June 2024 - dovecot - dovecot.org

dictionary with %d variable in sql stops insert and select domain part - dovecot 2.3.17+
by Mariusz Piasecki 16 Jul '24

16 Jul '24

Hi, I notice that quota domain when using args %d in dictionary isn't honored in mysql during updates and selects when using dovecot 2.3.17+, so I moved my tests to docker environment, because I started using alpine linux and thought it could be musl library problem. I tested few versions with debian/alpine and after 2.3.17 updates and selects for domain in sql not using domain part, but user@domain. Maybe I missed some changes in configuration, maybe someone experience this behavior? User in logs was changed to h.user(a)example.com. Configuration as described in documentation quota = dict:<quota root name>:<username>[:<option>[...]]:<dictionary URI> where username could be %d for supporting domain-wide quotas quota = dict:user_quota::proxy::sqluserquota quota2 = dict:domain_quota:%d:proxy::sqldomainquota dict { acl = mysql:/etc/dovecot/dovecot-share-folder.conf sqldomainquota = mysql:/etc/dovecot/dovecot-dict-sql-domain.conf sqluserquota = mysql:/etc/dovecot/dovecot-dict-sql-user.conf } dovecot-dict-sql-domain.conf map { pattern= priv/quota/storage table= used_domain_quota username_field= domain value_field= bytes } map { pattern= priv/quota/messages table= used_domain_quota username_field= domain value_field= messages } dovecot-dict-sql-user.conf map { pattern= priv/quota/storage table= used_quota username_field= username value_field= bytes } map { pattern= priv/quota/messages table= used_quota username_field= username value_field= messages } Example dump sql table, in real environment with newer dovecot, there was only h.user(a)example.com and no domain record. *In earlier versions of dovecot there was only domain in this table.* |//**domain**//|varchar(255)|Nie| |bytes|bigint(20)|Nie|0 |messages|bigint(20)|Nie|0 == Dumping data for table used_domain_quota |h.user(a)example.com|36000|36000 |example.com|35000|35000 Debug Doveadm *In both examples below debug args=example.com seems correct * Dovecot version 2.3.17+, in this example debian 10 2.3.17 (e2aa53df5b), select with only username. root@cf801690360c:/# doveadm -D -v quota get -u h.user(a)example.com Debug: Loading modules from directory: /usr/lib/dovecot/modules/doveadm Debug: Skipping module doveadm_acl_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_acl_plugin.so: undefined symbol: acl_user_module (this is usually intentional, so just ignore this message) Debug: Skipping module doveadm_quota_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_quota_plugin.so: undefined symbol: quota_user_module (this is usually intentional, so just ignore this message) Debug: Module loaded: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_sieve_plugin.so Debug: Skipping module doveadm_fts_lucene_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib20_doveadm_fts_lucene_plugin.so: undefined symbol: lucene_index_iter_deinit (this is usually intentional, so just ignore this message) Debug: Skipping module doveadm_fts_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib20_doveadm_fts_plugin.so: undefined symbol: fts_user_get_language_list (this is usually intentional, so just ignore this message) Debug: Skipping module doveadm_mail_crypt_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/libdoveadm_mail_crypt_plugin.so: undefined symbol: mail_crypt_box_get_pvt_digests (this is usually intentional, so just ignore this message) Nov 27 15:46:31 Debug: Loading modules from directory: /usr/lib/dovecot/modules Nov 27 15:46:31 Debug: Module loaded: /usr/lib/dovecot/modules/lib01_acl_plugin.so Nov 27 15:46:31 Debug: Module loaded: /usr/lib/dovecot/modules/lib10_quota_plugin.so Nov 27 15:46:31 Debug: Module loaded: /usr/lib/dovecot/modules/lib20_mailbox_alias_plugin.so Nov 27 15:46:31 Debug: Loading modules from directory: /usr/lib/dovecot/modules/doveadm Nov 27 15:46:31 Debug: Module loaded: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_acl_plugin.so Nov 27 15:46:31 Debug: Module loaded: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_quota_plugin.so Nov 27 15:46:31 Debug: Skipping module doveadm_fts_lucene_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib20_doveadm_fts_lucene_plugin.so: undefined symbol: lucene_index_iter_deinit (this is usually intentional, so just ignore this message) Nov 27 15:46:31 Debug: Skipping module doveadm_fts_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib20_doveadm_fts_plugin.so: undefined symbol: fts_user_get_language_list (this is usually intentional, so just ignore this message) Nov 27 15:46:31 Debug: Skipping module doveadm_mail_crypt_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/libdoveadm_mail_crypt_plugin.so: undefined symbol: mail_crypt_box_get_pvt_digests (this is usually intentional, so just ignore this message) Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><>: Debug: auth-master: userdb lookup(h.user(a)example.com): Started userdb lookup Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><>: Debug: auth-master: conn unix:/var/run/dovecot/director-userdb: Connecting Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><>: Debug: auth-master: conn unix:/var/run/dovecot/director-userdb (pid=1,uid=0): Client connected (fd=9) Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><>: Debug: auth-master: userdb lookup(h.user(a)example.com): auth USER input: h.user(a)example.com home=/home/mail/virtual/data05/example.com/h.user@example.com quota2_rule=*:bytes=10485760000 quota_rule=*:bytes=1048576000 Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><>: Debug: auth-master: userdb lookup(h.user(a)example.com): Finished userdb lookup (username=h.user(a)example.com home=/home/mail/virtual/data05/example.com/h.user@example.com quota2_rule=*:bytes=10485760000 quota_rule=*:bytes=1048576000) Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><>: Debug: Added userdb setting: plugin/quota2_rule=*:bytes=10485760000 Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><>: Debug: Added userdb setting: plugin/quota_rule=*:bytes=1048576000 Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><4l0XONe5ZGWRAQAAQCEzFg>: Debug: Effective uid=101, gid=101, home=/home/mail/virtual/data05/example.com/h.user@example.com Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><4l0XONe5ZGWRAQAAQCEzFg>: Debug: Home dir not found: /home/mail/virtual/data05/example.com/h.user(a)example.com Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><4l0XONe5ZGWRAQAAQCEzFg>: Debug: dict(proxy): dict created (uri=proxy::acl, base_dir=/var/run/dovecot) Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><4l0XONe5ZGWRAQAAQCEzFg>: Debug: Quota root: name=User Quota backend=dict args=:proxy::sqluserquota Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><4l0XONe5ZGWRAQAAQCEzFg>: Debug: Quota rule: root=User Quota mailbox=* bytes=1048576000 messages=0 Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><4l0XONe5ZGWRAQAAQCEzFg>: Debug: Quota warning: bytes=1048576000 (100%) messages=0 reverse=no command=quota-warning 100 h.user(a)example.com Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><4l0XONe5ZGWRAQAAQCEzFg>: Debug: Quota warning: bytes=996147200 (95%) messages=0 reverse=no command=quota-warning 95 h.user(a)example.com Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><4l0XONe5ZGWRAQAAQCEzFg>: Debug: Quota warning: bytes=943718400 (90%) messages=0 reverse=no command=quota-warning 90 h.user(a)example.com Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><4l0XONe5ZGWRAQAAQCEzFg>: Debug: Quota warning: bytes=891289600 (85%) messages=0 reverse=no command=quota-warning 85 h.user(a)example.com Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><4l0XONe5ZGWRAQAAQCEzFg>: Debug: Quota grace: root=User Quota bytes=104857600 (10%) Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><4l0XONe5ZGWRAQAAQCEzFg>: Debug: Quota root: name=Domain Quota backend=dict args=example.com:proxy::sqldomainquota Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><4l0XONe5ZGWRAQAAQCEzFg>: Debug: Quota rule: root=Domain Quota mailbox=* bytes=10485760000 messages=0 Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><4l0XONe5ZGWRAQAAQCEzFg>: Debug: Quota grace: root=Domain Quota bytes=1048576000 (10%) Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><4l0XONe5ZGWRAQAAQCEzFg>: Debug: quota-dict: user=h.user(a)example.com, uri=proxy::sqluserquota, noenforcing=0 Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><4l0XONe5ZGWRAQAAQCEzFg>: Debug: dict(proxy): dict created (uri=proxy::sqluserquota, base_dir=/var/run/dovecot) Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><4l0XONe5ZGWRAQAAQCEzFg>: Debug: quota-dict: user=example.com, uri=proxy::sqldomainquota, noenforcing=0 Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><4l0XONe5ZGWRAQAAQCEzFg>: Debug: dict(proxy): dict created (uri=proxy::sqldomainquota, base_dir=/var/run/dovecot) Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><4l0XONe5ZGWRAQAAQCEzFg>: Debug: Namespace : type=private, prefix=, sep=/, inbox=yes, hidden=no, list=yes, subscriptions=yes location=maildir://home/mail/virtual/data05/example.com/h.user@example.com/… Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><4l0XONe5ZGWRAQAAQCEzFg>: Debug: maildir++: root=//home/mail/virtual/data05/example.com/h.user@example.com/Maildir, index=, indexpvt=, control=, inbox=//home/mail/virtual/data05/example.com/h.user@example.com/Maildir, alt= Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><4l0XONe5ZGWRAQAAQCEzFg>: Debug: acl: initializing backend with data: vfile Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><4l0XONe5ZGWRAQAAQCEzFg>: Debug: acl: acl username= h.user(a)example.com Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><4l0XONe5ZGWRAQAAQCEzFg>: Debug: acl: owner= 1 Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><4l0XONe5ZGWRAQAAQCEzFg>: Debug: acl vfile: Global ACLs disabled Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><4l0XONe5ZGWRAQAAQCEzFg>: Debug: Namespace : type=shared, prefix=Shared/%u/, sep=/, inbox=no, hidden=no, list=children, subscriptions=yes location=maildir:%Lh/Maildir/:INDEX=%Lh/Maildir/Shared/%u Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><4l0XONe5ZGWRAQAAQCEzFg>: Debug: shared: root=/var/run/dovecot, index=, indexpvt=, control=, inbox=, alt= Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><4l0XONe5ZGWRAQAAQCEzFg>: Debug: acl: initializing backend with data: vfile Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><4l0XONe5ZGWRAQAAQCEzFg>: Debug: acl: acl username= h.user(a)example.com Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><4l0XONe5ZGWRAQAAQCEzFg>: Debug: acl: owner= 0 Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><4l0XONe5ZGWRAQAAQCEzFg>: Debug: acl vfile: Global ACLs disabled Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><4l0XONe5ZGWRAQAAQCEzFg>: Debug: quota: quota_over_flag check: quota_over_script unset - skipping Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><4l0XONe5ZGWRAQAAQCEzFg>: Debug: quota: quota_over_flag check: quota2_over_script unset - skipping Nov 27 15:46:31 doveadm(h.user(a)example.com): Debug: dict(proxy): Looking up 'priv/quota/storage' Nov 27 15:46:31 doveadm(h.user(a)example.com): Debug: dict(proxy): Looking up (async) 'priv/quota/storage' Nov 27 15:46:31 doveadm(h.user(a)example.com): Debug: dict(proxy): conn unix:/var/run/dovecot/dict: Connecting Nov 27 15:46:31 doveadm(h.user(a)example.com): Debug: dict(proxy): conn unix:/var/run/dovecot/dict (pid=1,uid=0): Client connected (fd=10) Nov 27 15:46:31 doveadm(h.user(a)example.com): Debug: dict(proxy): Lookup finished for 'priv/quota/storage': found Nov 27 15:46:31 doveadm(h.user(a)example.com): Debug: dict(proxy): Lookup finished for 'priv/quota/storage': found Nov 27 15:46:31 