[Dovecot] Understanding Sockets
Hi,
Just trying to consolidate my knowledge of Dovecot and I want to understand various things rather than just key out lines of config in dovecot.conf with the hope of it working.
What I wanted to clarify is my understanding the "socket listen" section of the config file. From my limited understanding, this section details how other processes can access the userdb defined in Dovecot. The master socket is used for "internal" processes which is mainly dovecot-lda so that when Dovecot receives mail it knows where to deliver it and client is defined for "external" processes, for example Postfix who would use the info to determine if a user existed. Would you say this is a fair (albeit) dumbed down!!) synopsis of sockets and their purpose?
Thanks in advance!
Tim
At 10PM +0000 on 20/12/12 Tim Smith wrote:
Just trying to consolidate my knowledge of Dovecot and I want to understand various things rather than just key out lines of config in dovecot.conf with the hope of it working.
What I wanted to clarify is my understanding the "socket listen" section of the config file. From my limited understanding, this section details how other processes can access the userdb defined in Dovecot. The master socket is used for "internal" processes which is mainly dovecot-lda so that when Dovecot receives mail it knows where to deliver it and client is defined for "external" processes, for example Postfix who would use the info to determine if a user existed. Would you say this is a fair (albeit) dumbed down!!) synopsis of sockets and their purpose?
Your mention of 'socket listen' and 'master' auth sockets suggests you are using Dovecot 1.x. That description is pretty-much correct for 1.x, however you should upgrade to 2.x as soon as you reasonably can, since 1.x is no longer supported. See http://wiki2.dovecot.org/Services#auth for a description of the socket types available with Dovecot 2.
[The statement there that 'client' sockets can safely be exposed to the entire world, including over inet sockets, is not entirely true. AFAIK there is no rate limiting, so an exposed 'client' socket is a password oracle and should therefore be somewhat protected. The risk is approximately equivalent to an unshadowed password file, with the encrypted passwords exposed.]
Ben
Thanks Ben,
I'm using an Ubuntu Server OS (10.04) and it seems that the latest package they provide is 1.2.9.
Do you know if anyone has had any success getting a Dovecot 2 package on this Ubuntu distro and how they went about it (Not comfortable compiling sources at this point!!)?
Tim
On 21/12/12 00:21, Ben Morrow wrote:
At 10PM +0000 on 20/12/12 Tim Smith wrote:
Just trying to consolidate my knowledge of Dovecot and I want to understand various things rather than just key out lines of config in dovecot.conf with the hope of it working.
What I wanted to clarify is my understanding the "socket listen" section of the config file. From my limited understanding, this section details how other processes can access the userdb defined in Dovecot. The master socket is used for "internal" processes which is mainly dovecot-lda so that when Dovecot receives mail it knows where to deliver it and client is defined for "external" processes, for example Postfix who would use the info to determine if a user existed. Would you say this is a fair (albeit) dumbed down!!) synopsis of sockets and their purpose? Your mention of 'socket listen' and 'master' auth sockets suggests you are using Dovecot 1.x. That description is pretty-much correct for 1.x, however you should upgrade to 2.x as soon as you reasonably can, since 1.x is no longer supported. See http://wiki2.dovecot.org/Services#auth for a description of the socket types available with Dovecot 2.
[The statement there that 'client' sockets can safely be exposed to the entire world, including over inet sockets, is not entirely true. AFAIK there is no rate limiting, so an exposed 'client' socket is a password oracle and should therefore be somewhat protected. The risk is approximately equivalent to an unshadowed password file, with the encrypted passwords exposed.]
Ben
Hi Tim,
Tim Smith wrote:
I'm using an Ubuntu Server OS (10.04) and it seems that the latest package they provide is 1.2.9.
Do you know if anyone has had any success getting a Dovecot 2 package on this Ubuntu distro and how they went about it (Not comfortable compiling sources at this point!!)?
We downloaded the ubuntu dovecot source package from packages.ubuntu.com and updated the dovecot tarball to a current 2.x version using the uupdate tool (comes with ubuntu).
Then we replaced the pigeonhole directory with a current version from the pigeonhole tarball to fix some crashing bug regarding managesieve.
With dch -i you can edit the changelog and increase package version or patchlevel.
Finally build the deb packages with dpkg-buildpackage -b -uc -us
Good luck, Daniel
I'm a bit green around the gills with this kind of thing.
I download the original source at http://packages.ubuntu.com/source/precise/mail/dovecot
And the Pigeonhole source at http://pigeonhole.dovecot.org/download.html
This is where I got stuck really - I wasn't sure how to integrate the pigeonhole source into the dovecot source.
