
}
protocols = imap pop3 lmtp imap lmtp pop3
service anvil {
  client_limit = 2003
}
service auth {
  client_limit = 3000
  unix_listener auth-userdb {
    mode = 0666
  }
}
service director {
  fifo_listener login/proxy-notify {
    mode = 0666
  }
  inet_listener {
    port = 9090
  }
  unix_listener director-userdb {
    mode = 0600
  }
  unix_listener login/director {
    mode = 0666
  }
}
service imap-login {
  client_limit = 10740
  executable = imap-login director
  process_limit = 1
  process_min_avail = 1
}
service imap {
  process_limit = 5120
  process_min_avail = 1
}
service lmtp {
  inet_listener lmtp {
    port = 24
  }
  process_min_avail = 10
}
service pop3-login {
  client_limit = 2500
  executable = pop3-login director
  process_limit = 1
  process_min_avail = 1
}
service pop3 {
  process_min_avail = 1
}
ssl = no
ssl_cert = </etc/ssl/certs/dovecot.pem
ssl_key = </etc/ssl/private/dovecot.pem
userdb {
  driver = prefetch
}
userdb {
  args = /etc/dovecot/dovecot-ldap.conf.ext
  driver = ldap
}
protocol lmtp {
  auth_socket_path = director-userdb
}

From tss at iki.fi  Wed Jun 13 15:28:48 2012
From: tss at iki.fi (Timo Sirainen)
Date: Wed, 13 Jun 2012 15:28:48 +0300
Subject: [Dovecot] difference between client_limit and process_limit
In-Reply-To: <4FD88462.5070908@um.es>
References: <4FD1D2E5.3020901@um.es> <4FD1DE19.4050903@um.es>
	<A1BAE7E0-1F08-4FDA-8FC8-D045E5E7987A@iki.fi>
	<4FD22956.20904@thelounge.net>
	<3E0F7337-B1BA-426F-84AF-D1D7710B80A3@iki.fi> <4FD5C63B.7040904@um.es>
	<D226FD99-8113-4F4A-87E9-F54F5DF69807@iki.fi> <4FD87634.9000407@um.es>
	<1339589161.25551.0.camel@innu> <4FD88462.5070908@um.es>
Message-ID: <1339590528.25551.2.camel@innu>

On Wed, 2012-06-13 at 14:15 +0200, Angel L. Mateo wrote:

> 	2.1.5. Whole doveconf is attached. As far as I could find, I don't have 
> multiple.confs but, because I'm managing configuration with puppet, is 
> easier for me to have a few "service imap-login" entries in the 
> 10-master.conf file. In previous checks I did, it seems to be mixed 
> without problems, but I'm going to try to manually mixed them. What I 
> have is:
..
> service imap-login {
>    # Number of connections to handle before starting a new process. 
> Typically
>    # the only useful values are 0 (unlimited) or 1. 1 is more secure, but 0
>    # is faster. <doc/wiki/LoginProcess.txt>
>    #service_count = 1

Oh, right, service_count=1 is the default and that overrides
client_limit. Set it to 0.



From tss at iki.fi  Wed Jun 13 15:39:47 2012
From: tss at iki.fi (Timo Sirainen)
Date: Wed, 13 Jun 2012 15:39:47 +0300
Subject: [Dovecot] difference between client_limit and process_limit
In-Reply-To: <1339590528.25551.2.camel@innu>
References: <4FD1D2E5.3020901@um.es> <4FD1DE19.4050903@um.es>
	<A1BAE7E0-1F08-4FDA-8FC8-D045E5E7987A@iki.fi>
	<4FD22956.20904@thelounge.net>
	<3E0F7337-B1BA-426F-84AF-D1D7710B80A3@iki.fi> <4FD5C63B.7040904@um.es>
	<D226FD99-8113-4F4A-87E9-F54F5DF69807@iki.fi> <4FD87634.9000407@um.es>
	<1339589161.25551.0.camel@innu> <4FD88462.5070908@um.es>
	<1339590528.25551.2.camel@innu>
Message-ID: <1339591187.25551.3.camel@innu>

On Wed, 2012-06-13 at 15:28 +0300, Timo Sirainen wrote:
> Oh, right, service_count=1 is the default and that overrides
> client_limit. Set it to 0.

http://hg.dovecot.org/dovecot-2.1/rev/4c31e450a867



From tss at iki.fi  Wed Jun 13 15:50:33 2012
From: tss at iki.fi (Timo Sirainen)
Date: Wed, 13 Jun 2012 15:50:33 +0300
Subject: [Dovecot] doveadm doesn't subscribe to public folders
In-Reply-To: <4FD86473.8010104@lal.in2p3.fr>
References: <4FD7313F.9060406@lal.in2p3.fr> <4FD86473.8010104@lal.in2p3.fr>
Message-ID: <1339591833.25551.4.camel@innu>

Does it work if you do it via imap?

echo "a subscribe public.Conferences" | /usr/local/libexec/dovecot/imap -u rago

On Wed, 2012-06-13 at 11:59 +0200, Emiliano Rago wrote:
> Hi,
> 
> what it's happening with the doveadm command below is that
> the file modified is /data/MAIL/PUBLIC/subscriptions
> while I'd like to modify the file /data/MAIL/rago/subscriptions
> 
> With subscriptions=no every user can subscribe to public folder,
> so perhaps this behaviour is inappropriate; suggestions?
> 
> Thanks,
> Emiliano Rago
> 
> 
> On 06/12/2012 02:08 PM, Emiliano Rago wrote:
> > Hi,
> >
> > I'd like to subscribe folder with doveadm:
> >
> > doveadm mailbox subscribe -u rago public.Conferences
> >
> > This command doesn't work, while it works with an ordinary folder.
> > However it's possible to subscribe to the folder with an imap connection:
> >
> > 1 login rago "mypasswd"
> > 1 OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE
> > IDLE SORTSORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT
> > CHILDREN NAMESPCE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC
> > ESEARCH ESORT SEARCHRES ITHIN CONTEXT=SEARCH LIST-STATUS ACL
> > RIGHTS=texk] Logged in
> > 2 LSUB "" *
> > * LSUB () "." "INBOX"
> > 2 OK Lsub completed.
> > 3 SUBSCRIBE "public.Conferences"
> > 3 OK Subscribe completed.
> > 4 LSUB "" *
> > * LSUB () "." "INBOX"
> > * LSUB () "." "public.Conferences"
> > 4 OK Lsub completed.
> >
> > Am I doing anything wrong?
> >
> > This is my conf, thx for help,
> > Emiliano
> >
> > # 2.0.9: /etc/dovecot/dovecot.conf
> > # OS: Linux 2.6.32-220.4.1.el6.x86_64 x86_64 Red Hat Enterprise Linux
> > Server release 5 (Tikanga) ext4
> > auth_cache_size = 128 M
> > auth_master_user_separator = *
> > auth_mechanisms = plain cram-md5
> > mail_location =
> > maildir:/data/MAIL/MAILDIR/%u:INBOX=/data/MAIL/INBOX/%u:INDEX=/data/MAIL/METADATA/%u
> >
> > maildir_very_dirty_syncs = yes
> > managesieve_notify_capability = mailto
> > managesieve_sieve_capability = fileinto reject envelope
> > encoded-character vacation subaddress comparator-i;ascii-numeric
> > relational regex imap4flags copy include variables body enotify
> > environment mailbox date
> > mbox_write_locks = fcntl
> > namespace {
> > inbox = yes
> > location =
> > prefix =
> > separator = .
> > type = private
> > }
> > namespace {
> > list = children
> > location =
> > maildir:/data/MAIL/MAILDIR/%%u:INDEX=/data/MAIL/METADATA/SHARED/%u/%%u
> > prefix = shared.%%u.
> > separator = .
> > subscriptions = no
> > type = shared
> > }
> > namespace {
> > list = children
> > location = maildir:/data/MAIL/PUBLIC:INDEX=/data/MAIL/METADATA/PUBLIC
> > prefix = public.
> > separator = .
> > subscriptions = no
> > type = public
> > }
> > passdb {
> > args = scheme=cram-md5 /data/PWDDB/cram_dovecot.txt
> > driver = passwd-file
> > }
> > passdb {
> > args = /etc/dovecot/master-shared
> > driver = passwd-file
> > master = yes
> > }
> > passdb {
> > args = /etc/dovecot/master-shared
> > driver = passwd-file
> > }
> > plugin {
> > acl = vfile:/etc/dovecot/global-acls:cache_secs=300
> > acl_anyone = allow
> > acl_shared_dict = file:/data/MAIL/SHAREDDB/shared-mailboxes.db
> > sieve = /data/MAIL/SIEVE/%u/dovecot.sieve
> > sieve_dir = /data/MAIL/SIEVE/%u
> > }
> > postmaster_address = root
> > protocols = imap sieve
> > service auth {
> > unix_listener /var/spool/postfix/private/auth {
> > mode = 0666
> > }
> > unix_listener auth-userdb {
> > group = mailreader
> > mode = 0600
> > user = mailreader
> > }
> > }
> > service imap-login {
> > process_min_avail = 8
> > service_count = 0
> > vsz_limit = 512 M
> > }
> > service imap-postlogin {
> > executable = script-login /etc/dovecot/postlogin.sh
> > user = $default_internal_user
> > }
> > service imap {
> > executable = imap imap-postlogin
> > }
> > ssl_cert = </etc/dovecot/ssl/imaps.lal.in2p3.fr.crt
> > ssl_key = </etc/dovecot/ssl/imaps.lal.in2p3.fr.key
> > userdb {
> > args = /etc/dovecot/master-shared
> > driver = passwd-file
> > }
> > userdb {
> > args = uid=mailreader gid=mailreader home=/data/MAIL/SIEVE/%u
> > allow_all_users=yes
> > driver = static
> > }
> > protocol lda {
> > mail_plugins = acl sieve
> > }
> > protocol imap {
> > mail_max_userip_connections = 128
> > mail_plugins = acl imap_acl
> > }
> 



From tss at iki.fi  Wed Jun 13 15:59:29 2012
From: tss at iki.fi (Timo Sirainen)
Date: Wed, 13 Jun 2012 15:59:29 +0300
Subject: [Dovecot] Problem with lmtp director proxy
In-Reply-To: <4FD83A26.3030209@um.es>
References: <4FD718A0.50605@um.es> <4FD83A26.3030209@um.es>
Message-ID: <1339592369.25551.7.camel@innu>

On Wed, 2012-06-13 at 08:58 +0200, Angel L. Mateo wrote:
> 	I have checked in almost every error I had that the error is produced 
> whenever happens a timeout of 30 seconds between opening the connection 
> between the director and backend server and the final delivery of the 
> message in the user's mailbox.
> 
> 	When I have mails with just a few of recipients, I have no problem 
> because this 30 seconds timeout is never reached. But when I have mails 
> with more recipients and my storage has workload it is sometimes reached.

Ah, so it's not really a bug. I thought it might be because there had
been such problems before.

> 	But I haven't found any configuration for this 30 seconds timeout. What 
> could it be this option? Because I have configured proxy_timeout=120 in 
> proxy configuration:
> 
> pass_attrs = 
> irisMailbox=userdb_mail,homeDirectory=userdb_home,uidNumber=userdb_uid,gidNumber=userdb_gid,=proxy=y,=proxy_timeout=120,irisMailHost=host

This should work..

> lmtp/commands.c:#define LMTP_PROXY_DEFAULT_TIMEOUT_MSECS (1000*30)

This is the default, but proxy_timeout should override it.

What do you get in logs with auth_debug=yes?


From rago at lal.in2p3.fr  Wed Jun 13 16:24:02 2012
From: rago at lal.in2p3.fr (Emiliano Rago)
Date: Wed, 13 Jun 2012 15:24:02 +0200
Subject: [Dovecot] doveadm doesn't subscribe to public folders
In-Reply-To: <1339591833.25551.4.camel@innu>
References: <4FD7313F.9060406@lal.in2p3.fr> <4FD86473.8010104@lal.in2p3.fr>
	<1339591833.25551.4.camel@innu>
Message-ID: <4FD89472.2070002@lal.in2p3.fr>

It works! Thanks!

Emiliano

On 06/13/2012 02:50 PM, Timo Sirainen wrote:
> Does it work if you do it via imap?
>
> echo "a subscribe public.Conferences" | /usr/local/libexec/dovecot/imap -u rago
>
> On Wed, 2012-06-13 at 11:59 +0200, Emiliano Rago wrote:
>> Hi,
>>
>> what it's happening with the doveadm command below is that
>> the file modified is /data/MAIL/PUBLIC/subscriptions
>> while I'd like to modify the file /data/MAIL/rago/subscriptions
>>
>> With subscriptions=no every user can subscribe to public folder,
>> so perhaps this behaviour is inappropriate; suggestions?
>>
>> Thanks,
>> Emiliano Rago
>>
>>
>> On 06/12/2012 02:08 PM, Emiliano Rago wrote:
>>> Hi,
>>>
>>> I'd like to subscribe folder with doveadm:
>>>
>>> doveadm mailbox subscribe -u rago public.Conferences
>>>
>>> This command doesn't work, while it works with an ordinary folder.
>>> However it's possible to subscribe to the folder with an imap connection:
>>>
>>> 1 login rago "mypasswd"
>>> 1 OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE
>>> IDLE SORTSORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT
>>> CHILDREN NAMESPCE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC
>>> ESEARCH ESORT SEARCHRES ITHIN CONTEXT=SEARCH LIST-STATUS ACL
>>> RIGHTS=texk] Logged in
>>> 2 LSUB "" *
>>> * LSUB () "." "INBOX"
>>> 2 OK Lsub completed.
>>> 3 SUBSCRIBE "public.Conferences"
>>> 3 OK Subscribe completed.
>>> 4 LSUB "" *
>>> * LSUB () "." "INBOX"
>>> * LSUB () "." "public.Conferences"
>>> 4 OK Lsub completed.
>>>
>>> Am I doing anything wrong?
>>>
>>> This is my conf, thx for help,
>>> Emiliano
>>>
>>> # 2.0.9: /etc/dovecot/dovecot.conf
>>> # OS: Linux 2.6.32-220.4.1.el6.x86_64 x86_64 Red Hat Enterprise Linux
>>> Server release 5 (Tikanga) ext4
>>> auth_cache_size = 128 M
>>> auth_master_user_separator = *
>>> auth_mechanisms = plain cram-md5
>>> mail_location =
>>> maildir:/data/MAIL/MAILDIR/%u:INBOX=/data/MAIL/INBOX/%u:INDEX=/data/MAIL/METADATA/%u
>>>
>>> maildir_very_dirty_syncs = yes
>>> managesieve_notify_capability = mailto
>>> managesieve_sieve_capability = fileinto reject envelope
>>> encoded-character vacation subaddress comparator-i;ascii-numeric
>>> relational regex imap4flags copy include variables body enotify
>>> environment mailbox date
>>> mbox_write_locks = fcntl
>>> namespace {
>>> inbox = yes
>>> location =
>>> prefix =
>>> separator = .
>>> type = private
>>> }
>>> namespace {
>>> list = children
>>> location =
>>> maildir:/data/MAIL/MAILDIR/%%u:INDEX=/data/MAIL/METADATA/SHARED/%u/%%u
>>> prefix = shared.%%u.
>>> separator = .
>>> subscriptions = no
>>> type = shared
>>> }
>>> namespace {
>>> list = children
>>> location = maildir:/data/MAIL/PUBLIC:INDEX=/data/MAIL/METADATA/PUBLIC
>>> prefix = public.
>>> separator = .
>>> subscriptions = no
>>> type = public
>>> }
>>> passdb {
>>> args = scheme=cram-md5 /data/PWDDB/cram_dovecot.txt
>>> driver = passwd-file
>>> }
>>> passdb {
>>> args = /etc/dovecot/master-shared
>>> driver = passwd-file
>>> master = yes
>>> }
>>> passdb {
>>> args = /etc/dovecot/master-shared
>>> driver = passwd-file
>>> }
>>> plugin {
>>> acl = vfile:/etc/dovecot/global-acls:cache_secs=300
>>> acl_anyone = allow
>>> acl_shared_dict = file:/data/MAIL/SHAREDDB/shared-mailboxes.db
>>> sieve = /data/MAIL/SIEVE/%u/dovecot.sieve
>>> sieve_dir = /data/MAIL/SIEVE/%u
>>> }
>>> postmaster_address = root
>>> protocols = imap sieve
>>> service auth {
>>> unix_listener /var/spool/postfix/private/auth {
>>> mode = 0666
>>> }
>>> unix_listener auth-userdb {
>>> group = mailreader
>>> mode = 0600
>>> user = mailreader
>>> }
>>> }
>>> service imap-login {
>>> process_min_avail = 8
>>> service_count = 0
>>> vsz_limit = 512 M
>>> }
>>> service imap-postlogin {
>>> executable = script-login /etc/dovecot/postlogin.sh
>>> user = $default_internal_user
>>> }
>>> service imap {
>>> executable = imap imap-postlogin
>>> }
>>> ssl_cert =</etc/dovecot/ssl/imaps.lal.in2p3.fr.crt
>>> ssl_key =</etc/dovecot/ssl/imaps.lal.in2p3.fr.key
>>> userdb {
>>> args = /etc/dovecot/master-shared
>>> driver = passwd-file
>>> }
>>> userdb {
>>> args = uid=mailreader gid=mailreader home=/data/MAIL/SIEVE/%u
>>> allow_all_users=yes
>>> driver = static
>>> }
>>> protocol lda {
>>> mail_plugins = acl sieve
>>> }
>>> protocol imap {
>>> mail_max_userip_connections = 128
>>> mail_plugins = acl imap_acl
>>> }
>>
>
>


From tss at iki.fi  Wed Jun 13 16:38:43 2012
From: tss at iki.fi (Timo Sirainen)
Date: Wed, 13 Jun 2012 16:38:43 +0300
Subject: [Dovecot] how to announce shared folders to clients using
 non-default mail prefix
In-Reply-To: <4FD78794.1030905@engr.orst.edu>
References: <4FD14895.8040707@engr.orst.edu>
	<63F00218-4FBE-418F-9477-CBEA8E7A35B9@iki.fi>
	<4FD78794.1030905@engr.orst.edu>
Message-ID: <1339594723.25551.8.camel@innu>

On Tue, 2012-06-12 at 11:16 -0700, Tom Lieuallen wrote:
> namespace {
>    hidden = yes
>    inbox = no
>    list = children
>    location = maildir:/a1/dove-shared:INDEX=/a2/imap-index/dove-shared/%u
>    prefix = iphonemail/sharedimap/
>    separator = /
>    type = shared

type=public and same for the other shared namespace. The type=shared
namespaces are for mailboxes shared between users.



From tss at iki.fi  Wed Jun 13 16:40:22 2012
From: tss at iki.fi (Timo Sirainen)
Date: Wed, 13 Jun 2012 16:40:22 +0300
Subject: [Dovecot] doveadm doesn't subscribe to public folders
In-Reply-To: <4FD89472.2070002@lal.in2p3.fr>
References: <4FD7313F.9060406@lal.in2p3.fr> <4FD86473.8010104@lal.in2p3.fr>
	<1339591833.25551.4.camel@innu> <4FD89472.2070002@lal.in2p3.fr>
Message-ID: <1339594822.25551.9.camel@innu>

OK. v2.1 should have fixed this also for doveadm subscribe.

On Wed, 2012-06-13 at 15:24 +0200, Emiliano Rago wrote:
> It works! Thanks!
> 
> Emiliano
> 
> On 06/13/2012 02:50 PM, Timo Sirainen wrote:
> > Does it work if you do it via imap?
> >
> > echo "a subscribe public.Conferences" | /usr/local/libexec/dovecot/imap -u rago
> >
> > On Wed, 2012-06-13 at 11:59 +0200, Emiliano Rago wrote:
> >> Hi,
> >>
> >> what it's happening with the doveadm command below is that
> >> the file modified is /data/MAIL/PUBLIC/subscriptions
> >> while I'd like to modify the file /data/MAIL/rago/subscriptions
> >>
> >> With subscriptions=no every user can subscribe to public folder,
> >> so perhaps this behaviour is inappropriate; suggestions?
> >>
> >> Thanks,
> >> Emiliano Rago
> >>
> >>
> >> On 06/12/2012 02:08 PM, Emiliano Rago wrote:
> >>> Hi,
> >>>
> >>> I'd like to subscribe folder with doveadm:
> >>>
> >>> doveadm mailbox subscribe -u rago public.Conferences
> >>>
> >>> This command doesn't work, while it works with an ordinary folder.
> >>> However it's possible to subscribe to the folder with an imap connection:
> >>>
> >>> 1 login rago "mypasswd"
> >>> 1 OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE
> >>> IDLE SORTSORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT
> >>> CHILDREN NAMESPCE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC
> >>> ESEARCH ESORT SEARCHRES ITHIN CONTEXT=SEARCH LIST-STATUS ACL
> >>> RIGHTS=texk] Logged in
> >>> 2 LSUB "" *
> >>> * LSUB () "." "INBOX"
> >>> 2 OK Lsub completed.
> >>> 3 SUBSCRIBE "public.Conferences"
> >>> 3 OK Subscribe completed.
> >>> 4 LSUB "" *
> >>> * LSUB () "." "INBOX"
> >>> * LSUB () "." "public.Conferences"
> >>> 4 OK Lsub completed.
> >>>
> >>> Am I doing anything wrong?
> >>>
> >>> This is my conf, thx for help,
> >>> Emiliano
> >>>
> >>> # 2.0.9: /etc/dovecot/dovecot.conf
> >>> # OS: Linux 2.6.32-220.4.1.el6.x86_64 x86_64 Red Hat Enterprise Linux
> >>> Server release 5 (Tikanga) ext4
> >>> auth_cache_size = 128 M
> >>> auth_master_user_separator = *
> >>> auth_mechanisms = plain cram-md5
> >>> mail_location =
> >>> maildir:/data/MAIL/MAILDIR/%u:INBOX=/data/MAIL/INBOX/%u:INDEX=/data/MAIL/METADATA/%u
> >>>
> >>> maildir_very_dirty_syncs = yes
> >>> managesieve_notify_capability = mailto
> >>> managesieve_sieve_capability = fileinto reject envelope
> >>> encoded-character vacation subaddress comparator-i;ascii-numeric
> >>> relational regex imap4flags copy include variables body enotify
> >>> environment mailbox date
> >>> mbox_write_locks = fcntl
> >>> namespace {
> >>> inbox = yes
> >>> location =
> >>> prefix =
> >>> separator = .
> >>> type = private
> >>> }
> >>> namespace {
> >>> list = children
> >>> location =
> >>> maildir:/data/MAIL/MAILDIR/%%u:INDEX=/data/MAIL/METADATA/SHARED/%u/%%u
> >>> prefix = shared.%%u.
> >>> separator = .
> >>> subscriptions = no
> >>> type = shared
> >>> }
> >>> namespace {
> >>> list = children
> >>> location = maildir:/data/MAIL/PUBLIC:INDEX=/data/MAIL/METADATA/PUBLIC
> >>> prefix = public.
> >>> separator = .
> >>> subscriptions = no
> >>> type = public
> >>> }
> >>> passdb {
> >>> args = scheme=cram-md5 /data/PWDDB/cram_dovecot.txt
> >>> driver = passwd-file
> >>> }
> >>> passdb {
> >>> args = /etc/dovecot/master-shared
> >>> driver = passwd-file
> >>> master = yes
> >>> }
> >>> passdb {
> >>> args = /etc/dovecot/master-shared
> >>> driver = passwd-file
> >>> }
> >>> plugin {
> >>> acl = vfile:/etc/dovecot/global-acls:cache_secs=300
> >>> acl_anyone = allow
> >>> acl_shared_dict = file:/data/MAIL/SHAREDDB/shared-mailboxes.db
> >>> sieve = /data/MAIL/SIEVE/%u/dovecot.sieve
> >>> sieve_dir = /data/MAIL/SIEVE/%u
> >>> }
> >>> postmaster_address = root
> >>> protocols = imap sieve
> >>> service auth {
> >>> unix_listener /var/spool/postfix/private/auth {
> >>> mode = 0666
> >>> }
> >>> unix_listener auth-userdb {
> >>> group = mailreader
> >>> mode = 0600
> >>> user = mailreader
> >>> }
> >>> }
> >>> service imap-login {
> >>> process_min_avail = 8
> >>> service_count = 0
> >>> vsz_limit = 512 M
> >>> }
> >>> service imap-postlogin {
> >>> executable = script-login /etc/dovecot/postlogin.sh
> >>> user = $default_internal_user
> >>> }
> >>> service imap {
> >>> executable = imap imap-postlogin
> >>> }
> >>> ssl_cert =</etc/dovecot/ssl/imaps.lal.in2p3.fr.crt
> >>> ssl_key =</etc/dovecot/ssl/imaps.lal.in2p3.fr.key
> >>> userdb {
> >>> args = /etc/dovecot/master-shared
> >>> driver = passwd-file
> >>> }
> >>> userdb {
> >>> args = uid=mailreader gid=mailreader home=/data/MAIL/SIEVE/%u
> >>> allow_all_users=yes
> >>> driver = static
> >>> }
> >>> protocol lda {
> >>> mail_plugins = acl sieve
> >>> }
> >>> protocol imap {
> >>> mail_max_userip_connections = 128
> >>> mail_plugins = acl imap_acl
> >>> }
> >>
> >
> >
> 



From amateo at um.es  Wed Jun 13 17:57:42 2012
From: amateo at um.es (Angel L. Mateo)
Date: Wed, 13 Jun 2012 16:57:42 +0200
Subject: [Dovecot] Problem with lmtp director proxy
In-Reply-To: <1339592369.25551.7.camel@innu>
References: <4FD718A0.50605@um.es> <4FD83A26.3030209@um.es>
	<1339592369.25551.7.camel@innu>
Message-ID: <4FD8AA66.7050909@um.es>

El 13/06/12 14:59, Timo Sirainen escribi?:
> On Wed, 2012-06-13 at 08:58 +0200, Angel L. Mateo wrote:
>> 	I have checked in almost every error I had that the error is produced
>> whenever happens a timeout of 30 seconds between opening the connection
>> between the director and backend server and the final delivery of the
>> message in the user's mailbox.
>>
>> 	When I have mails with just a few of recipients, I have no problem
>> because this 30 seconds timeout is never reached. But when I have mails
>> with more recipients and my storage has workload it is sometimes reached.
>
> Ah, so it's not really a bug. I thought it might be because there had
> been such problems before.
>
>> 	But I haven't found any configuration for this 30 seconds timeout. What
>> could it be this option? Because I have configured proxy_timeout=120 in
>> proxy configuration:
>>
>> pass_attrs =
>> irisMailbox=userdb_mail,homeDirectory=userdb_home,uidNumber=userdb_uid,gidNumber=userdb_gid,=proxy=y,=proxy_timeout=120,irisMailHost=host
>
> This should work..
>
>> lmtp/commands.c:#define LMTP_PROXY_DEFAULT_TIMEOUT_MSECS (1000*30)
>
> This is the default, but proxy_timeout should override it.
>
	But then, why timeout is reached after only 30 seconds? Could it be 
other define timeout like DIRECTOR_CONNECTION_DONE_TIMEOUT_MSECS?

> What do you get in logs with auth_debug=yes?
>
	I've got always auth_debug=yes. In the director server, logs are:

Jun 12 11:40:39 myotis41 dovecot: lmtp(6595): Connect from 155.54.212.167
Jun 12 11:40:39 myotis41 dovecot: lmtp(6595): Debug: auth input: 
user=user1 proxy host=155.54.211.163 proxy_refresh=450
Jun 12 11:40:39 myotis41 dovecot: lmtp(6595): Debug: auth input: 
user=user2 proxy host=155.54.211.163 proxy_refresh=450
....  (more users, a total of 34 recipients)
Jun 12 11:40:39 myotis41 dovecot: lmtp(6595): Debug: auth input: 
user=myuser proxy host=155.54.211.164 proxy_refresh=450
...
Jun 12 11:41:09 myotis41 dovecot: lmtp(6595): Disconnect from 
155.54.212.167: Client quit (in reset)

	but I have checked with newer errors, all I see in logs are "Connect 
from" and "Disconnect from" messages. The logs "lmtp...Debug:" are not 
produced any more (maybe because director has this information yet?)

	At backend servers are:

Jun 12 11:40:38 myotis34 dovecot: lmtp(16824): Connect from 155.54.211.186
Jun 12 11:40:38 myotis34 dovecot: lmtp(16824, <user1>): wJ9BD7YM10
+4QQAAG5O5Qg: sieve: 
msgid=<182283367.48.1339494011054.JavaMail.tomcat at sakai-prod4>: stored 
mail into mailbox 'INBOX'
...
Jun 12 11:41:10 myotis34 dovecot: lmtp(16824, <myuser>): wJ9BD7YM10+4QQA
AG5O5Qg: sieve: 
msgid=<182283367.48.1339494011054.JavaMail.tomcat at sakai-prod4>: stored 
mail into mailbox 'INBOX'


From tss at iki.fi  Wed Jun 13 18:17:57 2012
From: tss at iki.fi (Timo Sirainen)
Date: Wed, 13 Jun 2012 18:17:57 +0300
Subject: [Dovecot] Problem with lmtp director proxy
In-Reply-To: <4FD8AA66.7050909@um.es>
References: <4FD718A0.50605@um.es> <4FD83A26.3030209@um.es>
	<1339592369.25551.7.camel@innu> <4FD8AA66.7050909@um.es>
Message-ID: <1339600677.25551.12.camel@innu>

On Wed, 2012-06-13 at 16:57 +0200, Angel L. Mateo wrote:
> Jun 12 11:40:39 myotis41 dovecot: lmtp(6595): Connect from 155.54.212.167
> Jun 12 11:40:39 myotis41 dovecot: lmtp(6595): Debug: auth input: 
> user=user1 proxy host=155.54.211.163 proxy_refresh=450

That says proxy_refresh, not proxy_timeout.

> 	but I have checked with newer errors, all I see in logs are "Connect 
> from" and "Disconnect from" messages. The logs "lmtp...Debug:" are not 
> produced any more (maybe because director has this information yet?)

Director shouldn't affect it. There should still be auth input lines
logged. doveconf -n?



From toml at engr.orst.edu  Wed Jun 13 19:58:19 2012
From: toml at engr.orst.edu (Tom Lieuallen)
Date: Wed, 13 Jun 2012 09:58:19 -0700
Subject: [Dovecot] how to announce shared folders to clients using
 non-default mail prefix
In-Reply-To: <1339594723.25551.8.camel@innu>
References: <4FD14895.8040707@engr.orst.edu>
	<63F00218-4FBE-418F-9477-CBEA8E7A35B9@iki.fi>
	<4FD78794.1030905@engr.orst.edu> <1339594723.25551.8.camel@innu>
Message-ID: <4FD8C6AB.6040909@engr.orst.edu>



On 6/13/12 6:38 AM, Timo Sirainen wrote:
> On Tue, 2012-06-12 at 11:16 -0700, Tom Lieuallen wrote:
>> namespace {
>>     hidden = yes
>>     inbox = no
>>     list = children
>>     location = maildir:/a1/dove-shared:INDEX=/a2/imap-index/dove-shared/%u
>>     prefix = iphonemail/sharedimap/
>>     separator = /
>>     type = shared
>
> type=public and same for the other shared namespace. The type=shared
> namespaces are for mailboxes shared between users.
>

Unfortunately, it still isn't working.


namespace {
   inbox = yes
   location =
   prefix =
   separator = /
   type = private
}
namespace {
   hidden = yes
   inbox = no
   list = children
   location = maildir:/a1/dove-shared:INDEX=/a2/imap-index/dove-shared/%u
   prefix = sharedimap/
   separator = /
   type = public
}
namespace {
   hidden = yes
   inbox = no
   list = children
   location = maildir:/a1/dove-shared:INDEX=/a2/imap-index/dove-shared/%u
   prefix = iphonemail/sharedimap/
   separator = /
   type = public
}

l list "" *
* LIST (\Noselect \HasChildren) "/" "foo1"
* LIST (\NoInferiors \UnMarked) "/" "foo1/folder1"
* LIST (\Noselect \HasChildren) "/" "iphonemail"
* LIST (\NoInferiors \Marked) "/" "iphonemail/foo1"
* LIST (\NoInferiors \UnMarked) "/" "Sent"
* LIST (\NoInferiors \UnMarked) "/" "Trash"
* LIST (\HasNoChildren) "/" "INBOX"
* LIST (\HasNoChildren) "/" "sharedimap/cesupport"
* LIST (\HasNoChildren) "/" "sharedimap/mimesupport"
* LIST (\HasNoChildren) "/" "iphonemail/sharedimap/cesupport"
* LIST (\HasNoChildren) "/" "iphonemail/sharedimap/mimesupport"
l OK List completed.

l list "iphonemail/" *
* LIST (\NoInferiors \Marked) "/" "iphonemail/foo1"
l OK List completed.

l list "sharedimap/" *
* LIST (\HasNoChildren) "/" "sharedimap/cesupport"
* LIST (\HasNoChildren) "/" "sharedimap/mimesupport"
l OK List completed.

l list "iphonemail/sharedimap/" *
* LIST (\HasNoChildren) "/" "iphonemail/sharedimap/cesupport"
* LIST (\HasNoChildren) "/" "iphonemail/sharedimap/mimesupport"
l OK List completed.


It seems to me like the logic for deciding which namespaces to follow is 
something like this:

* If mail prefix = "", inspect and potentially use all namespaces

* else look in default namespace for subdirectories matching prefix 
listed _AND_ look for namespaces that are exact matches for the prefix 
passed.

In that 'else' case, it does not appear to look for namespaces where the 
mail prefix is a subset.

thank you

Tom Lieuallen

From tss at iki.fi  Wed Jun 13 20:07:23 2012
From: tss at iki.fi (Timo Sirainen)
Date: Wed, 13 Jun 2012 20:07:23 +0300
Subject: [Dovecot] how to announce shared folders to clients using
	non-default mail prefix
In-Reply-To: <4FD8C6AB.6040909@engr.orst.edu>
References: <4FD14895.8040707@engr.orst.edu>
	<63F00218-4FBE-418F-9477-CBEA8E7A35B9@iki.fi>
	<4FD78794.1030905@engr.orst.edu> <1339594723.25551.8.camel@innu>
	<4FD8C6AB.6040909@engr.orst.edu>
Message-ID: <ABFB347D-0AA9-4CCF-B69C-D5BE7C72F31F@iki.fi>

On 13.6.2012, at 19.58, Tom Lieuallen wrote:

>> type=public and same for the other shared namespace. The type=shared
>> namespaces are for mailboxes shared between users.
> 
> Unfortunately, it still isn't working.
..
> It seems to me like the logic for deciding which namespaces to follow is something like this:
> 
> * If mail prefix = "", inspect and potentially use all namespaces
> 
> * else look in default namespace for subdirectories matching prefix listed _AND_ look for namespaces that are exact matches for the prefix passed.
> 
> In that 'else' case, it does not appear to look for namespaces where the mail prefix is a subset.

No. I tried with your exact config, except changed namespace types to public, and it works fine in my tests.. You're trying with v2.1.7, right?


From amateo at um.es  Wed Jun 13 20:11:36 2012
From: amateo at um.es (Angel L. Mateo)
Date: Wed, 13 Jun 2012 19:11:36 +0200
Subject: [Dovecot] Problem with lmtp director proxy
In-Reply-To: <1339600677.25551.12.camel@innu>
References: <4FD718A0.50605@um.es> <4FD83A26.3030209@um.es>
	<1339592369.25551.7.camel@innu> <4FD8AA66.7050909@um.es>
	<1339600677.25551.12.camel@innu>
Message-ID: <4FD8C9C8.6090608@um.es>

El 13/06/12 17:17, Timo Sirainen escribi?:
> On Wed, 2012-06-13 at 16:57 +0200, Angel L. Mateo wrote:
>> Jun 12 11:40:39 myotis41 dovecot: lmtp(6595): Connect from 155.54.212.167
>> Jun 12 11:40:39 myotis41 dovecot: lmtp(6595): Debug: auth input:
>> user=user1 proxy host=155.54.211.163 proxy_refresh=450
>
> That says proxy_refresh, not proxy_timeout.
>
>> 	but I have checked with newer errors, all I see in logs are "Connect
>> from" and "Disconnect from" messages. The logs "lmtp...Debug:" are not
>> produced any more (maybe because director has this information yet?)
>
> Director shouldn't affect it. There should still be auth input lines
> logged. doveconf -n?
>
	Ok, you were right. I was looking for logs at my log repository, which 
doesn't receive debug log. Nevertheless, the only auth lines I have 
found at the ones above, with the proxy_refresh=450. I haven't found any 
line with a timeout log in the proxies neither the backends

	So, at director servers the only logs I have are the one I have already 
sent. At the backend server, I have more logs, that are:

Jun 12 11:40:38 myotis34 dovecot: lmtp(16824): Debug: none: root=, 
index=, control=, inbox=, alt=
Jun 12 11:40:38 myotis34 dovecot: lmtp(16824): Connect from 155.54.211.186
Jun 12 11:40:38 myotis34 dovecot: lmtp(16824): Debug: auth input: user1 
home=<user1 home> uid=261853 gid=1001
Jun 12 11:40:38 myotis34 dovecot: lmtp(16824): Debug: auth input: 
<user2> home=<user2's home> uid=262339 gid=1001

...   (more recipients for the same message)

Jun 12 11:40:38 myotis34 dovecot: lmtp(16824): Debug: auth input: 
<myuser> home=<myuser's home> uid=255606 gid=1001
...   (more recipients for the same message)

Jun 12 11:41:08 myotis34 dovecot: lmtp(16824, <myuser>): Debug: 
Effective uid=255606, gid=1001, home=<myuser's home>
Jun 12 11:41:08 myotis34 dovecot: lmtp(16824, <myuser>): Debug: 
maildir++: root=<myuser's home>/Maildir, index=/var/indexes/<myuser>, 
control=, inbox=<myuser's home>/Maildir, alt=
Jun 12 11:41:08 myotis34 dovecot: lmtp(16824, <myuser>): Debug: sieve: 
include: sieve_global_dir is not set; it is currently not possible to 
include `:global' scripts.
Jun 12 11:41:08 myotis34 dovecot: lmtp(16824, <myuser>): Debug: 
wJ9BD7YM10+4QQAAG5O5Qg: sieve: using sieve path for user's script: 
<myuser's home>/.dovecot.sieve
Jun 12 11:41:08 myotis34 dovecot: lmtp(16824, <myuser>): Debug: 
wJ9BD7YM10+4QQAAG5O5Qg: sieve: opening script <myuser's home>/.dovecot.sieve
Jun 12 11:41:08 myotis34 dovecot: lmtp(16824, <myuser>): Debug: 
wJ9BD7YM10+4QQAAG5O5Qg: sieve: script binary <myuser's 
home>/.dovecot.svbin successfully loaded
Jun 12 11:41:08 myotis34 dovecot: lmtp(16824, <myuser>): Debug: 
wJ9BD7YM10+4QQAAG5O5Qg: sieve: binary save: not saving binary <myuser's 
home>/.dovecot.svbin, because it is already stored
Jun 12 11:41:08 myotis34 dovecot: lmtp(16824, <myuser>): Debug: 
wJ9BD7YM10+4QQAAG5O5Qg: sieve: executing script from <myuser's 
home>/.dovecot.svbin
Jun 12 11:41:10 myotis34 dovecot: lmtp(16824, <myuser>): 
wJ9BD7YM10+4QQAAG5O5Qg: sieve: 
msgid=<182283367.48.1339494011054.JavaMail.tomcat at sakai-prod4>: stored 
mail into mailbox 'INBOX'
Jun 12 11:41:11 myotis34 dovecot: lmtp(16824): Disconnect from 
155.54.211.186: Connection closed (in reset)

	I have attached output of doveconf -n.

	What I have observed is that problem ocurrs when I have mails with lot 
of recipients, and happens to all recipients which data ends more than 
30 seconds after the connection was established. Maybe this timeout has 
to be counted since the begining of the data command, not the 
establishment of the tcp connection, or, if this is another timer, the 
first should be greater.
-------------- next part --------------
# 2.1.5: /etc/dovecot/dovecot.conf
# OS: Linux 3.2.0-24-generic x86_64 Ubuntu 12.04 LTS 
auth_cache_size = 20 M
auth_cache_ttl = 1 days
auth_debug = yes
auth_master_user_separator = *
auth_username_format = %n
auth_verbose = yes
default_process_limit = 1000
director_mail_servers = 155.54.211.161-155.54.211.164
director_servers = 155.54.211.185 155.54.211.186
disable_plaintext_auth = no
lmtp_proxy = yes
log_timestamp = %Y-%m-%d %H:%M:%S
mail_debug = yes
passdb {
  args = /etc/dovecot/master-users
  driver = passwd-file
  master = yes
  pass = yes
}
passdb {
  args = proxy=y nopassword=y
  driver = static
}
passdb {
  args = session=yes dovecot
  driver = pam
}
plugin {
  sieve = ~/.dovecot.sieve
  sieve_dir = ~/sieve
  sieve_extensions = +imapflags
  sieve_max_redirects = 15
}
service anvil {
  client_limit = 2003
}
service auth {
  client_limit = 3000
  unix_listener auth-userdb {
    mode = 0666
  }
}
service director {
  fifo_listener login/proxy-notify {
    mode = 0666
  }
  inet_listener {
    port = 9090
  }
  unix_listener director-userdb {
    mode = 0600
  }
  unix_listener login/director {
    mode = 0666
  }
}
service imap-login {
  executable = imap-login director
}
service imap {
  process_limit = 5120
  process_min_avail = 6
}
service lmtp {
  inet_listener lmtp {
    port = 24
  }
  process_min_avail = 10
}
service pop3-login {
  executable = pop3-login director
}
ssl = no
ssl_cert = </etc/ssl/certs/dovecot.pem
ssl_key = </etc/ssl/private/dovecot.pem
userdb {
  driver = prefetch
}
userdb {
  args = /etc/dovecot/dovecot-ldap.conf.ext
  driver = ldap
}
protocol lmtp {
  auth_socket_path = director-userdb
}

From neeraj6117 at gmail.com  Wed Jun 13 21:02:21 2012
From: neeraj6117 at gmail.com (neeraj gupta)
Date: Wed, 13 Jun 2012 23:32:21 +0530
Subject: [Dovecot] Please help me out.
Message-ID: <CAHxtZJ+Arp0oYipwVBk9t8FyafJJuLtZEeqoszvZ-T6hEnH_Qw@mail.gmail.com>

Hi Sir/Madam,

I am using dovecot with postfix email server to deliver  our mails.
Our requirement is to save mail file with different name.
So Please help me to locate the module which save mail to inbox.
-- 

-- 
Thanks & regards
Neeraj Gupta
Software Engineer
Email Id : neeraj6117 at gmail.com
Mo:+91-9990366116

From CMarcus at Media-Brokers.com  Wed Jun 13 22:36:58 2012
From: CMarcus at Media-Brokers.com (Charles Marcus)
Date: Wed, 13 Jun 2012 15:36:58 -0400
Subject: [Dovecot] Please help me out.
In-Reply-To: <CAHxtZJ+Arp0oYipwVBk9t8FyafJJuLtZEeqoszvZ-T6hEnH_Qw@mail.gmail.com>
References: <CAHxtZJ+Arp0oYipwVBk9t8FyafJJuLtZEeqoszvZ-T6hEnH_Qw@mail.gmail.com>
Message-ID: <4FD8EBDA.5080801@Media-Brokers.com>

On 2012-06-13 2:02 PM, neeraj gupta <neeraj6117 at gmail.com> wrote:
> Hi Sir/Madam,
>
> I am using dovecot with postfix email server to deliver  our mails.
> Our requirement is to save mail file with different name.
> So Please help me to locate the module which save mail to inbox.

No idea what you are asking for... but if you really want to dictate 
somehow the actual filename(s) that are stored on the filesystem, please 
don't, and rather explain what problem you are trying to solve that you 
think this is a good solution to.

-- 

Best regards,

Charles

From nairda91 at hotmail.com  Wed Jun 13 23:46:20 2012
From: nairda91 at hotmail.com (arleal)
Date: Wed, 13 Jun 2012 13:46:20 -0700 (PDT)
Subject: [Dovecot]  Auth password problem
Message-ID: <34008289.post@talk.nabble.com>


i have debian squeeze. i have installed mds with ldap integration and i want
to use dovecot/LDAP but i have problems with login. I have dovecot 1.2.

I try all of dovecot wiki but i dont know how to configure it good

dovecot.conf

protocols = imap imaps pop3 pop3s 
listen = *, ::
auth_verbose = yes
auth_debug = yes
auth_debug_passwords = yes
mail_debug = yes
verbose_ssl = yes
login_greeting = royoleal.com mailserver ready. 
mail_location = maildir:/home/users/%u/Maildir 
disable_plaintext_auth = no 
ssl_cert_file = /etc/ssl/certs/mail.pem 
ssl_key_file = /etc/ssl/private/mail.key 
log_path = /var/log/dovecot.log 
info_log_path = /var/log/dovecot.log 

# IMAP configuration 
protocol imap { 
 mail_plugins = quota imap_quota 
} 

# POP3 configuration 
protocol pop3 { 
 pop3_uidl_format = %08Xu%08Xv 
 mail_plugins = quota 
} 

# LDA configuration 
protocol lda { 
 postmaster_address = postmaster 
 auth_socket_path = /var/run/dovecot/auth-master 
 mail_plugins = quota 
} 

# LDAP authentication 

auth default { 
 mechanisms = plain login 

 passdb ldap { 
  args = /etc/dovecot/dovecot-ldap.conf 
 } 

 userdb ldap { 
  args = /etc/dovecot/dovecot-ldap.conf 
 } 

 socket listen { 
  master { 
   path = /var/run/dovecot/auth-master 
   mode = 0660 
   user = dovecot 
   group = mail 
  } 

  client { 
   path = /var/spool/postfix/private/auth 
   mode = 0660 
   user = postfix 
   group = postfix 
  }
 }
}


And this is dovecot-ldap.conf

hosts = 127.0.0.1
auth_bind = yes
ldap_version = 3
dn = cn=admin,dc=royoleal,dc=com
dnpass = royoleal
base = dc=royoleal,dc=com
auth_bind_userdn = cn=%u,ou=Users,dc=royoleal,dc=com
scope = subtree
user_attrs = uidNumber=uid,gidNumber=gid
user_filter = (&(objectClass=mailAccount)(mail=%u)(mailenable=OK))
pass_attrs = mail=mail,userPassword=password
pass_filter = (&(objectClass=mailAccount)(mail=%u)(mailenable=OK))
default_pass_scheme = CRYPT

When i try login with telnet or other program i have this problem in
dovecot.log


Jun 13 22:45:13 auth(default): Info: client in: AUTH    1       PLAIN  
service=imap    secured lip=127.0.0.1   rip=127.0.0.1   lport=14      3      
rport=55040     resp=AHBydWViYUByb3lvbGVhbC5jb20AcHJ1ZWJh
Jun 13 22:45:13 auth(default): Info: ldap(prueba at royoleal.com,127.0.0.1):
invalid credentials (given password: prueba)
Jun 13 22:45:13 auth(default): Info: new auth connection: pid=2613
Jun 13 22:45:15 auth(default): Info: client out: FAIL   1      
user=prueba at royoleal.com
Jun 13 22:45:20 imap-login: Info: Aborted login (auth failed, 1 attempts):
user=<prueba at royoleal.com>, method=PLAIN, rip=127.0.0.1, lip=     
127.0.0.1, secured

Thanks.
-- 
View this message in context: http://old.nabble.com/Auth-password-problem-tp34008289p34008289.html
Sent from the Dovecot mailing list archive at Nabble.com.


From ben at versang.com  Thu Jun 14 10:20:05 2012
From: ben at versang.com (Ben Versang)
Date: Thu, 14 Jun 2012 17:20:05 +1000
Subject: [Dovecot] Sieve stopped working
Message-ID: <DD2F3BD9-990D-453C-8FDE-1EB67CFE5709@versang.com>

Hi,
 
I have installed RoundCube a couple of years ago on a Snow Leopard server. All nice and dandy up to today.
 
Sieve has stopped working and I have spent hours and been unable so far to get it up and running again.
 
When I run ps aux |grep sieve it is not returning anything to me suggesting that the problem is not with sieve it-self but rather with Dovecot not starting the sieve.
 
If anyone could give me some leads I can't think of anyting else.
 
netstat -a |grep 2000 returns
returns nothing
 
telnet localhost 2000
Trying ::1...
telnet: connect to address ::1: Connection refused
Trying fe80::1...
telnet: connect to address fe80::1: Connection refused
Trying 127.0.0.1...
telnet: connect to address 127.0.0.1: Connection refused
telnet: Unable to connect to remote host
 
The rest of mail functions are working fine (IMAP, SMTP...).
 
Thanks in advance
Ben




From voytek at sbt.net.au  Thu Jun 14 10:34:45 2012
From: voytek at sbt.net.au (Voytek Eymont)
Date: Thu, 14 Jun 2012 17:34:45 +1000
Subject: [Dovecot] migrating v.1 to v.2
Message-ID: <e18ccaf826fb28cc87831a5670118372.squirrel@sbt.net.au>

I have a working Dovecot/MySQL with version 1.x

I'm looking at setting a new server using ver. 2

I'm currently pre-planning:
can I use config files from ver 1 installation on version 2 setup 'as is';
or what's a proper way to do such migration/upgrade ?


-- 
V


From nick+dovecot at bunbun.be  Thu Jun 14 10:40:44 2012
From: nick+dovecot at bunbun.be (Nick Rosier)
Date: Thu, 14 Jun 2012 09:40:44 +0200
Subject: [Dovecot] migrating v.1 to v.2
In-Reply-To: <e18ccaf826fb28cc87831a5670118372.squirrel@sbt.net.au>
References: <e18ccaf826fb28cc87831a5670118372.squirrel@sbt.net.au>
Message-ID: <4FD9957C.9080605@bunbun.be>

Voytek Eymont wrote:
> I have a working Dovecot/MySQL with version 1.x
>
> I'm looking at setting a new server using ver. 2
>
> I'm currently pre-planning:
> can I use config files from ver 1 installation on version 2 setup 'as is';
> or what's a proper way to do such migration/upgrade ?
>
Hi,

this question has been asked numerous times. It's also (in my case) the 
1st couple of hits when searching in Google for "dovecot wiki 
upgrading". Try this http://wiki2.dovecot.org/Upgrading/

Rgds,
N.

From mikkel at euro123.dk  Thu Jun 14 11:14:11 2012
From: mikkel at euro123.dk (Mikkel)
Date: Thu, 14 Jun 2012 10:14:11 +0200
Subject: [Dovecot] disable_plaintext_auth = no as no effect on IMAP/POP3
	logins
Message-ID: <4FD99D53.7010300@euro123.dk>

Hello

In my installation the disable_plaintext_auth does not appear to take 
effect.
I can see that the value is correct using doveconf -a but it doesn't 
change anything.

Whenever attempting to log in using IMAP I get this:
* BAD [ALERT] Plaintext authentication not allowed without SSL/TLS, but 
your client did it anyway. If anyone was listening, the password was 
exposed.
ls NO [PRIVACYREQUIRED] Plaintext authentication disallowed on 
non-secure (SSL/TLS) connections.

POP3 login attempts give this error:
-ERR Plaintext authentication disallowed on non-secure (SSL/TLS) connections

Besides adding disable_plaintext_auth=no to dovecot.conf I also tried 
adding it specifically to the imap section.
I also tried to invoke it just for certain networks, like this:

remote 0.0.0.0 {
   disable_plaintext_auth = no
}

But none of this takes any effect either. Adding the testing network as 
trusted networks is working fine removing the error.
But I would rather not add the whole internet to the trusted network 
section just to allow plain text logins in imap.

I'm in the process of migrating form 1.1 to 2.1 so this configuration is 
for testing things out and is mainly based on the default configuration 
files comming with the centos installation.
I should add that everything else in this setup is working fine.


I did many searches for information on this topic but nothing I could 
find apply to my case.

I'm sorry to post such a long conf but I'm not sure what parts I could 
have safely omitted.
Here goes:


# doveconf -a
# 2.1.1: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.32-220.17.1.el6.x86_64 x86_64 CentOS release 6.2 (Final)
auth_anonymous_username = anonymous
auth_cache_negative_ttl = 2 mins
auth_cache_size = 0
auth_cache_ttl = 2 mins
auth_debug = no
auth_debug_passwords = no
auth_default_realm = plain
auth_failure_delay = 2 secs
auth_first_valid_uid = 500
auth_gssapi_hostname =
auth_krb5_keytab =
auth_last_valid_uid = 0
auth_master_user_separator =
auth_mechanisms = plain
auth_realms = plain login  digest-md5 cram-md5 apop ntlm
auth_socket_path = auth-userdb
auth_ssl_require_client_cert = no
auth_ssl_username_from_cert = no
auth_use_winbind = no
auth_username_chars = 
abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@
auth_username_format = %Lu
auth_username_translation =
auth_verbose = no
auth_verbose_passwords = no
auth_winbind_helper_path = /usr/bin/ntlm_auth
auth_worker_max_count = 30
base_dir = /var/run/dovecot
config_cache_size = 1 M
debug_log_path =
default_client_limit = 1000
default_idle_kill = 1 mins
default_internal_user = dovecot
default_login_user = dovenull
default_process_limit = 100
default_vsz_limit = 256 M
deliver_log_format = msgid=%m: %$
dict_db_config =
director_doveadm_port = 0
director_mail_servers =
director_servers =
director_user_expire = 15 mins
disable_plaintext_auth = no
dotlock_use_excl = no
doveadm_allowed_commands =
doveadm_password =
doveadm_proxy_port = 0
doveadm_socket_path = doveadm-server
doveadm_worker_count = 0
dsync_alt_char = _
first_valid_gid = 1
first_valid_uid = 105
hostname = usrmta01.talkactive.net
imap_capability =
imap_client_workarounds =
imap_id_log =
imap_id_send =
imap_idle_notify_interval = 2 mins
imap_logout_format = in=%i out=%o
imap_max_line_length = 64 k
imapc_host =
imapc_master_user =
imapc_password =
imapc_port = 143
imapc_rawlog_dir =
imapc_ssl = no
imapc_ssl_ca_dir =
imapc_ssl_verify = yes
imapc_user = %u
import_environment = TZ
info_log_path = /var/log/dovecot/dovecot.run
instance_name = dovecot
last_valid_gid = 0
last_valid_uid = 0
lda_mailbox_autocreate = no
lda_mailbox_autosubscribe = no
lda_original_recipient_header =
libexec_dir = /usr/libexec/dovecot
listen = *, ::
lmtp_proxy = no
lmtp_save_to_detail_mailbox = no
lock_method = fcntl
log_path = /var/log/dovecot/dovecot.err
log_timestamp = "%b %d %H:%M:%S "
login_access_sockets =
login_greeting = Dovecot ready.
login_log_format = %$: %s
login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c
login_trusted_networks =
mail_access_groups =
mail_attachment_dir =
mail_attachment_fs = sis posix
mail_attachment_hash = %{sha1}
mail_attachment_min_size = 128 k
mail_cache_fields = flags
mail_cache_min_mail_count = 0
mail_chroot =
mail_debug = no
mail_fsync = always
mail_full_filesystem_access = no
mail_gid =
mail_home =
mail_location =
mail_log_prefix = "%s(%u): "
mail_max_keyword_length = 50
mail_max_lock_timeout = 0
mail_max_userip_connections = 10
mail_never_cache_fields = imap.envelope
mail_nfs_index = yes
mail_nfs_storage = yes
mail_plugin_dir = /usr/lib64/dovecot
mail_plugins = quota
mail_prefetch_count = 0
mail_privileged_group =
mail_save_crlf = no
mail_temp_dir = /tmp
mail_uid =
mailbox_idle_check_interval = 30 secs
mailbox_list_index = no
maildir_broken_filename_sizes = no
maildir_copy_with_hardlinks = yes
maildir_stat_dirs = no
maildir_very_dirty_syncs = no
master_user_separator =
mbox_dirty_syncs = yes
mbox_dotlock_change_timeout = 2 mins
mbox_lazy_writes = yes
mbox_lock_timeout = 5 mins
mbox_md5 = apop3d
mbox_min_index_size = 0
mbox_read_locks = fcntl
mbox_very_dirty_syncs = no
mbox_write_locks = fcntl
mdbox_preallocate_space = no
mdbox_rotate_interval = 0
mdbox_rotate_size = 2 M
mmap_disable = yes
namespace inbox {
   hidden = no
   ignore_on_failure = no
   inbox = yes
   list = yes
   location =
   mailbox Drafts {
     auto = no
     special_use = \Drafts
   }
   mailbox Junk {
     auto = no
     special_use = \Junk
   }
   mailbox Sent {
     auto = no
     special_use = \Sent
   }
   mailbox "Sent Messages" {
     auto = no
     special_use = \Sent
   }
   mailbox Trash {
     auto = no
     special_use = \Trash
   }
   prefix =
   separator =
   subscriptions = yes
   type = private
}
passdb {
   args = /local/config/dovecot-sql.conf
   default_fields =
   deny = no
   driver = sql
   master = no
   override_fields =
   pass = no
}
plugin {
   quota = maildir
   quota_rule2 = Trash:storage=+10M:messages=+100
   quota_warning = storage=80%% /local/scripts/quota-warning.sh 80
   sieve_extensions = +imapflags +notify
   trash = /local/config/dovecot-trash.conf
}
pop3_client_workarounds =
pop3_enable_last = no
pop3_fast_size_lookups = no
pop3_lock_session = no
pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s
pop3_no_flag_updates = no
pop3_reuse_xuidl = no
pop3_save_uidl = no
pop3_uidl_format = %08Xu%08Xv
pop3c_host =
pop3c_password =
pop3c_port = 110
pop3c_rawlog_dir =
pop3c_ssl = no
pop3c_ssl_ca_dir =
pop3c_ssl_verify = yes
pop3c_user = %u
postmaster_address =
protocols = imap pop3 lmtp
quota_full_tempfail = no
recipient_delimiter = +
rejection_reason = Your message to <%t> was automatically rejected:%n%r
rejection_subject = Rejected: %s
sendmail_path = /usr/sbin/sendmail
service anvil {
   chroot = empty
   client_limit = 0
   drop_priv_before_exec = no
   executable = anvil
   extra_groups =
   group =
   idle_kill = 4294967295 secs
   privileged_group =
   process_limit = 1
   process_min_avail = 1
   protocol =
   service_count = 0
   type = anvil
   unix_listener anvil-auth-penalty {
     group =
     mode = 0600
     user =
   }
   unix_listener anvil {
     group =
     mode = 0600
     user =
   }
   user = $default_internal_user
   vsz_limit = 18446744073709551615 B
}
service auth-worker {
   chroot =
   client_limit = 1
   drop_priv_before_exec = no
   executable = auth -w
   extra_groups =
   group =
   idle_kill = 0
   privileged_group =
   process_limit = 0
   process_min_avail = 0
   protocol =
   service_count = 1
   type =
   unix_listener auth-worker {
     group =
     mode = 0600
     user = $default_internal_user
   }
   user = $default_internal_user
   vsz_limit = 18446744073709551615 B
}
service auth {
   chroot =
   client_limit = 0
   drop_priv_before_exec = no
   executable = auth
   extra_groups =
   group =
   idle_kill = 0
   privileged_group =
   process_limit = 1
   process_min_avail = 0
   protocol =
   service_count = 0
   type =
   unix_listener /var/spool/postfix/private/auth {
     group =
     mode = 0666
     user =
   }
   unix_listener auth-client {
     group =
     mode = 0600
     user =
   }
   unix_listener auth-login {
     group =
     mode = 0600
     user = $default_internal_user
   }
   unix_listener auth-master {
     group =
     mode = 0600
     user =
   }
   unix_listener auth-userdb {
     group =
     mode = 0666
     user =
   }
   unix_listener login/login {
     group =
     mode = 0666
     user =
   }
   user = $default_internal_user
   vsz_limit = 18446744073709551615 B
}
service config {
   chroot =
   client_limit = 0
   drop_priv_before_exec = no
   executable = config
   extra_groups =
   group =
   idle_kill = 0
   privileged_group =
   process_limit = 0
   process_min_avail = 0
   protocol =
   service_count = 0
   type = config
   unix_listener config {
     group =
     mode = 0600
     user =
   }
   user =
   vsz_limit = 18446744073709551615 B
}
service dict {
   chroot =
   client_limit = 1
   drop_priv_before_exec = no
   executable = dict
   extra_groups =
   group =
   idle_kill = 0
   privileged_group =
   process_limit = 0
   process_min_avail = 0
   protocol =
   service_count = 0
   type =
   unix_listener dict {
     group =
     mode = 0600
     user =
   }
   user = $default_internal_user
   vsz_limit = 18446744073709551615 B
}
service director {
   chroot = .
   client_limit = 0
   drop_priv_before_exec = no
   executable = director
   extra_groups =
   fifo_listener login/proxy-notify {
     group =
     mode = 00
     user =
   }
   group =
   idle_kill = 4294967295 secs
   inet_listener {
     address =
     port = 0
     ssl = no
   }
   privileged_group =
   process_limit = 1
   process_min_avail = 0
   protocol =
   service_count = 0
   type =
   unix_listener director-admin {
     group =
     mode = 0600
     user =
   }
   unix_listener director-userdb {
     group =
     mode = 0600
     user =
   }
   unix_listener login/director {
     group =
     mode = 00
     user =
   }
   user = $default_internal_user
   vsz_limit = 18446744073709551615 B
}
service dns_client {
   chroot =
   client_limit = 1
   drop_priv_before_exec = no
   executable = dns-client
   extra_groups =
   group =
   idle_kill = 0
   privileged_group =
   process_limit = 0
   process_min_avail = 0
   protocol =
   service_count = 0
   type =
   unix_listener dns-client {
     group =
     mode = 0666
     user =
   }
   unix_listener login/dns-client {
     group =
     mode = 0666
     user =
   }
   user = $default_internal_user
   vsz_limit = 18446744073709551615 B
}
service doveadm {
   chroot =
   client_limit = 1
   drop_priv_before_exec = no
   executable = doveadm-server
   extra_groups =
   group =
   idle_kill = 0
   privileged_group =
   process_limit = 0
   process_min_avail = 0
   protocol =
   service_count = 1
   type =
   unix_listener doveadm-server {
     group =
     mode = 0600
     user =
   }
   user =
   vsz_limit = 18446744073709551615 B
}
service imap-login {
   chroot = login
   client_limit = 0
   drop_priv_before_exec = no
   executable = imap-login
   extra_groups =
   group =
   idle_kill = 0
   inet_listener imap {
     address =
     port = 143
     ssl = no
   }
   inet_listener imaps {
     address =
     port = 993
     ssl = yes
   }
   privileged_group =
   process_limit = 0
   process_min_avail = 0
   protocol = imap
   service_count = 0
   type = login
   user = $default_login_user
   vsz_limit = 256 M
}
service imap {
   chroot =
   client_limit = 1
   drop_priv_before_exec = no
   executable = imap
   extra_groups =
   group =
   idle_kill = 0
   privileged_group =
   process_limit = 1024
   process_min_avail = 0
   protocol = imap
   service_count = 1
   type =
   unix_listener login/imap {
     group =
     mode = 0666
     user =
   }
   user =
   vsz_limit = 256 M
}
service indexer-worker {
   chroot =
   client_limit = 1
   drop_priv_before_exec = no
   executable = indexer-worker
   extra_groups =
   group =
   idle_kill = 0
   privileged_group =
   process_limit = 10
   process_min_avail = 0
   protocol =
   service_count = 0
   type =
   unix_listener indexer-worker {
     group =
     mode = 0600
     user = $default_internal_user
   }
   user =
   vsz_limit = 18446744073709551615 B
}
service indexer {
   chroot =
   client_limit = 0
   drop_priv_before_exec = no
   executable = indexer
   extra_groups =
   group =
   idle_kill = 0
   privileged_group =
   process_limit = 1
   process_min_avail = 0
   protocol =
   service_count = 0
   type =
   unix_listener indexer {
     group =
     mode = 0666
     user =
   }
   user = $default_internal_user
   vsz_limit = 18446744073709551615 B
}
service ipc {
   chroot = empty
   client_limit = 0
   drop_priv_before_exec = no
   executable = ipc
   extra_groups =
   group =
   idle_kill = 0
   privileged_group =
   process_limit = 1
   process_min_avail = 0
   protocol =
   service_count = 0
   type =
   unix_listener ipc {
     group =
     mode = 0600
     user =
   }
   unix_listener login/ipc-proxy {
     group =
     mode = 0600
     user = $default_login_user
   }
   user = $default_internal_user
   vsz_limit = 18446744073709551615 B
}
service lmtp {
   chroot =
   client_limit = 1
   drop_priv_before_exec = no
   executable = lmtp
   extra_groups =
   group =
   idle_kill = 0
   privileged_group =
   process_limit = 0
   process_min_avail = 0
   protocol = lmtp
   service_count = 0
   type =
   unix_listener lmtp {
     group =
     mode = 0666
     user =
   }
   user =
   vsz_limit = 18446744073709551615 B
}
service log {
   chroot =
   client_limit = 0
   drop_priv_before_exec = no
   executable = log
   extra_groups =
   group =
   idle_kill = 4294967295 secs
   privileged_group =
   process_limit = 1
   process_min_avail = 0
   protocol =
   service_count = 0
   type = log
   unix_listener log-errors {
     group =
     mode = 0600
     user =
   }
   user =
   vsz_limit = 18446744073709551615 B
}
service pop3-login {
   chroot = login
   client_limit = 0
   drop_priv_before_exec = no
   executable = pop3-login
   extra_groups =
   group =
   idle_kill = 0
   inet_listener pop3 {
     address =
     port = 110
     ssl = no
   }
   inet_listener pop3s {
     address =
     port = 995
     ssl = yes
   }
   privileged_group =
   process_limit = 0
   process_min_avail = 0
   protocol = pop3
   service_count = 1
   type = login
   user = $default_login_user
   vsz_limit = 18446744073709551615 B
}
service pop3 {
   chroot =
   client_limit = 1
   drop_priv_before_exec = no
   executable = pop3
   extra_groups =
   group =
   idle_kill = 0
   privileged_group =
   process_limit = 1024
   process_min_avail = 0
   protocol = pop3
   service_count = 1
   type =
   unix_listener login/pop3 {
     group =
     mode = 0666
     user =
   }
   user =
   vsz_limit = 18446744073709551615 B
}
service ssl-params {
   chroot =
   client_limit = 0
   drop_priv_before_exec = no
   executable = ssl-params
   extra_groups =
   group =
   idle_kill = 0
   privileged_group =
   process_limit = 0
   process_min_avail = 0
   protocol =
   service_count = 0
   type = startup
   unix_listener login/ssl-params {
     group =
     mode = 0666
     user =
   }
   user =
   vsz_limit = 18446744073709551615 B
}
service stats {
   chroot = empty
   client_limit = 0
   drop_priv_before_exec = no
   executable = stats
   extra_groups =
   fifo_listener stats-mail {
     group =
     mode = 0600
     user =
   }
   group =
   idle_kill = 4294967295 secs
   privileged_group =
   process_limit = 1
   process_min_avail = 0
   protocol =
   service_count = 0
   type =
   unix_listener stats {
     group =
     mode = 0600
     user =
   }
   user = $default_internal_user
   vsz_limit = 18446744073709551615 B
}
shutdown_clients = yes
ssl = required
ssl_ca =
ssl_cert = </etc/pki/dovecot/certs/dovecot.pem
ssl_cert_username_field = commonName
ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL
ssl_client_cert =
ssl_client_key =
ssl_crypto_device =
ssl_key = </etc/pki/dovecot/private/dovecot.pem
ssl_key_password =
ssl_parameters_regenerate = 1 weeks
ssl_protocols = !SSLv2
ssl_verify_client_cert = no
stats_command_min_time = 1 mins
stats_domain_min_time = 12 hours
stats_ip_min_time = 12 hours
stats_memory_limit = 16 M
stats_session_min_time = 15 mins
stats_user_min_time = 1 hours
submission_host =
syslog_facility = mail
userdb {
   args =
   default_fields =
   driver = prefetch
   override_fields =
}
userdb {
   args = /local/config/dovecot-sql.conf
   default_fields =
   driver = sql
   override_fields =
}
valid_chroot_dirs =
verbose_proctitle = no
verbose_ssl = no
version_ignore = no
protocol lda {
   mail_plugins = quota quota sieve trash
}
protocol imap {
   imap_client_workarounds = delay-newmail tb-extra-mailbox-sep 
tb-lsub-flags
   imap_logout_format = bytes=%i/%o
   mail_plugins = quota quota imap_quota trash
}
protocol pop3 {
   mail_plugins = quota quota
   pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s
   pop3_uidl_format = %08Xu%08Xv
}


Regards, Mikkel

From mikkel at euro123.dk  Thu Jun 14 12:15:14 2012
From: mikkel at euro123.dk (Mikkel)
Date: Thu, 14 Jun 2012 11:15:14 +0200
Subject: [Dovecot] disable_plaintext_auth = no as no effect on IMAP/POP3
 logins
In-Reply-To: <4FD99D53.7010300@euro123.dk>
References: <4FD99D53.7010300@euro123.dk>
Message-ID: <4FD9ABA2.1030908@euro123.dk>

I just found the solution by coincidence.

It appears there is a configuration file named:
  /etc/dovecot/conf.d/10-ssl.conf

In that file the following line was active ssl = required
That setting apparently overrides what disable_plaintext_auth has to say.