doveadm(h.user(a)example.com): Debug: dict(proxy): Looking up 'priv/quota/messages' Nov 27 15:46:31 doveadm(h.user(a)example.com): Debug: dict(proxy): Looking up (async) 'priv/quota/messages' Nov 27 15:46:31 doveadm(h.user(a)example.com): Debug: dict(proxy): Lookup finished for 'priv/quota/messages': found Nov 27 15:46:31 doveadm(h.user(a)example.com): Debug: dict(proxy): Lookup finished for 'priv/quota/messages': found Nov 27 15:46:31 doveadm(h.user(a)example.com): Debug: dict(proxy): Looking up 'priv/quota/storage' Nov 27 15:46:31 doveadm(h.user(a)example.com): Debug: dict(proxy): Looking up (async) 'priv/quota/storage' Nov 27 15:46:31 doveadm(h.user(a)example.com): Debug: dict(proxy): conn unix:/var/run/dovecot/dict: Connecting Nov 27 15:46:31 doveadm(h.user(a)example.com): Debug: dict(proxy): conn unix:/var/run/dovecot/dict (pid=1,uid=0): Client connected (fd=12) Nov 27 15:46:31 doveadm(h.user(a)example.com): Debug: dict(proxy): Lookup finished for 'priv/quota/storage': found Nov 27 15:46:31 doveadm(h.user(a)example.com): Debug: dict(proxy): Lookup finished for 'priv/quota/storage': found Nov 27 15:46:31 doveadm(h.user(a)example.com): Debug: dict(proxy): Looking up 'priv/quota/messages' Nov 27 15:46:31 doveadm(h.user(a)example.com): Debug: dict(proxy): Looking up (async) 'priv/quota/messages' Nov 27 15:46:31 doveadm(h.user(a)example.com): Debug: dict(proxy): Lookup finished for 'priv/quota/messages': found Nov 27 15:46:31 doveadm(h.user(a)example.com): Debug: dict(proxy): Lookup finished for 'priv/quota/messages': found Nov 27 15:46:31 doveadm(h.user(a)example.com): Debug: dict(proxy): dict destroyed Nov 27 15:46:31 doveadm(h.user(a)example.com): Debug: dict(proxy): Waiting for dict to finish pending operations Nov 27 15:46:31 doveadm(h.user(a)example.com): Debug: dict(proxy): conn unix:/var/run/dovecot/dict (pid=1,uid=0): Disconnected: Connection closed (fd=10) Nov 27 15:46:31 doveadm(h.user(a)example.com): Debug: dict(proxy): dict destroyed Nov 27 15:46:31 doveadm(h.user(a)example.com): Debug: dict(proxy): Waiting for dict to finish pending operations Nov 27 15:46:31 doveadm(h.user(a)example.com): Debug: dict(proxy): conn unix:/var/run/dovecot/dict (pid=1,uid=0): Disconnected: Connection closed (fd=12) Nov 27 15:46:31 doveadm(h.user(a)example.com): Debug: dict(proxy): dict destroyed Quota name Type Value Limit % User Quota STORAGE 25 1024000 0 User Quota MESSAGE 25000 - 0 Domain Quota STORAGE 36 10240000 0 Domain Quota MESSAGE 36000 - 0 Nov 27 15:46:31 doveadm(401): Debug: auth-master: conn unix:/var/run/dovecot/director-userdb (pid=1,uid=0): Disconnected: Connection closed (fd=9) Dovecot version 2.3.16, 2.3.15, 2.3.13. in this example 2.3.13 (89f716dc2) bullseye - *correct behavior, select* Debug: Loading modules from directory: /usr/lib/dovecot/modules Debug: Module loaded: /usr/lib/dovecot/modules/lib01_acl_plugin.so Debug: Module loaded: /usr/lib/dovecot/modules/lib10_quota_plugin.so Debug: Module loaded: /usr/lib/dovecot/modules/lib20_mailbox_alias_plugin.so Debug: Loading modules from directory: /usr/lib/dovecot/modules/doveadm Debug: Module loaded: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_acl_plugin.so Debug: Skipping module doveadm_expire_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_expire_plugin.so: undefined symbol: expire_set_deinit (this is usually intentional, so just ignore this message) Debug: Module loaded: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_quota_plugin.so Debug: Module loaded: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_sieve_plugin.so Debug: Skipping module doveadm_fts_lucene_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib20_doveadm_fts_lucene_plugin.so: undefined symbol: lucene_index_iter_deinit (this is usually intentional, so just ignore this message) Debug: Skipping module doveadm_fts_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib20_doveadm_fts_plugin.so: undefined symbol: fts_user_get_language_list (this is usually intentional, so just ignore this message) Debug: Skipping module doveadm_mail_crypt_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/libdoveadm_mail_crypt_plugin.so: undefined symbol: mail_crypt_box_get_pvt_digests (this is usually intentional, so just ignore this message) doveadm(h.gorska(a)example.com)<93><>: Debug: auth-master: userdb lookup(h.user(a)example.com): Started userdb lookup doveadm(h.user(a)example.com)<93><>: Debug: auth-master: conn unix:/run/dovecot/director-userdb: Connecting doveadm(h.user(a)example.com)<93><>: Debug: auth-master: conn unix:/run/dovecot/director-userdb (pid=1,uid=0): Client connected (fd=9) doveadm(h.user(a)example.com)<93><>: Debug: auth-master: userdb lookup(h.user(a)example.com): auth USER input: h.user(a)example.com home=/home/mail/virtual/data05/example.com/h.user@example.com quota2_rule=*:bytes=10485760000 quota_rule=*:bytes=1048576000 doveadm(h.user(a)example.com)<93><>: Debug: auth-master: userdb lookup(h.user(a)example.com): Finished userdb lookup (username=h.user(a)example.com home=/home/mail/virtual/data05/example.com/h.user@example.com quota2_rule=*:bytes=10485760000 quota_rule=*:bytes=1048576000) doveadm(h.user(a)example.com)<93><>: Debug: Added userdb setting: plugin/quota2_rule=*:bytes=10485760000 doveadm(h.user(a)example.com)<93><>: Debug: Added userdb setting: plugin/quota_rule=*:bytes=1048576000 doveadm(h.user(a)example.com): Debug: Effective uid=101, gid=102, home=/home/mail/virtual/data05/example.com/h.user@example.com doveadm(h.user(a)example.com): Debug: Home dir not found: /home/mail/virtual/data05/example.com/h.user(a)example.com doveadm(h.user(a)example.com): Debug: Quota root: name=User Quota backend=dict args=:proxy::sqluserquota doveadm(h.user(a)example.com): Debug: Quota rule: root=User Quota mailbox=* bytes=1048576000 messages=0 doveadm(h.user(a)example.com): Debug: Quota warning: bytes=1048576000 (100%) messages=0 reverse=no command=quota-warning 100 h.user(a)example.com doveadm(h.user(a)example.com): Debug: Quota warning: bytes=996147200 (95%) messages=0 reverse=no command=quota-warning 95 h.user(a)example.com doveadm(h.user(a)example.com): Debug: Quota warning: bytes=943718400 (90%) messages=0 reverse=no command=quota-warning 90 h.user(a)example.com doveadm(h.user(a)example.com): Debug: Quota warning: bytes=891289600 (85%) messages=0 reverse=no command=quota-warning 85 h.user(a)example.com doveadm(h.user(a)example.com): Debug: Quota grace: root=User Quota bytes=104857600 (10%) doveadm(h.user(a)example.com): Debug: Quota root: name=Domain Quota backend=dict args=example.com:proxy::sqldomainquota doveadm(h.user(a)example.com): Debug: Quota rule: root=Domain Quota mailbox=* bytes=10485760000 messages=0 doveadm(h.user(a)example.com): Debug: Quota grace: root=Domain Quota bytes=1048576000 (10%) doveadm(h.user(a)example.com): Debug: quota-dict: user=h.user(a)example.com, uri=proxy::sqluserquota, noenforcing=0 doveadm(h.user(a)example.com): Debug: quota-dict: user=example.com, uri=proxy::sqldomainquota, noenforcing=0 doveadm(h.user(a)example.com): Debug: Namespace : type=private, prefix=, sep=/, inbox=yes, hidden=no, list=yes, subscriptions=yes location=maildir://home/mail/virtual/data05/example.com/h.user@example.com/… doveadm(h.user(a)example.com): Debug: maildir++: root=//home/mail/virtual/data05/example.com/h.user@example.com/Maildir, index=, indexpvt=, control=, inbox=//home/mail/virtual/data05/example.com/h.user@example.com/Maildir, alt= doveadm(h.user(a)example.com): Debug: acl: initiali|//**domain**//|varchar(255)|Nie| |bytes|bigint(20)|Nie|0 |messages|bigint(20)|Nie|0 == Dumping data for table used_domain_quota |h.user(a)example.com|36000|36000 |example.com|35000|35000zing backend with data: vfile doveadm(h.user(a)example.com): Debug: acl: acl username= h.user(a)example.com doveadm(h.user(a)example.com): Debug: acl: owner= 1 doveadm(h.user(a)example.com): Debug: acl vfile: Global ACLs disabled doveadm(h.user(a)example.com): Debug: Namespace : type=shared, prefix=Shared/%u/, sep=/, inbox=no, hidden=no, list=children, subscriptions=yes location=maildir:%Lh/Maildir/:INDEX=%Lh/Maildir/Shared/%u doveadm(h.user(a)example.com): Debug: shared: root=/run/dovecot, index=, indexpvt=, control=, inbox=, alt= doveadm(h.user(a)example.com): Debug: acl: initializing backend with data: vfile doveadm(h.user(a)example.com): Debug: acl: acl username= h.user(a)example.com doveadm(h.user(a)example.com): Debug: acl: owner= 0 doveadm(h.user(a)example.com): Debug: acl vfile: Global ACLs disabled doveadm(h.user(a)example.com): Debug: quota: quota_over_flag check: quota_over_script unset - skipping doveadm(h.user(a)example.com): Debug: quota: quota_over_flag check: quota2_over_script unset - skipping Quota name Type Value Limit % User Quota STORAGE 25 1024000 0 User Quota MESSAGE 25000 - 0 Domain Quota STORAGE 35 10240000 0 Domain Quota MESSAGE 35000 - 0 doveadm(h.user(a)example.com): Debug: auth-master: conn unix:/run/dovecot/director-userdb (pid=1,uid=0): Disconnected: Connection closed (fd=9) MYSQL catch logs Mysql catch log during doveadm quota get -u h.user(a)example.com, version 2.3.17+ 592 Query SELECT username AS user, CONCAT('/home/mail/virtual/',mailbox.storagenode,mailbox.maildir,username) AS home, CONCAT('*:bytes=', domain.maxquota*1048576) AS quota2_rule, CONCAT('*:bytes=', mailbox.quota*1048576) AS quota_rule FROM mailbox,domain WHERE username = 'h.user(a)example.com'AND mailbox.domain=domain.domain AND domain.active=1 AND mailbox.`enabledoveadm`=1 AND mailbox.active=1 593 Connect root(a)10.15.1.40 on postfix using TCP/IP 593 Query SELECT bytes FROM used_quota WHERE username = 'h.user(a)example.com' 593 Query SELECT messages FROM used_quota WHERE username = 'h.user(a)example.com' 594 Connect root(a)10.15.1.40 on postfix using TCP/IP 594 Query SELECT bytes FROM used_domain_quota WHERE domain = 'h.user(a)example.com' 594 Query SELECT messages FROM used_domain_quota WHERE domain = 'h.user(a)example.com' example SQL UPDATE, dovecot version 2.3.20 (80a5ac675d) alpine 3.18.4 - bad behavior # User@Host: user[user @ [192.168.254.176] # Thread_id: 58405753 Schema: postfix QC_hit: No # Query_time: 0.000294 Lock_time: 0.000104 Rows_sent: 0 Rows_examined: 1 # Rows_affected: 1 Bytes_sent: 52 # # explain: id select_type table type possible_keys key key_len ref rows r_rows filtered r_filtered Extra # explain: 1 SIMPLE used_domain_quota range PRIMARY PRIMARY 767 NULL 1 1.00 100.00 100.00 Using where # SET timestamp=1701103297; UPDATE used_domain_quota SET bytes=bytes+4359,messages=messages+1 WHERE domain = 'h.user(a)example.com'; example SQL UPDATE domain and user quota - *good behavior*, dovecot version 2.3.4.1 (f79e8e7e4), debian 10 # User@Host: postfix[postfix] @ [192.168.254.175] # Thread_id: 58406279 Schema: postfix QC_hit: No # Query_time: 0.000252 Lock_time: 0.000080 Rows_sent: 0 Rows_examined: 1 # Rows_affected: 1 Bytes_sent: 52 # # explain: id select_type table type possible_keys key key_len ref rows r_rows filtered r_filtered Extra # explain: 1 SIMPLE used_domain_quota range PRIMARY PRIMARY 767 NULL 1 1.00 100.00 100.00 Using where # SET timestamp=1701103048; UPDATE used_domain_quota SET bytes=bytes+11597,messages=messages+1 WHERE domain = 'example.com'; # User@Host: user[user] @ [192.168.254.175] # Thread_id: 58406274 Schema: postfix QC_hit: No # Query_time: 0.000247 Lock_time: 0.000076 Rows_sent: 0 Rows_examined: 1 # Rows_affected: 1 Bytes_sent: 52 # # explain: id select_type table type possible_keys key key_len ref rows r_rows filtered r_filtered Extra # explain: 1 SIMPLE used_quota range PRIMARY PRIMARY 767 NULL 1 1.00 100.00 100.00 Using where # SET timestamp=1701103048; UPDATE used_quota SET bytes=bytes+11597,messages=messages+1 WHERE username = 'h.user(a)example.com'; Hi, I notice that quota domain when using args %d in dictionary isn't honored in mysql during updates and selects when