several misc questions, public folders and sharing, quota, ssl
David Mehler
dave.mehler at gmail.com
Fri Apr 14 03:04:32 EEST 2017
Hello,
I'm running dovecot 2.29 on a freebsd 10.3 system. I'm wanting to
optimize how the system is running and have a few misc questions.
First ssl, is my cipher list good? I'm trying for pfs and wanting to
ensure these cipherlist is appropriate:
ssl_cipher_list = EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH
Next, a new feature that I'm trying for is virtual folders that store
All messages. My understanding of this is that it stores a version of
every received message in one place? I've got the virtual plugin
loaded and have:
mailbox virtual/All {
comment = All my messages
special_use = \All
}
I've got a directory /home/vmail/example.com/username/virtual under
which is an ALL folder both directories are accessible to the vmail
user, yet there's no contents in this folder and it's showing up
nowhere.
Next, quota warnings, are not being sent at all. I set up a testuser
with a quota of 2 mb, then sent a message to that user getting the box
to 95% full, and no message. Took the user overquota with the next
message, still nothing, and a third message did trigger my custom
quota exceeded message and the message was bounced.
I'm wanting to implement public folders. My mailboxes are all
virtual, and they are stored under /home/vmail/example.com/username
and /home/vmail/example.org/username in the maildir format. I've got
one user uid and gid of 999 name of vmail who owns all the mailboxes.
I've separated out public folders storing them under
/home/vmail/public. I've created one mailbox called TestFolder and
new, cur, and tmp directories under it. This is what it looks like:
ls -la /home/vmail/public
total 24
drwx------ 4 vmail vmail 512 Apr 13 18:23 ./
drwx------ 8 vmail vmail 512 Mar 15 10:34 ../
drwxr-xr-x 5 vmail vmail 512 Apr 13 18:16 TestFolder/
drwxr-xr-x 5 vmail vmail 512 Apr 13 18:25 TestFolder1/
-rw------- 1 vmail vmail 8 Apr 13 18:15 dovecot-uidvalidity
-r--r--r-- 1 vmail vmail 0 Apr 13 18:15 dovecot-uidvalidity.58eff89a
-rw------- 1 vmail vmail 688 Apr 13 18:24 dovecot.list.index.log
ls -la /home/vmail/public/TestFolder
total 28
drwxr-xr-x 5 vmail vmail 512 Apr 13 18:16 ./
drwx------ 4 vmail vmail 512 Apr 13 18:23 ../
drwxr-xr-x 2 vmail vmail 512 Apr 13 18:13 cur/
-rw-r--r-- 1 vmail vmail 51 Apr 13 18:16 dovecot-uidlist
-rw-r--r-- 1 vmail vmail 304 Apr 13 18:16 dovecot.index.log
drwxr-xr-x 2 vmail vmail 512 Apr 13 18:13 new/
drwxr-xr-x 2 vmail vmail 512 Apr 13 18:13 tmp/
ls -la /home/vmail/public/TestFolder1
total 20
drwxr-xr-x 5 vmail vmail 512 Apr 13 18:25 ./
drwx------ 4 vmail vmail 512 Apr 13 18:23 ../
drwxr-xr-x 2 vmail vmail 512 Apr 13 18:25 cur/
drwxr-xr-x 2 vmail vmail 512 Apr 13 18:25 new/
drwxr-xr-x 2 vmail vmail 512 Apr 13 18:25 tmp/
The public/TestFolder is showing up fine and I can switch to it. The
public/TestFolder1 is not showing up at all so I'm not seeing it and
can't switch to it. Any ideas?
My second question involves public folders and domain sharing. Are
public folders accessible to all users and all domains? I've got two
domains example.com and example.org i'd like to create a folder that
some users in example.com can share with some users in example.org,
not necessarily all users in those domains should be able to see the
folders.
Ideas welcome.
Thanks.
