On 2023-05-04 21:31, Aki Tuomi via dovecot wrote:
On 04/05/2023 21:28 EEST efeizbudak@disroot.org wrote:
On 2023-05-04 21:25, Aki Tuomi wrote:
On 04/05/2023 21:20 EEST efeizbudak@disroot.org wrote:
On 2023-05-04 21:16, Aki Tuomi wrote:
On 04/05/2023 21:09 EEST Aki Tuomi via dovecot <dovecot@dovecot.org> wrote:
> On 04/05/2023 21:08 EEST efeizbudak@disroot.org wrote: > > > On 2023-05-04 20:53, Aki Tuomi via dovecot wrote: > >> On 04/05/2023 20:11 EEST efeizbudak--- via dovecot > >> <dovecot@dovecot.org> wrote: > >> > >> > >> Hi all, > >> > >> So recently google has been trying to send email to dmarc@domain.com > >> on > >> my server but I'm using encrypted storage and since the dmarc user has > >> no password the email is being rejected with the error: > >> > >> May 4 16:51:50 domain dovecot: > >> lda(dmarc)<3326><l0J9NabiU2T+DAAA1iAyAg>: Error: sieve: > >> msgid=<10341808348719730099@google.com>: failed to store into mailbox > >> 'INBOX': generate_keypair(INBOX) failed: > >> mail_crypt_require_encrypted_user_key set, cannot generate user > >> keypair > >> without password or key > >> > >> How can I fix this, or at least read what the mail says? Would it be > >> safe to just give dmarc user a strong password? > > > > You can run > > > > doveadm mailbox cryptokey generate -U dmarc -N > > > > so the user will have a keypair generated. Then it should work. > > > > Aki > > I'm getting > > generate: invalid option -- 'N' > > should I just run it without -N ? > > Thank you!
Please keep responses on the list.
Try -n password? I have a faint recall of a buggy version like this.
Aki
Sorry for replying twice, I'm getting doveadm(root): Error: Couldn't drop privileges: User is missing UID (see mail_uid setting) when I try to run it without the -N op
Sorry, my bad.
doveadm mailbox cryptokey generate -U -u dmarc -n password
Aki This too gives me
generate: invalid option -- 'n'
So it seems. Have to investigate this.
In the mean time, can you try just
doveadm mailbox cryptokey generate -U -u dmarc
If you want, you can do
doveadm mailbox cryptokey password -u user -U -N
which hopefully should work.
Aki First one gives,
doveadm(dmarc): Error: mail_crypt_user_generate_keypair(dmarc) failed: mail_crypt_require_encrypted_user_key set, cannot generate user keypair without password or key doveadm(dmarc): Warning: mailbox cryptokey generate: Nothing was matched. Use -U or specify mask? doveadm(dmarc): Panic: file mail-user.c: line 229 (mail_user_deinit): assertion failed: ((*user)->refcount == 1) doveadm(dmarc): Error: Raw backtrace: /usr/lib/dovecot/libdovecot.so.0(backtrace_append+0x42) [0x7fe3f93e04e2] -> /usr/lib/dovecot/libdovecot.so.0(backtrace_get+0x1e) [0x7fe3f93e05fe] -> /usr/lib/dovecot/libdovecot.so.0(+0xfc49b) [0x7fe3f93ec49b] -> /usr/lib/dovecot/libdovecot.so.0(+0xfc4d1) [0x7fe3f93ec4d1] -> /usr/lib/dovecot/libdovecot.so.0(+0x53aee) [0x7fe3f9343aee] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x407c9) [0x7fe3f94f47c9] -> doveadm(+0x31bcd) [0x55c2ab3d7bcd] -> doveadm(+0x32632) [0x55c2ab3d8632] -> doveadm(doveadm_cmd_ver2_to_mail_cmd_wrapper+0x22d) [0x55c2ab3d94ad] -> doveadm(doveadm_cmd_run_ver2+0x4c8) [0x55c2ab3e9b88] -> doveadm(doveadm_cmd_try_run_ver2+0x3a) [0x55c2ab3e9bda] -> doveadm(main+0x1d0) [0x55c2ab3c8450] -> /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xea) [0x7fe3f8f9fd0a] -> doveadm(_start+0x2a) [0x55c2ab3c892a] Aborted
And the second one gives,
password: invalid option -- 'U'
Thank you for looking into it!
Sorry, this is bit annoying issue. Seems there was a slight oversight when this option was added.. anyways...
try
doveadm -o plugin/mail_crypt_require_encrypted_user_key=no mailbox cryptokey generate -U -u dmarc
maybe it works?
Aki This gives the same error as the above that starts with
doveadm(dmarc): Error: mail_crypt_user_generate_keypair(dmarc) failed: mail_crypt_require_encrypted_user_key set, cannot generate user keypair without password or key