using dovecot 2.3.17+, so I moved my tests to docker environment, because I started using alpine linux and thought it could be musl library problem. I tested few versions with debian/alpine and after 2.3.17 updates and selects for domain in sql not using domain part, but user@domain. Maybe I missed some changes in configuration, maybe someone experience this behavior? User in logs was changed to h.user(a)example.com. ***** Configuration ***** as described in documentation quota = dict:<quota root name>:<username>[: <option>[...]]:<dictionary URI> where username could be %d for supporting domain-wide quotas quota = dict:user_quota::proxy::sqluserquota quota2 = dict:domain_quota:%d:proxy::sqldomainquota dict { acl = mysql:/etc/dovecot/dovecot-share-folder.conf sqldomainquota = mysql:/etc/dovecot/dovecot-dict-sql-domain.conf sqluserquota = mysql:/etc/dovecot/dovecot-dict-sql-user.conf } dovecot-dict-sql-domain.conf map { pattern = priv/quota/storage table = used_domain_quota username_field = domain value_field = bytes } map { pattern = priv/quota/messages table = used_domain_quota username_field = domain value_field = messages } dovecot-dict-sql-user.conf map { pattern = priv/quota/storage table = used_quota username_field = username value_field = bytes } map { pattern = priv/quota/messages table = used_quota username_field = username value_field = messages } Example dump sql table, in real environment with newer dovecot, there was only h.user(a)example.com and no domain record. In earlier versions of dovecot there was only domain in this table. |//**domain**//|varchar(255)|Nie| |bytes|bigint(20)|Nie|0 |messages|bigint(20)|Nie|0 == Dumping data for table used_domain_quota |h.user(a)example.com|36000|36000 |example.com|35000|35000 ***** Debug ***** **** Doveadm **** In both examples below debug args=example.com seems correct Dovecot version 2.3.17+, in this example debian 10 2.3.17 (e2aa53df5b), select with only username. root@cf801690360c:/# doveadm -D -v quota get -u h.user(a)example.com Debug: Loading modules from directory: /usr/lib/dovecot/modules/doveadm Debug: Skipping module doveadm_acl_plugin, because dlopen() failed: /usr/lib/ dovecot/modules/doveadm/lib10_doveadm_acl_plugin.so: undefined symbol: acl_user_module (this is usually intentional, so just ignore this message) Debug: Skipping module doveadm_quota_plugin, because dlopen() failed: /usr/lib/ dovecot/modules/doveadm/lib10_doveadm_quota_plugin.so: undefined symbol: quota_user_module (this is usually intentional, so just ignore this message) Debug: Module loaded: /usr/lib/dovecot/modules/doveadm/ lib10_doveadm_sieve_plugin.so Debug: Skipping module doveadm_fts_lucene_plugin, because dlopen() failed: / usr/lib/dovecot/modules/doveadm/lib20_doveadm_fts_lucene_plugin.so: undefined symbol: lucene_index_iter_deinit (this is usually intentional, so just ignore this message) Debug: Skipping module doveadm_fts_plugin, because dlopen() failed: /usr/lib/ dovecot/modules/doveadm/lib20_doveadm_fts_plugin.so: undefined symbol: fts_user_get_language_list (this is usually intentional, so just ignore this message) Debug: Skipping module doveadm_mail_crypt_plugin, because dlopen() failed: / usr/lib/dovecot/modules/doveadm/libdoveadm_mail_crypt_plugin.so: undefined symbol: mail_crypt_box_get_pvt_digests (this is usually intentional, so just ignore this message) Nov 27 15:46:31 Debug: Loading modules from directory: /usr/lib/dovecot/modules Nov 27 15:46:31 Debug: Module loaded: /usr/lib/dovecot/modules/ lib01_acl_plugin.so Nov 27 15:46:31 Debug: Module loaded: /usr/lib/dovecot/modules/ lib10_quota_plugin.so Nov 27 15:46:31 Debug: Module loaded: /usr/lib/dovecot/modules/ lib20_mailbox_alias_plugin.so Nov 27 15:46:31 Debug: Loading modules from directory: /usr/lib/dovecot/ modules/doveadm Nov 27 15:46:31 Debug: Module loaded: /usr/lib/dovecot/modules/doveadm/ lib10_doveadm_acl_plugin.so Nov 27 15:46:31 Debug: Module loaded: /usr/lib/dovecot/modules/doveadm/ lib10_doveadm_quota_plugin.so Nov 27 15:46:31 Debug: Skipping module doveadm_fts_lucene_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/ lib20_doveadm_fts_lucene_plugin.so: undefined symbol: lucene_index_iter_deinit (this is usually intentional, so just ignore this message) Nov 27 15:46:31 Debug: Skipping module doveadm_fts_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib20_doveadm_fts_plugin.so: undefined symbol: fts_user_get_language_list (this is usually intentional, so just ignore this message) Nov 27 15:46:31 Debug: Skipping module doveadm_mail_crypt_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/ libdoveadm_mail_crypt_plugin.so: undefined symbol: mail_crypt_box_get_pvt_digests (this is usually intentional, so just ignore this message) Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><>: Debug: auth-master: userdb lookup(h.user(a)example.com): Started userdb lookup Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><>: Debug: auth-master: conn unix:/var/run/dovecot/director-userdb: Connecting Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><>: Debug: auth-master: conn unix:/var/run/dovecot/director-userdb (pid=1,uid=0): Client connected (fd=9) Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><>: Debug: auth-master: userdb lookup(h.user(a)example.com): auth USER input: h.user(a)example.com home=/home/ mail/virtual/data05/example.com/h.user@example.com quota2_rule=*: bytes=10485760000 quota_rule=*:bytes=1048576000 Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><>: Debug: auth-master: userdb lookup(h.user(a)example.com): Finished userdb lookup (username=h.user(a)example.com home=/home/mail/virtual/data05/example.com/h.user@example.com quota2_rule=*: bytes=10485760000 quota_rule=*:bytes=1048576000) Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><>: Debug: Added userdb setting: plugin/quota2_rule=*:bytes=10485760000 Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><>: Debug: Added userdb setting: plugin/quota_rule=*:bytes=1048576000 Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><4l0XONe5ZGWRAQAAQCEzFg>: Debug: Effective uid=101, gid=101, home=/home/mail/virtual/data05/example.com/ h.user(a)example.com Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><4l0XONe5ZGWRAQAAQCEzFg>: Debug: Home dir not found: /home/mail/virtual/data05/example.com/ h.user(a)example.com Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><4l0XONe5ZGWRAQAAQCEzFg>: Debug: dict(proxy): dict created (uri=proxy::acl, base_dir=/var/run/dovecot) Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><4l0XONe5ZGWRAQAAQCEzFg>: Debug: Quota root: name=User Quota backend=dict args=:proxy::sqluserquota Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><4l0XONe5ZGWRAQAAQCEzFg>: Debug: Quota rule: root=User Quota mailbox=* bytes=1048576000 messages=0 Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><4l0XONe5ZGWRAQAAQCEzFg>: Debug: Quota warning: bytes=1048576000 (100%) messages=0 reverse=no command=quota-warning 100 h.user(a)example.com Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><4l0XONe5ZGWRAQAAQCEzFg>: Debug: Quota warning: bytes=996147200 (95%) messages=0 reverse=no command=quota-warning 95 h.user(a)example.com Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><4l0XONe5ZGWRAQAAQCEzFg>: Debug: Quota warning: bytes=943718400 (90%) messages=0 reverse=no command=quota-warning 90 h.user(a)example.com Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><4l0XONe5ZGWRAQAAQCEzFg>: Debug: Quota warning: bytes=891289600 (85%) messages=0 reverse=no command=quota-warning 85 h.user(a)example.com Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><4l0XONe5ZGWRAQAAQCEzFg>: Debug: Quota grace: root=User Quota bytes=104857600 (10%) Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><4l0XONe5ZGWRAQAAQCEzFg>: Debug: Quota root: name=Domain Quota backend=dict args=example.com:proxy:: sqldomainquota Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><4l0XONe5ZGWRAQAAQCEzFg>: Debug: Quota rule: root=Domain Quota mailbox=* bytes=10485760000 messages=0 Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><4l0XONe5ZGWRAQAAQCEzFg>: Debug: Quota grace: root=Domain Quota bytes=1048576000 (10%) Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><4l0XONe5ZGWRAQAAQCEzFg>: Debug: quota-dict: user=h.user(a)example.com, uri=proxy::sqluserquota, noenforcing=0 Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><4l0XONe5ZGWRAQAAQCEzFg>: Debug: dict(proxy): dict created (uri=proxy::sqluserquota, base_dir=/var/run/ dovecot) Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><4l0XONe5ZGWRAQAAQCEzFg>: Debug: quota-dict: user=example.com, uri=proxy::sqldomainquota, noenforcing=0 Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><4l0XONe5ZGWRAQAAQCEzFg>: Debug: dict(proxy): dict created (uri=proxy::sqldomainquota, base_dir=/var/run/ dovecot) Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><4l0XONe5ZGWRAQAAQCEzFg>: Debug: Namespace : type=private, prefix=, sep=/, inbox=yes, hidden=no, list=yes, subscriptions=yes location=maildir://home/mail/virtual/data05/ example.com/h.user@example.com/Maildir/:INDEX=//home/mail/virtual/data05/ example.com/h.user@example.com/Maildir/ Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><4l0XONe5ZGWRAQAAQCEzFg>: Debug: maildir++: root=//home/mail/virtual/data05/example.com/ h.user(a)example.com/Maildir, index=, indexpvt=, control=, inbox=//home/mail/ virtual/data05/example.com/h.user@example.com/Maildir, alt= Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><4l0XONe5ZGWRAQAAQCEzFg>: Debug: acl: initializing backend with data: vfile Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><4l0XONe5ZGWRAQAAQCEzFg>: Debug: acl: acl username = h.user(a)example.com Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><4l0XONe5ZGWRAQAAQCEzFg>: Debug: acl: owner = 1 Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><4l0XONe5ZGWRAQAAQCEzFg>: Debug: acl vfile: Global ACLs disabled Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><4l0XONe5ZGWRAQAAQCEzFg>: Debug: Namespace : type=shared, prefix=Shared/%u/, sep=/, inbox=no, hidden=no, list=children, subscriptions=yes location=maildir:%Lh/Maildir/:INDEX=%Lh/ Maildir/Shared/%u Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><4l0XONe5ZGWRAQAAQCEzFg>: Debug: shared: root=/var/run/dovecot, index=, indexpvt=, control=, inbox=, alt= Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><4l0XONe5ZGWRAQAAQCEzFg>: Debug: acl: initializing backend with data: vfile Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><4l0XONe5ZGWRAQAAQCEzFg>: Debug: acl: acl username = h.user(a)example.com Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><4l0XONe5ZGWRAQAAQCEzFg>: Debug: acl: owner = 0 Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><4l0XONe5ZGWRAQAAQCEzFg>: Debug: acl vfile: Global ACLs disabled Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><4l0XONe5ZGWRAQAAQCEzFg>: Debug: quota: quota_over_flag check: quota_over_script unset - skipping Nov 27 15:46:31 doveadm(h.user(a)example.com)<401><4l0XONe5ZGWRAQAAQCEzFg>: Debug: quota: quota_over_flag check: quota2_over_script unset - skipping Nov 27 15:46:31 doveadm(h.user(a)example.com): Debug: dict(proxy): Looking up 'priv/quota/storage' Nov 27 15:46:31 doveadm(h.user(a)example.com): Debug: dict(proxy): Looking up (async) 'priv/quota/storage' Nov 27 15:46:31 doveadm(h.user(a)example.com): Debug: dict(proxy): conn unix:/ var/run/dovecot/dict: Connecting Nov 27 15:46:31 doveadm(h.user(a)example.com): Debug: dict(proxy): conn unix:/ var/run/dovecot/dict (pid=1,uid=0): Client connected (fd=10) Nov 27 15:46:31 doveadm(h.user(a)example.com): Debug: dict(proxy): Lookup finished for 'priv/quota/storage': found Nov 27 15:46:31 doveadm(h.user(a)example.com): Debug: dict(proxy): Lookup finished for 'priv/quota/storage': found Nov 27 15:46:31 doveadm(h.user(a)example.com): Debug: dict(proxy): Looking up 