Dave.
doveconf -n
# 2.2.29 (13ebc01): /usr/local/etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.18 (29cc74d)
# OS: FreeBSD 10.3-RELEASE-p11 amd64 ufs
auth_cache_size = 8 k
auth_default_realm = example.com
auth_mechanisms = plain login cram-md5
auth_realms = example.com example.org
auth_socket_path = /var/run/dovecot/auth-userdb
dict {
sqlquota = mysql:/usr/local/etc/dovecot/dovecot-dict-sql.conf.ext
}
disable_plaintext_auth = no
first_valid_gid = 999
first_valid_uid = 999
hostname = mail.example.com
imap_client_workarounds = delay-newmail tb-extra-mailbox-sep tb-lsub-flags
last_valid_gid = 999
last_valid_uid = 999
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes
listen = 127.0.0.1 xxx.xxx.xxx.xxx
mail_fsync = never
mail_gid = vmail
mail_home = /home/vmail/%d/%n/home
mail_location = maildir:/home/vmail/%d/%n:LAYOUT=fs
mail_plugins = acl mail_log notify quota trash virtual welcome zlib
mail_server_admin = mailto:postmaster at example.com
mail_uid = vmail
mailbox_list_index = yes
maildir_broken_filename_sizes = yes
maildir_empty_new = yes
maildir_very_dirty_syncs = yes
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date index ihave duplicate mime foreverypart
extracttext imapflags notify imapsieve vnd.dovecot.imapsieve
namespace {
hidden = no
list = yes
location = maildir:/home/vmail/public/:LAYOUT=fs:CONTROL=/home/vmail/public/:INDEX=/home/vmail/public/
prefix = public/
separator = /
subscriptions = yes
type = public
}
namespace inbox {
hidden = no
inbox = yes
list = yes
location =
mailbox "Deleted Messages" {
auto = no
autoexpunge = 30 days
special_use = \Trash
}
mailbox Drafts {
auto = subscribe
special_use = \Drafts
}
mailbox Junk {
auto = subscribe
autoexpunge = 30 days
special_use = \Junk
}
mailbox "Junk E-mail" {
auto = no
autoexpunge = 30 days
special_use = \Junk
}
mailbox Sent {
auto = subscribe
special_use = \Sent
}
mailbox "Sent Items" {
auto = no
special_use = \Sent
}
mailbox "Sent Messages" {
auto = no
special_use = \Sent
}
mailbox Spam {
auto = no
autoexpunge = 30 days
special_use = \Junk
}
mailbox Trash {
auto = subscribe
autoexpunge = 30 days
special_use = \Trash
}
mailbox virtual/All {
comment = All my messages
special_use = \All
}
prefix =
separator = /
subscriptions = yes
type = private
}
passdb {
args = /usr/local/etc/dovecot/dovecot-sql.conf.ext
driver = sql
}
plugin {
imapsieve_mailbox1_before =
file:/usr/local/lib/dovecot/sieve/report-spam.sieve
imapsieve_mailbox1_causes = COPY
imapsieve_mailbox1_name = Spam
imapsieve_mailbox2_before = file:/usr/local/lib/dovecot/sieve/report-ham.sieve
imapsieve_mailbox2_causes = COPY
imapsieve_mailbox2_from = Spam
imapsieve_mailbox2_name = *
last_login_dict = redis:host=127.0.0.1:port=6379
last_login_key = last-login/%u
mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename
mail_log_fields = uid box msgid size
quota = dict:User quota::proxy::sqlquota
quota2 = maildir:Shared quota:ns=public/
quota_exceeded_message = Storage quota for this account has been
exceeded, please try again later.
