dovecot Digest, Vol 173, Issue 28 (INTERNAL)

Aki Tuomi aki.tuomi at dovecot.fi
Tue Sep 12 09:36:37 EEST 2017


~$ openssl s_client -connect 192.168.122.14:110 -starttls pop3
CONNECTED(00000003)
<snip/>
    Verify return code: 10 (certificate has expired)
---
+OK Dovecot ready.
USER testuser1
+OK
PASS pass
+OK Logged in.
LIST
+OK 11 messages:
1 14
2 14
3 14
4 14
5 14
6 14
7 14
8 14
9 14
10 14
11 14
.
QUIT
DONE

and no crash occurs. Using Dovecot v2.2.32 (dfbe293)

Aki

On 12.09.2017 09:33, Arvid.Eikas at telenor.com wrote:
> Hi,
>
> It is quite easy.  
> I use a client (thunderbird or windows live mail) set it up to use starttls on standard port 110. Logon and just do a list on the mailbox. The fatal error occurred when I logoff.
>
> Arvid
>
> -----Original Message-----
> From: dovecot [mailto:dovecot-bounces at dovecot.org] On Behalf Of dovecot-request at dovecot.org
> Sent: 11. september 2017 14:57
> To: dovecot at dovecot.org
> Subject: dovecot Digest, Vol 173, Issue 28
>
> Send dovecot mailing list submissions to
> 	dovecot at dovecot.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
> 	https://dovecot.org/mailman/listinfo/dovecot
> or, via email, send a message with subject or body 'help' to
> 	dovecot-request at dovecot.org
>
> You can reach the person managing the list at
> 	dovecot-owner at dovecot.org
>
> When replying, please edit your Subject line so it is more specific than "Re: Contents of dovecot digest..."
>
>
> Today's Topics:
>
>    1. Re: pop3-login core dump when using TLSSTART on version
>       dovecot-2.2.32 (INTERNAL) (Aki Tuomi)
>    2. Re: Per-user quota (passwd) (Evgeniy Korneechev)
>    3. Re: Per-user quota (passwd) (Aki Tuomi)
>    4. Re: Is it possible to disable pipelining in imapc? (Nagy, Attila)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Mon, 11 Sep 2017 13:57:19 +0300
> From: Aki Tuomi <aki.tuomi at dovecot.fi>
> To: dovecot at dovecot.org
> Subject: Re: pop3-login core dump when using TLSSTART on version
> 	dovecot-2.2.32 (INTERNAL)
> Message-ID: <cd450054-53c4-2f84-eba7-7ce602c26892 at dovecot.fi>
> Content-Type: text/plain; charset=utf-8
>
> Can you outline the exact steps you perform to get this?
>
> Aki
>
> On 11.09.2017 13:42, Arvid.Eikas at telenor.com wrote:
>> Hi,
>>
>> I switched back to 2.2.27 with the same config that I am using for 2.2.32 and it work fine.  
>>
>> Sep 11 11:49:37 imap-login: Info: Login: user=<viboge>, method=PLAIN, 
>> rip=88.89.118.45, lip=148.123.160.116, mpid=18709, TLS, 
>> session=<v7o22OZYrsdYWXYt> Sep 11 11:49:40 imap(mailuser) Session-ID 
>> v7o22OZYrsdYWXYt RemoteIP 88.89.118.45  Maildir 
>> /var/nextmail/nfs2.flex14/49/79/841 Info: Logged out in=4518 
>> out=273720 deleted 0 expunged 0 trashed 0 Sep 11 11:49:40 imap-login: 
>> Debug: SSL alert: close notify [88.89.118.45]
>>
>> How could I proceed?  Any clue?  It is quite annoying to see this entry in the log for each session.
>>
>> Arvid
>>
>>
>>
>>
>> -----Original Message-----
>> From: Aki Tuomi [mailto:aki.tuomi at dovecot.fi]
>> Sent: 11. september 2017 09:18
>> To: Eik?s Arvid; dovecot at dovecot.org
>> Subject: Re: pop3-login core dump when using TLSSTART on version 
>> dovecot-2.2.32 (INTERNAL)
>>
>> Hi!
>>
>> I tried to reproduce this problem with dovecot-2.2.32 and OpenSSL 1.0.1k and was not able to. I enabled -DREF_CHECK on OpenSSL, but to no avail, the process did not crash. Is there something else you've done?