'priv/quota/messages' Nov 27 15:46:31 doveadm(h.user(a)example.com): Debug: dict(proxy): Looking up (async) 'priv/quota/messages' Nov 27 15:46:31 doveadm(h.user(a)example.com): Debug: dict(proxy): Lookup finished for 'priv/quota/messages': found Nov 27 15:46:31 doveadm(h.user(a)example.com): Debug: dict(proxy): Lookup finished for 'priv/quota/messages': found Nov 27 15:46:31 doveadm(h.user(a)example.com): Debug: dict(proxy): Looking up 'priv/quota/storage' Nov 27 15:46:31 doveadm(h.user(a)example.com): Debug: dict(proxy): Looking up (async) 'priv/quota/storage' Nov 27 15:46:31 doveadm(h.user(a)example.com): Debug: dict(proxy): conn unix:/ var/run/dovecot/dict: Connecting Nov 27 15:46:31 doveadm(h.user(a)example.com): Debug: dict(proxy): conn unix:/ var/run/dovecot/dict (pid=1,uid=0): Client connected (fd=12) Nov 27 15:46:31 doveadm(h.user(a)example.com): Debug: dict(proxy): Lookup finished for 'priv/quota/storage': found Nov 27 15:46:31 doveadm(h.user(a)example.com): Debug: dict(proxy): Lookup finished for 'priv/quota/storage': found Nov 27 15:46:31 doveadm(h.user(a)example.com): Debug: dict(proxy): Looking up 'priv/quota/messages' Nov 27 15:46:31 doveadm(h.user(a)example.com): Debug: dict(proxy): Looking up (async) 'priv/quota/messages' Nov 27 15:46:31 doveadm(h.user(a)example.com): Debug: dict(proxy): Lookup finished for 'priv/quota/messages': found Nov 27 15:46:31 doveadm(h.user(a)example.com): Debug: dict(proxy): Lookup finished for 'priv/quota/messages': found Nov 27 15:46:31 doveadm(h.user(a)example.com): Debug: dict(proxy): dict destroyed Nov 27 15:46:31 doveadm(h.user(a)example.com): Debug: dict(proxy): Waiting for dict to finish pending operations Nov 27 15:46:31 doveadm(h.user(a)example.com): Debug: dict(proxy): conn unix:/ var/run/dovecot/dict (pid=1,uid=0): Disconnected: Connection closed (fd=10) Nov 27 15:46:31 doveadm(h.user(a)example.com): Debug: dict(proxy): dict destroyed Nov 27 15:46:31 doveadm(h.user(a)example.com): Debug: dict(proxy): Waiting for dict to finish pending operations Nov 27 15:46:31 doveadm(h.user(a)example.com): Debug: dict(proxy): conn unix:/ var/run/dovecot/dict (pid=1,uid=0): Disconnected: Connection closed (fd=12) Nov 27 15:46:31 doveadm(h.user(a)example.com): Debug: dict(proxy): dict destroyed Quota name Type Value Limit % User Quota STORAGE 25 1024000 0 User Quota MESSAGE 25000 - 0 Domain Quota STORAGE 36 10240000 0 Domain Quota MESSAGE 36000 - 0 Nov 27 15:46:31 doveadm(401): Debug: auth-master: conn unix:/var/run/dovecot/ director-userdb (pid=1,uid=0): Disconnected: Connection closed (fd=9) Dovecot version 2.3.16, 2.3.15, 2.3.13. in this example 2.3.13 (89f716dc2) bullseye - correct behavior, select Debug: Loading modules from directory: /usr/lib/dovecot/modules Debug: Module loaded: /usr/lib/dovecot/modules/lib01_acl_plugin.so Debug: Module loaded: /usr/lib/dovecot/modules/lib10_quota_plugin.so Debug: Module loaded: /usr/lib/dovecot/modules/lib20_mailbox_alias_plugin.so Debug: Loading modules from directory: /usr/lib/dovecot/modules/doveadm Debug: Module loaded: /usr/lib/dovecot/modules/doveadm/ lib10_doveadm_acl_plugin.so Debug: Skipping module doveadm_expire_plugin, because dlopen() failed: /usr/ lib/dovecot/modules/doveadm/lib10_doveadm_expire_plugin.so: undefined symbol: expire_set_deinit (this is usually intentional, so just ignore this message) Debug: Module loaded: /usr/lib/dovecot/modules/doveadm/ lib10_doveadm_quota_plugin.so Debug: Module loaded: /usr/lib/dovecot/modules/doveadm/ lib10_doveadm_sieve_plugin.so Debug: Skipping module doveadm_fts_lucene_plugin, because dlopen() failed: / usr/lib/dovecot/modules/doveadm/lib20_doveadm_fts_lucene_plugin.so: undefined symbol: lucene_index_iter_deinit (this is usually intentional, so just ignore this message) Debug: Skipping module doveadm_fts_plugin, because dlopen() failed: /usr/lib/ dovecot/modules/doveadm/lib20_doveadm_fts_plugin.so: undefined symbol: fts_user_get_language_list (this is usually intentional, so just ignore this message) Debug: Skipping module doveadm_mail_crypt_plugin, because dlopen() failed: / usr/lib/dovecot/modules/doveadm/libdoveadm_mail_crypt_plugin.so: undefined symbol: mail_crypt_box_get_pvt_digests (this is usually intentional, so just ignore this message) doveadm(h.gorska(a)example.com)<93><>: Debug: auth-master: userdb lookup (h.user(a)example.com) Started userdb lookup doveadm(h.user(a)example.com)<93><>: Debug: auth-master: conn unix:/run/dovecot/ director-userdb: Connecting doveadm(h.user(a)example.com)<93><>: Debug: auth-master: conn unix:/run/dovecot/ director-userdb (pid=1,uid=0): Client connected (fd=9) doveadm(h.user(a)example.com)<93><>: Debug: auth-master: userdb lookup (h.user(a)example.com) auth USER input: h.user(a)example.com home=/home/mail/ virtual/data05/example.com/h.user@example.com quota2_rule=*:bytes=10485760000 quota_rule=*:bytes=1048576000 doveadm(h.user(a)example.com)<93><>: Debug: auth-master: userdb lookup (h.user(a)example.com) Finished userdb lookup (username=h.user(a)example.com home=/home/mail/virtual/data05/example.com/h.user@example.com quota2_rule=*: bytes=10485760000 quota_rule=*:bytes=1048576000) doveadm(h.user(a)example.com)<93><>: Debug: Added userdb setting: plugin/ quota2_rule=*:bytes=10485760000 doveadm(h.user(a)example.com)<93><>: Debug: Added userdb setting: plugin/ quota_rule=*:bytes=1048576000 doveadm(h.user(a)example.com): Debug: Effective uid=101, gid=102, home=/home/ mail/virtual/data05/example.com/h.user@example.com doveadm(h.user(a)example.com): Debug: Home dir not found: /home/mail/virtual/ data05/example.com/h.user@example.com doveadm(h.user(a)example.com): Debug: Quota root: name=User Quota backend=dict args=:proxy::sqluserquota doveadm(h.user(a)example.com): Debug: Quota rule: root=User Quota mailbox=* bytes=1048576000 messages=0 doveadm(h.user(a)example.com): Debug: Quota warning: bytes=1048576000 (100%) messages=0 reverse=no command=quota-warning 100 h.user(a)example.com doveadm(h.user(a)example.com): Debug: Quota warning: bytes=996147200 (95%) messages=0 reverse=no command=quota-warning 95 h.user(a)example.com doveadm(h.user(a)example.com): Debug: Quota warning: bytes=943718400 (90%) messages=0 reverse=no command=quota-warning 90 h.user(a)example.com doveadm(h.user(a)example.com): Debug: Quota warning: bytes=891289600 (85%) messages=0 reverse=no command=quota-warning 85 h.user(a)example.com doveadm(h.user(a)example.com): Debug: Quota grace: root=User Quota bytes=104857600 (10%) doveadm(h.user(a)example.com): Debug: Quota root: name=Domain Quota backend=dict args=example.com:proxy::sqldomainquota doveadm(h.user(a)example.com): Debug: Quota rule: root=Domain Quota mailbox=* bytes=10485760000 messages=0 doveadm(h.user(a)example.com): Debug: Quota grace: root=Domain Quota bytes=1048576000 (10%) doveadm(h.user(a)example.com): Debug: quota-dict: user=h.user(a)example.com, uri=proxy::sqluserquota, noenforcing=0 doveadm(h.user(a)example.com): Debug: quota-dict: user=example.com, uri=proxy:: sqldomainquota, noenforcing=0 doveadm(h.user(a)example.com): Debug: Namespace : type=private, prefix=, sep=/, inbox=yes, hidden=no, list=yes, subscriptions=yes location=maildir://home/mail/ virtual/data05/example.com/h.user@example.com/Maildir/:INDEX=//home/mail/ virtual/data05/example.com/h.user@example.com/Maildir/ doveadm(h.user(a)example.com): Debug: maildir++: root=//home/mail/virtual/data05/ example.com/h.user@example.com/Maildir, index=, indexpvt=, control=, inbox=// home/mail/virtual/data05/example.com/h.user@example.com/Maildir, alt= doveadm(h.user(a)example.com): Debug: acl: initiali|//**domain**//|varchar (255)|Nie| |bytes|bigint(20)|Nie|0 |messages|bigint(20)|Nie|0 == Dumping data for table used_domain_quota |h.user(a)example.com|36000|36000 |example.com|35000|35000zing backend with data: vfile doveadm(h.user(a)example.com): Debug: acl: acl username = h.user(a)example.com doveadm(h.user(a)example.com): Debug: acl: owner = 1 doveadm(h.user(a)example.com): Debug: acl vfile: Global ACLs disabled doveadm(h.user(a)example.com): Debug: Namespace : type=shared, prefix=Shared/%u/, sep=/, inbox=no, hidden=no, list=children, subscriptions=yes location=maildir: %Lh/Maildir/:INDEX=%Lh/Maildir/Shared/%u doveadm(h.user(a)example.com): Debug: shared: root=/run/dovecot, index=, indexpvt=, control=, inbox=, alt= doveadm(h.user(a)example.com): Debug: acl: initializing backend with data: vfile doveadm(h.user(a)example.com): Debug: acl: acl username = h.user(a)example.com doveadm(h.user(a)example.com): Debug: acl: owner = 0 doveadm(h.user(a)example.com): Debug: acl vfile: Global ACLs disabled doveadm(h.user(a)example.com): Debug: quota: quota_over_flag check: quota_over_script unset - skipping doveadm(h.user(a)example.com): Debug: quota: quota_over_flag check: quota2_over_script unset - skipping Quota name Type Value Limit % User Quota STORAGE 25 1024000 0 User Quota MESSAGE 25000 - 0 Domain Quota STORAGE 35 10240000 0 Domain Quota MESSAGE 35000 - 0 doveadm(h.user(a)example.com): Debug: auth-master: conn unix:/run/dovecot/ director-userdb (pid=1,uid=0): Disconnected: Connection closed (fd=9) **** MYSQL catch logs **** Mysql catch log during doveadm quota get -u h.user(a)example.com, version 2.3.17+ 592 Query SELECT username AS user, CONCAT('/home/mail/virtual/ ',mailbox.storagenode,mailbox.maildir,username) AS home, CONCAT('*:bytes=', domain.maxquota*1048576) AS quota2_rule, CONCAT('*:bytes=', mailbox.quota*1048576) AS quota_rule FROM mailbox,domain WHERE username = 'h.user(a)example.com' AND mailbox.domain=domain.domain AND domain.active=1 AND mailbox.`enabledoveadm`=1 AND mailbox.active=1 593 Connect root(a)10.15.1.40 on postfix using TCP/IP 593 Query SELECT bytes FROM used_quota WHERE username = 'h.user(a)example.com' 593 Query SELECT messages FROM used_quota WHERE username = 'h.user(a)example.com' 594 Connect root(a)10.15.1.40 on postfix using TCP/IP 594 Query SELECT bytes FROM used_domain_quota WHERE domain = 'h.user(a)example.com' 594 Query SELECT messages FROM used_domain_quota WHERE domain = 'h.user(a)example.com' example SQL UPDATE, dovecot version 2.3.20 (80a5ac675d) alpine 3.18.4 - bad behavior # User@Host: user[user @ [192.168.254.176] # Thread_id: 58405753 Schema: postfix QC_hit: No # Query_time: 0.000294 Lock_time: 0.000104 Rows_sent: 0 Rows_examined: 1 # Rows_affected: 1 Bytes_sent: 52 # # explain: id select_type table type possible_keys key key_len ref rows r_rows filtered r_filtered Extra # explain: 1 SIMPLE used_domain_quota range PRIMARY PRIMARY 767 NULL 1 1.00 100.00 100.00 Using where # SET timestamp=1701103297; UPDATE used_domain_quota SET bytes=bytes+4359,messages=messages+1 WHERE domain = 'h.user(a)example.com'; example SQL UPDATE domain and user quota - good behavior, dovecot version 2.3.4.1 (f79e8e7e4), debian 10 # User@Host: postfix[postfix] @ [192.168.254.175] # Thread_id: 58406279 Schema: postfix QC_hit: No # Query_time: 0.000252 Lock_time: 0.000080 Rows_sent: 0 Rows_examined: 1 # Rows_affected: 1 Bytes_sent: 52 # # explain: id select_type table type possible_keys key key_len ref rows r_rows filtered r_filtered Extra # explain: 1 SIMPLE used_domain_quota range PRIMARY PRIMARY 767 NULL 1 1.00 100.00 100.00 Using where # SET timestamp=1701103048; UPDATE used_domain_quota SET bytes=bytes+11597,messages=messages+1 WHERE domain = 'example.com'; # User@Host: user[user] @ [192.168.254.175] # Thread_id: 58406274 Schema: postfix QC_hit: No # Query_time: 0.000247 Lock_time: 0.000076 Rows_sent: 0 Rows_examined: 1 # Rows_affected: 1 Bytes_sent: 52 # # explain: id select_type table type possible_keys key key_len ref rows r_rows filtered r_filtered Extra # explain: 1 SIMPLE used_quota range PRIMARY PRIMARY 767 NULL 1 1.00 100.00 100.00 Using where # SET timestamp=1701103048; UPDATE used_quota SET bytes=bytes+11597,messages=messages+1 WHERE username = 'h.user(a)example.com';