After commenting out the ssl=required entry everything works as expected :-)

Regards, Mikkel

Den 14/06/12 10.14, Mikkel skrev:
> Hello
>
> In my installation the disable_plaintext_auth does not appear to take
> effect.
> I can see that the value is correct using doveconf -a but it doesn't
> change anything.
>
> Whenever attempting to log in using IMAP I get this:
> * BAD [ALERT] Plaintext authentication not allowed without SSL/TLS, but
> your client did it anyway. If anyone was listening, the password was
> exposed.
> ls NO [PRIVACYREQUIRED] Plaintext authentication disallowed on
> non-secure (SSL/TLS) connections.
>
> POP3 login attempts give this error:
> -ERR Plaintext authentication disallowed on non-secure (SSL/TLS)
> connections
>
> Besides adding disable_plaintext_auth=no to dovecot.conf I also tried
> adding it specifically to the imap section.
> I also tried to invoke it just for certain networks, like this:
>
> remote 0.0.0.0 {
>    disable_plaintext_auth = no
> }
>
> But none of this takes any effect either. Adding the testing network as
> trusted networks is working fine removing the error.
> But I would rather not add the whole internet to the trusted network
> section just to allow plain text logins in imap.
>
> I'm in the process of migrating form 1.1 to 2.1 so this configuration is
> for testing things out and is mainly based on the default configuration
> files comming with the centos installation.
> I should add that everything else in this setup is working fine.
>
>
> I did many searches for information on this topic but nothing I could
> find apply to my case.
>
> I'm sorry to post such a long conf but I'm not sure what parts I could
> have safely omitted.
> Here goes:
>
>
> # doveconf -a
> # 2.1.1: /etc/dovecot/dovecot.conf
> # OS: Linux 2.6.32-220.17.1.el6.x86_64 x86_64 CentOS release 6.2 (Final)
> auth_anonymous_username = anonymous
> auth_cache_negative_ttl = 2 mins
> auth_cache_size = 0
> auth_cache_ttl = 2 mins
> auth_debug = no
> auth_debug_passwords = no
> auth_default_realm = plain
> auth_failure_delay = 2 secs
> auth_first_valid_uid = 500
> auth_gssapi_hostname =
> auth_krb5_keytab =
> auth_last_valid_uid = 0
> auth_master_user_separator =
> auth_mechanisms = plain
> auth_realms = plain login  digest-md5 cram-md5 apop ntlm
> auth_socket_path = auth-userdb
> auth_ssl_require_client_cert = no
> auth_ssl_username_from_cert = no
> auth_use_winbind = no
> auth_username_chars =
> abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@
> auth_username_format = %Lu
> auth_username_translation =
> auth_verbose = no
> auth_verbose_passwords = no
> auth_winbind_helper_path = /usr/bin/ntlm_auth
> auth_worker_max_count = 30
> base_dir = /var/run/dovecot
> config_cache_size = 1 M
> debug_log_path =
> default_client_limit = 1000
> default_idle_kill = 1 mins
> default_internal_user = dovecot
> default_login_user = dovenull
> default_process_limit = 100
> default_vsz_limit = 256 M
> deliver_log_format = msgid=%m: %$
> dict_db_config =
> director_doveadm_port = 0
> director_mail_servers =
> director_servers =
> director_user_expire = 15 mins
> disable_plaintext_auth = no
> dotlock_use_excl = no
> doveadm_allowed_commands =
> doveadm_password =
> doveadm_proxy_port = 0
> doveadm_socket_path = doveadm-server
> doveadm_worker_count = 0
> dsync_alt_char = _
> first_valid_gid = 1
> first_valid_uid = 105
> hostname = usrmta01.talkactive.net
> imap_capability =
> imap_client_workarounds =
> imap_id_log =
> imap_id_send =
> imap_idle_notify_interval = 2 mins
> imap_logout_format = in=%i out=%o
> imap_max_line_length = 64 k
> imapc_host =
> imapc_master_user =
> imapc_password =
> imapc_port = 143
> imapc_rawlog_dir =
> imapc_ssl = no
> imapc_ssl_ca_dir =
> imapc_ssl_verify = yes
> imapc_user = %u
> import_environment = TZ
> info_log_path = /var/log/dovecot/dovecot.run
> instance_name = dovecot
> last_valid_gid = 0
> last_valid_uid = 0
> lda_mailbox_autocreate = no
> lda_mailbox_autosubscribe = no
> lda_original_recipient_header =
> libexec_dir = /usr/libexec/dovecot
> listen = *, ::
> lmtp_proxy = no
> lmtp_save_to_detail_mailbox = no
> lock_method = fcntl
> log_path = /var/log/dovecot/dovecot.err
> log_timestamp = "%b %d %H:%M:%S "
> login_access_sockets =
> login_greeting = Dovecot ready.
> login_log_format = %$: %s
> login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c
> login_trusted_networks =
> mail_access_groups =
> mail_attachment_dir =
> mail_attachment_fs = sis posix
> mail_attachment_hash = %{sha1}
> mail_attachment_min_size = 128 k
> mail_cache_fields = flags
> mail_cache_min_mail_count = 0
> mail_chroot =
> mail_debug = no
> mail_fsync = always
> mail_full_filesystem_access = no
> mail_gid =
> mail_home =
> mail_location =
> mail_log_prefix = "%s(%u): "
> mail_max_keyword_length = 50
> mail_max_lock_timeout = 0
> mail_max_userip_connections = 10
> mail_never_cache_fields = imap.envelope
> mail_nfs_index = yes
> mail_nfs_storage = yes
> mail_plugin_dir = /usr/lib64/dovecot
> mail_plugins = quota
> mail_prefetch_count = 0
> mail_privileged_group =
> mail_save_crlf = no
> mail_temp_dir = /tmp
> mail_uid =
> mailbox_idle_check_interval = 30 secs
> mailbox_list_index = no
> maildir_broken_filename_sizes = no
> maildir_copy_with_hardlinks = yes
> maildir_stat_dirs = no
> maildir_very_dirty_syncs = no
> master_user_separator =
> mbox_dirty_syncs = yes
> mbox_dotlock_change_timeout = 2 mins
> mbox_lazy_writes = yes
> mbox_lock_timeout = 5 mins
> mbox_md5 = apop3d
> mbox_min_index_size = 0
> mbox_read_locks = fcntl
> mbox_very_dirty_syncs = no
> mbox_write_locks = fcntl
> mdbox_preallocate_space = no
> mdbox_rotate_interval = 0
> mdbox_rotate_size = 2 M
> mmap_disable = yes
> namespace inbox {
>    hidden = no
>    ignore_on_failure = no
>    inbox = yes
>    list = yes
>    location =
>    mailbox Drafts {
>      auto = no
>      special_use = \Drafts
>    }
>    mailbox Junk {
>      auto = no
>      special_use = \Junk
>    }
>    mailbox Sent {
>      auto = no
>      special_use = \Sent
>    }
>    mailbox "Sent Messages" {
>      auto = no
>      special_use = \Sent
>    }
>    mailbox Trash {
>      auto = no
>      special_use = \Trash
>    }
>    prefix =
>    separator =
>    subscriptions = yes
>    type = private
> }
> passdb {
>    args = /local/config/dovecot-sql.conf
>    default_fields =
>    deny = no
>    driver = sql
>    master = no
>    override_fields =
>    pass = no
> }
> plugin {
>    quota = maildir
>    quota_rule2 = Trash:storage=+10M:messages=+100
>    quota_warning = storage=80%% /local/scripts/quota-warning.sh 80
>    sieve_extensions = +imapflags +notify
>    trash = /local/config/dovecot-trash.conf
> }
> pop3_client_workarounds =
> pop3_enable_last = no
> pop3_fast_size_lookups = no
> pop3_lock_session = no
> pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s
> pop3_no_flag_updates = no
> pop3_reuse_xuidl = no
> pop3_save_uidl = no
> pop3_uidl_format = %08Xu%08Xv
> pop3c_host =
> pop3c_password =
> pop3c_port = 110
> pop3c_rawlog_dir =
> pop3c_ssl = no
> pop3c_ssl_ca_dir =
> pop3c_ssl_verify = yes
> pop3c_user = %u
> postmaster_address =
> protocols = imap pop3 lmtp
> quota_full_tempfail = no
> recipient_delimiter = +
> rejection_reason = Your message to <%t> was automatically rejected:%n%r
> rejection_subject = Rejected: %s
> sendmail_path = /usr/sbin/sendmail
> service anvil {
>    chroot = empty
>    client_limit = 0
>    drop_priv_before_exec = no
>    executable = anvil
>    extra_groups =
>    group =
>    idle_kill = 4294967295 secs
>    privileged_group =
>    process_limit = 1
>    process_min_avail = 1
>    protocol =
>    service_count = 0
>    type = anvil
>    unix_listener anvil-auth-penalty {
>      group =
>      mode = 0600
>      user =
>    }
>    unix_listener anvil {
>      group =
>      mode = 0600
>      user =
>    }
>    user = $default_internal_user
>    vsz_limit = 18446744073709551615 B
> }
> service auth-worker {
>    chroot =
>    client_limit = 1
>    drop_priv_before_exec = no
>    executable = auth -w
>    extra_groups =
>    group =
>    idle_kill = 0
>    privileged_group =
>    process_limit = 0
>    process_min_avail = 0
>    protocol =
>    service_count = 1
>    type =
>    unix_listener auth-worker {
>      group =
>      mode = 0600
>      user = $default_internal_user
>    }
>    user = $default_internal_user
>    vsz_limit = 18446744073709551615 B
> }
> service auth {
>    chroot =
>    client_limit = 0
>    drop_priv_before_exec = no
>    executable = auth
>    extra_groups =
>    group =
>    idle_kill = 0
>    privileged_group =
>    process_limit = 1
>    process_min_avail = 0
>    protocol =
>    service_count = 0
>    type =
>    unix_listener /var/spool/postfix/private/auth {
>      group =
>      mode = 0666
>      user =
>    }
>    unix_listener auth-client {
>      group =
>      mode = 0600
>      user =
>    }
>    unix_listener auth-login {
>      group =
>      mode = 0600
>      user = $default_internal_user
>    }
>    unix_listener auth-master {
>      group =
>      mode = 0600
>      user =
>    }
>    unix_listener auth-userdb {
>      group =
>      mode = 0666
>      user =
>    }
>    unix_listener login/login {
>      group =
>      mode = 0666
>      user =
>    }
>    user = $default_internal_user
>    vsz_limit = 18446744073709551615 B
> }
> service config {
>    chroot =
>    client_limit = 0
>    drop_priv_before_exec = no
>    executable = config
>    extra_groups =
>    group =
>    idle_kill = 0
>    privileged_group =
>    process_limit = 0
>    process_min_avail = 0
>    protocol =
>    service_count = 0
>    type = config
>    unix_listener config {
>      group =
>      mode = 0600
>      user =
>    }
>    user =
>    vsz_limit = 18446744073709551615 B
> }
> service dict {
>    chroot =
>    client_limit = 1
>    drop_priv_before_exec = no
>    executable = dict
>    extra_groups =
>    group =
>    idle_kill = 0
>    privileged_group =
>    process_limit = 0
>    process_min_avail = 0
>    protocol =
>    service_count = 0
>    type =
>    unix_listener dict {
>      group =
>      mode = 0600
>      user =
>    }
>    user = $default_internal_user
>    vsz_limit = 18446744073709551615 B
> }
> service director {
>    chroot = .
>    client_limit = 0
>    drop_priv_before_exec = no
>    executable = director
>    extra_groups =
>    fifo_listener login/proxy-notify {
>      group =
>      mode = 00
>      user =
>    }
>    group =
>    idle_kill = 4294967295 secs
>    inet_listener {
>      address =
>      port = 0
>      ssl = no
>    }
>    privileged_group =
>    process_limit = 1
>    process_min_avail = 0
>    protocol =
>    service_count = 0
>    type =
>    unix_listener director-admin {
>      group =
>      mode = 0600
>      user =
>    }
>    unix_listener director-userdb {
>      group =
>      mode = 0600
>      user =
>    }
>    unix_listener login/director {
>      group =
>      mode = 00
>      user =
>    }
>    user = $default_internal_user
>    vsz_limit = 18446744073709551615 B
> }
> service dns_client {
>    chroot =
>    client_limit = 1
>    drop_priv_before_exec = no
>    executable = dns-client
>    extra_groups =
>    group =
>    idle_kill = 0
>    privileged_group =
>    process_limit = 0
>    process_min_avail = 0
>    protocol =
>    service_count = 0
>    type =
>    unix_listener dns-client {
>      group =
>      mode = 0666
>      user =
>    }
>    unix_listener login/dns-client {
>      group =
>      mode = 0666
>      user =
>    }
>    user = $default_internal_user
>    vsz_limit = 18446744073709551615 B
> }
> service doveadm {
>    chroot =
>    client_limit = 1
>    drop_priv_before_exec = no
>    executable = doveadm-server
>    extra_groups =
>    group =
>    idle_kill = 0
>    privileged_group =
>    process_limit = 0
>    process_min_avail = 0
>    protocol =
>    service_count = 1
>    type =
>    unix_listener doveadm-server {
>      group =
>      mode = 0600
>      user =
>    }
>    user =
>    vsz_limit = 18446744073709551615 B
> }
> service imap-login {
>    chroot = login
>    client_limit = 0
>    drop_priv_before_exec = no
>    executable = imap-login
>    extra_groups =
>    group =
>    idle_kill = 0
>    inet_listener imap {
>      address =
>      port = 143
>      ssl = no
>    }
>    inet_listener imaps {
>      address =
>      port = 993
>      ssl = yes
>    }
>    privileged_group =
>    process_limit = 0
>    process_min_avail = 0
>    protocol = imap
>    service_count = 0
>    type = login
>    user = $default_login_user
>    vsz_limit = 256 M
> }
> service imap {
>    chroot =
>    client_limit = 1
>    drop_priv_before_exec = no
>    executable = imap
>    extra_groups =
>    group =
>    idle_kill = 0
>    privileged_group =
>    process_limit = 1024
>    process_min_avail = 0
>    protocol = imap
>    service_count = 1
>    type =
>    unix_listener login/imap {
>      group =
>      mode = 0666
>      user =
>    }
>    user =
>    vsz_limit = 256 M
> }
> service indexer-worker {
>    chroot =
>    client_limit = 1
>    drop_priv_before_exec = no
>    executable = indexer-worker
>    extra_groups =
>    group =
>    idle_kill = 0
>    privileged_group =
>    process_limit = 10
>    process_min_avail = 0
>    protocol =
>    service_count = 0
>    type =
>    unix_listener indexer-worker {
>      group =
>      mode = 0600
>      user = $default_internal_user
>    }
>    user =
>    vsz_limit = 18446744073709551615 B
> }
> service indexer {
>    chroot =
>    client_limit = 0
>    drop_priv_before_exec = no
>    executable = indexer
>    extra_groups =
>    group =
>    idle_kill = 0
>    privileged_group =
>    process_limit = 1
>    process_min_avail = 0
>    protocol =
>    service_count = 0
>    type =
>    unix_listener indexer {
>      group =
>      mode = 0666
>      user =
>    }
>    user = $default_internal_user
>    vsz_limit = 18446744073709551615 B
> }
> service ipc {
>    chroot = empty
>    client_limit = 0
>    drop_priv_before_exec = no
>    executable = ipc
>    extra_groups =
>    group =
>    idle_kill = 0
>    privileged_group =
>    process_limit = 1
>    process_min_avail = 0
>    protocol =
>    service_count = 0
>    type =
>    unix_listener ipc {
>      group =
>      mode = 0600
>      user =
>    }
>    unix_listener login/ipc-proxy {
>      group =
>      mode = 0600
>      user = $default_login_user
>    }
>    user = $default_internal_user
>    vsz_limit = 18446744073709551615 B
> }
> service lmtp {
>    chroot =
>    client_limit = 1
>    drop_priv_before_exec = no
>    executable = lmtp
>    extra_groups =
>    group =
>    idle_kill = 0
>    privileged_group =
>    process_limit = 0
>    process_min_avail = 0
>    protocol = lmtp
>    service_count = 0
>    type =
>    unix_listener lmtp {
>      group =
>      mode = 0666
>      user =
>    }
>    user =
>    vsz_limit = 18446744073709551615 B
> }
> service log {
>    chroot =
>    client_limit = 0
>    drop_priv_before_exec = no
>    executable = log
>    extra_groups =
>    group =
>    idle_kill = 4294967295 secs
>    privileged_group =
>    process_limit = 1
>    process_min_avail = 0
>    protocol =
>    service_count = 0
>    type = log
>    unix_listener log-errors {
>      group =
>      mode = 0600
>      user =
>    }
>    user =
>    vsz_limit = 18446744073709551615 B
> }
> service pop3-login {
>    chroot = login
>    client_limit = 0
>    drop_priv_before_exec = no
>    executable = pop3-login
>    extra_groups =
>    group =
>    idle_kill = 0
>    inet_listener pop3 {
>      address =
>      port = 110
>      ssl = no
>    }
>    inet_listener pop3s {
>      address =
>      port = 995
>      ssl = yes
>    }
>    privileged_group =
>    process_limit = 0
>    process_min_avail = 0
>    protocol = pop3
>    service_count = 1
>    type = login
>    user = $default_login_user
>    vsz_limit = 18446744073709551615 B
> }
> service pop3 {
>    chroot =
>    client_limit = 1
>    drop_priv_before_exec = no
>    executable = pop3
>    extra_groups =
>    group =
>    idle_kill = 0
>    privileged_group =
>    process_limit = 1024
>    process_min_avail = 0
>    protocol = pop3
>    service_count = 1
>    type =
>    unix_listener login/pop3 {
>      group =
>      mode = 0666
>      user =
>    }
>    user =
>    vsz_limit = 18446744073709551615 B
> }
> service ssl-params {
>    chroot =
>    client_limit = 0
>    drop_priv_before_exec = no
>    executable = ssl-params
>    extra_groups =
>    group =
>    idle_kill = 0
>    privileged_group =
>    process_limit = 0
>    process_min_avail = 0
>    protocol =
>    service_count = 0
>    type = startup
>    unix_listener login/ssl-params {
>      group =
>      mode = 0666
>      user =
>    }
>    user =
>    vsz_limit = 18446744073709551615 B
> }
> service stats {
>    chroot = empty
>    client_limit = 0
>    drop_priv_before_exec = no
>    executable = stats
>    extra_groups =
>    fifo_listener stats-mail {
>      group =
>      mode = 0600
>      user =
>    }
>    group =
>    idle_kill = 4294967295 secs
>    privileged_group =
>    process_limit = 1
>    process_min_avail = 0
>    protocol =
>    service_count = 0
>    type =
>    unix_listener stats {
>      group =
>      mode = 0600
>      user =
>    }
>    user = $default_internal_user
>    vsz_limit = 18446744073709551615 B
> }
> shutdown_clients = yes
> ssl = required
> ssl_ca =
> ssl_cert = </etc/pki/dovecot/certs/dovecot.pem
> ssl_cert_username_field = commonName
> ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL
> ssl_client_cert =
> ssl_client_key =
> ssl_crypto_device =
> ssl_key = </etc/pki/dovecot/private/dovecot.pem
> ssl_key_password =
> ssl_parameters_regenerate = 1 weeks
> ssl_protocols = !SSLv2
> ssl_verify_client_cert = no
> stats_command_min_time = 1 mins
> stats_domain_min_time = 12 hours
> stats_ip_min_time = 12 hours
> stats_memory_limit = 16 M
> stats_session_min_time = 15 mins
> stats_user_min_time = 1 hours
> submission_host =
> syslog_facility = mail
> userdb {
>    args =
>    default_fields =
>    driver = prefetch
>    override_fields =
> }
> userdb {
>    args = /local/config/dovecot-sql.conf
>    default_fields =
>    driver = sql
>    override_fields =
> }
> valid_chroot_dirs =
> verbose_proctitle = no
> verbose_ssl = no
> version_ignore = no
> protocol lda {
>    mail_plugins = quota quota sieve trash
> }
> protocol imap {
>    imap_client_workarounds = delay-newmail tb-extra-mailbox-sep
> tb-lsub-flags
>    imap_logout_format = bytes=%i/%o
>    mail_plugins = quota quota imap_quota trash
> }
> protocol pop3 {
>    mail_plugins = quota quota
>    pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s
>    pop3_uidl_format = %08Xu%08Xv
> }
>
>
> Regards, Mikkel



From branko at majic.rs  Thu Jun 14 13:36:25 2012
From: branko at majic.rs (Branko Majic)
Date: Thu, 14 Jun 2012 12:36:25 +0200
Subject: [Dovecot] Auth password problem
In-Reply-To: <34008289.post@talk.nabble.com>
References: <34008289.post@talk.nabble.com>
Message-ID: <20120614123625.68527101@zetkin.int.primekey.se>

Now, this answer won't help you, but you might find it useful (I've
been fiddling with slapd access controls and what-not, so this helped
me a lot). :)

The best thing to debug the LDAP issues is to set the olcLogLevel in
the slapd configuration tree to 256 - this way you'd get enough
information to see what's going on when Dovecot tries to talk with the
slapd server, and you won't get overwhelmed by the debugging
information. On Debian Squeeze you'll also have to make sure you've
set-up the log facility for slapd (by default it uses local4). You
could add a file /etc/rsyslog.d/slapd.conf with the following line:

local4.*                /var/log/slapd.log

Did you try logging-in by hand as well to the LDAP server? You could do
it with, say:

ldapwhoami -W -D cn=prueba,ou=Users,dc=royoleal,dc=com -H ldap://localhost/

On Wed, 13 Jun 2012 13:46:20 -0700 (PDT)
arleal <nairda91 at hotmail.com> wrote:

> 
> i have debian squeeze. i have installed mds with ldap integration and
> i want to use dovecot/LDAP but i have problems with login. I have
> dovecot 1.2.
> 
> I try all of dovecot wiki but i dont know how to configure it good
> 
> dovecot.conf
> 
> protocols = imap imaps pop3 pop3s 
> listen = *, ::
> auth_verbose = yes
> auth_debug = yes
> auth_debug_passwords = yes
> mail_debug = yes
> verbose_ssl = yes
> login_greeting = royoleal.com mailserver ready. 
> mail_location = maildir:/home/users/%u/Maildir 
> disable_plaintext_auth = no 
> ssl_cert_file = /etc/ssl/certs/mail.pem 
> ssl_key_file = /etc/ssl/private/mail.key 
> log_path = /var/log/dovecot.log 
> info_log_path = /var/log/dovecot.log 
> 
> # IMAP configuration 
> protocol imap { 
>  mail_plugins = quota imap_quota 
> } 
> 
> # POP3 configuration 
> protocol pop3 { 
>  pop3_uidl_format = %08Xu%08Xv 
>  mail_plugins = quota 
> } 
> 
> # LDA configuration 
> protocol lda { 
>  postmaster_address = postmaster 
>  auth_socket_path = /var/run/dovecot/auth-master 
>  mail_plugins = quota 
> } 
> 
> # LDAP authentication 
> 
> auth default { 
>  mechanisms = plain login 
> 
>  passdb ldap { 
>   args = /etc/dovecot/dovecot-ldap.conf 
>  } 
> 
>  userdb ldap { 
>   args = /etc/dovecot/dovecot-ldap.conf 
>  } 
> 
>  socket listen { 
>   master { 
>    path = /var/run/dovecot/auth-master 
>    mode = 0660 
>    user = dovecot 
>    group = mail 
>   } 
> 
>   client { 
>    path = /var/spool/postfix/private/auth 
>    mode = 0660 
>    user = postfix 
>    group = postfix 
>   }
>  }
> }
> 
> 
> And this is dovecot-ldap.conf
> 
> hosts = 127.0.0.1
> auth_bind = yes
> ldap_version = 3
> dn = cn=admin,dc=royoleal,dc=com
> dnpass = royoleal
> base = dc=royoleal,dc=com
> auth_bind_userdn = cn=%u,ou=Users,dc=royoleal,dc=com
> scope = subtree
> user_attrs = uidNumber=uid,gidNumber=gid
> user_filter = (&(objectClass=mailAccount)(mail=%u)(mailenable=OK))
> pass_attrs = mail=mail,userPassword=password
> pass_filter = (&(objectClass=mailAccount)(mail=%u)(mailenable=OK))
> default_pass_scheme = CRYPT
> 
> When i try login with telnet or other program i have this problem in
> dovecot.log
> 
> 
> Jun 13 22:45:13 auth(default): Info: client in: AUTH    1
> PLAIN service=imap    secured lip=127.0.0.1   rip=127.0.0.1
> lport=14      3 rport=55040
> resp=AHBydWViYUByb3lvbGVhbC5jb20AcHJ1ZWJh Jun 13 22:45:13
> auth(default): Info: ldap(prueba at royoleal.com,127.0.0.1): invalid
> credentials (given password: prueba) Jun 13 22:45:13 auth(default):
> Info: new auth connection: pid=2613 Jun 13 22:45:15 auth(default):
> Info: client out: FAIL   1 user=prueba at royoleal.com
> Jun 13 22:45:20 imap-login: Info: Aborted login (auth failed, 1
> attempts): user=<prueba at royoleal.com>, method=PLAIN, rip=127.0.0.1,
> lip= 127.0.0.1, secured
> 
> Thanks.

-- 
Branko Majic
Please use only Free formats when sending attachments to me.

?????? ?????
????? ??? ?? ??????? ?????? ????????? ? ????????? ?????????.

From amateo at um.es  Thu Jun 14 14:32:13 2012
From: amateo at um.es (Angel L. Mateo)
Date: Thu, 14 Jun 2012 13:32:13 +0200
Subject: [Dovecot] difference between client_limit and process_limit
In-Reply-To: <1339591187.25551.3.camel@innu>
References: <4FD1D2E5.3020901@um.es> <4FD1DE19.4050903@um.es>
	<A1BAE7E0-1F08-4FDA-8FC8-D045E5E7987A@iki.fi>
	<4FD22956.20904@thelounge.net>
	<3E0F7337-B1BA-426F-84AF-D1D7710B80A3@iki.fi>
	<4FD5C63B.7040904@um.es>
	<D226FD99-8113-4F4A-87E9-F54F5DF69807@iki.fi>
	<4FD87634.9000407@um.es> <1339589161.25551.0.camel@innu>
	<4FD88462.5070908@um.es> <1339590528.25551.2.camel@innu>
	<1339591187.25551.3.camel@innu>
Message-ID: <4FD9CBBD.2020701@um.es>

El 13/06/12 14:39, Timo Sirainen escribi?:
> On Wed, 2012-06-13 at 15:28 +0300, Timo Sirainen wrote:
>> Oh, right, service_count=1 is the default and that overrides
>> client_limit. Set it to 0.
>
> http://hg.dovecot.org/dovecot-2.1/rev/4c31e450a867
>
	Thank you. This solved my problem.


From nairda91 at hotmail.com  Thu Jun 14 22:18:35 2012
From: nairda91 at hotmail.com (arleal)
Date: Thu, 14 Jun 2012 12:18:35 -0700 (PDT)
Subject: [Dovecot] Auth password problem
In-Reply-To: <20120614123625.68527101@zetkin.int.primekey.se>
References: <34008289.post@talk.nabble.com>
	<20120614123625.68527101@zetkin.int.primekey.se>
Message-ID: <34013988.post@talk.nabble.com>




?????? ?????-2 wrote:
> 
> Now, this answer won't help you, but you might find it useful (I've
> been fiddling with slapd access controls and what-not, so this helped
> me a lot). :)
> 
> The best thing to debug the LDAP issues is to set the olcLogLevel in
> the slapd configuration tree to 256 - this way you'd get enough
> information to see what's going on when Dovecot tries to talk with the
> slapd server, and you won't get overwhelmed by the debugging
> information. On Debian Squeeze you'll also have to make sure you've
> set-up the log facility for slapd (by default it uses local4). You
> could add a file /etc/rsyslog.d/slapd.conf with the following line:
> 
> local4.*                /var/log/slapd.log
> 
> Did you try logging-in by hand as well to the LDAP server? You could do
> it with, say:
> 
> ldapwhoami -W -D cn=prueba,ou=Users,dc=royoleal,dc=com -H
> ldap://localhost/
> 
> On Wed, 13 Jun 2012 13:46:20 -0700 (PDT)
> arleal <nairda91 at hotmail.com> wrote:
> 
>> 
>> i have debian squeeze. i have installed mds with ldap integration and
>> i want to use dovecot/LDAP but i have problems with login. I have
>> dovecot 1.2.
>> 
>> I try all of dovecot wiki but i dont know how to configure it good
>> 
>> dovecot.conf
>> 
>> protocols = imap imaps pop3 pop3s 
>> listen = *, ::
>> auth_verbose = yes
>> auth_debug = yes
>> auth_debug_passwords = yes
>> mail_debug = yes
>> verbose_ssl = yes
>> login_greeting = royoleal.com mailserver ready. 
>> mail_location = maildir:/home/users/%u/Maildir 
>> disable_plaintext_auth = no 
>> ssl_cert_file = /etc/ssl/certs/mail.pem 
>> ssl_key_file = /etc/ssl/private/mail.key 
>> log_path = /var/log/dovecot.log 
>> info_log_path = /var/log/dovecot.log 
>> 
>> # IMAP configuration 
>> protocol imap { 
>>  mail_plugins = quota imap_quota 
>> } 
>> 
>> # POP3 configuration 
>> protocol pop3 { 
>>  pop3_uidl_format = %08Xu%08Xv 
>>  mail_plugins = quota 
>> } 
>> 
>> # LDA configuration 
>> protocol lda { 
>>  postmaster_address = postmaster 
>>  auth_socket_path = /var/run/dovecot/auth-master 
>>  mail_plugins = quota 
>> } 
>> 
>> # LDAP authentication 
>> 
>> auth default { 
>>  mechanisms = plain login 
>> 
>>  passdb ldap { 
>>   args = /etc/dovecot/dovecot-ldap.conf 
>>  } 
>> 
>>  userdb ldap { 
>>   args = /etc/dovecot/dovecot-ldap.conf 
>>  } 
>> 
>>  socket listen { 
>>   master { 
>>    path = /var/run/dovecot/auth-master 
>>    mode = 0660 
>>    user = dovecot 
>>    group = mail 
>>   } 
>> 
>>   client { 
>>    path = /var/spool/postfix/private/auth 
>>    mode = 0660 
>>    user = postfix 
>>    group = postfix 
>>   }
>>  }
>> }
>> 
>> 
>> And this is dovecot-ldap.conf
>> 
>> hosts = 127.0.0.1
>> auth_bind = yes
>> ldap_version = 3
>> dn = cn=admin,dc=royoleal,dc=com
>> dnpass = royoleal
>> base = dc=royoleal,dc=com
>> auth_bind_userdn = cn=%u,ou=Users,dc=royoleal,dc=com
>> scope = subtree
>> user_attrs = uidNumber=uid,gidNumber=gid
>> user_filter = (&(objectClass=mailAccount)(mail=%u)(mailenable=OK))
>> pass_attrs = mail=mail,userPassword=password
>> pass_filter = (&(objectClass=mailAccount)(mail=%u)(mailenable=OK))
>> default_pass_scheme = CRYPT
>> 
>> When i try login with telnet or other program i have this problem in
>> dovecot.log
>> 
>> 
>> Jun 13 22:45:13 auth(default): Info: client in: AUTH    1
>> PLAIN service=imap    secured lip=127.0.0.1   rip=127.0.0.1
>> lport=14      3 rport=55040
>> resp=AHBydWViYUByb3lvbGVhbC5jb20AcHJ1ZWJh Jun 13 22:45:13
>> auth(default): Info: ldap(prueba at royoleal.com,127.0.0.1): invalid
>> credentials (given password: prueba) Jun 13 22:45:13 auth(default):
>> Info: new auth connection: pid=2613 Jun 13 22:45:15 auth(default):
>> Info: client out: FAIL   1 user=prueba at royoleal.com
>> Jun 13 22:45:20 imap-login: Info: Aborted login (auth failed, 1
>> attempts): user=<prueba at royoleal.com>, method=PLAIN, rip=127.0.0.1,
>> lip= 127.0.0.1, secured
>> 
>> Thanks.
> 
> -- 
> Branko Majic
> Please use only Free formats when sending attachments to me.
> 
> ?????? ?????
> ????? ??? ?? ??????? ?????? ????????? ? ????????? ?????????.
> 
> 

I forgot see the ldap log.
In the ldap.log i cant see nothing about that user trying to login with user
prueba.

That autenticate good.

root at mds:~# ldapwhoami -W -D uid=prueba,ou=Users,dc=royoleal,dc=com -H
ldap://localhost/
Enter LDAP Password:
dn:uid=prueba,ou=Users,dc=royoleal,dc=com

With telnet error of authentication.
-- 
View this message in context: http://old.nabble.com/Auth-password-problem-tp34008289p34013988.html
Sent from the Dovecot mailing list archive at Nabble.com.


From nairda91 at hotmail.com  Thu Jun 14 22:18:35 2012
From: nairda91 at hotmail.com (arleal)
Date: Thu, 14 Jun 2012 12:18:35 -0700 (PDT)
Subject: [Dovecot] Auth password problem
In-Reply-To: <20120614123625.68527101@zetkin.int.primekey.se>
References: <34008289.post@talk.nabble.com>
	<20120614123625.68527101@zetkin.int.primekey.se>
Message-ID: <34013987.post@talk.nabble.com>




?????? ?????-2 wrote:
> 
> Now, this answer won't help you, but you might find it useful (I've
> been fiddling with slapd access controls and what-not, so this helped
> me a lot). :)
> 
> The best thing to debug the LDAP issues is to set the olcLogLevel in
> the slapd configuration tree to 256 - this way you'd get enough
> information to see what's going on when Dovecot tries to talk with the
> slapd server, and you won't get overwhelmed by the debugging
> information. On Debian Squeeze you'll also have to make sure you've
> set-up the log facility for slapd (by default it uses local4). You
> could add a file /etc/rsyslog.d/slapd.conf with the following line:
> 
> local4.*                /var/log/slapd.log
> 
> Did you try logging-in by hand as well to the LDAP server? You could do
> it with, say:
> 
> ldapwhoami -W -D cn=prueba,ou=Users,dc=royoleal,dc=com -H
> ldap://localhost/
> 
> On Wed, 13 Jun 2012 13:46:20 -0700 (PDT)
> arleal <nairda91 at hotmail.com> wrote:
> 
>> 
>> i have debian squeeze. i have installed mds with ldap integration and
>> i want to use dovecot/LDAP but i have problems with login. I have
>> dovecot 1.2.
>> 
>> I try all of dovecot wiki but i dont know how to configure it good
>> 
>> dovecot.conf
>> 
>> protocols = imap imaps pop3 pop3s 
>> listen = *, ::
>> auth_verbose = yes
>> auth_debug = yes
>> auth_debug_passwords = yes
>> mail_debug = yes
>> verbose_ssl = yes
>> login_greeting = royoleal.com mailserver ready. 
>> mail_location = maildir:/home/users/%u/Maildir 
>> disable_plaintext_auth = no 
>> ssl_cert_file = /etc/ssl/certs/mail.pem 
>> ssl_key_file = /etc/ssl/private/mail.key 
>> log_path = /var/log/dovecot.log 
>> info_log_path = /var/log/dovecot.log 
>> 
>> # IMAP configuration 
>> protocol imap { 
>>  mail_plugins = quota imap_quota 
>> } 
>> 
>> # POP3 configuration 
>> protocol pop3 { 
>>  pop3_uidl_format = %08Xu%08Xv 
>>  mail_plugins = quota 
>> } 
>> 
>> # LDA configuration 
>> protocol lda { 
>>  postmaster_address = postmaster 
>>  auth_socket_path = /var/run/dovecot/auth-master 
>>  mail_plugins = quota 
>> } 
>> 
>> # LDAP authentication 
>> 
>> auth default { 
>>  mechanisms = plain login 
>> 
>>  passdb ldap { 
>>   args = /etc/dovecot/dovecot-ldap.conf 
>>  } 
>> 
>>  userdb ldap { 
>>   args = /etc/dovecot/dovecot-ldap.conf 
>>  } 
>> 
>>  socket listen { 
>>   master { 
>>    path = /var/run/dovecot/auth-master 
>>    mode = 0660 
>>    user = dovecot 
>>    group = mail 
>>   } 
>> 
>>   client { 
>>    path = /var/spool/postfix/private/auth 
>>    mode = 0660 
>>    user = postfix 
>>    group = postfix 
>>   }
>>  }
>> }
>> 
>> 
>> And this is dovecot-ldap.conf
>> 
>> hosts = 127.0.0.1
>> auth_bind = yes
>> ldap_version = 3
>> dn = cn=admin,dc=royoleal,dc=com
>> dnpass = royoleal
>> base = dc=royoleal,dc=com
>> auth_bind_userdn = cn=%u,ou=Users,dc=royoleal,dc=com
>> scope = subtree
>> user_attrs = uidNumber=uid,gidNumber=gid
>> user_filter = (&(objectClass=mailAccount)(mail=%u)(mailenable=OK))
>> pass_attrs = mail=mail,userPassword=password
>> pass_filter = (&(objectClass=mailAccount)(mail=%u)(mailenable=OK))
>> default_pass_scheme = CRYPT
>> 
>> When i try login with telnet or other program i have this problem in
>> dovecot.log
>> 
>> 
>> Jun 13 22:45:13 auth(default): Info: client in: AUTH    1
>> PLAIN service=imap    secured lip=127.0.0.1   rip=127.0.0.1
>> lport=14      3 rport=55040
>> resp=AHBydWViYUByb3lvbGVhbC5jb20AcHJ1ZWJh Jun 13 22:45:13
>> auth(default): Info: ldap(prueba at royoleal.com,127.0.0.1): invalid
>> credentials (given password: prueba) Jun 13 22:45:13 auth(default):
>> Info: new auth connection: pid=2613 Jun 13 22:45:15 auth(default):
>> Info: client out: FAIL   1 user=prueba at royoleal.com
>> Jun 13 22:45:20 imap-login: Info: Aborted login (auth failed, 1
>> attempts): user=<prueba at royoleal.com>, method=PLAIN, rip=127.0.0.1,
>> lip= 127.0.0.1, secured
>> 
>> Thanks.
> 
> -- 
> Branko Majic
> Please use only Free formats when sending attachments to me.
> 
> ?????? ?????
> ????? ??? ?? ??????? ?????? ????????? ? ????????? ?????????.
> 
> 

I forgot see the ldap log.
In the ldap.log i cant see nothing about that user trying to login with user
prueba.

That autenticate good.

root at mds:~# ldapwhoami -W -D uid=prueba,ou=Users,dc=royoleal,dc=com -H
ldap://localhost/
Enter LDAP Password:
dn:uid=prueba,ou=Users,dc=royoleal,dc=com

With telnet error of authentication.
-- 
View this message in context: http://old.nabble.com/Auth-password-problem-tp34008289p34013987.html
Sent from the Dovecot mailing list archive at Nabble.com.


From branko at majic.rs  Thu Jun 14 22:51:05 2012
From: branko at majic.rs (Branko Majic)
Date: Thu, 14 Jun 2012 21:51:05 +0200
Subject: [Dovecot] Auth password problem
In-Reply-To: <34013987.post@talk.nabble.com>
References: <34008289.post@talk.nabble.com>
	<20120614123625.68527101@zetkin.int.primekey.se>
	<34013987.post@talk.nabble.com>
Message-ID: <20120614215105.7944d8d3@trotsky.home.majic.rs>

On Thu, 14 Jun 2012 12:18:35 -0700 (PDT)
arleal <nairda91 at hotmail.com> wrote: 
> 
> I forgot see the ldap log.
> In the ldap.log i cant see nothing about that user trying to login
> with user prueba.
> 
> That autenticate good.
> 
> root at mds:~# ldapwhoami -W -D uid=prueba,ou=Users,dc=royoleal,dc=com -H
> ldap://localhost/
> Enter LDAP Password:
> dn:uid=prueba,ou=Users,dc=royoleal,dc=com
> 
> With telnet error of authentication.
Hm... Since you're using Dovecot, can you see Dovecot logging-in onto
the server and performing queries (for user information)? I'll probably
take another look at your config tomorrow (I've got Dovecot talking to
my LDAP on Squeeze, although a bit different configuration in my case).

-- 
Branko Majic
Jabber: branko at majic.rs
Please use only Free formats when sending attachments to me.

?????? ?????
?????: branko at majic.rs
????? ??? ?? ??????? ?????? ????????? ? ????????? ?????????.

From voytek at sbt.net.au  Fri Jun 15 02:32:28 2012
From: voytek at sbt.net.au (Voytek Eymont)
Date: Fri, 15 Jun 2012 09:32:28 +1000
Subject: [Dovecot] migrating v.1 to v.2
In-Reply-To: <4FD9957C.9080605@bunbun.be>
References: <e18ccaf826fb28cc87831a5670118372.squirrel@sbt.net.au>
	<4FD9957C.9080605@bunbun.be>
Message-ID: <c8d07a0b8c1357264d1d912e4c495f1d.squirrel@sbt.net.au>

Nick,

thanks, and, apologies:

I did have a brief look at the docs, clearly, not searched enough, my fault.

the docs are amazing, and, excellent, and, have precise anwser,
mea culpa

> upgrading". Try this http://wiki2.dovecot.org/Upgrading/



-- 
Voytek


From voytek at sbt.net.au  Fri Jun 15 02:50:52 2012
From: voytek at sbt.net.au (Voytek Eymont)
Date: Fri, 15 Jun 2012 09:50:52 +1000
Subject: [Dovecot] imap max user ip conn, what's a safe increase?
Message-ID: <6d5f54f3b9ba7f071def2453e9c15665.squirrel@sbt.net.au>

I have dovecot 1.x, all's working well, thanks

now that I'm using K9 mail on Android phone, whenever I try to access
emails with an imap collect 'pass' from Snapper mail client on Palm, I
get:

"max number of connections from user+ip exceeded"

I'm currently at default (unspecified) of 10 imap/3 pop

what's a reasonable next number of IMAP connections I should up it to ?
that won't bite on the backside...?

12 ? 20 ?

when I run IMAP pass from Snapper, I only run it over inbox, maybe one
other folder, max 2 folders, so 12 should do ?


/etc/dovecot# grep max_user *
dovecot.conf:  #mail_max_userip_connections = 10
dovecot.conf:  #mail_max_userip_connections = 3

-- 
Voytek


From daniel.parthey at informatik.tu-chemnitz.de  Fri Jun 15 03:46:16 2012
From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey)
Date: Fri, 15 Jun 2012 02:46:16 +0200
Subject: [Dovecot] Sieve stopped working
In-Reply-To: <DD2F3BD9-990D-453C-8FDE-1EB67CFE5709@versang.com>
References: <DD2F3BD9-990D-453C-8FDE-1EB67CFE5709@versang.com>
Message-ID: <20120615004616.GA11872@daniel.localdomain>

Hi Ben,

Ben Versang wrote:
> Sieve has stopped working and I have spent hours and been unable so far to get it up and running again.
>  
> netstat -a |grep 2000 returns
> returns nothing
>  
> telnet localhost 2000
> Trying 127.0.0.1...
> telnet: connect to address 127.0.0.1: Connection refused
> telnet: Unable to connect to remote host
>  
> The rest of mail functions are working fine (IMAP, SMTP...).

Did you have a look at the wiki article?
http://wiki2.dovecot.org/Pigeonhole/ManageSieve/Configuration

The Pigeonhole ManageSieve service now binds to TCP port 4190 by default due to
the IANA port assignment for the ManageSieve service. Maybe you're looking at
the wrong port.

Please attach the output of doveconf -n

Regards,
Daniel
-- 
https://plus.google.com/103021802792276734820

From nick+dovecot at bunbun.be  Fri Jun 15 10:57:40 2012
From: nick+dovecot at bunbun.be (Nick Rosier)
Date: Fri, 15 Jun 2012 09:57:40 +0200
Subject: [Dovecot] migrating v.1 to v.2
In-Reply-To: <c8d07a0b8c1357264d1d912e4c495f1d.squirrel@sbt.net.au>
References: <e18ccaf826fb28cc87831a5670118372.squirrel@sbt.net.au>
	<4FD9957C.9080605@bunbun.be>
	<c8d07a0b8c1357264d1d912e4c495f1d.squirrel@sbt.net.au>
Message-ID: <4FDAEAF4.3010908@bunbun.be>

Hi Voytek,

no apologies needed; Timo created an excellent wiki so that should be 
the 1st thing to search. But if there's anything unclear just ask. I'm 
not an expert but made the transitions from 1.2 -> 2.0 -> 2.1 thanks to 
this documentation.

N.

Voytek Eymont wrote:
> Nick,
>
> thanks, and, apologies:
>
> I did have a brief look at the docs, clearly, not searched enough, my fault.
>
> the docs are amazing, and, excellent, and, have precise anwser,
> mea culpa
>
>> upgrading". Try this http://wiki2.dovecot.org/Upgrading/
>
>
>

From gedalya at gedalya.net  Fri Jun 15 21:43:28 2012
From: gedalya at gedalya.net (Gedalya)
Date: Fri, 15 Jun 2012 14:43:28 -0400
Subject: [Dovecot] doveadm backup panic
Message-ID: <4FDB8250.8020600@gedalya.net>

using latest auto build didn't help.
this happens only with a specific account.

# doveadm -o imapc_user=----- at domain.com -o imapc_password=---- backup 
-u =----- at domain.com -R imapc:
dsync(---- at domain.com): Panic: pool_data_stack_realloc(): stack frame 
changed
dsync(---- at domain.com): Error: Raw backtrace: 
/usr/lib/dovecot/libdovecot.so.0(+0x4209a) [0xb762b09a] -> 
/usr/lib/dovecot/libdovecot.so.0(default_fatal_handler+0x41) 
[0xb762b1a1] -> /usr/lib/dovecot/libdovecot.so.0(i_fatal+0) [0xb75fd99e] 
-> /usr/lib/dovecot/libdovecot.so.0(+0x547ce) [0xb763d7ce] -> 
/usr/lib/dovecot/libdovecot.so.0(+0x3ebf9) [0xb7627bf9] -> 
/usr/lib/dovecot/libdovecot.so.0(buffer_get_space_unsafe+0x78) 
[0xb7628658] -> 
/usr/lib/dovecot/libdovecot.so.0(buffer_append_space_unsafe+0x2a) 
[0xb762875a] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x60005) 
[0xb76dc005] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x62aa9) 
[0xb76deaa9] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x66e61) 
[0xb76e2e61] -> 
/usr/lib/dovecot/libdovecot-storage.so.0(imapc_connection_input_pending+0x14d) 
[0xb76e3a3d] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x67aac) 
[0xb76e3aac] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x44) 
[0xb763a034] -> 
/usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0xce) [0xb763ae8e] 
-> /usr/lib/dovecot/libdovecot.so.0(io_loop_run+0x40) [0xb76399d0] -> 
/usr/lib/dovecot/libdovecot-storage.so.0(imapc_client_run+0xa7) 
[0xb76e0297] -> 
/usr/lib/dovecot/libdovecot-storage.so.0(imapc_storage_run+0x26) 
[0xb76df1e6] -> 
/usr/lib/dovecot/libdovecot-storage.so.0(imapc_mailbox_sync_init+0x6de) 
[0xb76ddfde] -> 
/usr/lib/dovecot/libdovecot-storage.so.0(mailbox_sync_init+0x3b) 
[0xb76f468b] -> 
/usr/lib/dovecot/libdovecot-storage.so.0(mailbox_sync+0x3c) [0xb76f47cc] 
-> doveadm() [0x8072510] -> doveadm() [0x8072789] -> doveadm() 
[0x80729b2] -> doveadm(dsync_worker_msg_iter_next+0x29) [0x8070a69] -> 
doveadm() [0x806b6e1] -> doveadm() [0x806b736] -> 
doveadm(dsync_brain_msg_sync_more+0x4cb) [0x806bc7b] -> 
doveadm(dsync_brain_sync+0x3bb) [0x806a3ab]
Aborted


From gedalya at gedalya.net  Fri Jun 15 21:50:09 2012
From: gedalya at gedalya.net (Gedalya)
Date: Fri, 15 Jun 2012 14:50:09 -0400
Subject: [Dovecot] doveadm backup panic
In-Reply-To: <4FDB8250.8020600@gedalya.net>
References: <4FDB8250.8020600@gedalya.net>
Message-ID: <4FDB83E1.1070302@gedalya.net>

On 06/15/2012 02:43 PM, Gedalya wrote:
> using latest auto build didn't help.
> this happens only with a specific account.
>
> # doveadm -o imapc_user=----- at domain.com -o imapc_password=---- backup 
> -u =----- at domain.com -R imapc:
> dsync(---- at domain.com): Panic: pool_data_stack_realloc(): stack frame 
> changed
> dsync(---- at domain.com): Error: Raw backtrace: 
> /usr/lib/dovecot/libdovecot.so.0(+0x4209a) [0xb762b09a] -> 
> /usr/lib/dovecot/libdovecot.so.0(default_fatal_handler+0x41) 
> [0xb762b1a1] -> /usr/lib/dovecot/libdovecot.so.0(i_fatal+0) 
> [0xb75fd99e] -> /usr/lib/dovecot/libdovecot.so.0(+0x547ce) 
> [0xb763d7ce] -> /usr/lib/dovecot/libdovecot.so.0(+0x3ebf9) 
> [0xb7627bf9] -> 
> /usr/lib/dovecot/libdovecot.so.0(buffer_get_space_unsafe+0x78) 
> [0xb7628658] -> 
> /usr/lib/dovecot/libdovecot.so.0(buffer_append_space_unsafe+0x2a) 
> [0xb762875a] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x60005) 
> [0xb76dc005] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x62aa9) 
> [0xb76deaa9] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x66e61) 
> [0xb76e2e61] -> 
> /usr/lib/dovecot/libdovecot-storage.so.0(imapc_connection_input_pending+0x14d) 
> [0xb76e3a3d] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x67aac) 
> [0xb76e3aac] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x44) 
> [0xb763a034] -> 
> /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0xce) 
> [0xb763ae8e] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_run+0x40) 
> [0xb76399d0] -> 
> /usr/lib/dovecot/libdovecot-storage.so.0(imapc_client_run+0xa7) 
> [0xb76e0297] -> 
> /usr/lib/dovecot/libdovecot-storage.so.0(imapc_storage_run+0x26) 
> [0xb76df1e6] -> 
> /usr/lib/dovecot/libdovecot-storage.so.0(imapc_mailbox_sync_init+0x6de) [0xb76ddfde] 
> -> /usr/lib/dovecot/libdovecot-storage.so.0(mailbox_sync_init+0x3b) 
> [0xb76f468b] -> 
> /usr/lib/dovecot/libdovecot-storage.so.0(mailbox_sync+0x3c) 
> [0xb76f47cc] -> doveadm() [0x8072510] -> doveadm() [0x8072789] -> 
> doveadm() [0x80729b2] -> doveadm(dsync_worker_msg_iter_next+0x29) 
> [0x8070a69] -> doveadm() [0x806b6e1] -> doveadm() [0x806b736] -> 
> doveadm(dsync_brain_msg_sync_more+0x4cb) [0x806bc7b] -> 
> doveadm(dsync_brain_sync+0x3bb) [0x806a3ab]
> Aborted
>

gdb:

Starting program: /usr/bin/doveadm -o imapc_user=mailaccount at domain.com 
-o imapc_password=******* backup -u mailaccount at domain.com -R imapc:
[Thread debugging using libthread_db enabled]
Using host libthread_db library 
"/lib/i386-linux-gnu/i686/cmov/libthread_db.so.1".
dsync(mailaccount at domain.com): Panic: pool_data_stack_realloc(): stack 
frame changed
dsync(mailaccount at domain.com): Error: Raw backtrace: 
/usr/lib/dovecot/libdovecot.so.0(+0x4209a) [0xb7e4d09a] -> 
/usr/lib/dovecot/libdovecot.so.0(default_fatal_handler+0x41) 
[0xb7e4d1a1] -> /usr/lib/dovecot/libdovecot.so.0(i_fatal+0) [0xb7e1f99e] 
-> /usr/lib/dovecot/libdovecot.so.0(+0x547ce) [0xb7e5f7ce] -> 
/usr/lib/dovecot/libdovecot.so.0(+0x3ebf9) [0xb7e49bf9] -> 
/usr/lib/dovecot/libdovecot.so.0(buffer_get_space_unsafe+0x78) 
[0xb7e4a658] -> 
/usr/lib/dovecot/libdovecot.so.0(buffer_append_space_unsafe+0x2a) 
[0xb7e4a75a] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x60005) 
[0xb7efe005] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x62aa9) 
[0xb7f00aa9] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x66e61) 
[0xb7f04e61] -> 
/usr/lib/dovecot/libdovecot-storage.so.0(imapc_connection_input_pending+0x14d) 
[0xb7f05a3d] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x67aac) 
[0xb7f05aac] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x44) 
[0xb7e5c034] -> 
/usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0xce) [0xb7e5ce8e] 
-> /usr/lib/dovecot/libdovecot.so.0(io_loop_run+0x40) [0xb7e5b9d0] -> 
/usr/lib/dovecot/libdovecot-storage.so.0(imapc_client_run+0xa7) 
[0xb7f02297] -> 
/usr/lib/dovecot/libdovecot-storage.so.0(imapc_storage_run+0x26) 
[0xb7f011e6] -> 
/usr/lib/dovecot/libdovecot-storage.so.0(imapc_mailbox_sync_init+0x6de) 
[0xb7efffde] -> 
/usr/lib/dovecot/libdovecot-storage.so.0(mailbox_sync_init+0x3b) 
[0xb7f1668b] -> 
/usr/lib/dovecot/libdovecot-storage.so.0(mailbox_sync+0x3c) [0xb7f167cc] 
-> /usr/bin/doveadm() [0x8072510] -> /usr/bin/doveadm() [0x8072789] -> 
/usr/bin/doveadm() [0x80729b2] -> 
/usr/bin/doveadm(dsync_worker_msg_iter_next+0x29) [0x8070a69] -> 
/usr/bin/doveadm() [0x806b6e1] -> /usr/bin/doveadm() [0x806b736] -> 
/usr/bin/doveadm(dsync_brain_msg_sync_more+0x4cb) [0x806bc7b] -> 
/usr/bin/doveadm(dsync_brain_sync+0x3bb) [0x806a3ab]

Program received signal SIGABRT, Aborted.
0xb7fe1424 in __kernel_vsyscall ()
(gdb) bt full
#0 0xb7fe1424 in __kernel_vsyscall ()
No symbol table info available.
#1 0xb7cd8941 in raise () from /lib/i386-linux-gnu/i686/cmov/libc.so.6
No symbol table info available.
#2 0xb7cdbd72 in abort () from /lib/i386-linux-gnu/i686/cmov/libc.so.6
No symbol table info available.
#3 0xb7e4d0b0 in default_fatal_finish (type=<optimized out>, 
status=<optimized out>) at failures.c:191
backtrace = 0x80930a0 "/usr/lib/dovecot/libdovecot.so.0(+0x4209a) 
[0xb7e4d09a] -> 
/usr/lib/dovecot/libdovecot.so.0(default_fatal_handler+0x41) 
[0xb7e4d1a1] -> /usr/lib/dovecot/libdovecot.so.0(i_fatal+0) [0xb7e1f99e] 
-> /usr"...
#4 0xb7e4d1a1 in default_fatal_handler (ctx=0xbfffef94, 
format=0xb7e7a2e8 "pool_data_stack_realloc(): stack frame changed",
args=0xbfffefb4 "U\001") at failures.c:205
status = 0
#5 0xb7e1f99e in i_panic (format=0xb7e7a2e8 "pool_data_stack_realloc(): 
stack frame changed") at failures.c:263
ctx = {type = LOG_TYPE_PANIC, exit_status = 0, timestamp = 0x0}
args = 0xbfffefb4 "U\001"
#6 0xb7e5f7ce in pool_data_stack_realloc (pool=0x8092fd0, mem=0x8093000, 
old_size=32, new_size=64) at mempool-datastack.c:118
dpool = 0x8092fd0
#7 0xb7e49bf9 in buffer_alloc (buf=0x8092fe0, size=64) at buffer.c:32
__FUNCTION__ = "buffer_alloc"
#8 0xb7e4a658 in buffer_check_limits (data_size=4, pos=32, 
buf=0x8092fe0) at buffer.c:64
new_size = 36
#9 buffer_get_space_unsafe (_buf=0x8092fe0, pos=32, size=4) at buffer.c:273
buf = 0x8092fe0
#10 0xb7e4a75a in buffer_append_space_unsafe (buf=0x8092fe0, size=4) at 
buffer.c:279
No locals.
#11 0xb7efe005 in array_append_space_i (array=<synthetic pointer>) at 
../../../../src/lib/array.h:232
data = <optimized out>
#12 imapc_untagged_fetch (reply=0xbffff184, mbox=0x80fd2c8) at 
imapc-mailbox.c:349
old_kws = {arr = {buffer = 0x8093030, element_size = 4}, v = 0x8093030, 
v_modifiable = 0x8093030}
kw = <optimized out>
_data_stack_cur_id = 6
lseq = 341
rseq = 341
mailp = <optimized out>
list = 0x80c72c8
flags_list = 0x80c7458
atom = 0x80c7570 "679"
rec = <optimized out>
flags = MAIL_SEEN
---Type <return> to continue, or q <return> to quit---
fetch_uid = 679
uid = 679
i = <optimized out>
j = <optimized out>
keywords = {arr = {buffer = 0x8092fe0, element_size = 4}, v = 0x8092fe0, 
v_modifiable = 0x8092fe0}
seen_flags = <optimized out>
__FUNCTION__ = "imapc_untagged_fetch"
#13 0xb7f00aa9 in imapc_storage_untagged_cb (reply=0xbffff184, 
context=0x80c53e8) at imapc-storage.c:170
mcb__foreach_end = 0x80fd648
storage = 0x80c53e8
mbox = 0x80fd2c8
cb = <optimized out>
mcb = 0x80fd638
#14 0xb7f04e61 in imapc_connection_input_untagged (conn=0x80c1950) at 
imapc-connection.c:906
imap_args = 0x80c7228
name = 0x80c72a0 "FETCH"
value = <optimized out>
parser = 0x80c7170
reply = {name = 0x80c72a0 "FETCH", num = 341, args = 0x80c7228, 
file_args = 0x80c1b08, file_args_count = 0, resp_text_key = 0x0,
resp_text_value = 0x0, untagged_box_context = 0x80fd2c8}
ret = <optimized out>
#15 0xb7f05a3d in imapc_connection_input_one (conn=0x80c1950) at 
imapc-connection.c:1061
tag = 0x80c7290 "*"
ret = -1
#16 imapc_connection_input_pending (conn=0x80c1950) at 
imapc-connection.c:1407
_data_stack_cur_id = 5
ret = <optimized out>
#17 0xb7f05aac in imapc_connection_input (conn=0x80c1950) at 
imapc-connection.c:1100
errstr = <optimized out>
ret = <optimized out>
#18 0xb7e5c034 in io_loop_call_io (io=0x80d3d28) at ioloop.c:379
ioloop = 0x81655e0
t_id = 4
#19 0xb7e5ce8e in io_loop_handler_run (ioloop=0x81655e0) at 
ioloop-epoll.c:213
ctx = 0x80d3d58
events = 0x0
event = 0x80dec28
list = 0x80e3bb0
io = <optimized out>
---Type <return> to continue, or q <return> to quit---
tv = {tv_sec = 299, tv_usec = 999988}
events_count = 1
msecs = <optimized out>
ret = 1
i = <optimized out>
j = <optimized out>
call = <optimized out>
#20 0xb7e5b9d0 in io_loop_run (ioloop=0x81655e0) at ioloop.c:398
No locals.
#21 0xb7f02297 in imapc_client_run_pre (client=<optimized out>) at 
imapc-client.c:142
connp = <optimized out>
prev_ioloop = 0x80984c8
#22 imapc_client_run (client=0x80c5bf0) at imapc-client.c:161
No locals.
#23 0xb7f011e6 in imapc_storage_run (storage=0x80c53e8) at 
imapc-storage.c:118
No locals.
#24 0xb7efffde in imapc_sync_index (ctx=0x80e6bb8) at imapc-sync.c:351
mbox = 0x80fd2c8
sync_rec = {uid1 = 3221222620, uid2 = 3086630900, type = 134997136, 
add_flags = 244 '\364', remove_flags = 63 '?',
keyword_idx = 3085040665, guid_128 = 
"mK\361\267,\364\377\277\334\364\377\277\060\346\f\b"}
seq1 = 3085537268
seq2 = 135130168
#25 imapc_sync_begin (force=<optimized out>, ctx_r=<synthetic pointer>, 
mbox=0x80fd2c8) at imapc-sync.c:422
ctx = 0x80e6bb8
sync_flags = <optimized out>
ret = <optimized out>
#26 imapc_sync (mbox=0x80fd2c8) at imapc-sync.c:464
sync_ctx = <optimized out>
force = <optimized out>
#27 imapc_mailbox_sync_init (box=0x80fd2c8, 
flags=MAILBOX_SYNC_FLAG_FIX_INCONSISTENT) at imapc-sync.c:498
mbox = 0x80fd2c8
capabilities = <optimized out>
changes = false
ret = <optimized out>
#28 0xb7f1668b in mailbox_sync_init (box=0x80fd2c8, 
flags=MAILBOX_SYNC_FLAG_FIX_INCONSISTENT) at mail-storage.c:1320
_data_stack_cur_id = 3
ctx = <optimized out>
#29 0xb7f167cc in mailbox_sync (box=0x80fd2c8, 
flags=MAILBOX_SYNC_FLAG_FIX_INCONSISTENT) at mail-storage.c:1368
ctx = <optimized out>
---Type <return> to continue, or q <return> to quit---
status = {sync_delayed_expunges = 0}
#30 0x08072510 in local_mailbox_open (guid=0x80e0e18, box_r=0xbffff4dc, 
worker=<optimized out>) at dsync-worker-local.c:791
lbox = 0x80ce610
box = 0x80fd2c8
metadata = {guid = "\210y\236\267\210\364\377\277\r\r?`\006\000", 
virtual_size = 13252281656649187328, cache_fields = 0x80fd2b8,
precache_fields = 3080616300}
#31 0x08072789 in iter_local_mailbox_open (iter=0x80ec1e8) at 
dsync-worker-local.c:826
worker = 0x80ce348
guid = 0x80e0e18
box = <optimized out>
search_args = <optimized out>
ret = <optimized out>
#32 0x080729b2 in local_worker_msg_iter_next (_iter=0x80ec1e8, 
mailbox_idx_r=0xb79e7988, msg_r=0xb79e796c) at dsync-worker-local.c:972
iter = 0x80ec1e8
mail = <optimized out>
guid = <optimized out>
#33 0x08070a69 in dsync_worker_msg_iter_next (iter=0x80ec1e8, 
mailbox_idx_r=0xb79e7988, msg_r=0xb79e796c) at dsync-worker.c:122
_data_stack_cur_id = 2
ret = <optimized out>
#34 0x0806b6e1 in dsync_brain_msg_iter_next (iter=0xb79e7960) at 
dsync-brain-msgs.c:84
ret = 1
#35 0x0806b736 in dsync_brain_msg_sync_mailbox_end (iter1=0xb79e7960, 
iter2=0xb79e79b8) at dsync-brain-msgs.c:360
ret = <optimized out>
#36 0x0806bc7b in dsync_brain_msg_sync_mailbox_more (sync=<optimized 
out>) at dsync-brain-msgs.c:392
No locals.
#37 dsync_brain_msg_sync_more (sync=0xb79e7028) at dsync-brain-msgs.c:407
mailboxes = 0xb79e7070
count = 26
mailbox_idx = <optimized out>
#38 0x0806a3ab in dsync_brain_sync_msgs (brain=<optimized out>) at 
dsync-brain.c:736
mailboxes = {arr = {buffer = 0x80f6ab8, element_size = 88}, v = 
0x80f6ab8, v_modifiable = 0x80f6ab8}
pool = 0x80f6aa8
ret = <optimized out>
#39 dsync_brain_sync (brain=0x80c1b70) at dsync-brain.c:857
No locals.
#40 dsync_brain_sync (brain=0x80c1b70) at dsync-brain.c:815
No locals.
#41 0x0806b202 in dsync_brain_subs_list_finished (brain=<optimized out>) 
at dsync-brain.c:169
No locals.
---Type <return> to continue, or q <return> to quit---
#42 dsync_worker_subs_input (context=0x80ed188) at dsync-brain.c:222
list = 0x80ed188
subs = {vname = 0x0, storage_name = 0x0, ns_prefix = 0x0, last_change = 0}
unsubs = {name_sha1 = {guid = '\000' <repeats 15 times>}, ns_prefix = 
0x0, last_change = 0}
ret = <optimized out>
#43 0x0806a715 in dsync_brain_sync (brain=0x80c1b70) at dsync-brain.c:842
No locals.
#44 dsync_brain_sync (brain=0x80c1b70) at dsync-brain.c:815
No locals.
#45 0x0806b060 in dsync_brain_mailbox_list_finished (brain=<optimized 
out>) at dsync-brain.c:98
No locals.
#46 dsync_worker_mailbox_input (context=0x80d73c8) at dsync-brain.c:125
list = 0x80d73c8
dsync_box = {name = 0x0, name_sep = 0 '\000', name_sha1 = {guid = '\000' 
<repeats 15 times>}, mailbox_guid = {
guid = '\000' <repeats 15 times>}, uid_validity = 0, uid_next = 0, 
message_count = 0, first_recent_uid = 0,
highest_modseq = 0, last_change = 0, flags = 0, cache_fields = {arr = 
{buffer = 0x0, element_size = 0}, v = 0x0,
v_modifiable = 0x0}}
dup_box = 0x80d1cd0
ret = <optimized out>
#47 0x0806a755 in dsync_brain_sync (brain=0x80c1b70) at dsync-brain.c:833
No locals.
#48 dsync_brain_sync (brain=0x80c1b70) at dsync-brain.c:815
No locals.
#49 0x0806b298 in dsync_brain_sync_all (brain=0x80c1b70) at 
dsync-brain.c:897
old_state = DSYNC_STATE_GET_MAILBOXES
__FUNCTION__ = "dsync_brain_sync_all"
#50 0x08068445 in cmd_dsync_start (ctx=0x809ef98, worker1=<optimized 
out>, worker2=<optimized out>) at doveadm-dsync.c:342
brain = 0x80c1b70
#51 0x08068aa7 in cmd_dsync_run (_ctx=0x809ef98, user=0x80b4020) at 
doveadm-dsync.c:387
ctx = 0x809ef98
worker1 = 0x80ce348
worker2 = 0x80ba350
workertmp = <optimized out>
lock_path = <optimized out>
lock = 0x809efc4
lock_fd = <optimized out>
ret = 0
#52 0x08054510 in doveadm_mail_next_user (error_r=0xbffffa5c, 
ctx=0x809ef98, input=<optimized out>) at doveadm-mail.c:311
ret = 0
---Type <return> to continue, or q <return> to quit---
#53 doveadm_mail_next_user (ctx=0x809ef98, input=<optimized out>, 
error_r=0xbffffa5c) at doveadm-mail.c:270
error = <optimized out>
ret = <optimized out>
#54 0x08054fd0 in doveadm_mail_cmd (cmd=0x809d000, argc=<optimized out>, 
argv=0x80981e4) at doveadm-mail.c:518
input = {module = 0x0, service = 0x807b55c "doveadm", username = 
0x8098245 "mailaccount at domain.com", session_id = 0x0,
local_ip = {family = 0, u = {ip6 = {__in6_u = {__u6_addr8 = '\000' 
<repeats 15 times>, __u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0},
__u6_addr32 = {0, 0, 0, 0}}}, ip4 = {s_addr = 0}}}, remote_ip = {family 
= 0, u = {ip6 = {__in6_u = {
__u6_addr8 = '\000' <repeats 15 times>, __u6_addr16 = {0, 0, 0, 0, 0, 0, 
0, 0}, __u6_addr32 = {0, 0, 0, 0}}}, ip4 = {
s_addr = 0}}}, local_port = 0, remote_port = 0, userdb_fields = 0x0, 
flags_override_add = 0, flags_override_remove = 0,
no_userdb_lookup = 0}
ctx = 0x809ef98
getopt_args = <optimized out>
wildcard_user = 0x0
error = 0xb7cbb054 ""
ret = <optimized out>
c = <optimized out>
#55 0x08055489 in doveadm_mail_try_run (cmd_name=0x809823b "backup", 
argc=5, argv=0x80981d4) at doveadm-mail.c:577
cmd__foreach_end = 0x809d03c
cmd = 0x809d000
cmd_name_len = 6
__FUNCTION__ = "doveadm_mail_try_run"
#56 0x08054151 in main (argc=5, argv=0x80981d4) at doveadm.c:376
cmd_name = <optimized out>
i = <optimized out>
quick_init = false
c = <optimized out>


From daniel.parthey at informatik.tu-chemnitz.de  Fri Jun 15 23:03:06 2012
From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey)
Date: Fri, 15 Jun 2012 22:03:06 +0200
Subject: [Dovecot] [Dovecot 2.1.7] SegFault on doveadm search through
	director proxy
In-Reply-To: <65A804FB-2F80-497C-9A96-3CC34B522FBF@iki.fi>
References: <20120609235603.GA17490@daniel.localdomain>
	<65A804FB-2F80-497C-9A96-3CC34B522FBF@iki.fi>
Message-ID: <20120615200306.GA8276@daniel.localdomain>

Timo Sirainen wrote:
> On 10.6.2012, at 2.56, Daniel Parthey wrote:
> 
> > doveadm search -u user at example.org -S localhost:19000 all
> > produces the following error in the logs:
> > dovecot: doveadm: Error: doveadm client attempted non-PLAIN authentication
> > 
> > What am I missing?
> 
> It's possible that this is just broken in v2.0. Try v2.1.

mail01: 2.0.20
mail02: 2.1.7
mail03: 2.0.20
mail04: 2.0.20

Director for user at example.org currently points to mail02.

Compiled and installed 2.1.7 on mail02 (Ubuntu Lucid),
gettings segfaults on mail02 now.

Got a core dump and created a gdb backtrace:

mail02# doveadm -c /etc/dovecot-director/dovecot-director.conf search -u user at example.org all
[...]
67b3b72453278b4f6a3d000051abeb58 447
67b3b72453278b4f6a3d000051abeb58 448
67b3b72453278b4f6a3d000051abeb58 449
67b3b72453278b4f6a3d000051abeb58 450
67b3b72453278b4f6a3d000051abeb58 451
67b3b72453278b4f6a3d000051abeb58 452
67b3b72453278b4f6a3d000051abeb58 453
67b3b72453278b4f6a3d000051abeb58 454
67b3b72453278b4f6a3d000051abeb58 455
67b3b72453278b4f6a3d000051abeb58 456
Segmentation fault (core dumped)

gdb /usr/bin/doveadm /root/core
(gdb) bt full
#0  0x00007f953cbb9e32 in vfprintf () from /lib/libc.so.6
No symbol table info available.
#1  0x00007f953cc6eea1 in __printf_chk () from /lib/libc.so.6
No symbol table info available.
#2  0x000000000041ed4e in ?? ()
No symbol table info available.
#3  0x0000000000415667 in doveadm_print ()
No symbol table info available.
#4  0x000000000041638d in ?? ()
No symbol table info available.
#5  0x00007f953cf3f176 in io_loop_call_io () from /usr/lib/dovecot/libdovecot.so.0
No symbol table info available.
#6  0x00007f953cf401ff in io_loop_handler_run () from /usr/lib/dovecot/libdovecot.so.0
No symbol table info available.
#7  0x00007f953cf3f118 in io_loop_run () from /usr/lib/dovecot/libdovecot.so.0
No symbol table info available.
#8  0x00007f953cf2b403 in master_service_run () from /usr/lib/dovecot/libdovecot.so.0
No symbol table info available.
#9  0x0000000000414cae in ?? ()
No symbol table info available.
#10 0x0000000000414dd2 in doveadm_mail_server_flush ()
No symbol table info available.
#11 0x000000000041009a in ?? ()
No symbol table info available.
#12 0x0000000000410501 in doveadm_mail_try_run ()
No symbol table info available.
#13 0x0000000000417051 in main ()
No symbol table info available.

Can you help to fix these segfaults, please?

