[Dovecot] How to disable Director service?
Wesley Huang
huang at utsc.utoronto.ca
Thu Apr 17 18:55:39 UTC 2014
Hi Reindl,
There was no configuration on director side.
========================================
# doveconf -n | grep director
#
# doveconf -a
...........................
director_doveadm_port = 0
director_mail_servers =
director_servers =
director_user_expire = 15 mins
director_username_hash = %Lu
...........................
service director {
chroot = .
client_limit = 0
drop_priv_before_exec = no
executable = director
extra_groups =
fifo_listener login/proxy-notify {
group =
mode = 00
user =
}
group =
idle_kill = 4294967295 secs
privileged_group =
process_limit = 1
process_min_avail = 0
protocol =
service_count = 0
type =
unix_listener director-admin {
group =
mode = 0600
user =
}
unix_listener login/director {
group =
mode = 00
user =
}
user = $default_internal_user
vsz_limit = 18446744073709551615 B
}
...........................
# tail -n 20 /var/log/mail.log | grep -i 'director\:'
dovecot: director: Error: Empty server list
dovecot: director: Fatal: Invalid value for director_mail_servers setting
dovecot: director: Error: Empty server list
dovecot: director: Fatal: Invalid value for director_mail_servers setting
dovecot: director: Error: Empty server list
dovecot: director: Fatal: Invalid value for director_mail_servers setting
dovecot: director: Error: Empty server list
dovecot: director: Fatal: Invalid value for director_mail_servers setting
========================================
That said, I think I've found a configuration combination that works:
configure the "director_mail_servers = <IP address>" on the backend
server with all other director config commented out. But this is more a
hacking way.
Cheers,
Wesley
On 14-04-17 02:41 PM, Reindl Harald wrote:
>
> Am 17.04.2014 20:35, schrieb Wesley Huang:
>> Does anyone know how to disable the Director service. In our current running Dovecot 2.2.4, if the director
>> configuration is commented out and Dovecot has no errors nor warnings. But the version 2.2.12 I'm testing with
>> gives out fatal errors. We have dedicated Dovecot Director servers that serve the public frontend and separate
>> dedicated imap/pop3 servers on the backend internal network. With the new version, Dovecot is always trying to
>> start Director service and I couldn't find a way to stop Dovecot from giving out errors.
>>
>> 1. When the entire Director configuration block is commented out, there errors:
>>
>> dovecot: director: Fatal: No inet_listeners defined for director service (for standalone keep director_servers empty)
>> dovecot: master: Error: service(director): command startup failed, throttling for 2 secs
> you must have done something wrong, that below is a production "dobecont.conf"
> with no config-includes and such crap running as imap/pop3-proxy as well as
> postfix-auth-service and there is no single bit for director, that config runs
> at least 4 years unchanged, saw 2.2.12 also as it runs currently on 2.2.13
> while the last real config cahnge was 1.x to 2.x
>
> so what about post output of "dovecont -n" to help people helping you
> even do yourself a "dovecot -n | grep director"
> _________________________________________________________
>
> # provided services
> protocols = imap pop3
>
> # configure ssl
> ssl = yes
> ssl_cert = </etc/postfix/certs/localhost.pem
> ssl_key = </etc/postfix/certs/localhost.pem
> ssl_cipher_list =
> ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:DHE-RSA-CAMELLIA128-SHA:DHE-RSA-CAMELLIA256-SHA:CAMELLIA128-SHA:CAMELLIA256-SHA:ECDHE-RSA-DES-CBC3-SHA:DES-CBC3-SHA:!SSLv2
> ssl_prefer_server_ciphers = yes
> ssl_parameters_regenerate = 0
>
> # configure imap-proxy
> service imap-login {
> inet_listener imap {
> address = **.**.**.**
> port = 143
> }
> inet_listener imaps {
> address = **.**.**.**
> port = 993
> }
> vsz_limit = 64M
> service_count = 1
> process_min_avail = 0
> process_limit = 100
> }
>
> # configure pop3-proxy
> service pop3-login {
> inet_listener pop3 {
> address = **.**.**.**
> port = 110
> }
> inet_listener pop3s {
> address = **.**.**.**
> port = 995
> }
> vsz_limit = 64M
> service_count = 1
> process_min_avail = 0
> process_limit = 100
> }
>
> # default settings
> imap_capability = IMAP4 IMAP4rev1 ACL RIGHTS=texk NAMESPACE CHILDREN SORT QUOTA
> THREAD=ORDEREDSUBJECT UNSELECT IDLE
> login_greeting =
> login_log_format_elements = %u %r %m %k
> mail_max_userip_connections = 100
> auth_mechanisms = CRAM-MD5 DIGEST-MD5 SCRAM-SHA-1 APOP LOGIN PLAIN
> disable_plaintext_auth = no
> shutdown_clients = no
> version_ignore = yes
>
> # Logging
> syslog_facility = mail
>
> # authentication process
> auth_worker_max_count = 50
> auth_cache_size = 1024
> auth_cache_ttl = 600
> auth_cache_negative_ttl = 600
> auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@%
> auth_username_translation = %@AaBbCcDdEeFfGgHhIiJjKkLlMmNnOoPpQqRrSsTtUuVvWwXxYyZz
>
> # debug options
> auth_debug = no
> auth_debug_passwords = no
> auth_verbose = no
> mail_debug = no
> verbose_ssl = no
>
> # configure proxy-database
> passdb {
> driver = sql
> args = /etc/dovecot/sql.conf
> }
>
> # we are not using local users
> userdb {
> driver = static
> args = static uid=10000 gid=10000 home=/dev/null
> }
>
> # configure backend for postfix sasl-auth
> service auth {
> unix_listener /var/spool/postfix/private/auth {
> mode = 0660
> user = postfix
> group = postfix
> }
> }
>
>
More information about the dovecot
mailing list