>>
>> Aki
>>
>>
>> On 11.09.2017 08:07, Arvid.Eikas at telenor.com wrote:
>>> Hi,
>>>
>>> Here is the gdb output.
>>>
>>> Arvid
>>>
>>> GNU gdb (GDB) Red Hat Enterprise Linux 7.6.1-94.el7 Copyright (C) 
>>> 2013 Free Software Foundation, Inc.
>>> License GPLv3+: GNU GPL version 3 or later 
>>> <http://gnu.org/licenses/gpl.html>
>>> This is free software: you are free to change and redistribute it.
>>> There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
>>> and "show warranty" for details.
>>> This GDB was configured as "x86_64-redhat-linux-gnu".
>>> For bug reporting instructions, please see:
>>> <http://www.gnu.org/software/gdb/bugs/>...
>>> Reading symbols from /local/misc/mail/dovecot-32/libexec/dovecot/pop3-login...done.
>>> [New LWP 15894]
>>> Core was generated by `dovecot-test/pop3-login'.
>>> Program terminated with signal 6, Aborted.
>>> #0  0x00007ff0bd9cf1d7 in raise () from /lib64/libc.so.6 Missing 
>>> separate debuginfos, use: debuginfo-install
>>> glibc-2.17-157.el7_3.1.x86_64
>>> (gdb) bt full
>>> #0  0x00007ff0bd9cf1d7 in raise () from /lib64/libc.so.6 No symbol 
>>> table info available.
>>> #1  0x00007ff0bd9d08c8 in abort () from /lib64/libc.so.6 No symbol 
>>> table info available.
>>> #2  0x00007ff0bd3c0f2f in engine_unlocked_finish (e=0x1c51c60, unlock_for_handlers=1) at eng_init.c:115
>>>         to_return = 1
>>> #3  0x00007ff0bd3c1064 in ENGINE_finish (e=0x1c51c60) at eng_init.c:150
>>>         to_return = 1
>>> #4  0x00007ff0be0f9300 in ssl_proxy_deinit () from
>>> /local/nextmail/dovecot/lib64/dovecot/libdovecot-login.so.0
>>> No symbol table info available.
>>> #5  0x00007ff0be0f4472 in main_deinit () from
>>> /local/nextmail/dovecot/lib64/dovecot/libdovecot-login.so.0
>>> No symbol table info available.
>>> #6  0x00007ff0be0f479f in login_binary_run () from
>>> /local/nextmail/dovecot/lib64/dovecot/libdovecot-login.so.0
>>> No symbol table info available.
>>> #7  0x00000000004032da in main (argc=1, argv=0x7ffe3059f3f8) at
>>> client.c:356 No locals.
>>>
>>>
>>>
>>> -----Original Message-----
>>> From: Aki Tuomi [mailto:aki.tuomi at dovecot.fi]
>>> Sent: 8. september 2017 14:08
>>> To: Eik?s Arvid; dovecot at dovecot.org
>>> Subject: Re: pop3-login core dump when using TLSSTART on version
>>> dovecot-2.2.32 (OPEN)
>>>
>>> I assume you mean STARTTLS. Can you provide gdb /path/to/bin /path/to/core and provide output of bt full?
>>>
>>> Aki
>>>
>>>
>>> On 08.09.2017 15:01, Arvid.Eikas at telenor.com wrote:
>>>> Hi,
>>>>
>>>> Pop3-login are CORE-dumping when I log on with TLSSTART, I believe the same will happen with imap-logon to, but I have not tested it yet.
>>>> The TLS session is coming up and it works fine until I log off, then it's core dump.  Open sslvesrion is   openssl-1.0.2k.
