May 2025 - dovecot - dovecot.org

NAMESPACE empty when logging via haproxy but populated properly when logging directly
by dk+lists.dovecot.org＠7ns.eu 22 May '25

22 May '25

Hello there. I have a problem with newest dovecots (2.3 and 2.4). Dovecot server for some reason is not providing NAMESPACE via IMAP commands when logging via haproxy (rawlog provided below). Server config: inet_listener imap { port = 143 haproxy = yes } inet_listener imap0 { port = 1143 haproxy = no } When I login directly to dovecot server on port 1143 I get this response from server: 1747853284.039953 * NAMESPACE (("INBOX/" "/")) (("Shared/" "/")) (("Public/" "/")) 1747853284.039986 52 OK Namespace completed (0.001 + 0.000 secs). However when I login to the exact same dovecot server but via haproxy host on port 143 I get this response from server: 1747853284.076121 * NAMESPACE (("" "/")) NIL NIL 1747853284.076160 27 OK Namespace completed (0.001 + 0.000 secs). Tested on: - debian dovecot 2.3.21.1+dfsg1-1+b2 - debian dovecot 2.4.1+dfsg1-4 Could some dev look into it please? Clearly something is broken with dovecot haproxy listener. I just deployed dovecot 2.4 to check if it was fixed but the same problem exists there. Greets. dk Hello there. I have a problem with newest dovecots (2.3 and 2.4). Dovecot server for some reason is not providing NAMESPACE via IMAP commands when logging via haproxy (rawlog provided below). Server config: inet_listener imap { port = 143 haproxy = yes } inet_listener imap0 { port = 1143 haproxy = no } When I login directly to dovecot server on port 1143 I get this response from server: 1747853284.039953 * NAMESPACE (("INBOX/" "/")) (("Shared/" "/")) (("Public/" "/ ")) 1747853284.039986 52 OK Namespace completed (0.001 + 0.000 secs). However when I login to the exact same dovecot server but via haproxy host on port 143 I get this response from server: 1747853284.076121 * NAMESPACE (("" "/")) NIL NIL 1747853284.076160 27 OK Namespace completed (0.001 + 0.000 secs). Tested on: - debian dovecot 2.3.21.1+dfsg1-1+b2 - debian dovecot 2.4.1+dfsg1-4 Could some dev look into it please? Clearly something is broken with dovecot haproxy listener. I just deployed dovecot 2.4 to check if it was fixed but the same problem exists there. Greets. dk

2 4

Dovecot 2.4.1 userdb override for autoexpunge on specific mailbox
by Thomas Leuxner 22 May '25

22 May '25

Hi, I'm trying to override the autoexpunge setting for the "Deleted Messages" mailbox in the INBOX namespace. [...] mailbox "Deleted Messages" { autoexpunge = 2d special_use = "\\Trash" } doveconf -nF # mail_namespace :FILTER settings_filter_name="namespace/inbox" namespace_name=inbox namespace_type=private namespace_separator=/ namespace_prefix= namespace_inbox=yes namespace_hidden=no mailbox=INBOX Drafts Junk Deleted\_Messages Spam Sent Sent\_Messages The setting seems to be pulled from the userdb and matches the escaping above. It doesn't seem to alter the global "autoexpunge = 2d" setting for this user though. doveadm user -u tlx(a)leuxner.net userdb: tlx(a)leuxner.net user : tlx(a)leuxner.net home : /var/vmail/domains/leuxner.net/tlx uid : 5000 gid : 5000 quota_storage_size: 5G acl_groups: PublicMailboxAdmins namespace/inbox/mailbox/Deleted\_Messages/autoexpunge: 6h Regards Thomas

1 0

Upgrade 2.3 to 2.4 - virtual mail - dovecot-lda flags ignored
by Cam Ellison 22 May '25

