Dovecot: Mails flagged as read get flagged as unread

6 Dec 2016 · *----- config Dovecot Proxy -----*

      Hi all
We experience some unexpected behavior with dovecot. It happens that
emails marked as read get marked as unread (MUA is Thunderbird on port
143). Unfortunately this happens randomly, reproducing this issue is
difficult. We could not find any pattern, it happens rarely.
We are running dovecot version 2.2.24 on Debian Jessie (backports
repository).
/root@dovecot01:~# dovecot --version//
//2.2.24 (a82c823)/
Our Setup:
/ha-proxy01 -> dovecot-proxy01 (proxy=yes) -> dovecot01 (proxy=no)
traffic on different ports to different servers.

IP is used for multiple services (ports). We use the haproxy to send

/
Below the configuration (IMAPC is active for migration purposes).
Do you have any recommendations where we could focus for
troubleshooting? I found some posts about mbox_lazy_writes causing
similar issues. However we use mdbox in our setup.
If we enable rawlog for what log patterns should we search?
Your Inputs are highly appreciated!
Thanks and Regards
plataleas
*----- haproxy configuration ------
*frontend frontend_mail.company.org-143
bind 10.100.189.34:143
mode tcp
default_backend backend_mail.company.org-143
backend backend_mail.company.org-143
mode tcp
balance source
server dovecot-proxy01.company.org  dovecot-proxy01.company.org:10143
check send-proxy-v2
server dovecot-proxy02.company.org  dovecot-proxy02.company.org:10143
check send-proxy-v2 backup
*----- config Dovecot Proxy -----*
/root@dovecot-proxy01:~#  dovecot -n
# 2.2.24 (a82c823): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.13 (7b14904)
# OS: Linux 3.16.0-4-amd64 x86_64 Debian 8.5
auth_username_chars =
abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@*
default_client_limit = 5000
default_process_limit = 500
disable_plaintext_auth = no
haproxy_trusted_networks = 10.10.189.28,10.10.189.29
imap_capability = IMAP4rev1 UIDPLUS CHILDREN NAMESPACE
THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE ACL ACL2=UNION
STARTTLS
listen = 10.10.189.25
mail_location = mdbox:%h/mdbox
mail_max_userip_connections = 0
mail_plugins = zlib
mdbox_rotate_size = 10 M
namespace inbox {
inbox = yes
location =
mailbox Drafts {
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox Sent {
special_use = \Sent
}
mailbox "Sent Messages" {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}
prefix = INBOX.
separator = .
}
passdb {
args = /etc/dovecot/dovecot-ldap.conf.ext
driver = ldap
}
plugin {
gzip_save_level = 6
pop3_migration_mailbox = POP3-MIGRATION-NS/INBOX
sieve = file:~/sieve;active=~/.dovecot.sieve
zlib_save = gz
}
protocols = imap pop3 lmtp
service imap-login {
inet_listener imap_haproxy {
address = 10.10.189.25
haproxy = yes
port = 10143
}
inet_listener imaps_haproxy {
address = 10.10.189.25
haproxy = yes
port = 10993
ssl = yes
}
}
service lmtp {
inet_listener lmtp {
address = 10.10.189.25
port = 24
}
}
service pop3-login {
inet_listener pop3_haproxy {
address = 10.10.189.25
haproxy = yes
port = 10110
}
inet_listener pop3s_haproxy {
address = 10.10.189.25
haproxy = yes
port = 10995
ssl = yes
}
}
ssl_ca = 
/root@dovecot-proxy01:~# grep -v '^ *\(#.*\)\?$'
/etc/dovecot/dovecot-ldap.conf.ext//
//uris = ldaps://ldap.comany.org//
//dn = 'cn=ldap-reader,ou=customers,dc=company,dc=org'//
//dnpass =  upser_password//
//sasl_bind = no//
//tls = no//
//auth_bind = yes//
//base = ou=customers,dc=company,dc=org//
//user_attrs =
=home=/data/vmails/%Ld/%Ln,=uid=10000,=gid=10000,mailquota=quota_rule=*:storage=%$G//
//user_filter = (&(uid=%u)(pfAccountStatus=active))//
//pass_attrs =
uid=user,userPassword=password,pfmailHost=host,=proxy_maybe=yes//
//pass_filter = (&(uid=%u)(pfAccountStatus=active))//
/
*-------------config Dovecot LDA---------*

/root@dovecot01:~#  dovecot -n /
# 2.2.24 (a82c823): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.13 (7b14904)
# OS: Linux 3.16.0-4-amd64 x86_64 Debian 8.5
auth_username_chars =
abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@*
default_client_limit = 5000
default_process_limit = 500
disable_plaintext_auth = no
haproxy_trusted_networks = 10.10.189.28,10.10.189.29
imapc_features = rfc822.size
imapc_host = mail-direct.company.org
imapc_list_prefix = INBOX
imapc_user = %u
listen = 10.10.189.42
mail_location = mdbox:%h/mdbox
mail_max_userip_connections = 0
mail_plugins = zlib
mail_prefetch_count = 20
mdbox_rotate_size = 10 M
namespace {
hidden = yes
list = no
location = pop3c:
prefix = POP3-MIGRATION-NS/
}
namespace inbox {
inbox = yes
location =
mailbox Drafts {
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox Sent {
special_use = \Sent
}
mailbox "Sent Messages" {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}
prefix = INBOX.
separator = .
}
passdb {
args = /etc/dovecot/dovecot-ldap.conf.ext
driver = ldap
}
plugin {
gzip_save_level = 6
pop3_migration_ignore_missing_uidls = yes
pop3_migration_mailbox = POP3-MIGRATION-NS/INBOX
sieve = file:~/sieve;active=~/.dovecot.sieve
zlib_save = gz
}
pop3c_host = mail-direct.company.org
pop3c_password =  # hidden, use -P to show it
protocols = imap pop3 lmtp
service imap-login {
inet_listener imap_haproxy {
address = 10.10.189.42
haproxy = yes
port = 10143
}
inet_listener imaps_haproxy {
address = 10.10.189.42
haproxy = yes
port = 10993
ssl = yes
}
}
service lmtp {
inet_listener lmtp {
address = 10.10.189.42
port = 24
}
}
service pop3-login {
inet_listener pop3_haproxy {
address = 10.10.189.42
haproxy = yes
port = 10110
}
inet_listener pop3s_haproxy {
address = 10.10.189.42
haproxy = yes
port = 10995
ssl = yes
}
}
ssl_ca = 