>>>> We ran dovecot-2.2.27 before we upgraded to dovecote-2.2.32, and 
>>>> that seems to work fine. (not core dumping)
>>>>
>>>>
>>>> Arvid
>>>>
>>>>
>>>> LOG
>>>> Sep 05 14:27:34 pop3-login: Debug: SSL: elliptic curve secp384r1 
>>>> will be used for ECDH and ECDHE key exchanges Sep 05 14:30:30 pop3-login:
>>>> Debug: SSL: elliptic curve secp384r1 will be used for ECDH and ECDHE 
>>>> key exchanges Sep 05 14:30:30 pop3-login: Debug: SSL: elliptic curve
>>>> secp384r1 will be used for ECDH and ECDHE key exchanges Sep 05
>>>> 14:30:42 pop3-login: Debug: SSL: elliptic curve secp384r1 will be 
>>>> used for ECDH and ECDHE key exchanges Sep 05 14:30:42 pop3-login: Debug:
>>>> SSL: elliptic curve secp384r1 will be used for ECDH and ECDHE key 
>>>> exchanges Sep 05 14:30:50 pop3-login: Info: Login: user=<tstrand>, 
>>>> method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=18361, secured, 
>>>> session=<65m8ZXBYtpN/AAAB> Sep 05 14:30:50 pop3-login: Error:
>>>> ENGINE_finish, bad functional reference count Sep 05 14:30:50
>>>> pop3-login: Fatal: master: service(pop3-login): child 18359 killed 
>>>> with signal 6 (core dumped)
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> From  ./crypto/engine/eng_init.c
>>>>
>>>> .........
>>>> int engine_unlocked_finish(ENGINE *e, int unlock_for_handlers) {
>>>>     int to_return = 1;
>>>>
>>>>     /*
>>>>      * Reduce the functional reference count here so if it's the terminating
>>>>      * case, we can release the lock safely and call the finish() handler
>>>>      * without risk of a race. We get a race if we leave the count until
>>>>      * after and something else is calling "finish" at the same time -
>>>>      * there's a chance that both threads will together take the count from 2
>>>>      * to 0 without either calling finish().
>>>>      */
>>>>     e->funct_ref--;
>>>>     engine_ref_debug(e, 1, -1);
>>>>     if ((e->funct_ref == 0) && e->finish) {
>>>>         if (unlock_for_handlers)
>>>>             CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
>>>>         to_return = e->finish(e);
>>>>         if (unlock_for_handlers)
>>>>             CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
>>>>         if (!to_return)
>>>>             return 0;
>>>>     }
>>>> #ifdef REF_CHECK
>>>>     if (e->funct_ref < 0) {
>>>>         fprintf(stderr, "ENGINE_finish, bad functional reference count\n");
>>>>         abort();
>>>>
>>>> .........
>>>>
>>>> /* The API (locked) version of "finish" */ int ENGINE_finish(ENGINE
>>>> *e) {
>>>>     int to_return = 1;
>>>>
>>>>     if (e == NULL) {
>>>>         ENGINEerr(ENGINE_F_ENGINE_FINISH, ERR_R_PASSED_NULL_PARAMETER);
>>>>         return 0;
>>>>     }
>>>>     CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
>>>>     to_return = engine_unlocked_finish(e, 1);
>>>>     CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
>>>>     if (!to_return) {
>>>>         ENGINEerr(ENGINE_F_ENGINE_FINISH, ENGINE_R_FINISH_FAILED);
>>>>         return 0;
>>>>     }
>>>>     return to_return;
>>>> }
>
>
> ------------------------------
>
> Message: 2
> Date: Mon, 11 Sep 2017 14:48:47 +0300 (MSK)
> From: Evgeniy Korneechev <ekorneechev at altlinux.org>
> To: Aki Tuomi <aki.tuomi at dovecot.fi>
> Cc: dovecot <dovecot at dovecot.org>
> Subject: Re: Per-user quota (passwd)
> Message-ID:
> 	<2046000051.747964.1505130527842.JavaMail.zimbra at remotesystems.ru>
> Content-Type: text/plain; charset=utf-8
>
> Hi.
> But there is one problem...