Regards
Daniel
-- 
https://plus.google.com/103021802792276734820

From daniel.parthey at informatik.tu-chemnitz.de  Fri Jun 15 23:11:33 2012
From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey)
Date: Fri, 15 Jun 2012 22:11:33 +0200
Subject: [Dovecot] [Dovecot 2.1.7] SegFault on doveadm search through
	director proxy
In-Reply-To: <20120615200306.GA8276@daniel.localdomain>
References: <20120609235603.GA17490@daniel.localdomain>
	<65A804FB-2F80-497C-9A96-3CC34B522FBF@iki.fi>
	<20120615200306.GA8276@daniel.localdomain>
Message-ID: <20120615201133.GA8541@daniel.localdomain>

> mail01: 2.0.20
> mail02: 2.1.7
> mail03: 2.0.20
> mail04: 2.0.20
> 
> Director for user at example.org currently points to mail02.
> 
> Compiled and installed 2.1.7 on mail02 (Ubuntu Lucid),
> gettings segfaults on mail02 now.
> 
> Got a core dump and created a gdb backtrace:
> 
> mail02# doveadm -c /etc/dovecot-director/dovecot-director.conf search -u user at example.org all
> [...]
> 67b3b72453278b4f6a3d000051abeb58 447
> 67b3b72453278b4f6a3d000051abeb58 448
> 67b3b72453278b4f6a3d000051abeb58 449
> 67b3b72453278b4f6a3d000051abeb58 450
> 67b3b72453278b4f6a3d000051abeb58 451
> 67b3b72453278b4f6a3d000051abeb58 452
> 67b3b72453278b4f6a3d000051abeb58 453
> 67b3b72453278b4f6a3d000051abeb58 454
> 67b3b72453278b4f6a3d000051abeb58 455
> 67b3b72453278b4f6a3d000051abeb58 456
> Segmentation fault (core dumped)

(gdb) bt full
#0  0x00007ff6c763de32 in vfprintf () from /lib/libc.so.6
No symbol table info available.
#1  0x00007ff6c76f2ea1 in __printf_chk () from /lib/libc.so.6
No symbol table info available.
#2  0x000000000041ed4e in printf (value=0x64697567 <Address 0x64697567 out of bounds>) at /usr/include/bits/stdio2.h:105
No locals.
#3  doveadm_print_flow_print (value=0x64697567 <Address 0x64697567 out of bounds>) at doveadm-print-flow.c:51
        hdr = <value optimized out>
#4  0x0000000000415667 in doveadm_print (value=0x1c28970 "67b3b72453278b4f6a3d000051abeb58") at doveadm-print.c:65
        headers = 0x1c37120
#5  0x000000000041638d in server_flush_field (conn=0x1c4ab10) at server-connection.c:111
        text = 0x0
#6  server_handle_input (conn=0x1c4ab10) at server-connection.c:150
        str = 0x1c28938
        i = <value optimized out>
#7  server_connection_input (conn=0x1c4ab10) at server-connection.c:254
        data = 0x1c4eae0 "b4f6a3d000051abeb58\t450\t67b3b72453278b4f6a3d000051abeb58\t451\t67b3b72453278b4f6a3d000051abeb58\t452\t67b3b72453278b4f6a3d000051abeb58\t453\t67b3b72453278b4f6a3d000051abeb58\t454\t67b3b72453278b4f6a3d000051ab"...
        size = 8192
        line = <value optimized out>
        reply = <value optimized out>
#8  0x00007ff6c79c3176 in io_loop_call_io (io=0x1c386d0) at ioloop.c:379
        ioloop = 0x1c30820
        t_id = 2
#9  0x00007ff6c79c41ff in io_loop_handler_run (ioloop=<value optimized out>) at ioloop-epoll.c:213
        ctx = 0x1c35ff0
        event = 0x1c36660
        list = 0x1c30350
        io = 0x64697567
        tv = {tv_sec = 59, tv_usec = 945631}
        msecs = <value optimized out>
        ret = <value optimized out>
        i = 0
        call = false
#10 0x00007ff6c79c3118 in io_loop_run (ioloop=0x1c30820) at ioloop.c:398
No locals.
#11 0x00007ff6c79af403 in master_service_run (service=0x1c306d0, callback=0xffffe906) at master-service.c:544
No locals.
#12 0x0000000000414cae in doveadm_server_flush_one (server=0x1c46b00) at doveadm-mail-server.c:149
        count = 0
#13 0x0000000000414dd2 in doveadm_mail_server_flush () at doveadm-mail-server.c:307
        server = 0x1c46b00
#14 0x000000000041009a in doveadm_mail_cmd (cmd=0x1c35ca8, argc=4, argv=0x1c303a0) at doveadm-mail.c:529
        ctx = 0x1c36cb0
        getopt_args = 0x4336e6 "AS:u:"
        wildcard_user = 0x0
        error = <value optimized out>
        ret = 0
        c = <value optimized out>
#15 0x0000000000410501 in doveadm_mail_try_run (cmd_name=0x1c303f0 "search", argc=1227192544, argv=0x437727) at doveadm-mail.c:577
        cmd__foreach_end = 0x1c35e28
        cmd = 0x1c35ca8
        cmd_name_len = 0
        __FUNCTION__ = "doveadm_mail_try_run"
#16 0x0000000000417051 in main (argc=4, argv=0x1c30388) at doveadm.c:373
        cmd_name = 0x1c303f0 "search"
        quick_init = false
        c = <value optimized out>

From tss at iki.fi  Sat Jun 16 02:04:21 2012
From: tss at iki.fi (Timo Sirainen)
Date: Sat, 16 Jun 2012 02:04:21 +0300
Subject: [Dovecot] doveadm backup panic
In-Reply-To: <4FDB83E1.1070302@gedalya.net>
References: <4FDB8250.8020600@gedalya.net> <4FDB83E1.1070302@gedalya.net>
Message-ID: <CCC12DEA-C084-4F5A-9E2A-F154A610348B@iki.fi>

On 15.6.2012, at 21.50, Gedalya wrote:

> #12 imapc_untagged_fetch (reply=0xbffff184, mbox=0x80fd2c8) at imapc-mailbox.c:349
> old_kws = {arr = {buffer = 0x8093030, element_size = 4}, v = 0x8093030, v_modifiable = 0x8093030}

Fixed: http://hg.dovecot.org/dovecot-2.1/rev/a28c8043842d


From tss at iki.fi  Sat Jun 16 02:13:47 2012
From: tss at iki.fi (Timo Sirainen)
Date: Sat, 16 Jun 2012 02:13:47 +0300
Subject: [Dovecot] [Dovecot 2.1.7] SegFault on doveadm search through
 director proxy
In-Reply-To: <20120615201133.GA8541@daniel.localdomain>
References: <20120609235603.GA17490@daniel.localdomain>
	<65A804FB-2F80-497C-9A96-3CC34B522FBF@iki.fi>
	<20120615200306.GA8276@daniel.localdomain>
	<20120615201133.GA8541@daniel.localdomain>
Message-ID: <1339802027.5967.31.camel@hurina>

On Fri, 2012-06-15 at 22:11 +0200, Daniel Parthey wrote:
> > mail02# doveadm -c /etc/dovecot-director/dovecot-director.conf search -u user at example.org all
..
> #3  doveadm_print_flow_print (value=0x64697567 <Address 0x64697567 out of bounds>) at doveadm-print-flow.c:51
>         hdr = <value optimized out>
> #4  0x0000000000415667 in doveadm_print (value=0x1c28970 "67b3b72453278b4f6a3d000051abeb58") at doveadm-print.c:65
>         headers = 0x1c37120
> #5  0x000000000041638d in server_flush_field (conn=0x1c4ab10) at server-connection.c:111
>         text = 0x0

Hmm. See if the attached patch fixes it?

-------------- next part --------------
A non-text attachment was scrubbed...
Name: diff
Type: text/x-patch
Size: 1177 bytes
Desc: not available
URL: <http://dovecot.org/pipermail/dovecot/attachments/20120616/1fc87e61/attachment.bin>

From tss at iki.fi  Sat Jun 16 02:22:22 2012
From: tss at iki.fi (Timo Sirainen)
Date: Sat, 16 Jun 2012 02:22:22 +0300
Subject: [Dovecot] Problem with lmtp director proxy
In-Reply-To: <4FD8C9C8.6090608@um.es>
References: <4FD718A0.50605@um.es> <4FD83A26.3030209@um.es>
	<1339592369.25551.7.camel@innu> <4FD8AA66.7050909@um.es>
	<1339600677.25551.12.camel@innu> <4FD8C9C8.6090608@um.es>
Message-ID: <72C5BD43-6254-40F1-8121-B0954739410F@iki.fi>

On 13.6.2012, at 20.11, Angel L. Mateo wrote:

> 	Ok, you were right. I was looking for logs at my log repository, which doesn't receive debug log. Nevertheless, the only auth lines I have found at the ones above, with the proxy_refresh=450. I haven't found any line with a timeout log in the proxies neither the backends

The backend logs don't matter. Director adds the proxy_refresh. You haven't shown in your logs what auth process logs as debug messages. This is what is supposed to happen:

> Jun 16 02:19:11 auth: Debug: master out: PASS   1       user=director   proxy   proxy_timeout=1000

"master out" must return proxy_timeout=1000. If it doesn't, then the problem is with your auth settings.

> Jun 16 02:19:11 lmtp(11845): Debug: auth input: user=director proxy proxy_timeout=1000 host=1.2.3.4 proxy_refresh=450

Director adds proxy_refresh, but preserves proxy_timeout.


From gedalya at gedalya.net  Sat Jun 16 03:44:55 2012
From: gedalya at gedalya.net (Gedalya)
Date: Fri, 15 Jun 2012 20:44:55 -0400
Subject: [Dovecot] doveadm backup panic
In-Reply-To: <CCC12DEA-C084-4F5A-9E2A-F154A610348B@iki.fi>
References: <4FDB8250.8020600@gedalya.net> <4FDB83E1.1070302@gedalya.net>
	<CCC12DEA-C084-4F5A-9E2A-F154A610348B@iki.fi>
Message-ID: <4FDBD707.9030106@gedalya.net>

On 06/15/2012 07:04 PM, Timo Sirainen wrote:
> On 15.6.2012, at 21.50, Gedalya wrote:
>
>> #12 imapc_untagged_fetch (reply=0xbffff184, mbox=0x80fd2c8) at imapc-mailbox.c:349
>> old_kws = {arr = {buffer = 0x8093030, element_size = 4}, v = 0x8093030, v_modifiable = 0x8093030}
> Fixed: http://hg.dovecot.org/dovecot-2.1/rev/a28c8043842d
>
Yes, works now! Thank you.


From wojtek at wojtek.tensor.gdynia.pl  Sat Jun 16 13:55:07 2012
From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar)
Date: Sat, 16 Jun 2012 12:55:07 +0200 (CEST)
Subject: [Dovecot] question about fts_squat
Message-ID: <alpine.BSF.2.00.1206161250230.34310@wojtek.tensor.gdynia.pl>

just installed dovecot with fts_squat
config attached after message.

When i telnet to imap server and execute by hand
1 login user password
select foldername
search body "someword"

it works fine, and at blazing speed except first run (indexing).
i already indexed everything by doveadm index offline to prevent server 
overload if multiple users (after i tell them) will try fulltext search.

All great BUT it doesn't work in thunderbird. Just gives zero results.

i used tcpdump to check how thunderbird executes it and it uses

search undeleted body "someword"

tried manually and it DOES NOT WORK. always give empty results.

even search all body "someword" doesn't work.

while

search body "someword"


always work very well.

what's wrong?

# 2.1.7: /usr/local/etc/dovecot/dovecot.conf
# OS: FreeBSD 8.3-STABLE amd64 
disable_plaintext_auth = no
listen = *
mail_location = maildir:~/Maildir
mail_plugins = fts fts_squat
namespace inbox {
   inbox = yes
   location =
   mailbox Drafts {
     special_use = \Drafts
   }
   mailbox Junk {
     special_use = \Junk
   }
   mailbox Sent {
     special_use = \Sent
   }
   mailbox "Sent Messages" {
     special_use = \Sent
   }
   mailbox Trash {
     special_use = \Trash
   }
   prefix = 
}
passdb {
   args = /usr/local/etc/dovecot/deny-users
   deny = yes
   driver = passwd-file
}
passdb {
   driver = pam
}
plugin {
   fts = squat
   fts_squat = partial=4 full=10
}
protocols = imap
ssl_cert = </etc/ssl/certs/dovecot.pem
ssl_key = </etc/ssl/private/dovecot.pem
userdb {
   driver = passwd
}
protocol imap {
   mail_plugins = fts fts_squat
}

From wojtek at wojtek.tensor.gdynia.pl  Sat Jun 16 13:57:01 2012
From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar)
Date: Sat, 16 Jun 2012 12:57:01 +0200 (CEST)
Subject: [Dovecot] question about fts_squat
In-Reply-To: <alpine.BSF.2.00.1206161250230.34310@wojtek.tensor.gdynia.pl>
References: <alpine.BSF.2.00.1206161250230.34310@wojtek.tensor.gdynia.pl>
Message-ID: <alpine.BSF.2.00.1206161256480.34375@wojtek.tensor.gdynia.pl>

> When i telnet to imap server and execute by hand
> 1 login user password
> select foldername
> search body "someword"

sorry it was 2 and 3 just like 1 at login.

>
> it works fine, and at blazing speed except first run (indexing).
> i already indexed everything by doveadm index offline to prevent server 
> overload if multiple users (after i tell them) will try fulltext search.
>
> All great BUT it doesn't work in thunderbird. Just gives zero results.
>
> i used tcpdump to check how thunderbird executes it and it uses
>
> search undeleted body "someword"
>
> tried manually and it DOES NOT WORK. always give empty results.
>
> even search all body "someword" doesn't work.
>
> while
>
> search body "someword"
>
>
> always work very well.
>
> what's wrong?
>
> # 2.1.7: /usr/local/etc/dovecot/dovecot.conf
> # OS: FreeBSD 8.3-STABLE amd64 disable_plaintext_auth = no
> listen = *
> mail_location = maildir:~/Maildir
> mail_plugins = fts fts_squat
> namespace inbox {
>  inbox = yes
>  location =
>  mailbox Drafts {
>    special_use = \Drafts
>  }
>  mailbox Junk {
>    special_use = \Junk
>  }
>  mailbox Sent {
>    special_use = \Sent
>  }
>  mailbox "Sent Messages" {
>    special_use = \Sent
>  }
>  mailbox Trash {
>    special_use = \Trash
>  }
>  prefix = }
> passdb {
>  args = /usr/local/etc/dovecot/deny-users
>  deny = yes
>  driver = passwd-file
> }
> passdb {
>  driver = pam
> }
> plugin {
>  fts = squat
>  fts_squat = partial=4 full=10
> }
> protocols = imap
> ssl_cert = </etc/ssl/certs/dovecot.pem
> ssl_key = </etc/ssl/private/dovecot.pem
> userdb {
>  driver = passwd
> }
> protocol imap {
>  mail_plugins = fts fts_squat
> }
>
>

From jonrysh at pacbell.net  Sat Jun 16 22:08:27 2012
From: jonrysh at pacbell.net (Jonathan Ryshpan)
Date: Sat, 16 Jun 2012 12:08:27 -0700
Subject: [Dovecot] Import from Evolution
Message-ID: <1339873707.2732.11.camel@amito>

I need to import the mail database generated by the evolution mail
reader into dovecot.  Evolution stores its mail in maildir format (fully
standards compatible, I think); I would be using the maildir format in
dovecot.  Is there anything in the wiki, etc. explaining exactly how to 
do this?

Why do this?  Evolution is hopelessly broken, and is not likely to be 
fixed in the forseeable future, and I would like to keep my mails in
maildir form.  Reviews of kmail are very bad, and thunderbird uses the
mbox format for storage.

Thanks in advance - jon






From p at state-of-mind.de  Sat Jun 16 23:16:36 2012
From: p at state-of-mind.de (Patrick Ben Koetter)
Date: Sat, 16 Jun 2012 22:16:36 +0200
Subject: [Dovecot] Import from Evolution
In-Reply-To: <1339873707.2732.11.camel@amito>
References: <1339873707.2732.11.camel@amito>
Message-ID: <20120616201636.GB6858@state-of-mind.de>

* Jonathan Ryshpan <jonrysh at pacbell.net>:
> I need to import the mail database generated by the evolution mail
> reader into dovecot.  Evolution stores its mail in maildir format (fully
> standards compatible, I think); I would be using the maildir format in
> dovecot.  Is there anything in the wiki, etc. explaining exactly how to 
> do this?
> 
> Why do this?  Evolution is hopelessly broken, and is not likely to be 
> fixed in the forseeable future, and I would like to keep my mails in
> maildir form.  Reviews of kmail are very bad, and thunderbird uses the
> mbox format for storage.

If it is native maildir you can configure that/your account to use maildir and
simply copy your mailbox over to Dovecot. When Dovecot accesses the mailbox it
will create the necessary index files and you are ready to use it.

p at rick

-- 
state of mind ()

http://www.state-of-mind.de

Franziskanerstra?e 15      Telefon +49 89 3090 4664
81669 M?nchen              Telefax +49 89 3090 4666

Amtsgericht M?nchen        Partnerschaftsregister PR 563


From jonrysh at pacbell.net  Sun Jun 17 00:23:38 2012
From: jonrysh at pacbell.net (Jonathan Ryshpan)
Date: Sat, 16 Jun 2012 14:23:38 -0700
Subject: [Dovecot] Import from Evolution
In-Reply-To: <20120616201636.GB6858@state-of-mind.de>
References: <1339873707.2732.11.camel@amito>
	<20120616201636.GB6858@state-of-mind.de>
Message-ID: <1339881818.2732.29.camel@amito>

On Sat, 2012-06-16 at 22:16 +0200, Patrick Ben Koetter wrote:
> * Jonathan Ryshpan <jonrysh at pacbell.net>:
> > I need to import the mail database generated by the evolution mail
> > reader into dovecot.  Evolution stores its mail in maildir format (fully
> > standards compatible, I think); I would be using the maildir format in
> > dovecot.  Is there anything in the wiki, etc. explaining exactly how to 
> > do this?
> > 
> > Why do this?  Evolution is hopelessly broken, and is not likely to be 
> > fixed in the forseeable future, and I would like to keep my mails in
> > maildir form.  Reviews of kmail are very bad, and thunderbird uses the
> > mbox format for storage.
> 
> If it is native maildir you can configure that/your account to use maildir and
> simply copy your mailbox over to Dovecot. When Dovecot accesses the mailbox it
> will create the necessary index files and you are ready to use it.

Sounds good.  

I'm sure than when you write "mailbox", you mean the folders (and not
the index files) in the evolution mail database, located at
~/.local/share/evolution/mail/local and whose contents start:
        $ ls -lA
        ..#evolution.Junk.cmeta        .jango.ibex.index.data
        ..#evolution.Trash.cmeta       .jfour/
        ..cmeta                        .jfour.cmeta
        ..maildir++                    .jfour.ibex.index
        .Drafts/                       .jfour.ibex.index.data
        .Drafts.cmeta                  .joer/
        .Outbox/                       .joer.cmeta
        .Outbox.cmeta                  .joyce/
        <...>
and not $MAIL, i.e. /var/spool/mail/jonrysh, where mail arrives on the
system (via fetchmail and local sendmail).  

Please excuse me for double checking; evolution has archived 218,886
messages in 132 folders, and I want to avoid trouble if possible.

Thanks for your help - jon




From p at state-of-mind.de  Sun Jun 17 01:04:31 2012
From: p at state-of-mind.de (Patrick Ben Koetter)
Date: Sun, 17 Jun 2012 00:04:31 +0200
Subject: [Dovecot] Import from Evolution
In-Reply-To: <1339881818.2732.29.camel@amito>
References: <1339873707.2732.11.camel@amito>
	<20120616201636.GB6858@state-of-mind.de>
	<1339881818.2732.29.camel@amito>
Message-ID: <20120616220430.GB12243@state-of-mind.de>

* Jonathan Ryshpan <jonrysh at pacbell.net>:
> On Sat, 2012-06-16 at 22:16 +0200, Patrick Ben Koetter wrote:
> > * Jonathan Ryshpan <jonrysh at pacbell.net>:
> > > I need to import the mail database generated by the evolution mail
> > > reader into dovecot.  Evolution stores its mail in maildir format (fully
> > > standards compatible, I think); I would be using the maildir format in
> > > dovecot.  Is there anything in the wiki, etc. explaining exactly how to 
> > > do this?
> > > 
> > > Why do this?  Evolution is hopelessly broken, and is not likely to be 
> > > fixed in the forseeable future, and I would like to keep my mails in
> > > maildir form.  Reviews of kmail are very bad, and thunderbird uses the
> > > mbox format for storage.
> > 
> > If it is native maildir you can configure that/your account to use maildir and
> > simply copy your mailbox over to Dovecot. When Dovecot accesses the mailbox it
> > will create the necessary index files and you are ready to use it.
> 
> Sounds good.  
> 
> I'm sure than when you write "mailbox", you mean the folders (and not
> the index files) in the evolution mail database, located at

Yes, I mean the folders and not the index files

> ~/.local/share/evolution/mail/local and whose contents start:
>         $ ls -lA
>         ..#evolution.Junk.cmeta        .jango.ibex.index.data
>         ..#evolution.Trash.cmeta       .jfour/
>         ..cmeta                        .jfour.cmeta
>         ..maildir++                    .jfour.ibex.index
>         .Drafts/                       .jfour.ibex.index.data
>         .Drafts.cmeta                  .joer/
>         .Outbox/                       .joer.cmeta
>         .Outbox.cmeta                  .joyce/
>         <...>
> and not $MAIL, i.e. /var/spool/mail/jonrysh, where mail arrives on the
> system (via fetchmail and local sendmail).  

I don't mean $MAIL.


> Please excuse me for double checking; evolution has archived 218,886
> messages in 132 folders, and I want to avoid trouble if possible.

I am a friend of double checking. :)

p at rick


-- 
state of mind ()

http://www.state-of-mind.de

Franziskanerstra?e 15      Telefon +49 89 3090 4664
81669 M?nchen              Telefax +49 89 3090 4666

Amtsgericht M?nchen        Partnerschaftsregister PR 563


From wojtek at wojtek.tensor.gdynia.pl  Sun Jun 17 15:04:22 2012
From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar)
Date: Sun, 17 Jun 2012 14:04:22 +0200 (CEST)
Subject: [Dovecot] Import from Evolution
In-Reply-To: <20120616201636.GB6858@state-of-mind.de>
References: <1339873707.2732.11.camel@amito>
	<20120616201636.GB6858@state-of-mind.de>
Message-ID: <alpine.BSF.2.00.1206171403020.13130@wojtek.tensor.gdynia.pl>

>> maildir form.  Reviews of kmail are very bad, and thunderbird uses the
>> mbox format for storage.
>
> If it is native maildir you can configure that/your account to use maildir and
> simply copy your mailbox over to Dovecot. When Dovecot accesses the mailbox it
> will create the necessary index files and you are ready to use it.

if you want to use any of those hopeless programs just turn message 
caching in them (folder synchronization off in thunderbird) and login to 
dovecot, even on localhost.

kmail v.3 is barely usable, v4 is good.


From bradley.giesbrecht at gmail.com  Sun Jun 17 18:19:05 2012
From: bradley.giesbrecht at gmail.com (Bradley Giesbrecht)
Date: Sun, 17 Jun 2012 08:19:05 -0700
Subject: [Dovecot] doveadm fetch LARGE attachments and remove message
Message-ID: <FBF14A8E-F209-4461-9E52-02489FD7426B@gmail.com>

Looking at the wiki and man pages I am unsure how to fetch email attachments from a unix shell.

I have an "doveadm search" that returns the messages that have the attachments I am after.

Would I loop through an "doveadm fetch" and use a commandline imap client to save the attachments and move the message to the Trash?

Or is there a doveadm command for this?

Regards,
Bradley Giesbrecht (pixilla)

From daniel.parthey at informatik.tu-chemnitz.de  Sun Jun 17 21:33:38 2012
From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey)
Date: Sun, 17 Jun 2012 20:33:38 +0200
Subject: [Dovecot] [Dovecot 2.1.7] SegFault on doveadm search through
 director proxy
In-Reply-To: <1339802027.5967.31.camel@hurina>
References: <20120609235603.GA17490@daniel.localdomain>
	<65A804FB-2F80-497C-9A96-3CC34B522FBF@iki.fi>
	<20120615200306.GA8276@daniel.localdomain>
	<20120615201133.GA8541@daniel.localdomain>
	<1339802027.5967.31.camel@hurina>
Message-ID: <20120617183338.GA14271@daniel.localdomain>

Timo Sirainen wrote:
> On Fri, 2012-06-15 at 22:11 +0200, Daniel Parthey wrote:
> > > mail02# doveadm -c /etc/dovecot-director/dovecot-director.conf search -u user at example.org all
> ..
> > #3  doveadm_print_flow_print (value=0x64697567 <Address 0x64697567 out of bounds>) at doveadm-print-flow.c:51
> >         hdr = <value optimized out>
> > #4  0x0000000000415667 in doveadm_print (value=0x1c28970 "67b3b72453278b4f6a3d000051abeb58") at doveadm-print.c:65
> >         headers = 0x1c37120
> > #5  0x000000000041638d in server_flush_field (conn=0x1c4ab10) at server-connection.c:111
> >         text = 0x0
> 
> Hmm. See if the attached patch fixes it?
> 

> diff -r a28c8043842d src/doveadm/doveadm-print.c
> --- a/src/doveadm/doveadm-print.c	Sat Jun 16 02:03:53 2012 +0300
> +++ b/src/doveadm/doveadm-print.c	Sat Jun 16 02:13:03 2012 +0300

The patch seems to fix the problem. Thanks.

Regards
Daniel
-- 
https://plus.google.com/103021802792276734820

From amateo at um.es  Mon Jun 18 09:52:37 2012
From: amateo at um.es (Angel L. Mateo)
Date: Mon, 18 Jun 2012 08:52:37 +0200
Subject: [Dovecot] Problem with lmtp director proxy
In-Reply-To: <72C5BD43-6254-40F1-8121-B0954739410F@iki.fi>
References: <4FD718A0.50605@um.es> <4FD83A26.3030209@um.es>
	<1339592369.25551.7.camel@innu> <4FD8AA66.7050909@um.es>
	<1339600677.25551.12.camel@innu> <4FD8C9C8.6090608@um.es>
	<72C5BD43-6254-40F1-8121-B0954739410F@iki.fi>
Message-ID: <4FDED035.1010804@um.es>

El 16/06/12 01:22, Timo Sirainen escribi?:
> On 13.6.2012, at 20.11, Angel L. Mateo wrote:
>
>> 	Ok, you were right. I was looking for logs at my log repository, which doesn't receive debug log. Nevertheless, the only auth lines I have found at the ones above, with the proxy_refresh=450. I haven't found any line with a timeout log in the proxies neither the backends
>
> The backend logs don't matter. Director adds the proxy_refresh. You haven't shown in your logs what auth process logs as debug messages. This is what is supposed to happen:
>
>> Jun 16 02:19:11 auth: Debug: master out: PASS   1       user=director   proxy   proxy_timeout=1000
>
	I don't have any log like this.

> "master out" must return proxy_timeout=1000. If it doesn't, then the problem is with your auth settings.
>
>> Jun 16 02:19:11 lmtp(11845): Debug: auth input: user=director proxy proxy_timeout=1000 host=1.2.3.4 proxy_refresh=450
>
> Director adds proxy_refresh, but preserves proxy_timeout.
>
	I can find these logs, but they don't include any proxy_timeout option, 
all of them are like:

Jun 18 08:26:26 myotis41 dovecot: lmtp(640): Debug: auth input: 
user=<user> proxy host=155.54.211.164 proxy_refresh=450

	But I have found, I think, the problem... I had configured 2 user backends:

!include auth-master.conf.ext
!include auth-ldap.conf.ext

	The first for master password, and the other, to get users from a ldap 
directory. In my auth-ldap.conf.ext I changed the ldap driver for passdb 
to static (I can't check user password in the director for other 
reasons), so I had:

passdb {
   driver = static
   args = proxy=y nopassword=y
}

userdb {
   driver = prefetch
}

userdb {
   driver = ldap
   args = /etc/dovecot/dovecot-ldap.conf.ext
}

	so, although in the dovecot-ldap.conf.ext I have:

pass_attrs = 
irisMailbox=userdb_mail,homeDirectory=userdb_home,uidNumber=userdb_uid,gidNumber=userdb_gid,=proxy=y,=proxy_timeout=120,irisMailHost=host

	it seems that it isn't used and proxy_timeout it's not defined.

	So I have changed passdb definition to be:

passdb {
   driver = static
   args = proxy=y nopassword=y proxy_timeout=120
}

	and now logs are like:

Jun 18 08:46:18 myotis40 dovecot: lmtp(11276): Debug: auth input: 
user=<user> proxy proxy_timeout=120 host=155.54.211.169 proxy_refresh=450

	Is this correct?

From voytek at sbt.net.au  Mon Jun 18 09:54:15 2012
From: voytek at sbt.net.au (Voytek Eymont)
Date: Mon, 18 Jun 2012 16:54:15 +1000
Subject: [Dovecot] migrating sql virtual 1 to 2,
 namespace configuration error: inbox=yes namespace missing
Message-ID: <eb1a388b44fc3e7353007980a8017bfd.squirrel@sbt.net.au>

I'm trying to setup a new server on centos 6, from old dovecot 1.x

I installed  'dovecot --version 2.1.1' from dovecot rpm
I converted conf file as per migration specs, also, copied sql conf across

when I try to retrieve email, log has *1:

dovecot.conf -m *2 and sql conf *3 follows

*1-------------------------------
dovecot: master: Dovecot v2.1.1 starting up (core dumps disabled)
dovecot: auth-worker(26890): mysql(127.0.0.1): Connected to database zzz
dovecot: imap-login: Login: user=<name at tld>, method=PLAIN,
rip=111.22.33.5, lip=111.22.33.4, mpid=26892, TLS
dovecot: imap(name at tld): Error: user name at tld: Initialization failed:
namespace configuration error: inbox=yes namespace missing
dovecot: imap(name at tld): Error: Invalid user settings. Refer to server log
for more information.

*2-----------------------------------
# doveconf -n
# 2.1.1: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.32-220.17.1.el6.x86_64 x86_64 CentOS release 6.2 (Final)
auth_cache_size = 1 k
auth_mechanisms = plain login
disable_plaintext_auth = no
log_timestamp = "%Y-%m-%d %H:%M:%S "
mail_location = maildir:~/Maildir
mail_privileged_group = mail
mbox_write_locks = fcntl
namespace inbox {
  location =
  mailbox Drafts {
    special_use = \Drafts
  }
  mailbox Junk {
    special_use = \Junk
  }
  mailbox Sent {
    special_use = \Sent
  }
  mailbox "Sent Messages" {
    special_use = \Sent
  }
  mailbox Trash {
    special_use = \Trash
  }
  prefix =
}
passdb {
  args = /etc/dovecot/dovecot-sql.conf
  driver = sql
}
protocols = imap pop3
service auth {
  unix_listener /var/spool/postfix/private/auth {
    group = postfix
    mode = 0666
    user = postfix
  }
  user = root
}
ssl = required
ssl_cert = </etc/pki/dovecot/certs/dovecot.pem
ssl_key = </etc/pki/dovecot/private/dovecot.pem
userdb {
  driver = passwd
}
userdb {
  args = /etc/dovecot/dovecot-sql.conf
  driver = sql
}
protocol pop3 {
  pop3_uidl_format = %08Xu%08Xv
}


*3-----------------------------------
cat dovecot-sql.conf

driver = mysql
connect = host=127.0.0.1 dbname=zzz user=yyy password=xxx

user_query = SELECT concat('/var/mail/vhosts/', maildir) as home,
concat('maildir:/var/mail/vhosts/', maildir) as mail, 5000 AS uid, 5000 AS
gid, concat('maildir:storage=', quota) AS quota FROM mailbox WHERE
username = '%u' AND active = '1'

default_pass_scheme = MD5

user_query = SELECT '/var/mail/vhosts/%d/%n@%d' as home,
'maildir:/var/mail/vhosts/%d/%n@%d' as mail, 5000 AS uid, 5000 AS gid,
concat('dirsize:storage=', quota) AS quota FROM mailbox WHERE username =
'%u' AND active = '1'

# Get the password
password_query = SELECT username as user, password,
'/var/mail/vhosts/%d/%n@%d' as userdb_home,
'maildir:/var/mail/vhosts/%d/%n@%d' as userdb_mail, 5000 as userdb_uid,
5000 as userdb_gid FROM mailbox WHERE username = '%u' AND active = '1'


-- 
Voytek


From weiler.guido at bergersysteme.com  Mon Jun 18 12:17:05 2012
From: weiler.guido at bergersysteme.com (Guido Weiler)
Date: Mon, 18 Jun 2012 09:17:05 +0000
Subject: [Dovecot] Dovecot Maildir - How to Seperate mail folders
Message-ID: <EEC2D5E5EBAD40439803A82A6C5B191D2FF24B35@w2k8server03.bergersysteme.com>

Hi Timo,

thank you very much for your quick reply. I tried that but it is not possible to SELECT such a mailbox.

I have in dovecot.conf:
---
mail_location=maildir:/data/messages%h

namespace private {
  separator = /
  prefix =
  location = maildir:/data/messages%h
  inbox = yes
  list = yes
}

namespace public {
  separator = /
  prefix = greetings/
  location = maildir:/data/greetings%h
  inbox = no
  list = yes
  hidden = yes
}
---

Messages are coming in from EXIM separated by a special HEADER into this two folders.
For INBOX this works fine but not for greetings, although the maildir files are being created upon delivery.

Sample IMAP Session AFTER delivering a greeting-type message:

---
01 OK Logged in.
>> 02 list "" "*"
* LIST (\HasNoChildren) "/" "INBOX"
* LIST (\Noselect \HasChildren) "/" "greetings"
* LIST (\HasNoChildren) "/" "greetings/INBOX"
02 OK List completed.
>> 03 select "greetings/INBOX"
03 NO Mailbox doesn't exist: INBOX
>> 04 select greetings
04 NO Mailbox doesn't exist: greetings

---

What is this "\Noselect" mailbox showing up and why is it saying "greetings/INBOX" in the third row when in fact there isn't a mailbox with this name?

I am very sorry for having to bother you again, but I don't know what we are doing wrong here.
(Dovecot version is 1.1.16)



Guido Weiler


-----Urspr?ngliche Nachricht-----
Von: Timo Sirainen [mailto:tss at iki.fi] 
Gesendet: Montag, 11. Juni 2012 22:48
An: Guido Weiler
Betreff: Re: Dovecot Maildir - How to Seperate mail folders

You should be able to do this with namespaces.

namespace {
  prefix = INBOX/VeryImportantMessages/
  location = maildir:/very/important/messages
  hidden = yes
}

On 8.6.2012, at 18.09, Guido Weiler wrote:

> Hello Timo,
> 
> for one of our latest dovecot/IMAP-projects, we need to separate physical locations of some special IMAP folders. 
> So to make, for example the "INBOX/VeryImportantMessages"-Folder is on a completely different volume or mount point than the mails in INBOX or other user generated imap subfolders.
> 
> Can you tell me if there is any possible way to implement this / change it in dovecots maildir implementation, or maybe it is already planned to do so in further versions of dovecot?
> 
> We have to treat all messages in that one special folder with an extended backup scenario, and I think it would be the best if we can implement to have an additional mail_location parameter in dovecot.conf (e.g. important_mail_location).
> 
> We are somewhat familiar with the dovecot source code since we already implemented plugins and other modifications to dovecot 1.1.16 but any advise or information is very appreciated.
> 
> Kind regards,
> 
> 
> Guido Weiler 


From amateo at um.es  Mon Jun 18 12:56:56 2012
From: amateo at um.es (Angel L. Mateo)
Date: Mon, 18 Jun 2012 11:56:56 +0200
Subject: [Dovecot] Sieve and fileinto encoding change?
Message-ID: <4FDEFB68.7070807@um.es>

Hello,

	I have changed from debian servers (debian lenny 5) running dovecot 
1.1.16 to new ones with ubuntu 12.04 and dovecot 2.1.5 and now I'm 
having problems with sieve filters storing mails in folders with spanish 
characters (accents).

	Myh problem is the one described at 
http://www.dovecot.org/list/dovecot/2009-October/044061.html and 
http://dovecot.org/list/dovecot/2009-July/041690.html, that is, in my 
sieve scripts (generated with horde ingo) folder's names are in utf-7 
instead of utf-8.

	Although I'm planning to patch ingo, my question is why those same 
scripts, with utf-7 folder's names, are working with dovecot 1.1.16 but 
not with 2.1.5? Because in my old servers those scripts worked without 
any problem...

From tss at iki.fi  Mon Jun 18 16:49:58 2012
From: tss at iki.fi (Timo Sirainen)
Date: Mon, 18 Jun 2012 16:49:58 +0300
Subject: [Dovecot] doveadm fetch LARGE attachments and remove message
In-Reply-To: <FBF14A8E-F209-4461-9E52-02489FD7426B@gmail.com>
References: <FBF14A8E-F209-4461-9E52-02489FD7426B@gmail.com>
Message-ID: <2457470C-A66C-42E7-AC5E-C8B3D011631F@iki.fi>

On 17.6.2012, at 18.19, Bradley Giesbrecht wrote:

> Looking at the wiki and man pages I am unsure how to fetch email attachments from a unix shell.
> 
> I have an "doveadm search" that returns the messages that have the attachments I am after.
> 
> Would I loop through an "doveadm fetch" and use a commandline imap client to save the attachments and move the message to the Trash?
> 
> Or is there a doveadm command for this?

No, there's currently no easy way to do this. doveadm fetch doesn't support that. You could possibly do this via IMAP, but it would be difficult to know which MIME part to fetch. Actually it's not even obvious if a MIME part is an attachment or not..


From tss at iki.fi  Mon Jun 18 16:50:53 2012
From: tss at iki.fi (Timo Sirainen)
Date: Mon, 18 Jun 2012 16:50:53 +0300
Subject: [Dovecot] Problem with lmtp director proxy
In-Reply-To: <4FDED035.1010804@um.es>
References: <4FD718A0.50605@um.es> <4FD83A26.3030209@um.es>
	<1339592369.25551.7.camel@innu> <4FD8AA66.7050909@um.es>
	<1339600677.25551.12.camel@innu> <4FD8C9C8.6090608@um.es>
	<72C5BD43-6254-40F1-8121-B0954739410F@iki.fi>
	<4FDED035.1010804@um.es>
Message-ID: <04367574-1FFE-413C-BA54-3A213DCFBF3E@iki.fi>

On 18.6.2012, at 9.52, Angel L. Mateo wrote:

> El 16/06/12 01:22, Timo Sirainen escribi?:
>> On 13.6.2012, at 20.11, Angel L. Mateo wrote:
>> 
>>> 	Ok, you were right. I was looking for logs at my log repository, which doesn't receive debug log. Nevertheless, the only auth lines I have found at the ones above, with the proxy_refresh=450. I haven't found any line with a timeout log in the proxies neither the backends
>> 
>> The backend logs don't matter. Director adds the proxy_refresh. You haven't shown in your logs what auth process logs as debug messages. This is what is supposed to happen:
>> 
>>> Jun 16 02:19:11 auth: Debug: master out: PASS   1       user=director   proxy   proxy_timeout=1000
>> 
> 	I don't have any log like this.

Then you don't have auth_debug=yes.

> Jun 18 08:46:18 myotis40 dovecot: lmtp(11276): Debug: auth input: user=<user> proxy proxy_timeout=120 host=155.54.211.169 proxy_refresh=450
> 
> 	Is this correct?

Yeah.

From tss at iki.fi  Mon Jun 18 16:51:42 2012
From: tss at iki.fi (Timo Sirainen)
Date: Mon, 18 Jun 2012 16:51:42 +0300
Subject: [Dovecot] Sieve and fileinto encoding change?
In-Reply-To: <4FDEFB68.7070807@um.es>
References: <4FDEFB68.7070807@um.es>
Message-ID: <51856467-76F5-4B86-9083-3B5DCB27C46B@iki.fi>

On 18.6.2012, at 12.56, Angel L. Mateo wrote:

> 	Although I'm planning to patch ingo, my question is why those same scripts, with utf-7 folder's names, are working with dovecot 1.1.16 but not with 2.1.5? Because in my old servers those scripts worked without any problem...

Because v1.1 worked incorrectly and v2.1 works correctly :)


From tss at iki.fi  Mon Jun 18 16:53:39 2012
From: tss at iki.fi (Timo Sirainen)
Date: Mon, 18 Jun 2012 16:53:39 +0300
Subject: [Dovecot] Dovecot Maildir - How to Seperate mail folders
In-Reply-To: <EEC2D5E5EBAD40439803A82A6C5B191D2FF24B35@w2k8server03.bergersysteme.com>
References: <EEC2D5E5EBAD40439803A82A6C5B191D2FF24B35@w2k8server03.bergersysteme.com>
Message-ID: <A828DCE4-9B1D-48AC-B1A1-C77C4D639AE4@iki.fi>

On 18.6.2012, at 12.17, Guido Weiler wrote:

> 01 OK Logged in.
>>> 02 list "" "*"
> * LIST (\HasNoChildren) "/" "INBOX"
> * LIST (\Noselect \HasChildren) "/" "greetings"
> * LIST (\HasNoChildren) "/" "greetings/INBOX"
> 02 OK List completed.
>>> 03 select "greetings/INBOX"
> 03 NO Mailbox doesn't exist: INBOX
>>> 04 select greetings
> 04 NO Mailbox doesn't exist: greetings
> 
> ---
> 
> What is this "\Noselect" mailbox showing up and why is it saying "greetings/INBOX" in the third row when in fact there isn't a mailbox with this name?
> 
> I am very sorry for having to bother you again, but I don't know what we are doing wrong here.
> (Dovecot version is 1.1.16)

Fixed in newer versions, upgrade.

From tss at iki.fi  Mon Jun 18 16:55:34 2012
From: tss at iki.fi (Timo Sirainen)
Date: Mon, 18 Jun 2012 16:55:34 +0300
Subject: [Dovecot] migrating sql virtual 1 to 2,
	namespace configuration error: inbox=yes namespace missing
In-Reply-To: <eb1a388b44fc3e7353007980a8017bfd.squirrel@sbt.net.au>
References: <eb1a388b44fc3e7353007980a8017bfd.squirrel@sbt.net.au>
Message-ID: <7F977326-C48A-4907-8A02-512B83B347F9@iki.fi>

On 18.6.2012, at 9.54, Voytek Eymont wrote:

> I'm trying to setup a new server on centos 6, from old dovecot 1.x
> 
> I installed  'dovecot --version 2.1.1' from dovecot rpm
> I converted conf file as per migration specs, also, copied sql conf across
..
> dovecot: imap(name at tld): Error: user name at tld: Initialization failed:
> namespace configuration error: inbox=yes namespace missing

Easiest fix: remove 15-mailboxes.conf

Alternative fix: modify this namespace to actually work. Probably adding inbox=yes inside it is enough to do that.


From tss at iki.fi  Mon Jun 18 17:06:33 2012
From: tss at iki.fi (Timo Sirainen)
Date: Mon, 18 Jun 2012 17:06:33 +0300
Subject: [Dovecot] question about fts_squat
In-Reply-To: <alpine.BSF.2.00.1206161250230.34310@wojtek.tensor.gdynia.pl>
References: <alpine.BSF.2.00.1206161250230.34310@wojtek.tensor.gdynia.pl>
Message-ID: <2577BAC0-6D9C-4E23-8F6C-4831153C8EEA@iki.fi>

On 16.6.2012, at 13.55, Wojciech Puchar wrote:

> even search all body "someword" doesn't work.
> 
> while
> 
> search body "someword"
> 
> always work very well.
> 
> what's wrong?

Fixed: http://hg.dovecot.org/dovecot-2.1/rev/4ce1f9649592

Anyway, fts-lucene backend works better than fts-squat.


From kruk at epsilon.eu.org  Mon Jun 18 16:45:56 2012
From: kruk at epsilon.eu.org (Mariusz Kruk)
Date: Mon, 18 Jun 2012 15:45:56 +0200
Subject: [Dovecot] Maildir + quota + listescape = wrong dir location
Message-ID: <4FDF3114.4070704@epsilon.eu.org>

I've just stumbled across a strange thing which seems to be a bug.
It happens in 2.0.9 as well as 2.0.11 in which I tested it.

dovecot -n output:
# 2.0.9: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.32-220.17.1.el6.x86_64 x86_64 CentOS release 6.2 (Final)
listen = *
mail_location = maildir:~/mail
mail_plugins = " quota listescape"
mbox_write_locks = fcntl
namespace {
   inbox = yes
   location =
   prefix =
   separator = /
   type = private
}
passdb {
   driver = pam
}
plugin {
   quota = maildir:User quota
   quota_rule = *:storage=1G
}
protocols = imap
ssl_cert = </etc/pki/dovecot/certs/dovecot.pem
ssl_key = </etc/pki/dovecot/private/dovecot.pem
userdb {
   driver = passwd
}
protocol imap {
   mail_plugins = " quota listescape imap_quota autocreate"
}

The problem with this setup is that with listescape loaded doveadm (as 
well as dovecot running by itself) can't properly get quotas for nested 
subfolders. Listescape causes dovecot to use namespace separator for 
fetching directory names corresponding to folders instead of 
interpreting them according to layout rules.

When I tried stracing, i got this:

# strace -e trace=stat doveadm quota recalc -u testimap 2>&1  | grep 
testimap
stat("/home/testimap/mail", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
stat("/home/testimap/mail/new", 0x7fff220ca290) = -1 ENOENT (No such 
file or directory)
stat("/home/testimap/mail/cur", 0x7fff220ca290) = -1 ENOENT (No such 
file or directory)
stat("/home/testimap/mail/.INBOX/test/new", 0x7fff220ca290) = -1 ENOENT 
(No such file or directory)
stat("/home/testimap/mail/.INBOX/test/cur", 0x7fff220ca290) = -1 ENOENT 
(No such file or directory)
stat("/home/testimap/mail/.test/new", {st_mode=S_IFDIR|0700, 
st_size=4096, ...}) = 0
stat("/home/testimap/mail/.test/cur", {st_mode=S_IFDIR|0700, 
st_size=4096, ...}) = 0
stat("/home/testimap/mail/new", 0x7fff220ca290) = -1 ENOENT (No such 
file or directory)
stat("/home/testimap/mail/cur", 0x7fff220ca290) = -1 ENOENT (No such 
file or directory)
stat("/home/testimap/mail/.INBOX/test/new", 0x7fff220ca290) = -1 ENOENT 
(No such file or directory)
stat("/home/testimap/mail/.INBOX/test/cur", 0x7fff220ca290) = -1 ENOENT 
(No such file or directory)
stat("/home/testimap/mail/.test/new", {st_mode=S_IFDIR|0700, 
st_size=4096, ...}) = 0
stat("/home/testimap/mail/.test/cur", {st_mode=S_IFDIR|0700, 
st_size=4096, ...}) = 0
stat("/home/testimap/mail", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0

If I either disable listescape or change namespace separator to dot, the 
path gets resolved correctly (although it's still wrong behaviour with 
'.' as separator, just happens to give right result in this case).

# strace -e trace=stat doveadm quota recalc -u testimap 2>&1  | grep 
testimap
stat("/home/testimap/mail", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
stat("/home/testimap/mail/new", 0x7fffac6b0cb0) = -1 ENOENT (No such 
file or directory)
stat("/home/testimap/mail/cur", 0x7fffac6b0cb0) = -1 ENOENT (No such 
file or directory)
stat("/home/testimap/mail/.INBOX.test/new", {st_mode=S_IFDIR|0700, 
st_size=4096, ...}) = 0
stat("/home/testimap/mail/.INBOX.test/cur", {st_mode=S_IFDIR|0700, 
st_size=4096, ...}) = 0
stat("/home/testimap/mail/.test/new", {st_mode=S_IFDIR|0700, 
st_size=4096, ...}) = 0
stat("/home/testimap/mail/.test/cur", {st_mode=S_IFDIR|0700, 
st_size=4096, ...}) = 0
stat("/home/testimap/mail/new", 0x7fffac6b0cb0) = -1 ENOENT (No such 
file or directory)
stat("/home/testimap/mail/cur", 0x7fffac6b0cb0) = -1 ENOENT (No such 
file or directory)
stat("/home/testimap/mail/.INBOX.test/new", {st_mode=S_IFDIR|0700, 
st_size=4096, ...}) = 0
stat("/home/testimap/mail/.INBOX.test/cur", {st_mode=S_IFDIR|0700, 
st_size=4096, ...}) = 0
stat("/home/testimap/mail/.test/new", {st_mode=S_IFDIR|0700, 
st_size=4096, ...}) = 0
stat("/home/testimap/mail/.test/cur", {st_mode=S_IFDIR|0700, 
st_size=4096, ...}) = 0
stat("/home/testimap/mail", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0

And in this case quota info gets updated correctly.
I believe this is a bug but maybe I'm missing something about listescape 
configuration.

Regards
Mariusz Kruk

From tss at iki.fi  Mon Jun 18 17:08:46 2012
From: tss at iki.fi (Timo Sirainen)
Date: Mon, 18 Jun 2012 17:08:46 +0300
Subject: [Dovecot] Maildir + quota + listescape = wrong dir location
In-Reply-To: <4FDF3114.4070704@epsilon.eu.org>
References: <4FDF3114.4070704@epsilon.eu.org>
Message-ID: <EA165241-40BC-4907-8880-F14C8AA2EF8D@iki.fi>

On 18.6.2012, at 16.45, Mariusz Kruk wrote:

> I've just stumbled across a strange thing which seems to be a bug.
> It happens in 2.0.9 as well as 2.0.11 in which I tested it.

Listescape has some unfixable problems in v2.0. You've most likely hit one of them. v2.1 had some larger changes and fixes listescape to work perfectly.


From amateo at um.es  Mon Jun 18 17:47:09 2012
From: amateo at um.es (Angel L. Mateo)
Date: Mon, 18 Jun 2012 16:47:09 +0200
Subject: [Dovecot] Problem with lmtp director proxy
In-Reply-To: <04367574-1FFE-413C-BA54-3A213DCFBF3E@iki.fi>
References: <4FD718A0.50605@um.es> <4FD83A26.3030209@um.es>
	<1339592369.25551.7.camel@innu> <4FD8AA66.7050909@um.es>
	<1339600677.25551.12.camel@innu> <4FD8C9C8.6090608@um.es>
	<72C5BD43-6254-40F1-8121-B0954739410F@iki.fi>
	<4FDED035.1010804@um.es>
	<04367574-1FFE-413C-BA54-3A213DCFBF3E@iki.fi>
Message-ID: <4FDF3F6D.2030903@um.es>

El 18/06/12 15:50, Timo Sirainen escribi?:
> On 18.6.2012, at 9.52, Angel L. Mateo wrote:
>
>> El 16/06/12 01:22, Timo Sirainen escribi?:
>>> On 13.6.2012, at 20.11, Angel L. Mateo wrote:
>>>
>>>> 	Ok, you were right. I was looking for logs at my log repository, which doesn't receive debug log. Nevertheless, the only auth lines I have found at the ones above, with the proxy_refresh=450. I haven't found any line with a timeout log in the proxies neither the backends
>>>
>>> The backend logs don't matter. Director adds the proxy_refresh. You haven't shown in your logs what auth process logs as debug messages. This is what is supposed to happen:
>>>
>>>> Jun 16 02:19:11 auth: Debug: master out: PASS   1       user=director   proxy   proxy_timeout=1000
>>>
>> 	I don't have any log like this.
>
> Then you don't have auth_debug=yes.
>
	I had this option. Relooking I have found these logs. I didn't see them 
before because of the format and because they aren't related with lmtp. 
I have them in the form:

Jun 18 12:18:30 myotis41 dovecot: auth: Debug: master out: 
PASS#01160#011user=<myuser>#011proxy#011proxy_timeout=150

>> Jun 18 08:46:18 myotis40 dovecot: lmtp(11276): Debug: auth input: user=<user>  proxy proxy_timeout=120 host=155.54.211.169 proxy_refresh=450
>>
>> 	Is this correct?
>
> Yeah.

	Anyway, with the last change (defining the proxy_timeout at the static 
passdb definition, default 30 seconds timeout hasn't been applied anymore.

From wojtek at wojtek.tensor.gdynia.pl  Mon Jun 18 20:21:48 2012
From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar)
Date: Mon, 18 Jun 2012 19:21:48 +0200 (CEST)
Subject: [Dovecot]  question about fts_squat
Message-ID: <alpine.BSF.2.00.1206181921001.94660@wojtek.tensor.gdynia.pl>

i repost my question as it probably wasn't received properly - i did it 
just after subscribing possibly too early. thanks for answers
----------------------------------------------
just installed dovecot with fts_squat
config attached after message.

When i telnet to imap server and execute by hand
1 login user password
select foldername
search body "someword"

it works fine, and at blazing speed except first run (indexing).
i already indexed everything by doveadm index offline to prevent server 
overload if multiple users (after i tell them) will try fulltext search.

All great BUT it doesn't work in thunderbird. Just gives zero results.

i used tcpdump to check how thunderbird executes it and it uses

search undeleted body "someword"

tried manually and it DOES NOT WORK. always give empty results.

even search all body "someword" doesn't work.

while

search body "someword"


always work very well.

what's wrong?

# 2.1.7: /usr/local/etc/dovecot/dovecot.conf
# OS: FreeBSD 8.3-STABLE amd64 disable_plaintext_auth = no
listen = *
mail_location = maildir:~/Maildir
mail_plugins = fts fts_squat
namespace inbox {
   inbox = yes
   location =
   mailbox Drafts {
     special_use = \Drafts
   }
   mailbox Junk {
     special_use = \Junk
   }
   mailbox Sent {
     special_use = \Sent
   }
   mailbox "Sent Messages" {
     special_use = \Sent
   }
   mailbox Trash {
     special_use = \Trash
   }
   prefix = }
passdb {
   args = /usr/local/etc/dovecot/deny-users
   deny = yes
   driver = passwd-file
}
passdb {
   driver = pam
}
plugin {
   fts = squat
   fts_squat = partial=4 full=10
}
protocols = imap
ssl_cert = </etc/ssl/certs/dovecot.pem
ssl_key = </etc/ssl/private/dovecot.pem
userdb {
   driver = passwd
}
protocol imap {
   mail_plugins = fts fts_squat
}


From wojtek at wojtek.tensor.gdynia.pl  Mon Jun 18 20:23:36 2012
From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar)
Date: Mon, 18 Jun 2012 19:23:36 +0200 (CEST)
Subject: [Dovecot] question about fts_squat
In-Reply-To: <2577BAC0-6D9C-4E23-8F6C-4831153C8EEA@iki.fi>
References: <alpine.BSF.2.00.1206161250230.34310@wojtek.tensor.gdynia.pl>
	<2577BAC0-6D9C-4E23-8F6C-4831153C8EEA@iki.fi>
Message-ID: <alpine.BSF.2.00.1206181922250.94660@wojtek.tensor.gdynia.pl>

>> always work very well.
>>
>> what's wrong?
>
> Fixed: http://hg.dovecot.org/dovecot-2.1/rev/4ce1f9649592

Thanks. so - my post actually  got right. sorry for repost!
just got this delayed!

>
> Anyway, fts-lucene backend works better than fts-squat.
Better in what respect?

less than a second (when disk I/O was needed) fulltext search over 10000 
mails doesn't look bad :)

From tss at iki.fi  Mon Jun 18 20:30:21 2012
From: tss at iki.fi (Timo Sirainen)
Date: Mon, 18 Jun 2012 20:30:21 +0300
Subject: [Dovecot] question about fts_squat
In-Reply-To: <alpine.BSF.2.00.1206181922250.94660@wojtek.tensor.gdynia.pl>
References: <alpine.BSF.2.00.1206161250230.34310@wojtek.tensor.gdynia.pl>
	<2577BAC0-6D9C-4E23-8F6C-4831153C8EEA@iki.fi>
	<alpine.BSF.2.00.1206181922250.94660@wojtek.tensor.gdynia.pl>
Message-ID: <CD5F34A2-B085-4F49-B73E-C84C09ACFE9F@iki.fi>

On 18.6.2012, at 20.23, Wojciech Puchar wrote:

>> Anyway, fts-lucene backend works better than fts-squat.
> Better in what respect?
> 
> less than a second (when disk I/O was needed) fulltext search over 10000 mails doesn't look bad :)

Squat index updates are somewhat slow, especially if the index is large.


From dovecot at beardz.net  Mon Jun 18 20:35:29 2012
From: dovecot at beardz.net (Jase Thew)
Date: Mon, 18 Jun 2012 18:35:29 +0100
Subject: [Dovecot] Problem with 'doveadm mailbox status -t' reporting
 cumulative vsizes after upgrading from v2.0.16 to v2.1.7
Message-ID: <4FDF66E1.5050009@beardz.net>

Hi,

I upgraded from Dovecot v2.0.16 to v2.1.7 over night and I noticed this
morning that one of my daily reports which lists summarised mailbox
sizes per user has started listing nonsense for vsizes.

The reporting script at its core calls :

doveadm -f flow mailbox status -A -t 'messages vsize' '*'

It appears that Dovecot 2.1.7 is not resetting the vsize after collating
the sum total of mailboxes sizes for each user, so that vsize just
constantly increases as it iterates over each user.

Eg:

# doveadm -f flow mailbox status -A -t 'messages vsize' '*'

accounts at example.com messages=1 vsize=759
adam at example.com messages=0 vsize=759
amy at example.com messages=24 vsize=51699697
andy at example.com messages=5446 vsize=3220940815
anna at example.com messages=50 vsize=3224035563
careers at example.com messages=1 vsize=3224036311
craig at example.com messages=2471 vsize=4421343199
creative at example.com messages=189 vsize=4426884182
david at example.com messages=8 vsize=4440729729
davidw at example.com messages=0 vsize=4440729729
enquiries at example.com messages=1 vsize=4440730491
gemma at example.com messages=4109 vsize=6349098844
gin at example.com messages=86 vsize=6392599904
holly at example.com messages=2000 vsize=7200342663
ian at example.com messages=0 vsize=7200342663
info at example.com messages=4 vsize=7200558689
jackie at example.com messages=2 vsize=7200721146
jade at example.com messages=137 vsize=7210548548
jake at example.com messages=16667 vsize=15260532446
katie at example.com messages=1 vsize=15260533375
mark at example.com messages=0 vsize=15260533375
mike.a at example.com messages=9 vsize=15261474205
mike.s at example.com messages=296 vsize=15314352543
mike at example.com messages=6357 vsize=20631446344
nick at example.com messages=1184 vsize=21038046728
social at example.com messages=65 vsize=21038935461
will at example.com messages=85 vsize=21057572390
[SNIP]

The same occurs with -u '*@example.com' in place of -A, and also for
'all' in place of 'messages vsize'.

Is this expected behaviour in 2.1.x compared to 2.0.x, or have I
stumbled upon a bug?

Regards,

Jase Thew.

From admin at postia.de  Mon Jun 18 20:44:38 2012
From: admin at postia.de (Martin Weil)
Date: Mon, 18 Jun 2012 19:44:38 +0200
Subject: [Dovecot] dovecot-sieve and LMT
Message-ID: <2484ABE7-6C50-4A13-BC60-2B7A6B64FC55@postia.de>

Dear list,

My mail server is working perfectly. So I am trying to add feature after feature, until I have all the features I need. This has worked fine until now. I am trying to get dovecot-sieve to work. So I activated dovecot-lda and the sieve plugin and told postfix to use deliver instead of procmail. After restarting all services I then created a test sieve file. Obviously I have not yet understood the whole process completely because, it simply does not work.

I suspect some permission problems or misconfiguration of the sieve file, but I am not sure where to look for solutions.



-rw-r--r-- 1 2001 2001 116 2012-06-16 21:25 /var/mail/vmail/domain.com/user/dovecot.sieve

dovecot.sieve
require "fileinto";
if header :contains ["subject"] ["Test"] {
  fileinto ".Folder1";
} else {
  fileinto ".Folder2";
}

Of course Folder1 and Folder2 do exist. (/var/mail/vmail/domain.com/user/mail/.Folder1 and Folder2)

As far as I can tell there are no errors reported anywhere, I checked mail.log and syslog. 2001 is the virtual uid/gid of this particular user.

If anyone can help me with this it would be great. The Mailserver works very well apart from this.

There was one odd thing apart from this. In the docs I read that auth-master has to be running for deliver to work correctly. I did not know this before, but mails were delivered correctly after I started using deliver. So is there a need for auth-master to be running or not?

Thanks a lot
Martin



dovecot -n output:
# 1.2.9: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.18-028stab091.2 i686 Ubuntu 10.04.4 LTS reiserfs
log_timestamp: %Y-%m-%d %H:%M:%S 
protocols: imap imaps lda
ssl: required
ssl_cert_file: /home/mweil/CA/cert.pem
ssl_key_file: /home/mweil/CA/key.pem
login_dir: /var/run/dovecot/login
login_executable: /usr/lib/dovecot/imap-login
mail_max_userip_connections: 25
mail_privileged_group: mail
mail_uid: 10000
mail_gid: 10000
mail_location: maildir:/var/mail/vmail/%d/%n/mail
mbox_write_locks: fcntl dotlock
lda:
  postmaster_address: postmaster at domain.com
  mail_plugins: sieve
  mail_plugin_dir: /usr/lib/dovecot/modules/lda
auth default:
  user: nobody
  passdb:
    driver: sql
    args: /etc/dovecot/dovecot-sql.conf
  userdb:
    driver: prefetch
  userdb:
    driver: sql
    args: /etc/dovecot/dovecot-sql.conf
  socket:
    type: listen
    client:
      path: /var/spool/postfix/private/auth
      mode: 432
      user: postfix
      group: postfix
    master:
      path: /var/run/dovecot/auth-master
      mode: 432
plugin:
  sieve: /var/mail/vmail/%d/%u/dovecot.sieve

postconf -n:
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
inet_interfaces = all
mailbox_command = /usr/lib/dovecot/deliver
mailbox_size_limit = 0
message_size_limit = 102400000
mydestination = host.domain.net, localhost,
mydomain = domain.com
myhostname = host.domain.com
mynetworks = 127.0.0.1
myorigin = $mydomain
readme_directory = no
recipient_delimiter = +
relayhost = 
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
smtpd_client_restrictions = 
smtpd_error_sleep_time = 1s
smtpd_hard_error_limit = 20
smtpd_helo_restrictions = 
smtpd_recipient_restrictions = permit_mynetworks	reject_sender_login_mismatch	permit_sasl_authenticated		reject_unauth_destination	reject_unverified_recipient
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_sender_login_maps = pgsql:/etc/postfix/lookup/pgsql_sasl_senders.cf
smtpd_sender_restrictions = 
smtpd_soft_error_limit = 10
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /home/mweil/CA/cert.pem
smtpd_tls_key_file = /home/mweil/CA/key.pem
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
virtual_alias_maps = pgsql:/etc/postfix/lookup/pgsql_virtual_alias.cf
virtual_gid_maps = pgsql:/etc/postfix/lookup/pgsql_virtual_gid.cf
virtual_mailbox_base = /var/mail/vmail/
virtual_mailbox_domains = domain.com
virtual_mailbox_limit = 0
virtual_mailbox_maps = pgsql:/etc/postfix/lookup/pgsql_virtual_accounts.cf
virtual_uid_maps = pgsql:/etc/postfix/lookup/pgsql_virtual_uid.cf


From wojtek at wojtek.tensor.gdynia.pl  Mon Jun 18 21:06:02 2012
From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar)
Date: Mon, 18 Jun 2012 20:06:02 +0200 (CEST)
Subject: [Dovecot] question about fts_squat
In-Reply-To: <CD5F34A2-B085-4F49-B73E-C84C09ACFE9F@iki.fi>
References: <alpine.BSF.2.00.1206161250230.34310@wojtek.tensor.gdynia.pl>
	<2577BAC0-6D9C-4E23-8F6C-4831153C8EEA@iki.fi>
	<alpine.BSF.2.00.1206181922250.94660@wojtek.tensor.gdynia.pl>
	<CD5F34A2-B085-4F49-B73E-C84C09ACFE9F@iki.fi>
Message-ID: <alpine.BSF.2.00.1206182005480.59899@wojtek.tensor.gdynia.pl>

thank you very much for help!

On Mon, 18 Jun 2012, Timo Sirainen wrote:

> On 18.6.2012, at 20.23, Wojciech Puchar wrote:
>
>>> Anyway, fts-lucene backend works better than fts-squat.
>> Better in what respect?
>>
>> less than a second (when disk I/O was needed) fulltext search over 10000 mails doesn't look bad :)
>
> Squat index updates are somewhat slow, especially if the index is large.
>
>
>

From ms at mur.at  Tue Jun 19 01:41:16 2012
From: ms at mur.at (Martin Schitter)
Date: Tue, 19 Jun 2012 00:41:16 +0200
Subject: [Dovecot] pop3c_master_user
Message-ID: <4FDFAE8C.9000208@mur.at>

the configuration keyword "pop3c_master_user" mentioned in the dsync 
migration documentation (http://wiki2.dovecot.org/Migration/Dsync) does 
not work for dovecot 2.1.7.

a config line like: "pop3c_master_user = cyrus" will produce this error:

doveconf: Fatal: Error in configuration file /etc/dovecot/local.conf 
line 33: Unknown setting: pop3c_master_user

it's not defined in:
src/lib-storage/index/pop3c/pop3c-settings.*

is this feature not enabled with intention?

btw. another question:
will 'doveadm backup' mirror all the IMAP ACL information?

thanks
martin

From alec at alec.pl  Tue Jun 19 10:51:56 2012
From: alec at alec.pl (A.L.E.C)
Date: Tue, 19 Jun 2012 09:51:56 +0200
Subject: [Dovecot] dovecot-sieve and LMT
In-Reply-To: <2484ABE7-6C50-4A13-BC60-2B7A6B64FC55@postia.de>
References: <2484ABE7-6C50-4A13-BC60-2B7A6B64FC55@postia.de>
Message-ID: <4FE02F9C.5070208@alec.pl>

On 06/18/2012 07:44 PM, Martin Weil wrote:
> require "fileinto";
> if header :contains ["subject"] ["Test"] {
>   fileinto ".Folder1";
> } else {
>   fileinto ".Folder2";
> }
> 
> Of course Folder1 and Folder2 do exist. (/var/mail/vmail/domain.com/user/mail/.Folder1 and Folder2)

Don't add a dot on the beggining of the folder name in sieve scripts.
Use fileinto :create "folder" or lda_mailbox_autocreate option to create
non-existing folders.

-- 
Aleksander 'A.L.E.C' Machniak
LAN Management System Developer [http://lms.org.pl]
Roundcube Webmail Developer  [http://roundcube.net]
---------------------------------------------------
PGP: 19359DC1 @@ GG: 2275252 @@ WWW: http://alec.pl

From admin at postia.de  Tue Jun 19 11:17:26 2012
From: admin at postia.de (Martin Weil)
Date: Tue, 19 Jun 2012 10:17:26 +0200
Subject: [Dovecot] dovecot-sieve and LMT
In-Reply-To: <4FE02F9C.5070208@alec.pl>
References: <2484ABE7-6C50-4A13-BC60-2B7A6B64FC55@postia.de>
	<4FE02F9C.5070208@alec.pl>
Message-ID: <52A58089-3911-4A31-BBB4-36BBFC387918@postia.de>

Hi.

Thanks for your hints, I altered the file but sadly, there is no change in behavior. It's like sieve is not doing anything at all.

if header :contains ["subject"] ["Test"] {
  fileinto :create "Folder1";
} else {
  fileinto :create "Folder2";
}

The lda_mailbox_autocreate option seems to be a version 2.0 feature. I am using 1.2.9.

Thanks
Martin


Am 19.06.2012 um 09:51 schrieb A.L.E.C:

> On 06/18/2012 07:44 PM, Martin Weil wrote:
>> require "fileinto";
>> if header :contains ["subject"] ["Test"] {
>>  fileinto ".Folder1";
>> } else {
>>  fileinto ".Folder2";
>> }
>> 
>> Of course Folder1 and Folder2 do exist. (/var/mail/vmail/domain.com/user/mail/.Folder1 and Folder2)
> 
> Don't add a dot on the beggining of the folder name in sieve scripts.
> Use fileinto :create "folder" or lda_mailbox_autocreate option to create
> non-existing folders.
> 
> -- 
> Aleksander 'A.L.E.C' Machniak
> LAN Management System Developer [http://lms.org.pl]
> Roundcube Webmail Developer  [http://roundcube.net]
> ---------------------------------------------------
> PGP: 19359DC1 @@ GG: 2275252 @@ WWW: http://alec.pl


From stephan at rename-it.nl  Tue Jun 19 11:29:23 2012
From: stephan at rename-it.nl (Stephan Bosch)
Date: Tue, 19 Jun 2012 10:29:23 +0200
Subject: [Dovecot] dovecot-sieve and LMT
In-Reply-To: <52A58089-3911-4A31-BBB4-36BBFC387918@postia.de>
References: <2484ABE7-6C50-4A13-BC60-2B7A6B64FC55@postia.de>
	<4FE02F9C.5070208@alec.pl>
	<52A58089-3911-4A31-BBB4-36BBFC387918@postia.de>
Message-ID: <4FE03863.6030403@rename-it.nl>

Op 6/19/2012 10:17 AM, Martin Weil schreef:
> Hi.
>
> Thanks for your hints, I altered the file but sadly, there is no change in behavior. It's like sieve is not doing anything at all.
>
> if header :contains ["subject"] ["Test"] {
>    fileinto :create "Folder1";
> } else {
>    fileinto :create "Folder2";
> }
>
> The lda_mailbox_autocreate option seems to be a version 2.0 feature. I am using 1.2.9.

Do your logs mention anything about LDA and Sieve being invoked? This 
wiki page shows a few hints on what this should look like and steps to 
be taken when LDA and Sieve are not being invoked:

http://wiki2.dovecot.org/Pigeonhole/Sieve/Troubleshooting

Regards,

Stephan.