3 3

[auth] epoll_ctl(add, 13) failed: Operation not permitted (fd doesn't support epoll)
by Alexander Vogt 05 Jul '24

05 Jul '24

Hi all, dovecot auth service is failing when using an inet_service. The configuration is essentially: service auth { inet_listener { address = * port = 12345 } unix_listener auth-userdb { group = vmail mode = 0666 user = vmail } } When I connect to port 12345 (real IMAP client or telnet doesn't make a difference), the auth service crashes. Nov 19 22:21:54 imap.linexus.de dovecot[7195]: auth: Panic: epoll_ctl(add, 13) failed: Operation not permitted (fd doesn't support epoll) Nov 19 22:21:54 imap.linexus.de dovecot[7195]: auth: Error: Raw backtrace: /usr/lib64/dovecot/libdovecot.so.0(backtrace_append+0x46) [0x7f9319f89486] -> /usr/lib64/dovecot/libdovecot.so.0(backtrace_get+0x22) [0x7f9319f895a2] -> /usr/lib64/dovecot/libdovecot.so.0(+0x10a41b) [0x7f9319f9841b] -> /usr/lib64/dovecot/libdovecot.so.0(+0x10a4b7) [0x7f9319f984b7] -> /usr/lib64/dovecot/libdovecot.so.0(+0x5d11a) [0x7f9319eeb11a] -> /usr/lib64/dovecot/libdovecot.so.0(+0x609b0) [0x7f9319eee9b0] -> /usr/lib64/dovecot/libdovecot.so.0(+0x1215ba) [0x7f9319faf5ba] -> /usr/lib64/dovecot/libdovecot.so.0(io_add_to+0x1d) [0x7f9319faf62d] -> /usr/lib64/dovecot/libdovecot.so.0(io_add+0x28) [0x7f9319faf668] -> /usr/lib64/dovecot/libdovecot.so.0(master_service_io_listeners_add+0x8a ) [0x7f9319f1d16a] -> /usr/lib64/dovecot/libdovecot.so.0(master_service_init_finish+0xff) [0x7f9319f24bdf] -> dovecot/auth(main+0x389) [0x55745603a4f9] -> /lib64/libc.so.6(+0x3feb0) [0x7f931963feb0] -> /lib64/libc.so.6(__libc_start_main+0x80) [0x7f931963ff60] -> dovecot/auth(_start+0x25) [0x55745603a715] System info (sysreport attached): # 2.3.16 (7e2e900c1a): /etc/dovecot/dovecot.conf # Pigeonhole version 0.5.16 (09c29328) # OS: Linux 5.14.0-383.el9.x86_64 x86_64 CentOS Stream release 9 This exact configuration is known to work on this system: # 2.2.33.2 (d6601f4ec): /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.21 (92477967) I tried for almost two hours to get a core dump for this, but finally gave up. I followed https://www.dovecot.org/bugreport-mail/#coredumps and other sources but the best I could get was Nov 19 22:21:54 imap.linexus.de dovecot[7195]: auth: Fatal: master: service(auth): child 7198 killed with signal 6 (core not dumped - https://dovecot.org/bugreport.html#coredumps - core wasn't writable?) for cat /proc/sys/kernel/core_pattern /tmp/core.%e.%p (which is 1777). Any help to get this resolved would be much appreciated! Thanks and best regards Alex