>
> protocol lda {
>   mail_plugins = " quota autocreate  sieve quota"
>   plugin {
>     quota = dict:user::file:/var/vmail/glu_vrem/%u/.quotausage
>   }
> }
> protocol imap {
>   mail_plugins = " quota autocreate autocreate imap_quota"
>   plugin {
>     autocreate = INBOX
>     autocreate2 = Sent
>     autocreate3 = Trash
>     autocreate4 = Drafts
>     autocreate5 = Junk
>     autosubscribe = INBOX
>     autosubscribe2 = Sent
>     autosubscribe3 = Trash
>     autosubscribe4 = Drafts
>     autosubscribe5 = Junk
>     quota = dict:user::file:/var/vmail/glu_vrem/%u/.quotausage
>   }
> }
>
>> Users with non-standard quota in passwd-file:
>>>>>>>> administrator:*:95400500:95400513:Administrator:/home/DOM/admini
>>>>>>>> strator:/bin/bash::userdb_quota_rule=*:bytes=10G
>>>>>>>> userdb_mail=maildir:/var/vmail/glu_vrem/administrator/Maildir
>>>>>>>> administrator at email.dom:*:95400500:95400513:Administrator:/home/
>>>>>>>> DOM/administrator:/bin/bash::userdb_quota_rule=*:bytes=10G
>>>>>>>> userdb_mail=maildir:/var/vmail/glu_vrem/administrator/Maildir
>> Others from passwd.
>
>
> Files ".quotausage" are created in different directories:
> /var/vmail/glu_vrem/administrator\DOM/.quotausage
> /var/vmail/glu_vrem/administrator at email.dom/.quotausage
> And must in the folder "/var/vmail/glu_vrem/administrator"
>
> How fix it?
>
>
> ----- ???????? ????????? -----
>> ??: "Evgeniy Korneechev" <ekorneechev at altlinux.org>
>> ????: "Aki Tuomi" <aki.tuomi at dovecot.fi>
>> ?????: "dovecot" <dovecot at dovecot.org>
>> ????????????: ???????, 30 ???? 2017 ? 10:39:16
>> ????: Re: Per-user quota (passwd)
>> Our solution:
>> userdb {
>>  args = /etc/imap.passwd
>>  driver = passwd-file
>>  override_fields = home=/var/vmail/glu_vrem/%u } userdb {  driver = 
>> passwd  override_fields = home=/var/vmail/glu_vrem/%u }
>>
>> Users with non-standard quota in passwd-file:
>>>>>>>> administrator:*:95400500:95400513:Administrator:/home/DOM/admini
>>>>>>>> strator:/bin/bash::userdb_quota_rule=*:bytes=10G
>>>>>>>> userdb_mail=maildir:/var/vmail/glu_vrem/administrator/Maildir
>>>>>>>> administrator at email.dom:*:95400500:95400513:Administrator:/home/
>>>>>>>> DOM/administrator:/bin/bash::userdb_quota_rule=*:bytes=10G
>>>>>>>> userdb_mail=maildir:/var/vmail/glu_vrem/administrator/Maildir
>> Others from passwd.
>>
>> Its works! Thanks.
>>
>>
>> ----- ???????? ????????? -----
>>> ??: "Aki Tuomi" <aki.tuomi at dovecot.fi>
>>> ????: "dovecot" <dovecot at dovecot.org>
>>> ????????????: ???????, 29 ???? 2017 ? 14:40:44
>>> ????: Re: Per-user quota (passwd)
>>> Oh you have multiple db's, I missed that.
>>>
>>> Remove auth_username_format, and instead
>>>
>>> userdb {
>>>  args = /etc/imap.passwd username_format=%Ln  driver = passwd-file  
>>> override_fields = home=/var/vmail/glu_vrem/%u }
>>>
>>> On 29.06.2017 14:35, Evgeniy Korneechev wrote:
>>>> with auth_username_format = %Ln:
>>>>
>>>> Jun 28 14:43:41 auth: Debug: master in: USER    1    iivanov.ia at example.com
>>>> service=lda
>>>> Jun 28 14:43:41 auth-worker(18369): Debug: passwd(iivanov.ia): 
>>>> lookup Jun 28 14:43:41 auth-worker(18369): Info: passwd(iivanov.ia): 
>>>> unknown user  - trying the next userdb Jun 28 14:43:41 
>>>> auth-worker(18369): Debug: sql(iivanov.ia): SELECT email as user, 
>>>> maildir as home, CONCAT('maildir:', maildir, '/Maildir') as mail, 
>>>> uid, gid, \
>>>>      CONCAT('*:storage=', quota, 'B') AS quota_rule, CONCAT(maildir, '/.sieve') as
>>>>      sieve FROM mail_user WHERE (login = 'iivanov.ia' OR email = 
>>>> 'iivanov.ia') Jun 28 14:43:41 auth-worker(18369): Info: 
>>>> sql(iivanov.ia): unknown user
>>>>
>>>> Maybe %Lu?