From admin at postia.de  Tue Jun 19 12:20:21 2012
From: admin at postia.de (Martin Weil)
Date: Tue, 19 Jun 2012 11:20:21 +0200
Subject: [Dovecot] dovecot-sieve and LMT
In-Reply-To: <4FE03863.6030403@rename-it.nl>
References: <2484ABE7-6C50-4A13-BC60-2B7A6B64FC55@postia.de>
	<4FE02F9C.5070208@alec.pl>
	<52A58089-3911-4A31-BBB4-36BBFC387918@postia.de>
	<4FE03863.6030403@rename-it.nl>
Message-ID: <76CEBDAA-095B-44ED-A8CF-4FE58D2F7862@postia.de>


Am 19.06.2012 um 10:29 schrieb Stephan Bosch:

> Op 6/19/2012 10:17 AM, Martin Weil schreef:
>> Hi.
>> 
>> Thanks for your hints, I altered the file but sadly, there is no change in behavior. It's like sieve is not doing anything at all.
>> 
>> if header :contains ["subject"] ["Test"] {
>>   fileinto :create "Folder1";
>> } else {
>>   fileinto :create "Folder2";
>> }
>> 
>> The lda_mailbox_autocreate option seems to be a version 2.0 feature. I am using 1.2.9.
> 
> Do your logs mention anything about LDA and Sieve being invoked? This wiki page shows a few hints on what this should look like and steps to be taken when LDA and Sieve are not being invoked:
> 
> http://wiki2.dovecot.org/Pigeonhole/Sieve/Troubleshooting
> 
> Regards,
> 
> Stephan.

Indeed they did not. I incorrectly thought that a line in postfix's main.cf would change the delivery to deliver. That would have been true if I used local delivery. For virtual users postfix is using "virtual" by default. So I had to add deliver to postfix's master.cf and change the virtual_transport in main.cf.

After configuring logging for deliver I can now confirm that it is used. I was mistaken by thinking local delivery is the same as virtual delivery. I could have avoided this by reading the wiki more carefully. Sorry about that.

But I am afraid sieve is still not working. Mails are still delivered to INBOX.

Martin

From stephan at rename-it.nl  Tue Jun 19 13:44:56 2012
From: stephan at rename-it.nl (Stephan Bosch)
Date: Tue, 19 Jun 2012 12:44:56 +0200
Subject: [Dovecot] dovecot-sieve and LMT
In-Reply-To: <76CEBDAA-095B-44ED-A8CF-4FE58D2F7862@postia.de>
References: <2484ABE7-6C50-4A13-BC60-2B7A6B64FC55@postia.de>
	<4FE02F9C.5070208@alec.pl>
	<52A58089-3911-4A31-BBB4-36BBFC387918@postia.de>
	<4FE03863.6030403@rename-it.nl>
	<76CEBDAA-095B-44ED-A8CF-4FE58D2F7862@postia.de>
Message-ID: <4FE05828.6020104@rename-it.nl>

Op 6/19/2012 11:20 AM, Martin Weil schreef:
>
> Indeed they did not. I incorrectly thought that a line in postfix's main.cf would change the delivery to deliver. That would have been true if I used local delivery. For virtual users postfix is using "virtual" by default. So I had to add deliver to postfix's master.cf and change the virtual_transport in main.cf.
>
> After configuring logging for deliver I can now confirm that it is used. I was mistaken by thinking local delivery is the same as virtual delivery. I could have avoided this by reading the wiki more carefully. Sorry about that.
>
> But I am afraid sieve is still not working. Mails are still delivered to INBOX.

Do the logs say anything about Sieve? You can enable mail_debug in your 
configuration to obtain more verbose log messages about what Sieve is doing.

Regards,

Stephan.

From admin at postia.de  Tue Jun 19 16:13:51 2012
From: admin at postia.de (Martin Weil)
Date: Tue, 19 Jun 2012 15:13:51 +0200
Subject: [Dovecot] dovecot-sieve and LMT
In-Reply-To: <4FE05828.6020104@rename-it.nl>
References: <2484ABE7-6C50-4A13-BC60-2B7A6B64FC55@postia.de>
	<4FE02F9C.5070208@alec.pl>
	<52A58089-3911-4A31-BBB4-36BBFC387918@postia.de>
	<4FE03863.6030403@rename-it.nl>
	<76CEBDAA-095B-44ED-A8CF-4FE58D2F7862@postia.de>
	<4FE05828.6020104@rename-it.nl>
Message-ID: <D497EE1B-2399-4D48-8A98-C9328FE40C04@postia.de>


Am 19.06.2012 um 12:44 schrieb Stephan Bosch:

> Op 6/19/2012 11:20 AM, Martin Weil schreef:
>> 
>> Indeed they did not. I incorrectly thought that a line in postfix's main.cf would change the delivery to deliver. That would have been true if I used local delivery. For virtual users postfix is using "virtual" by default. So I had to add deliver to postfix's master.cf and change the virtual_transport in main.cf.
>> 
>> After configuring logging for deliver I can now confirm that it is used. I was mistaken by thinking local delivery is the same as virtual delivery. I could have avoided this by reading the wiki more carefully. Sorry about that.
>> 
>> But I am afraid sieve is still not working. Mails are still delivered to INBOX.
> 
> Do the logs say anything about Sieve? You can enable mail_debug in your configuration to obtain more verbose log messages about what Sieve is doing.
> 
> Regards,
> 
> Stephan.


Thanks a lot for this tip.
It turned out I used the %u variable instead of %n in the path of the sieve script, so sieve was looking in a non existing directory. After correcting sieve complained about the :create statement. But after I removed it, it worked flawlessly.

Thanks a lot again.
Martin

From ef at math.uni-bonn.de  Tue Jun 19 16:14:14 2012
From: ef at math.uni-bonn.de (Edgar =?iso-8859-1?B?RnXf?=)
Date: Tue, 19 Jun 2012 15:14:14 +0200
Subject: [Dovecot] specifying home/sieve/sieve_dir relative to mail_location
Message-ID: <20120619131413.GN48358@trav.math.uni-bonn.de>

With 1.2, is it possible to specify home, sieve and sieve_dir relative to mail_location?

I have
	mail_location = maildir:/import/mail/%n/:INDEX=/var/db/dovecot/indexes/%n
and, in the plugin section,
	home = /import/mail/%n/home
	sieve = /import/mail/%n/dovecot.sieve
	sieve_dir = /import/mail/%n/sieve
I would like to partially move users to another location (different file server) by using an LDAP entry.
I know it's possible to specify everything relative to home, so I could probably use relative ~/../-type paths for  mail_locatin etc., but that looks a bit awkward.

The VirtualUsers/Home Wiki enty contains an example for relative paths
	user_attrs = .., mailDirectory=home=/var/vmail/%$
which I do not understand.

From stephan at rename-it.nl  Tue Jun 19 16:36:59 2012
From: stephan at rename-it.nl (Stephan Bosch)
Date: Tue, 19 Jun 2012 15:36:59 +0200
Subject: [Dovecot] dovecot-sieve and LMT
In-Reply-To: <D497EE1B-2399-4D48-8A98-C9328FE40C04@postia.de>
References: <2484ABE7-6C50-4A13-BC60-2B7A6B64FC55@postia.de>
	<4FE02F9C.5070208@alec.pl>
	<52A58089-3911-4A31-BBB4-36BBFC387918@postia.de>
	<4FE03863.6030403@rename-it.nl>
	<76CEBDAA-095B-44ED-A8CF-4FE58D2F7862@postia.de>
	<4FE05828.6020104@rename-it.nl>
	<D497EE1B-2399-4D48-8A98-C9328FE40C04@postia.de>
Message-ID: <4FE0807B.9070504@rename-it.nl>

Op 6/19/2012 3:13 PM, Martin Weil schreef:
> Am 19.06.2012 um 12:44 schrieb Stephan Bosch:
>
>> Op 6/19/2012 11:20 AM, Martin Weil schreef:
>>> Indeed they did not. I incorrectly thought that a line in postfix's main.cf would change the delivery to deliver. That would have been true if I used local delivery. For virtual users postfix is using "virtual" by default. So I had to add deliver to postfix's master.cf and change the virtual_transport in main.cf.
>>>
>>> After configuring logging for deliver I can now confirm that it is used. I was mistaken by thinking local delivery is the same as virtual delivery. I could have avoided this by reading the wiki more carefully. Sorry about that.
>>>
>>> But I am afraid sieve is still not working. Mails are still delivered to INBOX.
>> Do the logs say anything about Sieve? You can enable mail_debug in your configuration to obtain more verbose log messages about what Sieve is doing.
>>
>> Regards,
>>
>> Stephan.
>
> Thanks a lot for this tip.
> It turned out I used the %u variable instead of %n in the path of the sieve script, so sieve was looking in a non existing directory. After correcting sieve complained about the :create statement. But after I removed it, it worked flawlessly.

The :create tag doesn't work unless the mailbox extension is active; you 
need to add the following to the top of your Sieve script to use it:

require "mailbox";

Regards,

Stephan.

From bradley.giesbrecht at gmail.com  Tue Jun 19 16:51:06 2012
From: bradley.giesbrecht at gmail.com (Bradley Giesbrecht)
Date: Tue, 19 Jun 2012 06:51:06 -0700
Subject: [Dovecot] doveadm fetch LARGE attachments and remove message
	[SOLVED]
In-Reply-To: <2457470C-A66C-42E7-AC5E-C8B3D011631F@iki.fi>
References: <FBF14A8E-F209-4461-9E52-02489FD7426B@gmail.com>
	<2457470C-A66C-42E7-AC5E-C8B3D011631F@iki.fi>
Message-ID: <A7E22E61-4FA2-42AC-8A41-714655A4A4DA@gmail.com>

On Jun 18, 2012, at 6:49 AM, Timo Sirainen wrote:

> On 17.6.2012, at 18.19, Bradley Giesbrecht wrote:
> 
>> Looking at the wiki and man pages I am unsure how to fetch email attachments from a unix shell.
>> 
>> I have an "doveadm search" that returns the messages that have the attachments I am after.
>> 
>> Would I loop through an "doveadm fetch" and use a commandline imap client to save the attachments and move the message to the Trash?
>> 
>> Or is there a doveadm command for this?
> 
> No, there's currently no easy way to do this. doveadm fetch doesn't support that. You could possibly do this via IMAP, but it would be difficult to know which MIME part to fetch. Actually it's not even obvious if a MIME part is an attachment or not..


I used an imap client to create an imap folder named "unpack" , searched for the messages I needed and then moved them into the unpack folder. I then used munpack to unpack the messages from the unpack folder to a local disk directory.
http://ftp.andrew.cmu.edu/pub/mpack/


Regards,
Bradley Giesbrecht (pixilla)


From dovecot at bestewogibt.de  Tue Jun 19 20:12:40 2012
From: dovecot at bestewogibt.de (Dominic Pratt)
Date: Tue, 19 Jun 2012 19:12:40 +0200
Subject: [Dovecot] Trouble with Trash
Message-ID: <4FE0B308.4040102@bestewogibt.de>

Hi guys and girls,

Version: 2.0.19 - running on Ubuntu 12.04 LTS Server
dovecot -n:

# 2.0.19: /etc/dovecot/dovecot.conf
# OS: Linux 3.3.1 x86_64 Ubuntu 12.04 LTS
mail_location = maildir:~/Maildir
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope 
encoded-character vacation subaddress comparator-i;ascii-numeric 
relational regex imap4flags copy include variables body enotify 
environment mailbox date ihave
passdb {
driver = pam
}
plugin {
sieve = ~/.dovecot.sieve
sieve_dir = ~/sieve
}
protocols = imap pop3 sieve
service auth {
unix_listener /var/spool/postfix/private/dovecot-auth {
group = postfix
mode = 0660
user = postfix
}
}
ssl_cert = </etc/ssl/certs/dovecot.pem
ssl_cipher_list = 
ALL:!LOW:!SSLv2:ALL:!aNULL:!ADH:!eNULL:!EXP:RC4+RSA:+HIGH:+MEDIUM
ssl_key = </etc/ssl/private/dovecot.pem
userdb {
driver = passwd
}
protocol imap {
imap_client_workarounds = delay-newmail
mail_max_userip_connections = 10
}
protocol pop3 {
mail_max_userip_connections = 10
pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
}
protocol lda {
deliver_log_format = msgid=%m: %$
mail_plugins = sieve
postmaster_address = postmaster
quota_full_tempfail = yes
rejection_reason = Your message to <%t> was automatically rejected:%n%r
}

My problem is, that actually old mails in the Thrash-Folder are deleted. 
This is crap, because I want to look at some mails again. I'm not sure 
if my Thunderbird does it or Dovecot. I don't think, TB does it, there's 
actually no option, I think.

Any ideas?

P.S.: Sorry for the bad english.

-- 
"If you haven?t found it yet, keep looking. Don?t settle."

Dominic Pratt
Fachinformatiker Systemintegration

Handy: +49 173 8371427


From delrio at mie.utoronto.ca  Tue Jun 19 20:54:47 2012
From: delrio at mie.utoronto.ca (Oscar del Rio)
Date: Tue, 19 Jun 2012 13:54:47 -0400
Subject: [Dovecot] Trouble with Trash
In-Reply-To: <4FE0B308.4040102@bestewogibt.de>
References: <4FE0B308.4040102@bestewogibt.de>
Message-ID: <4FE0BCE7.6060809@mie.utoronto.ca>

On 06/19/12 01:12 PM, Dominic Pratt wrote:
>
> My problem is, that actually old mails in the Thrash-Folder are 
> deleted. This is crap, because I want to look at some mails again. I'm 
> not sure if my Thunderbird does it or Dovecot. I don't think, TB does 
> it, there's actually no option, I think.
>

Thunderbird - Accounts - Server settings - Empty Trash on Exit


From dovecot at bestewogibt.de  Tue Jun 19 21:15:59 2012
From: dovecot at bestewogibt.de (Dominic Pratt)
Date: Tue, 19 Jun 2012 20:15:59 +0200
Subject: [Dovecot] Trouble with Trash
In-Reply-To: <4FE0BCE7.6060809@mie.utoronto.ca>
References: <4FE0B308.4040102@bestewogibt.de>
	<4FE0BCE7.6060809@mie.utoronto.ca>
Message-ID: <4FE0C1DF.1060900@bestewogibt.de>

As already said... I don't think it's TB: 
http://www.imagebanana.com/view/ht4sofoj/thunderbird.jpg

Thanks anyway.

Am 19.06.2012 19:54, schrieb Oscar del Rio:
> Thunderbird - Accounts - Server settings - Empty Trash on Exit

From tss at iki.fi  Wed Jun 20 02:36:14 2012
From: tss at iki.fi (Timo Sirainen)
Date: Wed, 20 Jun 2012 02:36:14 +0300
Subject: [Dovecot] message parser: Fixed infinite loop when parsing a
	specific message.
Message-ID: <1340148974.5967.52.camel@hurina>

I committed this change to all hg branches:
http://hg.dovecot.org/dovecot-2.1/rev/4461b48fcc1f

After that I realized that it doesn't actually matter, because it fixes
only a situation where input buffer's size is less than 84 bytes. This
happened on a test program where I was using a 64 byte buffer, but the
real code in Dovecot always uses much larger buffers.

So, don't worry, there's no way to actually DOS Dovecot with this. No
need for distro people to create any security releases.



From daniel.parthey at informatik.tu-chemnitz.de  Wed Jun 20 03:32:07 2012
From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey)
Date: Wed, 20 Jun 2012 02:32:07 +0200
Subject: [Dovecot] Trouble with Trash
In-Reply-To: <4FE0C1DF.1060900@bestewogibt.de>
References: <4FE0B308.4040102@bestewogibt.de>
	<4FE0BCE7.6060809@mie.utoronto.ca>
	<4FE0C1DF.1060900@bestewogibt.de>
Message-ID: <e8314504-9658-492f-859d-1c072bb1eb99@email.android.com>



Dominic Pratt <dovecot at bestewogibt.de> schrieb:

>As already said... I don't think it's TB: 
>http://www.imagebanana.com/view/ht4sofoj/thunderbird.jpg

Hi Dominic,

since you do not seem to have enabled the Trash plugin, Dovecot will not delete anything by itself.

Thunderbird might expire the mails in your Trash mailbox if they exceed a specified age or a specified message count. Please check your system date and the retention times of mails in your trash mailbox. Right click on the folder.

Regards
Daniel

From a.kostyrev at serverc.ru  Wed Jun 20 05:03:17 2012
From: a.kostyrev at serverc.ru (=?koi8-r?B?68/T1NnSxdcg4czFy9PBzsTSIOHMxcvTxcXXyd4=?=)
Date: Wed, 20 Jun 2012 13:03:17 +1100
Subject: [Dovecot] director map and mysql
Message-ID: <213B51F00051AE48A9F0E112880177178F7A2E@Delta.sc.local>

hello!

Is "doveadm director map" command suppose to work when I store "host" value in mysql table?
It gives me nothing in output with no errors in log.

I've successfully setup directors with static passdb, and decided to give a try setup with storing host value in mysql table.
The proxying is actually working, I'm just unhappy with no output from "doveadm director map".

on the other hand output from "doveadm director map" is not empty, when I configure my password_query not to return host from table.

director's settings in dovecot.sql is:

passdb {
  driver = sql
  args = /etc/dovecot/dovecot-sql.conf
}
userdb {
  driver = sql
  args = /etc/dovecot/dovecot-sql.conf
}
director_servers = 192.168.5.125
director_mail_servers = 192.168.5.110 192.168.5.111
service doveadm {
  inet_listener {
    port = 24245
  }
}
protocol doveadm {
  auth_socket_path = director-userdb
}
doveadm_proxy_port = 24245

in /etc/dovecot/dovecot-sql.conf at director there's
password_query = SELECT \
NULL AS password,\
'Y' as nopassword, \
'Y' AS proxy, \
MBOX_NAME as user, \
host2 as host  \
from M_MAILBOX \
where MBOX_NAME = '%u'

user_query = SELECT \
MBOX_NAME AS username, \
MAIL_DIRECTORY as home \
from M_MAILBOX \
where MBOX_NAME = '%u';

iterate_query = select MBOX_NAME AS username from M_MAILBOX;


backend's conf:
service doveadm {
  inet_listener {
    port = 24245
  }
}


From tss at iki.fi  Wed Jun 20 05:22:25 2012
From: tss at iki.fi (Timo Sirainen)
Date: Wed, 20 Jun 2012 05:22:25 +0300
Subject: [Dovecot] director map and mysql
In-Reply-To: <213B51F00051AE48A9F0E112880177178F7A2E@Delta.sc.local>
References: <213B51F00051AE48A9F0E112880177178F7A2E@Delta.sc.local>
Message-ID: <D5B5A078-5FDD-40F6-B461-BF4870568084@iki.fi>

On 20.6.2012, at 5.03, ???????? ????????? ?????????? wrote:

> Is "doveadm director map" command suppose to work when I store "host" value in mysql table?
> It gives me nothing in output with no errors in log.

If you return a host for a user, then Dovecot does regular proxying and director doesn't know anything about the user.


From claude at phyto.qc.ca  Wed Jun 20 05:28:39 2012
From: claude at phyto.qc.ca (Claude =?UTF-8?B?R8OpbGluYXM=?=)
Date: Tue, 19 Jun 2012 22:28:39 -0400
Subject: [Dovecot] troncated email
Message-ID: <20120619222839.0c083529@oligoextra.phyto.qc.ca>

Hi,

I'm on fc16 with dovecot and Claws Mail version 3.8.0

All email in INBOX are troncated as they arrive. I only get the title,
from and date but no more core message

could someone guide me so I find a solution for my problem. cannot lose
my email

Regards,

Claude

From a.kostyrev at serverc.ru  Wed Jun 20 06:40:42 2012
From: a.kostyrev at serverc.ru (=?koi8-r?B?68/T1NnSxdcg4czFy9PBzsTSIOHMxcvTxcXXyd4=?=)
Date: Wed, 20 Jun 2012 14:40:42 +1100
Subject: [Dovecot] director map and mysql
In-Reply-To: <D5B5A078-5FDD-40F6-B461-BF4870568084@iki.fi>
References: <213B51F00051AE48A9F0E112880177178F7A2E@Delta.sc.local>
	<D5B5A078-5FDD-40F6-B461-BF4870568084@iki.fi>
Message-ID: <213B51F00051AE48A9F0E112880177178F7A2F@Delta.sc.local>

thanks!

but what mechanisms do I have if I want certain user to be always proxied to certain host, but if that host is down, to redirect him to another?

I planned to setup two dovecot storage servers where
all mailboxes are mirrored between these two servers with dsync replication like described in http://www.dovecot.org/list/dovecot/2012-March/064243.html
but I don't want this user to be redirected to two these servers in round-robin fashion.



-----Original Message-----
From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On Behalf Of Timo Sirainen
Sent: Wednesday, June 20, 2012 1:22 PM
To: ???????? ????????? ??????????
Cc: dovecot at dovecot.org
Subject: Re: [Dovecot] director map and mysql

On 20.6.2012, at 5.03, ???????? ????????? ?????????? wrote:

> Is "doveadm director map" command suppose to work when I store "host" value in mysql table?
> It gives me nothing in output with no errors in log.

If you return a host for a user, then Dovecot does regular proxying and director doesn't know anything about the user.



From jesper at dahlnyerup.dk  Wed Jun 20 09:35:05 2012
From: jesper at dahlnyerup.dk (Jesper Dahl Nyerup)
Date: Wed, 20 Jun 2012 08:35:05 +0200
Subject: [Dovecot] Very High Load on Dovecot 2 and Errors in mail.err.
In-Reply-To: <20120611213713.GA28704@jespernyerup.dk>
References: <4FB35038.1000600@enas.net> <1337454348.4384.144.camel@innu>
	<4FB8C07B.5050604@enas.net>
	<4c605c0b2bc041f7f90300b36c716c22@us.es>
	<4FB8FFD7.5040301@enas.net>
	<20120611080907.GA11882@jespernyerup.dk>
	<E9D12C34-52A2-4DFF-9B9F-A95F29CD65F5@iki.fi>
	<20120611213713.GA28704@jespernyerup.dk>
Message-ID: <20120620063504.GA2187@jespernyerup.dk>

On Jun 11  23:37, Jesper Dahl Nyerup wrote:
> We're still chasing the root cause in the kernel or the VServer patch
> set. We'll of course make sure to post our findings here, and I'd very
> much appreciate to hear about other people's progress.

We still haven't found a solution, but here's what we've got thus far:

 - The issue is not VServer specific. We're able to reproduce it on
   recent vanilla kernels.

 - The issue has a strong correlation with the number of processor cores
   in the machine. The behavior is impossible to provoke on a dual core
   workstation, but is very widespread on 16 or 24 core machines.

One of my colleagues has written a snippet of code that reproduces and
exposes the problem, and we've sent this to the Inotify maintainers and
the kernel mailing list, hoping that someone more familiar with the code
will be quicker to figure out what is broken.

If anyone's interested - either in following the issue or the code
snippet that reproduces it - here's the post:
http://thread.gmane.org/gmane.linux.kernel/1315430

As this is clearly a kernel issue, we're going to try to keep the
discussion there, and I'll probably not follow up here, until the issue
has been resolved.

Jesper.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20120620/7c4ed40e/attachment.bin>

From klimenko.n at theitidea.ru  Wed Jun 20 10:24:47 2012
From: klimenko.n at theitidea.ru (=?UTF-8?B?0J3QuNC60L7Qu9Cw0Lkg0JrQu9C40LzQtdC90LrQvg==?=)
Date: Wed, 20 Jun 2012 11:24:47 +0400
Subject: [Dovecot] sieve and namespace
Message-ID: <4FE17ABF.5010303@theitidea.ru>

HI
I'm tryin to set up sieve the way so it will put incoming message into 
Junk folder, which is described via namespace.
Unfortunately rule doesn't work and message is put into Inbox. If i 
change destination folder to folder not described via namespace in the 
same rule the message is placed to that folder.
please help

dovecot 1.2.9

namespace:
   type: private
   prefix: Junk/
   location: maildir:/opt/mail/Junk/INBOX:LAYOUT=fs
   hidden: yes
   list: yes
   subscriptions: yes

From bind at enas.net  Wed Jun 20 12:36:33 2012
From: bind at enas.net (Urban Loesch)
Date: Wed, 20 Jun 2012 11:36:33 +0200
Subject: [Dovecot] Very High Load on Dovecot 2 and Errors in mail.err.
In-Reply-To: <20120620063504.GA2187@jespernyerup.dk>
References: <4FB35038.1000600@enas.net> <1337454348.4384.144.camel@innu>
	<4FB8C07B.5050604@enas.net>
	<4c605c0b2bc041f7f90300b36c716c22@us.es>
	<4FB8FFD7.5040301@enas.net>
	<20120611080907.GA11882@jespernyerup.dk>
	<E9D12C34-52A2-4DFF-9B9F-A95F29CD65F5@iki.fi>
	<20120611213713.GA28704@jespernyerup.dk>
	<20120620063504.GA2187@jespernyerup.dk>
Message-ID: <4FE199A1.9090301@enas.net>

Hi,

yesterday I disabled the inotify as mentioned in the previous post
and it works for me also. Thanks to all for the hint.

On 20.06.2012 08:35, Jesper Dahl Nyerup wrote:
> On Jun 11  23:37, Jesper Dahl Nyerup wrote:
>> We're still chasing the root cause in the kernel or the VServer patch
>> set. We'll of course make sure to post our findings here, and I'd very
>> much appreciate to hear about other people's progress.
>
> We still haven't found a solution, but here's what we've got thus far:
>
>   - The issue is not VServer specific. We're able to reproduce it on
>     recent vanilla kernels.
>
>   - The issue has a strong correlation with the number of processor cores
>     in the machine. The behavior is impossible to provoke on a dual core
>     workstation, but is very widespread on 16 or 24 core machines.

For the records:
I have the problem on 2 different machines with different CPU's
- PE2950 with 2x Intel Xeon X5450 3.00Ghz (8) CPU's (problem happens not so often as with PER610)
- PER610 with 2x Intel Xeon X5650 2.67GHz (24) CPU's

>
> One of my colleagues has written a snippet of code that reproduces and
> exposes the problem, and we've sent this to the Inotify maintainers and
> the kernel mailing list, hoping that someone more familiar with the code
> will be quicker to figure out what is broken.
>
> If anyone's interested - either in following the issue or the code
> snippet that reproduces it - here's the post:
> http://thread.gmane.org/gmane.linux.kernel/1315430

As you described on the kernel maillinglist, I can confirm. The higher the
number of cpu's, the worse it gets.

>
> As this is clearly a kernel issue, we're going to try to keep the
> discussion there, and I'll probably not follow up here, until the issue
> has been resolved.
>
> Jesper.

Thanks
Urban

From CMarcus at Media-Brokers.com  Wed Jun 20 12:36:56 2012
From: CMarcus at Media-Brokers.com (Charles Marcus)
Date: Wed, 20 Jun 2012 05:36:56 -0400
Subject: [Dovecot] troncated email
In-Reply-To: <20120619222839.0c083529@oligoextra.phyto.qc.ca>
References: <20120619222839.0c083529@oligoextra.phyto.qc.ca>
Message-ID: <4FE199B8.5060304@Media-Brokers.com>

On 2012-06-19 10:28 PM, Claude G?linas <claude at phyto.qc.ca> wrote:
> I'm on fc16 with dovecot and Claws Mail version 3.8.0

We are much more interested in the dovecot version (and configuration - 
dovecot -n output is helpful there) than the version of Claws Mail.

> All email in INBOX are troncated as they arrive. I only get the title,
> from and date but no more core message
>
> could someone guide me so I find a solution for my problem. cannot lose
> my email

Since most of our Crystal Balls are broken, you will likely have to be 
much more precise in your request for help, by providing actual excerpts 
from logs while accessing mail, and you may even have to resort to 
enabling debugging...

Start here: http://wiki2.dovecot.org/WhyDoesItNotWork

Otherwise, you may get more help from a Fedora support list.

-- 

Best regards,

Charles

From kayasaman at gmail.com  Wed Jun 20 12:38:59 2012
From: kayasaman at gmail.com (Kaya Saman)
Date: Wed, 20 Jun 2012 10:38:59 +0100
Subject: [Dovecot] Dovecot not liking AD config from wiki??
Message-ID: <CAPj0R5KCMUf=vikirSFECHjEnWq74uBgToTiYEp0GfpOFTi6Bw@mail.gmail.com>

Hi,

I'm trying to setup Dovecot with MS AD and am using this as my guide:

http://wiki2.dovecot.org/HowTo/ActiveDirectoryNtlm


I can definitely access information on the AD server using wbinfo -g
and wbinfo -u.....



Currently my dovecot.conf file looks like this:


# v1.1:
#auth_ntlm_use_winbind = yes
# v1.2+:
auth_use_winbind = yes

auth_winbind_helper_path = /usr/local/bin/ntlm_auth

protocols = imap

# It's nice to have separate log files for Dovecot. You could do this
# by changing syslog configuration also, but this is easier.
log_path = /var/log/dovecot.log
info_log_path = /var/log/dovecot-info.log

# Disable SSL for now.
ssl = no
disable_plaintext_auth = no

# We're using Maildir format
#mail_location = maildir:~/Maildir
mail_location = mbox:/mail:INBOX=/mail/%u

# If you're using POP3, you'll need this:
#pop3_uidl_format = %g

# Authentication configuration:
auth_verbose = yes
auth_debug = yes
auth_username_format = %n
auth_mechanisms = plain ntlm login
userdb {
  driver = static
  args = uid=501 gid=501 home=/mail/%u
  driver = static
  allow_all_users=yes
}



According to the documentation I should be using:

userdb static {
...
}

which seems to be Dovecot v1. config, and additionally the
"allow_all_users=yes" statement when added seems again v1. config
since Dovecot 2. won't even start?


In the meantime when not using "allow_all_users" Dovecot throws up these errors:

Jun 20 11:30:40 master: Warning: Killed with signal 15 (by pid=4149
uid=0 code=kill)
Jun 20 11:30:48 auth: Fatal: No passdbs specified in configuration
file. LOGIN mechanism needs one
Jun 20 11:30:48 master: Error: service(auth): command startup failed,
throttling for 2 secs
Jun 20 11:30:59 master: Warning: Killed with signal 15 (by pid=4182
uid=0 code=kill)
Jun 20 11:31:13 auth: Fatal: No passdbs specified in configuration
file. LOGIN mechanism needs one
Jun 20 11:31:13 master: Error: service(auth): command startup failed,
throttling for 2 secs
Jun 20 11:32:38 master: Warning: Killed with signal 15 (by pid=4245
uid=0 code=kill)
Jun 20 11:32:58 imap-login: Warning: Auth connection closed with 1
pending requests (max 0 secs, pid=4265, EOF)
Jun 20 11:32:58 auth: Fatal: master: service(auth): child 4266 killed
with signal 11 (core not dumped - set service auth {
drop_priv_before_exec=yes })

-- this was after adding:

passdb {
  driver = static
}


to the mix.


I'm using Dovecot 2.1.3 on FreeBSD 8.2 RELEASE x64.


Can anyone help me configuring Dovecot to authenticate?


Regards,


Kaya

From amateo at um.es  Wed Jun 20 12:40:19 2012
From: amateo at um.es (Angel L. Mateo)
Date: Wed, 20 Jun 2012 11:40:19 +0200
Subject: [Dovecot] dovecot 2.1.5 performance
Message-ID: <4FE19A83.8080407@um.es>

Hello,

	I'm migrating from 1.1.16 running in 4 debian lenny servers virtualized 
with xenserver and 1 core and 5GB of RAM to 2.1.5 running in 4 ubuntu 
12.04 servers with 6 cpu cores and 16GB of RAM virtualized with VMWare, 
but I'm having lots a performance problems. I don't think that 
virtualization platform could be the problem, because the new servers 
running in xenserver has the same problems than running in vmware.

	I have about 70000 user accounts, most of them without real activity 
(they are students who doesn't read his email or have its account 
redirected to other provider). I have about 700-1000 concurrent imap 
connections.

	I have storage in nfs (nfsv3, the nfs server is a celerra), but indexes 
are in local filesystems (each server has its own index fs). Mailboxes 
are in maildir format.

	Old servers and actual director servers are load balanced with an 
radware appdirector load balancer (the new backend servers don't need to 
be balanced because I'm using a director farm)

	In the old platform I have scenario number 2 described at 
http://wiki2.dovecot.org/NFS, but in the new ones I have a director 
proxy directing all connections from each user to the same server (I 
don't specify any server for the user, director selects it according to 
the hash algorithm it has).

	Some doubts I have for the recommended in that url:

* mmap_disable: both single and multi server configurations have 
mmap_disable=yes but in index file section says that you need it if you 
have your index files stored in nfs. I have it stored locally. Do I need 
mmap_disable=yes? What it's the best?
* dotlock_use_excl: it is set to no in both configurations, but the 
comment says that it is needed only in nfsv2. Since I have nfs3, I have 
it set it to yes.
* mail_nfs_storage: In single server is set to no, but in multi server 
it set to yes. Since I have a director in front of my backend server, 
what is the recommended?

	With this configuration, when I have a few connections (about 300-400 
imap connections) everything is working fine, but when I disconnect the 
old servers and direct all my users' connections to the new servers I 
have lot of errors. server loads increments to over 300 points, with a 
very high io wait. With atop, I could see that of my 6 cores, I have one 
with almost 100% waiting for i/o and the other with almost 100% idle, 
but load of the server is very, very high.

	With the old servers, I have performance problems, access to mail is 
slow, but it works. But with the new ones it doesn't work at all.

	Any idea?

-- 
Angel L. Mateo Mart?nez
Secci?n de Telem?tica
?rea de Tecnolog?as de la Informaci?n       _o)
y las Comunicaciones Aplicadas (ATICA)      / \\
http://www.um.es/atica                    _(___V
Tfo: 868887590
Fax: 868888337


From amateo at um.es  Wed Jun 20 12:46:09 2012
From: amateo at um.es (Angel L. Mateo)
Date: Wed, 20 Jun 2012 11:46:09 +0200
Subject: [Dovecot] dovecot 2.1.5 performance
In-Reply-To: <4FE19A83.8080407@um.es>
References: <4FE19A83.8080407@um.es>
Message-ID: <4FE19BE1.6070702@um.es>

On 20/06/12 11:40, Angel L. Mateo wrote:
> Hello,
>
>      I'm migrating from 1.1.16 running in 4 debian lenny servers
> virtualized with xenserver and 1 core and 5GB of RAM to 2.1.5 running in
> 4 ubuntu 12.04 servers with 6 cpu cores and 16GB of RAM virtualized with
> VMWare, but I'm having lots a performance problems. I don't think that
> virtualization platform could be the problem, because the new servers
> running in xenserver has the same problems than running in vmware.
>
>      I have about 70000 user accounts, most of them without real
> activity (they are students who doesn't read his email or have its
> account redirected to other provider). I have about 700-1000 concurrent
> imap connections.
>
>      I have storage in nfs (nfsv3, the nfs server is a celerra), but
> indexes are in local filesystems (each server has its own index fs).
> Mailboxes are in maildir format.
>
>      Old servers and actual director servers are load balanced with an
> radware appdirector load balancer (the new backend servers don't need to
> be balanced because I'm using a director farm)
>
>      In the old platform I have scenario number 2 described at
> http://wiki2.dovecot.org/NFS, but in the new ones I have a director
> proxy directing all connections from each user to the same server (I
> don't specify any server for the user, director selects it according to
> the hash algorithm it has).
>
>      Some doubts I have for the recommended in that url:
>
> * mmap_disable: both single and multi server configurations have
> mmap_disable=yes but in index file section says that you need it if you
> have your index files stored in nfs. I have it stored locally. Do I need
> mmap_disable=yes? What it's the best?
> * dotlock_use_excl: it is set to no in both configurations, but the
> comment says that it is needed only in nfsv2. Since I have nfs3, I have
> it set it to yes.
> * mail_nfs_storage: In single server is set to no, but in multi server
> it set to yes. Since I have a director in front of my backend server,
> what is the recommended?
>
>      With this configuration, when I have a few connections (about
> 300-400 imap connections) everything is working fine, but when I
> disconnect the old servers and direct all my users' connections to the
> new servers I have lot of errors. server loads increments to over 300
> points, with a very high io wait. With atop, I could see that of my 6
> cores, I have one with almost 100% waiting for i/o and the other with
> almost 100% idle, but load of the server is very, very high.
>
>      With the old servers, I have performance problems, access to mail
> is slow, but it works. But with the new ones it doesn't work at all.
>
>      Any idea?
>
	I forgot attaching my doveconf.

-- 
Angel L. Mateo Mart?nez
Secci?n de Telem?tica
?rea de Tecnolog?as de la Informaci?n       _o)
y las Comunicaciones Aplicadas (ATICA)      / \\
http://www.um.es/atica                    _(___V
Tfo: 868887590
Fax: 868888337


-------------- next part --------------
# 2.1.5: /etc/dovecot/dovecot.conf
# OS: Linux 3.2.0-24-generic x86_64 Ubuntu 12.04 LTS 
auth_cache_size = 20 M
auth_cache_ttl = 1 days
auth_debug = yes
auth_master_user_separator = *
auth_verbose = yes
default_process_limit = 1000
disable_plaintext_auth = no
log_timestamp = %Y-%m-%d %H:%M:%S
login_trusted_networks = 155.54.211.176/28
mail_debug = yes
mail_fsync = always
mail_location = maildir:~/Maildir:INDEX=/var/indexes/%n
mail_nfs_storage = yes
mail_privileged_group = mail
maildir_stat_dirs = yes
mdbox_rotate_size = 20 M
passdb {
  args = /etc/dovecot/master-users
  driver = passwd-file
  master = yes
  pass = yes
}
passdb {
  args = /etc/dovecot/dovecot-ldap.conf.ext
  driver = ldap
}
passdb {
  args = session=yes dovecot
  driver = pam
}
plugin {
  lazy_expunge = .EXPUNGED/ .DELETED/ .DELETED/.EXPUNGED/
  sieve = ~/.dovecot.sieve
  sieve_dir = ~/sieve
  sieve_extensions = +imapflags
  sieve_max_redirects = 15
  zlib_save = gz
  zlib_save_level = 6
}
postmaster_address = postmaster at um.es
service anvil {
  client_limit = 2003
}
service auth {
  client_limit = 3000
  unix_listener auth-userdb {
    mode = 0666
  }
}
service doveadm {
  inet_listener {
    port = 24245
  }
}
service imap {
  process_limit = 5120
  process_min_avail = 6
  vsz_limit = 512 M
}
service lmtp {
  inet_listener lmtp {
    port = 24
  }
  process_min_avail = 10
  vsz_limit = 512 M
}
service pop3 {
  process_min_avail = 6
}
ssl = no
ssl_cert = </etc/ssl/certs/dovecot.pem
ssl_key = </etc/ssl/private/dovecot.pem
userdb {
  driver = prefetch
}
userdb {
  args = /etc/dovecot/dovecot-ldap.conf.ext
  driver = ldap
}
protocol lda {
  mail_plugins = " sieve"
}
protocol lmtp {
  mail_plugins = " sieve"
}
local 155.54.211.160/27/27 {
  doveadm_password = ]dWhu5kB
}

From joseba.torre at ehu.es  Wed Jun 20 12:58:05 2012
From: joseba.torre at ehu.es (Joseba Torre)
Date: Wed, 20 Jun 2012 11:58:05 +0200
Subject: [Dovecot] dovecot 2.1.5 performance
In-Reply-To: <4FE19BE1.6070702@um.es>
References: <4FE19A83.8080407@um.es> <4FE19BE1.6070702@um.es>
Message-ID: <4FE19EAD.4050400@ehu.es>

El 20/06/12 11:46, Angel L. Mateo escribi?:
> On 20/06/12 11:40, Angel L. Mateo wrote:
>> Hello,
>>
>> I'm migrating from 1.1.16 running in 4 debian lenny servers
>> virtualized with xenserver and 1 core and 5GB of RAM to 2.1.5 running in
>> 4 ubuntu 12.04 servers with 6 cpu cores and 16GB of RAM virtualized with
>> VMWare, but I'm having lots a performance problems. I don't think that
>> virtualization platform could be the problem, because the new servers
>> running in xenserver has the same problems than running in vmware.
>>
>> I have about 70000 user accounts, most of them without real
>> activity (they are students who doesn't read his email or have its
>> account redirected to other provider). I have about 700-1000 concurrent
>> imap connections.
>>
>> I have storage in nfs (nfsv3, the nfs server is a celerra), but
>> indexes are in local filesystems (each server has its own index fs).
>> Mailboxes are in maildir format.
>>
>> Old servers and actual director servers are load balanced with an
>> radware appdirector load balancer (the new backend servers don't need to
>> be balanced because I'm using a director farm)
>>
>> In the old platform I have scenario number 2 described at
>> http://wiki2.dovecot.org/NFS, but in the new ones I have a director
>> proxy directing all connections from each user to the same server (I
>> don't specify any server for the user, director selects it according to
>> the hash algorithm it has).
>>
>> Some doubts I have for the recommended in that url:
>>
>> * mmap_disable: both single and multi server configurations have
>> mmap_disable=yes but in index file section says that you need it if you
>> have your index files stored in nfs. I have it stored locally. Do I need
>> mmap_disable=yes? What it's the best?
>> * dotlock_use_excl: it is set to no in both configurations, but the
>> comment says that it is needed only in nfsv2. Since I have nfs3, I have
>> it set it to yes.
>> * mail_nfs_storage: In single server is set to no, but in multi server
>> it set to yes. Since I have a director in front of my backend server,
>> what is the recommended?
>>

As I see it, director ensures that only 1 server is accesing any given 
file, so you don't need any special conf (so mmap_disable=no & 
mail_nfs_storage=no)

From tss at iki.fi  Wed Jun 20 13:05:32 2012
From: tss at iki.fi (Timo Sirainen)
Date: Wed, 20 Jun 2012 13:05:32 +0300
Subject: [Dovecot] dovecot 2.1.5 performance
In-Reply-To: <4FE19A83.8080407@um.es>
References: <4FE19A83.8080407@um.es>
Message-ID: <1340186732.5967.71.camel@hurina>

On Wed, 2012-06-20 at 11:40 +0200, Angel L. Mateo wrote:

> * mmap_disable: both single and multi server configurations have 
> mmap_disable=yes but in index file section says that you need it if you 
> have your index files stored in nfs. I have it stored locally. Do I need 
> mmap_disable=yes? What it's the best?

mmap_disable is used only for index files, so with local indexes use
"no". (If indexes were on NFS, "no" would probably still work but I'm
not sure if the performance would be better or worse. Errors would also
trigger SIGBUS crashes.)

> * dotlock_use_excl: it is set to no in both configurations, but the 
> comment says that it is needed only in nfsv2. Since I have nfs3, I have 
> it set it to yes.

"yes" is ok.

> * mail_nfs_storage: In single server is set to no, but in multi server 
> it set to yes. Since I have a director in front of my backend server, 
> what is the recommended?

With director you can set this to "no".

> 	With this configuration, when I have a few connections (about 300-400 
> imap connections) everything is working fine, but when I disconnect the 
> old servers and direct all my users' connections to the new servers I 
> have lot of errors. 

Real errors that show up in Dovecot logs? What kind of errors?

> server loads increments to over 300 points, with a 
> very high io wait. With atop, I could see that of my 6 cores, I have one 
> with almost 100% waiting for i/o and the other with almost 100% idle, 
> but load of the server is very, very high.

Does the server's disk IO usage actually go a lot higher, or is it
simply waiting without doing much of anything? I wonder if this is
related to the inotify problems:
http://dovecot.org/list/dovecot/2012-June/066474.html

Another thought: Since indexes are stored locally, is it possible that
the extra load comes simply from building the indexes on the new
servers, while they already exist on the old ones?

> mail_fsync = always

v1.1 did the equivalent of mail_fsync=optimized. You could see if that
makes a difference.

> maildir_stat_dirs = yes

Do you actually need this? It causes unnecessary disk IO and probably
not needed in your case.

> default_process_limit = 1000

Since you haven't enabled high-performance mode for imap-login processes
and haven't otherwise changed the service imap-login settings, this
means that you can have max. 1000 simultaneous IMAP SSL/TLS connections.


From amateo at um.es  Wed Jun 20 13:49:24 2012
From: amateo at um.es (Angel L. Mateo)
Date: Wed, 20 Jun 2012 12:49:24 +0200
Subject: [Dovecot] dovecot 2.1.5 performance
In-Reply-To: <1340186732.5967.71.camel@hurina>
References: <4FE19A83.8080407@um.es> <1340186732.5967.71.camel@hurina>
Message-ID: <4FE1AAB4.9030404@um.es>

On 20/06/12 12:05, Timo Sirainen wrote:
> On Wed, 2012-06-20 at 11:40 +0200, Angel L. Mateo wrote:
>
>> * mmap_disable: both single and multi server configurations have
>> mmap_disable=yes but in index file section says that you need it if you
>> have your index files stored in nfs. I have it stored locally. Do I need
>> mmap_disable=yes? What it's the best?
>
> mmap_disable is used only for index files, so with local indexes use
> "no". (If indexes were on NFS, "no" would probably still work but I'm
> not sure if the performance would be better or worse. Errors would also
> trigger SIGBUS crashes.)
>
>> * dotlock_use_excl: it is set to no in both configurations, but the
>> comment says that it is needed only in nfsv2. Since I have nfs3, I have
>> it set it to yes.
>
> "yes" is ok.
>
>> * mail_nfs_storage: In single server is set to no, but in multi server
>> it set to yes. Since I have a director in front of my backend server,
>> what is the recommended?
>
> With director you can set this to "no".
>
	Ok, I'm going to change it.

>> 	With this configuration, when I have a few connections (about 300-400
>> imap connections) everything is working fine, but when I disconnect the
>> old servers and direct all my users' connections to the new servers I
>> have lot of errors.
>
> Real errors that show up in Dovecot logs? What kind of errors?
>
	Lot of errors like:

Jun 20 12:42:37 myotis31 dovecot: imap(vlo): Warning: Maildir 
/home/otros/44/016744/Maildir/.INBOX.PRUEBAS: Synchronization took 278 
seconds (0 new msgs, 0 flag change attempts, 0 expunge attempts)
Jun 20 12:42:38 myotis31 dovecot: imap(vlo): Warning: Transaction log 
file /var/indexes/vlo/.INBOX.PRUEBAS/dovecot.index.log was locked for 
279 seconds


	and in the relay server, lots of timeout errors delivering to lmtp:

un 20 12:38:29 xenon14 postfix/lmtp[12004]: D48D55D4F7: to=<dmv at um.es>, 
relay=pop.um.es[155.54.212.106]:24, delay=150, delays=0.09/0/0/150, 
dsn=4.4.0, status=deferred (host pop.um.es[155.54.212.106] said: 451 
4.4.0 Remote server not answering (timeout while waiting for reply to 
DATA reply) (in reply to end of DATA command))

>> server loads increments to over 300 points, with a
>> very high io wait. With atop, I could see that of my 6 cores, I have one
>> with almost 100% waiting for i/o and the other with almost 100% idle,
>> but load of the server is very, very high.
>
> Does the server's disk IO usage actually go a lot higher, or is it
> simply waiting without doing much of anything? I wonder if this is
> related to the inotify problems:
> http://dovecot.org/list/dovecot/2012-June/066474.html
>
	Now we have rollbacked to the old servers, so I don't know. Next time 
we try, I'll check this.

> Another thought: Since indexes are stored locally, is it possible that
> the extra load comes simply from building the indexes on the new
> servers, while they already exist on the old ones?
>
	I don't think so, because:

* In the old servers, we have no "director like" mechanism. One IP is 
always directed to the same server (during a session timeout, today 
could be one server and tomorrow another different), but mail is 
delivered randomly through one of the server.
* Since last week (when we started migration) all mail is delivered into 
the mailboxes by the new servers, passing through director. So new 
server's indexes should be updated.

>> mail_fsync = always
>
> v1.1 did the equivalent of mail_fsync=optimized. You could see if that
> makes a difference.
>
	I'll try this.

>> maildir_stat_dirs = yes
>
> Do you actually need this? It causes unnecessary disk IO and probably
> not needed in your case.
>
	My fault. I understood the explanation completely wrong. I thought that 
yes should do what actually does no. I have fixed it.

>> default_process_limit = 1000
>
> Since you haven't enabled high-performance mode for imap-login processes
> and haven't otherwise changed the service imap-login settings, this
> means that you can have max. 1000 simultaneous IMAP SSL/TLS connections.
>
	I know it. I have to tune it.

-- 
Angel L. Mateo Mart?nez
Secci?n de Telem?tica
?rea de Tecnolog?as de la Informaci?n       _o)
y las Comunicaciones Aplicadas (ATICA)      / \\
http://www.um.es/atica                    _(___V
Tfo: 868887590
Fax: 868888337



From wojtek at wojtek.tensor.gdynia.pl  Wed Jun 20 14:30:35 2012
From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar)
Date: Wed, 20 Jun 2012 13:30:35 +0200 (CEST)
Subject: [Dovecot] dovecot 2.1.5 performance
In-Reply-To: <4FE1AAB4.9030404@um.es>
References: <4FE19A83.8080407@um.es> <1340186732.5967.71.camel@hurina>
	<4FE1AAB4.9030404@um.es>
Message-ID: <alpine.BSF.2.00.1206201329090.24161@wojtek.tensor.gdynia.pl>

>>
> 	I know it. I have to tune it.
>
> -- 
he did not only changed Dovecot but OS. I would bet it is his OS problem - 
as he stated 100% of single core is used while 6 are available. something 
definitely not dovecot dependent.

i would recommend installing exactly the same version of old dovecot on 
new OS and test it.

From delrio at mie.utoronto.ca  Wed Jun 20 16:45:06 2012
From: delrio at mie.utoronto.ca (Oscar del Rio)
Date: Wed, 20 Jun 2012 09:45:06 -0400
Subject: [Dovecot] Trouble with Trash
In-Reply-To: <e8314504-9658-492f-859d-1c072bb1eb99@email.android.com>
References: <4FE0B308.4040102@bestewogibt.de>
	<4FE0BCE7.6060809@mie.utoronto.ca>
	<4FE0C1DF.1060900@bestewogibt.de>
	<e8314504-9658-492f-859d-1c072bb1eb99@email.android.com>
Message-ID: <4FE1D3E2.9010205@mie.utoronto.ca>

On 06/19/12 08:32 PM, Daniel Parthey wrote:
> Dominic Pratt<dovecot at bestewogibt.de>  schrieb:
>
>> As already said... I don't think it's TB:
>> http://www.imagebanana.com/view/ht4sofoj/thunderbird.jpg
> since you do not seem to have enabled the Trash plugin, Dovecot will not delete anything by itself.

The only other way I can think of that Dovecot could delete messages 
would be if there is a "doveadm expunge" cron job running on the server.

From weiler.guido at bergersysteme.com  Wed Jun 20 17:06:25 2012
From: weiler.guido at bergersysteme.com (Guido Weiler)
Date: Wed, 20 Jun 2012 14:06:25 +0000
Subject: [Dovecot] Dovecot Maildir - How to Seperate mail folders
In-Reply-To: <mailman.918.1340040138.3160.dovecot@dovecot.org>
References: <mailman.918.1340040138.3160.dovecot@dovecot.org>
Message-ID: <EEC2D5E5EBAD40439803A82A6C5B191D2FF24FBB@w2k8server03.bergersysteme.com>

> Date: Mon, 18 Jun 2012 16:53:39 +0300
> From: Timo Sirainen <tss at iki.fi>
> To: Dovecot Mailing List <dovecot at dovecot.org>
> Subject: Re: [Dovecot] Dovecot Maildir - How to Seperate mail folders
> Message-ID: <A828DCE4-9B1D-48AC-B1A1-C77C4D639AE4 at iki.fi>
> Content-Type: text/plain; charset=us-ascii
>
> On 18.6.2012, at 12.17, Guido Weiler wrote:
>
> > 01 OK Logged in.
> >>> 02 list "" "*"
> > * LIST (\HasNoChildren) "/" "INBOX"
> > * LIST (\Noselect \HasChildren) "/" "greetings"
> > * LIST (\HasNoChildren) "/" "greetings/INBOX"
> > 02 OK List completed.
> >>> 03 select "greetings/INBOX"
> > 03 NO Mailbox doesn't exist: INBOX
> >>> 04 select greetings
> > 04 NO Mailbox doesn't exist: greetings
> > 
> > ---
> > 
> > What is this "\Noselect" mailbox showing up and why is it saying "greetings/INBOX" in the third row when in fact there > isn't a mailbox with this name?
> > 
> > I am very sorry for having to bother you again, but I don't know what we are doing wrong here.
> > (Dovecot version is 1.1.16)
>
> Fixed in newer versions, upgrade.
>
------------------------------

Thank you. Can you tell me if this bug belongs to the LIST command only?
Or is it generally impossible to SELECT such mailboxes with this version?

Best Regards,

Guido Weiler

From CMarcus at Media-Brokers.com  Wed Jun 20 17:19:56 2012
From: CMarcus at Media-Brokers.com (Charles Marcus)
Date: Wed, 20 Jun 2012 10:19:56 -0400
Subject: [Dovecot] Dovecot Maildir - How to Seperate mail folders
In-Reply-To: <EEC2D5E5EBAD40439803A82A6C5B191D2FF24FBB@w2k8server03.bergersysteme.com>
References: <mailman.918.1340040138.3160.dovecot@dovecot.org>
	<EEC2D5E5EBAD40439803A82A6C5B191D2FF24FBB@w2k8server03.bergersysteme.com>
Message-ID: <4FE1DC0C.7070008@Media-Brokers.com>

Guido, when Timo says its time to upgrade, upgrade.

On 2012-06-20 10:06 AM, Guido Weiler <weiler.guido at bergersysteme.com> wrote:
>> Date: Mon, 18 Jun 2012 16:53:39 +0300
>> From: Timo Sirainen<tss at iki.fi>
>> To: Dovecot Mailing List<dovecot at dovecot.org>
>> Subject: Re: [Dovecot] Dovecot Maildir - How to Seperate mail folders
>> Message-ID:<A828DCE4-9B1D-48AC-B1A1-C77C4D639AE4 at iki.fi>
>> Content-Type: text/plain; charset=us-ascii
>>
>> On 18.6.2012, at 12.17, Guido Weiler wrote:
>>
>>> 01 OK Logged in.
>>>>> 02 list "" "*"
>>> * LIST (\HasNoChildren) "/" "INBOX"
>>> * LIST (\Noselect \HasChildren) "/" "greetings"
>>> * LIST (\HasNoChildren) "/" "greetings/INBOX"
>>> 02 OK List completed.
>>>>> 03 select "greetings/INBOX"
>>> 03 NO Mailbox doesn't exist: INBOX
>>>>> 04 select greetings
>>> 04 NO Mailbox doesn't exist: greetings
>>>
>>> ---
>>>
>>> What is this "\Noselect" mailbox showing up and why is it saying "greetings/INBOX" in the third row when in fact there>  isn't a mailbox with this name?
>>>
>>> I am very sorry for having to bother you again, but I don't know what we are doing wrong here.
>>> (Dovecot version is 1.1.16)
>>
>> Fixed in newer versions, upgrade.
>>
> ------------------------------
>
> Thank you. Can you tell me if this bug belongs to the LIST command only?
> Or is it generally impossible to SELECT such mailboxes with this version?
>
> Best Regards,
>
> Guido Weiler


-- 

Best regards,

Charles Marcus
I.T. Director
Media Brokers International, Inc.
678.514.6200 x224 | 678.514.6299 fax

From rventura at h-st.com  Wed Jun 20 18:50:43 2012
From: rventura at h-st.com (Romer Ventura)
Date: Wed, 20 Jun 2012 10:50:43 -0500
Subject: [Dovecot] GlusterFS + Dovecot
Message-ID: <7f9a01cd4efc$732ac3c0$59804b40$@h-st.com>

Hello,

 

Has anyone used GlusterFS as storage file system for dovecot or any other
email system..?

 

It says that it can be presented as a NFS, CIFS and as GlusterFS using the
native client, technically using the client would allow the machine to read
and write to it, therefore, I think that Dovecot would not care about it.
Correct?

 

Anyone out there used this setup??

 

Thanks.


From tss at iki.fi  Wed Jun 20 19:04:02 2012
From: tss at iki.fi (Timo Sirainen)
Date: Wed, 20 Jun 2012 19:04:02 +0300
Subject: [Dovecot] GlusterFS + Dovecot
In-Reply-To: <7f9a01cd4efc$732ac3c0$59804b40$@h-st.com>
References: <7f9a01cd4efc$732ac3c0$59804b40$@h-st.com>
Message-ID: <BF5461AE-5C9D-4224-A140-8DC33947DBAD@iki.fi>

On 20.6.2012, at 18.50, Romer Ventura wrote:

> Has anyone used GlusterFS as storage file system for dovecot or any other
> email system..?

I've heard Dovecot complains about index corruption once in a while with glusterfs, even when not in multi-master mode. I wouldn't use it without some heavy stress testing first (with imaptest tool).


From acrow at integrafin.co.uk  Wed Jun 20 19:39:55 2012
From: acrow at integrafin.co.uk (Alex Crow)
Date: Wed, 20 Jun 2012 17:39:55 +0100
Subject: [Dovecot] Dovecot list IMAP archives with thunderbird?
Message-ID: <4FE1FCDB.6080503@integrafin.co.uk>

Hi,

I'm trying to access the IMAP archives with Thunderbird but can't seem 
to get it to work. I have tried an unencrypted connection, SSL and TLS 
but with no success. Any ideas?

Thanks

Alex

-- 
This message is intended only for the addressee and may contain
confidential information.  Unless you are that person, you may not
disclose its contents or use it in any way and are requested to delete
the message along with any attachments and notify us immediately.

"Transact" is operated by Integrated Financial Arrangements plc
Domain House, 5-7 Singer Street, London  EC2A 4BQ
Tel: (020) 7608 4900 Fax: (020) 7608 5300
(Registered office: as above; Registered in England and Wales under number: 3727592)
Authorised and regulated by the Financial Services Authority (entered on the FSA Register; number: 190856)


From masch at masch.it  Wed Jun 20 20:07:44 2012
From: masch at masch.it (Mark Schmale)
Date: Wed, 20 Jun 2012 19:07:44 +0200
Subject: [Dovecot] Problem with Dovecot 2.0/2.1 and MySQL 5.1
Message-ID: <20120620190744.4f01672f@mark_laptop>

Hi everyone, 

since some time I got problems with dovecot & mysql. 
I got the problem with version 2.0.x and upgraded to 2.1.7 to check if
its gone. But its not :(
The logs just tell me this: 
dovecot: auth: Error: auth worker: Aborted request: Worker process died
unexpectedly

If I change to a sqlite setup, everything works fine. 

Here are some informations. I hope someone can tell me whats wrong with
my system/setup. I really dont think that this is a bug because someone
else should have hit that before me. 

doveconf - n
  # 2.1.7: /etc/dovecot/dovecot.conf
  # OS: Linux 3.2.2-hardened-r1 x86_64 Gentoo Base System release 2.1 
  auth_verbose = yes
  mail_location = maildir:~/%d/mail/%n
  managesieve_notify_capability = mailto
  managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date ihave namespace inbox { inbox = yes location = 
    mailbox Drafts {
      special_use = \Drafts
    }
    mailbox Junk {
      special_use = \Junk
    }
    mailbox Sent {
      special_use = \Sent
    }
    mailbox "Sent Messages" {
      special_use = \Sent
    }
    mailbox Trash {
      special_use = \Trash
    }
    prefix = 
  }
  passdb {
    args = /etc/dovecot/dovecot-sql.conf
    driver = sql
  }
  plugin {
    sieve = ~/.dovecot.sieve
    sieve_dir = ~/sieve
  }
  protocols = imap pop3 lmtp sieve
  service auth {
    unix_listener /var/spool/postfix/private/auth {
      group = postfix
      mode = 0660
      user = postfix
    }
    unix_listener auth-userdb {
      group = vmail
      user = vmail
    }
  }
  ssl_cert = </etc/ssl/dovecot/server.pem
  ssl_key = </etc/ssl/dovecot/server.key
  userdb {
    args = /etc/dovecot/dovecot-sql.conf
    driver = sql
  }
  protocol lda {
    mail_plugins = sieve
  }

contents of dovecot-sql.conf: 
default_pass_scheme = PLAIN-MD5
driver = mysql
connect = host=localhost dbname=config user=user password=pass

password_query = SELECT CONCAT( u.username,  '@', d.name ) AS user,
password FROM mail_user AS u LEFT JOIN mail_domains AS d ON u.domain =
d.id WHERE u.username = '%n' AND d.name = '%d'

user_query = SELECT home, uid, gid FROM mail_user AS u LEFT JOIN
mail_domains AS d ON u.domain = d.id WHERE u.username = '%n' AND d.name
= '%d'

// linebreaks added by mailclient for readability 

bt full with gdb: 
  [Thread debx7fb891e85977 "216be49381eb03d180103cdf6eb90483"
          fields_count = 2
          name = 0x0
  #1  sql_query_callback (result=0x7fb891e82f60,
  sql_request=0x7fb891e82c08) at passdb-sql.c:87 auth_request =
  0x7fb891e82a80 _module = <optimized out>
          module = <optimized out>
          passdb_result = PASSDB_RESULT_INTERNAL_FAILURE
          password = 0x0
          scheme = <optimized out>
          ret = <optimized out>
          __FUNCTION__ = "sql_query_callback"
  #2  0x00007fb891c3c940 in driver_sqlpool_query_callback
  (result=0x7fb891e82f60, request=0x7fb891e82e50) at
driver-sqlpool.c:635 db = 0x7fb891e66540 conn = 0x0
          conndb = 0x7fb891e66910
  #3  0x00007fb891c3dbe0 in driver_mysql_query (db=<optimized out>,
  query=<optimized out>, callback=0x7fb891c3c8c0
  <driver_sqlpool_query_callback>, context=0x7fb891e82e50) at
  driver-mysql.c:296 result = 0x7fb891e82f60 #4  0x00007fb891c3cc41 in
  driver_sqlpool_query (_db=0x7fb891e66540, query=0x7fb891e561c8 "SELECT
  CONCAT( u.username,  '@', d.name ) AS user, password FROM mail_user AS
  u LEFT JOIN mail_domains AS d ON u.domain = d.id WHERE u.username =
  'masch' AND d.name = 'masch.it'", callback=0x7fb891c31960
  <sql_query_callback>, context=0x7fb891e82c08) at driver-sqlpool.c:657
  db = 0x7fb891e66540 request = 0x7fb891e82e50 conn = 0x7fb891e667c0 #5
  0x00007fb891c23b49 in auth_worker_handle_passv (args=0x7fb891e560b8,
  id=1, client=<optimized out>) at auth-worker-client.c:200 auth_request
  = 0x7fb891e82a80 passdb = <optimized out> password = 0x7fb891e55ff2
  "somepassword" passdb_id = 1 #6  auth_worker_handle_line
(line=<optimized out>, client=<optimized out>) at
auth-worker-client.c:559 args = out>0x7fb891e560a8
          id = 1
          ret = false
  #7  auth_worker_input (client=0x7fb891e80650) at
  auth-worker-client.c:647 _data_stack_cur_id = 3
          line = <optimized out>
          ret = true
  #8  0x00007fb89179f4b6 in io_loop_call_io (io=0x7fb891e80970) at
  ioloop.c:379 ioloop = 0x7fb891e5e390
          t_id = 2
  #9  0x00007fb8917a043f in io_loop_handler_run (ioloop=<optimized out>)
  at ioloop-epoll.c:213 ctx = 0x7fb891e69100
          events = <optimized out>
          event = 0x7fb891e69170
          list = 0x7fb891e809c0        
          io = <optimized out>
          tv = {tv_sec = 59, tv_usec = 999508}
          msecs = <optimized out>
          ret = 1
          i = <optimized out>
          j = <optimized out>
          call = <optimized out>
  #10 0x00007fb89179ed50 in io_loop_run (ioloop=0x7fb891e5e390) at
ioloop.c:398 No locals.
  #11 0x00007fb891786a87 in master_service_run (service=0x7fb891e5e240,
callback=<optimized out>) at master-service.c:544 No locals.
  #12 0x00007fb891c289a3 in main (argc=2, argv=0x7fb891e5e080) at
main.c:373 c = <optimized out>

best regards, 
Mark Schmale 

From claude at phyto.qc.ca  Thu Jun 21 02:49:16 2012
From: claude at phyto.qc.ca (Claude =?UTF-8?B?R8OpbGluYXM=?=)
Date: Wed, 20 Jun 2012 19:49:16 -0400
Subject: [Dovecot] troncated email
In-Reply-To: <4FE199B8.5060304@Media-Brokers.com>
References: <20120619222839.0c083529@oligoextra.phyto.qc.ca>
	<4FE199B8.5060304@Media-Brokers.com>
Message-ID: <20120620194916.44c68160@oligoextra.phyto.qc.ca>

Le Wed, 20 Jun 2012 05:36:56 -0400,
Charles Marcus <CMarcus at Media-Brokers.com> a ?crit :

> On 2012-06-19 10:28 PM, Claude G?linas <claude at phyto.qc.ca> wrote:
> > I'm on fc16 with dovecot and Claws Mail version 3.8.0
> 
> We are much more interested in the dovecot version (and configuration
> - dovecot -n output is helpful there) than the version of Claws Mail.
> 
> > All email in INBOX are troncated as they arrive. I only get the
> > title, from and date but no more core message
> >
> > could someone guide me so I find a solution for my problem. cannot
> > lose my email
> 
> Since most of our Crystal Balls are broken, you will likely have to
> be much more precise in your request for help, by providing actual
> excerpts from logs while accessing mail, and you may even have to
> resort to enabling debugging...
> 
> Start here: http://wiki2.dovecot.org/WhyDoesItNotWork
> 
> Otherwise, you may get more help from a Fedora support list.
> 

here is the dovecot -n

# 2.0.20: /etc/dovecot/dovecot.conf
# OS: Linux 3.2.7-1.fc16.x86_64 x86_64 Fedora release 16 (Verne) 
disable_plaintext_auth = no
mail_location = maildir:~/mail/INBOX:LAYOUT=fs
maildir_very_dirty_syncs = yes
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave
mbox_write_locks = fcntl
passdb {
  driver = pam
}
plugin {
  sieve = ~/.dovecot.sieve
  sieve_dir = ~/sieve
}
service imap-login {
  inet_listener imap {
    address = localhost
  }
}
service pop3-login {
  inet_listener pop3 {
    address = localhost
  }
}
ssl_cert = </etc/pki/dovecot/certs/dovecot.pem
ssl_key = </etc/pki/dovecot/private/dovecot.pem
userdb {
  driver = passwd
}

Each email I receive in the INBOX folder are missing the core of the
message. I see who sent it, I have the title but the rest is empty. 

In other folder the email come in just fine

Claude 

From ml at smtp.fakessh.eu  Thu Jun 21 03:02:51 2012
From: ml at smtp.fakessh.eu (ml)
Date: Thu, 21 Jun 2012 02:02:51 +0200
Subject: [Dovecot] how to use new style namespace for INBOX
Message-ID: <4FE264AB.1090600@smtp.fakessh.eu>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

dear honorable doctor timo

reading the list I saw appear a new style for the "writing of INBOX".
namely this example

mailbox Drafts {
      special_use = \Drafts
    }
    mailbox Junk {
      special_use = \Junk
    }
    mailbox Sent {
      special_use = \Sent
    }
    mailbox "Sent Messages" {
      special_use = \Sent
    }
    mailbox Trash {
      special_use = \Trash
    }
    prefix =


I do not know how to use it can you help me now is my config

~]# /usr/sbin/dovecot -n
# 2.1.7: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.34.6-xxxx-grs-ipv6-32 i686 CentOS release 5.8 (Final)
auth_mechanisms = plain login
base_dir = /var/run/dovecot/
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes
listen = [::]
log_path = /var/log/maillog
log_timestamp = %Y-%m-%d %H:%M:%S
login_log_format_elements = user=<%u> method=%m rip=%r lip=%l %c
mail_debug = yes
mail_location = maildir:~/Maildir
mail_max_userip_connections = 30
mail_plugins = " quota  trash zlib"
mailbox_list_index = yes
maildir_broken_filename_sizes = yes
managesieve_notify_capability = mailto
managesieve_sieve_capability = comparator-i;octet
comparator-i;ascii-casemap fileinto reject envelope encoded-character
vacation subaddress comparator-i;ascii-numeric relational regex
imap4flags copy include variables body enotify environment mailbox date
spamtest spamtestplus virustest
namespace {
  inbox = yes
  location =
  prefix =
  separator = .
}
passdb {
  driver = pam
}
plugin {
  autocreate = Trash
  autocreate2 = Junk
  autocreate3 = Sent
  autocreate4 = Drafts
  autosubscribe = Trash
  autosubscribe2 = Junk
  autosubscribe3 = Sent
  autosubscribe4 = Drafts
  deleted_to_trash_folder = Trash
  plugin = $mail_plugins  autocreate managesieve  sieve quota
  quota = maildir:User quota
  quota_exceeded_message = Quota exceeded, please go to
http://www.fakessh.eu/over_quota_help.html for instructions on how to
fix this.
  quota_rule = *:storage=10GB
  quota_rule2 = Trash:storage=+10%
  quota_rule3 = Spam:storage=+20%
  quota_warning = storage=95%% quota-warning 95 %u
  quota_warning2 = storage=80%% quota-warning 80 %u
  sieve = ~/.dovecot.sieve
  sieve_before = /var/sieve-scripts/roundcube.sieve
  sieve_dir = ~/sieve
  sieve_global_path = whatever
  trash = /etc/dovecot/dovecot-trash.conf.ext
  zlib_save = bz2
  zlib_save_level = 9
}
protocols = sieve imap pop3
service anvil {
  client_limit = 6000
}
service auth {
  client_limit = 6000
  process_limit = 1
  unix_listener /var/spool/postfix/private/auth {
    group = postfix
    mode = 0600
    user = postfix
  }
  unix_listener auth-master {
    mode = 0666
  }
  unix_listener auth-userdb {
    mode = 0666
  }
  vsz_limit = 64 M
}
service imap-login {
  client_limit = 0
  inet_listener imap {
    port = 0
  }
  inet_listener imaps {
    address = * , [::]
    port = 993
  }
  process_limit = 1024
  service_count = 1
  vsz_limit = 64 M
}
service imap {
  process_limit = 1024
  process_min_avail = 0
  service_count = 1
  vsz_limit = 64 M
}
service managesieve-login {
  inet_listener managesieve-login {
    address = * , [::]
    port = 2000
  }
  process_limit = 1
  vsz_limit = 64 M
}
service pop3-login {
  inet_listener pop3 {
    port = 0
  }
  inet_listener pop3s {
    address = * , [::]
    port = 995
  }
  process_limit = 1
  vsz_limit = 64 M
}
service quota-warning {
  executable = script /usr/local/bin/quota-warning.sh
  unix_listener quota-warning {
    user = mail
  }
  user = dovecot
}
ssl_ca = </etc/pki/tls/certs/class3.crt
ssl_cert = </etc/pki/tls/certs/ks37777.kimsufi.com.cert
ssl_key = </etc/pki/tls/private/ks37777.kimsufi.com.key
ssl_verify_client_cert = yes
userdb {
  driver = passwd
}
userdb {
  driver = passwd
}
version_ignore = yes
protocol imap {
  imap_client_workarounds = delay-newmail tb-extra-mailbox-sep
  imap_max_line_length = 64 k
  mail_plugins = " quota  trash zlib   autocreate quota imap_quota
imap_zlib zlib"
}
protocol pop3 {
  mail_plugins = autocreate quota quota autocreate deleted_to_trash zlib
  pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
  pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s
}
protocol lda {
  hostname = ks37777.kimsufi.com
  info_log_path =
  log_path =
  mail_plugins = autocreate  sieve  quota
  postmaster_address = postmaster at fakessh.eu
  sendmail_path = /usr/lib/sendmail
}
protocol sieve {
  managesieve_implementation_string = dovecot
  managesieve_logout_format = bytes ( in=%i : out=%o )
  managesieve_max_line_length = 65536
}
- -- 
  http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xC2626742
  gpg --keyserver pgp.mit.edu --recv-key C2626742

  http://urlshort.eu fakessh @
  http://gplus.to/sshfake
  http://gplus.to/sshswilting
  http://gplus.to/john.swilting
  https://lists.fakessh.eu/mailman/
  This list is moderated by me, but all applications will be accepted
  provided they receive a note of presentation
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk/iZKsACgkQNgqL0sJiZ0LNvgCgwO5+e7zu+OfTqOWdtSpxzqCL
6ZgAnRuEtAtALE9zUfxIb9zN/5fhmy3t
=rF7F
-----END PGP SIGNATURE-----

From voytek at sbt.net.au  Thu Jun 21 05:43:20 2012
From: voytek at sbt.net.au (Voytek Eymont)
Date: Thu, 21 Jun 2012 12:43:20 +1000
Subject: [Dovecot] migrating sql virtual 1 to 2,
	namespace configuration error: inbox=yes namespace missing
In-Reply-To: <7F977326-C48A-4907-8A02-512B83B347F9@iki.fi>
References: <eb1a388b44fc3e7353007980a8017bfd.squirrel@sbt.net.au>
	<7F977326-C48A-4907-8A02-512B83B347F9@iki.fi>
Message-ID: <cc8dec47-327c-4507-9be0-67c7835fa553@email.android.com>

Timo,
 thanks

Timo Sirainen <tss at iki.fi> wrote:

>Easiest fix: remove 15-mailboxes.conf
>

This didn't seem to fix it, though, perhaps I failed to test it properly

>Alternative fix: modify this namespace to actually work. Probably
>adding inbox=yes inside it is enough to do that.