3 5

Error: fts_solr: received invalid uid
by oliver.krone＠snoog.ch 04 Jul '24

04 Jul '24

I'm using dovecot 2.3.13, solr 8.x. and roundcube 1.5.1. However when I do a search I get the the Error: fts_solr: received invalid uid, search results are ok. Thanks

5 4

IMAPSieve plugin will not run rspamd script
by postfix_dovecot＠gmx.de 02 Jul '24

02 Jul '24

Host: VMware Workstation 14.1.8 OS: Debian 12 (Bookworm) Dovecot: 2.3.19.1 Postfix: 3.7.10 Mailclient: Outlook 2016 Hello, I am currently working on a new mail server to replace my Debian 10 mail server. For preparation, I use VMware Workstation to learn and test the installation steps. When I'm eventually done, I'll rebuild my root server from scratch. This time, my problem is getting the IMAPSieve plugin working to trigger rspamd if mail gets moved to the junk folder. Sieve runs well – if rspam recognizes a spam mail, it will be transferred to the junk folder. For me it looks like the IMAPSieve plugin recognizes the move but will not running the script behind. I can see some actions in the log but nothing happens on the rspamd side where the log is also open to view. Moving a mail with Outlook produces the following log entry: imap(mail(a)test.example)<1797><a/FKmgIcqKvAqB4a>: Debug: Module loaded: /usr/lib/dovecot/modules/lib95_imap_sieve_plugin.so imap(mail(a)test.example)<1797><a/FKmgIcqKvAqB4a>: Debug: imapsieve: mailbox INBOX/Spam: APPEND event imap(mail(a)test.example)<1797><a/FKmgIcqKvAqB4a>: Debug: sieve: Pigeonhole version 0.5.19 (4eae2f79) initializing imap(mail(a)test.example)<1797><a/FKmgIcqKvAqB4a>: Debug: sieve: include: sieve_global is not set; it is currently not possible to include `:global' scripts. imap(mail(a)test.example)<1797><a/FKmgIcqKvAqB4a>: Debug: sieve: Sieve imapsieve plugin for Pigeonhole version 0.5.19 (4eae2f79) loaded imap(mail(a)test.example)<1797><a/FKmgIcqKvAqB4a>: Debug: sieve: Sieve Extprograms plugin for Pigeonhole version 0.5.19 (4eae2f79) loaded imap(mail(a)test.example)<1797><a/FKmgIcqKvAqB4a>: Debug: imapsieve: Static mailbox rule [1]: mailbox=`Spam' from=`*' causes=(COPY APPEND) => before=`file:/usr/lib/dovecot/sieve/report-spam.sieve' after=(none) imap(mail(a)test.example)<1797><a/FKmgIcqKvAqB4a>: Debug: imapsieve: Static mailbox rule [2]: mailbox=`*' from=`Spam' causes=(COPY APPEND) => before=`file:/usr/lib/dovecot/sieve/report-ham.sieve' after=(none) imap(mail(a)test.example)<1795><iC6JmQIcnqvAqB4a>: Debug: imapsieve: mailbox INBOX: FLAG event (changed flags: \Deleted) imap(mail(a)test.example)<1795><iC6JmQIcnqvAqB4a>: Debug: sieve: Pigeonhole version 0.5.19 (4eae2f79) initializing imap(mail(a)test.example)<1795><iC6JmQIcnqvAqB4a>: Debug: sieve: include: sieve_global is not set; it is currently not possible to include `:global' scripts. imap(mail(a)test.example)<1795><iC6JmQIcnqvAqB4a>: Debug: sieve: Sieve imapsieve plugin for Pigeonhole version 0.5.19 (4eae2f79) loaded imap(mail(a)test.example)<1795><iC6JmQIcnqvAqB4a>: Debug: sieve: Sieve Extprograms plugin for Pigeonhole version 0.5.19 (4eae2f79) loaded imap(mail(a)test.example)<1795><iC6JmQIcnqvAqB4a>: Debug: imapsieve: Static mailbox rule [1]: mailbox=`Spam' from=`*' causes=(COPY APPEND) => before=`file:/usr/lib/dovecot/sieve/report-spam.sieve' after=(none) imap(mail(a)test.example)<1795><iC6JmQIcnqvAqB4a>: Debug: imapsieve: Static mailbox rule [2]: mailbox=`*' from=`Spam' causes=(COPY APPEND) => before=`file:/usr/lib/dovecot/sieve/report-ham.sieve' after=(none) imap(mail(a)test.example)<1795><iC6JmQIcnqvAqB4a>: Debug: imapsieve: mailbox INBOX: FLAG event (changed flags: \Seen) My /etc/dovecot/local.conf looks like this: ## dovecot.conf # Mailuser im Log mit Namen darstellen verbose_proctitle = yes protocols = imap lmtp sieve ## 10-auth.conf # Disable LOGIN command and all other plaintext authentications unless # SSL/TLS is used (LOGINDISABLED capability). Note that if the remote IP # matches the local IP (ie. you're connecting from the same computer), the # connection is considered secure and plaintext authentication is allowed. # See also ssl=required setting. disable_plaintext_auth = yes # Space separated list of wanted authentication mechanisms: # plain login digest-md5 cram-md5 ntlm rpa apop anonymous gssapi otp # gss-spnego # NOTE: See also disable_plaintext_auth setting. auth_mechanisms = plain login # Username formatting before it's looked up from databases. You can use # the standard variables here, eg. %Lu would lowercase the username, %n would # drop away the domain if it was given, or "%n-AT-%d" would change the '@' into # "-AT-". This translation is done after auth_username_translation changes. auth_username_format = %Lu ## ## Password and user databases ## # # Password database is used to verify user's password (and nothing more). # You can have multiple passdbs and userdbs. This is useful if you want to # allow both system users (/etc/passwd) and virtual users to login without # duplicating the system users into virtual database. # # <doc/wiki/PasswordDatabase.txt> # # User database specifies where mails are located and what user/group IDs # own them. For single-UID configuration use "static" userdb. # # <doc/wiki/UserDatabase.txt> #!include conf.d/auth-deny.conf.ext #!include conf.d/auth-master.conf.ext #!include conf.d/auth-system.conf.ext #!include conf.d/auth-sql.conf.ext #!include conf.d/auth-ldap.conf.ext !include conf.d/auth-passwdfile.conf.ext #!include conf.d/auth-checkpassword.conf.ext #!include conf.d/auth-static.conf.ext ## 10-director.conf ## 10-logging.conf # Loglevel festelegen auth_verbose = no auth_debug = no mail_debug = yes ## 10-mail.conf # Format der Mailbox ändern mail_location = maildir:~/Maildir namespace inbox { # Namespace type: private, shared or public type = private # Hierarchy separator to use. You should use the same separator for all # namespaces or some clients get confused. '/' is usually a good one. # The default however depends on the underlying mail storage format. separator = / # Prefix required to access this namespace. This needs to be different for # all namespaces. For example "Public/". prefix = INBOX/ # Physical location of the mailbox. This is in same format as # mail_location, which is also the default for it. location = # There can be only one INBOX, and this setting defines which namespace # has it. inbox = yes # If namespace is hidden, it's not advertised to clients via NAMESPACE # extension. You'll most likely also want to set list=no. This is mostly # useful when converting from another server with different namespaces which # you want to deprecate but still keep working. For example you can create # hidden namespaces with prefixes "~/mail/", "~%u/mail/" and "mail/". hidden = no # If namespace namespace/location fails to load, by default the entire # session will fail to start. If this is set, this namespace will be ignored # instead. ignore_on_failure = no # Show the mailboxes under this namespace with LIST command. This makes the # namespace visible for clients that don't support NAMESPACE extension. # "children" value lists child mailboxes, but hides the namespace prefix. list = yes # Namespace handles its own subscriptions. If set to "no", the parent # namespace handles them (empty prefix should always have this as "yes") subscriptions = yes # See 15-mailboxes.conf for definitions of special mailboxes. } ## 10-master.conf service lmtp { inet_listener lmtp { address = 127.0.0.1 ::1 port = 24 } } service auth { # auth_socket_path points to this userdb socket by default. It's typically # used by dovecot-lda, doveadm, possibly imap process, etc. Users that have # full permissions to this socket are able to get a list of all usernames and # get the results of everyone's userdb lookups. # # The default 0666 mode allows anyone to connect to the socket, but the # userdb lookups will succeed only if the userdb returns an "uid" field that # matches the caller process's UID. Also if caller's uid or gid matches the # socket's uid or gid the lookup succeeds. Anything else causes a failure. # # To give the caller full permissions to lookup all users, set the mode to # something else than 0666 and Dovecot lets the kernel enforce the # permissions (e.g. 0777 allows everyone full permissions). unix_listener auth-userdb { #mode = 0666 #user = #group = } # Postfix smtp-auth unix_listener /var/spool/postfix/private/auth { mode = 0666 } # Auth process is run as this user. #user = $default_internal_user } ## 10-ssl.conf ## 10-tcpwrapper.conf ## 15-lda.conf ## 15-mailboxes.conf namespace inbox { inbox = yes mailbox Spam { auto = subscribe special_use = \Junk } mailbox Trash { auto = subscribe special_use = \Trash } mailbox Drafts { auto = subscribe special_use = \Drafts } mailbox Sent { auto = subscribe special_use = \Sent } } ## 20-imap.conf protocol imap { # Space separated list of plugins to load (default is global mail_plugins). mail_plugins = $mail_plugins imap_sieve } ## 20-lmtp.conf protocol lmtp { # Space separated list of plugins to load (default is global mail_plugins). mail_plugins = $mail_plugins sieve } ## 20-managesieve.conf ## 90-acl.conf ## 90-plugin.conf ## 90-quota.conf ## 90-sieve.conf plugin { sieve_before = /etc/dovecot/conf.d/custom-sieve/global_before.sieve sieve_after = /etc/dovecot/conf.d/custom-sieve/global_after.sieve sieve_plugins = sieve_imapsieve sieve_extprograms # From elsewhere to Spam folder imapsieve_mailbox1_name = Spam imapsieve_mailbox1_causes = COPY APPEND imapsieve_mailbox1_before = file:/usr/lib/dovecot/sieve/report-spam.sieve # From Spam folder to elsewhere imapsieve_mailbox2_name = * imapsieve_mailbox2_from = Spam imapsieve_mailbox2_causes = COPY APPEND imapsieve_mailbox2_before = file:/usr/lib/dovecot/sieve/report-ham.sieve sieve_pipe_bin_dir = /usr/lib/dovecot/sieve sieve_global_extensions = +vnd.dovecot.pipe +vnd.dovecot.environment } ## 90-sieve-extprograms.conf root@ServerIV-home:~# ^C root@ServerIV-home:~# cat /etc/dovecot/local.conf ## dovecot.conf # Mailuser im Log mit Namen darstellen verbose_proctitle = yes protocols = imap lmtp sieve ## 10-auth.conf # Disable LOGIN command and all other plaintext authentications unless # SSL/TLS is used (LOGINDISABLED capability). Note that if the remote IP # matches the local IP (ie. you're connecting from the same computer), the # connection is considered secure and plaintext authentication is allowed. # See also ssl=required setting. disable_plaintext_auth = yes # Space separated list of wanted authentication mechanisms: # plain login digest-md5 cram-md5 ntlm rpa apop anonymous gssapi otp # gss-spnego # NOTE: See also disable_plaintext_auth setting. auth_mechanisms = plain login # Username formatting before it's looked up from databases. You can use # the standard variables here, eg. %Lu would lowercase the username, %n would # drop away the domain if it was given, or "%n-AT-%d" would change the '@' into # "-AT-". This translation is done after auth_username_translation changes. auth_username_format = %Lu ## ## Password and user databases ## # # Password database is used to verify user's password (and nothing more). # You can have multiple passdbs and userdbs. This is useful if you want to # allow both system users (/etc/passwd) and virtual users to login without # duplicating the system users into virtual database. # # <doc/wiki/PasswordDatabase.txt> # # User database