>>>>
>>>> ----- ???????? ????????? -----
>>>>> ??: "Aki Tuomi" <aki.tuomi at dovecot.fi>
>>>>> ????: "dovecot" <dovecot at dovecot.org>
>>>>> ????????????: ???????, 29 ???? 2017 ? 14:10:07
>>>>> ????: Re: Per-user quota (passwd)
>>>>> Yes.
>>>>>
>>>>> Aki
>>>>>
>>>>> On 29.06.2017 14:07, Evgeniy Korneechev wrote:
>>>>>> And if such a user:
>>>>>> email (from AD) = ivanov.ia at example.com login (from AD), %n = 
>>>>>> iivanov %d = DOM %u = iivanov at DOM
>>>>>>
>>>>>> ?
>>>>>>
>>>>>> ----- ???????? ????????? -----
>>>>>>> ??: "Aki Tuomi" <aki.tuomi at dovecot.fi>
>>>>>>> ????: "dovecot" <dovecot at dovecot.org>
>>>>>>> ????????????: ???????, 29 ???? 2017 ? 13:59:05
>>>>>>> ????: Re: Per-user quota (passwd) or use, as I indicated before, 
>>>>>>> auth_username_format = %Ln
>>>>>>>
>>>>>>> Aki
>>>>>>>
>>>>>>>
>>>>>>> On 29.06.2017 13:58, Evgeniy Korneechev wrote:
>>>>>>>> Hi!
>>>>>>>> workaround:
>>>>>>>> administrator:*:95400500:95400513:Administrator:/home/DOM/admini
>>>>>>>> strator:/bin/bash::userdb_quota_rule=*:bytes=10G
>>>>>>>> userdb_mail=maildir:/var/vmail/glu_vrem/administrator/Maildir
>>>>>>>> administrator at email.dom:*:95400500:95400513:Administrator:/home/
>>>>>>>> DOM/administrator:/bin/bash::userdb_quota_rule=*:bytes=10G
>>>>>>>> userdb_mail=maildir:/var/vmail/glu_vrem/administrator/Maildir
>>>>>>>>
>>>>>>>> But this is not a solution for 1000 users ...
>>>>>>>> Maybe is there extra field "userdb_mail=administrator at email.dom" 
>>>>>>>> for email to passwd-file?
>>>>>>>>
>>>>>>>> ----- ???????? ????????? -----
>>>>>>>>> ??: "Aki Tuomi" <aki.tuomi at dovecot.fi>
>>>>>>>>> ????: "dovecot" <dovecot at dovecot.org>
>>>>>>>>> ????????????: ?????, 28 ???? 2017 ? 12:40:48
>>>>>>>>> ????: Re: Per-user quota (passwd) On 28.06.2017 12:36, Aki 
>>>>>>>>> Tuomi wrote:
>>>>>>>>>> On 28.06.2017 12:25, Evgeniy Korneechev wrote:
>>>>>>>>>>> Hello!
>>>>>>>>>>> We have passwd=pam, userdb=passwd.
>>>>>>>>>>> passdb {
>>>>>>>>>>>   driver = pam #server was entered domain Active Directory } 
>>>>>>>>>>> userdb {
>>>>>>>>>>>   driver = passwd
>>>>>>>>>>>   override_fields = home=/var/vmail/glu_vrem/%u }
>>>>>>>>>>>
>>>>>>>>>>> How can i use per-user quota? Only passwd-file?
>>>>>>>>>>>
>>>>>>>>>>> I tried:
>>>>>>>>>>> userdb {
>>>>>>>>>>>   args = /etc/imap.passwd
>>>>>>>>>>>   driver = passwd-file
>>>>>>>>>>>   override_fields = home=/var/vmail/glu_vrem/%u }
>>>>>>>>>>> /etc/imap.passwd:
>>>>>>>>>>> administrator:*:95400500:95400513:Administrator:/home/DOM/adm
>>>>>>>>>>> inistrator:/bin/bash::userdb_quota_rule=*:bytes=10G
>>>>>>>>>>>
>>>>>>>>>>> Authentication and quota - now OK. But doesn't work sending 
>>>>>>>>>>> and receiving mail...
>>>>>>>>>>> postfix say 'Unknown user'...