With some trepidation, I inserted the string where I thought it should go, and, bingo, it started working as expected.

I probably should removed the full path from SQL query, and put in the Conf file as docs suggest, but I might leave that for another day.

Thank you again, 
Voytek
-- 
Swyped on Motrix with K-9 Mail. 
Please excuse my brevity.

From p at state-of-mind.de  Thu Jun 21 09:32:52 2012
From: p at state-of-mind.de (Patrick Ben Koetter)
Date: Thu, 21 Jun 2012 08:32:52 +0200
Subject: [Dovecot] how to use new style namespace for INBOX
In-Reply-To: <4FE264AB.1090600@smtp.fakessh.eu>
References: <4FE264AB.1090600@smtp.fakessh.eu>
Message-ID: <20120621063252.GB2417@state-of-mind.de>

* ml <dovecot at dovecot.org>:
> dear honorable doctor timo
> 
> reading the list I saw appear a new style for the "writing of INBOX".
> namely this example
> 
> mailbox Drafts {
>       special_use = \Drafts
>     }
>     mailbox Junk {
>       special_use = \Junk
>     }
>     mailbox Sent {
>       special_use = \Sent
>     }
>     mailbox "Sent Messages" {
>       special_use = \Sent
>     }
>     mailbox Trash {
>       special_use = \Trash
>     }
>     prefix =


This 'new' type of writing defines mailboxes for SPECIAL-USE as defined in
http://tools.ietf.org/rfc/rfc6154.txt.

> I do not know how to use it can you help me now is my config

If your mail clients support it, they will automatically map their mailboxes
for Sent, Junk, Trash, Drafts etc. to whatever mailbox you have assigned the
respective $special_use option to.

If they don't nothing will change.

p at rick

-- 
state of mind ()

http://www.state-of-mind.de

Franziskanerstra?e 15      Telefon +49 89 3090 4664
81669 M?nchen              Telefax +49 89 3090 4666

Amtsgericht M?nchen        Partnerschaftsregister PR 563

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 316 bytes
Desc: Digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20120621/defaee47/attachment-0001.bin>

From kayasaman at gmail.com  Thu Jun 21 09:36:58 2012
From: kayasaman at gmail.com (Kaya Saman)
Date: Thu, 21 Jun 2012 07:36:58 +0100
Subject: [Dovecot] Dovecot not liking AD config from wiki??
Message-ID: <CAPj0R5+_KB3qm1rQcGr7iC4VbJ0N_+EqcK=+-nW-er0PS4MEhg@mail.gmail.com>

I think the issue seems to be the mechanism between Dovecot and AD, so
basically PAM.....

I adapted my pam.d file to this:

# auth
auth            sufficient      pam_krb5.so             no_warn
try_first_pass debug
#auth           sufficient      pam_ssh.so              no_warn try_first_pass
auth            required        pam_unix.so             no_warn try_first_pass

# account
#account                required        pam_nologin.so
#account                required        pam_unix.so
account                 required        pam_krb5.so


in the hope that this config would work:

userdb {
 driver = static
 args = uid=501 gid=501 home=/mail/%u
 driver = static
#  args = uid=500 gid=500 home=/ZPOOL_1/%u
#  allow_all_users=yes
}

passdb {
 driver = pam
}


However I am still having issues :-(


Regards,


Kaya

From stan at hardwarefreak.com  Thu Jun 21 10:50:02 2012
From: stan at hardwarefreak.com (Stan Hoeppner)
Date: Thu, 21 Jun 2012 02:50:02 -0500
Subject: [Dovecot] GlusterFS + Dovecot
In-Reply-To: <7f9a01cd4efc$732ac3c0$59804b40$@h-st.com>
References: <7f9a01cd4efc$732ac3c0$59804b40$@h-st.com>
Message-ID: <4FE2D22A.9050200@hardwarefreak.com>

On 6/20/2012 10:50 AM, Romer Ventura wrote:

> Has anyone used GlusterFS as storage file system for dovecot or any other
> email system?

I have not, but can tell you from experience and education that
distributed filesystems don't work well with transactional workloads
such as IMAP and SMTP.  The two reasons are high latency and problems
with file locking, as Timo mentioned.

Instead of asking if anyone here has tried to use GlusterFS, why not
describe your situation and ask for advice on a solution?  That usually
works much better, and you gain valuable insight.

-- 
Stan

From robert at schetterer.org  Thu Jun 21 10:57:43 2012
From: robert at schetterer.org (Robert Schetterer)
Date: Thu, 21 Jun 2012 09:57:43 +0200
Subject: [Dovecot] GlusterFS + Dovecot
In-Reply-To: <7f9a01cd4efc$732ac3c0$59804b40$@h-st.com>
References: <7f9a01cd4efc$732ac3c0$59804b40$@h-st.com>
Message-ID: <4FE2D3F7.5000709@schetterer.org>

Am 20.06.2012 17:50, schrieb Romer Ventura:
> Hello,
> 
>  
> 
> Has anyone used GlusterFS as storage file system for dovecot or any other
> email system..?
> 
>  
> 
> It says that it can be presented as a NFS, CIFS and as GlusterFS using the
> native client, technically using the client would allow the machine to read
> and write to it, therefore, I think that Dovecot would not care about it.
> Correct?
> 
>  
> 
> Anyone out there used this setup??
> 
>  
> 
> Thanks.
> 
> 

reading the faqs i wouldnt recommend it yet, but as Timo said
try with performance tests first

-- 
Best Regards
MfG Robert Schetterer



From amateo at um.es  Thu Jun 21 11:44:56 2012
From: amateo at um.es (Angel L. Mateo)
Date: Thu, 21 Jun 2012 10:44:56 +0200
Subject: [Dovecot] dovecot 2.1.5 performance
In-Reply-To: <1340186732.5967.71.camel@hurina>
References: <4FE19A83.8080407@um.es> <1340186732.5967.71.camel@hurina>
Message-ID: <4FE2DF08.7040400@um.es>

El 20/06/12 12:05, Timo Sirainen escribi?:
>
>> default_process_limit = 1000
>
> Since you haven't enabled high-performance mode for imap-login processes
> and haven't otherwise changed the service imap-login settings, this
> means that you can have max. 1000 simultaneous IMAP SSL/TLS connections.
>
	According to http://wiki2.dovecot.org/LoginProcess

Since one login process can handle only one connection, the service's 
process_limit setting limits the number of users that can be logging in 
at the same time (defaults to default_process_limit=100).

	I understood this as there can only be up to 100 (or 1000 in my case) 
concurrently trying to log in, but once the user logs, the imap-login 
process ends (starting corresponding imap processes) and another users 
could log in. So there could be more than 100 users connected, but up to 
100 trying to connect. Am I wrong?

	If I am wrong, why in my system there is no imap-login processes (or 
just a few) but a lot of imap?

From zimmys76 at web.de  Thu Jun 21 11:46:50 2012
From: zimmys76 at web.de (Daniel Fischer)
Date: Thu, 21 Jun 2012 10:46:50 +0200
Subject: [Dovecot] public namespace
Message-ID: <015301cd4f8a$68b0f0c0$3a12d240$@web.de>

Hello,

 

dovecot -n

# 2.0.18: /etc/dovecot/dovecot.conf

# OS: Linux 3.2.0-2-amd64 x86_64 Debian wheezy/sid

mail_gid = 5000

mail_location = maildir:~:INDEX=/var/mail/indexes/%d/%n

mail_privileged_group = vmail

mail_uid = 5000

namespace {

  hidden = no

  inbox = yes

  list = yes

  location =

  prefix =

  separator = /

  subscriptions = yes

  type = private

}

namespace {

  list = children

  location =
maildir:/var/mail/vhosts/%d/public:INDEX=/var/mail/indexes/%d/%n/public

  prefix = Public/

  separator = /

  subscriptions = no

  type = public

}

 

i?m a little bit confused but I hope I find help here.

 

The user mailboxes work perfectly
 just the public mailbox is a little bit
tricky
 I expect that all public maildirs be placed under
/var/mail/vhosts/%d/public.

 

?They are created by defining a public namespace, under which all the shared
mailboxes are?.

 

For those special users, I have set the maillocation via passwd file to

/%d/public/%n, all other users have 
/%d/%n.

So we have following folder structure

 


\public


\public\.info


\public\.lager


\public\.buchhaltung

And so on
 That?s works fine, but with subfolder start the problems. When
the info-?user? loggs on and creates a subfolder under his INBOX(called
hust2) then no other people can see this. Otherside, if a ?normal? user
creates a folder in public folder info(called hust), the info ?user? can? t
see this one.

If I look to filesystem, the reason is clear:

 

%d/public/.info# ls -la

insgesamt 32

drwx--S---+ 2 vmail vmail  6 Jun 19 11:50 cur

-rwxrwx---+ 1 vmail vmail 51 Jun 21 09:50 dovecot-uidlist

-rw-rw----+ 1 vmail vmail  8 Jun 19 11:51 dovecot-uidvalidity

-r--r-----+ 1 vmail vmail  0 Jun 19 11:50 dovecot-uidvalidity.4fe04b06

drwx--S---+ 5 vmail vmail 78 Jun 19 11:54 .INBOX.hust2

drwx--S---+ 2 vmail vmail  6 Jun 19 11:50 new

-rw-rw----+ 1 vmail vmail 18 Jun 19 11:51 subscriptions

drwx--S---+ 2 vmail vmail  6 Jun 19 11:50 tmp

drwx--S---+ 5 vmail vmail 78 Jun 21 09:51 .Trash

 

%d/public# ls -la

insgesamt 16

-rw-rw----+ 1 vmail vmail    8 Jun 19 11:51 dovecot-uidvalidity

-r--r-----+ 1 vmail vmail    0 Jun 19 11:51 dovecot-uidvalidity.4fe04b36

drwx--S---+ 7 vmail vmail 4096 Jun 21 09:50 .info

drwx--S---+ 5 vmail vmail   78 Jun 21 09:51 .info.hust

 

A look to the info mailbox makes it clear:

info at BLABLA

                \INBOX

                                \hust2
>create by info user in his mailbox

                \Trash

                \Public

                               \info
>his own public share

                                               \hust
>create by other user in public folder

 

What I need is:

%d/public/lager/cur

%d/public/lager/new

%d/public/lager/tmp

%d/public/lager/.foo

%d/public/lager/.foo.bar

%d/public/ info /cur

%d/public/ info /new

%d/public/ info /tmp

%d/public/info/.hust

%d/public/info/.hust.deeperhust

%d/public/info/.hust2

All public maildirs under 
/%d/public/%n

 

Must I create a namespace for all public maildirs?:

 

namespace {


  

location = maildir:/var/mail/vhosts/%d/public/info

}

 

namespace {


 

 location = maildir:/var/mail/vhosts/%d/public/lager

}

 

I can? t figure out on my own, please give me an explanation.

 

Thanks for soon comment.

 

Daniel


From tss at iki.fi  Thu Jun 21 12:53:59 2012
From: tss at iki.fi (Timo Sirainen)
Date: Thu, 21 Jun 2012 12:53:59 +0300
Subject: [Dovecot] dovecot 2.1.5 performance
In-Reply-To: <4FE2DF08.7040400@um.es>
References: <4FE19A83.8080407@um.es> <1340186732.5967.71.camel@hurina>
	<4FE2DF08.7040400@um.es>
Message-ID: <38362A8F-90FE-4C7F-BFF9-9AA80DFDD4C2@iki.fi>

On 21.6.2012, at 11.44, Angel L. Mateo wrote:

> El 20/06/12 12:05, Timo Sirainen escribi?:
>> 
>>> default_process_limit = 1000
>> 
>> Since you haven't enabled high-performance mode for imap-login processes
>> and haven't otherwise changed the service imap-login settings, this
>> means that you can have max. 1000 simultaneous IMAP SSL/TLS connections.
>> 
> 	According to http://wiki2.dovecot.org/LoginProcess
> 
> Since one login process can handle only one connection, the service's process_limit setting limits the number of users that can be logging in at the same time (defaults to default_process_limit=100).
> 
> 	I understood this as there can only be up to 100 (or 1000 in my case) concurrently trying to log in, but once the user logs, the imap-login process ends (starting corresponding imap processes) and another users could log in. So there could be more than 100 users connected, but up to 100 trying to connect. Am I wrong?
> 
> 	If I am wrong, why in my system there is no imap-login processes (or just a few) but a lot of imap?


Look at the next sentence also: SSL/TLS proxying processes are also counted here, so if you're using SSL/TLS you'll need to make sure this count is higher than the maximum number of users that can be logged in simultaneously.

I guess you don't have many SSL/TLS connections.

From amateo at um.es  Thu Jun 21 13:01:10 2012
From: amateo at um.es (Angel L. Mateo)
Date: Thu, 21 Jun 2012 12:01:10 +0200
Subject: [Dovecot] dovecot 2.1.5 performance
In-Reply-To: <38362A8F-90FE-4C7F-BFF9-9AA80DFDD4C2@iki.fi>
References: <4FE19A83.8080407@um.es> <1340186732.5967.71.camel@hurina>
	<4FE2DF08.7040400@um.es>
	<38362A8F-90FE-4C7F-BFF9-9AA80DFDD4C2@iki.fi>
Message-ID: <4FE2F0E6.1020406@um.es>

El 21/06/12 11:53, Timo Sirainen escribi?:
>
> Look at the next sentence also: SSL/TLS proxying processes are also counted here, so if you're using SSL/TLS you'll need to make sure this count is higher than the maximum number of users that can be logged in simultaneously.
>
> I guess you don't have many SSL/TLS connections.

	I'm not using SSL/TLS (it is done by a ssl accelerator, so connections 
to backend is plain)

From CMarcus at Media-Brokers.com  Thu Jun 21 14:12:43 2012
From: CMarcus at Media-Brokers.com (Charles Marcus)
Date: Thu, 21 Jun 2012 07:12:43 -0400
Subject: [Dovecot] how to use new style namespace for INBOX
In-Reply-To: <20120621063252.GB2417@state-of-mind.de>
References: <4FE264AB.1090600@smtp.fakessh.eu>
	<20120621063252.GB2417@state-of-mind.de>
Message-ID: <4FE301AB.3070403@Media-Brokers.com>

On 2012-06-21 2:32 AM, Patrick Ben Koetter <p at state-of-mind.de> wrote:
> This 'new' type of writing defines mailboxes for SPECIAL-USE as
> defined in http://tools.ietf.org/rfc/rfc6154.txt.
>
> If your mail clients support it, they will automatically map their
> mailboxes for Sent, Junk, Trash, Drafts etc. to whatever mailbox you
> have assigned the respective $special_use option to.
>
> If they don't nothing will change.

Out of curiosity, do you (or does anyone else) know of a list of clients 
that do (or don't) support this (what I consider to be most *excellent*) 
feature?

Specifically, what about the most problematic clients I know of - 
Outlook and Apple Mail?

Maybe the wiki could be updated with this info, and us users could keep 
it up to date as time goes on?

-- 

Best regards,

Charles

From tompru at jla.rutgers.edu  Thu Jun 21 17:48:29 2012
From: tompru at jla.rutgers.edu (Tom Pawlowski)
Date: Thu, 21 Jun 2012 10:48:29 -0400
Subject: [Dovecot] doveadm proxy kick in director setups
Message-ID: <20120621144829.GA8792@hawkeye.rutgers.edu>

Something I noticed on a 2.1.7 director test cluster (two directors,
three backends): 'doveadm proxy kick user' will kick all connections
for that user on that director only. Any additional connections on other
directors will remain active unless the command is run on all directors.

Are the proxy and director sub-commands intended to be separate and
distinct in their operation? If so, then this makes sense, as a proxy
isn't necessarily a director.

Are there any plans for a proxy kick equivalent that would work
across directors? 

-- 
 Tom Pawlowski
 OIT-CSS System Administrator           office: Hill 145
 email: tompru at jla.rutgers.edu          phone:  (732) 445-2634

From emailbuilder88 at yahoo.com  Thu Jun 21 21:05:24 2012
From: emailbuilder88 at yahoo.com (email builder)
Date: Thu, 21 Jun 2012 11:05:24 -0700 (PDT)
Subject: [Dovecot] Dovecot performance under high load (vs. Courier)
Message-ID: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com>

Hi,

We are building a new system that will support a large number of users (high volume, high concurrent usage, etc).? We have played with Dovecot, but in most serious applications we have traditionally used Courier IMAP.? It's my (lay) understanding that with indexing and perhaps other things in Dovecot, it might perform better than Courier in larger environments like this.? Am I correct or is it less clear-cut?

Any tips on making the migration (not migrating an existing system, I mean migrating our paradigm - things to consider, things to watch out for)?

TIA


From tss at iki.fi  Thu Jun 21 21:13:21 2012
From: tss at iki.fi (Timo Sirainen)
Date: Thu, 21 Jun 2012 21:13:21 +0300
Subject: [Dovecot] Dovecot performance under high load (vs. Courier)
In-Reply-To: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com>
References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com>
Message-ID: <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi>

On 21.6.2012, at 21.05, email builder wrote:

> We are building a new system that will support a large number of users (high volume, high concurrent usage, etc).  We have played with Dovecot, but in most serious applications we have traditionally used Courier IMAP.  It's my (lay) understanding that with indexing and perhaps other things in Dovecot, it might perform better than Courier in larger environments like this.  Am I correct or is it less clear-cut?

If you disable index index files in Dovecot, its performance should be slightly better than Courier. With index files the performance is typically much better in Dovecot, especially if you use a (non-caching) webmail.

> Any tips on making the migration (not migrating an existing system, I mean migrating our paradigm - things to consider, things to watch out for)?

If you don't migrate any existing users, I guess this doesn't differ much from any other optimized Dovecot installation. Usually large installations (>1M users) use NetApp NFS + Dovecot director. You might also want to enable full text searches. http://wiki2.dovecot.org/PerformanceTuning lists some other things.


From emailbuilder88 at yahoo.com  Thu Jun 21 21:32:46 2012
From: emailbuilder88 at yahoo.com (email builder)
Date: Thu, 21 Jun 2012 11:32:46 -0700 (PDT)
Subject: [Dovecot] Manual manipulation of Sieve files
Message-ID: <1340303566.38480.YahooMailNeo@web39306.mail.mud.yahoo.com>

We have some scripts that take care of some tasks when creating new email accounts, such as creating some default mail filter rules.

I know Sieve scripts are plain text files, but need to be compiled for use.? I see that you can use seivec to compile scripts manually, which can help me create .dovecot.svbin which can be placed where needed and permissioned correctly.? But a couple questions:

* Sieve has the concept of an active script - is this merely whatever is compiled into the .dovecot.svbin file?


* Does dovecot (managesieve) do any other housekeeping when a user sieve script is installed and set as the active script?? I would need to replicate this manually.

* If the default script is always the same (sorry, for us, the solution isn't global scripts), would it work to compile that script once, keep the compiled version somewhere and merely copy it into the correct place for a new user?? Are there issues with this?

* Should we always have the plain text version along with the compiled one for proper managesieve operation going forward (users can edit their sieve scripts)

Thank you


From emailbuilder88 at yahoo.com  Thu Jun 21 23:05:25 2012
From: emailbuilder88 at yahoo.com (email builder)
Date: Thu, 21 Jun 2012 13:05:25 -0700 (PDT)
Subject: [Dovecot] Dovecot performance under high load (vs. Courier)
In-Reply-To: <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi>
References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com>
	<5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi>
Message-ID: <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com>

Thank you very much for the fast reply.

>>  We are building a new system that will support a large number of users 

>> (high volume, high concurrent usage, etc).? We have played with Dovecot, but in 
>> most serious applications we have traditionally used Courier IMAP.? It's my 
>> (lay) understanding that with indexing and perhaps other things in Dovecot, it 
>> might perform better than Courier in larger environments like this.? Am I 
>> correct or is it less clear-cut?
> 
> If you disable index index files in Dovecot, its performance should be slightly 
> better than Courier. With index files the performance is typically much better 
> in Dovecot, especially if you use a (non-caching) webmail.

Interesting.? What would be the motivations for disabling indexing?
Indexing is by default enabled?

Do you know what webmails are caching vs. non-caching?? 

Am I correct that what you're pointing out is that with non-caching
webmails you will notice IMAP performance differences more readily
but that a caching webmail application might be better no matter
which IMAP server because it reduces the need for webmail to make
IMAP connections?

>>  Any tips on making the migration (not migrating an existing system, I mean 
>> migrating our paradigm - things to consider, things to watch out for)?
> 
> If you don't migrate any existing users, I guess this doesn't differ 
> much from any other optimized Dovecot installation. Usually large installations 
> (>1M users) use NetApp NFS + Dovecot director. You might also want to enable 
> full text searches. http://wiki2.dovecot.org/PerformanceTuning lists some other 
> things.

Ah, I didn't know about Director.? That looks very nice.? I had in mind that
we would have to use Perdition, but an integrated solution might be good.

Anyone have any thoughts or opinions considering Perdition vs. Director?

Full text searches don't hurt performance too bad?

Thanks for the other links, I will certainly go read up on them.


From tss at iki.fi  Thu Jun 21 23:22:44 2012
From: tss at iki.fi (Timo Sirainen)
Date: Thu, 21 Jun 2012 23:22:44 +0300
Subject: [Dovecot] Dovecot performance under high load (vs. Courier)
In-Reply-To: <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com>
References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com>
	<5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi>
	<1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com>
Message-ID: <1340310164.5967.86.camel@hurina>

On Thu, 2012-06-21 at 13:05 -0700, email builder wrote:
> Thank you very much for the fast reply.
> 
> >>  We are building a new system that will support a large number of users 
> 
> >> (high volume, high concurrent usage, etc).  We have played with Dovecot, but in 
> >> most serious applications we have traditionally used Courier IMAP.  It's my 
> >> (lay) understanding that with indexing and perhaps other things in Dovecot, it 
> >> might perform better than Courier in larger environments like this.  Am I 
> >> correct or is it less clear-cut?
> > 
> > If you disable index index files in Dovecot, its performance should be slightly 
> > better than Courier. With index files the performance is typically much better 
> > in Dovecot, especially if you use a (non-caching) webmail.
> 
> Interesting.  What would be the motivations for disabling indexing?
> Indexing is by default enabled?

Yes, enabled by default. There aren't many good reasons for disabling
indexing.

> Do you know what webmails are caching vs. non-caching?  

Nearly all of them are non-caching. (I don't know of any caching ones.)

> Am I correct that what you're pointing out is that with non-caching
> webmails you will notice IMAP performance differences more readily
> but that a caching webmail application might be better no matter
> which IMAP server because it reduces the need for webmail to make
> IMAP connections?

It's not about the IMAP connections themselves, but how often they fetch
message (meta)data. http://www.imapwiki.org/Benchmarking should explain
this better. Dovecot's indexing can lower the disk I/O usage perhaps by
10x compared to Courier.

> >>  Any tips on making the migration (not migrating an existing system, I mean 
> >> migrating our paradigm - things to consider, things to watch out for)?
> > 
> > If you don't migrate any existing users, I guess this doesn't differ 
> > much from any other optimized Dovecot installation. Usually large installations 
> > (>1M users) use NetApp NFS + Dovecot director. You might also want to enable 
> > full text searches. http://wiki2.dovecot.org/PerformanceTuning lists some other 
> > things.
> 
> Ah, I didn't know about Director.  That looks very nice.  I had in mind that
> we would have to use Perdition, but an integrated solution might be good.
> 
> Anyone have any thoughts or opinions considering Perdition vs. Director?

Dovecot proxy has several Dovecot-specific features that make it work
better than perdition (forwards client IP address to backend, handle
CAPABILITY stuff better, maybe other things).

> Full text searches don't hurt performance too bad?

They should improve the performance, at least from the user's point of
view when doing a search on webmail. But yes, the indexing itself does
cost CPU cycles, disk I/O and disk usage (perhaps 30% more disk space).


From h.reindl at thelounge.net  Thu Jun 21 23:34:15 2012
From: h.reindl at thelounge.net (Reindl Harald)
Date: Thu, 21 Jun 2012 22:34:15 +0200
Subject: [Dovecot] Dovecot performance under high load (vs. Courier)
In-Reply-To: <1340310164.5967.86.camel@hurina>
References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com>
	<5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi>
	<1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com>
	<1340310164.5967.86.camel@hurina>
Message-ID: <4FE38547.4060407@thelounge.net>



Am 21.06.2012 22:22, schrieb Timo Sirainen:
>> Do you know what webmails are caching vs. non-caching?  
> 
> Nearly all of them are non-caching. (I don't know of any caching ones.)

roundcube can if configured

additionally you should install imapproxy on the webserver
wehre your webmail is running and configure the webmail for
using 127.0.0.1 - so only one connection per user is
persistent instead make a new one for each ajax-request

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 262 bytes
Desc: OpenPGP digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20120621/600d08f0/attachment.bin>

From lists at necoro.eu  Thu Jun 21 23:37:55 2012
From: lists at necoro.eu (=?UTF-8?B?UmVuw6kgTmV1bWFubg==?=)
Date: Thu, 21 Jun 2012 22:37:55 +0200
Subject: [Dovecot] Dovecot performance under high load (vs. Courier)
In-Reply-To: <1340310164.5967.86.camel@hurina>
References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com>
	<5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi>
	<1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com>
	<1340310164.5967.86.camel@hurina>
Message-ID: <4FE38623.5050303@necoro.eu>

Am 21.06.2012 22:22, schrieb Timo Sirainen:
> On Thu, 2012-06-21 at 13:05 -0700, email builder wrote: 
>> Do you know what webmails are caching vs. non-caching?  
> 
> Nearly all of them are non-caching. (I don't know of any caching ones.)

At least roundcube (v0.7.1 here) has some caching options:

------------------[excerpt from roundcubes main.inc.php]-------------
// Type of IMAP indexes cache. Supported values: 'db', 'apc' and 'memcache'.
$rcmail_config['imap_cache'] = null;

// Enables messages cache. Only 'db' cache is supported.
$rcmail_config['messages_cache'] = false;
-------------------------[end]----------------------------------------

But I don't know, whether this is the sort of caching you are referring to.

- Ren?

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 262 bytes
Desc: OpenPGP digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20120621/bcdbf25b/attachment.bin>

From bdh at machinehum.com  Thu Jun 21 23:37:52 2012
From: bdh at machinehum.com (Brian Hayden)
Date: Thu, 21 Jun 2012 15:37:52 -0500
Subject: [Dovecot] Dovecot performance under high load (vs. Courier)
In-Reply-To: <1340310164.5967.86.camel@hurina>
References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com>
	<5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi>
	<1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com>
	<1340310164.5967.86.camel@hurina>
Message-ID: <ED84C50F-E9EA-490C-B468-DAAD808DC7C2@machinehum.com>


On Jun 21, 2012, at 3:22 PM, Timo Sirainen wrote:

> On Thu, 2012-06-21 at 13:05 -0700, email builder wrote:
>> Thank you very much for the fast reply.
>> 
>>>> We are building a new system that will support a large number of users 
>> 
>>>> (high volume, high concurrent usage, etc).  We have played with Dovecot, but in 
>>>> most serious applications we have traditionally used Courier IMAP.  It's my 
>>>> (lay) understanding that with indexing and perhaps other things in Dovecot, it 
>>>> might perform better than Courier in larger environments like this.  Am I 
>>>> correct or is it less clear-cut?
>>> 
>>> If you disable index index files in Dovecot, its performance should be slightly 
>>> better than Courier. With index files the performance is typically much better 
>>> in Dovecot, especially if you use a (non-caching) webmail.
>> 
>> Interesting.  What would be the motivations for disabling indexing?
>> Indexing is by default enabled?
> 
> Yes, enabled by default. There aren't many good reasons for disabling
> indexing.
> 
>> Do you know what webmails are caching vs. non-caching?  
> 
> Nearly all of them are non-caching. (I don't know of any caching ones.)

Prayer, from University of Cambridge, or Chickadee, a fork of it. It's essentially a proper IMAP client in C that runs on a server, and uses HTTPS (via an embedded server, no external dependency on apache or etc.) to the end user just to deliver the display. 

When I was on the email project for the University of Minnesota, I modified it heavily for interface and to add some features that admins are used to having in systems where apache is involved (virtual hosts, things like that). I have it available (GPL) as a vanilla, de-branded package--Chickadee. Website is currently offline as I've been switching hosts, anyone who's interested can feel free to drop me a line.

-Brian 

From tss at iki.fi  Thu Jun 21 23:44:33 2012
From: tss at iki.fi (Timo Sirainen)
Date: Thu, 21 Jun 2012 23:44:33 +0300
Subject: [Dovecot] Dovecot performance under high load (vs. Courier)
In-Reply-To: <4FE38547.4060407@thelounge.net>
References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com>
	<5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi>
	<1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com>
	<1340310164.5967.86.camel@hurina> <4FE38547.4060407@thelounge.net>
Message-ID: <8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi>

On 21.6.2012, at 23.34, Reindl Harald wrote:

> Am 21.06.2012 22:22, schrieb Timo Sirainen:
>>> Do you know what webmails are caching vs. non-caching?  
>> 
>> Nearly all of them are non-caching. (I don't know of any caching ones.)
> 
> roundcube can if configured
> 
> additionally you should install imapproxy on the webserver
> wehre your webmail is running and configure the webmail for
> using 127.0.0.1 - so only one connection per user is
> persistent instead make a new one for each ajax-request

Someone benchmarked Dovecot a while ago in this list with and without imapproxy and the results showed that imapproxy simply slowed things down by adding extra latency. This probably isn't true for all installations, but I don't think there's much of a difference either way.


From h.reindl at thelounge.net  Thu Jun 21 23:48:03 2012
From: h.reindl at thelounge.net (Reindl Harald)
Date: Thu, 21 Jun 2012 22:48:03 +0200
Subject: [Dovecot] Dovecot performance under high load (vs. Courier)
In-Reply-To: <8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi>
References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com>
	<5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi>
	<1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com>
	<1340310164.5967.86.camel@hurina> <4FE38547.4060407@thelounge.net>
	<8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi>
Message-ID: <4FE38883.8000808@thelounge.net>



Am 21.06.2012 22:44, schrieb Timo Sirainen:
> On 21.6.2012, at 23.34, Reindl Harald wrote:
> 
>> Am 21.06.2012 22:22, schrieb Timo Sirainen:
>>>> Do you know what webmails are caching vs. non-caching?  
>>>
>>> Nearly all of them are non-caching. (I don't know of any caching ones.)
>>
>> roundcube can if configured
>>
>> additionally you should install imapproxy on the webserver
>> wehre your webmail is running and configure the webmail for
>> using 127.0.0.1 - so only one connection per user is
>> persistent instead make a new one for each ajax-request
> 
> Someone benchmarked Dovecot a while ago in this list with and without imapproxy and the results showed that imapproxy simply slowed things down by adding extra latency. This probably isn't true for all installations, but I don't think there's much of a difference either way.

depends on network-latency, parallel users and last but
not least count of folders - if you have 30 folders and
roundcube refreshs every 20 seconds it will make in the
worst case 180 connections for one user per minute

maybe a bechmark with high load shows other values

but felt performance in our setup is much better with
imapproxy in front - roundcube feels like a desktop client

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 262 bytes
Desc: OpenPGP digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20120621/c07946c9/attachment.bin>

From tss at iki.fi  Thu Jun 21 23:52:22 2012
From: tss at iki.fi (Timo Sirainen)
Date: Thu, 21 Jun 2012 23:52:22 +0300
Subject: [Dovecot] Dovecot performance under high load (vs. Courier)
In-Reply-To: <4FE38883.8000808@thelounge.net>
References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com>
	<5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi>
	<1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com>
	<1340310164.5967.86.camel@hurina> <4FE38547.4060407@thelounge.net>
	<8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi>
	<4FE38883.8000808@thelounge.net>
Message-ID: <2ABE733D-E478-4B40-93FB-8F1CDAB72193@iki.fi>

On 21.6.2012, at 23.48, Reindl Harald wrote:

>> Someone benchmarked Dovecot a while ago in this list with and without imapproxy and the results showed that imapproxy simply slowed things down by adding extra latency. This probably isn't true for all installations, but I don't think there's much of a difference either way.
> 
> depends on network-latency, parallel users and last but
> not least count of folders - if you have 30 folders and
> roundcube refreshs every 20 seconds it will make in the
> worst case 180 connections for one user per minute

Really? Doesn't it simply connect once every 20 seconds and send 30 STATUS requests in one connection?


From h.reindl at thelounge.net  Thu Jun 21 23:54:23 2012
From: h.reindl at thelounge.net (Reindl Harald)
Date: Thu, 21 Jun 2012 22:54:23 +0200
Subject: [Dovecot] Dovecot performance under high load (vs. Courier)
In-Reply-To: <2ABE733D-E478-4B40-93FB-8F1CDAB72193@iki.fi>
References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com>
	<5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi>
	<1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com>
	<1340310164.5967.86.camel@hurina> <4FE38547.4060407@thelounge.net>
	<8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi>
	<4FE38883.8000808@thelounge.net>
	<2ABE733D-E478-4B40-93FB-8F1CDAB72193@iki.fi>
Message-ID: <4FE389FF.2080106@thelounge.net>



Am 21.06.2012 22:52, schrieb Timo Sirainen:
> On 21.6.2012, at 23.48, Reindl Harald wrote:
> 
>>> Someone benchmarked Dovecot a while ago in this list with and without imapproxy and the results showed that imapproxy simply slowed things down by adding extra latency. This probably isn't true for all installations, but I don't think there's much of a difference either way.
>>
>> depends on network-latency, parallel users and last but
>> not least count of folders - if you have 30 folders and
>> roundcube refreshs every 20 seconds it will make in the
>> worst case 180 connections for one user per minute
> 
> Really? Doesn't it simply connect once every 20 seconds and send 30 STATUS requests in one connection?

not 100% sure

i simply tried it with proxy, was happy that it feels faster
and last but not least i have lesser entries in maillog which
goes to a central mysql-server for self-developed web-interfaces

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 262 bytes
Desc: OpenPGP digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20120621/dc469534/attachment.bin>

From tss at iki.fi  Thu Jun 21 23:57:18 2012
From: tss at iki.fi (Timo Sirainen)
Date: Thu, 21 Jun 2012 23:57:18 +0300
Subject: [Dovecot] Dovecot performance under high load (vs. Courier)
In-Reply-To: <4FE38883.8000808@thelounge.net>
References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com>
	<5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi>
	<1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com>
	<1340310164.5967.86.camel@hurina> <4FE38547.4060407@thelounge.net>
	<8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi>
	<4FE38883.8000808@thelounge.net>
Message-ID: <03B002D3-5C2D-49CB-A94E-C0F2CC086746@iki.fi>

On 21.6.2012, at 23.48, Reindl Harald wrote:

>> Someone benchmarked Dovecot a while ago in this list with and without imapproxy and the results showed that imapproxy simply slowed things down by adding extra latency. This probably isn't true for all installations, but I don't think there's much of a difference either way.
> 
> depends on network-latency, parallel users and last but
> not least count of folders - if you have 30 folders and
> roundcube refreshs every 20 seconds it will make in the
> worst case 180 connections for one user per minute
> 
> maybe a bechmark with high load shows other values
> 
> but felt performance in our setup is much better with
> imapproxy in front - roundcube feels like a desktop client

Oh, and of course it also depends on Dovecot configuration :) Authentication cache is needed and login processes must be in high performance mode. There is still the extra work of forking a new imap process (could also be avoided with yet another config option) and some other extra CPU usage, but those shouldn't cause much of a difference.

The extra network latency during login is a good point though.


From slusarz at curecanti.org  Fri Jun 22 00:07:52 2012
From: slusarz at curecanti.org (Michael M Slusarz)
Date: Thu, 21 Jun 2012 15:07:52 -0600
Subject: [Dovecot] Dovecot performance under high load (vs. Courier)
In-Reply-To: <1340310164.5967.86.camel@hurina>
References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com>
	<5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi>
	<1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com>
	<1340310164.5967.86.camel@hurina>
Message-ID: <20120621150752.Horde.Mln7K4F5lbhP440ot73xbcA@bigworm.curecanti.org>

Quoting Timo Sirainen <tss at iki.fi>:

> On Thu, 2012-06-21 at 13:05 -0700, email builder wrote:
>> Do you know what webmails are caching vs. non-caching?
>
> Nearly all of them are non-caching. (I don't know of any caching ones.)

IMP is caching (message/mailbox/folder listing), with full  
QRESYNC/CONDSTORE support.

michael


From lists at wildgooses.com  Fri Jun 22 00:48:31 2012
From: lists at wildgooses.com (Ed W)
Date: Thu, 21 Jun 2012 22:48:31 +0100
Subject: [Dovecot] Dovecot performance under high load (vs. Courier)
In-Reply-To: <4FE389FF.2080106@thelounge.net>
References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com>
	<5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi>
	<1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com>
	<1340310164.5967.86.camel@hurina> <4FE38547.4060407@thelounge.net>
	<8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi>
	<4FE38883.8000808@thelounge.net>
	<2ABE733D-E478-4B40-93FB-8F1CDAB72193@iki.fi>
	<4FE389FF.2080106@thelounge.net>
Message-ID: <4FE396AF.4070309@wildgooses.com>

On 21/06/2012 21:54, Reindl Harald wrote:
> and last but not least i have lesser entries in maillog which
> goes to a central mysql-server for self-developed web-interfaces

I recently added imapproxy to my Roundcube installation.  Benchmarks 
showed a very slight slowdown, but as you point out it reduced the login 
count from dovecot and I use a login script to kind of report last login 
/ length of session and this tallies better with an imap desktop user now

I think the conclusion is that imapproxy is not necessary.  There are 
some advantages (eg with high network latency between web and imap 
server, and reducing apparent login count), and some disadvantages 
(extra complexity, slowdown)

On average I think few users should use it.. Or at least benchmark and 
add it reluctantly...

Ed

From lists at wildgooses.com  Fri Jun 22 00:55:04 2012
From: lists at wildgooses.com (Ed W)
Date: Thu, 21 Jun 2012 22:55:04 +0100
Subject: [Dovecot] Dovecot performance under high load (vs. Courier)
In-Reply-To: <4FE38623.5050303@necoro.eu>
References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com>
	<5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi>
	<1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com>
	<1340310164.5967.86.camel@hurina> <4FE38623.5050303@necoro.eu>
Message-ID: <4FE39838.1030508@wildgooses.com>

On 21/06/2012 21:37, Ren? Neumann wrote:
> Am 21.06.2012 22:22, schrieb Timo Sirainen:
>> On Thu, 2012-06-21 at 13:05 -0700, email builder wrote:
>>> Do you know what webmails are caching vs. non-caching?
>> Nearly all of them are non-caching. (I don't know of any caching ones.)
> At least roundcube (v0.7.1 here) has some caching options:
>
> ------------------[excerpt from roundcubes main.inc.php]-------------
> // Type of IMAP indexes cache. Supported values: 'db', 'apc' and 'memcache'.
> $rcmail_config['imap_cache'] = null;
>
> // Enables messages cache. Only 'db' cache is supported.
> $rcmail_config['messages_cache'] = false;
> -------------------------[end]----------------------------------------
>
> But I don't know, whether this is the sort of caching you are referring to.
>
> - Ren?

It is caching, but unless your mysql / memcache server is lower latency 
than your dovecot server, then the caching does very little.

I tested it very briefly and it added a lot of latency to my results 
when adding a mysql cache.  However, my setup has the 
mysql/dovecot/roundcube all on the same machine, so latency is minimal.

Roughly I found that the amount of caching is absolutely massive, eg 
roughly subject headers, message ids and more for every message in every 
folder.  This meant multiple seconds of latency on first login and then 
slight additional latency on every folder view.  I guess this might 
breakeven in the situation of a roundcube installation in an office and 
dovecot on the far end of an ADSL line with 60-100ms+ of latency and 
bandwidth constraints, but it's really, really hard to see it's sensible 
for two machines in the same datacenter with an uncontended network 
connection between them

This isn't to say that the caching isn't sensible for use with other 
mail servers, but I don't see it offers any benefit for most Dovecot 
installations?

However, very clever and full featured webmail client!

Ed W

P.S.  Sogo has a kind of caching in that it has a clientside javascript 
cache.  Not what was meant, but for all practical purposes much more 
useful...


From slusarz at curecanti.org  Fri Jun 22 00:58:01 2012
From: slusarz at curecanti.org (Michael M Slusarz)
Date: Thu, 21 Jun 2012 15:58:01 -0600
Subject: [Dovecot] Dovecot performance under high load (vs. Courier)
In-Reply-To: <4FE396AF.4070309@wildgooses.com>
References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com>
	<5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi>
	<1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com>
	<1340310164.5967.86.camel@hurina> <4FE38547.4060407@thelounge.net>
	<8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi>
	<4FE38883.8000808@thelounge.net>
	<2ABE733D-E478-4B40-93FB-8F1CDAB72193@iki.fi>
	<4FE389FF.2080106@thelounge.net> <4FE396AF.4070309@wildgooses.com>
Message-ID: <20120621155801.Horde.YXauVYF5lbhP45jpl_ezE_A@bigworm.curecanti.org>

Quoting Ed W <lists at wildgooses.com>:

> I think the conclusion is that imapproxy is not necessary.  There  
> are some advantages (eg with high network latency between web and  
> imap server, and reducing apparent login count), and some  
> disadvantages (extra complexity, slowdown)

Not entirely true.  See this thread:

http://markmail.org/thread/z7ctwle2go6zafas

Thread in short: imapproxy provides benefits for more MUAs that take  
advantage of the XIMAPPROXY feature (only IMP, AFAIK), and Timo is/was  
considering adding a similar state saving feature to Dovecot 2.2.

michael


From tss at iki.fi  Fri Jun 22 01:12:04 2012
From: tss at iki.fi (Timo Sirainen)
Date: Fri, 22 Jun 2012 01:12:04 +0300
Subject: [Dovecot] Dovecot performance under high load (vs. Courier)
In-Reply-To: <20120621155801.Horde.YXauVYF5lbhP45jpl_ezE_A@bigworm.curecanti.org>
References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com>
	<5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi>
	<1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com>
	<1340310164.5967.86.camel@hurina> <4FE38547.4060407@thelounge.net>
	<8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi>
	<4FE38883.8000808@thelounge.net>
	<2ABE733D-E478-4B40-93FB-8F1CDAB72193@iki.fi>
	<4FE389FF.2080106@thelounge.net> <4FE396AF.4070309@wildgooses.com>
	<20120621155801.Horde.YXauVYF5lbhP45jpl_ezE_A@bigworm.curecanti.org>
Message-ID: <AA1B8914-CE6F-4EE3-972D-9F751C13D019@iki.fi>

On 22.6.2012, at 0.58, Michael M Slusarz wrote:

>> I think the conclusion is that imapproxy is not necessary.  There are some advantages (eg with high network latency between web and imap server, and reducing apparent login count), and some disadvantages (extra complexity, slowdown)
> 
> Not entirely true.  See this thread:
> 
> http://markmail.org/thread/z7ctwle2go6zafas
> 
> Thread in short: imapproxy provides benefits for more MUAs that take advantage of the XIMAPPROXY feature (only IMP, AFAIK), and Timo is/was considering adding a similar state saving feature to Dovecot 2.2.

Well, I had completely forgotten about it :) Reading my old mail:

> There isn't a whole lot of state to be saved really. Mailbox GUID, UIDVALIDITY,
> HIGHESTMODSEQ gives the mailbox state. Then you have the language/etc. states.
> Clients could restore their earlier state from days ago, as long as Dovecot
> still has the necessary .log records available (similar to how QRESYNC works).

Yeah .. Perhaps something like:

1. if client issues LOGOUT XSTATE

2. And server sees that it can actually save all of the state (some things are a bit tricky, and probably not worth the trouble in initial implementation)

3. Then the server server sends
* OK XSTATE <string>
* BYE 

4. The client can pipeline after LOGIN/AUTHENTICATE:
a XSTATERESTORE <string>
a OK Yeah!
or
a NO Not gonna work.

Perhaps even a real RFC for this thing? .. If it's worth it.. Would save at least a few X bytes from network traffic :)

From yggdrasil at gmx.co.uk  Fri Jun 22 02:28:10 2012
From: yggdrasil at gmx.co.uk (Johnny)
Date: Fri, 22 Jun 2012 00:28:10 +0100
Subject: [Dovecot] Dovecot LDA, Offlineimap and Sieve
Message-ID: <87y5ng1bzp.fsf@gmx.co.uk>

Hi,

I am trying to st up Offlineimap to use Dovecots LDA to be able to use
Sieve for mail filtering, but am not sure how to get this working. I
think the right way would be to use 'preauthtunnel' in .offlineimaprc
and try the setup below, which doesn't work.

,----.offlineimaprc
| [Repository LocalRepository]
| type = IMAP
| preauthtunnel = ssh -q localhost '/usr/libexec/dovecot/deliver -d myloginid'
`----

If I go via the network card, the snch is fine, but Sieve can't be used?
,----
| [Repository LocalRepository]
| type = IMAP
| preauthtunnel = MAIL=maildir:$HOME/Maildir/myMailDir /usr/libexec/dovecot/deliver -d mylogonid
| remotehost = localhost
| port = 143
| remoteuser = mylogonid
| remotepass = mypassword
`----

Has anyone got any tips on how to get offlineimap to send mail to
Dovecot in a way that Siev3e can be used?

thanks!

-- 
Johnny

From a.kostyrev at serverc.ru  Fri Jun 22 05:27:38 2012
From: a.kostyrev at serverc.ru (=?koi8-r?B?68/T1NnSxdcg4czFy9PBzsTSIOHMxcvTxcXXyd4=?=)
Date: Fri, 22 Jun 2012 13:27:38 +1100
Subject: [Dovecot] GlusterFS + Dovecot
In-Reply-To: <7f9a01cd4efc$732ac3c0$59804b40$@h-st.com>
References: <7f9a01cd4efc$732ac3c0$59804b40$@h-st.com>
Message-ID: <213B51F00051AE48A9F0E112880177178F7A43@Delta.sc.local>

We've considered using gluster for our mail storage a month ago.
I've seen 
 index corruption even if mail was delivered by lmtp sequentially
 some split-brains with no clear reason
 with more than 2000 mails in box we had to wait for 40sec to open mailbox through roundcube, so
we've decided to go for dsync replication instead with
common mysql database for user storage and imap/pop3/lmtp proxy.




-----Original Message-----
From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On Behalf Of Romer Ventura
Sent: Thursday, June 21, 2012 2:51 AM
To: dovecot at dovecot.org
Subject: [Dovecot] GlusterFS + Dovecot

Hello,

 

Has anyone used GlusterFS as storage file system for dovecot or any other
email system..?

 

It says that it can be presented as a NFS, CIFS and as GlusterFS using the
native client, technically using the client would allow the machine to read
and write to it, therefore, I think that Dovecot would not care about it.
Correct?

 

Anyone out there used this setup??

 

Thanks.


From emailbuilder88 at yahoo.com  Fri Jun 22 05:28:50 2012
From: emailbuilder88 at yahoo.com (email builder)
Date: Thu, 21 Jun 2012 19:28:50 -0700 (PDT)
Subject: [Dovecot] Dovecot performance under high load (vs. Courier)
In-Reply-To: <03B002D3-5C2D-49CB-A94E-C0F2CC086746@iki.fi>
References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com>
	<5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi>
	<1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com>
	<1340310164.5967.86.camel@hurina> <4FE38547.4060407@thelounge.net>
	<8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi>
	<4FE38883.8000808@thelounge.net>
	<03B002D3-5C2D-49CB-A94E-C0F2CC086746@iki.fi>
Message-ID: <1340332130.74182.YahooMailNeo@web39301.mail.mud.yahoo.com>

> Oh, and of course it also depends on Dovecot configuration :) Authentication 
> cache is needed and login processes must be in high performance mode.

I.e., I think:

http://wiki2.dovecot.org/LoginProcess
http://wiki2.dovecot.org/Authentication/Caching

> There is 

> still the extra work of forking a new imap process (could also be avoided with 
> yet another config option)

Are you referring to client_limit or service_count or something else as yet undeveloped?
Speaking of which, I cannot understand the different between those two.? Hints in the
configuration file (10-master.conf) and the wiki make them sound like they do the same
thing -- ??

From tss at iki.fi  Fri Jun 22 05:44:18 2012
From: tss at iki.fi (Timo Sirainen)
Date: Fri, 22 Jun 2012 05:44:18 +0300
Subject: [Dovecot] Dovecot performance under high load (vs. Courier)
In-Reply-To: <1340332130.74182.YahooMailNeo@web39301.mail.mud.yahoo.com>
References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com>
	<5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi>
	<1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com>
	<1340310164.5967.86.camel@hurina> <4FE38547.4060407@thelounge.net>
	<8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi>
	<4FE38883.8000808@thelounge.net>
	<03B002D3-5C2D-49CB-A94E-C0F2CC086746@iki.fi>
	<1340332130.74182.YahooMailNeo@web39301.mail.mud.yahoo.com>
Message-ID: <BA2201C6-7322-4E12-AB44-0D9D732777A4@iki.fi>

On 22.6.2012, at 5.28, email builder wrote:

>> Oh, and of course it also depends on Dovecot configuration :) Authentication 
>> cache is needed and login processes must be in high performance mode.
> 
> I.e., I think:
> 
> http://wiki2.dovecot.org/LoginProcess
> http://wiki2.dovecot.org/Authentication/Caching

Yes.

>> There is 
>> still the extra work of forking a new imap process (could also be avoided with 
>> yet another config option)
> 
> Are you referring to client_limit or service_count or something else as yet undeveloped?

service imap { service_count = 0 } (default=1) allows imap processes to be reused for more than 1 connection. The downside is that if there are any bugs in Dovecot, they might accidentally expose another user's email data to the wrong user. That's very unlikely to happen but since this isn't a performance problem in most (if any) systems I don't want to enable it by default. Dovecot code is written so that write buffer overflows (= arbitrary code execution) is minimized to be as zero possibility as I could think of, but read buffer overflows (= exposing data within the process) isn't treated nearly as much with paranoia.

> Speaking of which, I cannot understand the different between those two.  Hints in the
> configuration file (10-master.conf) and the wiki make them sound like they do the same
> thing -- ??

service_count limits the maximum of client_limit. One connection = one service. Once a process has serviced "service_count" number of connections it disconnects itself. There can never be more than "client_limit" number of simultaneous connections. The important stuff to understand about these are:

 * service_count=1: The most secure setting for a process. The process serves a single connection and kills itself. No possibility of data leaking to unintended connection.
 * service_count=0, client_limit=1: The process does blocking operations (e.g. blocking disk IO). You don't want one connection's blocking operation to affect other connections. But you're not paranoid about security, since in case of some bugs some data might leak to unintended connection.
 * service_count>0: Restart process ever N connections, just in case it leaks some memory.
 * client_limit>1: Limit the amount of CPU/memory a single process takes. The process should never be blocking on disk I/O or locks or anything else. This means it shouldn't be used for imap/pop3/lmtp processes. For CPU bound processes it's fine.
 
Maybe these could be copy&pasted to the wiki2/Services.

From emailbuilder88 at yahoo.com  Fri Jun 22 08:27:18 2012
From: emailbuilder88 at yahoo.com (email builder)
Date: Thu, 21 Jun 2012 22:27:18 -0700 (PDT)
Subject: [Dovecot] Dovecot performance under high load (vs. Courier)
In-Reply-To: <BA2201C6-7322-4E12-AB44-0D9D732777A4@iki.fi>
References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com>
	<5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi>
	<1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com>
	<1340310164.5967.86.camel@hurina> <4FE38547.4060407@thelounge.net>
	<8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi>
	<4FE38883.8000808@thelounge.net>
	<03B002D3-5C2D-49CB-A94E-C0F2CC086746@iki.fi>
	<1340332130.74182.YahooMailNeo@web39301.mail.mud.yahoo.com>
	<BA2201C6-7322-4E12-AB44-0D9D732777A4@iki.fi>
Message-ID: <1340342838.42261.YahooMailNeo@web39303.mail.mud.yahoo.com>

>>>  Oh, and of course it also depends on Dovecot configuration :) 

>>> Authentication 
>>>  cache is needed and login processes must be in high performance mode.
>> 
>>  I.e., I think:
>> 
>>  http://wiki2.dovecot.org/LoginProcess
>>  http://wiki2.dovecot.org/Authentication/Caching
> 
> Yes.
> 
>>>  There is 
>>>  still the extra work of forking a new imap process (could also be 
>>> avoided with 
>>>  yet another config option)
>> 
>>  Are you referring to client_limit or service_count or something else as yet 
>> undeveloped?
> 
> service imap { service_count = 0 } (default=1) allows imap processes to be 
> reused for more than 1 connection. The downside is that if there are any bugs in 
> Dovecot, they might accidentally expose another user's email data to the 
> wrong user. That's very unlikely to happen but since this isn't a 
> performance problem in most (if any) systems I don't want to enable it by 
> default. Dovecot code is written so that write buffer overflows (= arbitrary 
> code execution) is minimized to be as zero possibility as I could think of, but 
> read buffer overflows (= exposing data within the process) isn't treated 
> nearly as much with paranoia.
> 
>>  Speaking of which, I cannot understand the different between those two.? 
>> Hints in the
>>  configuration file (10-master.conf) and the wiki make them sound like they 
>> do the same
>>  thing -- ??
> 
> service_count limits the maximum of client_limit. One connection = one service. 
> Once a process has serviced "service_count" number of connections it 
> disconnects itself. There can never be more than "client_limit" number 
> of simultaneous connections. The important stuff to understand about these are:
> 
> * service_count=1: The most secure setting for a process. The process serves a 
> single connection and kills itself. No possibility of data leaking to unintended 
> connection.
> * service_count=0, client_limit=1: The process does blocking operations (e.g. 
> blocking disk IO). You don't want one connection's blocking operation to 
> affect other connections. But you're not paranoid about security, since in 
> case of some bugs some data might leak to unintended connection.
> * service_count>0: Restart process ever N connections, just in case it leaks 
> some memory.
> * client_limit>1: Limit the amount of CPU/memory a single process takes. The 
> process should never be blocking on disk I/O or locks or anything else. This 
> means it shouldn't be used for imap/pop3/lmtp processes. For CPU bound 
> processes it's fine.

So really, a new process is created under *two* circumstances?? 1. when a
process reaches client_limit number of *simultaneous* connections or? 2. when
a process has serviced service_count number of connections.? Is this correct?

So for service *-login, is it OK to do something like service_count=5000, client_limit=2000

Thanks for the help!??? 

From aerion82 at gmail.com  Fri Jun 22 08:49:54 2012
From: aerion82 at gmail.com (Aerion Stevens)
Date: Fri, 22 Jun 2012 15:49:54 +1000
Subject: [Dovecot] Dovecot proxy/director and mail pop3/imap backend service
	on same server
Message-ID: <CAC_NXN3dvWRvK=G2FGtDusg-_TJ5YAGySjz+oGew8rtNQQoxBQ@mail.gmail.com>

Hi all,

I am interested in running a Dovecot Proxy(with Director) on the same
server as
the main Dovecot IMAP/POP3 service. I have a basic Proxy/Director
configuration working,
however I am struggling with getting the Proxy and IMAP/POP3 service to
coexist on
the same server. I plan to use three IMAP/POP3 servers with a NFS/maildir
backend,
and I am playing with Dovecot 2.1.5 at the moment.

I have two seperate configurations, one for the Proxy/Director and one for
the
Dovecot IMAP/POP3 "mail backend servers". For this to work my thoughts are
that
I will need to run the Proxy/Director imap/pop3 login process on the
standard ports
143, 110, 993, 995 and for the Dovecot IMAP/POP3 mail backend service
running on the same
server will need to use different ports (I decided to be 9143, 9110, 9993,
9995 for example).
How do I tell the director to proxy incoming imap/pop3 connection to the
mail backend servers
running on ports 9143, 9110, 9993, 9995 rather than the default imap/pop3
ports? Using the default
ports will clearly cause loops. Can anyone kindly provide an example
snippet of config that tells the director
to use different port for IMAP and POP3 proxy?

I have so far found the following pages helpful to what I am working on:
http://wiki2.dovecot.org/PasswordDatabase/ExtraFields/Proxy
http://wiki2.dovecot.org/PasswordDatabase/ExtraFields
http://wiki2.dovecot.org/Director

Cheers,
Aerion.

From a.kostyrev at serverc.ru  Fri Jun 22 09:29:25 2012
From: a.kostyrev at serverc.ru (=?koi8-r?B?68/T1NnSxdcg4czFy9PBzsTSIOHMxcvTxcXXyd4=?=)
Date: Fri, 22 Jun 2012 17:29:25 +1100
Subject: [Dovecot] Dovecot proxy/director and mail pop3/imap backend
	serviceon same server
In-Reply-To: <CAC_NXN3dvWRvK=G2FGtDusg-_TJ5YAGySjz+oGew8rtNQQoxBQ@mail.gmail.com>
References: <CAC_NXN3dvWRvK=G2FGtDusg-_TJ5YAGySjz+oGew8rtNQQoxBQ@mail.gmail.com>
Message-ID: <213B51F00051AE48A9F0E112880177178F7A46@Delta.sc.local>

I've already tortured Timo about that.
check this thread out: http://www.dovecot.org/list/dovecot/2012-June/066315.html




-----Original Message-----
From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On Behalf Of Aerion Stevens
Sent: Friday, June 22, 2012 4:50 PM
To: dovecot at dovecot.org
Subject: [Dovecot] Dovecot proxy/director and mail pop3/imap backend serviceon same server

Hi all,

I am interested in running a Dovecot Proxy(with Director) on the same
server as
the main Dovecot IMAP/POP3 service. I have a basic Proxy/Director
configuration working,
however I am struggling with getting the Proxy and IMAP/POP3 service to
coexist on
the same server. I plan to use three IMAP/POP3 servers with a NFS/maildir
backend,
and I am playing with Dovecot 2.1.5 at the moment.

I have two seperate configurations, one for the Proxy/Director and one for
the
Dovecot IMAP/POP3 "mail backend servers". For this to work my thoughts are
that
I will need to run the Proxy/Director imap/pop3 login process on the
standard ports
143, 110, 993, 995 and for the Dovecot IMAP/POP3 mail backend service
running on the same
server will need to use different ports (I decided to be 9143, 9110, 9993,
9995 for example).
How do I tell the director to proxy incoming imap/pop3 connection to the
mail backend servers
running on ports 9143, 9110, 9993, 9995 rather than the default imap/pop3
ports? Using the default
ports will clearly cause loops. Can anyone kindly provide an example
snippet of config that tells the director
to use different port for IMAP and POP3 proxy?

I have so far found the following pages helpful to what I am working on:
http://wiki2.dovecot.org/PasswordDatabase/ExtraFields/Proxy
http://wiki2.dovecot.org/PasswordDatabase/ExtraFields
http://wiki2.dovecot.org/Director

Cheers,
Aerion.

From stephan at rename-it.nl  Fri Jun 22 10:08:05 2012
From: stephan at rename-it.nl (Stephan Bosch)
Date: Fri, 22 Jun 2012 09:08:05 +0200
Subject: [Dovecot] Manual manipulation of Sieve files
In-Reply-To: <1340303566.38480.YahooMailNeo@web39306.mail.mud.yahoo.com>
References: <1340303566.38480.YahooMailNeo@web39306.mail.mud.yahoo.com>
Message-ID: <4FE419D5.1060409@rename-it.nl>

On 6/21/2012 8:32 PM, email builder wrote:
> We have some scripts that take care of some tasks when creating new email accounts, such as creating some default mail filter rules.
>
> I know Sieve scripts are plain text files, but need to be compiled for use.  I see that you can use seivec to compile scripts manually, which can help me create .dovecot.svbin which can be placed where needed and permissioned correctly.  But a couple questions:
>
> * Sieve has the concept of an active script - is this merely whatever is compiled into the .dovecot.svbin file?

This is the script file that the sieve= setting points to. The term 
'active' only has real meaning when ManageSieve is used. Then, the 
active script file is a symbolic link that points into the sieve_dir= 
directory, thereby selecting which script is active.

> * Does dovecot (managesieve) do any other housekeeping when a user sieve script is installed and set as the active script?  I would need to replicate this manually.

It makes the symbolic link. Compiling the script is done automatically 
when the script is first executed at delivery.

> * If the default script is always the same (sorry, for us, the solution isn't global scripts), would it work to compile that script once, keep the compiled version somewhere and merely copy it into the correct place for a new user?  Are there issues with this?
You can pre-compile it, but the plaintext script must also exist at the 
indicated location. Sieve always looks for the plaintext script and only 
when that is found it checks for the presence of an earlier compiled binary.

> * Should we always have the plain text version along with the compiled one for proper managesieve operation going forward (users can edit their sieve scripts)

Yes.

Regards,

Stephan.


From stephan at rename-it.nl  Fri Jun 22 10:10:20 2012
From: stephan at rename-it.nl (Stephan Bosch)
Date: Fri, 22 Jun 2012 09:10:20 +0200
Subject: [Dovecot] Dovecot LDA, Offlineimap and Sieve
In-Reply-To: <87y5ng1bzp.fsf@gmx.co.uk>
References: <87y5ng1bzp.fsf@gmx.co.uk>
Message-ID: <4FE41A5C.4050609@rename-it.nl>

On 6/22/2012 1:28 AM, Johnny wrote:
> Hi,
>
> I am trying to st up Offlineimap to use Dovecots LDA to be able to use
> Sieve for mail filtering, but am not sure how to get this working. I
> think the right way would be to use 'preauthtunnel' in .offlineimaprc
> and try the setup below, which doesn't work.
[...]
> Has anyone got any tips on how to get offlineimap to send mail to
> Dovecot in a way that Siev3e can be used?

Could you show your dovecot config (dovecot -n output) here? I'm 
wondering whether you have enabled the Sieve plugin for LDA.

Regards,

Stephan.

From emailbuilder88 at yahoo.com  Fri Jun 22 10:32:12 2012
From: emailbuilder88 at yahoo.com (email builder)
Date: Fri, 22 Jun 2012 00:32:12 -0700 (PDT)
Subject: [Dovecot] Manual manipulation of Sieve files
In-Reply-To: <4FE419D5.1060409@rename-it.nl>
References: <1340303566.38480.YahooMailNeo@web39306.mail.mud.yahoo.com>
	<4FE419D5.1060409@rename-it.nl>
Message-ID: <1340350332.34438.YahooMailNeo@web39301.mail.mud.yahoo.com>

Thanks for the reply --



>>  We have some scripts that take care of some tasks when creating new email 
> accounts, such as creating some default mail filter rules.
>> 
>>  I know Sieve scripts are plain text files, but need to be compiled for 
>> use.? I see that you can use seivec to compile scripts manually, which can help 
>> me create .dovecot.svbin which can be placed where needed and permissioned 
>> correctly.? But a couple questions:
>> 
>>  * Sieve has the concept of an active script - is this merely whatever is 
>> compiled into the .dovecot.svbin file?
> 
> This is the script file that the sieve= setting points to. The term 
> 'active' only has real meaning when ManageSieve is used. Then, the 
> active script file is a symbolic link that points into the sieve_dir= directory, 
> thereby selecting which script is active.
> 
>>  * Does dovecot (managesieve) do any other housekeeping when a user sieve 
>> script is installed and set as the active script?? I would need to replicate 
>> this manually.
> 
> It makes the symbolic link. Compiling the script is done automatically when the 
> script is first executed at delivery.
> 
>>  * If the default script is always the same (sorry, for us, the solution 
>> isn't global scripts), would it work to compile that script once, keep the 
>> compiled version somewhere and merely copy it into the correct place for a new 
>> user?? Are there issues with this?
>
> You can pre-compile it, but the plaintext script must also exist at the 
> indicated location. Sieve always looks for the plaintext script and only when 
> that is found it checks for the presence of an earlier compiled binary.

Oh, so it's even easier.? Our setup script can just put the plain text sieve
script in the right place, create the .dovecot.sieve symlink and that's enough?
Pasting in a precompiled would save a few CPU cycles upon first delivery?

Great, thanks again.


From emailbuilder88 at yahoo.com  Fri Jun 22 10:42:47 2012
From: emailbuilder88 at yahoo.com (email builder)
Date: Fri, 22 Jun 2012 00:42:47 -0700 (PDT)
Subject: [Dovecot] LDA vs maildrop... LDA *and* maildrop?
Message-ID: <1340350967.56083.YahooMailNeo@web39305.mail.mud.yahoo.com>

We're considering a move from Courier to Dovecot.? So far, looks like
it's not too bad, but the most challenging obstacle is what to do about
our local delivery.? Factors:

1. we use a lot of maildrop "features" that are impossible in sieve 

without piping to an external program (would rather not re-write our
working maildrop scripts in another language)

2. would love to try dbox

3. we use IMAP/Maildir++ quotas (looks like with a little finesse
it's possible to get maildrop and dovecot to play nice on this
account, yes?)


I saw it suggested to just call LDA from maildrop for any maildrop
"to" commands (hmmm, what about "cc"?) here:

http://article.gmane.org/gmane.mail.imap.dovecot/56120

How much overhead will this take?? Would it be possible or
advisable to use LMTP instead if that would help?? Is this
idea just too crazy?

From emailbuilder88 at yahoo.com  Fri Jun 22 11:24:27 2012
From: emailbuilder88 at yahoo.com (email builder)
Date: Fri, 22 Jun 2012 01:24:27 -0700 (PDT)
Subject: [Dovecot] LDA vs maildrop... LDA *and* maildrop?
In-Reply-To: <1340350967.56083.YahooMailNeo@web39305.mail.mud.yahoo.com>
References: <1340350967.56083.YahooMailNeo@web39305.mail.mud.yahoo.com>
Message-ID: <1340353467.4539.YahooMailNeo@web39306.mail.mud.yahoo.com>


> We're considering a move from Courier to Dovecot.? So far, looks like

> it's not too bad, but the most challenging obstacle is what to do about
> our local delivery.? Factors:
> 
> 1. we use a lot of maildrop "features" that are impossible in sieve 
> 
> without piping to an external program (would rather not re-write our
> working maildrop scripts in another language)
> 
> 2. would love to try dbox
> 
> 3. we use IMAP/Maildir++ quotas (looks like with a little finesse
> it's possible to get maildrop and dovecot to play nice on this
> account, yes?)
> 
> 
> I saw it suggested to just call LDA from maildrop for any maildrop
> "to" commands (hmmm, what about "cc"?) here:
> 
> http://article.gmane.org/gmane.mail.imap.dovecot/56120
> 
> How much overhead will this take?? Would it be possible or
> advisable to use LMTP instead if that would help?? Is this
> idea just too crazy?

Oh, doing this would also have benefit of updating dovecot indexes
upon delivery, and we could ignore point 3 about the quotas and just
let dovecot handle deliver time quotas too right?? (remove quota
support from maildrop)

Also saw a suggestion to do it a little different:

http://article.gmane.org/gmane.mail.imap.dovecot/44897

So maildrop 

to "| foo"
to "! foo at bar.com"
cc "| foo"
cc "! foo at bar.com"

are left as is

then

to "<mailbox name>"

is replaced with either:

xfilter "/usr/lib/dovecot/dovecot-lda -m <mailbox name>"
to "| /dev/null"

or just:

to "| /usr/lib/dovecot/dovecot-lda -m <mailbox name>"

and

cc "<mailbox name>"

is replaced with either:

xfilter "/usr/lib/dovecot/dovecot-lda -m <mailbox name>"

or just:

cc "| /usr/lib/dovecot/dovecot-lda -m <mailbox name>"

and the default end-of-script (INBOX) delivery for maildrop (an
assumed "to 'INBOX'" command) can probably be replaced with
one or the other of:

xfilter "/usr/lib/dovecot/dovecot-lda"
to "| /dev/null"

or:

to "| /usr/lib/dovecot/dovecot-lda"

Does any of this make sense?? I wonder how it will look to the
MTA (postfix here) when delivery fails.? It's also creating duplicate
user lookups for the two delivery agents which isn't great.

Maybe it'd be better to consider learning how to re-write our needed
maildrop scripts as shell scripts (maildrop is close enough to bash
I guess) and making sieve pipe out to them?

From Ralf.Hildebrandt at charite.de  Fri Jun 22 11:48:32 2012
From: Ralf.Hildebrandt at charite.de (Ralf Hildebrandt)
Date: Fri, 22 Jun 2012 10:48:32 +0200
Subject: [Dovecot] LDA vs maildrop... LDA *and* maildrop?
In-Reply-To: <1340350967.56083.YahooMailNeo@web39305.mail.mud.yahoo.com>
References: <1340350967.56083.YahooMailNeo@web39305.mail.mud.yahoo.com>
Message-ID: <20120622084832.GH16499@charite.de>

* email builder <emailbuilder88 at yahoo.com>:

> 1. we use a lot of maildrop "features" that are impossible in sieve 

We're calling deliver from maildropc

> 2. would love to try dbox

For that you'd need to call deliver from maildropc
 
> 3. we use IMAP/Maildir++ quotas (looks like with a little finesse
> it's possible to get maildrop and dovecot to play nice on this
> account, yes?)

deliver/dovecot is handling Maildir++ quotas just fine.