22 May '25

When running v2.3, Dovecot correctly identifies both recipient and domain when receiving mail from Debian exim4 via dovecot-lda, with no flags set. With v2.4, whether the flags are set or not, Dovecot throws error 75. If lda_mailbox_autocreate is set to yes, it creates the mailuser vmail and delivers to /var/vmail/vmail/INBOX. Users are able to log in and read email as before. doveadm user admin(a)example.ca output is: field value uid 5000 gid 5000 home /var/vmail/admin mail_path /var/vmail/admin/Maildir Here is the full printout of doveconf -n. # 2.4.1-4 (7d8c0e5759): /etc/dovecot/dovecot.conf # Pigeonhole version 2.4.1-4 (0a86619f) # OS: Linux 6.1.0-20-rt-686-pae i686 Debian 13.0 ext4 # Hostname: football.scasl.ca # 4 default setting changes since version 2.4.0 dovecot_config_version = 2.4.0 auth_debug = yes auth_debug_passwords = yes auth_mechanisms = plain login base_dir = /var/run/dovecot/ dovecot_storage_version = 2.4.0 first_valid_gid = 5000 first_valid_uid = 5000 fts_autoindex = yes fts_autoindex_max_recent_msgs = 999 fts_search_add_missing = yes hostname = scasl.ca listen = * :: login_trusted_networks = 209.121.143.10/32 mail_debug = yes mail_driver = maildir mail_gid = 5000 mail_home = /var/vmail/%{user|username} mail_inbox_path = /var/vmail/%{user|username}/Maildir/INBOX mail_path = /var/vmail/%{user|username}/Maildir mail_privileged_group = vmail mail_uid = 5000 postmaster_address = postmaster(a)scasl.ca protocols { imap = yes } sql_driver = mysql mysql scasl.ca { dbname = scasl host = localhost password = # port = 3306 user = scasl } userdb sql { iterate_query = SELECT email_username AS username, domain FROM league query = SELECT CONCAT('/var/vmail/',email_username) AS home, 5000 AS uid, 5000 AS gid FROM league WHERE email_username = '%{user|username}' } passdb sql { default_password_scheme = BLF-CRYPT query = SELECT password FROM login WHERE ID IN (SELECT ID FROM league WHERE email_username='%{user|username}') } maildir { very_dirty_syncs = yes } namespace inbox { mail_driver = maildir mail_home = /var/vmail/%{user|username} mail_inbox_path = /var/vmail/%{user|username}/Maildir/INBOX mail_path = /var/vmail/%{user|username}/Maildir inbox = yes separator = / type = private mailbox Drafts { auto = subscribe special_use = "\\Drafts" } mailbox Junk { special_use = "\\Junk" } mailbox Trash { special_use = "\\Trash" } mailbox Sent { special_use = "\\Sent" } mailbox "Sent Messages" { special_use = "\\Sent" } } service imap-login { inet_listener imap { } inet_listener imaps { } } service submission-login { inet_listener submission { } } service lmtp { unix_listener lmtp { mode = 0666 } } service imap { } service pop3 { } service submission { } service auth { unix_listener auth-userdb { mode = 0666 } unix_listener auth-client { mode = 0666 } } service auth-worker { } service dict { unix_listener dict { } } service stats { unix_listener stats-reader { group = vmail mode = 0666 } unix_listener stats-writer { group = vmail mode = 0666 } } ssl_server { cert_file = /etc/letsencrypt/live/scasl.ca/fullchain.pem key_file = /etc/letsencrypt/live/scasl.ca/privkey.pem } protocol lda { mail_plugins = $mail_plugins } I assume I am missing a parameter that needs setting. Is it that, do I have something set incorrectly, or is it really a bug? Cheers