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> Turn on auth_debug and auth_verbose and see what it says.
>>>>>>>>>>>
>>>>>>>>>>> Aki
>>>>>>>>> Also you can set auth_username_format = %Ln to force usernames 
>>>>>>>>> into lowercase without domain.
>>>>>>>>>
>>>>>>>>> Aki
>> --
>> WBR, Korneechev Evgeniy
>> BaseALT/ALTLinux Team
> --
> WBR, Korneechev Evgeniy
> BaseALT/ALTLinux Team
>
>
> ------------------------------
>
> Message: 3
> Date: Mon, 11 Sep 2017 14:51:13 +0300
> From: Aki Tuomi <aki.tuomi at dovecot.fi>
> To: dovecot at dovecot.org
> Subject: Re: Per-user quota (passwd)
> Message-ID: <7e86447f-10e6-51a3-ce8a-3c4c8261bac1 at dovecot.fi>
> Content-Type: text/plain; charset=utf-8
>
> Hi!
> Just so you know, autocreate/autosubscribe is deprecated, you should use
>
> namespace {
>   mailbox INBOX {
>    auto = subscribe
>  }
> }
>
> can you run
>
> doveadm user administrator at email.dom
>
> to verify that mail_home gets set correctly?
>
> Aki
>
> On 11.09.2017 14:48, Evgeniy Korneechev wrote:
>> Hi.
>> But there is one problem...
>>
>> protocol lda {
>>   mail_plugins = " quota autocreate  sieve quota"
>>   plugin {
>>     quota = dict:user::file:/var/vmail/glu_vrem/%u/.quotausage
>>   }
>> }
>> protocol imap {
>>   mail_plugins = " quota autocreate autocreate imap_quota"
>>   plugin {
>>     autocreate = INBOX
>>     autocreate2 = Sent
>>     autocreate3 = Trash
>>     autocreate4 = Drafts
>>     autocreate5 = Junk
>>     autosubscribe = INBOX
>>     autosubscribe2 = Sent
>>     autosubscribe3 = Trash
>>     autosubscribe4 = Drafts
>>     autosubscribe5 = Junk
>>     quota = dict:user::file:/var/vmail/glu_vrem/%u/.quotausage
>>   }
>> }
>>
>>> Users with non-standard quota in passwd-file:
>>>>>>>>> administrator:*:95400500:95400513:Administrator:/home/DOM/administrator:/bin/bash::userdb_quota_rule=*:bytes=10G
>>>>>>>>> userdb_mail=maildir:/var/vmail/glu_vrem/administrator/Maildir
>>>>>>>>> administrator at email.dom:*:95400500:95400513:Administrator:/home/DOM/administrator:/bin/bash::userdb_quota_rule=*:bytes=10G
>>>>>>>>> userdb_mail=maildir:/var/vmail/glu_vrem/administrator/Maildir
>>> Others from passwd.
>>
>> Files ".quotausage" are created in different directories:
>> /var/vmail/glu_vrem/administrator\DOM/.quotausage
>> /var/vmail/glu_vrem/administrator at email.dom/.quotausage
>> And must in the folder "/var/vmail/glu_vrem/administrator"
>>
>> How fix it?
>>
>>
>> ----- ???????? ????????? -----
>>> ??: "Evgeniy Korneechev" <ekorneechev at altlinux.org>
>>> ????: "Aki Tuomi" <aki.tuomi at dovecot.fi>
>>> ?????: "dovecot" <dovecot at dovecot.org>
>>> ????????????: ???????, 30 ???? 2017 ? 10:39:16
>>> ????: Re: Per-user quota (passwd)
>>> Our solution:
>>> userdb {
>>>  args = /etc/imap.passwd
>>>  driver = passwd-file
>>>  override_fields = home=/var/vmail/glu_vrem/%u
>>> }
>>> userdb {
>>>  driver = passwd
>>>  override_fields = home=/var/vmail/glu_vrem/%u
>>> }
>>>
>>> Users with non-standard quota in passwd-file:
>>>>>>>>> administrator:*:95400500:95400513:Administrator:/home/DOM/administrator:/bin/bash::userdb_quota_rule=*:bytes=10G
>>>>>>>>> userdb_mail=maildir:/var/vmail/glu_vrem/administrator/Maildir
>>>>>>>>> administrator at email.dom:*:95400500:95400513:Administrator:/home/DOM/administrator:/bin/bash::userdb_quota_rule=*:bytes=10G
>>>>>>>>> userdb_mail=maildir:/var/vmail/glu_vrem/administrator/Maildir
>>> Others from passwd.