<http://packages.ubuntu.com/source/precise/mail/dovecot> On 21/12/12 12:15, Daniel Parthey wrote:
Hi Tim,
Tim Smith wrote:
I'm using an Ubuntu Server OS (10.04) and it seems that the latest package they provide is 1.2.9.
Do you know if anyone has had any success getting a Dovecot 2 package on this Ubuntu distro and how they went about it (Not comfortable compiling sources at this point!!)? We downloaded the ubuntu dovecot source package from packages.ubuntu.com and updated the dovecot tarball to a current 2.x version using the uupdate tool (comes with ubuntu).
Then we replaced the pigeonhole directory with a current version from the pigeonhole tarball to fix some crashing bug regarding managesieve.
With dch -i you can edit the changelog and increase package version or patchlevel.
Finally build the deb packages with dpkg-buildpackage -b -uc -us
Good luck, Daniel
Tim Smith wrote:
This is where I got stuck really - I wasn't sure how to integrate the pigeonhole source into the dovecot source. <http://packages.ubuntu.com/source/precise/mail/dovecot>
You extract the dovecot source package with dpkg-source -x dovecot*.dsc there should be a pigeonhole directory somewhere in the extracted dovecot-$VERSION directory.
The old pigeonhole version is included in the dovecot*.diff of the ubuntu source package.
Just untar the download from pigeonhole and replace the pigeonhole directory in the dovecot-$VERSION directory with the new pigeonhole directory from the download.
In order to include current dovecot versions, you will need to run uupdate to integrate the new tarball into the package. See uupdate --help
Then you can build the package as described in previous mails.
Regards Daniel
Why are people shit scared of abandoning these antiquated distro versions and using the "source"
On Fri, 2012-12-21 at 08:37 +0000, Tim Smith wrote:
Thanks Ben,
I'm using an Ubuntu Server OS (10.04) and it seems that the latest package they provide is 1.2.9.
Do you know if anyone has had any success getting a Dovecot 2 package on this Ubuntu distro and how they went about it (Not comfortable compiling sources at this point!!)?
because they are too lazy to lern how tu buld packages for their distribution which is at least for redhat-based distribution trivial
it is no rocket science to take the existing source package, replace the tarball and after change some lines in the SPEC-fle rebuild
on the other hand - Ubuntu Server OS (10.04) whoever installed this crap (sorry but ubuntu prdouction is a joke) knew that there wll be no upgrades because that is why LTS versions are there - you can not have both
Am 22.12.2012 03:04, schrieb Noel Butler:
Why are people shit scared of abandoning these antiquated distro versions and using the "source"
On Fri, 2012-12-21 at 08:37 +0000, Tim Smith wrote:
Thanks Ben,
I'm using an Ubuntu Server OS (10.04) and it seems that the latest package they provide is 1.2.9.
Do you know if anyone has had any success getting a Dovecot 2 package on this Ubuntu distro and how they went about it (Not comfortable compiling sources at this point!!)?
On 12/22/2012 09:50 AM, Reindl Harald wrote:
because they are too lazy to lern how tu buld packages for their distribution which is at least for redhat-based distribution trivial
Calling people lazy is a bit over the top now isn't it? The reason that organizations use Red Hat RHEL is, among other things, support. And Red Hat only supports what they ship. The ability to create an RPM of the latest version is not the issue. Loosing support for that piece of software because you rolled your own is.
Regards, Patrick
Am 22.12.2012 12:16, schrieb Patrick Lists:
On 12/22/2012 09:50 AM, Reindl Harald wrote:
because they are too lazy to lern how tu buld packages for their distribution which is at least for redhat-based distribution trivial
Calling people lazy is a bit over the top now isn't it? The reason that organizations use Red Hat RHEL is, among other things, support. And Red Hat only supports what they ship. The ability to create an RPM of the latest version is not the issue. Loosing support for that piece of software because you rolled your own is.
you missed the context of the question "where can i get a more recent build"
Am 22.12.2012 12:16, schrieb Patrick Lists:
On 12/22/2012 09:50 AM, Reindl Harald wrote:
because they are too lazy to lern how tu buld packages for their distribution which is at least for redhat-based distribution trivial
Calling people lazy is a bit over the top now isn't it? The reason that organizations use Red Hat RHEL is, among other things, support. And Red Hat only supports what they ship. The ability to create an RPM of the latest version is not the issue. Loosing support for that piece of software because you rolled your own is
besides the context "where can i get recenct binary builds?"
so then they should call their paid support and leave us in peace with since years outdated versions nobody on the list is using
participants (6)
-
Ben Morrow
-
Daniel Parthey
-
Noel Butler
-
Patrick Lists
-
Reindl Harald
-
Tim Smith