Cam When running v2.3, Dovecot correctly identifies both recipient and domain when receiving mail from Debian exim4 via dovecot-lda, with no flags set. With v2.4, whether the flags are set or not, Dovecot throws error 75. If lda_mailbox_autocreate is set to yes, it creates the mailuser vmail and delivers to /var/vmail/vmail/INBOX. Users are able to log in and read email as before. doveadm user admin(a)example.ca output is: field value uid 5000 gid 5000 home /var/vmail/admin mail_path /var/vmail/admin/Maildir Here is the full printout of doveconf -n. # 2.4.1-4 (7d8c0e5759): /etc/dovecot/dovecot.conf # Pigeonhole version 2.4.1-4 (0a86619f) # OS: Linux 6.1.0-20-rt-686-pae i686 Debian 13.0 ext4 # Hostname: football.scasl.ca # 4 default setting changes since version 2.4.0 dovecot_config_version = 2.4.0 auth_debug = yes auth_debug_passwords = yes auth_mechanisms = plain login base_dir = /var/run/dovecot/ dovecot_storage_version = 2.4.0 first_valid_gid = 5000 first_valid_uid = 5000 fts_autoindex = yes fts_autoindex_max_recent_msgs = 999 fts_search_add_missing = yes hostname = scasl.ca listen = * :: login_trusted_networks = 209.121.143.10/32 mail_debug = yes mail_driver = maildir mail_gid = 5000 mail_home = /var/vmail/%{user|username} mail_inbox_path = /var/vmail/%{user|username}/Maildir/INBOX mail_path = /var/vmail/%{user|username}/Maildir mail_privileged_group = vmail mail_uid = 5000 postmaster_address = postmaster(a)scasl.ca protocols { imap = yes } sql_driver = mysql mysql scasl.ca { dbname = scasl host = localhost password = # port = 3306 user = scasl } userdb sql { iterate_query = SELECT email_username AS username, domain FROM league query = SELECT CONCAT('/var/vmail/',email_username) AS home, 5000 AS uid, 5000 AS gid FROM league WHERE email_username = '%{user|username}' } passdb sql { default_password_scheme = BLF-CRYPT query = SELECT password FROM login WHERE ID IN (SELECT ID FROM league WHERE email_username='%{user|username}') } maildir { very_dirty_syncs = yes } namespace inbox { mail_driver = maildir mail_home = /var/vmail/%{user|username} mail_inbox_path = /var/vmail/%{user|username}/Maildir/INBOX mail_path = /var/vmail/%{user|username}/Maildir inbox = yes separator = / type = private mailbox Drafts { auto = subscribe special_use = "\\Drafts" } mailbox Junk { special_use = "\\Junk" } mailbox Trash { special_use = "\\Trash" } mailbox Sent { special_use = "\\Sent" } mailbox "Sent Messages" { special_use = "\\Sent" } } service imap-login { inet_listener imap { } inet_listener imaps { } } service submission-login { inet_listener submission { } } service lmtp { unix_listener lmtp { mode = 0666 } } service imap { } service pop3 { } service submission { } service auth { unix_listener auth-userdb { mode = 0666 } unix_listener auth-client { mode = 0666 } } service auth-worker { } service dict { unix_listener dict { } } service stats { unix_listener stats-reader { group = vmail mode = 0666 } unix_listener stats-writer { group = vmail mode = 0666 } } ssl_server { cert_file = /etc/letsencrypt/live/scasl.ca/fullchain.pem key_file = /etc/letsencrypt/live/scasl.ca/privkey.pem } protocol lda { mail_plugins = $mail_plugins } I assume I am missing a parameter that needs setting. Is it that, do I have something set incorrectly, or is it really a bug? Cheers Cam