> How much overhead will this take?? Would it be possible or
> advisable to use LMTP instead if that would help?? Is this
> idea just too crazy?

does maildrop speak LMTP?


-- 
Ralf Hildebrandt
  Gesch?ftsbereich IT | Abteilung Netzwerk
  Charit? - Universit?tsmedizin Berlin
  Campus Benjamin Franklin
  Hindenburgdamm 30 | D-12203 Berlin
  Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962
  ralf.hildebrandt at charite.de | http://www.charite.de
	    

From emailbuilder88 at yahoo.com  Fri Jun 22 11:59:19 2012
From: emailbuilder88 at yahoo.com (email builder)
Date: Fri, 22 Jun 2012 01:59:19 -0700 (PDT)
Subject: [Dovecot] LDA vs maildrop... LDA *and* maildrop?
In-Reply-To: <20120622084832.GH16499@charite.de>
References: <1340350967.56083.YahooMailNeo@web39305.mail.mud.yahoo.com>
	<20120622084832.GH16499@charite.de>
Message-ID: <1340355559.56885.YahooMailNeo@web39306.mail.mud.yahoo.com>


>>  1. we use a lot of maildrop "features" that are impossible in 

>> sieve 
> 
> We're calling deliver from maildropc

Ah, so this is actually sane enough of an idea that someone
really uses it?? Is the performance reasonable?? Bounces or
deferred mail all work as expected?? What syntax did you use
to replace to/cc with calls to LDA?

>>  2. would love to try dbox
> 
> For that you'd need to call deliver from maildropc

I take it you didn't try this

>>  3. we use IMAP/Maildir++ quotas (looks like with a little finesse
>>  it's possible to get maildrop and dovecot to play nice on this
>>  account, yes?)
> 
> deliver/dovecot is handling Maildir++ quotas just fine.

But if you call dovecot LDA you're not limited to Maildir++
quotas, right?? You can strip quota support out of maildrop
and just let dovecot LDA and dovecot IMAP enforce quotas
which keeps things more simple, no?

>>  How much overhead will this take?? Would it be possible or
>>  advisable to use LMTP instead if that would help?? Is this
>>  idea just too crazy?
> 
> does maildrop speak LMTP?

Good point

From Ralf.Hildebrandt at charite.de  Fri Jun 22 12:27:13 2012
From: Ralf.Hildebrandt at charite.de (Ralf Hildebrandt)
Date: Fri, 22 Jun 2012 11:27:13 +0200
Subject: [Dovecot] LDA vs maildrop... LDA *and* maildrop?
In-Reply-To: <1340355559.56885.YahooMailNeo@web39306.mail.mud.yahoo.com>
References: <1340350967.56083.YahooMailNeo@web39305.mail.mud.yahoo.com>
	<20120622084832.GH16499@charite.de>
	<1340355559.56885.YahooMailNeo@web39306.mail.mud.yahoo.com>
Message-ID: <20120622092713.GJ16499@charite.de>

* email builder <emailbuilder88 at yahoo.com>:
> 
> >>  1. we use a lot of maildrop "features" that are impossible in 
> 
> >> sieve 
> > 
> > We're calling deliver from maildropc
> 
> Ah, so this is actually sane enough of an idea that someone
> really uses it?? Is the performance reasonable?? Bounces or
> deferred mail all work as expected?? What syntax did you use
> to replace to/cc with calls to LDA?

I'll send you my /etc/maildroprc
it's working OK. I'm using deliver where I can, only a few things are
done by maildrop/mailbot

> >>  2. would love to try dbox
> > 
> > For that you'd need to call deliver from maildropc
> 
> I take it you didn't try this

Exactly.

> >>  3. we use IMAP/Maildir++ quotas (looks like with a little finesse
> >>  it's possible to get maildrop and dovecot to play nice on this
> >>  account, yes?)
> > 
> > deliver/dovecot is handling Maildir++ quotas just fine.
> 
> But if you call dovecot LDA you're not limited to Maildir++
> quotas, right?

Correct.

> ? You can strip quota support out of maildrop and just let dovecot LDA
> and dovecot IMAP enforce quotas which keeps things more simple, no?

Since I'm delegating all delivery to deliver, except for pipes, I'm
using the quota facilities of deliver/dovecot

-- 
Ralf Hildebrandt
  Gesch?ftsbereich IT | Abteilung Netzwerk
  Charit? - Universit?tsmedizin Berlin
  Campus Benjamin Franklin
  Hindenburgdamm 30 | D-12203 Berlin
  Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962
  ralf.hildebrandt at charite.de | http://www.charite.de
	    

From tss at iki.fi  Fri Jun 22 12:47:31 2012
From: tss at iki.fi (Timo Sirainen)
Date: Fri, 22 Jun 2012 12:47:31 +0300
Subject: [Dovecot] Dovecot performance under high load (vs. Courier)
In-Reply-To: <1340342838.42261.YahooMailNeo@web39303.mail.mud.yahoo.com>
References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com>
	<5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi>
	<1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com>
	<1340310164.5967.86.camel@hurina> <4FE38547.4060407@thelounge.net>
	<8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi>
	<4FE38883.8000808@thelounge.net>
	<03B002D3-5C2D-49CB-A94E-C0F2CC086746@iki.fi>
	<1340332130.74182.YahooMailNeo@web39301.mail.mud.yahoo.com>
	<BA2201C6-7322-4E12-AB44-0D9D732777A4@iki.fi>
	<1340342838.42261.YahooMailNeo@web39303.mail.mud.yahoo.com>
Message-ID: <33DFF34D-EC88-4DBB-8B10-EA6BA1597F64@iki.fi>

On 22.6.2012, at 8.27, email builder wrote:

> So really, a new process is created under *two* circumstances?  1. when a
> process reaches client_limit number of *simultaneous* connections or  2. when
> a process has serviced service_count number of connections.  Is this correct?

Yes.

> So for service *-login, is it OK to do something like service_count=5000, client_limit=2000

It would work, but for login processes the service_count can be 0. I haven't seen them leaking any memory recently.

One somewhat annoying thing with service_count>1 is that the processes have to wait until all of the connections have disconnected before shutting down. For processes handling long running connections (especially IMAP) this can mean that you'll end up with a lot of processes that are ready to shutdown but a couple of connections prevent it from doing this.


From yggdrasil at gmx.co.uk  Fri Jun 22 14:35:09 2012
From: yggdrasil at gmx.co.uk (Johnny)
Date: Fri, 22 Jun 2012 12:35:09 +0100
Subject: [Dovecot] Dovecot LDA, Offlineimap and Sieve
In-Reply-To: <4FE41A5C.4050609@rename-it.nl> (Stephan Bosch's message of "Fri, 
	22 Jun 2012 09:10:20 +0200")
References: <87y5ng1bzp.fsf@gmx.co.uk> <4FE41A5C.4050609@rename-it.nl>
Message-ID: <87wr2zinpu.fsf@gmx.co.uk>

Hi Stephan, 

Stephan Bosch <stephan at rename-it.nl> writes:

> On 6/22/2012 1:28 AM, Johnny wrote:
>> Hi,
>>
>> I am trying to st up Offlineimap to use Dovecots LDA to be able to use
>> Sieve for mail filtering, but am not sure how to get this working. I
>> think the right way would be to use 'preauthtunnel' in .offlineimaprc
>> and try the setup below, which doesn't work.
> [...]
>> Has anyone got any tips on how to get offlineimap to send mail to
>> Dovecot in a way that Siev3e can be used?
>
> Could you show your dovecot config (dovecot -n output) here? I'm
> wondering whether you have enabled the Sieve plugin for LDA.
>

I haven't set up Sieve yet, as I haven't been able to figure out how to
use the Dovecot LDA. Or is this not required to run Sieve? 

Here's my config:

,----
| mbox_write_locks = fcntl                                |
| namespace inbox {                                       |
| hidden = no                                             |
| inbox = yes                                             |
| list = yes                                              |
| location =                                              |
| mailbox Drafts {                                        |
| special_use = \Drafts                                   |
| }                                                       |
| mailbox Junk {                                          |
| special_use = \Junk                                     |
| }                                                       |
| mailbox Sent {                                          |
| special_use = \Sent                                     |
| }                                                       |
| mailbox "Sent Messages" {                               |
| special_use = \Sent                                     |
| }                                                       |
| mailbox Trash {                                         |
| special_use = \Trash                                    |
| }                                                       |
| prefix =                                                |
| separator = .                                           |
| subscriptions = yes                                     |
| type = private                                          |
| }                                                       |
| passdb {                                                |
| args = scheme=MD5 username_format=%u /etc/dovecot/users |
| driver = passwd-file                                    |
| }                                                       |
| protocols = imap                                        |
| service auth {                                          |
| unix_listener auth-userdb {                             |
| mode = 0666                                             |
| }                                                       |
| }                                                       |
| ssl = required                                          |
| ssl_cert = </etc/pki/dovecot/certs/dovecot.pem          |
| ssl_key = </etc/pki/dovecot/private/dovecot.pem         |
| userdb {                                                |
| args = username_format=%u /etc/dovecot/users            |
| driver = passwd-file                                    |
| }                                                       |
`----


-- 
Johnny

From robert at schetterer.org  Fri Jun 22 15:34:09 2012
From: robert at schetterer.org (Robert Schetterer)
Date: Fri, 22 Jun 2012 14:34:09 +0200
Subject: [Dovecot] dovecot stats error
Message-ID: <4FE46641.4030801@schetterer.org>

Hi Timo,
any idea whats this related too ?

dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats
shrank: mrbytes 21703727 < 25193928
-- 
Best Regards
MfG Robert Schetterer


From tss at iki.fi  Fri Jun 22 16:34:33 2012
From: tss at iki.fi (Timo Sirainen)
Date: Fri, 22 Jun 2012 16:34:33 +0300
Subject: [Dovecot] dovecot stats error
In-Reply-To: <4FE46641.4030801@schetterer.org>
References: <4FE46641.4030801@schetterer.org>
Message-ID: <494CA511-4DC1-402B-9A00-D0678BBB1BF4@iki.fi>

On 22.6.2012, at 15.34, Robert Schetterer wrote:

> Hi Timo,
> any idea whats this related too ?
> 
> dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats
> shrank: mrbytes 21703727 < 25193928

Which Dovecot version? I thought I fixed this already..



From Benoit.Branciard at univ-paris1.fr  Fri Jun 22 16:59:18 2012
From: Benoit.Branciard at univ-paris1.fr (Benoit Branciard)
Date: Fri, 22 Jun 2012 15:59:18 +0200
Subject: [Dovecot] cumulative userdb ?
Message-ID: <4FE47A36.5090003@univ-paris1.fr>

in Dovecot 2.0, is it possible to have kind of "cumulative" multiple 
userdb ?

that is, for all users:
- extract some attributes (let's say: uid, gid, home) from a first 
userdb (Passwd for example),
- an extract some other attributes (mail for example, but overwriting 
those from the first userdb in case of redundancy) from a second userdb 
(LDAP for example) ?

This is *different* from the "multiple databases" setup described in 
http://wiki2.dovecot.org/Authentication/MultipleDatabases, where it is 
meant as "failover": the second database is looked up only if the user 
isn't found in the first database.


-- 
Benoit BRANCIARD
Service InfraStructures (SIS) - Direction du Syst?me d'Information (DSI)
Universit? Paris 1 Panth?on-Sorbonne
Centre Pierre Mend?s France
B 406 - 90, rue de Tolbiac - 75634 Paris cedex 13 - France
T?l : +33 1 44 07 89 68 - Fax : +33 1 44 07 89 66
Accueil t?l. : +33 1 44 07 89 65
Assistance : assistance-dsi at univ-paris1.fr
Web : http://dsi.univ-paris1.fr


-- 
Ce message a ete verifie par MailScanner
pour des virus ou des polluriels et rien de
suspect n'a ete trouve.


From robertcoore at yahoo.com  Fri Jun 22 18:46:35 2012
From: robertcoore at yahoo.com (robert coore)
Date: Fri, 22 Jun 2012 15:46:35 +0000 (UTC)
Subject: [Dovecot] permissions on auth-userdb
References: <AANLkTine5mmUAL5HVkR3a1WRiB9Kt9zBcxUng2w+ALaE@mail.gmail.com>
Message-ID: <loom.20120622T173004-117@post.gmane.org>

 <spamvoll <at> googlemail.com> writes:

> 
> Hi..
> 
> im still trying to upgrade to 2.0.
> Im getting:
> dovecot: lda: Error: userdb lookup:
> connect(/var/run/dovecot/auth-userdb) failed: Permission denied
> (euid=10000(vmail) egid=10000(vmail) missing +r perm:
> /var/run/dovecot/auth-userdb, euid is not dir owner)
> 
> the error is correct caus its owned by root. My Questions is who should own 
it ?
> Im not sure how that works, what process/user calls the auth-userdb ?
> The auth-userdb returns the args generated in master.conf, right ?
> 
> i think comment out the user and group setting in master.conf will fix
> it but im not sure if that is the securest way.
> 
> the mails come from postfix via dovecot-lda
> 
> Hans
> 
> master.conf
> service auth {
>   # auth_socket_path points to this userdb socket by default. It's typically
>   # used by dovecot-lda, doveadm, possibly imap process, etc. Its default
>   # permissions make it readable only by root, but you may need to relax 
these
>   # permissions. Users that have access to this socket are able to get a list
>   # of all usernames and get results of everyone's userdb lookups.
>   unix_listener auth-userdb {
>     mode = 0600
>     #user = vmail
>     #group = vmail
>   }
> 
> auth-ldap.conf.ext
> passdb {
>   driver = ldap
>   args = /etc/dovecot/dovecot-ldap.conf.ext
> }
> userdb {
>   driver = static
>   args = uid=vmail gid=vmail home=/home/MAILBOXES/%u/
> mail=/home/MAILBOXES/%u/mail
> }
> 
> 


Hi all was getting the same errors took me 2 days to understand what it was 
saying to me but i finally solved it



if you do an ls -l /var/run/dovecot/auth-userdb you will seet that root is the 
owner and the premissions are srw-------- so vmail has not right to call or 
even use the process
What i did was a chown -R vmail:vmail /var/run/dovecot/auth-userdb
I also did a chmod g+r /var/run/dovecot/auth-userdb
ls -l /var/run/dovecot/auth-userdb
srw----r-- 1 vmail vmail 
my unix_listener auth-userdb {
    mode = 600
   {

protocol lda {
  auth_socket_path = /var/run/dovecot/auth-userdb
  log_path = /home/vmail/dovecot-deliver.log

that worked for me
1. havent restarted the dovecot service dont know if it will keep the settings.







From tss at iki.fi  Fri Jun 22 21:46:06 2012
From: tss at iki.fi (Timo Sirainen)
Date: Fri, 22 Jun 2012 21:46:06 +0300
Subject: [Dovecot] cumulative userdb ?
In-Reply-To: <4FE47A36.5090003@univ-paris1.fr>
References: <4FE47A36.5090003@univ-paris1.fr>
Message-ID: <643DEB67-BA15-4D0A-B157-5DAAC0A4276D@iki.fi>

On 22.6.2012, at 16.59, Benoit Branciard wrote:

> in Dovecot 2.0, is it possible to have kind of "cumulative" multiple userdb ?
> 
> that is, for all users:
> - extract some attributes (let's say: uid, gid, home) from a first userdb (Passwd for example),
> - an extract some other attributes (mail for example, but overwriting those from the first userdb in case of redundancy) from a second userdb (LDAP for example) ?

I've also wanted this a few times. But no, not possible currently.


From ncjeffgus at zimage.com  Sat Jun 23 00:24:36 2012
From: ncjeffgus at zimage.com (Jeff Gustafson)
Date: Fri, 22 Jun 2012 14:24:36 -0700
Subject: [Dovecot] dsync error: "Mailboxes don't have unique GUIDs"
Message-ID: <1340400276.12426.9.camel@maclinux>

	I'm getting an error backing up mailboxes. I'm using the mirror
command:

dsync -fvo mail_home=/home/users/bob mirror ssh vmail at 10.1.4.1 dsync -o
mail_home=/home/.incoming_mail_migrations/users/bob

dsync-remote(vmail): Error: Mailboxes don't have unique GUIDs:
1ef6ee37c694894d783100000581a675 is shared by INBOX and INBOX
dsync-remote(vmail): Error: command BOX-LIST failed
dsync-local(vmail): Error: Worker server's mailbox iteration failed

	The mail user doesn't yet exist on the destination yet, thus the use of
the mail_home parameter.
	I found a mailing list message where a person was having a similar
problem but I couldn't find confirmation that the issue was resolved.
	In our case, the backup goes from maildir to mdbox format (we can't to
convert to mdbox). Things seemed to be moving along, but there are quite
a few examples of dsync failing. I think the issue happens more often
with large mailboxes ( > 50GB ). 
	We're running version 2.0.13. 
	doveconf -n:

# 2.0.13: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.18-274.12.1.el5 x86_64 CentOS release 5.7 (Final) 
auth_mechanisms = plain login
default_client_limit = 15000
default_process_limit = 10000
disable_plaintext_auth = no
listen = *
mail_gid = vmail
mail_location = maildir:~/Maildir
mail_plugins = zlib
mail_uid = vmail
mmap_disable = yes
namespace {
  inbox = yes
  location = 
  prefix = INBOX.
  separator = .
}
passdb {
  args = /etc/dovecot/conf.d/dovecot-sql.conf.ext
  driver = sql
}
plugin {
  zlib_save = gz
}
protocols = imap pop3
service auth {
  client_limit = 10000
  unix_listener auth-userdb {
    mode = 0666
  }
}
service imap-postlogin {
  executable = script-login /usr/bin/postlogin-imap.sh
  user = $default_internal_user
}
service imap {
  drop_priv_before_exec = yes
  executable = imap
  process_limit = 10000
}
service pop3-postlogin {
  executable = script-login /usr/bin/postlogin-pop.sh
  user = $default_internal_user
}
}
service pop3 {
  drop_priv_before_exec = yes
  executable = pop3
  process_limit = 2500
}
ssl_cert = </etc/pki/dovecot/certs/dovecot.pem
ssl_key = </etc/pki/dovecot/private/dovecot.pem
userdb {
  driver = prefetch
}
userdb {
  args = /etc/dovecot/conf.d/dovecot-sql.conf.ext
  driver = sql
}
protocol lmtp {
  mail_plugins = zlib
}
protocol lda {
  mail_plugins = zlib
}
protocol imap {
  mail_max_userip_connections = 100
  mail_plugins = zlib
}
protocol pop3 {
  mail_max_userip_connections = 30
  mail_plugins = zlib
}


...Jeff


From jonrysh at pacbell.net  Sat Jun 23 04:40:02 2012
From: jonrysh at pacbell.net (Jonathan Ryshpan)
Date: Fri, 22 Jun 2012 18:40:02 -0700
Subject: [Dovecot] Import from Evolution
In-Reply-To: <alpine.BSF.2.00.1206171403020.13130@wojtek.tensor.gdynia.pl>
References: <1339873707.2732.11.camel@amito>
	<20120616201636.GB6858@state-of-mind.de>
	<alpine.BSF.2.00.1206171403020.13130@wojtek.tensor.gdynia.pl>
Message-ID: <1340415602.12632.2.camel@amito>

On Sun, 2012-06-17 at 14:04 +0200, Wojciech Puchar wrote:
> >> maildir form.  Reviews of kmail are very bad, and thunderbird uses the
> >> mbox format for storage.
> >
> > If it is native maildir you can configure that/your account to use maildir and
> > simply copy your mailbox over to Dovecot. When Dovecot accesses the mailbox it
> > will create the necessary index files and you are ready to use it.
> 
> if you want to use any of those hopeless programs just turn message 
> caching in them (folder synchronization off in thunderbird) and login to 
> dovecot, even on localhost.
> 
> kmail v.3 is barely usable, v4 is good.

It looks like you don't like any of the email programs we've discussed.
Which email programs do you like?

BTW: kmail on my system is 4.8.3 -- In more detail:
        $ kmail --version
        Qt: 4.8.2
        KDE Development Platform: 4.8.3 (4.8.3)
        KMail: 4.8.3

Thanks - jon




From jonrysh at pacbell.net  Sat Jun 23 05:02:55 2012
From: jonrysh at pacbell.net (Jonathan Ryshpan)
Date: Fri, 22 Jun 2012 19:02:55 -0700
Subject: [Dovecot] Import from Evolution
In-Reply-To: <20120616201636.GB6858@state-of-mind.de>
References: <1339873707.2732.11.camel@amito>
	<20120616201636.GB6858@state-of-mind.de>
Message-ID: <1340416975.12632.19.camel@amito>

On Sat, 2012-06-16 at 22:16 +0200, Patrick Ben Koetter wrote:
> * Jonathan Ryshpan <jonrysh at pacbell.net>:
> > I need to import the mail database generated by the evolution mail
> > reader into dovecot.  Evolution stores its mail in maildir format (fully
> > standards compatible, I think); I would be using the maildir format in
> > dovecot.  Is there anything in the wiki, etc. explaining exactly how to 
> > do this?
> > 
> > Why do this?  Evolution is hopelessly broken, and is not likely to be 
> > fixed in the forseeable future, and I would like to keep my mails in
> > maildir form.  Reviews of kmail are very bad, and thunderbird uses the
> > mbox format for storage.
> 
> If it is native maildir you can configure that/your account to use maildir and
> simply copy your mailbox over to Dovecot. When Dovecot accesses the mailbox it
> will create the necessary index files and you are ready to use it. 

I have now set up dovecot on my system, and should now be in business,
but when Thunderbird connects to Dovecot it doesn't see any folders.
Here is the situation.  Please excuse the length of this message; I have
tried to include all useful information.

My system is Fedora-17 Linux with all updates running on x86_64
hardware.  Dovecot is installed and running with this configuration:

        $ dovecot -n
        # 2.1.7: /etc/dovecot/dovecot.conf
        # OS: Linux 3.4.3-1.fc17.x86_64 x86_64 Fedora release 17 (Beefy Miracle) 
        mail_location = mbox:~/Dovecot:INBOX=/var/spool/mail/%u
        mail_privileged_group = mail
        managesieve_notify_capability = mailto
        managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave
        mbox_write_locks = fcntl
        namespace inbox {
          inbox = yes
          location = 
          mailbox Drafts {
            special_use = \Drafts
          }
          mailbox Junk {
            special_use = \Junk
          }
          mailbox Sent {
            special_use = \Sent
          }
          mailbox "Sent Messages" {
            special_use = \Sent
          }
          mailbox Trash {
            special_use = \Trash
          }
          prefix = 
        }
        passdb {
          driver = pam
        }
        plugin {
          sieve = ~/.dovecot.sieve
          sieve_dir = ~/sieve
        }
        ssl = required
        ssl_cert = </etc/pki/dovecot/certs/dovecot.pem
        ssl_key = </etc/pki/dovecot/private/dovecot.pem
        userdb {
          driver = passwd
        }

The folder ~/Dovecot contains a very large number of files and folers,
which were all copied from the mail database of evolution, and consist
of all the actual mail archived by evolution, but not its index files.

        $ ls -lA Dovecot
        total 4976
        drwx------. 5 jonrysh jonrysh    4096 Jul  6  2011 .Drafts
        drwx------. 5 jonrysh jonrysh    4096 Jul  6  2011 .Outbox
        drwx------. 5 jonrysh jonrysh    4096 Jul  6  2011 .Sent
        drwx------. 5 jonrysh jonrysh    4096 Jul  6  2011 .Tamburas
        drwx------. 5 jonrysh jonrysh    4096 Jul  6  2011 .Templates
        drwx------. 5 jonrysh jonrysh    4096 Jul  6  2011 .adax
        drwx------. 5 jonrysh jonrysh    4096 Jul  6  2011 .ads
        drwx------. 5 jonrysh jonrysh    4096 Jul  6  2011 .alissa
        drwx------. 5 jonrysh jonrysh    4096 Jul  6  2011 .ally-bank
        ...
        drwx------. 5 jonrysh jonrysh    4096 Jul  6  2011 .vicente
        drwx------. 5 jonrysh jonrysh    4096 Jul  6  2011 .walgreens
        drwx------. 5 jonrysh jonrysh    4096 Jul  6  2011 .wells
        drwx------. 5 jonrysh jonrysh    4096 Jul  6  2011 .westwind
        drwx------. 5 jonrysh jonrysh    4096 Dec 31 10:36 .wview
        drwx------. 5 jonrysh jonrysh    4096 Jul  6  2011 .yum
        -rw-------. 1 jonrysh jonrysh       0 Jun 22 18:10 Trash
        drwx------. 2 jonrysh jonrysh 4530176 Jun 22 13:31 cur
        drwx------. 2 jonrysh jonrysh    4096 Jul  6  2011 new
        drwx------. 2 jonrysh jonrysh    4096 Jun 22 13:31 tmp

Thunderbird reports that is can connect with the Dovecot imap server,
but doesn't show any of these folders.  It shows only the Folders Inbox
and Trash.  Clicking on Inbox causes the Thunderbird error message:

        The current operation on 'Inbox' did not succeed. The mail
        server for account jonrysh at localhost responded: [SERVERBUG]
        Internal error occurred. Refer to server log f?

and /var/log/maillog shows the corresponding error:

        Jun 22 18:23:10 amito dovecot: imap(jonrysh): Error: chown(/home/jonrysh/Dovecot/.imap/INBOX, group=12(mail)) failed: Operation not permitted (egid=1000(jonrysh), group based on /var/spool/mail/jonrysh - see http://wiki2.dovecot.org/Errors/ChgrpNoPerm)

As a complete Dovecot/IMAP newbie, I am completely confused.  Any advice
will be much appreciated.

jon





From dhenderson at mediatemple.net  Sat Jun 23 06:16:49 2012
From: dhenderson at mediatemple.net (Doug Henderson)
Date: Fri, 22 Jun 2012 20:16:49 -0700
Subject: [Dovecot] dsync error: "Mailboxes don't have unique GUIDs"
In-Reply-To: <1340400276.12426.9.camel@maclinux>
References: <1340400276.12426.9.camel@maclinux>
Message-ID: <746A0B68-368B-40D3-ACAB-8A39BDFDA99D@mediatemple.net>

Hey, just a point of clarification.

In at least some of the cases (possibly all, I'll leave that up to Jeff to state) an initial dsync (as documented in Jeff's message) was completed successfully and the problem occurred when we ran a second (using exactly the same cmd) time to catch any changes since the original sync (since the initial sync took many hours).

Doug

On Jun 22, 2012, at 2:24 PM, Jeff Gustafson wrote:

> 	I'm getting an error backing up mailboxes. I'm using the mirror
> command:
> 
> dsync -fvo mail_home=/home/users/bob mirror ssh vmail at 10.1.4.1 dsync -o
> mail_home=/home/.incoming_mail_migrations/users/bob
> 
> dsync-remote(vmail): Error: Mailboxes don't have unique GUIDs:
> 1ef6ee37c694894d783100000581a675 is shared by INBOX and INBOX
> dsync-remote(vmail): Error: command BOX-LIST failed
> dsync-local(vmail): Error: Worker server's mailbox iteration failed
> 
> 	The mail user doesn't yet exist on the destination yet, thus the use of
> the mail_home parameter.
> 	I found a mailing list message where a person was having a similar
> problem but I couldn't find confirmation that the issue was resolved.
> 	In our case, the backup goes from maildir to mdbox format (we can't to
> convert to mdbox). Things seemed to be moving along, but there are quite
> a few examples of dsync failing. I think the issue happens more often
> with large mailboxes ( > 50GB ). 
> 	We're running version 2.0.13. 
> 	doveconf -n:
> 
> # 2.0.13: /etc/dovecot/dovecot.conf
> # OS: Linux 2.6.18-274.12.1.el5 x86_64 CentOS release 5.7 (Final) 
> auth_mechanisms = plain login
> default_client_limit = 15000
> default_process_limit = 10000
> disable_plaintext_auth = no
> listen = *
> mail_gid = vmail
> mail_location = maildir:~/Maildir
> mail_plugins = zlib
> mail_uid = vmail
> mmap_disable = yes
> namespace {
>  inbox = yes
>  location = 
>  prefix = INBOX.
>  separator = .
> }
> passdb {
>  args = /etc/dovecot/conf.d/dovecot-sql.conf.ext
>  driver = sql
> }
> plugin {
>  zlib_save = gz
> }
> protocols = imap pop3
> service auth {
>  client_limit = 10000
>  unix_listener auth-userdb {
>    mode = 0666
>  }
> }
> service imap-postlogin {
>  executable = script-login /usr/bin/postlogin-imap.sh
>  user = $default_internal_user
> }
> service imap {
>  drop_priv_before_exec = yes
>  executable = imap
>  process_limit = 10000
> }
> service pop3-postlogin {
>  executable = script-login /usr/bin/postlogin-pop.sh
>  user = $default_internal_user
> }
> }
> service pop3 {
>  drop_priv_before_exec = yes
>  executable = pop3
>  process_limit = 2500
> }
> ssl_cert = </etc/pki/dovecot/certs/dovecot.pem
> ssl_key = </etc/pki/dovecot/private/dovecot.pem
> userdb {
>  driver = prefetch
> }
> userdb {
>  args = /etc/dovecot/conf.d/dovecot-sql.conf.ext
>  driver = sql
> }
> protocol lmtp {
>  mail_plugins = zlib
> }
> protocol lda {
>  mail_plugins = zlib
> }
> protocol imap {
>  mail_max_userip_connections = 100
>  mail_plugins = zlib
> }
> protocol pop3 {
>  mail_max_userip_connections = 30
>  mail_plugins = zlib
> }
> 
> 
> ...Jeff
> 


From manu at netbsd.org  Sat Jun 23 08:04:30 2012
From: manu at netbsd.org (Emmanuel Dreyfus)
Date: Sat, 23 Jun 2012 07:04:30 +0200
Subject: [Dovecot] pop3-throttle
Message-ID: <1km4rjc.f50hxq1iocthjM%manu@netbsd.org>

Hello

I am having a hard time with users using POP while leaving mailboxes
of several gigabyte cumulated. This causes a lot of disk I/O and kills
performancs for everyone. I try to encourage people migrating to 
IMAP, but that migration will take some time, and therefore I am looking
for alterantive ways to workaround the problem.

I found pop3-throttle-plugin.c, which seems a smart way to solve the 
problem, unfortunately it comes with no documentation. I was able to 
build it and load it, bu itsays nothing in the logs. Is there any 
doc somewhere? Any advices on how to set it up?


-- 
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu at netbsd.org

From wojtek at wojtek.tensor.gdynia.pl  Sat Jun 23 11:20:23 2012
From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar)
Date: Sat, 23 Jun 2012 10:20:23 +0200 (CEST)
Subject: [Dovecot] Dovecot performance under high load (vs. Courier)
In-Reply-To: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com>
References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com>
Message-ID: <alpine.BSF.2.00.1206231017090.31390@wojtek.tensor.gdynia.pl>

>
> We are building a new system that will support a large number of users (high volume, high concurrent usage, etc).
what is large?

>? We have played with Dovecot, but in most serious applications we have traditionally used Courier IMAP.
>? It's my (lay) understanding that with indexing and perhaps other things 
>in Dovecot, it might perform better than Courier in larger environments 
>like this.? Am I correct or is it less clear-cut?

No idea how well courier IMAP performs. But have idea how well dovecot 
performs. I don't have large configs like thousands of users as i don't 
handle "herd of random users" style cases, but in every place i have 
dovecot IMAP takes unnoticable amount of server load.

Just make a test.

Definitely use maildir format, not mbox.

dovecot heavily accesses it's index files. they are not large relative to 
e-mail sizes. With really large case if I/O will limit you i would 
recommend using SSD storage to keep just indexes.

From wojtek at wojtek.tensor.gdynia.pl  Sat Jun 23 11:21:38 2012
From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar)
Date: Sat, 23 Jun 2012 10:21:38 +0200 (CEST)
Subject: [Dovecot] Dovecot performance under high load (vs. Courier)
In-Reply-To: <1340310164.5967.86.camel@hurina>
References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com>
	<5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi>
	<1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com>
	<1340310164.5967.86.camel@hurina>
Message-ID: <alpine.BSF.2.00.1206231020520.31390@wojtek.tensor.gdynia.pl>

>
> Nearly all of them are non-caching. (I don't know of any caching ones.)

which is definite adventage in spite of it's numerous security holes.


From wojtek at wojtek.tensor.gdynia.pl  Sat Jun 23 11:22:37 2012
From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar)
Date: Sat, 23 Jun 2012 10:22:37 +0200 (CEST)
Subject: [Dovecot] Dovecot performance under high load (vs. Courier)
In-Reply-To: <4FE38623.5050303@necoro.eu>
References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com>
	<5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi>
	<1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com>
	<1340310164.5967.86.camel@hurina> <4FE38623.5050303@necoro.eu>
Message-ID: <alpine.BSF.2.00.1206231022040.31390@wojtek.tensor.gdynia.pl>

>> Nearly all of them are non-caching. (I don't know of any caching ones.)
>
> At least roundcube (v0.7.1 here) has some caching options:
>
> ------------------[excerpt from roundcubes main.inc.php]-------------
> // Type of IMAP indexes cache. Supported values: 'db', 'apc' and 'memcache'.
> $rcmail_config['imap_cache'] = null;
>
> // Enables messages cache. Only 'db' cache is supported.
> $rcmail_config['messages_cache'] = false;
> -------------------------[end]----------------------------------------
>
> But I don't know, whether this is the sort of caching you are referring to.

what's a point of caching imap, except your webmail service is not locally 
connected (localhost or LAN) to imap server?

From wojtek at wojtek.tensor.gdynia.pl  Sat Jun 23 11:30:18 2012
From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar)
Date: Sat, 23 Jun 2012 10:30:18 +0200 (CEST)
Subject: [Dovecot] Import from Evolution
In-Reply-To: <1340415602.12632.2.camel@amito>
References: <1339873707.2732.11.camel@amito>
	<20120616201636.GB6858@state-of-mind.de>
	<alpine.BSF.2.00.1206171403020.13130@wojtek.tensor.gdynia.pl>
	<1340415602.12632.2.camel@amito>
Message-ID: <alpine.BSF.2.00.1206231023570.31390@wojtek.tensor.gdynia.pl>

>> kmail v.3 is barely usable, v4 is good.
>
> It looks like you don't like any of the email programs we've discussed.
> Which email programs do you like?

it depends whether you ask what I personally use or what i recommend to my 
clients.

I personally use alpine exclusively. I don't like GUI interfaces. And i 
use alpine directly handling maildir so it's not about IMAP. But if you 
need mail client over IMAP - alpine can do this, but cannot cache.

mutt can cache if you like that program. i don't - in spite of much better 
functionality. alpine have lowest keypress to amount of word done ratio of 
any mail program i know.

For my clients it depends

- windoze: exclusively thunderbird. It's FAR FAR from perfect but still 
best you can get under windoze.

- X11 terminal based config: well... it's funny but too thunderbird. All 
QT based programs are useless with X11 over network. Thunderbird works 
fine. I disable "folder synchronization" as well as indexing in it, so 
it's acceptably fast. The need to connecting over localhost from account 
X to account X to dovecot-imap is quite stupid but not a problem.

For now it is thunderbird 10.0.5esr - both windows and FreeBSD

From wojtek at wojtek.tensor.gdynia.pl  Sat Jun 23 11:32:39 2012
From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar)
Date: Sat, 23 Jun 2012 10:32:39 +0200 (CEST)
Subject: [Dovecot] Import from Evolution
In-Reply-To: <1340415602.12632.2.camel@amito>
References: <1339873707.2732.11.camel@amito>
	<20120616201636.GB6858@state-of-mind.de>
	<alpine.BSF.2.00.1206171403020.13130@wojtek.tensor.gdynia.pl>
	<1340415602.12632.2.camel@amito>
Message-ID: <alpine.BSF.2.00.1206231031530.31468@wojtek.tensor.gdynia.pl>

For Jonathan Ryshpan:

for no obvious reason my IP is blocked at AT&T mail server you use.


From michael at think-for-yourself.org  Sat Jun 23 12:20:18 2012
From: michael at think-for-yourself.org (Michael Wessel)
Date: Sat, 23 Jun 2012 02:20:18 -0700
Subject: [Dovecot] Hardware infrastructure for email system
Message-ID: <4FE58A52.8050708@think-for-yourself.org>

Hi,

I'm currently (re-)planning my email setup and have been doing some 
research. I have done some searches and read several threads in the 
areas of my questions here. While there are some that come close I 
haven't yet been able to get all my questions answered.

I currently run a postfix, dovecot & roundcube setup and have about 2000 
active accounts. I have a separate SMTP server for outbound mail and 
auth is done against a separate LDAP server. In front of the POP/IMAP 
server I have another SMTP (4 in parallel actually) server that receives 
and filters inbound mail through a company specific, proprietary filter 
before the mail hits the POP/IMAP server. LDAP & SMTP servers are ESXi VMs.

So right now both dovecot and roundcube run on the same box which is a 
Dell PE2950 with dual quad-core Xeon, 16GB RAM and 6 1TB disks in RAID 
6, so only local storage using maildir.  So far it's been holding up 
fine, but it's beginning to show signs of overload now. I also expect an 
increase in users over the next few months up to somewhere between 10 - 
20,000 mail boxes. Hence the re-planning.

My first priority in redesigning my setup is reliability. I definitely 
need something fail-save and as close to always on as possible. Next is 
performance. And while the budget is of course limited for the moment 
I'm setting that aside and will worry about that when the time comes.

Now here is my question(s):

In order to support up to 20,000 mailboxes (distributed over several 
times-zones so they won't all be used at the same time) with a very 
reliable service with good performance, what do I actually need?

Do I need(ul) SAN or is it just a "would be nice to have"? If yes, why 
and what would be appropriate for my needs? Or will a setup with a few 
more servers like the ones I already have, using something like DRBD and 
distributing services (imap, http, spamd etc) onto different boxes do?

I know I have more reading to do on all the different options out there, 
but would like some input from people that have experience in this area 
so I can focus on the stuff that's right for my situation.

Michael

From jonrysh at pacbell.net  Sat Jun 23 12:23:35 2012
From: jonrysh at pacbell.net (Jonathan Ryshpan)
Date: Sat, 23 Jun 2012 02:23:35 -0700
Subject: [Dovecot] Import from Evolution
In-Reply-To: <alpine.BSF.2.00.1206231023570.31390@wojtek.tensor.gdynia.pl>
References: <1339873707.2732.11.camel@amito>
	<20120616201636.GB6858@state-of-mind.de>
	<alpine.BSF.2.00.1206171403020.13130@wojtek.tensor.gdynia.pl>
	<1340415602.12632.2.camel@amito>
	<alpine.BSF.2.00.1206231023570.31390@wojtek.tensor.gdynia.pl>
Message-ID: <1340443415.20888.8.camel@amito>

On Sat, 2012-06-23 at 10:30 +0200, Wojciech Puchar wrote:
> >> kmail v.3 is barely usable, v4 is good.
> >
> > It looks like you don't like any of the email programs we've discussed.
> > Which email programs do you like?
> 
> it depends whether you ask what I personally use or what i recommend to my 
> clients.
> 
> I personally use alpine exclusively. I don't like GUI interfaces. And i 
> use alpine directly handling maildir so it's not about IMAP. But if you 
> need mail client over IMAP - alpine can do this, but cannot cache.
> 
> mutt can cache if you like that program. i don't - in spite of much better 
> functionality. alpine have lowest keypress to amount of word done ratio of 
> any mail program i know.
> 
> For my clients it depends
> 
> - windoze: exclusively thunderbird. It's FAR FAR from perfect but still 
> best you can get under windoze.
> 
> - X11 terminal based config: well... it's funny but too thunderbird. All 
> QT based programs are useless with X11 over network. Thunderbird works 
> fine. I disable "folder synchronization" as well as indexing in it, so 
> it's acceptably fast. The need to connecting over localhost from account 
> X to account X to dovecot-imap is quite stupid but not a problem.
> 
> For now it is thunderbird 10.0.5esr - both windows and FreeBSD

I want to be able to read and write HTML, since my correspondents use
and expect it, so alpine is out.  I had been happy with evolution, but
it is now badly broken under KDE, and I am in process of changing to
Thunderbird, as you see.

Thanks for the advice - jon



From wojtek at wojtek.tensor.gdynia.pl  Sat Jun 23 13:01:30 2012
From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar)
Date: Sat, 23 Jun 2012 12:01:30 +0200 (CEST)
Subject: [Dovecot] Import from Evolution
In-Reply-To: <1340442919.20888.4.camel@amito>
References: <1339873707.2732.11.camel@amito>
	<20120616201636.GB6858@state-of-mind.de>
	<alpine.BSF.2.00.1206171403020.13130@wojtek.tensor.gdynia.pl>
	<1340415602.12632.2.camel@amito>
	<alpine.BSF.2.00.1206231031530.31468@wojtek.tensor.gdynia.pl>
	<1340442919.20888.4.camel@amito>
Message-ID: <alpine.BSF.2.00.1206231159550.33029@wojtek.tensor.gdynia.pl>

sorry for replying through that links but - as you may see - replying to 
Jonathan will not work.

If AT&T have such strange policy then i am just sorry. It sings the 
beginning of end of open internet if more companies will start to do this, 
and result in few huge corporations handling everything.

Not happy world to live.

On Sat, 23 Jun 2012, Jonathan Ryshpan wrote:

> On Sat, 2012-06-23 at 10:32 +0200, Wojciech Puchar wrote:
>> For Jonathan Ryshpan:
>>
>> for no obvious reason my IP is blocked at AT&T mail server you use.
>
> I'm not sure what's going on, but I suspect the problem is this: Many US
> mail servers refuse to accept mail from any servers that they have not
> approved; if mail is coming direct from you to ATT, rather than via some
> large ISP, it will likely be refused.  This is supposed to reduce the
> amount of spam (fat chance).
>
> Thanks for your reply - jon
>
>
>

From lists at wildgooses.com  Sat Jun 23 13:21:02 2012
From: lists at wildgooses.com (Ed W)
Date: Sat, 23 Jun 2012 11:21:02 +0100
Subject: [Dovecot] Dovecot performance under high load (vs. Courier)
In-Reply-To: <alpine.BSF.2.00.1206231022040.31390@wojtek.tensor.gdynia.pl>
References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com>
	<5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi>
	<1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com>
	<1340310164.5967.86.camel@hurina> <4FE38623.5050303@necoro.eu>
	<alpine.BSF.2.00.1206231022040.31390@wojtek.tensor.gdynia.pl>
Message-ID: <4FE5988E.3010101@wildgooses.com>

On 23/06/2012 09:22, Wojciech Puchar wrote:
>>> Nearly all of them are non-caching. (I don't know of any caching ones.)
>>
>> At least roundcube (v0.7.1 here) has some caching options:
>>
>> ------------------[excerpt from roundcubes main.inc.php]-------------
>> // Type of IMAP indexes cache. Supported values: 'db', 'apc' and 
>> 'memcache'.
>> $rcmail_config['imap_cache'] = null;
>>
>> // Enables messages cache. Only 'db' cache is supported.
>> $rcmail_config['messages_cache'] = false;
>> -------------------------[end]----------------------------------------
>>
>> But I don't know, whether this is the sort of caching you are 
>> referring to.
>
> what's a point of caching imap, except your webmail service is not 
> locally connected (localhost or LAN) to imap server?

Asking for items 600-615 from a threaded list, sorted by something, can 
be an expensive operation, especially if you just asked for items 
585-600 a moment ago?

Ed

From wojtek at wojtek.tensor.gdynia.pl  Sat Jun 23 13:24:20 2012
From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar)
Date: Sat, 23 Jun 2012 12:24:20 +0200 (CEST)
Subject: [Dovecot] Dovecot performance under high load (vs. Courier)
In-Reply-To: <4FE5988E.3010101@wildgooses.com>
References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com>
	<5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi>
	<1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com>
	<1340310164.5967.86.camel@hurina> <4FE38623.5050303@necoro.eu>
	<alpine.BSF.2.00.1206231022040.31390@wojtek.tensor.gdynia.pl>
	<4FE5988E.3010101@wildgooses.com>
Message-ID: <alpine.BSF.2.00.1206231224050.37676@wojtek.tensor.gdynia.pl>

>>> But I don't know, whether this is the sort of caching you are referring 
>>> to.
>> 
>> what's a point of caching imap, except your webmail service is not locally 
>> connected (localhost or LAN) to imap server?
>
> Asking for items 600-615 from a threaded list, sorted by something, can be an 
> expensive operation, especially if you just asked for items 585-600 a moment 
> ago?
>
fine. how about overhead of cache itself?

From p at state-of-mind.de  Sat Jun 23 13:25:56 2012
From: p at state-of-mind.de (Patrick Ben Koetter)
Date: Sat, 23 Jun 2012 12:25:56 +0200
Subject: [Dovecot] Hardware infrastructure for email system
In-Reply-To: <4FE58A52.8050708@think-for-yourself.org>
References: <4FE58A52.8050708@think-for-yourself.org>
Message-ID: <20120623102555.GA5497@state-of-mind.de>

Michael,

* Michael Wessel <michael at think-for-yourself.org>:
> I'm currently (re-)planning my email setup and have been doing some
> research. I have done some searches and read several threads in the
> areas of my questions here. While there are some that come close I
> haven't yet been able to get all my questions answered.
> 
> I currently run a postfix, dovecot & roundcube setup and have about
> 2000 active accounts. I have a separate SMTP server for outbound
> mail and auth is done against a separate LDAP server. In front of
> the POP/IMAP server I have another SMTP (4 in parallel actually)
> server that receives and filters inbound mail through a company
> specific, proprietary filter before the mail hits the POP/IMAP
> server. LDAP & SMTP servers are ESXi VMs.

Do people use 'real' mail clients to connect and IDLE too?


> So right now both dovecot and roundcube run on the same box which is
> a Dell PE2950 with dual quad-core Xeon, 16GB RAM and 6 1TB disks in
> RAID 6, so only local storage using maildir.  So far it's been
> holding up fine, but it's beginning to show signs of overload now. I
> also expect an increase in users over the next few months up to
> somewhere between 10 - 20,000 mail boxes. Hence the re-planning.
> 
> My first priority in redesigning my setup is reliability. I
> definitely need something fail-save and as close to always on as
> possible. Next is performance. And while the budget is of course
> limited for the moment I'm setting that aside and will worry about
> that when the time comes.
> 
> Now here is my question(s):
> 
> In order to support up to 20,000 mailboxes (distributed over several
> times-zones so they won't all be used at the same time) with a very
> reliable service with good performance, what do I actually need?
> 
> Do I need(ul) SAN or is it just a "would be nice to have"? If yes,
> why and what would be appropriate for my needs? Or will a setup with
> a few more servers like the ones I already have, using something
> like DRBD and distributing services (imap, http, spamd etc) onto
> different boxes do?

Will the server enforce quota? 

What will be the average mailbox size?

Do people share content e.g. mailings with attachments that go out to all
recipients? 

What might be the maximum number of clients using the server at one time?

Will all users use the same client product e.g. roundcube?

What's your backup strategy? What do you use to backup mailboxes?

p at rick

-- 
state of mind ()

http://www.state-of-mind.de

Franziskanerstra?e 15      Telefon +49 89 3090 4664
81669 M?nchen              Telefax +49 89 3090 4666

Amtsgericht M?nchen        Partnerschaftsregister PR 563


From CMarcus at Media-Brokers.com  Sat Jun 23 13:29:26 2012
From: CMarcus at Media-Brokers.com (Charles Marcus)
Date: Sat, 23 Jun 2012 06:29:26 -0400
Subject: [Dovecot] dsync error: "Mailboxes don't have unique GUIDs"
In-Reply-To: <1340400276.12426.9.camel@maclinux>
References: <1340400276.12426.9.camel@maclinux>
Message-ID: <4FE59A86.7020208@Media-Brokers.com>

On 2012-06-22 5:24 PM, Jeff Gustafson <ncjeffgus at zimage.com> wrote:
> I'm getting an error backing up mailboxes. I'm using the mirror
> command:
>
> dsync -fvo mail_home=/home/users/bob mirror ssh vmail at 10.1.4.1 dsync -o
> mail_home=/home/.incoming_mail_migrations/users/bob

<snip>

> # 2.0.13: /etc/dovecot/dovecot.conf

As you are aware (since you participated in the thread discussion about 
this months ago), Timo is working on a total rewrite of dsync, and if 
memory serves, it is mainly for 2.1+, and it is not recommend to use it 
in earlier versions if you need reliability (ie, 2.0.x, as you are using)...

So, by all means, update and help timo make it better!

Timo? Care to elaborate on where you are with this, and how much of the 
rewrite is being applied to 2.1 (all of it?), or backported to earlier 
versions?

-- 

Best regards,

Charles

From CMarcus at Media-Brokers.com  Sat Jun 23 13:34:06 2012
From: CMarcus at Media-Brokers.com (Charles Marcus)
Date: Sat, 23 Jun 2012 06:34:06 -0400
Subject: [Dovecot] permissions on auth-userdb
In-Reply-To: <loom.20120622T173004-117@post.gmane.org>
References: <AANLkTine5mmUAL5HVkR3a1WRiB9Kt9zBcxUng2w+ALaE@mail.gmail.com>
	<loom.20120622T173004-117@post.gmane.org>
Message-ID: <4FE59B9E.1050009@Media-Brokers.com>

It would be nice if there were a wiki page specifically describing how 
permissions should be set for all of the services/directories that 
dovecot uses.

Even better would be a dovecot/doveconf command that would test the 
permissions and, if possible, even fix them (like the postfix 
'set-permissions' command)...

On 2012-06-22 11:46 AM, robert coore <robertcoore at yahoo.com> wrote:
>   <spamvoll<at>  googlemail.com>  writes:
>
>>
>> Hi..
>>
>> im still trying to upgrade to 2.0.
>> Im getting:
>> dovecot: lda: Error: userdb lookup:
>> connect(/var/run/dovecot/auth-userdb) failed: Permission denied
>> (euid=10000(vmail) egid=10000(vmail) missing +r perm:
>> /var/run/dovecot/auth-userdb, euid is not dir owner)
>>
>> the error is correct caus its owned by root. My Questions is who should own
> it ?
>> Im not sure how that works, what process/user calls the auth-userdb ?
>> The auth-userdb returns the args generated in master.conf, right ?
>>
>> i think comment out the user and group setting in master.conf will fix
>> it but im not sure if that is the securest way.
>>
>> the mails come from postfix via dovecot-lda
>>
>> Hans
>>
>> master.conf
>> service auth {
>>    # auth_socket_path points to this userdb socket by default. It's typically
>>    # used by dovecot-lda, doveadm, possibly imap process, etc. Its default
>>    # permissions make it readable only by root, but you may need to relax
> these
>>    # permissions. Users that have access to this socket are able to get a list
>>    # of all usernames and get results of everyone's userdb lookups.
>>    unix_listener auth-userdb {
>>      mode = 0600
>>      #user = vmail
>>      #group = vmail
>>    }
>>
>> auth-ldap.conf.ext
>> passdb {
>>    driver = ldap
>>    args = /etc/dovecot/dovecot-ldap.conf.ext
>> }
>> userdb {
>>    driver = static
>>    args = uid=vmail gid=vmail home=/home/MAILBOXES/%u/
>> mail=/home/MAILBOXES/%u/mail
>> }
>>
>>
>
>
> Hi all was getting the same errors took me 2 days to understand what it was
> saying to me but i finally solved it
>
>
>
> if you do an ls -l /var/run/dovecot/auth-userdb you will seet that root is the
> owner and the premissions are srw-------- so vmail has not right to call or
> even use the process
> What i did was a chown -R vmail:vmail /var/run/dovecot/auth-userdb
> I also did a chmod g+r /var/run/dovecot/auth-userdb
> ls -l /var/run/dovecot/auth-userdb
> srw----r-- 1 vmail vmail
> my unix_listener auth-userdb {
>      mode = 600
>     {
>
> protocol lda {
>    auth_socket_path = /var/run/dovecot/auth-userdb
>    log_path = /home/vmail/dovecot-deliver.log
>
> that worked for me
> 1. havent restarted the dovecot service dont know if it will keep the settings.
>
>
>
>
>
>


-- 

Best regards,

Charles Marcus
I.T. Director
Media Brokers International, Inc.
678.514.6200 x224 | 678.514.6299 fax

From robert at schetterer.org  Sat Jun 23 13:52:26 2012
From: robert at schetterer.org (Robert Schetterer)
Date: Sat, 23 Jun 2012 12:52:26 +0200
Subject: [Dovecot] Hardware infrastructure for email system
In-Reply-To: <4FE58A52.8050708@think-for-yourself.org>
References: <4FE58A52.8050708@think-for-yourself.org>
Message-ID: <4FE59FEA.80002@schetterer.org>

Am 23.06.2012 11:20, schrieb Michael Wessel:
> So right now both dovecot and roundcube run on the same box which is a
> Dell PE2950 with dual quad-core Xeon, 16GB RAM and 6 1TB disks in RAID
> 6, so only local storage using maildir.  So far it's been holding up
> fine, but it's beginning to show signs of overload now. I also expect an
> increase in users over the next few months up to somewhere between 10 -
> 20,000 mail boxes. Hence the re-planning.

you should ask for  paid support
at Timo , or some other dovcot geeks near you
-- 
Best Regards
MfG Robert Schetterer



From CMarcus at Media-Brokers.com  Sat Jun 23 13:53:26 2012
From: CMarcus at Media-Brokers.com (Charles Marcus)
Date: Sat, 23 Jun 2012 06:53:26 -0400
Subject: [Dovecot] Import from Evolution
In-Reply-To: <1340416975.12632.19.camel@amito>
References: <1339873707.2732.11.camel@amito>
	<20120616201636.GB6858@state-of-mind.de>
	<1340416975.12632.19.camel@amito>
Message-ID: <4FE5A026.20203@Media-Brokers.com>

On 2012-06-22 10:02 PM, Jonathan Ryshpan <jonrysh at pacbell.net> wrote:
> and /var/log/maillog shows the corresponding error:
>
> Jun 22 18:23:10 amito dovecot: imap(jonrysh): Error:
> chown(/home/jonrysh/Dovecot/.imap/INBOX, group=12(mail)) failed:
> Operation not permitted (egid=1000(jonrysh), group based on
> /var/spool/mail/jonrysh - seehttp://wiki2.dovecot.org/Errors/ChgrpNoPerm)
>
> As a complete Dovecot/IMAP newbie, I am completely confused. Any
> advice will be much appreciated.

Obviously a permissions problem...

This may help: http://wiki2.dovecot.org/SharedMailboxes/Permissions

But again, a dovecot tool to check and/or fix these itself would be nice...

-- 

Best regards,

Charles

From wojtek at wojtek.tensor.gdynia.pl  Sat Jun 23 14:09:18 2012
From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar)
Date: Sat, 23 Jun 2012 13:09:18 +0200 (CEST)
Subject: [Dovecot] Hardware infrastructure for email system
In-Reply-To: <4FE58A52.8050708@think-for-yourself.org>
References: <4FE58A52.8050708@think-for-yourself.org>
Message-ID: <alpine.BSF.2.00.1206231306480.37886@wojtek.tensor.gdynia.pl>

>
> I'm currently (re-)planning my email setup and have been doing some research. 
> I have done some searches and read several threads in the areas of my 
> questions here. While there are some that come close I haven't yet been able 
> to get all my questions answered.
>
> I currently run a postfix, dovecot & roundcube setup and have about 2000 
> active accounts. I have a separate SMTP server for outbound mail and auth is 
> done against a separate LDAP server. In front of the POP/IMAP server I have 
> another SMTP (4 in parallel actually) server that receives and filters 
> inbound mail through a company specific, proprietary filter before the mail 
> hits the POP/IMAP server. LDAP & SMTP servers are ESXi VMs.


it is already enormous overshoot in hardware specs. And i do not really 
catch why you have "4 in parallel" servers.

And finally i cannot understand this dividing of servers just to merging 
it back using VMWare.

Finally i would recommend to get rid of RAID6. It's terribly slow on 
writes and writes are common on mail server.

Buy cheapest but largest SATA drive and use RAID1 (or RAID1+0) setup.

From h.reindl at thelounge.net  Sat Jun 23 14:17:44 2012
From: h.reindl at thelounge.net (Reindl Harald)
Date: Sat, 23 Jun 2012 13:17:44 +0200
Subject: [Dovecot] Hardware infrastructure for email system
In-Reply-To: <alpine.BSF.2.00.1206231306480.37886@wojtek.tensor.gdynia.pl>
References: <4FE58A52.8050708@think-for-yourself.org>
	<alpine.BSF.2.00.1206231306480.37886@wojtek.tensor.gdynia.pl>
Message-ID: <4FE5A5D8.2050908@thelounge.net>



Am 23.06.2012 13:09, schrieb Wojciech Puchar:
>>
>> I'm currently (re-)planning my email setup and have been doing some research. I have done some searches and read
>> several threads in the areas of my questions here. While there are some that come close I haven't yet been able
>> to get all my questions answered.
>>
>> I currently run a postfix, dovecot & roundcube setup and have about 2000 active accounts. I have a separate SMTP
>> server for outbound mail and auth is done against a separate LDAP server. In front of the POP/IMAP server I have
>> another SMTP (4 in parallel actually) server that receives and filters inbound mail through a company specific,
>> proprietary filter before the mail hits the POP/IMAP server. LDAP & SMTP servers are ESXi VMs.
> 
> it is already enormous overshoot in hardware specs. And i do not really catch why you have "4 in parallel" servers.
> And finally i cannot understand this dividing of servers just to merging it back using VMWare.

because it is a big difference if you have anything in a single
machine or splittet in virtual machines - you can move them at
runtime to different hosts and if you run out of ressources
for one of them you can buy a phyisclal machine, add it to the
cluster and move the virtual machine without any downtime

if you have all on one machine or VM you are not scaleable

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 262 bytes
Desc: OpenPGP digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20120623/9e792fa9/attachment.bin>

From tss at iki.fi  Sat Jun 23 14:23:02 2012
From: tss at iki.fi (Timo Sirainen)
Date: Sat, 23 Jun 2012 14:23:02 +0300
Subject: [Dovecot] Dovecot performance under high load (vs. Courier)
In-Reply-To: <4FE5988E.3010101@wildgooses.com>
References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com>
	<5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi>
	<1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com>
	<1340310164.5967.86.camel@hurina> <4FE38623.5050303@necoro.eu>
	<alpine.BSF.2.00.1206231022040.31390@wojtek.tensor.gdynia.pl>
	<4FE5988E.3010101@wildgooses.com>
Message-ID: <51EF9BC7-BE99-4DE9-800A-E8FDF7779A4B@iki.fi>

On 23.6.2012, at 13.21, Ed W wrote:

>>> But I don't know, whether this is the sort of caching you are referring to.
>> 
>> what's a point of caching imap, except your webmail service is not locally connected (localhost or LAN) to imap server?
> 
> Asking for items 600-615 from a threaded list, sorted by something, can be an expensive operation, especially if you just asked for items 585-600 a moment ago?

Can be, but is it? :) Dovecot attempts to cache/index stuff as well. Normally there shouldn't be a need for extra caching layer except in cases of higher network latency.


From h.reindl at thelounge.net  Sat Jun 23 14:23:57 2012
From: h.reindl at thelounge.net (Reindl Harald)
Date: Sat, 23 Jun 2012 13:23:57 +0200
Subject: [Dovecot] Hardware infrastructure for email system
In-Reply-To: <alpine.BSF.2.00.1206231306480.37886@wojtek.tensor.gdynia.pl>
References: <4FE58A52.8050708@think-for-yourself.org>
	<alpine.BSF.2.00.1206231306480.37886@wojtek.tensor.gdynia.pl>
Message-ID: <4FE5A74D.2010201@thelounge.net>



Am 23.06.2012 13:09, schrieb Wojciech Puchar:
> Finally i would recommend to get rid of RAID6. It's terribly slow on writes and 
> writes are common on mail server.

depends, it is slower than RAID5, but safer

> Buy cheapest but largest SATA drive and use RAID1 (or RAID1+0) setup.

oh no please do not recommend SATA crap with RAID1 and think
it is faster than RAID6 - the additional writes doe snot matter
if the whole disk-system is much faster and RAID1 has no benefit
in performance

nobody will use SATA disks for high peformance servers in
production - really nobody these days!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 262 bytes
Desc: OpenPGP digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20120623/f249def6/attachment.bin>

From wojtek at wojtek.tensor.gdynia.pl  Sat Jun 23 15:20:12 2012
From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar)
Date: Sat, 23 Jun 2012 14:20:12 +0200 (CEST)
Subject: [Dovecot] Hardware infrastructure for email system
In-Reply-To: <4FE5A5D8.2050908@thelounge.net>
References: <4FE58A52.8050708@think-for-yourself.org>
	<alpine.BSF.2.00.1206231306480.37886@wojtek.tensor.gdynia.pl>
	<4FE5A5D8.2050908@thelounge.net>
Message-ID: <alpine.BSF.2.00.1206231419280.38125@wojtek.tensor.gdynia.pl>

>>
>> it is already enormous overshoot in hardware specs. And i do not really catch why you have "4 in parallel" servers.
>> And finally i cannot understand this dividing of servers just to merging it back using VMWare.
>
> because it is a big difference if you have anything in a single
> machine or splittet in virtual machines - you can move them at
> runtime to different hosts and if you run out of ressources

ok - for me it is just likes. You have higher change to have the need to 
move at the first place doing this :)

From wojtek at wojtek.tensor.gdynia.pl  Sat Jun 23 15:21:41 2012
From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar)
Date: Sat, 23 Jun 2012 14:21:41 +0200 (CEST)
Subject: [Dovecot] Hardware infrastructure for email system
In-Reply-To: <4FE5A74D.2010201@thelounge.net>
References: <4FE58A52.8050708@think-for-yourself.org>
	<alpine.BSF.2.00.1206231306480.37886@wojtek.tensor.gdynia.pl>
	<4FE5A74D.2010201@thelounge.net>
Message-ID: <alpine.BSF.2.00.1206231420240.38125@wojtek.tensor.gdynia.pl>

>> Buy cheapest but largest SATA drive and use RAID1 (or RAID1+0) setup.
>
> oh no please do not recommend SATA crap with RAID1 and think
> it is faster than RAID6 - the additional writes doe snot matter
> if the whole disk-system is much faster and RAID1 has no benefit
> in performance

OK i would not recommend anything anymore. Normally my advices are for 
money.

>
> nobody will use SATA disks for high peformance servers in
> production - really nobody these days!
>
at least one person. and getting a bit of money helping other increasing 
performance of their setup. guess who.

From wojtek at wojtek.tensor.gdynia.pl  Sat Jun 23 16:04:47 2012
From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar)
Date: Sat, 23 Jun 2012 15:04:47 +0200 (CEST)
Subject: [Dovecot] Dovecot performance under high load (vs. Courier)
In-Reply-To: <51EF9BC7-BE99-4DE9-800A-E8FDF7779A4B@iki.fi>
References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com>
	<5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi>
	<1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com>
	<1340310164.5967.86.camel@hurina> <4FE38623.5050303@necoro.eu>
	<alpine.BSF.2.00.1206231022040.31390@wojtek.tensor.gdynia.pl>
	<4FE5988E.3010101@wildgooses.com>
	<51EF9BC7-BE99-4DE9-800A-E8FDF7779A4B@iki.fi>
Message-ID: <alpine.BSF.2.00.1206231503550.38226@wojtek.tensor.gdynia.pl>

>>
>> Asking for items 600-615 from a threaded list, sorted by something, can be an expensive operation, especially if you just asked for items 585-600 a moment ago?
>
> Can be, but is it? :) Dovecot attempts to cache/index stuff as well. Normally there shouldn't be a need for extra caching layer except in cases of higher network latency.

that is my point. and - esp. with webmail, i see no point to run such 
service in different place than dovecot server runs. Best - same server. 
Maybe - other server connected with fast LAN.

From joe at tao.org.uk  Sat Jun 23 18:18:40 2012
From: joe at tao.org.uk (Dr Josef Karthauser)
Date: Sat, 23 Jun 2012 16:18:40 +0100
Subject: [Dovecot] Problems getting auto create plugin to work
Message-ID: <A6DB8B89-5F8C-4B9D-8ECA-B2EBAE3D319E@tao.org.uk>

Hi there,

I've configured the 'autocreate' plugin (in v.2.1.6), but it doesn't appear to be working. Can someone help me work out how to work out why please?

I've got this in my 20-imap.conf file:

protocol imap {
   mail_plugins = $mail_plugins antispam autocreate
}

and this in my 90-plugins.conf file:

plugin {
  autocreate = Trash
  autocreate2 = Spam
  autosubscribe = Trash
  autosubscribe2 = Spam

   ... etc
}

But, the spam does not get created upon login. I've restart dovecot and restarted my mail client, but there's no hint of an spam folder.

Is there something else that I also need to do?

Thanks,
Joe

From user+dovecot at localhost.localdomain.org  Sat Jun 23 19:08:37 2012
From: user+dovecot at localhost.localdomain.org (Pascal Volk)
Date: Sat, 23 Jun 2012 18:08:37 +0200
Subject: [Dovecot] Problems getting auto create plugin to work
In-Reply-To: <A6DB8B89-5F8C-4B9D-8ECA-B2EBAE3D319E@tao.org.uk>
References: <A6DB8B89-5F8C-4B9D-8ECA-B2EBAE3D319E@tao.org.uk>
Message-ID: <4FE5EA05.2090804@localhost.localdomain.org>

On 06/23/2012 05:18 PM Dr Josef Karthauser wrote:
> Hi there,
> 
> I've configured the 'autocreate' plugin (in v.2.1.6), but it doesn't appear to be working. Can someone help me work out how to work out why please?
> 
> I've got this in my 20-imap.conf file:
> 
> protocol imap {
>    mail_plugins = $mail_plugins antispam autocreate
> }
> 
> and this in my 90-plugins.conf file:
> 
> plugin {
>   autocreate = Trash
>   autocreate2 = Spam
>   autosubscribe = Trash
>   autosubscribe2 = Spam
> 
>    ... etc
> }

Don't show us configuration file snippets, always paste `doveconf -n`
output.

> But, the spam does not get created upon login. I've restart dovecot and restarted my mail client, but there's no hint of an spam folder.
> 
> Is there something else that I also need to do?

,--[ http://dovecot.org/doc/NEWS-2.1 ]--
| ?
|	+ Added mailbox {} sections, which deprecate autocreate plugin
| ?
`--

Have a look at the mailbox definitions configuration file:
http://hg.dovecot.org/dovecot-2.1/file/tip/doc/example-config/conf.d/15-mailboxes.conf


Regards,
Pascal
-- 
The trapper recommends today: deadbeef.1217518 at localdomain.org

From acrow at integrafin.co.uk  Sat Jun 23 20:00:52 2012
From: acrow at integrafin.co.uk (Alex Crow)
Date: Sat, 23 Jun 2012 18:00:52 +0100
Subject: [Dovecot] Dovecot list IMAP archives with thunderbird?
In-Reply-To: <4FE1FCDB.6080503@integrafin.co.uk>
References: <4FE1FCDB.6080503@integrafin.co.uk>
Message-ID: <4FE5F644.8000606@integrafin.co.uk>

On 20/06/12 17:39, Alex Crow wrote:
> Hi,
>
> I'm trying to access the IMAP archives with Thunderbird but can't seem 
> to get it to work. I have tried an unencrypted connection, SSL and TLS 
> but with no success. Any ideas?
>
> Thanks
>
> Alex
>
Hi,

Still stuck here - would really like to be able to access the archives 
in my email client...

Anyone able to see the mailing list archives in Thunderbird or other 
IMAP clients? Are they currently down?

Cheers

Alex

-- 
This message is intended only for the addressee and may contain
confidential information.  Unless you are that person, you may not
disclose its contents or use it in any way and are requested to delete
the message along with any attachments and notify us immediately.

"Transact" is operated by Integrated Financial Arrangements plc
Domain House, 5-7 Singer Street, London  EC2A 4BQ
Tel: (020) 7608 4900 Fax: (020) 7608 5300
(Registered office: as above; Registered in England and Wales under number: 3727592)
Authorised and regulated by the Financial Services Authority (entered on the FSA Register; number: 190856)


From patrickdk at patrickdk.com  Sat Jun 23 20:04:40 2012
From: patrickdk at patrickdk.com (Patrick Domack)
Date: Sat, 23 Jun 2012 13:04:40 -0400
Subject: [Dovecot] Hardware infrastructure for email system
In-Reply-To: <4FE5A5D8.2050908@thelounge.net>
References: <4FE58A52.8050708@think-for-yourself.org>
	<alpine.BSF.2.00.1206231306480.37886@wojtek.tensor.gdynia.pl>
	<4FE5A5D8.2050908@thelounge.net>
Message-ID: <20120623130440.Horde.n_x2XJLnE6FP5fcoWOKAhaA@mail.patrickdk.com>

Quoting Reindl Harald <h.reindl at thelounge.net>:

> Am 23.06.2012 13:09, schrieb Wojciech Puchar:
>> it is already enormous overshoot in hardware specs. And i do not  
>> really catch why you have "4 in parallel" servers.
>> And finally i cannot understand this dividing of servers just to  
>> merging it back using VMWare.
>
> because it is a big difference if you have anything in a single
> machine or splittet in virtual machines - you can move them at
> runtime to different hosts and if you run out of ressources
> for one of them you can buy a phyisclal machine, add it to the
> cluster and move the virtual machine without any downtime
>
> if you have all on one machine or VM you are not scaleable

Personally I found going from real hardware E51xx servers to E56xx  
servers to give double the performance per same speed and amount of  
cores for my mail server. Then moving it onto vmware slowed it down  
approx 15%.

Overall still a let win, and using vmware for extra HA and easier  
maintenance is deferentially worth the slowdown.



From tss at iki.fi  Sat Jun 23 20:06:28 2012
From: tss at iki.fi (Timo Sirainen)
Date: Sat, 23 Jun 2012 20:06:28 +0300
Subject: [Dovecot] Dovecot list IMAP archives with thunderbird?
In-Reply-To: <4FE5F644.8000606@integrafin.co.uk>
References: <4FE1FCDB.6080503@integrafin.co.uk>
	<4FE5F644.8000606@integrafin.co.uk>
Message-ID: <1340471188.5967.88.camel@hurina>

On Sat, 2012-06-23 at 18:00 +0100, Alex Crow wrote:
> > I'm trying to access the IMAP archives with Thunderbird but can't seem 
> > to get it to work. I have tried an unencrypted connection, SSL and TLS 
> > but with no success. Any ideas?
> >
> > Thanks
> >
> > Alex
> >
> Hi,
> 
> Still stuck here - would really like to be able to access the archives 
> in my email client...
> 
> Anyone able to see the mailing list archives in Thunderbird or other 
> IMAP clients? Are they currently down?

