On April 14, 2017 at 3:04 AM David Mehler <dave.mehler@gmail.com> wrote:
Hello,
I'm running dovecot 2.29 on a freebsd 10.3 system. I'm wanting to optimize how the system is running and have a few misc questions.
First ssl, is my cipher list good? I'm trying for pfs and wanting to ensure these cipherlist is appropriate:
ssl_cipher_list = EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH
I would add @STRENGTH to the end, so it'll get sorted by strengthness.
Next, a new feature that I'm trying for is virtual folders that store All messages. My understanding of this is that it stores a version of every received message in one place? I've got the virtual plugin loaded and have:
mailbox virtual/All { comment = All my messages special_use = \All }
I've got a directory /home/vmail/example.com/username/virtual under which is an ALL folder both directories are accessible to the vmail user, yet there's no contents in this folder and it's showing up nowhere.
Configuring virtual all folder:
namespace { prefix = virtual location = virtual:/etc/dovecot/virtual:INDEX=%h/virtual comment = All my messages special_use = \All mailbox All { auto = subscribe } }
==== /etc/dovecot/virtual/All/dovecot-virtual ==== * all ==== EOF ===
Next, quota warnings, are not being sent at all. I set up a testuser with a quota of 2 mb, then sent a message to that user getting the box to 95% full, and no message. Took the user overquota with the next message, still nothing, and a third message did trigger my custom quota exceeded message and the message was bounced.
I would recommend you using
mail_plugins = $mail_plugins quota quota_clone
plugin { quota = count:User quota quota_clone_dict = proxy::sqlquota quota_vsizes = true }
Also,
"Note that the warning is ONLY executed at the exact time when the limit is being crossed, so when you're testing it you have to do it by crossing the limit by saving a new mail. If something else besides Dovecot updates quota so that the limit is crossed, the warning is never executed."
I'm wanting to implement public folders. My mailboxes are all virtual, and they are stored under /home/vmail/example.com/username and /home/vmail/example.org/username in the maildir format. I've got one user uid and gid of 999 name of vmail who owns all the mailboxes. I've separated out public folders storing them under /home/vmail/public. I've created one mailbox called TestFolder and new, cur, and tmp directories under it. This is what it looks like:
<snip />
The public/TestFolder is showing up fine and I can switch to it. The public/TestFolder1 is not showing up at all so I'm not seeing it and can't switch to it. Any ideas?
Not sure why it's not showing up, *but*, you could add :INDEXPVT=%h/public to the folder, to keep per-user indexes separate.
My second question involves public folders and domain sharing. Are public folders accessible to all users and all domains? I've got two domains example.com and example.org i'd like to create a folder that some users in example.com can share with some users in example.org, not necessarily all users in those domains should be able to see the folders.
Dovecot does not, as per such, care about your domains. It cares about user names. If you want to do this kind of thing, please consult ACL plugin. https://wiki2.dovecot.org/ACL
Ideas welcome.
Thanks. Dave.
Some other comments, if you are using SSL, you can drop cram-md5 as auth mech, it's not storage-safe.
you should use mail_location = maildir:~/maildir:LAYOUT=fs
to avoid your other things in user's home being interprepted as mail directories.
why are you setting these? maildir_broken_filename_sizes = yes maildir_empty_new = yes maildir_very_dirty_syncs = yes
and in general I see lots of overconfiguring, dovecot defaults are usually right, and setting various things just for the fun of it, can cause problems.
Aki