2 2

Re: Upgrade 2.3 to 2.4 - virtual mail - dovecot-lda flags ignored
by Cam Ellison 22 May '25

22 May '25

On 2025-05-21 14:11, Odhiambo Washington wrote: > Hi Cam, > > I suffered something similar during my migration and an old post > somewhere saved the day for me: https://skeletor.org.ua/?p=2497 > I hope it helps you too. > It was worth a try, and at least has changed the focus to Exim from Dovecot: the existing lookups for identifying user@domain in Exim are not working. What he has is not significantly different from my own setup. Thank you for the link Cam

1 1

Large Server with Dovecot
by Odhiambo Washington 21 May '25

21 May '25

Hello Admins, I have at hand a task to setup Dovecot (2.4.1) to handle about 10,000 mailboxes using IMAP/POP3. It's a migration from another system. The current total storage for the mailboxes is 350GB. I believe several Mail admins are managing such systems, and bigger. What do you recommend as the baseline for the optimization Dovecot engine itself? Assuming the storage is on SSD, is there something you recommend I add to the dovecot.configuration for fast access? Indexing? Anything else? How about the system specs - CPU/RAM? Thank you in advance. -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254 7 3200 0004/+254 7 2274 3223 In an Internet failure case, the #1 suspect is a constant: DNS. "Oh, the cruft.", egrep -v '^$|^.*#' ¯\_(ツ)_/¯ :-) [How to ask smart questions: http://www.catb.org/~esr/faqs/smart-questions.html] Hello Admins, I have at hand a task to setup Dovecot (2.4.1) to handle about 10,000 mailboxes using IMAP/POP3. It's a migration from another system. The current total storage for the mailboxes is 350GB. I believe several Mail admins are managing such systems, and bigger. What do you recommend as the baseline for the optimization Dovecot engine itself? Assuming the storage is on SSD, is there something you recommend I add to the dovecot.configuration for fast access? Indexing? Anything else? How about the system specs - CPU/RAM? Thank you in advance. -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254 7 3200 0004/+254 7 2274 3223 In an Internet failure case, the #1 suspect is a constant: DNS. "Oh, the cruft.", egrep -v '^$|^.*#' ¯\_(ツ)_/¯ :-) [How to ask smart questions: http://www.catb.org/~esr/faqs/smart- questions.html]

1 0

prohibit subfolders under INBOX
by dentar＠fnsheppard.com 20 May '25

20 May '25

I know this is a n00b question but I've done my diligence... Is there a way (Maildir not MBOX) to ONLY prohibit creation of folders under INBOX e.g. no INBOX.Fred allowed, but the user MAY create subfolders under other folders, e.g. Fred.Barney? We've discovered that when people create INBOX.anything it causes Outlook to go insane.

1 0

bug report: "Corrupted transaction log file" PLUS request for improvement of the documentation about mmap_disable
by Patrick Cernko 20 May '25

20 May '25

Hello Dovecot developers, hello list, since more than two years we had occasional log messages like this: Error: Mailbox INBOX: Corrupted transaction log file /IMAP/mail/mailboxes/USER/mdbox/mailboxes/INBOX/dbox-Mails/dovecot.index.log seq 45532: Unexpected garbage at EOF (sync_offset=4856) Mostly I had to repair the affected mailbox manually after such events. Luckily I could prevent any data corruptions by using the healthy mailbox from the replication partner. Those errors occurred rather seldom (once a month) but started get more often. At the end of last year, they occurred about once a week for 800 users with up to 200 folders. The reporting process was always different, like the indexer, imapd, lmtpd, replicator or doveadm (on cmdline). It was obviously some sort of race-condition between the different processes accessing the index. I did not see any hints how to reproduce it. At the beginning of this year I started to debug this issue by adding debugging log output to our productive system, mostly in lib-index. I was hoping to find the cause of the issue and maybe even provide a patch to fix this. But about 5 weeks ago, I discovered, that the error can be simply avoided by setting mmap_disable=yes. Since this change, the error did not occur again even with specific tests, that previously likely triggered the bug. That's where I stopped to debug further. We are running Dovecot in master-master mode using replication plugin behind a Dovecot director setup. The storage on the backends is provided by local disks on Linux with newest ZFS filesystem. We use mdbox storage and FTS. While testing I also checked ext4 instead of ZFS and different FTS backends without success. I can provide more information for the developers if you are interested! --------------------------------- About mmap_disable: The documentation only mentions, that you should set this to "yes" for SHARED filesystems (I don't think local ZFS or ext4 qualify for that). https://doc.dovecot.org/2.3/settings/core/#core_setting-mmap_disable On another page (https://doc.dovecot.org/2.3/admin_manual/mailbox_formats/#memory-mapping) it is mentioned, that "If mmap() is supported by your filesystem, it’s still not certain that it gives better performance. Try benchmarking to make sure." I also found an old mail from Timo (https://dovecot.org/list/dovecot/2011-December/079975.html) which lists 3 cases, where mmap_disable=yes is required or at least suggested. In only one case, he wrote "With local filesystems mmap_disable=no _should_ be faster." I did not do extensive benchmarks but I did not see any performance issues since we disabled mmap on our IMAP backends. So, I wonder, if it would not be better to switch the default for mmap_disable to YES: 1. There are configurations, where the current default might cause data corruption! 2. There are configurations, where disabling mmap is suggested. 3. Even on local storage, the performance benefits are unsure. 4. According to my observations, even on local storage, enabling mmap can cause data corruption. Changing the default to NO would protect users from accidental data corruption. Users that aim for maximum performance can still enable mmap and test if it improves performance. IMHO the documentation should mention, that even for local disks, mmap CAN cause data corruption (until the above mentioned bug is found and fixed). Best regards, -- Patrick Cernko <pcernko(a)mpi-klsb.mpg.de> +49 681 9325 5815 Joint Scientific IT and Technical Service Max-Planck-Institute für Informatik & Softwaresysteme

