Hi,
recently I have migrated our prevoius dovecot-lda to 2.2 with director + lmtp.
And we are having some issues. When lmtp delivers to ldap uid names everything works except sieve vacation (login is not found in headers so reply is not sent).
When using full email addresses in rcpt to vacation works but usernames are inconsistent (one user can login using his email address, or aliases, or uid). To fix that in ldap settings a have added uid=user which should be setting the username to approperate values.
Most of the times it works but some deliveries are using email addresses not ldap uid's which seems to break dict quota's. It's must be related to auth cache (flushing the cache fixes the issue temporarly for given account). I think that the cache can be "polluted" by some other dovecot service.
Does anyone have an idea where this can be comming from ?
doveadm auth lookup -f user mon@test.com returns expected ldap uid no email address
Thanks in advance for any help.
Michal Grzedzicki
from dovecot-ldap.conf.ext from backends
user_attrs = uid=user, mailMessageStore=home, mailQuotaSize=quota_rule=*:bytes=%$ user_filter = (&(&(!(accountStatus=deleted))(objectClass=qMailUser))(|(mail=%u)(uid=%u)(mailAlternateAddress=%u)))
pass_attrs = uid=user,userPassword=password pass_filter = (&(objectClass=qMailUser)(|(mail=%u)(uid=%u)(mailAlternateAddress=%u)))
iterate_attrs = uid=user iterate_filter = (&(&(objectClass=qmailUser)(!(accountStatus=deleted))))
director is doing the authorization and passing it to the backend using a master user
protocol lmtp { passdb { args = proxy=y nopassword=y port=24 } }
backend doveconf -n
# 2.2.15: /etc/dovecot/dovecot.conf
# OS: Linux 3.2.0-4-amd64 x86_64 Debian 7.7
auth_cache_negative_ttl = 5 mins
auth_cache_size = 10 M
auth_cache_ttl = 5 mins
auth_debug = yes
auth_master_user_separator = *
auth_mechanisms = plain login
auth_username_format = %u
auth_verbose = yes
base_dir = /var/run/dovecot/
deliver_log_format = msgid=%m f:%f s:%s %$
disable_plaintext_auth = no
first_valid_gid = 300
first_valid_uid = 300
import_environment = TZ
last_valid_gid = 300
last_valid_uid = 300
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes
lda_original_recipient_header = Delivered-To
login_greeting = Imap ready.
mail_debug = yes
mail_gid = 300
mail_location = maildir:~/Maildir:INDEX=/var/dovecot_indexes%h
mail_plugins = quota expire notify mail_log
mail_uid = 300
maildir_very_dirty_syncs = yes
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave duplicate
namespace inbox {
inbox = yes
location =
mailbox Drafts {
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox SPAM {
special_use = \Junk
}
mailbox Sent {
special_use = \Sent
}
mailbox "Sent Messages" {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}
prefix =
}
passdb {
args = /etc/dovecot/master-users
driver = passwd-file
master = yes
pass = yes
}
passdb {
args = /etc/dovecot/dovecot-ldap.conf.ext
driver = ldap
}
plugin {
expire = SPAM
expire_dict = redis:host=127.0.0.1:prefix=expire/
mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename
mail_log_fields = uid box msgid from subject size
quota = dict:User quota::redis:host=127.0.0.1:prefix=user/
quota_warning = storage=95%% quota-warning 95 %u
quota_warning2 = storage=80%% quota-warning 80 %u
sieve_global_dir = /etc/sieve_global
sieve_max_redirects = 20
}
postmaster_address = postmaster@iq.pl
protocols = imap pop3 lmtp sieve
recipient_delimiter =
service auth {
unix_listener auth-userdb {
mode = 0777
}
}
service dict {
unix_listener dict {
group = vmail
user = vmail
}
}
service doveadm {
inet_listener {
port = 2424
}
}
service imap-login {
process_min_avail = 8
service_count = 0
}
service imap {
process_limit = 14000
}
service lmtp {
inet_listener lmtp {
address = dovecot1
port = 24
}
process_min_avail = 5
user = vmail
}
service managesieve-login {
inet_listener sieve {
address = 0.0.0.0
port = 4090
}
protocol = sieve
}
service pop3-login {
process_min_avail = 8
service_count = 0
}
service pop3 {
process_limit = 10000
}
service quota-warning {
executable = script /usr/local/bin/quota_warning.sh
unix_listener quota-warning {
user = vmail
}
user = vmail
}
ssl = no
syslog_facility = local2
userdb {
args = /etc/dovecot/dovecot-ldap.conf.ext
driver = ldap
}
verbose_proctitle = yes
protocol lmtp {
auth_username_format = %u
info_log_path = /var/log/dovecot-lmtp
mail_plugins = quota expire notify mail_log sieve
syslog_facility = local3
}
protocol lda {
mail_plugins = quota expire notify mail_log sieve
syslog_facility = local3
}
protocol imap {
mail_max_userip_connections = 30
mail_plugins = quota expire notify mail_log imap_quota
}