>>>
>>> Its works! Thanks.
>>>
>>>
>>> ----- ???????? ????????? -----
>>>> ??: "Aki Tuomi" <aki.tuomi at dovecot.fi>
>>>> ????: "dovecot" <dovecot at dovecot.org>
>>>> ????????????: ???????, 29 ???? 2017 ? 14:40:44
>>>> ????: Re: Per-user quota (passwd)
>>>> Oh you have multiple db's, I missed that.
>>>>
>>>> Remove auth_username_format, and instead
>>>>
>>>> userdb {
>>>>  args = /etc/imap.passwd username_format=%Ln
>>>>  driver = passwd-file
>>>>  override_fields = home=/var/vmail/glu_vrem/%u
>>>> }
>>>>
>>>> On 29.06.2017 14:35, Evgeniy Korneechev wrote:
>>>>> with auth_username_format = %Ln:
>>>>>
>>>>> Jun 28 14:43:41 auth: Debug: master in: USER    1    iivanov.ia at example.com
>>>>> service=lda
>>>>> Jun 28 14:43:41 auth-worker(18369): Debug: passwd(iivanov.ia): lookup
>>>>> Jun 28 14:43:41 auth-worker(18369): Info: passwd(iivanov.ia): unknown user  -
>>>>> trying the next userdb
>>>>> Jun 28 14:43:41 auth-worker(18369): Debug: sql(iivanov.ia): SELECT email as
>>>>> user, maildir as home, CONCAT('maildir:', maildir, '/Maildir') as mail, uid,
>>>>> gid, \
>>>>>      CONCAT('*:storage=', quota, 'B') AS quota_rule, CONCAT(maildir, '/.sieve') as
>>>>>      sieve FROM mail_user WHERE (login = 'iivanov.ia' OR email = 'iivanov.ia')
>>>>> Jun 28 14:43:41 auth-worker(18369): Info: sql(iivanov.ia): unknown user
>>>>>
>>>>> Maybe %Lu?
>>>>>
>>>>> ----- ???????? ????????? -----
>>>>>> ??: "Aki Tuomi" <aki.tuomi at dovecot.fi>
>>>>>> ????: "dovecot" <dovecot at dovecot.org>
>>>>>> ????????????: ???????, 29 ???? 2017 ? 14:10:07
>>>>>> ????: Re: Per-user quota (passwd)
>>>>>> Yes.
>>>>>>
>>>>>> Aki
>>>>>>
>>>>>> On 29.06.2017 14:07, Evgeniy Korneechev wrote:
>>>>>>> And if such a user:
>>>>>>> email (from AD) = ivanov.ia at example.com
>>>>>>> login (from AD), %n = iivanov
>>>>>>> %d = DOM
>>>>>>> %u = iivanov at DOM
>>>>>>>
>>>>>>> ?
>>>>>>>
>>>>>>> ----- ???????? ????????? -----
>>>>>>>> ??: "Aki Tuomi" <aki.tuomi at dovecot.fi>
>>>>>>>> ????: "dovecot" <dovecot at dovecot.org>
>>>>>>>> ????????????: ???????, 29 ???? 2017 ? 13:59:05
>>>>>>>> ????: Re: Per-user quota (passwd)
>>>>>>>> or use, as I indicated before, auth_username_format = %Ln
>>>>>>>>
>>>>>>>> Aki
>>>>>>>>
>>>>>>>>
>>>>>>>> On 29.06.2017 13:58, Evgeniy Korneechev wrote:
>>>>>>>>> Hi!
>>>>>>>>> workaround:
>>>>>>>>> administrator:*:95400500:95400513:Administrator:/home/DOM/administrator:/bin/bash::userdb_quota_rule=*:bytes=10G
>>>>>>>>> userdb_mail=maildir:/var/vmail/glu_vrem/administrator/Maildir
>>>>>>>>> administrator at email.dom:*:95400500:95400513:Administrator:/home/DOM/administrator:/bin/bash::userdb_quota_rule=*:bytes=10G
>>>>>>>>> userdb_mail=maildir:/var/vmail/glu_vrem/administrator/Maildir
>>>>>>>>>
>>>>>>>>> But this is not a solution for 1000 users ...