specifies where mails are located and what user/group IDs # own them. For single-UID configuration use "static" userdb. # # <doc/wiki/UserDatabase.txt> #!include conf.d/auth-deny.conf.ext #!include conf.d/auth-master.conf.ext #!include conf.d/auth-system.conf.ext #!include conf.d/auth-sql.conf.ext #!include conf.d/auth-ldap.conf.ext !include conf.d/auth-passwdfile.conf.ext #!include conf.d/auth-checkpassword.conf.ext #!include conf.d/auth-static.conf.ext ## 10-director.conf ## 10-logging.conf # Loglevel festelegen auth_verbose = no auth_debug = no mail_debug = yes ## 10-mail.conf # Format der Mailbox ändern mail_location = maildir:~/Maildir namespace inbox { # Namespace type: private, shared or public type = private # Hierarchy separator to use. You should use the same separator for all # namespaces or some clients get confused. '/' is usually a good one. # The default however depends on the underlying mail storage format. separator = / # Prefix required to access this namespace. This needs to be different for # all namespaces. For example "Public/". prefix = INBOX/ # Physical location of the mailbox. This is in same format as # mail_location, which is also the default for it. location = # There can be only one INBOX, and this setting defines which namespace # has it. inbox = yes # If namespace is hidden, it's not advertised to clients via NAMESPACE # extension. You'll most likely also want to set list=no. This is mostly # useful when converting from another server with different namespaces which # you want to deprecate but still keep working. For example you can create # hidden namespaces with prefixes "~/mail/", "~%u/mail/" and "mail/". hidden = no # If namespace namespace/location fails to load, by default the entire # session will fail to start. If this is set, this namespace will be ignored # instead. ignore_on_failure = no # Show the mailboxes under this namespace with LIST command. This makes the # namespace visible for clients that don't support NAMESPACE extension. # "children" value lists child mailboxes, but hides the namespace prefix. list = yes # Namespace handles its own subscriptions. If set to "no", the parent # namespace handles them (empty prefix should always have this as "yes") subscriptions = yes # See 15-mailboxes.conf for definitions of special mailboxes. } ## 10-master.conf service lmtp { inet_listener lmtp { address = 127.0.0.1 ::1 port = 24 } } service auth { # auth_socket_path points to this userdb socket by default. It's typically # used by dovecot-lda, doveadm, possibly imap process, etc. Users that have # full permissions to this socket are able to get a list of all usernames and # get the results of everyone's userdb lookups. # # The default 0666 mode allows anyone to connect to the socket, but the # userdb lookups will succeed only if the userdb returns an "uid" field that # matches the caller process's UID. Also if caller's uid or gid matches the # socket's uid or gid the lookup succeeds. Anything else causes a failure. # # To give the caller full permissions to lookup all users, set the mode to # something else than 0666 and Dovecot lets the kernel enforce the # permissions (e.g. 0777 allows everyone full permissions). unix_listener auth-userdb { #mode = 0666 #user = #group = } # Postfix smtp-auth unix_listener /var/spool/postfix/private/auth { mode = 0666 } # Auth process is run as this user. #user = $default_internal_user } ## 10-ssl.conf ## 10-tcpwrapper.conf ## 15-lda.conf ## 15-mailboxes.conf namespace inbox { inbox = yes mailbox Spam { auto = subscribe special_use = \Junk } mailbox Trash { auto = subscribe special_use = \Trash } mailbox Drafts { auto = subscribe special_use = \Drafts } mailbox Sent { auto = subscribe special_use = \Sent } } ## 20-imap.conf protocol imap { # Space separated list of plugins to load (default is global mail_plugins). mail_plugins = $mail_plugins imap_sieve } ## 20-lmtp.conf protocol lmtp { # Space separated list of plugins to load (default is global mail_plugins). mail_plugins = $mail_plugins sieve } ## 20-managesieve.conf ## 90-acl.conf ## 90-plugin.conf ## 90-quota.conf ## 90-sieve.conf plugin { sieve_before = /etc/dovecot/conf.d/custom-sieve/global_before.sieve sieve_after = /etc/dovecot/conf.d/custom-sieve/global_after.sieve sieve_plugins = sieve_imapsieve sieve_extprograms # From elsewhere to Spam folder imapsieve_mailbox1_name = Spam imapsieve_mailbox1_causes = COPY APPEND imapsieve_mailbox1_before = file:/usr/lib/dovecot/sieve/report-spam.sieve # From Spam folder to elsewhere imapsieve_mailbox2_name = * imapsieve_mailbox2_from = Spam imapsieve_mailbox2_causes = COPY APPEND imapsieve_mailbox2_before = file:/usr/lib/dovecot/sieve/report-ham.sieve sieve_pipe_bin_dir = /usr/lib/dovecot/sieve sieve_global_extensions = +vnd.dovecot.pipe +vnd.dovecot.environment } ## 90-sieve-extprograms.conf root@ServerIV-home:~# cat /etc/dovecot/local.conf ## dovecot.conf # Mailuser im Log mit Namen darstellen verbose_proctitle = yes protocols = imap lmtp sieve ## 10-auth.conf # Disable LOGIN command and all other plaintext authentications unless # SSL/TLS is used (LOGINDISABLED capability). Note that if the remote IP # matches the local IP (ie. you're connecting from the same computer), the # connection is considered secure and plaintext authentication is allowed. # See also ssl=required setting. disable_plaintext_auth = yes # Space separated list of wanted authentication mechanisms: # plain login digest-md5 cram-md5 ntlm rpa apop anonymous gssapi otp # gss-spnego # NOTE: See also disable_plaintext_auth setting. auth_mechanisms = plain login # Username formatting before it's looked up from databases. You can use # the standard variables here, eg. %Lu would lowercase the username, %n would # drop away the domain if it was given, or "%n-AT-%d" would change the '@' into # "-AT-". This translation is done after auth_username_translation changes. auth_username_format = %Lu ## ## Password and user databases ## # # Password database is used to verify user's password (and nothing more). # You can have multiple passdbs and userdbs. This is useful if you want to # allow both system users (/etc/passwd) and virtual users to login without # duplicating the system users into virtual database. # # <doc/wiki/PasswordDatabase.txt> # # User database specifies where mails are located and what user/group IDs # own them. For single-UID configuration use "static" userdb. # # <doc/wiki/UserDatabase.txt> #!include conf.d/auth-deny.conf.ext #!include conf.d/auth-master.conf.ext #!include conf.d/auth-system.conf.ext #!include conf.d/auth-sql.conf.ext #!include conf.d/auth-ldap.conf.ext !include conf.d/auth-passwdfile.conf.ext #!include conf.d/auth-checkpassword.conf.ext #!include conf.d/auth-static.conf.ext ## 10-director.conf ## 10-logging.conf # Loglevel festelegen auth_verbose = no auth_debug = no mail_debug = yes ## 10-mail.conf # Format der Mailbox ändern mail_location = maildir:~/Maildir namespace inbox { # Namespace type: private, shared or public type = private # Hierarchy separator to use. You should use the same separator for all # namespaces or some clients get confused. '/' is usually a good one. # The default however depends on the underlying mail storage format. separator = / # Prefix required to access this namespace. This needs to be different for # all namespaces. For example "Public/". prefix = INBOX/ # Physical location of the mailbox. This is in same format as # mail_location, which is also the default for it. location = # There can be only one INBOX, and this setting defines which namespace # has it. inbox = yes # If namespace is hidden, it's not advertised to clients via NAMESPACE # extension. You'll most likely also want to set list=no. This is mostly # useful when converting from another server with different namespaces which # you want to deprecate but still keep working. For example you can create # hidden namespaces with prefixes "~/mail/", "~%u/mail/" and "mail/". hidden = no # If namespace namespace/location fails to load, by default the entire # session will fail to start. If this is set, this namespace will be ignored # instead. ignore_on_failure = no # Show the mailboxes under this namespace with LIST command. This makes the # namespace visible for clients that don't support NAMESPACE extension. # "children" value lists child mailboxes, but hides the namespace prefix. list = yes # Namespace handles its own subscriptions. If set to "no", the parent # namespace handles them (empty prefix should always have this as "yes") subscriptions = yes # See 15-mailboxes.conf for definitions of special mailboxes. } ## 10-master.conf service lmtp { inet_listener lmtp { address = 127.0.0.1 ::1 port = 24 } } service auth { # auth_socket_path points to this userdb socket by default. It's typically # used by dovecot-lda, doveadm, possibly imap process, etc. Users that have # full permissions to this socket are able to get a list of all usernames and # get the results of everyone's userdb lookups. # # The default 0666 mode allows anyone to connect to the socket, but the # userdb lookups will succeed only if the userdb returns an "uid" field that # matches the caller process's UID. Also if caller's uid or gid matches the # socket's uid or gid the lookup succeeds. Anything else causes a failure. # # To give the caller full permissions to lookup all users, set the mode to # something else than 0666 and Dovecot lets the kernel enforce the # permissions (e.g. 0777 allows everyone full permissions). unix_listener auth-userdb { #mode = 0666 #user = #group = } # Postfix smtp-auth unix_listener /var/spool/postfix/private/auth { mode = 0666 } # Auth process is run as this user. #user = $default_internal_user } ## 10-ssl.conf ## 10-tcpwrapper.conf ## 15-lda.conf ## 15-mailboxes.conf namespace inbox { inbox = yes mailbox Spam { auto = subscribe special_use = \Junk } mailbox Trash { auto = subscribe special_use = \Trash } mailbox Drafts { auto = subscribe special_use = \Drafts } mailbox Sent { auto = subscribe special_use = \Sent } } ## 20-imap.conf protocol imap { # Space separated list of plugins to load (default is global mail_plugins). mail_plugins = $mail_plugins imap_sieve } ## 20-lmtp.conf protocol lmtp { # Space separated list of plugins to load (default is global mail_plugins). mail_plugins = $mail_plugins sieve } ## 20-managesieve.conf ## 90-acl.conf ## 90-plugin.conf ## 90-quota.conf ## 90-sieve.conf plugin { sieve_before = /etc/dovecot/conf.d/custom-sieve/global_before.sieve sieve_after = /etc/dovecot/conf.d/custom-sieve/global_after.sieve sieve_plugins = sieve_imapsieve sieve_extprograms # From elsewhere to Spam folder imapsieve_mailbox1_name = Spam imapsieve_mailbox1_causes = COPY APPEND imapsieve_mailbox1_before = file:/usr/lib/dovecot/sieve/report-spam.sieve # From Spam folder to elsewhere imapsieve_mailbox2_name = * imapsieve_mailbox2_from = Spam imapsieve_mailbox2_causes = COPY APPEND imapsieve_mailbox2_before = file:/usr/lib/dovecot/sieve/report-ham.sieve sieve_pipe_bin_dir = /usr/lib/dovecot/sieve sieve_global_extensions = +vnd.dovecot.pipe +vnd.dovecot.environment } ## 90-sieve-extprograms.conf Meanwhile I tried a lot of several guides in the internet – nothing of them worked for me – what’s hard to understand because it’s a fresh and simple installation I did. Any help is very appreciated! Thanks Jens