1 0

Upgrade 2.3 to 2.4 - Dovecot cannot find user mailbox
by Cam Ellison 20 May '25

20 May '25

The system in question primarily sends emails to group members but also has a few virtual email accounts for officers. Usernames and passwords are looked up from a mysql (MariaDB) database. After the upgrade incoming mail now goes to a vmail account that Dovecot creates because it cannot match the email to the user for whom it is intended (there is no user 'vmail' in the system). Users can log in and read their mail and send mail, but any emails received since the change to 2.4 are understandably inaccessible. Below is the output from doveconf -n. Can anyone see what is wrong? # 2.4.1-4 (7d8c0e5759): /etc/dovecot/dovecot.conf # Pigeonhole version 2.4.1-4 (0a86619f) # OS: Linux 6.1.0-20-rt-686-pae i686 Debian 13.0 ext4 # Hostname: football.scasl.ca # 4 default setting changes since version 2.4.0 dovecot_config_version = 2.4.0 auth_debug = yes auth_debug_passwords = yes auth_mechanisms = plain login base_dir = /var/run/dovecot/ dovecot_storage_version = 2.4.0 first_valid_gid = 5000 first_valid_uid = 5000 fts_autoindex = yes fts_autoindex_max_recent_msgs = 999 fts_search_add_missing = yes hostname = scasl.ca listen = * :: login_trusted_networks = 209.121.143.10/32 mail_debug = yes mail_driver = maildir mail_gid = 5000 mail_home = /var/vmail/%{user|username} mail_inbox_path = /var/vmail/%{user|username}/Maildir/INBOX mail_path = /var/vmail/%{user|username}/Maildir mail_privileged_group = vmail mail_uid = 5000 postmaster_address = postmaster(a)scasl.ca protocols { imap = yes } sql_driver = mysql dict quota { } mysql scasl.ca { dbname = scasl host = localhost password = # hidden, use -P to show it port = 3306 user = scasl } userdb sql { iterate_query = SELECT email_username AS username, domain FROM league query = SELECT CONCAT('/var/vmail/',email_username) AS home, 5000 AS uid, 5000 AS gid FROM league WHERE email_username = '%{user|username}' } passdb sql { default_password_scheme = BLF-CRYPT query = SELECT password FROM login WHERE ID IN (SELECT ID FROM league WHERE email_username='%{user|username}') } maildir { very_dirty_syncs = yes } namespace inbox { mail_driver = maildir mail_home = /var/vmail/%{user|username} mail_inbox_path = /var/vmail/%{user|username}/Maildir/INBOX mail_path = /var/vmail/%{user|username}/Maildir inbox = yes separator = / mailbox Drafts { auto = subscribe special_use = "\\Drafts" } mailbox Junk { special_use = "\\Junk" } mailbox Trash { special_use = "\\Trash" } mailbox Sent { special_use = "\\Sent" } mailbox "Sent Messages" { special_use = "\\Sent" } } service imap-login { inet_listener imap { } inet_listener imaps { } } service submission-login { inet_listener submission { } } service lmtp { unix_listener lmtp { mode = 0666 } } service imap { } service pop3 { } service submission { } service auth { unix_listener auth-userdb { mode = 0666 } unix_listener auth-client { mode = 0666 } } service auth-worker { } service dict { unix_listener dict { } } service stats { unix_listener stats-reader { group = vmail mode = 0666 } unix_listener stats-writer { group = vmail mode = 0666 } } ssl_server { cert_file = /etc/letsencrypt/live/scasl.ca/fullchain.pem key_file = /etc/letsencrypt/live/scasl.ca/privkey.pem } Cheers Cam The system in question primarily sends emails to group members but also has a few virtual email accounts for officers. Usernames and passwords are looked up from a mysql (MariaDB) database. After the upgrade incoming mail now goes to a vmail account that Dovecot creates because it cannot match the email to the user for whom it is intended (there is no user 'vmail' in the system). Users can log in and read their mail and send mail, but any emails