>>>>>>>>> Maybe is there extra field "userdb_mail=administrator at email.dom" for email to
>>>>>>>>> passwd-file?
>>>>>>>>>
>>>>>>>>> ----- ???????? ????????? -----
>>>>>>>>>> ??: "Aki Tuomi" <aki.tuomi at dovecot.fi>
>>>>>>>>>> ????: "dovecot" <dovecot at dovecot.org>
>>>>>>>>>> ????????????: ?????, 28 ???? 2017 ? 12:40:48
>>>>>>>>>> ????: Re: Per-user quota (passwd)
>>>>>>>>>> On 28.06.2017 12:36, Aki Tuomi wrote:
>>>>>>>>>>> On 28.06.2017 12:25, Evgeniy Korneechev wrote:
>>>>>>>>>>>> Hello!
>>>>>>>>>>>> We have passwd=pam, userdb=passwd.
>>>>>>>>>>>> passdb {
>>>>>>>>>>>>   driver = pam #server was entered domain Active Directory
>>>>>>>>>>>> }
>>>>>>>>>>>> userdb {
>>>>>>>>>>>>   driver = passwd
>>>>>>>>>>>>   override_fields = home=/var/vmail/glu_vrem/%u
>>>>>>>>>>>> }
>>>>>>>>>>>>
>>>>>>>>>>>> How can i use per-user quota? Only passwd-file?
>>>>>>>>>>>>
>>>>>>>>>>>> I tried:
>>>>>>>>>>>> userdb {
>>>>>>>>>>>>   args = /etc/imap.passwd
>>>>>>>>>>>>   driver = passwd-file
>>>>>>>>>>>>   override_fields = home=/var/vmail/glu_vrem/%u
>>>>>>>>>>>> }
>>>>>>>>>>>> /etc/imap.passwd:
>>>>>>>>>>>> administrator:*:95400500:95400513:Administrator:/home/DOM/administrator:/bin/bash::userdb_quota_rule=*:bytes=10G
>>>>>>>>>>>>
>>>>>>>>>>>> Authentication and quota - now OK. But doesn't work sending and receiving
>>>>>>>>>>>> mail...
>>>>>>>>>>>> postfix say 'Unknown user'...
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> Turn on auth_debug and auth_verbose and see what it says.
>>>>>>>>>>>>
>>>>>>>>>>>> Aki
>>>>>>>>>> Also you can set auth_username_format = %Ln to force usernames into
>>>>>>>>>> lowercase without domain.
>>>>>>>>>>
>>>>>>>>>> Aki
>>> --
>>> WBR, Korneechev Evgeniy
>>> BaseALT/ALTLinux Team
>
>
> ------------------------------
>
> Message: 4
> Date: Mon, 11 Sep 2017 14:56:28 +0200
> From: "Nagy, Attila" <bra at fsn.hu>
> To: Aki Tuomi <aki.tuomi at dovecot.fi>, dovecot at dovecot.org
> Subject: Re: Is it possible to disable pipelining in imapc?
> Message-ID: <a6ced659-fa75-60c9-01f7-bfb36e826466 at fsn.hu>
> Content-Type: text/plain; charset=utf-8; format=flowed
>
> On 09/11/2017 12:12 PM, Aki Tuomi wrote:
>> Is there some reason you can't use normal proxy instead of imap backend?
>> That is,return proxy, host=imap_backend, port=1430? There seems to be no
>> pipeline setting currently for imapc in v2.2.
>>
> Yes, because it's a dumb IMAP server, which doesn't implement a lot of 
> things, like SEARCH, FETCH BODYSTRUCTURE and similar.
> Dovecot is used as a smart proxy, which makes it possible to use it as a 
> fully featured IMAP server.
>
>
> ------------------------------
>
> Subject: Digest Footer
>
> _______________________________________________
> dovecot mailing list
> dovecot at dovecot.org
> https://dovecot.org/mailman/listinfo/dovecot
>
> ------------------------------
>
> End of dovecot Digest, Vol 173, Issue 28
> ****************************************



More information about the dovecot mailing list