quota_grace = 10%%
quota_status_nouser = DUNNO
quota_status_overquota = 552 5.2.2 Mailbox is full
quota_status_success = DUNNO
quota_warning = storage=100%% quota-warning 100 %u
quota_warning2 = storage=95%% quota-warning 95 %u
quota_warning3 = storage=90%% quota-warning 90 %u
quota_warning4 = storage=85%% quota-warning 85 %u
quota_warning5 = storage=75%% quota-warning 75 %u
sieve = /home/vmail/%d/%n/sieve/scripts;active=/home/vmail/%d/%n/sieve/.dovecot.sieve
sieve_before = /usr/local/etc/dovecot/sieve/dovecot.sieve
sieve_default = /usr/local/etc/dovecot/sieve/dovecot.sieve
sieve_dir = /usr/local/etc/dovecot/sieve
sieve_extensions = +notify +imapflags
sieve_global_dir = /usr/local/etc/dovecot/sieve/
sieve_global_extensions = +vnd.dovecot.pipe +vnd.dovecot.execute
sieve_max_redirects = 30
sieve_max_script_size = 1M
sieve_pipe_bin_dir = /usr/local/lib/dovecot/sieve
sieve_plugins = sieve_imapsieve sieve_extprograms
sieve_user_log = /home/vmail/%d/%n/sieve/sieve_error.log
trash = /usr/local/etc/dovecot/dovecot-trash.conf.ext
welcome_script = welcome %u
welcome_wait = yes
}
postmaster_address = postmaster at example.com
protocols = imap sieve
sendmail_path = /usr/local/sbin/sendmail
service auth {
unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0666
user = postfix
}
unix_listener auth-userdb {
group = vmail
mode = 0660
user = vmail
}
}
service dict {
unix_listener dict {
group = vmail
mode = 0660
user = vmail
}
}
service imap-login {
inet_listener imap {
port = 143
}
inet_listener imaps {
port = 993
ssl = yes
}
service_count = 1
}
service imap {
client_limit = 1
}
service lmtp {
unix_listener dovecot-lmtp {
group = postfix
mode = 0660
user = postfix
}
}
service managesieve-login {
inet_listener sieve {
address = 127.0.0.1
port = 4190
}
process_min_avail = 0
service_count = 1
vsz_limit = 64 M
}
service quota-status {
client_limit = 1
executable = quota-status -p postfix
inet_listener {
address = 127.0.0.1
port = 12345
}
}
service quota-warning {
executable = script /usr/local/bin/quota-warning.sh
unix_listener quota-warning {
group = vmail
mode = 0666
user = vmail
}
user = vmail
}
service welcome {
executable = script /usr/local/bin/welcome.sh
unix_listener welcome {
user = vmail
}
user = vmail
}
ssl_cert = </usr/local/etc/letsencrypt/live/mail.example.com/fullchain.pem
ssl_cipher_list = EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH
ssl_dh_parameters_length = 2048
ssl_key = # hidden, use -P to show it
ssl_options = no_compression
ssl_prefer_server_ciphers = yes
ssl_protocols = !SSLv2 !SSLv3
userdb {
driver = prefetch
}
userdb {
args = /usr/local/etc/dovecot/dovecot-sql.conf.ext
driver = sql
}
userdb {
args = uid=vmail gid=vmail home=/home/vmail/%d/%n
driver = static
}
protocol lmtp {
mail_plugins = acl mail_log notify quota trash virtual welcome zlib sieve
}
protocol lda {
mail_fsync = optimized
mail_plugins = acl mail_log notify quota trash virtual welcome zlib
quota sieve
}
protocol imap {
mail_max_userip_connections = 30
mail_plugins = acl mail_log notify quota trash virtual welcome zlib
imap_acl imap_quota imap_sieve imap_zlib last_login
}
protocol sieve {
managesieve_implementation_string = Dovecot Pigeonhole
managesieve_max_compile_errors = 5
managesieve_max_line_length = 65536
}
/usr/local/etc/dovecot/dovecot-dict-sql.conf.ext
connect = host=/tmp/mysql.sock dbname=dbname user=user password=password
# CREATE TABLE quota (
# username varchar(100) not null,
# bytes bigint not null default 0,
# messages integer not null default 0,
# primary key (username)
# );
map {
pattern = priv/quota/storage
table = quota
username_field = username
value_field = bytes
}
map {
pattern = priv/quota/messages
table = quota
username_field = username
value_field = messages
}
# CREATE TABLE expires (
# username varchar(100) not null,
# mailbox varchar(255) not null,
# expire_stamp integer not null,
# primary key (username, mailbox)
# );
#map {
#pattern = shared/expire/$user/$mailbox
#table = expires
#value_field = expire_stamp
#fields {
#username = $user
#mailbox = $mailbox
#}
#}
More information about the dovecot
mailing list