received since the change to 2.4 are understandably inaccessible. Below is the output from doveconf -n. Can anyone see what is wrong? # 2.4.1-4 (7d8c0e5759): /etc/dovecot/dovecot.conf # Pigeonhole version 2.4.1-4 (0a86619f) # OS: Linux 6.1.0-20-rt-686-pae i686 Debian 13.0 ext4 # Hostname: football.scasl.ca # 4 default setting changes since version 2.4.0 dovecot_config_version = 2.4.0 auth_debug = yes auth_debug_passwords = yes auth_mechanisms = plain login base_dir = /var/run/dovecot/ dovecot_storage_version = 2.4.0 first_valid_gid = 5000 first_valid_uid = 5000 fts_autoindex = yes fts_autoindex_max_recent_msgs = 999 fts_search_add_missing = yes hostname = scasl.ca listen = * :: login_trusted_networks = 209.121.143.10/32 mail_debug = yes mail_driver = maildir mail_gid = 5000 mail_home = /var/vmail/%{user|username} mail_inbox_path = /var/vmail/%{user|username}/Maildir/INBOX mail_path = /var/vmail/%{user|username}/Maildir mail_privileged_group = vmail mail_uid = 5000 postmaster_address = postmaster(a)scasl.ca protocols { imap = yes } sql_driver = mysql dict quota { } mysql scasl.ca { dbname = scasl host = localhost password = # hidden, use -P to show it port = 3306 user = scasl } userdb sql { iterate_query = SELECT email_username AS username, domain FROM league query = SELECT CONCAT('/var/vmail/',email_username) AS home, 5000 AS uid, 5000 AS gid FROM league WHERE email_username = '%{user|username}' } passdb sql { default_password_scheme = BLF-CRYPT query = SELECT password FROM login WHERE ID IN (SELECT ID FROM league WHERE email_username='%{user|username}') } maildir { very_dirty_syncs = yes } namespace inbox { mail_driver = maildir mail_home = /var/vmail/%{user|username} mail_inbox_path = /var/vmail/%{user|username}/Maildir/INBOX mail_path = /var/vmail/%{user|username}/Maildir inbox = yes separator = / mailbox Drafts { auto = subscribe special_use = "\\Drafts" } mailbox Junk { special_use = "\\Junk" } mailbox Trash { special_use = "\\Trash" } mailbox Sent { special_use = "\\Sent" } mailbox "Sent Messages" { special_use = "\\Sent" } } service imap-login { inet_listener imap { } inet_listener imaps { } } service submission-login { inet_listener submission { } } service lmtp { unix_listener lmtp { mode = 0666 } } service imap { } service pop3 { } service submission { } service auth { unix_listener auth-userdb { mode = 0666 } unix_listener auth-client { mode = 0666 } } service auth-worker { } service dict { unix_listener dict { } } service stats { unix_listener stats-reader { group = vmail mode = 0666 } unix_listener stats-writer { group = vmail mode = 0666 } } ssl_server { cert_file = /etc/letsencrypt/live/scasl.ca/fullchain.pem key_file = /etc/letsencrypt/live/scasl.ca/privkey.pem } Cheers Cam

1 0

Change the way folders are displayed via IMAP protocol
by Lafiel 19 May '25

19 May '25

Hi. How can I patch the source code so that the server forces the list of all folders to be displayed in quotes? Or add the corresponding parameter to the configuration file? -- Best regards, Lafiel mailto:lafiel@elven.pw

1 0

Dovecot 3.21.1 -> 2.4.0 SegFault
by Cata S 19 May '25

19 May '25

Hi guys, There seems to be some issue with Dovecot deployed on alpine. More specifically, the dovecot.config file is not properly read. I have run some debugging and the SegFault is returned in the function below: #0 0x000055555556779b in config_parsed_get_setting () No symbol table info available. #1 0x0000555555563708 in config_dump_full () No symbol table info available. #2 0x000055555555c814 in main () No symbol table info available. This was also addressed by alpine here: https://gitlab.alpinelinux.org/alpine/aports/-/issues/17050 Any idea what could be causing this? Thanks for looking into it, Cata

3 2