It works fine as far as I can see, even with Thunderbird. What error do
you get?



From andrzej.filip at gmail.com  Sat Jun 23 20:09:40 2012
From: andrzej.filip at gmail.com (Andrzej A. Filip)
Date: Sat, 23 Jun 2012 19:09:40 +0200
Subject: [Dovecot] Hardware infrastructure for email system
In-Reply-To: <4FE5A74D.2010201@thelounge.net>
References: <4FE58A52.8050708@think-for-yourself.org>
	<alpine.BSF.2.00.1206231306480.37886@wojtek.tensor.gdynia.pl>
	<4FE5A74D.2010201@thelounge.net>
Message-ID: <4FE5F854.4050804@gmail.com>

On 06/23/2012 01:23 PM, Reindl Harald wrote:
>
> Am 23.06.2012 13:09, schrieb Wojciech Puchar:
>> Finally i would recommend to get rid of RAID6. It's terribly slow on writes and 
>> writes are common on mail server.
> depends, it is slower than RAID5, but safer
>
>> Buy cheapest but largest SATA drive and use RAID1 (or RAID1+0) setup.
> oh no please do not recommend SATA crap with RAID1 and think
> it is faster than RAID6 - the additional writes doe snot mat
> if the whole disk-system is much faster and RAID1 has no benefit
> in performance
>
> nobody will use SATA disks for high peformance servers in
> production - really nobody these days!
Could you specify/define your idea of "high performance servers" land
border?
It may reduce the flame war.

From dmalolepszy at optusnet.com.au  Sat Jun 23 20:36:52 2012
From: dmalolepszy at optusnet.com.au (Dominic Malolepszy)
Date: Sun, 24 Jun 2012 03:36:52 +1000
Subject: [Dovecot] SQLite dovecot query caching
Message-ID: <4FE5FEB4.2050801@optusnet.com.au>

Hi,

I am wondering if Dovecot caches SQLite queries, and how well it works 
in high performance setups. I am particularly interested because in the 
below thread SQLite has been suggested as a means of Dovecot proxying 
connections to different ports.

http://old.nabble.com/director%3A-non-standart-ports-at-backends-td33991991.html

Cheers,
Dominic.

From tss at iki.fi  Sat Jun 23 20:39:07 2012
From: tss at iki.fi (Timo Sirainen)
Date: Sat, 23 Jun 2012 20:39:07 +0300
Subject: [Dovecot] SQLite dovecot query caching
In-Reply-To: <4FE5FEB4.2050801@optusnet.com.au>
References: <4FE5FEB4.2050801@optusnet.com.au>
Message-ID: <1340473147.5967.89.camel@hurina>

On Sun, 2012-06-24 at 03:36 +1000, Dominic Malolepszy wrote:
> Hi,
> 
> I am wondering if Dovecot caches SQLite queries, and how well it works 
> in high performance setups. I am particularly interested because in the 
> below thread SQLite has been suggested as a means of Dovecot proxying 
> connections to different ports.

You can enable auth cache:
http://wiki2.dovecot.org/Authentication/Caching



From acrow at integrafin.co.uk  Sat Jun 23 21:10:37 2012
From: acrow at integrafin.co.uk (Alex Crow)
Date: Sat, 23 Jun 2012 19:10:37 +0100
Subject: [Dovecot] Hardware infrastructure for email system
In-Reply-To: <4FE5F854.4050804@gmail.com>
References: <4FE58A52.8050708@think-for-yourself.org>
	<alpine.BSF.2.00.1206231306480.37886@wojtek.tensor.gdynia.pl>
	<4FE5A74D.2010201@thelounge.net> <4FE5F854.4050804@gmail.com>
Message-ID: <4FE6069D.2050703@integrafin.co.uk>

On 23/06/12 18:09, Andrzej A. Filip wrote:
> On 06/23/2012 01:23 PM, Reindl Harald wrote:
>> Am 23.06.2012 13:09, schrieb Wojciech Puchar:
>>> Finally i would recommend to get rid of RAID6. It's terribly slow on writes and
>>> writes are common on mail server.
>> depends, it is slower than RAID5, but safer
>>
>>> Buy cheapest but largest SATA drive and use RAID1 (or RAID1+0) setup.
>> oh no please do not recommend SATA crap with RAID1 and think
>> it is faster than RAID6 - the additional writes doe snot mat
>> if the whole disk-system is much faster and RAID1 has no benefit
>> in performance
>>
>> nobody will use SATA disks for high peformance servers in
>> production - really nobody these days!
> Could you specify/define your idea of "high performance servers" land
> border?
> It may reduce the flame war.
>

Hi,

With dovecot, you can separate indexes and email, and with dbox/mdbox, 
have ALT storage, so for instance you could keep your indexes in a 
RAID10 of SSDs, recent email on a RAID10 of 10kRPM/15kRPM SAS drives, 
and older email can go on a load of 5k/7.2k SATA drives in RAID6, or on 
a NAS via NFS.

Note: with *dbox your indexes are the only place your mail flags are 
kept, so don't risk a single drive or even RAID5 for your index store.

This is what I am moving into production from dovecot 1.x on a single 
RAID6 array (hardware, LSI controller, 6 10k SAS drives in RAID10) which 
has served very well for a while but is not getting too small for all 
our mail. Performance has been good for up to 350 users, average mailbox 
size >4G, about 25-35k incoming mails per day.

Cheers

Alex

-- 
This message is intended only for the addressee and may contain
confidential information.  Unless you are that person, you may not
disclose its contents or use it in any way and are requested to delete
the message along with any attachments and notify us immediately.

"Transact" is operated by Integrated Financial Arrangements plc
Domain House, 5-7 Singer Street, London  EC2A 4BQ
Tel: (020) 7608 4900 Fax: (020) 7608 5300
(Registered office: as above; Registered in England and Wales under number: 3727592)
Authorised and regulated by the Financial Services Authority (entered on the FSA Register; number: 190856)


From dmalolepszy at optusnet.com.au  Sat Jun 23 21:20:24 2012
From: dmalolepszy at optusnet.com.au (Dominic Malolepszy)
Date: Sun, 24 Jun 2012 04:20:24 +1000
Subject: [Dovecot] SQLite dovecot query caching
In-Reply-To: <1340473147.5967.89.camel@hurina>
References: <4FE5FEB4.2050801@optusnet.com.au>
	<1340473147.5967.89.camel@hurina>
Message-ID: <4FE608E8.6090106@optusnet.com.au>

On 24/06/12 3:39 AM, Timo Sirainen wrote:
> On Sun, 2012-06-24 at 03:36 +1000, Dominic Malolepszy wrote:
>> Hi,
>>
>> I am wondering if Dovecot caches SQLite queries, and how well it works
>> in high performance setups. I am particularly interested because in the
>> below thread SQLite has been suggested as a means of Dovecot proxying
>> connections to different ports.
> You can enable auth cache:
> http://wiki2.dovecot.org/Authentication/Caching
>
>

This is a per user caching though, it will still have to perform a sql 
look up each time a unique user authenticates to determine what port the 
proxy should forward each connection. Is that accurate?

From wojtek at wojtek.tensor.gdynia.pl  Sat Jun 23 21:21:05 2012
From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar)
Date: Sat, 23 Jun 2012 20:21:05 +0200 (CEST)
Subject: [Dovecot] Hardware infrastructure for email system
In-Reply-To: <4FE6069D.2050703@integrafin.co.uk>
References: <4FE58A52.8050708@think-for-yourself.org>
	<alpine.BSF.2.00.1206231306480.37886@wojtek.tensor.gdynia.pl>
	<4FE5A74D.2010201@thelounge.net> <4FE5F854.4050804@gmail.com>
	<4FE6069D.2050703@integrafin.co.uk>
Message-ID: <alpine.BSF.2.00.1206232020100.40288@wojtek.tensor.gdynia.pl>

> ALT storage, so for instance you could keep your indexes in a RAID10 of SSDs, 
> recent email on a RAID10 of 10kRPM/15kRPM SAS drives, and older email can go 
> on a load of 5k/7.2k SATA drives in RAID6, or on a NAS via NFS.

far better solution but still about 2-3 times more $/performance than 
needed, and more complex than needed.

But at least an improvement

From tss at iki.fi  Sat Jun 23 21:57:08 2012
From: tss at iki.fi (Timo Sirainen)
Date: Sat, 23 Jun 2012 21:57:08 +0300
Subject: [Dovecot] SQLite dovecot query caching
In-Reply-To: <4FE608E8.6090106@optusnet.com.au>
References: <4FE5FEB4.2050801@optusnet.com.au>
	<1340473147.5967.89.camel@hurina> <4FE608E8.6090106@optusnet.com.au>
Message-ID: <1340477828.5967.91.camel@hurina>

On Sun, 2012-06-24 at 04:20 +1000, Dominic Malolepszy wrote:
> On 24/06/12 3:39 AM, Timo Sirainen wrote:
> > On Sun, 2012-06-24 at 03:36 +1000, Dominic Malolepszy wrote:
> >> Hi,
> >>
> >> I am wondering if Dovecot caches SQLite queries, and how well it works
> >> in high performance setups. I am particularly interested because in the
> >> below thread SQLite has been suggested as a means of Dovecot proxying
> >> connections to different ports.
> > You can enable auth cache:
> > http://wiki2.dovecot.org/Authentication/Caching
> >
> >
> 
> This is a per user caching though, it will still have to perform a sql 
> look up each time a unique user authenticates to determine what port the 
> proxy should forward each connection. Is that accurate?

It caches the passdb lookup. The cache key consists of the given %
variables in the SQL query. So if your SQL query doesn't contain %n/%u
then the cache doesn't add per-user entries.



From acrow at integrafin.co.uk  Sat Jun 23 22:06:31 2012
From: acrow at integrafin.co.uk (Alex Crow)
Date: Sat, 23 Jun 2012 20:06:31 +0100
Subject: [Dovecot] Dovecot list IMAP archives with thunderbird?
In-Reply-To: <1340471188.5967.88.camel@hurina>
References: <4FE1FCDB.6080503@integrafin.co.uk>
	<4FE5F644.8000606@integrafin.co.uk>
	<1340471188.5967.88.camel@hurina>
Message-ID: <4FE613B7.7080809@integrafin.co.uk>

On 23/06/12 18:06, Timo Sirainen wrote:
> On Sat, 2012-06-23 at 18:00 +0100, Alex Crow wrote:
>>> I'm trying to access the IMAP archives with Thunderbird but can't seem
>>> to get it to work. I have tried an unencrypted connection, SSL and TLS
>>> but with no success. Any ideas?
>>>
>>> Thanks
>>>
>>> Alex
>>>
>> Hi,
>>
>> Still stuck here - would really like to be able to access the archives
>> in my email client...
>>
>> Anyone able to see the mailing list archives in Thunderbird or other
>> IMAP clients? Are they currently down?
> It works fine as far as I can see, even with Thunderbird. What error do
> you get?
>
>
>

Hi Timo,

No errors at all, I just never see any folder list or messages - tcpdump 
shows a few packets only when TLS mode is selected, but nothing after that,

Cheers

Alex

-- 
This message is intended only for the addressee and may contain
confidential information.  Unless you are that person, you may not
disclose its contents or use it in any way and are requested to delete
the message along with any attachments and notify us immediately.

"Transact" is operated by Integrated Financial Arrangements plc
Domain House, 5-7 Singer Street, London  EC2A 4BQ
Tel: (020) 7608 4900 Fax: (020) 7608 5300
(Registered office: as above; Registered in England and Wales under number: 3727592)
Authorised and regulated by the Financial Services Authority (entered on the FSA Register; number: 190856)


From dmalolepszy at optusnet.com.au  Sat Jun 23 22:07:48 2012
From: dmalolepszy at optusnet.com.au (Dominic Malolepszy)
Date: Sun, 24 Jun 2012 05:07:48 +1000
Subject: [Dovecot] SQLite dovecot query caching
In-Reply-To: <1340477828.5967.91.camel@hurina>
References: <4FE5FEB4.2050801@optusnet.com.au>
	<1340473147.5967.89.camel@hurina>
	<4FE608E8.6090106@optusnet.com.au>
	<1340477828.5967.91.camel@hurina>
Message-ID: <4FE61404.1030102@optusnet.com.au>

On 24/06/12 4:57 AM, Timo Sirainen wrote:
> On Sun, 2012-06-24 at 04:20 +1000, Dominic Malolepszy wrote:
>> On 24/06/12 3:39 AM, Timo Sirainen wrote:
>>> On Sun, 2012-06-24 at 03:36 +1000, Dominic Malolepszy wrote:
>>>> Hi,
>>>>
>>>> I am wondering if Dovecot caches SQLite queries, and how well it works
>>>> in high performance setups. I am particularly interested because in the
>>>> below thread SQLite has been suggested as a means of Dovecot proxying
>>>> connections to different ports.
>>> You can enable auth cache:
>>> http://wiki2.dovecot.org/Authentication/Caching
>>>
>>>
>> This is a per user caching though, it will still have to perform a sql
>> look up each time a unique user authenticates to determine what port the
>> proxy should forward each connection. Is that accurate?
> It caches the passdb lookup. The cache key consists of the given %
> variables in the SQL query. So if your SQL query doesn't contain %n/%u
> then the cache doesn't add per-user entries.
>
>
Thanks Timo, I re-read the link you sent me, and it makes a lot more 
sense now. I will play around with the different variables (especially 
the port related ones), to get the desired result. Gah its late I should 
go to sleep!

From lists at svrinformatica.it  Sat Jun 23 23:39:43 2012
From: lists at svrinformatica.it (Mailing List SVR)
Date: Sat, 23 Jun 2012 22:39:43 +0200
Subject: [Dovecot] 2.0.19 segfault
Message-ID: <4FE6298F.6050502@svrinformatica.it>

Hi,

after the upgrade from dovecot 2.0.13 (ubuntu oneiric) to dovecot 2.0.19 
(ubuntu precise), in my logs I have a lot of these errors:

Jun 23 00:20:29 server1 dovecot: master: Error: service(imap-login): 
child 6714 killed with signal 11 (core dumps disabled)

I tested 2.0.21 and the problem is still here. The problem seems to 
appear only when the client is ms outlook, thunderbird works fine

Here is the captured trace (I hope this is enough and I don't need to 
install debug symbols for everythings):

Core was generated by `dovecot/imap-login -D'.
Program terminated with signal 11, Segmentation fault.
#0  0x00007f4d01c1a031 in RC4 () from 
/lib/x86_64-linux-gnu/libcrypto.so.1.0.0
(gdb) bt full
#0  0x00007f4d01c1a031 in RC4 () from 
/lib/x86_64-linux-gnu/libcrypto.so.1.0.0
No symbol table info available.
#1  0x0000000000000134 in ?? ()
No symbol table info available.
#2  0x00000000000000cd in ?? ()
No symbol table info available.
#3  0x00007f4d03e97470 in ?? ()
No symbol table info available.
#4  0x00007f4d01c80629 in ?? () from 
/lib/x86_64-linux-gnu/libcrypto.so.1.0.0
No symbol table info available.
#5  0x00007f4d01f82bcf in ?? () from /lib/x86_64-linux-gnu/libssl.so.1.0.0
No symbol table info available.
#6  0x00007f4d01f79e04 in ?? () from /lib/x86_64-linux-gnu/libssl.so.1.0.0
No symbol table info available.
#7  0x00007f4d01f7a134 in ?? () from /lib/x86_64-linux-gnu/libssl.so.1.0.0
No symbol table info available.
#8  0x00007f4d027fed6f in ssl_write (proxy=0x7f4d03e7c0a0)
     at ssl-proxy-openssl.c:499
         ret = <optimized out>
#9  0x00007f4d027fee68 in plain_read (proxy=0x7f4d03e7c0a0)
     at ssl-proxy-openssl.c:308
         ret = <optimized out>
         corked = true
---Type <return> to continue, or q <return> to quit---
#10 0x00007f4d025b5c98 in io_loop_call_io (io=0x7f4d03e84b10) at 
ioloop.c:384
         ioloop = 0x7f4d03e3e680
         t_id = 2
#11 0x00007f4d025b6d27 in io_loop_handler_run (ioloop=<optimized out>)
     at ioloop-epoll.c:213
         ctx = 0x7f4d03e505a0
         events = 0x6579351d
         event = 0x7f4d03e50610
         list = 0x7f4d03e93690
         io = <optimized out>
         tv = {tv_sec = 59, tv_usec = 999832}
         msecs = <optimized out>
         ret = 1
         i = <optimized out>
         call = <optimized out>
#12 0x00007f4d025b5c28 in io_loop_run (ioloop=0x7f4d03e3e680) at 
ioloop.c:405
No locals.
#13 0x00007f4d025a3e33 in master_service_run (service=0x7f4d03e3e550,
     callback=<optimized out>) at master-service.c:481
No locals.
#14 0x00007f4d027f7cc2 in main (argc=2, argv=0x7f4d03e3e370) at main.c:371
         set_pool = 0x7f4d03e3e880
         allow_core_dumps = <optimized out>
---Type <return> to continue, or q <return> to quit---
         login_socket = 0x7f4d02800763 "login"
         c = <optimized out>
#15 0x00007f4d021d676d in __libc_start_main ()
    from /lib/x86_64-linux-gnu/libc.so.6
No symbol table info available.
#16 0x00007f4d02c2d5a9 in _start ()
No symbol table info available.

Nicola




From acrow at integrafin.co.uk  Sun Jun 24 00:13:28 2012
From: acrow at integrafin.co.uk (Alex Crow)
Date: Sat, 23 Jun 2012 22:13:28 +0100
Subject: [Dovecot] Hardware infrastructure for email system
In-Reply-To: <alpine.BSF.2.00.1206232020100.40288@wojtek.tensor.gdynia.pl>
References: <4FE58A52.8050708@think-for-yourself.org>
	<alpine.BSF.2.00.1206231306480.37886@wojtek.tensor.gdynia.pl>
	<4FE5A74D.2010201@thelounge.net> <4FE5F854.4050804@gmail.com>
	<4FE6069D.2050703@integrafin.co.uk>
	<alpine.BSF.2.00.1206232020100.40288@wojtek.tensor.gdynia.pl>
Message-ID: <4FE63178.9040203@integrafin.co.uk>

On 23/06/12 19:21, Wojciech Puchar wrote:
>> ALT storage, so for instance you could keep your indexes in a RAID10 
>> of SSDs, recent email on a RAID10 of 10kRPM/15kRPM SAS drives, and 
>> older email can go on a load of 5k/7.2k SATA drives in RAID6, or on a 
>> NAS via NFS.
>
> far better solution but still about 2-3 times more $/performance than 
> needed, and more complex than needed.
>
> But at least an improvement
>

I'd respectfully disagree. If you only keep the most recent few weeks of 
email you could use reasonably priced SSDs for the indexes and perhaps 
downgrade to SATA for your "hot" store, both of which should be max 10% 
of your total space with more than a few months of email. My driving 
factor was to have different spindle sets for each purpose. Who knows, I 
might have overspent and could have done it with 3 separate SATA arrays.

OTOH what about an SSD caching kit on your server? Supermicro at least 
do them (well, my UK vendor offers them). Just have a load of big SATA 
drives and use the kit for caching. The last time I looked a 256GB kit 
was about UKP 500.

Cheers

Alex

-- 
This message is intended only for the addressee and may contain
confidential information.  Unless you are that person, you may not
disclose its contents or use it in any way and are requested to delete
the message along with any attachments and notify us immediately.

"Transact" is operated by Integrated Financial Arrangements plc
Domain House, 5-7 Singer Street, London  EC2A 4BQ
Tel: (020) 7608 4900 Fax: (020) 7608 5300
(Registered office: as above; Registered in England and Wales under number: 3727592)
Authorised and regulated by the Financial Services Authority (entered on the FSA Register; number: 190856)


From lists at svrinformatica.it  Sun Jun 24 00:34:47 2012
From: lists at svrinformatica.it (Mailing List SVR)
Date: Sat, 23 Jun 2012 23:34:47 +0200
Subject: [Dovecot] 2.0.19 segfault
In-Reply-To: <4FE6298F.6050502@svrinformatica.it>
References: <4FE6298F.6050502@svrinformatica.it>
Message-ID: <4FE63677.9080900@svrinformatica.it>

Il 23/06/2012 22:39, Mailing List SVR ha scritto:
> Hi,
>
> after the upgrade from dovecot 2.0.13 (ubuntu oneiric) to dovecot 
> 2.0.19 (ubuntu precise), in my logs I have a lot of these errors:
>
> Jun 23 00:20:29 server1 dovecot: master: Error: service(imap-login): 
> child 6714 killed with signal 11 (core dumps disabled)
>
> I tested 2.0.21 and the problem is still here. The problem seems to 
> appear only when the client is ms outlook, thunderbird works fine
>
> Here is the captured trace (I hope this is enough and I don't need to 
> install debug symbols for everythings):
>
> Core was generated by `dovecot/imap-login -D'.
> Program terminated with signal 11, Segmentation fault.
> #0  0x00007f4d01c1a031 in RC4 () from 
> /lib/x86_64-linux-gnu/libcrypto.so.1.0.0
> (gdb) bt full
> #0  0x00007f4d01c1a031 in RC4 () from 
> /lib/x86_64-linux-gnu/libcrypto.so.1.0.0
> No symbol table info available.
> #1  0x0000000000000134 in ?? ()
> No symbol table info available.
> #2  0x00000000000000cd in ?? ()
> No symbol table info available.
> #3  0x00007f4d03e97470 in ?? ()
> No symbol table info available.
> #4  0x00007f4d01c80629 in ?? () from 
> /lib/x86_64-linux-gnu/libcrypto.so.1.0.0
> No symbol table info available.
> #5  0x00007f4d01f82bcf in ?? () from 
> /lib/x86_64-linux-gnu/libssl.so.1.0.0
> No symbol table info available.
> #6  0x00007f4d01f79e04 in ?? () from 
> /lib/x86_64-linux-gnu/libssl.so.1.0.0
> No symbol table info available.
> #7  0x00007f4d01f7a134 in ?? () from 
> /lib/x86_64-linux-gnu/libssl.so.1.0.0
> No symbol table info available.
> #8  0x00007f4d027fed6f in ssl_write (proxy=0x7f4d03e7c0a0)
>     at ssl-proxy-openssl.c:499
>         ret = <optimized out>
> #9  0x00007f4d027fee68 in plain_read (proxy=0x7f4d03e7c0a0)
>     at ssl-proxy-openssl.c:308
>         ret = <optimized out>
>         corked = true
> ---Type <return> to continue, or q <return> to quit---
> #10 0x00007f4d025b5c98 in io_loop_call_io (io=0x7f4d03e84b10) at 
> ioloop.c:384
>         ioloop = 0x7f4d03e3e680
>         t_id = 2
> #11 0x00007f4d025b6d27 in io_loop_handler_run (ioloop=<optimized out>)
>     at ioloop-epoll.c:213
>         ctx = 0x7f4d03e505a0
>         events = 0x6579351d
>         event = 0x7f4d03e50610
>         list = 0x7f4d03e93690
>         io = <optimized out>
>         tv = {tv_sec = 59, tv_usec = 999832}
>         msecs = <optimized out>
>         ret = 1
>         i = <optimized out>
>         call = <optimized out>
> #12 0x00007f4d025b5c28 in io_loop_run (ioloop=0x7f4d03e3e680) at 
> ioloop.c:405
> No locals.
> #13 0x00007f4d025a3e33 in master_service_run (service=0x7f4d03e3e550,
>     callback=<optimized out>) at master-service.c:481
> No locals.
> #14 0x00007f4d027f7cc2 in main (argc=2, argv=0x7f4d03e3e370) at 
> main.c:371
>         set_pool = 0x7f4d03e3e880
>         allow_core_dumps = <optimized out>
> ---Type <return> to continue, or q <return> to quit---
>         login_socket = 0x7f4d02800763 "login"
>         c = <optimized out>
> #15 0x00007f4d021d676d in __libc_start_main ()
>    from /lib/x86_64-linux-gnu/libc.so.6
> No symbol table info available.
> #16 0x00007f4d02c2d5a9 in _start ()
> No symbol table info available.
>
> Nicola
>
Here is a more detailed trace,

Core was generated by `dovecot/imap-login -D'.
Program terminated with signal 11, Segmentation fault.
#0  RC4 () at rc4-x86_64.s:343
343    rc4-x86_64.s: File o directory non esistente.
(gdb) bt full
#0  RC4 () at rc4-x86_64.s:343
No locals.
#1  0x0000000000000134 in ?? ()
No symbol table info available.
#2  0x00000000000000cd in ?? ()
No symbol table info available.
#3  0x00007f4d03e97470 in ?? ()
No symbol table info available.
#4  0x00007f4d01c80629 in rc4_hmac_md5_cipher (ctx=<optimized out>,
     out=0x7f4d03e8d0b8 
"\314V\347\335Lc\024\205\221'?\006\177\313\326?\313\317\303c\266\360\347\364\263\242\316z\326\307\320\303?\242`\303\321?\313?\177\315\305\313?\320\307u\307\320\320\303\316?z?\307\314\303\300\316v\242\313\306\316?\321c\030T 
SORT=DISPLAY\301\021\222RC\005D=R\244\237T\342\004\"\020ES 
TH\003\246AD=\247\032FS 
\351ULTIA&\315\025N8\032\341\255\364EZ\376\236\062 
CHILDREN\\\b{\250\240\255PACE U\216\331\nLUS LIST-EXTENDED I18NLEVEL=h 
CO"...,
     in=<optimized out>, len=0) at e_rc4_hmac_md5.c:163
         key = 0x1a
         rc4_off = 139968754799079
         md5_off = <optimized out>
         blocks = <optimized out>
         l = <optimized out>
         plen = <optimized out>
#5  0x00007f4d01f82bcf in tls1_enc (s=0x7f4d03e7b700, send=1) at 
t1_enc.c:828
---Type <return> to continue, or q <return> to quit---
         rec = 0x7f4d03e7bcb8
         ds = 0x7f4d03e95cf0
         l = 308
         bs = 1
         i = <optimized out>
         ii = <optimized out>
         j = <optimized out>
         k = <optimized out>
         pad = <optimized out>
         enc = 0x7f4d01f4eae0
#6  0x00007f4d01f79e04 in do_ssl3_write (s=0x7f4d03e7b700, type=23,
     buf=0x7f4d03e7c514 "A0 OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR 
LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES 
THREAD=REFS MULTIAPPEND UNSELECT CHILDREN NAMESPACE UIDPLUS 
LIST-EXTENDED I18NLEVEL=1 CO"..., len=292,
     create_empty_fragment=0) at s3_pkt.c:815
         p = <optimized out>
         plen = 0x7f4d03e8d0b6 ""
         i = <optimized out>
         mac_size = 0
         clear = <optimized out>
         prefix_len = <optimized out>
         eivlen = <optimized out>
         align = <optimized out>
---Type <return> to continue, or q <return> to quit---
         wr = 0x7f4d03e7bcb8
         wb = 0x7f4d03e7bc68
         sess = <optimized out>
#7  0x00007f4d01f7a134 in ssl3_write_bytes (s=0x7f4d03e7b700, type=23,
     buf_=0x7f4d03e7c514, len=<optimized out>) at s3_pkt.c:605
         buf = 0x7f4d03e7c514 "A0 OK [CAPABILITY IMAP4rev1 LITERAL+ 
SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY 
THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT CHILDREN NAMESPACE 
UIDPLUS LIST-EXTENDED I18NLEVEL=1 CO"...
         tot = 0
         n = 292
         nw = <optimized out>
         i = <optimized out>
#8  0x00007f4d027fed6f in ssl_write (proxy=0x7f4d03e7c0a0)
     at ssl-proxy-openssl.c:499
         ret = <optimized out>
#9  0x00007f4d027fee68 in plain_read (proxy=0x7f4d03e7c0a0)
     at ssl-proxy-openssl.c:308
         ret = <optimized out>
         corked = true
#10 0x00007f4d025b5c98 in io_loop_call_io (io=0x7f4d03e84b10) at 
ioloop.c:384
         ioloop = 0x7f4d03e3e680
         t_id = 2
#11 0x00007f4d025b6d27 in io_loop_handler_run (ioloop=<optimized out>)
---Type <return> to continue, or q <return> to quit---
     at ioloop-epoll.c:213
         ctx = 0x7f4d03e505a0
         events = 0x6579351d
         event = 0x7f4d03e50610
         list = 0x7f4d03e93690
         io = <optimized out>
         tv = {tv_sec = 59, tv_usec = 999832}
         msecs = <optimized out>
         ret = 1
         i = <optimized out>
         call = <optimized out>
#12 0x00007f4d025b5c28 in io_loop_run (ioloop=0x7f4d03e3e680) at 
ioloop.c:405
No locals.
#13 0x00007f4d025a3e33 in master_service_run (service=0x7f4d03e3e550,
     callback=<optimized out>) at master-service.c:481
No locals.
#14 0x00007f4d027f7cc2 in main (argc=2, argv=0x7f4d03e3e370) at main.c:371
         set_pool = 0x7f4d03e3e880
         allow_core_dumps = <optimized out>
         login_socket = 0x7f4d02800763 "login"
         c = <optimized out>
#15 0x00007f4d021d676d in __libc_start_main (main=0x7f4d027f7a60 <main>,
     argc=2, ubp_av=0x7fff37290a68, init=<optimized out>, 
fini=<optimized out>,
---Type <return> to continue, or q <return> to quit---
     rtld_fini=<optimized out>, stack_end=0x7fff37290a58) at 
libc-start.c:226
         result = <optimized out>
         unwind_buf = {cancel_jmp_buf = {{jmp_buf = {0, 
-1085834845464457622,
                 139968735532416, 140734118824544, 0, 0, 
1085429787565592170,
                 1041548453329079914}, mask_was_saved = 0}}, priv = {pad = {
               0x0, 0x0, 0x7fff37290a80, 0x1}, data = {prev = 0x0,
               cleanup = 0x0, canceltype = 925436544}}}
         not_first_call = <optimized out>
#16 0x00007f4d02c2d5a9 in _start ()

Nicola


From bdh at machinehum.com  Sun Jun 24 01:01:47 2012
From: bdh at machinehum.com (Brian Hayden)
Date: Sat, 23 Jun 2012 17:01:47 -0500
Subject: [Dovecot] Hardware infrastructure for email system
In-Reply-To: <4FE63178.9040203@integrafin.co.uk>
References: <4FE58A52.8050708@think-for-yourself.org>
	<alpine.BSF.2.00.1206231306480.37886@wojtek.tensor.gdynia.pl>
	<4FE5A74D.2010201@thelounge.net> <4FE5F854.4050804@gmail.com>
	<4FE6069D.2050703@integrafin.co.uk>
	<alpine.BSF.2.00.1206232020100.40288@wojtek.tensor.gdynia.pl>
	<4FE63178.9040203@integrafin.co.uk>
Message-ID: <E66E786C-BE86-4859-A190-923220AB0923@machinehum.com>


> On 23/06/12 19:21, Wojciech Puchar wrote:
>>> ALT storage, so for instance you could keep your indexes in a RAID10 of SSDs, recent email on a RAID10 of 10kRPM/15kRPM SAS drives, and older email can go on a load of 5k/7.2k SATA drives in RAID6, or on a NAS via NFS.
>> 
>> far better solution but still about 2-3 times more $/performance than needed, and more complex than needed.
>> 
>> But at least an improvement

Wojciech, how many users, does your installation serve? Not raw account numbers, but real users? The things you're saying sound mostly applicable to a small, easily-dictated env.

-Brian


From tss at iki.fi  Sun Jun 24 01:05:09 2012
From: tss at iki.fi (Timo Sirainen)
Date: Sun, 24 Jun 2012 01:05:09 +0300
Subject: [Dovecot] 2.0.19 segfault
In-Reply-To: <4FE6298F.6050502@svrinformatica.it>
References: <4FE6298F.6050502@svrinformatica.it>
Message-ID: <1340489109.5967.94.camel@hurina>

On Sat, 2012-06-23 at 22:39 +0200, Mailing List SVR wrote:

> after the upgrade from dovecot 2.0.13 (ubuntu oneiric) to dovecot 2.0.19 
> (ubuntu precise), in my logs I have a lot of these errors:
> 
> Jun 23 00:20:29 server1 dovecot: master: Error: service(imap-login): 
> child 6714 killed with signal 11 (core dumps disabled)
> 
> I tested 2.0.21 and the problem is still here. The problem seems to 
> appear only when the client is ms outlook, thunderbird works fine

Looks to me more like OpenSSL library bug. The only reason why it could
be Dovecot bug is if Dovecot is causing memory corruption. Could you run
imap-login via valgrind to see if this is the case?

service imap-login {
  executable = /usr/bin/valgrind -q --vgdb=no /usr/local/libexec/dovecot/imap-login
  chroot =
}

Also have you changed any ssl-related settings in dovecot.conf?



From lists at svrinformatica.it  Sun Jun 24 01:27:45 2012
From: lists at svrinformatica.it (Mailing List SVR)
Date: Sun, 24 Jun 2012 00:27:45 +0200
Subject: [Dovecot] 2.0.19 segfault
In-Reply-To: <1340489109.5967.94.camel@hurina>
References: <4FE6298F.6050502@svrinformatica.it>
	<1340489109.5967.94.camel@hurina>
Message-ID: <4FE642E1.5070609@svrinformatica.it>

Il 24/06/2012 00:05, Timo Sirainen ha scritto:
> On Sat, 2012-06-23 at 22:39 +0200, Mailing List SVR wrote:
>
>> after the upgrade from dovecot 2.0.13 (ubuntu oneiric) to dovecot 2.0.19
>> (ubuntu precise), in my logs I have a lot of these errors:
>>
>> Jun 23 00:20:29 server1 dovecot: master: Error: service(imap-login):
>> child 6714 killed with signal 11 (core dumps disabled)
>>
>> I tested 2.0.21 and the problem is still here. The problem seems to
>> appear only when the client is ms outlook, thunderbird works fine
> Looks to me more like OpenSSL library bug. The only reason why it could
> be Dovecot bug is if Dovecot is causing memory corruption. Could you run
> imap-login via valgrind to see if this is the case?
>
> service imap-login {
>    executable = /usr/bin/valgrind -q --vgdb=no /usr/local/libexec/dovecot/imap-login
>    chroot =
> }
>
> Also have you changed any ssl-related settings in dovecot.conf?
>

attached my complete configuration, I hope there is a mistake in my config

I looked at the code and there was no relevant change from dovecot 
2.0.13 and dovecot 2.0.19, upgrading between ubuntu releases updated 
openssl too and this could be the problem,

however is not clear to me while imap over ssl works fine with 
thunderdird and I see the crash in the logs for customers that seems to 
use ms outlook,

Nicola

>


-------------- next part --------------
# 2.0.19: /etc/dovecot/dovecot.conf
# OS: Linux 3.2.0-25-generic x86_64 Ubuntu 12.04 LTS ext4
auth_cache_size = 10 M
auth_mechanisms = plain login
auth_socket_path = /var/run/dovecot/auth-userdb
auth_worker_max_count = 128
base_dir = /var/run/dovecot/
default_process_limit = 200
disable_plaintext_auth = no
first_valid_gid = 2000
first_valid_uid = 2000
hostname = mail.svrinformatica.it
last_valid_gid = 2000
last_valid_uid = 2000
listen = *
login_greeting = SVR ready.
mail_location = maildir:/srv/panel/mail/%d/%t/Maildir
mail_plugins = " quota trash autocreate"
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave
passdb {
  args = /etc/dovecot/dovecot-sql.conf.ext
  driver = sql
}
plugin {
  autocreate = Trash
  autocreate2 = Junk
  autocreate3 = Drafts
  autocreate4 = Sent
  autosubscribe = Trash
  autosubscribe2 = Junk
  autosubscribe3 = Drafts
  autosubscribe4 = Sent
  quota = maildir:User quota
  quota_rule = *:storage=300MB
  quota_rule2 = Trash:ignore
  quota_warning = storage=95%% quota-warning 95 %u
  quota_warning2 = storage=80%% quota-warning 80 %u
  sieve = ~/.dovecot.sieve
  sieve_before = /etc/dovecot/sieve/move-spam.sieve
  sieve_dir = ~/sieve
  sieve_max_actions = 32
  sieve_max_redirects = 4
  sieve_max_script_size = 1M
  sieve_quota_max_scripts = 10
  sieve_quota_max_storage = 2M
  trash = /etc/dovecot/dovecot-trash.conf.ext
}
postmaster_address = postmaster at svrinformatica.it
protocols = imap pop3 sieve
service auth-worker {
  user = $default_internal_user
}
service auth {
  unix_listener /var/spool/postfix/private/dovecot-auth {
    group = vmail
    mode = 0660
    user = postfix
  }
  unix_listener auth-userdb {
    group = vmail
    mode = 0660
    user = vmail
  }
  user = $default_internal_user
}
service managesieve-login {
  inet_listener sieve {
    port = 4190
  }
}
service quota-warning {
  executable = script /srv/panel/django/systemcp/systemutils/mail/quota-warning.py
  unix_listener quota-warning {
    user = vmail
  }
  user = dovecot
}
ssl_cert = </etc/ssl/certs/dovecot.pem
ssl_cipher_list = ALL:!LOW:!SSLv2:ALL:!aNULL:!ADH:!eNULL:!EXP:RC4+RSA:+HIGH:+MEDIUM
ssl_key = </etc/ssl/private/dovecot.pem
userdb {
  driver = prefetch
}
userdb {
  args = /etc/dovecot/dovecot-sql.conf.ext
  driver = sql
}
protocol lda {
  mail_plugins = " quota trash autocreate sieve"
}
protocol imap {
  imap_client_workarounds = delay-newmail
  mail_max_userip_connections = 10
  mail_plugins = " quota trash autocreate imap_quota"
}
protocol sieve {
  mail_max_userip_connections = 10
  mail_plugins = " quota trash autocreate"
  managesieve_max_compile_errors = 5
}
protocol pop3 {
  mail_max_userip_connections = 10
  mail_plugins = " quota trash autocreate"
  pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
}

From lists at svrinformatica.it  Sun Jun 24 01:49:33 2012
From: lists at svrinformatica.it (Mailing List SVR)
Date: Sun, 24 Jun 2012 00:49:33 +0200
Subject: [Dovecot] 2.0.19 segfault
In-Reply-To: <1340489109.5967.94.camel@hurina>
References: <4FE6298F.6050502@svrinformatica.it>
	<1340489109.5967.94.camel@hurina>
Message-ID: <4FE647FD.4060400@svrinformatica.it>

Il 24/06/2012 00:05, Timo Sirainen ha scritto:
> On Sat, 2012-06-23 at 22:39 +0200, Mailing List SVR wrote:
>
>> after the upgrade from dovecot 2.0.13 (ubuntu oneiric) to dovecot 2.0.19
>> (ubuntu precise), in my logs I have a lot of these errors:
>>
>> Jun 23 00:20:29 server1 dovecot: master: Error: service(imap-login):
>> child 6714 killed with signal 11 (core dumps disabled)
>>
>> I tested 2.0.21 and the problem is still here. The problem seems to
>> appear only when the client is ms outlook, thunderbird works fine
> Looks to me more like OpenSSL library bug.

the bug seems related to this patch:

http://cvs.openssl.org/chngview?cn=22415

I'm applying just now

>   The only reason why it could
> be Dovecot bug is if Dovecot is causing memory corruption. Could you run
> imap-login via valgrind to see if this is the case?
>
> service imap-login {
>    executable = /usr/bin/valgrind -q --vgdb=no /usr/local/libexec/dovecot/imap-login
>    chroot =
> }
>
> Also have you changed any ssl-related settings in dovecot.conf?
>
>
>



From lists at svrinformatica.it  Sun Jun 24 02:05:43 2012
From: lists at svrinformatica.it (Mailing List SVR)
Date: Sun, 24 Jun 2012 01:05:43 +0200
Subject: [Dovecot] 2.0.19 segfault
In-Reply-To: <4FE647FD.4060400@svrinformatica.it>
References: <4FE6298F.6050502@svrinformatica.it>
	<1340489109.5967.94.camel@hurina>
	<4FE647FD.4060400@svrinformatica.it>
Message-ID: <4FE64BC7.7020204@svrinformatica.it>

Il 24/06/2012 00:49, Mailing List SVR ha scritto:
> Il 24/06/2012 00:05, Timo Sirainen ha scritto:
>> On Sat, 2012-06-23 at 22:39 +0200, Mailing List SVR wrote:
>>
>>> after the upgrade from dovecot 2.0.13 (ubuntu oneiric) to dovecot 
>>> 2.0.19
>>> (ubuntu precise), in my logs I have a lot of these errors:
>>>
>>> Jun 23 00:20:29 server1 dovecot: master: Error: service(imap-login):
>>> child 6714 killed with signal 11 (core dumps disabled)
>>>
>>> I tested 2.0.21 and the problem is still here. The problem seems to
>>> appear only when the client is ms outlook, thunderbird works fine
>> Looks to me more like OpenSSL library bug.
>
> the bug seems related to this patch:
>
> http://cvs.openssl.org/chngview?cn=22415
>
> I'm applying just now

I can confirm that the patch listed above solve the problem, thanks for 
pointing me to openssl,

Nicola

>
>>   The only reason why it could
>> be Dovecot bug is if Dovecot is causing memory corruption. Could you run
>> imap-login via valgrind to see if this is the case?
>>
>> service imap-login {
>>    executable = /usr/bin/valgrind -q --vgdb=no 
>> /usr/local/libexec/dovecot/imap-login
>>    chroot =
>> }
>>
>> Also have you changed any ssl-related settings in dovecot.conf?
>>
>>
>>
>
>
>



From dovecot at r.paypc.com  Sun Jun 24 02:57:09 2012
From: dovecot at r.paypc.com (Robin)
Date: Sat, 23 Jun 2012 16:57:09 -0700
Subject: [Dovecot] 2.0.19 segfault
In-Reply-To: <4FE642E1.5070609@svrinformatica.it>
References: <4FE6298F.6050502@svrinformatica.it>	<1340489109.5967.94.camel@hurina>
	<4FE642E1.5070609@svrinformatica.it>
Message-ID: <4FE657D5.8060205@r.paypc.com>

On 6/23/2012 3:27 PM, Mailing List SVR wrote:
> I looked at the code and there was no relevant change from dovecot
> 2.0.13 and dovecot 2.0.19, upgrading between ubuntu releases updated
> openssl too and this could be the problem,
>
> however is not clear to me while imap over ssl works fine with
> thunderdird and I see the crash in the logs for customers that seems to
> use ms outlook,

There have been many interactions between OpenSSL (and some other SSL 
implementations) and some versions of schannel.dll (the system library 
responsible for SSL connections, used by Outlook and Internet Explorer, 
amongst other tools).

M$ has released hotfixes addressing various problems in schannel.dll in 
the past, such as: http://support.microsoft.com/kb/933430

There is a fair bit of write-up online about how to configure your SSL 
servers to avoid problematic ciphers and socket configurations that help 
you avoid tripping over most of the bugs.

For example: http://httpd.apache.org/docs/2.2/ssl/ssl_faq.html#msie

Whenever SSL is involved in the transaction process, always include it 
in your debug process as SSL negotiation is non-trivial and has been 
often fraught with some peril.

=R=

From spraker at yahoo.com  Sun Jun 24 03:10:29 2012
From: spraker at yahoo.com (Brian Spraker)
Date: Sat, 23 Jun 2012 17:10:29 -0700 (PDT)
Subject: [Dovecot] Dovecot Quotas in Version 2
Message-ID: <1340496629.79833.YahooMailClassic@web111409.mail.gq1.yahoo.com>

Hello all,

Just upgraded from Ubuntu 10.04 to 12.04 on a server today and went through a few issues that I finally got corrected with many different services.

However, one of them - I absolutely cannot figure out.

I was using Dovecot 1 in Ubuntu 10.04 - but in Ubuntu 12.04, it has been upgraded to Dovecot 2.  Finally managed to get the configuration to work and get it to use MySQL as the back-end authentication method (had to install the dovecot-mysql package).

But, I cannot get quotas to work.  The moment I uncomment a quota line, Dovecot fails to start.

Would appreciate any help with this.  I am not using any of the individual configuration files on the conf.d folder - simply the dovecot.conf and dovecot-sql.conf file.  Here is a copy of those.  You can see the one commented line (mail_plugins under imap) simply will not work - but yet the one under POP works (although I don't think it is used):

base_dir = /var/run/dovecot/
disable_plaintext_auth = no
first_valid_uid = 33
last_valid_uid = 33
listen = *
log_timestamp = "%Y-%m-%d %H:%M:%S "
mail_privileged_group = www-data
passdb {
  args = /etc/dovecot/dovecot-sql.conf
  driver = sql
}
plugin {
  quota = maildir
  quota_rule = Trash:storage=100M
}
protocols = imap pop3
service auth {
  user = root
}
service imap-login {
  executable = /usr/lib/dovecot/imap-login
}
service imap {
  executable = /usr/lib/dovecot/imap
}
ssl = no
userdb {
  args = /etc/dovecot/dovecot-sql.conf
  driver = sql
}
protocol imap {
  imap_client_workarounds =
  mail_plugin_dir = /usr/lib/dovecot/modules/imap
#  mail_plugins = quota imap_quota
}
protocol pop3 {
  mail_plugins = quota
  pop3_uidl_format = %08Xu%08Xv
}

And for the dovecot-sql.conf file (passwords changed, of course):

driver = mysql
connect = dbname=horde user=<USER> password=<PASSWORD> host=localhost
default_pass_scheme = PLAIN
password_query = SELECT user_uid as user, user_pass as password FROM horde_users WHERE user_uid = '%u';
user_query = SELECT uid, gid, home, maildir, concat('maildir:storage=', quota) AS quota FROM horde_users WHERE user_uid = '%u';

I did not update the dovecot-sql.conf file at all - so I don't know if there maybe be some configuration issue with how it is pulling the quota limit from the database.  Quotas are in bytes in the database.

Certainly would appreciate any help with this.  I went through the Dovecot Quota Configuration in the wiki but it wasn't any help - as I basically already have that line in the config file, but it will fail to start Dovecot.

Thank you!

Brian S.


From tss at iki.fi  Sun Jun 24 03:23:16 2012
From: tss at iki.fi (Timo Sirainen)
Date: Sun, 24 Jun 2012 03:23:16 +0300
Subject: [Dovecot] Dovecot Quotas in Version 2
In-Reply-To: <1340496629.79833.YahooMailClassic@web111409.mail.gq1.yahoo.com>
References: <1340496629.79833.YahooMailClassic@web111409.mail.gq1.yahoo.com>
Message-ID: <B1E513FF-7ED7-42FC-967C-DF1155DC0577@iki.fi>

On 24.6.2012, at 3.10, Brian Spraker wrote:

> plugin {
>  quota = maildir
>  quota_rule = Trash:storage=100M

This should be quota_rule2. Otherwise you'll just overwrite this here:

> }

> user_query = SELECT uid, gid, home, maildir, concat('maildir:storage=', quota) AS quota FROM horde_users WHERE user_uid = '%u';

You didn't update the quota configuration in here. Should be: concat('*:storage=', quota) AS quota_rule.

BTW. This change happened during Dovecot v1.0 -> v1.1 change. Years ago for most people. :)


From spraker at yahoo.com  Sun Jun 24 03:29:47 2012
From: spraker at yahoo.com (Brian Spraker)
Date: Sat, 23 Jun 2012 17:29:47 -0700 (PDT)
Subject: [Dovecot] Dovecot Quotas in Version 2
In-Reply-To: <B1E513FF-7ED7-42FC-967C-DF1155DC0577@iki.fi>
Message-ID: <1340497787.45659.YahooMailClassic@web111404.mail.gq1.yahoo.com>



--- On Sat, 6/23/12, Timo Sirainen <tss at iki.fi> wrote:

> From: Timo Sirainen <tss at iki.fi>
> Subject: Re: [Dovecot] Dovecot Quotas in Version 2
> To: "Brian Spraker" <spraker at yahoo.com>
> Cc: dovecot at dovecot.org
> Date: Saturday, June 23, 2012, 7:23 PM
> On 24.6.2012, at 3.10, Brian Spraker
> wrote:
> 
> > plugin {
> >? quota = maildir
> >? quota_rule = Trash:storage=100M
> 
> This should be quota_rule2. Otherwise you'll just overwrite
> this here:
> 
> > }
> 
> > user_query = SELECT uid, gid, home, maildir,
> concat('maildir:storage=', quota) AS quota FROM horde_users
> WHERE user_uid = '%u';
> 
> You didn't update the quota configuration in here. Should
> be: concat('*:storage=', quota) AS quota_rule.
> 
> BTW. This change happened during Dovecot v1.0 -> v1.1
> change. Years ago for most people. :)
> 
> 

Thank you, Timo.  I have made this change.

However, I do remember before when I set set something as "quota_rule2", it was being ignored for some reason.  I have updated at your response though.

This still didn't correct the issue - and Dovecot won't start when I have the mail_plugins line under 'protocol imap' uncommented.

Error in the syslog says:

init: dovecot main process (xxxxx) terminated with status 89

Brian S.

From tss at iki.fi  Sun Jun 24 03:33:14 2012
From: tss at iki.fi (Timo Sirainen)
Date: Sun, 24 Jun 2012 03:33:14 +0300
Subject: [Dovecot] Dovecot Quotas in Version 2
In-Reply-To: <1340497787.45659.YahooMailClassic@web111404.mail.gq1.yahoo.com>
References: <1340497787.45659.YahooMailClassic@web111404.mail.gq1.yahoo.com>
Message-ID: <D8FFE545-965C-4185-A360-9F5ECB607562@iki.fi>

On 24.6.2012, at 3.29, Brian Spraker wrote:

> This still didn't correct the issue - and Dovecot won't start when I have the mail_plugins line under 'protocol imap' uncommented.

You should also enable quota globally so it will work for doveadm and other tools you may end up using.

> Error in the syslog says:
> 
> init: dovecot main process (xxxxx) terminated with status 89

There should be another error message before this.


From spraker at yahoo.com  Sun Jun 24 03:45:03 2012
From: spraker at yahoo.com (Brian Spraker)
Date: Sat, 23 Jun 2012 17:45:03 -0700 (PDT)
Subject: [Dovecot] Dovecot Quotas in Version 2
In-Reply-To: <D8FFE545-965C-4185-A360-9F5ECB607562@iki.fi>
Message-ID: <1340498703.67452.YahooMailClassic@web111404.mail.gq1.yahoo.com>



--- On Sat, 6/23/12, Timo Sirainen <tss at iki.fi> wrote:

> From: Timo Sirainen <tss at iki.fi>
> Subject: Re: [Dovecot] Dovecot Quotas in Version 2
> To: "Brian Spraker" <spraker at yahoo.com>
> Cc: dovecot at dovecot.org
> Date: Saturday, June 23, 2012, 7:33 PM
> On 24.6.2012, at 3.29, Brian Spraker
> wrote:
> 
> > This still didn't correct the issue - and Dovecot won't
> start when I have the mail_plugins line under 'protocol
> imap' uncommented.
> 
> You should also enable quota globally so it will work for
> doveadm and other tools you may end up using.
> 
> > Error in the syslog says:
> > 
> > init: dovecot main process (xxxxx) terminated with
> status 89
> 
> There should be another error message before this.
> 
> 

Thank you for the fast replies Timo.

I'm not sure I understand how to enable quota to work globally..?  But what would be preventing it from working under 'protocol imap' as it did before?

As for the log, here is the other lines that appeared above it:

Jun 23 19:31:13 server dovecot: master: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill)
Jun 23 19:31:13 server dovecot: log: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill)
Jun 23 19:31:13 server kernel: [100996.340925] init: dovecot main process (11580) terminated with status 89


From tss at iki.fi  Sun Jun 24 03:51:12 2012
From: tss at iki.fi (Timo Sirainen)
Date: Sun, 24 Jun 2012 03:51:12 +0300
Subject: [Dovecot] Dovecot Quotas in Version 2
In-Reply-To: <1340498703.67452.YahooMailClassic@web111404.mail.gq1.yahoo.com>
References: <1340498703.67452.YahooMailClassic@web111404.mail.gq1.yahoo.com>
Message-ID: <F4313652-7768-493A-B5BE-E68CB79808DE@iki.fi>

On 24.6.2012, at 3.45, Brian Spraker wrote:

> I'm not sure I understand how to enable quota to work globally..?

Just put "mail_plugins = quota" outside protocol {} sections.

>  But what would be preventing it from working under 'protocol imap' as it did before?

No idea, the error log should say the reason.

> As for the log, here is the other lines that appeared above it:
> 
> Jun 23 19:31:13 server dovecot: master: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill)
> Jun 23 19:31:13 server dovecot: log: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill)

These mean that dovecot master process was stopped by init process. Why it's doing that I have no idea.

> Jun 23 19:31:13 server kernel: [100996.340925] init: dovecot main process (11580) terminated with status 89

Status 89 means that Dovecot should have logged an error about it. But I see no error here. I think Ubuntu is doing something weird. See what happens if you start dovecot using "dovecot -F" instead of any init script or such.


From spraker at yahoo.com  Sun Jun 24 04:01:46 2012
From: spraker at yahoo.com (Brian Spraker)
Date: Sat, 23 Jun 2012 18:01:46 -0700 (PDT)
Subject: [Dovecot] Dovecot Quotas in Version 2
In-Reply-To: <F4313652-7768-493A-B5BE-E68CB79808DE@iki.fi>
Message-ID: <1340499706.74316.YahooMailClassic@web111404.mail.gq1.yahoo.com>



--- On Sat, 6/23/12, Timo Sirainen <tss at iki.fi> wrote:

> From: Timo Sirainen <tss at iki.fi>
> Subject: Re: [Dovecot] Dovecot Quotas in Version 2
> To: "Brian Spraker" <spraker at yahoo.com>
> Cc: dovecot at dovecot.org
> Date: Saturday, June 23, 2012, 7:51 PM
> On 24.6.2012, at 3.45, Brian Spraker
> wrote:
> 
> > I'm not sure I understand how to enable quota to work
> globally..?
> 
> Just put "mail_plugins = quota" outside protocol {}
> sections.
> 
> >? But what would be preventing it from working
> under 'protocol imap' as it did before?
> 
> No idea, the error log should say the reason.
> 
> > As for the log, here is the other lines that appeared
> above it:
> > 
> > Jun 23 19:31:13 server dovecot: master: Warning: Killed
> with signal 15 (by pid=1 uid=0 code=kill)
> > Jun 23 19:31:13 server dovecot: log: Warning: Killed
> with signal 15 (by pid=1 uid=0 code=kill)
> 
> These mean that dovecot master process was stopped by init
> process. Why it's doing that I have no idea.
> 
> > Jun 23 19:31:13 server kernel: [100996.340925] init:
> dovecot main process (11580) terminated with status 89
> 
> Status 89 means that Dovecot should have logged an error
> about it. But I see no error here. I think Ubuntu is doing
> something weird. See what happens if you start dovecot using
> "dovecot -F" instead of any init script or such.
> 
> 
Perfect!

doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf: mail_plugin_dir: access(/usr/lib/dovecot/modules/imap) failed: No such file or directory

I changed it to /usr/lib/dovecot/modules and now it works fine.

Thank you for the help again!

Brian S.

From michael at think-for-yourself.org  Sun Jun 24 04:21:34 2012
From: michael at think-for-yourself.org (Michael Wessel)
Date: Sat, 23 Jun 2012 18:21:34 -0700
Subject: [Dovecot] Hardware infrastructure for email system
In-Reply-To: <20120623102555.GA5497@state-of-mind.de>
References: <4FE58A52.8050708@think-for-yourself.org>
	<20120623102555.GA5497@state-of-mind.de>
Message-ID: <4FE66B9E.1080901@think-for-yourself.org>

Hi p at rick and thanks for the response.

On 6/23/2012 3:25 AM, Patrick Ben Koetter wrote:
> Michael,
>
> * Michael Wessel <michael at think-for-yourself.org>:
>> I'm currently (re-)planning my email setup and have been doing some
>> research. I have done some searches and read several threads in the
>> areas of my questions here. While there are some that come close I
>> haven't yet been able to get all my questions answered.
>>
>> I currently run a postfix, dovecot & roundcube setup and have about
>> 2000 active accounts. I have a separate SMTP server for outbound
>> mail and auth is done against a separate LDAP server. In front of
>> the POP/IMAP server I have another SMTP (4 in parallel actually)
>> server that receives and filters inbound mail through a company
>> specific, proprietary filter before the mail hits the POP/IMAP
>> server. LDAP & SMTP servers are ESXi VMs.
> Do people use 'real' mail clients to connect and IDLE too?
Yes, though not sure of the percentage. Most will likely use webmail, 
some will use POP and some will use IMAP with "real clients". Right now 
my guess would be about 20% IMAP with Outlook, Thunderbird and such, 10% 
POP and the rest webmail.
>
>
>> So right now both dovecot and roundcube run on the same box which is
>> a Dell PE2950 with dual quad-core Xeon, 16GB RAM and 6 1TB disks in
>> RAID 6, so only local storage using maildir.  So far it's been
>> holding up fine, but it's beginning to show signs of overload now. I
>> also expect an increase in users over the next few months up to
>> somewhere between 10 - 20,000 mail boxes. Hence the re-planning.
>>
>> My first priority in redesigning my setup is reliability. I
>> definitely need something fail-save and as close to always on as
>> possible. Next is performance. And while the budget is of course
>> limited for the moment I'm setting that aside and will worry about
>> that when the time comes.
>>
>> Now here is my question(s):
>>
>> In order to support up to 20,000 mailboxes (distributed over several
>> times-zones so they won't all be used at the same time) with a very
>> reliable service with good performance, what do I actually need?
>>
>> Do I need(ul) SAN or is it just a "would be nice to have"? If yes,
>> why and what would be appropriate for my needs? Or will a setup with
>> a few more servers like the ones I already have, using something
>> like DRBD and distributing services (imap, http, spamd etc) onto
>> different boxes do?
> Will the server enforce quota?
Yes, default quota is 200MB right now, some have larger quotas and a few 
of those hit several GB.
>
> What will be the average mailbox size?
Since the quota is probably going to go up some I'd guess around 400MB 
on average.
>
> Do people share content e.g. mailings with attachments that go out to all
> recipients?
No, only on a limited basis (like cc'ing maybe 15 or so people but even 
that's rare) There will be somewhat large attachments involved (20-30MB) 
but that's mostly between individual users and users outside my system.
>
> What might be the maximum number of clients using the server at one time?
Hard to say with the data at hand. I have a caching IMAP proxy for 
webmail and that has so far recorded 50 as the highest concurrent 
connections. So adding IMAP users to that and then extrapolating this to 
20000 total boxes I'd say 4-500.
>
> Will all users use the same client product e.g. roundcube?
No, they have their choice of any POP3/IMAP client or webmail
>
> What's your backup strategy? What do you use to backup mailboxes?
I was afraid someone was going to ask that question... there isn't one 
(it hurts just writing that!) The only "backup" currently in place is 
redundancy on the hardware-side plus limited (i.e. only parts of the 
mail store) to disk backup. The VMs are easily replaced, but if my 
maildir goes up in smoke tomorrow then I will probably follow shortly 
after! So that's definitely part of what I'm working out here. Wanted to 
nail down the general approach first though before looking at that.
>
> p at rick
>



From CMarcus at Media-Brokers.com  Sun Jun 24 12:24:01 2012
From: CMarcus at Media-Brokers.com (Charles Marcus)
Date: Sun, 24 Jun 2012 05:24:01 -0400
Subject: [Dovecot] Dovecot Quotas in Version 2
In-Reply-To: <1340496629.79833.YahooMailClassic@web111409.mail.gq1.yahoo.com>
References: <1340496629.79833.YahooMailClassic@web111409.mail.gq1.yahoo.com>
Message-ID: <4FE6DCB1.6000807@Media-Brokers.com>

On 2012-06-23 8:10 PM, Brian Spraker <spraker at yahoo.com> wrote:
> Would appreciate any help with this.  I am not using any of the
> individual configuration files on the conf.d folder - simply the
> dovecot.conf and dovecot-sql.conf file.  Here is a copy of those.

Please don't just copy/paste from your configs, always provide doveconf 
-n output.

This will prove that you are using the config that you *think* you are 
using (one problem with debian derivatives is that they often use chroot 
by default which can cause problems). So, if you have something in one 
of those other individual conf files in conf.d causing the problem, 
you'll see it in the doveconf -n output.

Then, when providing logs, try not to censor them too much... often the 
real problem can be evident one or more lines above or below the line 
that you *think* is the most relevant...

-- 

Best regards,

Charles

From c at roessner-network-solutions.com  Sun Jun 24 12:58:43 2012
From: c at roessner-network-solutions.com (=?iso-8859-1?Q?Christian_R=F6=DFner?=)
Date: Sun, 24 Jun 2012 11:58:43 +0200
Subject: [Dovecot] 2.1.7 TLS issues
Message-ID: <824886E0-DD88-4B91-BE32-1839F449906F@roessner-network-solutions.com>

Hi,

I have an interesting problem: I am building dovecot packages for Ubuntu since 10.04. Never had bigger trouble with it. Now since 2.1.6 or 2.1.7 (I can not say more precisely), Thunderbird 10ESR and Outlook 2010 can no longer use 143/TLS correctly. Automx delvers 143/TLS and Outlook tells me that it can not create a secure connection. I changed automx to use 993/SSL and everything works. Under Thunderbird 10ESR, I get a box that tells me that I need to change settings. When I sent mail, TB told me that it could not copy the mail to the sent folder. I also changed to 993/SSL and everything is perfect.

At the other and, Apples Mail.app and iOS devices work perfectly over 143/TLS. So my guess is that it has to do with OpenSSL. Did something change in dovecot concerning TLS? Can I change options in the built process?

Thanks in advance

-Christian R??ner

---
Roessner-Network-Solutions
Bachelor of Science Informatik
Nahrungsberg 81, 35390 Gie?en
F: +49 641 5879091, M: +49 176 93118939
USt-IdNr.: DE225643613
http://www.roessner-network-solutions.com

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3880 bytes
Desc: not available
URL: <http://dovecot.org/pipermail/dovecot/attachments/20120624/85b6ee35/attachment.bin>

From CMarcus at Media-Brokers.com  Sun Jun 24 13:06:07 2012
From: CMarcus at Media-Brokers.com (Charles Marcus)
Date: Sun, 24 Jun 2012 06:06:07 -0400
Subject: [Dovecot] 2.1.7 TLS issues
In-Reply-To: <824886E0-DD88-4B91-BE32-1839F449906F@roessner-network-solutions.com>
References: <824886E0-DD88-4B91-BE32-1839F449906F@roessner-network-solutions.com>
Message-ID: <4FE6E68F.6080803@Media-Brokers.com>

On 2012-06-24 5:58 AM, Christian R??ner 
<c at roessner-network-solutions.com> wrote:
> I have an interesting problem: I am building dovecot packages for
> Ubuntu since 10.04. Never had bigger trouble with it. Now since 2.1.6
> or 2.1.7 (I can not say more precisely), Thunderbird 10ESR and
> Outlook 2010 can no longer use 143/TLS correctly. Automx delvers
> 143/TLS and Outlook tells me that it can not create a secure
> connection. I changed automx to use 993/SSL and everything works.
> Under Thunderbird 10ESR, I get a box that tells me that I need to
> change settings. When I sent mail, TB told me that it could not copy
> the mail to the sent folder. I also changed to 993/SSL and everything
> is perfect.
>
> At the other and, Apples Mail.app and iOS devices work perfectly over
> 143/TLS. So my guess is that it has to do with OpenSSL. Did something
> change in dovecot concerning TLS? Can I change options in the built
> process?

Maybe related to the OpenSSL bug that caused the problem (it sometimes 
helps to read/search emails on this list before posting) discussed just 
yesterday in this thread:

http://www.mail-archive.com/dovecot at dovecot.org/msg45828.html

?

-- 

Best regards,

Charles

From ckubu at so36.net  Sun Jun 24 13:21:15 2012
From: ckubu at so36.net (ckubu)
Date: Sun, 24 Jun 2012 12:21:15 +0200
Subject: [Dovecot] dict Panic after upgrade to 2.1.7
Message-ID: <201206241221.16044.ckubu@so36.net>

Hello,

after upgrade my mailsystem to dovecot version 2.1.7, dovecot doesn't work 
properly. something went wrong in dict service connecting the postgres 
backend. that happens not on every connection. the db connection data are 
correct, no difference connecting via tcp or linux socket. 

dovecot log entries:
Jun 23 23:19:10 mx dovecot: dict: Panic: file driver-pgsql.c: line 84 
(driver_pgsql_set_state): assertion failed: (state == SQL_DB_STATE_BUSY || db-
>cur_result == NULL)
Jun 23 23:19:10 mx dovecot: dict: Error: Raw backtrace: 
/usr/local/dovecot-2.1.7/lib/dovecot/libdovecot.so.0(+0x4478a) 
[0x7ffc7d8e578a] -> 
/usr/local/dovecot-2.1.7/lib/dovecot/libdovecot.so.0(+0x447d6) 
[0x7ffc7d8e57d6] -> 
/usr/local/dovecot-2.1.7/lib/dovecot/libdovecot.so.0(i_error+0) 
[0x7ffc7d8bc5ef] -> dovecot/dict() [0x40a9a6] -> dovecot/dict() [0x40aa01] -> 
dovecot/dict() [0x40be43] -> dovecot/dict() [0x409474] -> 
dovecot/dict(sql_db_cache_deinit+0x20) [0x4089d0] -> dovecot/dict(main+0x169) 
[0x4059f9] -> /lib/libc.so.6(__libc_start_main+0xfd) [0x7ffc7d335c8d] -> 
dovecot/dict() [0x404b59]
Jun 23 23:19:10 mx dovecot: dict: Fatal: master: service(dict): child 13812 
killed with signal 6 (core dumps disabled)

Jun 23 23:23:09 mx dovecot: dict: Error: dict sql iterate failed: Not 
connected to database
Jun 23 23:23:09 mx dovecot: pop3(xxx at yyy.zz): Error: acl: dict iteration 
failed, can't update dict
Jun 23 23:23:09 mx dovecot: dict: Error: dict sql iterate failed: Not 
connected to database
Jun 23 23:23:09 mx dovecot: pop3(xxx at yyy.zz): Error: acl: dict iteration 
failed, can't update dict
Jun 23 23:23:17 mx dovecot: dict: Error: dict sql lookup failed: Not connected 
to database
Jun 23 23:23:17 mx dovecot: imap(xxx at yyy.zz): Error: Internal quota 
calculation error
Jun 23 23:23:19 mx dovecot: dict: Error: dict sql lookup failed: Not connected 
to database
Jun 23 23:23:40 mx dovecot: dict: Error: dict sql lookup failed: Not connected 
to database

maybe i have missconfigured the dovecot system, but i don't find the mistake. 
can anybody give me a hint ?

best wiches
christoph

----- doveconf -n
# 2.1.7: /usr/local/dovecot-2.1.7/etc/dovecot/dovecot.conf
# OS: Linux 2.6.32-5-vserver-amd64 x86_64 Debian 6.0.5 ext3
auth_mechanisms = plain login digest-md5 cram-md5 apop
auth_socket_path = /var/run/dovecot/auth-userdb
auth_username_translation = %@
auth_verbose = yes
auth_verbose_passwords = plain
base_dir = /var/run/dovecot/
dict {
  acl = pgsql:/usr/local/dovecot/etc/dovecot/sql-dict.conf.ext
  expire = pgsql:/usr/local/dovecot/etc/dovecot/sql-dict.conf.ext
  quota = pgsql:/usr/local/dovecot/etc/dovecot/sql-dict.conf.ext
}
disable_plaintext_auth = no
first_valid_gid = 5000
first_valid_uid = 5000
hostname = mx.warenform.de
last_valid_gid = 5000
last_valid_uid = 5000
listen = 178.63.63.151 2a01:4f8:121:c5::2
mail_gid = vmail
mail_location = maildir:/var/vmail/%d/%n/Maildir
mail_plugins = autocreate quota expire acl
mail_uid = vmail
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character 
vacation subaddress comparator-i;ascii-numeric relational regex imap4flags 
copy include variables body enotify environment mailbox date ihave
namespace {
  list = children
  location = maildir:/var/vmail/%%d/%%n/Maildir:INDEX=~/Maildir/shared/%%u
  prefix = shared/%%u/
  separator = /
  subscriptions = no
  type = shared
}
namespace inbox {
  inbox = yes
  location = 
  mailbox Drafts {
    special_use = \Drafts
  }
  mailbox Junk {
    special_use = \Junk
  }
  mailbox Sent {
    special_use = \Sent
  }
  mailbox "Sent Messages" {
    special_use = \Sent
  }
  mailbox Spam {
    special_use = \Junk
  }
  mailbox Trash {
    special_use = \Trash
  }
  prefix = 
  separator = /
  type = private
}
passdb {
  args = /usr/local/dovecot/etc/dovecot/sql-connect.conf.ext
  driver = sql
}
plugin {
  acl = vfile
  acl_shared_dict = proxy::acl
  autocreate = Spam
  autocreate2 = Sent
  autocreate3 = Trash
  autocreate4 = Drafts
  autosubscribe = Spam
  autosubscribe2 = Sent
  autosubscribe3 = Trash
  autosubscribe4 = Drafts
  expire = Trash
  expire2 = Trash.*
  expire3 = Spam
  expire_dict = proxy::expire
  quota = dict:User quota::proxy::quota
  quota_rule = *:storage=1G
  quota_rule2 = Trash:storage=+200M
  quota_warning = storage=95%% quota-warning 95 %u
  quota_warning2 = storage=80%% quota-warning 80 %u
  recipient_delimiter = 
  sieve = ~/.dovecot.sieve
  sieve_before = /usr/local/dovecot/etc/dovecot/sieve/move-spam.sieve
  sieve_dir = ~/sieve
  sieve_global_dir = /usr/local/dovecot/etc/dovecot/sieve/global/
}
postmaster_address = admin at warenform.de
protocols = imap pop3 sieve lmtp
service auth {
  unix_listener /var/spool/postfix/private/dovecot-auth {
    group = postfix
    mode = 0666
    user = postfix
  }
  unix_listener auth-userdb {
    group = vmail
    mode = 0600
    user = vmail
  }
}
service dict {
  unix_listener dict {
    mode = 0600
    user = vmail
  }
}
service imap-login {
  inet_listener imap {
    address = 127.0.0.1 178.63.63.151 2a01:4f8:121:c5::2
  }
  inet_listener imaps {
    address = 178.63.63.151 2a01:4f8:121:c5::2
  }
  process_min_avail = 16
}
service lmtp {
  unix_listener /var/spool/postfix/private/dovecot-lmtp {
    group = postfix
    mode = 0660
    user = postfix
  }
}
service managesieve-login {
  inet_listener sieve {
    address = 127.0.0.1
    port = 4190
  }
}
service pop3-login {
  inet_listener pop3 {
    address = 178.63.63.151 2a01:4f8:121:c5::2
  }
  inet_listener pop3s {
    address = 178.63.63.151 2a01:4f8:121:c5::2
  }
}
service quota-warning {
  executable = script /usr/local/bin/quota-warning.sh
  unix_listener quota-warning {
    user = vmail
  }
  user = dovecot
}
shutdown_clients = no
ssl_cert = </etc/postfix/ssl/servercert.pem
ssl_key = </etc/postfix/ssl/servercert.pem
syslog_facility = local1
userdb {
  args = /usr/local/dovecot/etc/dovecot/sql-connect.conf.ext
  driver = sql
}
protocol lmtp {
  mail_plugins = autocreate quota expire acl sieve
}
protocol lda {
  mail_plugins = autocreate quota expire acl sieve
}
protocol imap {
  imap_client_workarounds = delay-newmail
  mail_max_userip_connections = 24
  mail_plugins = autocreate quota expire acl imap_quota imap_acl
  ssl_cert = </etc/postfix/ssl/imap_warenform_de.crt
  ssl_key = </etc/postfix/ssl/imap_warenform_de.key
}
protocol pop3 {
  mail_max_userip_connections = 10
  pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
  ssl_cert = </etc/postfix/ssl/pop_warenform_de.crt
  ssl_key = </etc/postfix/ssl/pop_warenform_de.key
}


----- sql-dict.conf.ext:

connect = host=/var/run/postgresql user=db_user password=db_passwd 
dbname=db_name

# quota
map {
  pattern = priv/quota/storage
  table = quota2
  username_field = username
  value_field = bytes
}
map {
  pattern = priv/quota/messages
  table = quota2
  username_field = username
  value_field = messages
}

# expires
map {
  pattern = shared/expire/$user/$mailbox
  table = expires
  value_field = expire_stamp

  fields {
    username = $user
    mailbox = $mailbox
  }
}

# acl
map {
  pattern = shared/shared-boxes/user/$to/$from
  table = user_shares
  value_field = dummy

  fields {
    from_user = $from
    to_user = $to
  }
}

map {
  pattern = shared/shared-boxes/anyone/$from
  table = anyone_shares
  value_field = dummy

  fields {
    from_user = $from
  }
}



-- 
e: ckubu at so36.net

From c at roessner-network-solutions.com  Sun Jun 24 13:42:47 2012
From: c at roessner-network-solutions.com (=?iso-8859-1?Q?Christian_R=F6=DFner?=)
Date: Sun, 24 Jun 2012 12:42:47 +0200
Subject: [Dovecot] 2.1.7 TLS issues
In-Reply-To: <4FE6E68F.6080803@Media-Brokers.com>
References: <824886E0-DD88-4B91-BE32-1839F449906F@roessner-network-solutions.com>
	<4FE6E68F.6080803@Media-Brokers.com>
Message-ID: <46FA7370-959B-47CD-B0EB-0BCDFA1B3511@roessner-network-solutions.com>

> Maybe related to the OpenSSL bug that caused the problem (it sometimes helps to read/search emails on this list before posting) discussed just yesterday in this thread:
> 
> http://www.mail-archive.com/dovecot at dovecot.org/msg45828.html


well, the packages I built are still running under 10.04 and therefor the library has not been upgraded to 1.0.1. This is the reason for this post. My question is, if doevcot got some code or anything else that focuses on the newer 1.0.1 library, and maybe broke something in older versions?