4 6

Sieve Symlink Error
by Benjamin Rose 01 Jul '24

01 Jul '24

Hello, I'm in the process of moving our mail server from RHEL 6 to RHEL 9. We will be moving to: # dovecot --version 2.3.16 (7e2e900c1a) My issue is that sieve does not appear to work on the new setup, where it does work on the old one. I made a simple filter rule: # cat /u/mail0test/.sieve/ingo.sieve # Sieve Filter # Generated by Ingo (http://www.horde.org/apps/ingo/) (06/28/2024, 11:14:52 PM) require "fileinto"; # Test if header :comparator "i;ascii-casemap" :contains "Subject" "filtertest" { fileinto "Fun"; stop; } Upon sending an email to this test account, the following appears in /var/log/maillog: Jun 29 23:19:56 mail5 dovecot[3066980]: lda(mail0test)<3066980><FA8fFtzOgGZkzC4AuM9lWg>: Warning: sieve: file storage: Active sieve script symlink /u/mail0test/.dovecot.sieve is broken: Invalid/unknown path to storage (points to /u/mail0test/.sieve). Jun 29 23:19:56 mail5 dovecot[2987026]: doveadm(mail0test)<3066983><KFf4FtzOgGZnzC4AuM9lWg>: Warning: sieve: file storage: Active sieve script symlink /u/mail0test/.dovecot.sieve is broken: Invalid/unknown path to storage (points to /u/mail0test/.sieve). Jun 29 23:19:56 mail5 dovecot[2987026]: doveadm(mail0test)<3067016><VdsdK9zOgGaIzC4AuM9lWg>: Warning: sieve: file storage: Active sieve script symlink /u/mail0test/.dovecot.sieve is broken: Invalid/unknown path to storage (points to /u/mail0test/.sieve). Yet: # ll /u/mail0test/.dovecot.sieve lrwxrwxrwx. 1 mail0test sysguest 17 Jun 28 23:26 /u/mail0test/.dovecot.sieve -> .sieve/ingo.sieve # file /u/mail0test/.sieve/ingo.sieve /u/mail0test/.sieve/ingo.sieve: ASCII text That is the filter file I've pasted above. I've set the following directives in /etc/dovecot/conf.d/90-sieve.conf via puppet: augeas { "dovecot_sieve_settings": context => "/files/etc/dovecot/conf.d/90-sieve.conf", changes => [ "set plugin/sieve_dir ~/.sieve", "set plugin/sieve_user_log ~/.sieve/log" ], require => Package["dovecot"], notify => Service["dovecot"]; } The full configuration dump is attached. /u in our environment is the path for user homedirs, which is an NFS mount to a NetApp. The OS is Springdale Linux 9.2, a clone of RedHat from before the IBM license change. It will soon be RHEL 9.4 as we have obtained a license, but for all intents and purposes, Springdale 9.2 and RHEL 9.2 should be considered bug-for-bug compatible. The arch is x86_64 with both machines mail5 and mail6 (replicated) having Intel(R) Xeon(R) Gold 6244 CPU @ 3.60GHz and 768gb of memory. I have the same issue with SELinux in both enforcing and permissive modes, so this is not a permissions error due to SELinux. Am I doing something wrong, or is this a bug? I've seen that there have been some previous issues similar to this that ended up being bugs in pigeonhole, so here I am. Thanks, Ben

2 3

Timeout when opening folder
by Entrepreneur AJ 28 Jun '24

28 Jun '24

Hi all, I'm stuck with an issue. Migrating everything to a k0s kubernetes cluster, trying to migrate dovecot and all so far seems to be well with PVC for mail storage, ssl working great, authentication vis PostgreSQL working great. Issue is when trying to look at another folder say Deleted or Spam etc folder I am getting a timeout error with no logs. I disabled apparmour on the nodes the try again and the following error message appears; Jun 24 21:01:55 imap-login: Info: Login: user=<eaj>, method=PLAIN, rip=194.207.0.0, lip=10.244.24.235, mpid=15, TLS, session=<eTNaF6kbzJHCz3qg> Jun 24 21:01:55 imap(eaj)<15><eTNaF6kbzJHCz3qg>: Debug: Added userdb setting: mail=maildir:/srv/vmail/eaj Jun 24 21:01:55 imap(eaj)<15><eTNaF6kbzJHCz3qg>: Debug: Effective uid=1000, gid=1000, home=/srv/vmail/eaj Jun 24 21:01:55 imap(eaj)<15><eTNaF6kbzJHCz3qg>: Debug: open(/proc/self/io) failed: Permission denied Jun 24 21:01:55 imap(eaj)<15><eTNaF6kbzJHCz3qg>: Debug: Namespace inbox: type=private, prefix=, sep=, inbox=yes, hidden=no, list=yes, subscriptions=yes location=maildir:/srv/vmail/eaj Jun 24 21:01:55 imap(eaj)<15><eTNaF6kbzJHCz3qg>: Debug: maildir++: root=/srv/vmail/eaj, index=, indexpvt=, control=, inbox=/srv/vmail/eaj, alt= Jun 24 21:01:55 imap(eaj)<14><3PRZF6kb0JHCz3qg>: Debug: Mailbox INBOX: Mailbox opened Jun 24 21:02:24 imap(eaj)<15><eTNaF6kbzJHCz3qg>: Debug: Mailbox Sent: Couldn't open mailbox in list index: Storage size changed 160 != 396 Jun 24 21:02:24 imap(eaj)<15><eTNaF6kbzJHCz3qg>: Debug: Mailbox Sent: Mailbox opened Jun 24 21:02:24 imap(eaj)<15><eTNaF6kbzJHCz3qg>: Debug: Mailbox Drafts: Couldn't open mailbox in list index: Storage size changed 160 != 396 Jun 24 21:02:24 imap(eaj)<15><eTNaF6kbzJHCz3qg>: Debug: Mailbox Drafts: Mailbox opened Thunderbird keeps showing a timeout error after a few minutes. Dovecot Version: 2.3.21 (47349e2482) dovecot -n config: # 2.3.21 (47349e2482): /etc/dovecot/dovecot.conf # OS: Linux 5.15.0-112-generic x86_64 # Hostname: dovecot-549bdc98ff-tzwcf auth_debug = yes auth_debug_passwords = yes auth_mechanisms = plain login auth_verbose = yes auth_verbose_passwords = yes base_dir = /var/run/dovecot/ first_valid_uid = 1000 import_environment = TZ last_valid_uid = 1000 log_path = /dev/stdout login_greeting = IMAP ready. mail_debug = yes mail_home = /srv/vmail/%n mail_location = maildir:~ namespace inbox { hidden = no inbox = yes list = yes location = mailbox Drafts { auto = subscribe special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { auto = subscribe special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Spam { auto = subscribe special_use = \Junk } mailbox Trash { auto = subscribe special_use = \Trash } prefix = subscriptions = yes type = private } passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { acl = vfile:/etc/dovecot/global-acls:cache_secs=300 acl_shared_dict = file:/var/lib/dovecot/shared-mailboxes imap_compress_deflate_level = 9 mail_crypt_global_private_key = # hidden, use -P to show it mail_crypt_global_public_key = # hidden, use -P to show it mail_crypt_save_version = 2 zlib_save = zstd zlib_save_level = 3 } service auth-worker { user = vmail } service auth { unix_listener auth-userdb { group = vmail mode = 0600 user = vmail } } service dict { unix_listener dict { group = vmail mode = 0660 user = vmail } } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } } service lmtp { inet_listener lmtp { port = 24 } user = vmail } service pop3-login { inet_listener pop3 { port = 0 } inet_listener pop3s { port = 0 ssl = yes } } service submission-login { inet_listener submission { port = 0 } inet_listener submissions { port = 0 } } ssl = required ssl_cert = </etc/dovecot/certs/tls.crt ssl_cipher_list = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305 ssl_key = # hidden, use -P to show it ssl_prefer_server_ciphers = yes userdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } verbose_ssl = yes protocol imap { mail_plugins = postmaster_address = postmaster(a)eajglobal.net } protocol lmtp { mail_plugins = postmaster_address = postmaster(a)eajglobal.net } Any pointers would be highly appreciated.

5 7

Oauth2 remote IP address
by Scott Q. 27 Jun '24

27 Jun '24

Anyone knows how to configure Dovecot to send the real remote ip address of the user to the oauth2 provider ( Keycloak in this case ) ? Right now I see the request as coming from the Dovecot server... Thank you, Scott

1 0

sieve comparator i;unicode-casemap RFC5051
by Alexey 25 Jun '24

25 Jun '24

Hello. Am I right that currently there is no chance to compare non-ascii characters case-insensitive? (UTF-8 strings from inside Subject or Body) I'm looking for :comparator i;unicode-casemap, but can't find it. It is described in RFC5051. Regards, Alexey

1 0

logging computer name
by hp＠hungpham.no 25 Jun '24

25 Jun '24

I am running Dovecot 2.3.21. One client has multiple computers in their LAN, connecting to my server with a static IP. One or several computers in that LAN keep logging in with failed password, but the Dovecot log only shows the public static IP, like this Jun 25 10:39:20 server-name dovecot[689]: imap-login: Disconnected: Connection closed (auth failed, 2 attempts in 62 secs): user=<xxxx(a)domainyyy.com>, method=PLAIN, rip=client-public-IP, lip=server-IP, TLS, session=<MCLxoK4bksIO8zXR> I tried to enable debug, but there is no more information about the LAN IP or computer names. Is there any setting which helps me with that purpose? So it will be much easier to locate the failed computers in that LAN? Thank you.

3 2

Re: Only some of my sent emails are stored in sent-folder
by Joseph Tam 22 Jun '24

22 Jun '24

From: Nils <dovecot(a)bugblatterbeast.de> > Still, there is no filter rule that would apply to that. Additionally, I > only use "fileinto" actions in my filter rules. No, I meant Thunderbird's rules and filters. If your mail reader decides to not save the message, IMAP and Sireve will never see it. Joseph Tam <jtam.home(a)gmail.com>

1 0