-Christian R??ner

---
Roessner-Network-Solutions
Bachelor of Science Informatik
Nahrungsberg 81, 35390 Gie?en
F: +49 641 5879091, M: +49 176 93118939
USt-IdNr.: DE225643613
http://www.roessner-network-solutions.com

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3880 bytes
Desc: not available
URL: <http://dovecot.org/pipermail/dovecot/attachments/20120624/461002ec/attachment.bin>

From CMarcus at Media-Brokers.com  Sun Jun 24 14:22:58 2012
From: CMarcus at Media-Brokers.com (Charles Marcus)
Date: Sun, 24 Jun 2012 07:22:58 -0400
Subject: [Dovecot] 2.1.7 TLS issues
In-Reply-To: <46FA7370-959B-47CD-B0EB-0BCDFA1B3511@roessner-network-solutions.com>
References: <824886E0-DD88-4B91-BE32-1839F449906F@roessner-network-solutions.com>
	<4FE6E68F.6080803@Media-Brokers.com>
	<46FA7370-959B-47CD-B0EB-0BCDFA1B3511@roessner-network-solutions.com>
Message-ID: <4FE6F892.5010004@Media-Brokers.com>

On 2012-06-24 6:42 AM, Christian R??ner 
<c at roessner-network-solutions.com> wrote:
>> Maybe related to the OpenSSL bug that caused the problem (it
>> sometimes helps to read/search emails on this list before posting)
>> discussed just yesterday in this thread:
>>
>> http://www.mail-archive.com/dovecot at dovecot.org/msg45828.html

> well, the packages I built are still running under 10.04 and therefor
> the library has not been upgraded to 1.0.1. This is the reason for
> this post. My question is, if doevcot got some code or anything else
> that focuses on the newer 1.0.1 library, and maybe broke something in
> older versions?

Ah, ok, missed that...

Well, sorry I can't help, hopefully Timo will have an answer for you...

-- 

Best regards,

Charles

From tss at iki.fi  Sun Jun 24 17:19:15 2012
From: tss at iki.fi (Timo Sirainen)
Date: Sun, 24 Jun 2012 17:19:15 +0300
Subject: [Dovecot] 2.1.7 TLS issues
In-Reply-To: <824886E0-DD88-4B91-BE32-1839F449906F@roessner-network-solutions.com>
References: <824886E0-DD88-4B91-BE32-1839F449906F@roessner-network-solutions.com>
Message-ID: <A1CBDBB9-415C-4CFF-A07B-304EE5AF1828@iki.fi>

On 24.6.2012, at 12.58, Christian R??ner wrote:

> I have an interesting problem: I am building dovecot packages for Ubuntu since 10.04. Never had bigger trouble with it. Now since 2.1.6 or 2.1.7 (I can not say more precisely), Thunderbird 10ESR and Outlook 2010 can no longer use 143/TLS correctly. Automx delvers 143/TLS and Outlook tells me that it can not create a secure connection. I changed automx to use 993/SSL and everything works. Under Thunderbird 10ESR, I get a box that tells me that I need to change settings. When I sent mail, TB told me that it could not copy the mail to the sent folder. I also changed to 993/SSL and everything is perfect.
> 
> At the other and, Apples Mail.app and iOS devices work perfectly over 143/TLS. So my guess is that it has to do with OpenSSL. Did something change in dovecot concerning TLS? Can I change options in the built process?

What was the Dovecot version you were using previously which worked?


From r.vicinus at metaways.de  Sun Jun 24 18:57:29 2012
From: r.vicinus at metaways.de (Reinhard Vicinus)
Date: Sun, 24 Jun 2012 17:57:29 +0200
Subject: [Dovecot] Mail migration to dovecot with doveadm backup
Message-ID: <4FE738E9.6040706@metaways.de>

Hi,

i try to migrate mails from a non dovecot imap server to a dovecot imap 
server with doveadm backup as described there:

http://wiki2.dovecot.org/Migration/Dsync

i first tried (local-mailbox port 18143 is the non dovecot imap server):

/usr/bin/doveadm -o imapc_user=user at example.org -o imapc_password=imappw 
-o imapc_host=local-mailbox -o imapc_features=rfc822.size -o 
imapc_port=18143 -o mailbox_list_index=no -v -D backup -R -f -u 
user at example.org -m Sent imapc:

and got the following error:

dsync(user at example.org): Fatal: dsync backup: Looks like you're trying 
to run backup in wrong direction. Source is empty and destination is not.

As the dovecot imap account is newly created and therefore empty it 
seams to try to backup from the dovecot imap server to the non dovecot 
imap server. So i tried instead:

/usr/bin/doveadm -o imapc_user=user at example.org -o imapc_password=imappw 
-o imapc_host=local-mailbox -o imapc_features=rfc822.size -o 
imapc_port=18143 -o mailbox_list_index=no -v -D backup -f -u 
user at example.org -m Sent imapc:

Sometimes (every other time?) i got the following segmentation fault:

bt
#0  0x00007f15e2c9ed74 in strcasecmp () from /lib/libc.so.6
#1  0x00007f15e327eaff in imapc_save_callback (reply=0x7fff56096a70, 
context=<value optimized out>) at imapc-save.c:168
#2  0x00007f15e32853fe in imapc_command_reply_free (conn=0x72f040) at 
imapc-connection.c:946
#3  imapc_connection_input_tagged (conn=0x72f040) at imapc-connection.c:1039
#4  0x00007f15e3285668 in imapc_connection_input_one (conn=0x72f040) at 
imapc-connection.c:1085
#5  imapc_connection_input_pending (conn=0x72f040) at 
imapc-connection.c:1407
#6  0x00007f15e3285922 in imapc_connection_input (conn=0x72f040) at 
imapc-connection.c:1100
#7  0x00007f15e2fe6176 in io_loop_call_io (io=0x792510) at ioloop.c:379
#8  0x00007f15e2fe71ff in io_loop_handler_run (ioloop=<value optimized 
out>) at ioloop-epoll.c:213
#9  0x00007f15e2fe6118 in io_loop_run (ioloop=0x7529a0) at ioloop.c:398
#10 0x00007f15e3281e49 in imapc_client_run_pre (client=0x7333e0) at 
imapc-client.c:142
#11 imapc_client_run (client=0x7333e0) at imapc-client.c:161
#12 0x00007f15e3280f24 in imapc_storage_run (storage=0x732bd0) at 
imapc-storage.c:118
#13 0x00007f15e327f003 in imapc_save_append (_ctx=0x74dcb0) at 
imapc-save.c:232
#14 imapc_save_finish (_ctx=0x74dcb0) at imapc-save.c:255
#15 0x00007f15e1bf06a1 in quota_save_finish (ctx=0x74dcb0) at 
quota-storage.c:227
#16 0x00007f15e3292487 in mailbox_save_finish (_ctx=0x7f15e2d4ca40) at 
mail-storage.c:1669
#17 0x000000000042b736 in local_worker_save_msg_continue 
(worker=0x73c770) at dsync-worker-local.c:1681
#18 0x000000000042b98c in local_worker_msg_save (_worker=0x73c770, 
msg=0x7f15e38e4298, data=0x7fff56096db0, callback=0x4269f0 
<msg_save_callback>, context=0x78a610) at dsync-worker-local.c:1739
#19 0x000000000042b0d9 in dsync_worker_msg_save (worker=0x73c770, 
msg=<value optimized out>, data=0x7fff56096db0, callback=0x4269f0 
<msg_save_callback>, context=0x78a610) at dsync-worker.c:234
#20 0x0000000000426ac5 in msg_get_callback (result=<value optimized 
out>, data=0x7fff56096db0, context=0x78a610) at dsync-brain-msgs-new.c:79
#21 0x000000000042dca9 in local_worker_msg_get_next (worker=0x726f30, 
get=0x7fff56096e00) at dsync-worker-local.c:1844
#22 0x000000000042def8 in local_worker_msg_get (_worker=0x0, 
mailbox=<value optimized out>, uid=3805596224, callback=0x2670, 
context=0x58) at dsync-worker-local.c:1865
#23 0x000000000042ace6 in dsync_worker_msg_get (worker=0x726f30, 
mailbox=0x7f15e38e40f1, uid=1, callback=0x426a40 <msg_get_callback>, 
context=<value optimized out>) at dsync-worker.c:261
#24 0x000000000042689e in dsync_brain_msg_sync_add_new_msg 
(iter=0x7f15e38e41d8) at dsync-brain-msgs-new.c:181
#25 dsync_brain_mailbox_add_new_msgs (iter=0x7f15e38e41d8) at 
dsync-brain-msgs-new.c:216
#26 dsync_brain_msg_sync_add_new_msgs (iter=0x7f15e38e41d8) at 
dsync-brain-msgs-new.c:315
#27 0x0000000000426164 in dsync_brain_msg_sync_more 
(sync=0x7f15e38e4050) at dsync-brain-msgs.c:436
#28 0x0000000000424979 in dsync_brain_sync_msgs (brain=0x7351c0) at 
dsync-brain.c:736
#29 dsync_brain_sync (brain=0x7351c0) at dsync-brain.c:857
#30 0x0000000000425849 in dsync_brain_subs_list_finished 
(context=0x750fa0) at dsync-brain.c:169
#31 dsync_worker_subs_input (context=0x750fa0) at dsync-brain.c:222
#32 0x0000000000424cbd in dsync_brain_sync (brain=0x7351c0) at 
dsync-brain.c:842
#33 0x00000000004256bc in dsync_brain_mailbox_list_finished 
(context=0x743a60) at dsync-brain.c:98
#34 dsync_worker_mailbox_input (context=0x743a60) at dsync-brain.c:125
#35 0x0000000000424afe in dsync_brain_sync (brain=0x7351c0) at 
dsync-brain.c:833
#36 0x0000000000425568 in dsync_brain_sync_all (brain=0x7351c0) at 
dsync-brain.c:897
#37 0x0000000000422ad6 in cmd_dsync_start (ctx=0x706560, worker1=<value 
optimized out>, worker2=<value optimized out>) at doveadm-dsync.c:342
#38 0x0000000000422dfa in cmd_dsync_run (_ctx=0x706560, user=0x7209c0) 
at doveadm-dsync.c:387
#39 0x000000000040f888 in doveadm_mail_next_user (ctx=0x706560, 
input=<value optimized out>, error_r=0x7fff560973d0) at doveadm-mail.c:311
#40 0x0000000000410071 in doveadm_mail_cmd (cmd=0x704880, argc=7, 
argv=0x6fe418) at doveadm-mail.c:518
#41 0x0000000000410501 in doveadm_mail_try_run (cmd_name=0x6fe4e4 
"backup", argc=1443460960, argv=0x4377c7) at doveadm-mail.c:577
#42 0x00000000004170d1 in main (argc=7, argv=0x6fe3e8) at doveadm.c:373


The other times it shows the following error message (It seams to 
connect both times to the non dovecot imap server):

doveadm(root): Debug: Loading modules from directory: 
/usr/lib/dovecot/modules
doveadm(root): Debug: Module loaded: 
/usr/lib/dovecot/modules/lib10_quota_plugin.so
doveadm(root): Debug: Loading modules from directory: 
/usr/lib/dovecot/modules/doveadm
doveadm(root): Debug: Skipping module doveadm_acl_plugin, because 
dlopen() failed: 
/usr/lib/dovecot/modules/doveadm/lib10_doveadm_acl_plugin.so: undefined 
symbol: acl_user_module (this is usually intentional, so just ignore 
this message)
doveadm(root): Debug: Skipping module doveadm_expire_plugin, because 
dlopen() failed: 
/usr/lib/dovecot/modules/doveadm/lib10_doveadm_expire_plugin.so: 
undefined symbol: expire_set_lookup (this is usually intentional, so 
just ignore this message)
doveadm(root): Debug: Module loaded: 
/usr/lib/dovecot/modules/doveadm/lib10_doveadm_quota_plugin.so
doveadm(root): Debug: Skipping module doveadm_zlib_plugin, because 
dlopen() failed: 
/usr/lib/dovecot/modules/doveadm/lib10_doveadm_zlib_plugin.so: undefined 
symbol: i_stream_create_deflate (this is usually intentional, so just 
ignore this message)
doveadm(root): Debug: Skipping module doveadm_fts_plugin, because 
dlopen() failed: 
/usr/lib/dovecot/modules/doveadm/lib20_doveadm_fts_plugin.so: undefined 
symbol: fts_list_backend (this is usually intentional, so just ignore 
this message)
doveadm(user at example.org): Debug: auth input: user at example.org 
home=/mail/dovecot/example.org/user uid=1000 gid=1000 
quota_rule=*:bytes=2000M:messages=0
doveadm(user at example.org): Debug: Added userdb setting: 
plugin/quota_rule=*:bytes=2000M:messages=0
doveadm(user at example.org): Debug: Effective uid=1000, gid=1000, 
home=/mail/dovecot/example.org/user
doveadm(user at example.org): Debug: Quota root: name=User quota 
backend=dict args=:proxy::quota
doveadm(user at example.org): Debug: Quota rule: root=User quota mailbox=* 
bytes=2097152000 messages=0
doveadm(user at example.org): Debug: Quota rule: root=User quota 
mailbox=Trash bytes=+104857600 messages=0
doveadm(user at example.org): Debug: Quota warning: bytes=1992294400 (95%) 
messages=0 reverse=no command=quota-warning 95 user at example.org
doveadm(user at example.org): Debug: Quota warning: bytes=1677721600 (80%) 
messages=0 reverse=no command=quota-warning 80 user at example.org
doveadm(user at example.org): Debug: dict quota: user=user at example.org, 
uri=proxy::quota, noenforcing=0
doveadm(user at example.org): Debug: fs: 
root=/mail/dovecot/example.org/user/mail, index=, control=, inbox=, alt=
doveadm(user at example.org): Debug: Namespace : Using permissions from 
/mail/dovecot/example.org/user/mail: mode=0700 gid=-1
dsync(user at example.org): Debug: Effective uid=1000, gid=1000, 
home=/mail/dovecot/example.org/user
dsync(user at example.org): Debug: Quota root: name=User quota backend=dict 
args=:proxy::quota
dsync(user at example.org): Debug: Quota rule: root=User quota mailbox=* 
bytes=2097152000 messages=0
dsync(user at example.org): Debug: Quota rule: root=User quota 
mailbox=Trash bytes=+104857600 messages=0
dsync(user at example.org): Debug: Quota warning: bytes=1992294400 (95%) 
messages=0 reverse=no command=quota-warning 95 user at example.org
dsync(user at example.org): Debug: Quota warning: bytes=1677721600 (80%) 
messages=0 reverse=no command=quota-warning 80 user at example.org
dsync(user at example.org): Debug: dict quota: user=user at example.org, 
uri=proxy::quota, noenforcing=0
dsync(user at example.org): Debug: imapc: root=, index=, control=, inbox=, alt=
dsync(user at example.org): Debug: imapc(local-mailbox:18143): Looking up 
IP address
dsync(user at example.org): Debug: imapc(local-mailbox:18143): Connecting 
to 10.10.10.10:18143
dsync(user at example.org): Debug: imapc(local-mailbox:18143): Server 
capabilities: IMAP4 IMAP4rev1 AUTH=LOGIN ACL NAMESPACE CHILDREN SORT 
QUOTA THREAD=ORDEREDSUBJECT UNSELECT IDLE
dsync(user at example.org): Debug: imapc(local-mailbox:18143): 
Authenticating as user at example.org
dsync(user at example.org): Debug: imapc(local-mailbox:18143): 
Authenticated successfully
dsync(user at example.org): Debug: imapc(local-mailbox:18143): Looking up 
IP address
dsync(user at example.org): Debug: imapc(local-mailbox:18143): Connecting 
to 10.10.10.10:18143
dsync(user at example.org): Debug: imapc(local-mailbox:18143): Server 
capabilities: IMAP4 IMAP4rev1 AUTH=LOGIN ACL NAMESPACE CHILDREN SORT 
QUOTA THREAD=ORDEREDSUBJECT UNSELECT IDLE
dsync(user at example.org): Debug: imapc(local-mailbox:18143): 
Authenticating as user at example.org
dsync(user at example.org): Debug: imapc(local-mailbox:18143): 
Authenticated successfully
dsync(user at example.org): Warning: Destination mailbox Sent has been 
modified, need to recreate it before we can continue syncing
dsync(user at example.org): Warning: Mailbox changes caused a desync. You 
may want to run dsync again.
dsync(user at example.org): Debug: imapc(local-mailbox:18143): Disconnected
dsync(user at example.org): Debug: imapc(local-mailbox:18143): Disconnected

i think the problem could be that the account name on the remote server 
and the local server is absolute identical and doveadm backup has 
therefore problems discerning between the two locations. But that's only 
a stab in the dark and any help is appreciated.

Kind regards
Reinhard

From robert at schetterer.org  Sun Jun 24 20:42:39 2012
From: robert at schetterer.org (Robert Schetterer)
Date: Sun, 24 Jun 2012 19:42:39 +0200
Subject: [Dovecot] 2.1.7 TLS issues
In-Reply-To: <A1CBDBB9-415C-4CFF-A07B-304EE5AF1828@iki.fi>
References: <824886E0-DD88-4B91-BE32-1839F449906F@roessner-network-solutions.com>
	<A1CBDBB9-415C-4CFF-A07B-304EE5AF1828@iki.fi>
Message-ID: <4FE7518F.60200@schetterer.org>

Am 24.06.2012 16:19, schrieb Timo Sirainen:
> On 24.6.2012, at 12.58, Christian R??ner wrote:
> 
>> I have an interesting problem: I am building dovecot packages for Ubuntu since 10.04. Never had bigger trouble with it. Now since 2.1.6 or 2.1.7 (I can not say more precisely), Thunderbird 10ESR and Outlook 2010 can no longer use 143/TLS correctly. Automx delvers 143/TLS and Outlook tells me that it can not create a secure connection. I changed automx to use 993/SSL and everything works. Under Thunderbird 10ESR, I get a box that tells me that I need to change settings. When I sent mail, TB told me that it could not copy the mail to the sent folder. I also changed to 993/SSL and everything is perfect.
>>
>> At the other and, Apples Mail.app and iOS devices work perfectly over 143/TLS. So my guess is that it has to do with OpenSSL. Did something change in dovecot concerning TLS? Can I change options in the built process?
> 
> What was the Dovecot version you were using previously which worked?
> 

Hi Christian, i made all the way trough all versions of dovecot trunk
2.0.x and since 2.1.5 on lucid 64
no problems at , but i recent had big problems with compile other stuff
on ubuntu 12.4 with openssl ( didnt checked dovecot yet )
so my bet goes to the new ssl lib on 12.04
also there were workarounds in postfix to reflect this ssl update stuff,
as far i remember hte ssl lib has some more and new features wich makes
software
not reflecting this ,may not work or fail sometimes, it may fixed  with
setup parameters

i.e see here

http://comments.gmane.org/gmane.mail.postfix.user/229196

--snip
Viktor Dukhovni:
> The OpenSSL API does not provide an interface to allow older programs
> to disable new protocol versions defined in later versions of the API.
>
> Therefore, to disable TLS 1.1 or 1.2 one has to add code that uses
> the new constants introduced with OpenSSL 1.0.1.
>
> Proposed patch attached.

That will be a solution for Postfix 2.10.

Meanwhile, for earlier Postfix releases, how much of the problem
can be solved by changing from:

    mumble_tls_mandatory_protocols = SSLv3, TLSv1

(i.e. the current default) to:

    mumble_tls_mandatory_protocols = !SSLv2

I don't mind that the older Postfix versions would not be able to
turn on/off protocols that didn't exist at the time Postfix was
released.

	Wietse
--snipend


i guees there are equal workarounds settings possible in dovecot
perhaps with ssl_cipher_list ?

http://wiki.dovecot.org/SSL/DovecotConfiguration

sorry lot of speculate here until not testet myself


-- 
Best Regards
MfG Robert Schetterer



From role.Dovecot-Readers at JLAssocs.com  Sun Jun 24 21:23:46 2012
From: role.Dovecot-Readers at JLAssocs.com (J E Lyon)
Date: Sun, 24 Jun 2012 19:23:46 +0100
Subject: [Dovecot] The deleted_to_trash Plugin (workaround Outlook 2007
	behaviour)
Message-ID: <9F4DE9B0-5EDB-4F8E-8EC9-B98856EDD4FB@JLAssocs.com>

Hi,

I see the plugin exists for v1 & v2, all very interesting... Surprised no one seems to have created an RPM and it looks like deleted_to_trash is one of the very few plugins to not be shipped as part of the default install with CentOS 5.5 or CentOS 6 (i.e. Dovecot v1 & v2 respectively.)

Am I missing something, or does everyone really build from source?

Thanks,
James.

From c at roessner-network-solutions.com  Sun Jun 24 23:20:05 2012
From: c at roessner-network-solutions.com (=?iso-8859-1?Q?Christian_R=F6=DFner?=)
Date: Sun, 24 Jun 2012 22:20:05 +0200
Subject: [Dovecot] 2.1.7 TLS issues
In-Reply-To: <A1CBDBB9-415C-4CFF-A07B-304EE5AF1828@iki.fi>
References: <824886E0-DD88-4B91-BE32-1839F449906F@roessner-network-solutions.com>
	<A1CBDBB9-415C-4CFF-A07B-304EE5AF1828@iki.fi>
Message-ID: <451CA0A8-E296-49DB-859A-BADACA1EFC78@roessner-network-solutions.com>

>> I have an interesting problem: I am building dovecot packages for Ubuntu since 10.04. Never had bigger trouble with it. Now since 2.1.6 or 2.1.7 (I can not say more precisely), Thunderbird 10ESR and Outlook 2010 can no longer use 143/TLS correctly. Automx delvers 143/TLS and Outlook tells me that it can not create a secure connection. I changed automx to use 993/SSL and everything works. Under Thunderbird 10ESR, I get a box that tells me that I need to change settings. When I sent mail, TB told me that it could not copy the mail to the sent folder. I also changed to 993/SSL and everything is perfect.
>> 
>> At the other and, Apples Mail.app and iOS devices work perfectly over 143/TLS. So my guess is that it has to do with OpenSSL. Did something change in dovecot concerning TLS? Can I change options in the built process?
> 
> What was the Dovecot version you were using previously which worked?

I am not sure which version worked. My best guess is 2.1.4 or 2.1.5, because I skipped 2.1.6. But 2.1.6 has the same issues, as my friend Uwe did report the same issues with that one.

@Robert: I am talking about Ubuntu 10.04, so this can not be a problem with openssl itself, as that did not change

-Christian R??ner

---
Roessner-Network-Solutions
Bachelor of Science Informatik
Nahrungsberg 81, 35390 Gie?en
F: +49 641 5879091, M: +49 176 93118939
USt-IdNr.: DE225643613
http://www.roessner-network-solutions.com

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3880 bytes
Desc: not available
URL: <http://dovecot.org/pipermail/dovecot/attachments/20120624/8791cd3b/attachment.bin>

From role.Dovecot-Readers at JLAssocs.com  Sun Jun 24 23:28:21 2012
From: role.Dovecot-Readers at JLAssocs.com (J E Lyon)
Date: Sun, 24 Jun 2012 21:28:21 +0100
Subject: [Dovecot] 2.1.7 TLS issues
In-Reply-To: <451CA0A8-E296-49DB-859A-BADACA1EFC78@roessner-network-solutions.com>
References: <824886E0-DD88-4B91-BE32-1839F449906F@roessner-network-solutions.com>
	<A1CBDBB9-415C-4CFF-A07B-304EE5AF1828@iki.fi>
	<451CA0A8-E296-49DB-859A-BADACA1EFC78@roessner-network-solutions.com>
Message-ID: <2FD79483-C77E-4FB8-8C93-2A2C93014B83@JLAssocs.com>

On 24 Jun 2012, at 21:20, Christian R??ner wrote:

>>> I have an interesting problem: I am building dovecot packages for Ubuntu since 10.04. Never had bigger trouble with it. Now since 2.1.6 or 2.1.7 (I can not say more precisely), Thunderbird 10ESR and Outlook 2010 can no longer use 143/TLS correctly. Automx delvers 143/TLS and Outlook tells me that it can not create a secure connection. I changed automx to use 993/SSL and everything works. Under Thunderbird 10ESR, I get a box that tells me that I need to change settings. When I sent mail, TB told me that it could not copy the mail to the sent folder. I also changed to 993/SSL and everything is perfect.
>>> 
>>> At the other and, Apples Mail.app and iOS devices work perfectly over 143/TLS. So my guess is that it has to do with OpenSSL. Did something change in dovecot concerning TLS? Can I change options in the built process?
>> 
>> What was the Dovecot version you were using previously which worked?
> 
> I am not sure which version worked. My best guess is 2.1.4 or 2.1.5, because I skipped 2.1.6. But 2.1.6 has the same issues, as my friend Uwe did report the same issues with that one.
> 
> @Robert: I am talking about Ubuntu 10.04, so this can not be a problem with openssl itself, as that did not change

I've seen problems with all kinds of clients and servers, even with Dovecot 1.x where TLS/Auto settings fail and I simply always instruct end users to explicitly choose 993/SSL to get a good TLS connection reliably.

It seems like it might not be so version-specific or even anything wrong at the server end.

James.

From juergen at pabel.net  Sun Jun 24 23:37:00 2012
From: juergen at pabel.net (=?ISO-8859-1?Q?J=FCrgen?= Pabel)
Date: Sun, 24 Jun 2012 22:37:00 +0200
Subject: [Dovecot] Additional passdb result status
Message-ID: <1340570220.13783.23.camel@P7230>

Dear Dovecot-Team,

I am implementing a plugin (for the pop3/imap process) that requires
some data to provided from the authentication phase (a derivative of the
password). For that, I have now implemented a passdb plugin that
generates this data and I would like to "pass" this data down to the
mail process (pop3/imap) via extra_fields in the reply of the
authentication. The general idea is that my custom passdb plugin
calculates the data, sets the extra_field and returns some error
(authentication was not successful) so that the "real" passdb backend
can be invoked to "really" validate the authentication data. 

However, in auth_request_handle_passdb_callback() the extra_fields are
reseted unless the return code is PASSDB_RESULT_USER_DISABLED. But if
that return code is used then any following passdb's aren't invoked any
more - which makes sense with respect to user authenticiation. I would
therefore like to propose that some IGNORE/CONTINUE-status to be
introduced in auth/passdb.h, that would be handled in that extra_fields
and possible other values are not reseted in order to allow such
propagation of data from authentication process down to the mail process
(which could be extracted from the reply string by parsing it).

As a further implementation alternative (to the parsing of the reply
string), I also propose that some new "environment" item be introduced
(in auth_request) in order to allow such data passing in a generic
manner. 

I hope you consider my proposal to be reasonable. If desired, I could
implement this myself and provide a patch for merging (based on 2.0.x).
If my proposal is generally unfavored, it would be great if any
alternative approaches for my situation were suggested. Thanks.

Regards,
J?rgen

PS: please reply to my e-mail (or CC me), as I have not subscribed to
the dovecot list



From c at roessner-network-solutions.com  Mon Jun 25 01:09:10 2012
From: c at roessner-network-solutions.com (=?utf-8?Q?Christian_R=C3=B6=C3=9Fner?=)
Date: Mon, 25 Jun 2012 00:09:10 +0200
Subject: [Dovecot] 2.1.7 TLS issues
In-Reply-To: <2FD79483-C77E-4FB8-8C93-2A2C93014B83@JLAssocs.com>
References: <824886E0-DD88-4B91-BE32-1839F449906F@roessner-network-solutions.com>
	<A1CBDBB9-415C-4CFF-A07B-304EE5AF1828@iki.fi>
	<451CA0A8-E296-49DB-859A-BADACA1EFC78@roessner-network-solutions.com>
	<2FD79483-C77E-4FB8-8C93-2A2C93014B83@JLAssocs.com>
Message-ID: <13AD4EF2-00E8-46E1-A5BE-39D8CFABBFD8@roessner-network-solutions.com>

> 
>>>> I have an interesting problem: I am building dovecot packages for Ubuntu since 10.04. Never had bigger trouble with it. Now since 2.1.6 or 2.1.7 (I can not say more precisely), Thunderbird 10ESR and Outlook 2010 can no longer use 143/TLS correctly. Automx delvers 143/TLS and Outlook tells me that it can not create a secure connection. I changed automx to use 993/SSL and everything works. Under Thunderbird 10ESR, I get a box that tells me that I need to change settings. When I sent mail, TB told me that it could not copy the mail to the sent folder. I also changed to 993/SSL and everything is perfect.
>>>> 
>>>> At the other and, Apples Mail.app and iOS devices work perfectly over 143/TLS. So my guess is that it has to do with OpenSSL. Did something change in dovecot concerning TLS? Can I change options in the built process?
>>> 
>>> What was the Dovecot version you were using previously which worked?
>> 
>> I am not sure which version worked. My best guess is 2.1.4 or 2.1.5, because I skipped 2.1.6. But 2.1.6 has the same issues, as my friend Uwe did report the same issues with that one.
>> 
>> @Robert: I am talking about Ubuntu 10.04, so this can not be a problem with openssl itself, as that did not change
> 
> I've seen problems with all kinds of clients and servers, even with Dovecot 1.x where TLS/Auto settings fail and I simply always instruct end users to explicitly choose 993/SSL to get a good TLS connection reliably.
> 
> It seems like it might not be so version-specific or even anything wrong at the server end.

I never had such problems before. When I was coding automx, all tests succeeded with Dovecot and Outlook 2007/2010 and also Thunderbird was working perfectly. So in my opinion this is a version specific problem, as it started somewhere in 2.1.4+. I am using Dovecot since 1.0 (something like this) and never had 143/TLS problems

Best regards
Christian
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4873 bytes
Desc: not available
URL: <http://dovecot.org/pipermail/dovecot/attachments/20120625/5bf59da9/attachment.bin>

From robert at schetterer.org  Mon Jun 25 01:26:41 2012
From: robert at schetterer.org (Robert Schetterer)
Date: Mon, 25 Jun 2012 00:26:41 +0200
Subject: [Dovecot] 2.1.7 TLS issues
In-Reply-To: <451CA0A8-E296-49DB-859A-BADACA1EFC78@roessner-network-solutions.com>
References: <824886E0-DD88-4B91-BE32-1839F449906F@roessner-network-solutions.com>
	<A1CBDBB9-415C-4CFF-A07B-304EE5AF1828@iki.fi>
	<451CA0A8-E296-49DB-859A-BADACA1EFC78@roessner-network-solutions.com>
Message-ID: <4FE79421.2000908@schetterer.org>

Am 24.06.2012 22:20, schrieb Christian R??ner:
> @Robert: I am talking about Ubuntu 10.04, so this can not be a problem with openssl itself, as that did not change
> 
> -Christian R??ner

miracle,
i have no known problems with 10.04 ssl/tls 2.1.7

-- 
Best Regards
MfG Robert Schetterer



From tss at iki.fi  Mon Jun 25 05:20:55 2012
From: tss at iki.fi (Timo Sirainen)
Date: Mon, 25 Jun 2012 05:20:55 +0300
Subject: [Dovecot] 2.1.7 TLS issues
In-Reply-To: <451CA0A8-E296-49DB-859A-BADACA1EFC78@roessner-network-solutions.com>
References: <824886E0-DD88-4B91-BE32-1839F449906F@roessner-network-solutions.com>
	<A1CBDBB9-415C-4CFF-A07B-304EE5AF1828@iki.fi>
	<451CA0A8-E296-49DB-859A-BADACA1EFC78@roessner-network-solutions.com>
Message-ID: <702E15F4-4689-477E-BE7D-6F1AB67C27E9@iki.fi>

On 24.6.2012, at 23.20, Christian R??ner wrote:

>>> I have an interesting problem: I am building dovecot packages for Ubuntu since 10.04. Never had bigger trouble with it. Now since 2.1.6 or 2.1.7 (I can not say more precisely), Thunderbird 10ESR and Outlook 2010 can no longer use 143/TLS correctly. Automx delvers 143/TLS and Outlook tells me that it can not create a secure connection. I changed automx to use 993/SSL and everything works. Under Thunderbird 10ESR, I get a box that tells me that I need to change settings. When I sent mail, TB told me that it could not copy the mail to the sent folder. I also changed to 993/SSL and everything is perfect.
>>> 
>>> At the other and, Apples Mail.app and iOS devices work perfectly over 143/TLS. So my guess is that it has to do with OpenSSL. Did something change in dovecot concerning TLS? Can I change options in the built process?
>> 
>> What was the Dovecot version you were using previously which worked?
> 
> I am not sure which version worked. My best guess is 2.1.4 or 2.1.5, because I skipped 2.1.6. But 2.1.6 has the same issues, as my friend Uwe did report the same issues with that one.

Well, there hasn't been many changes in the SSL code. The only thing I can think of is this memory leak fix, which temporarily wasn't implemented correctly. You could try what happens if you revert it:

changeset:   14418:85ad4baedd43
user:        Timo Sirainen <tss at iki.fi>
date:        Thu Apr 12 10:48:55 2012 +0300
summary:     login: Another attempt at fixing SSL memory leak.

changeset:   14417:f80f18d0ffa3
user:        Timo Sirainen <tss at iki.fi>
date:        Thu Apr 12 10:41:44 2012 +0300
summary:     login: Reverted memory leak fix, because it broke some SSL setups?

changeset:   14416:584bd77c38fd
user:        Timo Sirainen <tss at iki.fi>
date:        Wed Apr 11 19:06:44 2012 +0300
summary:     Memory leak fixes.

From zdy0818 at gmail.com  Mon Jun 25 05:52:55 2012
From: zdy0818 at gmail.com (DongYu.Zhen)
Date: Mon, 25 Jun 2012 10:52:55 +0800
Subject: [Dovecot] dovecot support  ms-tnef mail parser?
Message-ID: <4FE7D287.6020507@gmail.com>

Hello everybody,
I used iRedMail Server with dovecot-1.2.0. I used OutLook2007 send a RTF
mail and the mail can't be parsed normal.

In dovecot maildir storage the mail body appeared ,/
/

/------=_NextPart_000_0007_01CD52BC.99E1BE10
Content-Type: application/ms-tnef;
	name="winmail.dat"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
	filename="winmail.dat"/

How to parse ms-tnef mail by dovecot?
Thank you.

From ott at mirix.org  Mon Jun 25 09:15:38 2012
From: ott at mirix.org (Matthias-Christian Ott)
Date: Mon, 25 Jun 2012 08:15:38 +0200
Subject: [Dovecot] dovecot support  ms-tnef mail parser?
In-Reply-To: <4FE7D287.6020507@gmail.com>
References: <4FE7D287.6020507@gmail.com>
Message-ID: <4FE8020A.7080806@mirix.org>

On 2012-06-25 04:52, DongYu.Zhen wrote:
> How to parse ms-tnef mail by dovecot?

You can't do that directly in Dovecot. What you can do is to use a
utility called tnef [1] (available in major GNU/Linux distributions) on
the client to extract the data on the client. Otherwise you could use
ytnef [2] with procmail or Dovecot sieve_pipe [3] on the server (see [4]).

I tried tnef on rare occasions and it worked.

Regards,
Matthias-Christian

[1] http://sourceforge.net/projects/tnef/
[2] http://sourceforge.net/projects/ytnef/
[3] http://wiki2.dovecot.org/Pigeonhole/Sieve/Plugins/Pipe
[4] http://wiki.clug.org.za/wiki/Automatic_winmail.dat_decoding

From kayasaman at gmail.com  Mon Jun 25 10:20:39 2012
From: kayasaman at gmail.com (Kaya Saman)
Date: Mon, 25 Jun 2012 08:20:39 +0100
Subject: [Dovecot] Virtual users - what is better Maildir or mbox?
Message-ID: <CAPj0R5KSpeZqpd8HFL40LrHkQYDLnR3a7HW6bw2SkANciLOVfQ@mail.gmail.com>

Hi,

I'm trying to configure a server to use SAMBA and Winbind to
authenticate to Active Directory.... I managed to get this portion up
and running even the Dovecot portion.

For reference something similar to this guide:

http://www.whitneytechnologies.com/?p=119


However PAM is slightly different:


# cat /etc/pam.d/dovecot
auth        sufficient   pam_krb5.so no_user_check validate
account     sufficient   pam_permit.so


This is what my dovecot.conf file looks like:



# cat dovecot.conf
# v1.2+:
auth_use_winbind = yes

auth_winbind_helper_path = /usr/local/bin/ntlm_auth

protocols = imap

# It's nice to have separate log files for Dovecot. You could do this
# by changing syslog configuration also, but this is easier.
log_path = /var/log/dovecot.log
info_log_path = /var/log/dovecot-info.log

# Disable SSL for now.
ssl = no
disable_plaintext_auth = no

# We're using Maildir format
#mail_location = maildir:~/Maildir
mail_location = mbox:/mail:INBOX=/mail/%u


# Authentication configuration:
auth_verbose = yes
auth_debug = yes
auth_username_format = %n
auth_mechanisms = plain ntlm login
userdb {
  driver = static
#  args = uid=501 gid=1001 home=/mail/%u
  args = home=/mail/%u
  driver = static
}

passdb {
  driver = pam
  args = failure_show_msg=yes
}




Now what I would like to know is, which is better for "virtual
hosting" Maildir or mbox?


Basically my requirement is that I would like to separate users via
either individual folders and then put each user's mbox or Maildir in
the created directory, or simply name each mbox or Maildir according
to the user name.


First up is this possible?


Secondly, how would I go about doing it?

My users are not allowed to login to the system outside of IMAP as
it's a Mail only server.


Currently I've been looking at many links:

http://satish-linuxbug.blogspot.co.uk/2008/08/freebsd-with-active-directory-single.html

http://joseph.randomnetworks.com/2005/11/08/freebsd-users-and-groups-with-samba-winbind-and-active-directory/

http://wiki2.dovecot.org/HowTo/ActiveDirectoryNtlm

http://wiki2.dovecot.org/Authentication/Mechanisms/Winbind

http://wiki2.dovecot.org/TestInstallation

http://wiki2.dovecot.org/VirtualUsers

http://www.linuxmail.info/active-directory-dovecot-pam-authentication/

http://wiki2.dovecot.org/HowTo/SimpleVirtualInstall



I'm running dovecot version 2.1.7 on FreeBSD 8.2 x64 RELEASE.


The system is not being used as an MTA server meaning that only IMAP
transfers are being done using MS Outlook then filtered by
Thunderbird.



Regards,


Kaya

From trever at middleearth.sapphiresunday.org  Mon Jun 25 10:27:41 2012
From: trever at middleearth.sapphiresunday.org (Trever L. Adams)
Date: Mon, 25 Jun 2012 01:27:41 -0600
Subject: [Dovecot] Virtual users - what is better Maildir or mbox?
In-Reply-To: <CAPj0R5KSpeZqpd8HFL40LrHkQYDLnR3a7HW6bw2SkANciLOVfQ@mail.gmail.com>
References: <CAPj0R5KSpeZqpd8HFL40LrHkQYDLnR3a7HW6bw2SkANciLOVfQ@mail.gmail.com>
Message-ID: <4FE812ED.9060604@middleearth.sapphiresunday.org>

On 06/25/2012 01:20 AM, Kaya Saman wrote:
> Hi,
>
> I'm trying to configure a server to use SAMBA and Winbind to
> authenticate to Active Directory.... I managed to get this portion up
> and running even the Dovecot portion.
>
> For reference something similar to this guide:
>
> http://www.whitneytechnologies.com/?p=119
>
>
> However PAM is slightly different:
>
>
> # cat /etc/pam.d/dovecot
> auth        sufficient   pam_krb5.so no_user_check validate
> account     sufficient   pam_permit.so
>
>
> This is what my dovecot.conf file looks like:
If you are using Samba 4 (possibly recent versions of S3), any reason
you are not doing krb5 and ldap (for account verification, not
authentication) on dovecot instead of through pam? It is a bit harder to
setup, but no text passwords. I still do pam_krb5 for devices that
cannot do kerberos.

I am using Maildir, but my setup is currently largely idle.

Trever
-- 
"Marxist Law of Distribution of Wealth: Shortages will be divided
equally among the peasants." -- Unknown

From role.Dovecot-Readers at JLAssocs.com  Mon Jun 25 10:28:00 2012
From: role.Dovecot-Readers at JLAssocs.com (J E Lyon)
Date: Mon, 25 Jun 2012 08:28:00 +0100
Subject: [Dovecot] Virtual users - what is better Maildir or mbox?
In-Reply-To: <CAPj0R5KSpeZqpd8HFL40LrHkQYDLnR3a7HW6bw2SkANciLOVfQ@mail.gmail.com>
References: <CAPj0R5KSpeZqpd8HFL40LrHkQYDLnR3a7HW6bw2SkANciLOVfQ@mail.gmail.com>
Message-ID: <201BCC0D-AD89-4A07-A4F0-13C42AFC2A63@JLAssocs.com>

On 25 Jun 2012, at 08:20, Kaya Saman wrote:

> Now what I would like to know is, which is better for "virtual
> hosting" Maildir or mbox?

I always use Maildir in preference to mbox . . it's just such a lovely solution, imho :)
(Mind you, I'm on a *nix server, so filesystem behaviour may be a consideration for non-*nix hosts.)


> Basically my requirement is that I would like to separate users via
> either individual folders and then put each user's mbox or Maildir in
> the created directory, or simply name each mbox or Maildir according
> to the user name.
> 
> First up is this possible?
> 
> Secondly, how would I go about doing it?

In haste, I haven't been able to check your email thoroughly, but I have used passwd with an extra field appended to each user, to identify the mailbox location. If you're authenticating against ActiveDirectory, then I guess that means generating a passwd-file style 'database' from the users in ActiveDirectory and I have no idea if that's trivial.

Sorry if my rushed thoughts are too sketchy to be of use, but thought I'd share my experience in case it offers any pointers.

J.

From trever at middleearth.sapphiresunday.org  Mon Jun 25 10:37:42 2012
From: trever at middleearth.sapphiresunday.org (Trever L. Adams)
Date: Mon, 25 Jun 2012 01:37:42 -0600
Subject: [Dovecot] Virtual users - what is better Maildir or mbox?
In-Reply-To: <CAPj0R5KSpeZqpd8HFL40LrHkQYDLnR3a7HW6bw2SkANciLOVfQ@mail.gmail.com>
References: <CAPj0R5KSpeZqpd8HFL40LrHkQYDLnR3a7HW6bw2SkANciLOVfQ@mail.gmail.com>
Message-ID: <4FE81546.8000202@middleearth.sapphiresunday.org>

On 06/25/2012 01:20 AM, Kaya Saman wrote:
> Now what I would like to know is, which is better for "virtual
> hosting" Maildir or mbox?
>
>
> Basically my requirement is that I would like to separate users via
> either individual folders and then put each user's mbox or Maildir in
> the created directory, or simply name each mbox or Maildir according
> to the user name.
>
>
> First up is this possible?
>
>
> Secondly, how would I go about doing it?
>
Sorry, I missed this at first. It is quite simple. I don't store it in
passwd or any other place, since you are doing vmail, you might find
this easiest:

in /etc/dovecot/conf.d/10-mail.conf (where mail_location is):

mail_home = /home/vmail/%Ld/%Ln
mail_location = maildir:~/Maildir

in /etc/dovecot/conf.d/10-mail.conf (after paragraph ?# System user and
group used to access mails...?):

mail_uid=vmail
mail_gid=vmail

Obviously, vmail may not be your user for vmail. Also, some of my notes
may no longer be accurate for location, just find where it exists and edit.

I hope this helps. Of course, this is a Maildir setup. mbox is probably
very similar, but I have had too many mbox style mail queues go south
losing all of the mail (or more than one would like), so I do Maildir,
even though it isn't necessarily the best use of disk space.

Trever
-- 
"I do not fear computers. I fear the lack of them." -- Isaac Asimov

From kayasaman at gmail.com  Mon Jun 25 10:52:51 2012
From: kayasaman at gmail.com (Kaya Saman)
Date: Mon, 25 Jun 2012 08:52:51 +0100
Subject: [Dovecot] Virtual users - what is better Maildir or mbox?
In-Reply-To: <4FE81546.8000202@middleearth.sapphiresunday.org>
References: <CAPj0R5KSpeZqpd8HFL40LrHkQYDLnR3a7HW6bw2SkANciLOVfQ@mail.gmail.com>
	<4FE81546.8000202@middleearth.sapphiresunday.org>
Message-ID: <CAPj0R5LZ4wMpkqdXFf2NO8y+KUjzHt313qkdeOQrHD40K6wOcw@mail.gmail.com>

On Mon, Jun 25, 2012 at 8:37 AM, Trever L. Adams
<trever at middleearth.sapphiresunday.org> wrote:
> On 06/25/2012 01:20 AM, Kaya Saman wrote:
>
> Now what I would like to know is, which is better for "virtual
> hosting" Maildir or mbox?
>
>
> Basically my requirement is that I would like to separate users via
> either individual folders and then put each user's mbox or Maildir in
> the created directory, or simply name each mbox or Maildir according
> to the user name.
>
>
> First up is this possible?
>
>
> Secondly, how would I go about doing it?
>
> Sorry, I missed this at first. It is quite simple. I don't store it in
> passwd or any other place, since you are doing vmail, you might find this
> easiest:
>
> in /etc/dovecot/conf.d/10-mail.conf (where mail_location is):
>
> mail_home = /home/vmail/%Ld/%Ln
> mail_location = maildir:~/Maildir
>
> in /etc/dovecot/conf.d/10-mail.conf (after paragraph ?# System user and
> group used to access mails...?):
>
> mail_uid=vmail
> mail_gid=vmail
>
> Obviously, vmail may not be your user for vmail. Also, some of my notes may
> no longer be accurate for location, just find where it exists and edit.
>
> I hope this helps. Of course, this is a Maildir setup. mbox is probably very
> similar, but I have had too many mbox style mail queues go south losing all
> of the mail (or more than one would like), so I do Maildir, even though it
> isn't necessarily the best use of disk space.
>
> Trever
> --
> "I do not fear computers. I fear the lack of them." -- Isaac Asimov

Thanks for the responses!

Sorry if I reply to every single one in this email however, I am using
Gmail's awful Web UI so I don't really have much control over what I'm
doing......


To start with the reason I'm not using LDAP is because I couldn't find
enough information on how to set it up! I did post here a couple of
times but got no responses...... so I figured it was something that
people either didn't know or found trivial.


I'll take a look at the above config for Maildir format as briefly
playing around with mbox it seems that folders on the / root (parent)
IMAP directory are stored separately. It may be better if everything
got stored under the Maildir heading.... I've previously **only** ever
worked with Maildir but I was told that there are some benefits to
mbox which is why I decided to try to use it here!

Regards,


Kaya

From role.Dovecot-Readers at JLAssocs.com  Mon Jun 25 10:58:45 2012
From: role.Dovecot-Readers at JLAssocs.com (J E Lyon)
Date: Mon, 25 Jun 2012 08:58:45 +0100
Subject: [Dovecot] Virtual users - what is better Maildir or mbox?
In-Reply-To: <CAPj0R5LZ4wMpkqdXFf2NO8y+KUjzHt313qkdeOQrHD40K6wOcw@mail.gmail.com>
References: <CAPj0R5KSpeZqpd8HFL40LrHkQYDLnR3a7HW6bw2SkANciLOVfQ@mail.gmail.com>
	<4FE81546.8000202@middleearth.sapphiresunday.org>
	<CAPj0R5LZ4wMpkqdXFf2NO8y+KUjzHt313qkdeOQrHD40K6wOcw@mail.gmail.com>
Message-ID: <267BC57F-B747-4F58-B309-ACE4BDA3A88C@JLAssocs.com>

On 25 Jun 2012, at 08:52, Kaya Saman wrote:

> I've previously **only** ever worked with Maildir but I was told that there are some benefits to mbox which is why I decided to try to use it here!

I used mbox before Dovecot, but once I found Maildir, I never looked back.

I've not come up with any significant advantages of mbox that count for much in my experiences and installations . . Would be interested to hear of suggested advantages that I might have overlooked or know of reasons why they're not an issue . . not sure how much the list wants to hear, but feel free to email me direct if you want.

J.

From CMarcus at Media-Brokers.com  Mon Jun 25 11:45:15 2012
From: CMarcus at Media-Brokers.com (Charles Marcus)
Date: Mon, 25 Jun 2012 04:45:15 -0400
Subject: [Dovecot] dovecot support  ms-tnef mail parser?
In-Reply-To: <4FE8020A.7080806@mirix.org>
References: <4FE7D287.6020507@gmail.com> <4FE8020A.7080806@mirix.org>
Message-ID: <4FE8251B.8010008@Media-Brokers.com>

On 2012-06-25 2:15 AM, Matthias-Christian Ott <ott at mirix.org> wrote:
> On 2012-06-25 04:52, DongYu.Zhen wrote:
>> How to parse ms-tnef mail by dovecot?
>
> You can't do that directly in Dovecot. What you can do is to use a
> utility called tnef [1] (available in major GNU/Linux distributions) on
> the client to extract the data on the client. Otherwise you could use
> ytnef [2] with procmail or Dovecot sieve_pipe [3] on the server (see [4]).
>
> I tried tnef on rare occasions and it worked.
>
> Regards,
> Matthias-Christian
>
> [1] http://sourceforge.net/projects/tnef/
> [2] http://sourceforge.net/projects/ytnef/
> [3] http://wiki2.dovecot.org/Pigeonhole/Sieve/Plugins/Pipe
> [4] http://wiki.clug.org.za/wiki/Automatic_winmail.dat_decoding

Sounds like a good candidate for a plug-in.

Currently I use the Lookout extension in Thunderbird to do this, but it 
isn't perfect...

-- 

Best regards,

Charles

From CMarcus at Media-Brokers.com  Mon Jun 25 11:47:55 2012
From: CMarcus at Media-Brokers.com (Charles Marcus)
Date: Mon, 25 Jun 2012 04:47:55 -0400
Subject: [Dovecot] Additional passdb result status
In-Reply-To: <1340570220.13783.23.camel@P7230>
References: <1340570220.13783.23.camel@P7230>
Message-ID: <4FE825BB.4030105@Media-Brokers.com>

On 2012-06-24 4:37 PM, J?rgen Pabel <juergen at pabel.net> wrote:
> I am implementing a plugin (for the pop3/imap process) that requires
> some data to provided from the authentication phase (a derivative of the
> password). For that, I have now implemented a passdb plugin that
> generates this data and I would like to "pass" this data down to the
> mail process (pop3/imap) via extra_fields in the reply of the
> authentication. The general idea is that my custom passdb plugin
> calculates the data, sets the extra_field and returns some error
> (authentication was not successful) so that the "real" passdb backend
> can be invoked to "really" validate the authentication data.

What specifically is the *purpose* of this?

> I hope you consider my proposal to be reasonable. If desired, I could
> implement this myself and provide a patch for merging (based on 2.0.x).
> If my proposal is generally unfavored, it would be great if any
> alternative approaches for my situation were suggested. Thanks.

I think it is usually preferred that you do things like this against 
either the current shipping/stable branch (2.1.x), or even hg (2.2)... 
much better chance that it would be accepted.

-- 

Best regards,

Charles

From CMarcus at Media-Brokers.com  Mon Jun 25 12:31:24 2012
From: CMarcus at Media-Brokers.com (Charles Marcus)
Date: Mon, 25 Jun 2012 05:31:24 -0400
Subject: [Dovecot] Virtual users - what is better Maildir or mbox?
In-Reply-To: <CAPj0R5KSpeZqpd8HFL40LrHkQYDLnR3a7HW6bw2SkANciLOVfQ@mail.gmail.com>
References: <CAPj0R5KSpeZqpd8HFL40LrHkQYDLnR3a7HW6bw2SkANciLOVfQ@mail.gmail.com>
Message-ID: <4FE82FEC.1070109@Media-Brokers.com>

On 2012-06-25 3:20 AM, Kaya Saman <kayasaman at gmail.com> wrote:
> # cat dovecot.conf
> # v1.2+:
> auth_use_winbind = yes

Please always only provide output of doveconf -n, not copy/pastes from 
the config files.

This proves (to yourself and everyone else) that you are using the 
config that dovecot is actually using - it this shows you mistakes like 
typos, certain deprecated/invalid settings, and even if you are editing 
the wrong config file(s).

-- 

Best regards,

Charles

From kayasaman at gmail.com  Mon Jun 25 12:34:35 2012
From: kayasaman at gmail.com (Kaya Saman)
Date: Mon, 25 Jun 2012 10:34:35 +0100
Subject: [Dovecot] Virtual users - what is better Maildir or mbox?
In-Reply-To: <4FE82FEC.1070109@Media-Brokers.com>
References: <CAPj0R5KSpeZqpd8HFL40LrHkQYDLnR3a7HW6bw2SkANciLOVfQ@mail.gmail.com>
	<4FE82FEC.1070109@Media-Brokers.com>
Message-ID: <CAPj0R5+mg_Q57OzpsMKYP0T50eX6u6HOE_VqoQaZ3H9YGSHhXw@mail.gmail.com>

On Mon, Jun 25, 2012 at 10:31 AM, Charles Marcus
<CMarcus at media-brokers.com> wrote:
> On 2012-06-25 3:20 AM, Kaya Saman <kayasaman at gmail.com> wrote:
>>
>> # cat dovecot.conf
>> # v1.2+:
>> auth_use_winbind = yes
>
>
> Please always only provide output of doveconf -n, not copy/pastes from the
> config files.
>
> This proves (to yourself and everyone else) that you are using the config
> that dovecot is actually using - it this shows you mistakes like typos,
> certain deprecated/invalid settings, and even if you are editing the wrong
> config file(s).
>
> --
>
> Best regards,
>
> Charles


Thanks for the tip!

I didn't know of the dovecot -n command so thanks for pointing that
out to me......

It's strange as I've been fiddling around with mail servers for some
time in test labs at home but I still feel like I'm on the outside
looking in; oh well at least this design at work is much better even
though it took forever to get the PAM potion for AD sorted out.

Regards,


Kaya

From CMarcus at Media-Brokers.com  Mon Jun 25 12:44:19 2012
From: CMarcus at Media-Brokers.com (Charles Marcus)
Date: Mon, 25 Jun 2012 05:44:19 -0400
Subject: [Dovecot] Virtual users - what is better Maildir or mbox?
In-Reply-To: <267BC57F-B747-4F58-B309-ACE4BDA3A88C@JLAssocs.com>
References: <CAPj0R5KSpeZqpd8HFL40LrHkQYDLnR3a7HW6bw2SkANciLOVfQ@mail.gmail.com>
	<4FE81546.8000202@middleearth.sapphiresunday.org>
	<CAPj0R5LZ4wMpkqdXFf2NO8y+KUjzHt313qkdeOQrHD40K6wOcw@mail.gmail.com>
	<267BC57F-B747-4F58-B309-ACE4BDA3A88C@JLAssocs.com>
Message-ID: <4FE832F3.3000405@Media-Brokers.com>

On 2012-06-25 3:58 AM, J E Lyon <role.Dovecot-Readers at JLAssocs.com> wrote:
> I've not come up with any significant advantages of mbox that count
> for much in my experiences and installations . . Would be interested
> to hear of suggested advantages that I might have overlooked

One major advantage of mbox (and now mdbox) over maildir is the time it 
takes to back things up for larger mail stores.

It takes much less time to compare a single mbox file that contains 
20,000 messages (and rsync only the changed bits) than it does to 
compare read/compare 20,000 individual files (maildir)...

I too like maildir, but am seriously considering implementing a solution 
where older mail is automatically archived to slower/cheaper SATA III 
based storage using mdbox format.

-- 

Best regards,

Charles

From ef at math.uni-bonn.de  Mon Jun 25 12:54:02 2012
From: ef at math.uni-bonn.de (Edgar =?iso-8859-1?B?RnXf?=)
Date: Mon, 25 Jun 2012 11:54:02 +0200
Subject: [Dovecot] specifying home/sieve/sieve_dir relative to mail_location
In-Reply-To: <20120619131413.GN48358@trav.math.uni-bonn.de>
References: <20120619131413.GN48358@trav.math.uni-bonn.de>
Message-ID: <20120625095401.GT50872@trav.math.uni-bonn.de>

> With 1.2, is it possible to specify home, sieve and sieve_dir relative to mail_location?
No-one, this one?

Too simple? Too stupid? Too obvious? Not possible?

From branko at majic.rs  Mon Jun 25 13:01:40 2012
From: branko at majic.rs (Branko Majic)
Date: Mon, 25 Jun 2012 12:01:40 +0200
Subject: [Dovecot] Virtual users - what is better Maildir or mbox?
In-Reply-To: <CAPj0R5LZ4wMpkqdXFf2NO8y+KUjzHt313qkdeOQrHD40K6wOcw@mail.gmail.com>
References: <CAPj0R5KSpeZqpd8HFL40LrHkQYDLnR3a7HW6bw2SkANciLOVfQ@mail.gmail.com>
	<4FE81546.8000202@middleearth.sapphiresunday.org>
	<CAPj0R5LZ4wMpkqdXFf2NO8y+KUjzHt313qkdeOQrHD40K6wOcw@mail.gmail.com>
Message-ID: <20120625120140.033c2297@zetkin.int.primekey.se>

On Mon, 25 Jun 2012 08:52:51 +0100
Kaya Saman <kayasaman at gmail.com> wrote:

> To start with the reason I'm not using LDAP is because I couldn't find
> enough information on how to set it up! I did post here a couple of
> times but got no responses...... so I figured it was something that
> people either didn't know or found trivial.

For my own use I've switched to the LDAP as provider of user
information and credentials (for Dovecot/Postfix/ejabberd/anything I
can get to talk to the LDAP). It's not that hard to figure out, but
getting used to LDAP itself can take a little bit of time.

In my case I'm using the LDAP just for checking if a user is present on
the system and for authentication purposes (for the mail server).

Haven't tried using quota etc with LDAP.

Anything in particular you're having problems coping with? :)

-- 
Branko Majic
Jabber: branko at majic.rs
Please use only Free formats when sending attachments to me.

?????? ?????
?????: branko at majic.rs
????? ??? ?? ??????? ?????? ????????? ? ????????? ?????????.

From role.Dovecot-Readers at JLAssocs.com  Mon Jun 25 13:04:43 2012
From: role.Dovecot-Readers at JLAssocs.com (J E Lyon)
Date: Mon, 25 Jun 2012 11:04:43 +0100
Subject: [Dovecot] Virtual users - what is better Maildir or mbox?
In-Reply-To: <4FE832F3.3000405@Media-Brokers.com>
References: <CAPj0R5KSpeZqpd8HFL40LrHkQYDLnR3a7HW6bw2SkANciLOVfQ@mail.gmail.com>
	<4FE81546.8000202@middleearth.sapphiresunday.org>
	<CAPj0R5LZ4wMpkqdXFf2NO8y+KUjzHt313qkdeOQrHD40K6wOcw@mail.gmail.com>
	<267BC57F-B747-4F58-B309-ACE4BDA3A88C@JLAssocs.com>
	<4FE832F3.3000405@Media-Brokers.com>
Message-ID: <C06113E8-9F2B-4D2B-A025-B6F146FF7746@JLAssocs.com>

On 25 Jun 2012, at 10:44, Charles Marcus wrote:

> On 2012-06-25 3:58 AM, J E Lyon <role.Dovecot-Readers at JLAssocs.com> wrote:
>> I've not come up with any significant advantages of mbox that count
>> for much in my experiences and installations . . Would be interested
>> to hear of suggested advantages that I might have overlooked
> 
> One major advantage of mbox (and now mdbox) over maildir is the time it takes to back things up for larger mail stores.
> 
> It takes much less time to compare a single mbox file that contains 20,000 messages (and rsync only the changed bits) than it does to compare read/compare 20,000 individual files (maildir)...
> 
> I too like maildir, but am seriously considering implementing a solution where older mail is automatically archived to slower/cheaper SATA III based storage using mdbox format.

Very interesting. I use "rdiff-backup" as a cronjob in the wee hours (, so the fact it takes a while to work out what to incrementally save, doesn't matter to me -- but the point is that I know it's an issue and have addressed it that way.

I too have contemplated some automated archiving of older mail . . it's getting closer to needing to be addressed at some point soon I think.

J.

From CMarcus at Media-Brokers.com  Mon Jun 25 14:39:35 2012
From: CMarcus at Media-Brokers.com (Charles Marcus)
Date: Mon, 25 Jun 2012 07:39:35 -0400
Subject: [Dovecot] Mail migration to dovecot with doveadm backup
In-Reply-To: <4FE738E9.6040706@metaways.de>
References: <4FE738E9.6040706@metaways.de>
Message-ID: <4FE84DF7.7030707@Media-Brokers.com>

On 2012-06-24 11:57 AM, Reinhard Vicinus <r.vicinus at metaways.de> wrote:
> i try to migrate mails from a non dovecot imap server to a dovecot imap
> server with doveadm backup as described there:

What version of dovecot (doveconf -n output_?

> http://wiki2.dovecot.org/Migration/Dsync
>
> i first tried (local-mailbox port 18143 is the non dovecot imap server):
>
> /usr/bin/doveadm -o imapc_user=user at example.org -o imapc_password=imappw
> -o imapc_host=local-mailbox -o imapc_features=rfc822.size -o
> imapc_port=18143 -o mailbox_list_index=no -v -D backup -R -f -u
> user at example.org -m Sent imapc:
>
> and got the following error:
>
> dsync(user at example.org): Fatal: dsync backup: Looks like you're trying
> to run backup in wrong direction. Source is empty and destination is not.


-- 

Best regards,

Charles Marcus
I.T. Director
Media Brokers International, Inc.
678.514.6200 x224 | 678.514.6299 fax

From r.vicinus at metaways.de  Mon Jun 25 15:55:48 2012
From: r.vicinus at metaways.de (Reinhard Vicinus)
Date: Mon, 25 Jun 2012 14:55:48 +0200
Subject: [Dovecot] Mail migration to dovecot with doveadm backup
In-Reply-To: <4FE84DF7.7030707@Media-Brokers.com>
References: <4FE738E9.6040706@metaways.de> <4FE84DF7.7030707@Media-Brokers.com>
Message-ID: <4FE85FD4.8090708@metaways.de>

On 25/06/12 13:39, Charles Marcus wrote:
> On 2012-06-24 11:57 AM, Reinhard Vicinus <r.vicinus at metaways.de> wrote:
>> i try to migrate mails from a non dovecot imap server to a dovecot imap
>> server with doveadm backup as described there:
>
> What version of dovecot (doveconf -n output_? 
dovecot -n
# 2.1.7: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.32-40-server x86_64 Ubuntu 10.04.4 LTS
auth_cache_negative_ttl = 0
auth_cache_size = 10 M
auth_cache_ttl = 1 mins
auth_verbose = yes
auth_verbose_passwords = sha1
deliver_log_format = mailbox: deliver: msgid=%m from=%f: %$
dict {
   quota = mysql:/etc/dovecot/conf.d/dovecot-dict-sql.conf.ext
}
disable_plaintext_auth = no
doveadm_password = xxx
instance_name = dovecot-mailbox
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes
login_greeting = Mailbox
login_log_format = mailbox: login: %$: %s
login_trusted_networks = 10.10.10.0/24
mail_debug = yes
mail_fsync = always
mail_gid = vmail
mail_home = /mail/dovecot/%d/%n
mail_location = mdbox:~/mail
mail_log_prefix = "mailbox: mail: %s(%u): "
mail_plugins = quota
mail_privileged_group = vmail
mail_uid = vmail
managesieve_implementation_string = Sieve
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope 
encoded-character vacation subaddress comparator-i;ascii-numeric 
relational regex imap4flags copy include variables body enotify 
environment mailbox date ihave
mdbox_rotate_interval = 1 weeks
mdbox_rotate_size = 50 M
mmap_disable = yes
passdb {
   args = /etc/dovecot/conf.d/dovecot-sql.conf.ext
   driver = sql
}
plugin {
   quota = dict:User quota::proxy::quota
   quota_rule = *:storage=10G
   quota_rule2 = Trash:storage=+100M
   quota_warning = storage=95%% quota-warning 95 %u
   quota_warning2 = storage=80%% quota-warning 80 %u
   sieve = ~/.dovecot.sieve
   sieve_dir = ~/sieve
}
protocols = imap pop3 lmtp sieve
service auth {
   unix_listener auth-userdb {
     group = dovecot
     mode = 0660
     user = dovecot
   }
}
service dict {
   unix_listener dict {
     group = vmail
     mode = 0660
   }
}
service doveadm {
   inet_listener doveadm-server {
     port = 19000
   }
}
service imap-login {
   inet_listener imap {
     port = 19143
   }
}
service imap-postlogin {
   executable = script-login /usr/local/bin/dovecot-postlogin
   user = $default_internal_user
}
service imap {
   executable = imap imap-postlogin
}
service lmtp {
   inet_listener lmtp {
     address = *
     port = 19024
   }
}
service managesieve-login {
   inet_listener sieve {
     port = 19200
   }
}
service pop3-login {
   inet_listener pop3 {
     port = 19110
   }
}
service pop3-postlogin {
   executable = script-login /usr/local/bin/dovecot-postlogin
   user = $default_internal_user
}
service pop3 {
   executable = pop3 pop3-postlogin
}
service quota-warning {
   executable = script /usr/local/bin/quota-warning
   extra_groups = dovecot
   unix_listener quota-warning {
     user = vmail
   }
   user = vmail
}
ssl = no
userdb {
   driver = prefetch
}
userdb {
   args = /etc/dovecot/conf.d/dovecot-sql.conf.ext
   driver = sql
}
verbose_proctitle = yes
protocol imap {
   imap_client_workarounds = delay-newmail tb-extra-mailbox-sep
   mail_plugins = quota imap_quota
}
protocol lmtp {
   mail_plugins = quota sieve
}


From tss at iki.fi  Mon Jun 25 17:35:35 2012
From: tss at iki.fi (Timo Sirainen)
Date: Mon, 25 Jun 2012 17:35:35 +0300
Subject: [Dovecot] specifying home/sieve/sieve_dir relative to
	mail_location
In-Reply-To: <20120625095401.GT50872@trav.math.uni-bonn.de>
References: <20120619131413.GN48358@trav.math.uni-bonn.de>
	<20120625095401.GT50872@trav.math.uni-bonn.de>
Message-ID: <C93E43ED-83CC-46FF-8E39-65CDFC7BF223@iki.fi>

On 25.6.2012, at 12.54, Edgar Fu? wrote:

>> With 1.2, is it possible to specify home, sieve and sieve_dir relative to mail_location?
> No-one, this one?
> 
> Too simple? Too stupid? Too obvious? Not possible?

Mail/Sieve dirs can be relative to home dir, not vice versa..

> I know it's possible to specify everything relative to home, so I could probably use relative ~/../-type paths for  mail_locatin etc., but that looks a bit awkward.

Yeah, that would probably work.

Maybe look into changing your directory hierarchy so mails are under home.


From ef at math.uni-bonn.de  Mon Jun 25 17:42:49 2012
From: ef at math.uni-bonn.de (Edgar =?iso-8859-1?B?RnXf?=)
Date: Mon, 25 Jun 2012 16:42:49 +0200
Subject: [Dovecot] specifying home/sieve/sieve_dir relative to
 mail_location
In-Reply-To: <C93E43ED-83CC-46FF-8E39-65CDFC7BF223@iki.fi>
References: <20120619131413.GN48358@trav.math.uni-bonn.de>
	<20120625095401.GT50872@trav.math.uni-bonn.de>
	<C93E43ED-83CC-46FF-8E39-65CDFC7BF223@iki.fi>
Message-ID: <20120625144248.GW50872@trav.math.uni-bonn.de>

> Mail/Sieve dirs can be relative to home dir, not vice versa.
OK, thanks.

> Yeah, that would probably work.
I'll try that.

> Maybe look into chang