quota-status returns quota_status_success when email would put user over quota
Hi list,
I am attempting to get quota-status service working, so I can deny email at the initial smtp dialog instead of generating bounces with lda.
I can't seem to get quota-status to return quota_status_overquota, even when an email would put an account over quota.
Quota in general works fine: Jan 22 06:39:23 mail dovecot: lda(xx@yy.dk): msgid=25c5bdb20d58fc4f649f716a947613dc@zz.org: save failed to INBOX: Quota exceeded (mailbox for user is full) Jan 22 06:39:23 mail dovecot: lda(xx@yy.dk): msgid=25c5bdb20d58fc4f649f716a947613dc@zz.org: rejected: Quota exceeded (mailbox for user is full)
The system is a pretty standard debian 8 box running virtually on a
kvm/ovirt cluster:
root@mail:~# dpkg --list | grep dovec
ii dovecot-core 1:2.2.13-12~deb8u1 amd64
secure POP3/IMAP server - core files
ii dovecot-imapd 1:2.2.13-12~deb8u1 amd64
secure POP3/IMAP server - IMAP daemon
ii dovecot-lmtpd 1:2.2.13-12~deb8u1 amd64
secure POP3/IMAP server - LMTP server
ii dovecot-mysql 1:2.2.13-12~deb8u1 amd64
secure POP3/IMAP server - MySQL support
ii dovecot-pop3d 1:2.2.13-12~deb8u1 amd64
secure POP3/IMAP server - POP3 daemon
Mail storage is local XFS partitions as far as the dovecot server knows. Behind the scene its actually raw disk images on NFS shares from a SAN towards the kvm/ovirt cluster.
I test by using nc towards the quota-status instance: root@mail:~# printf "recipient=kptest@asom-net.dk\nsize=1000000000\n\n" | nc -q1 localhost 12340 action=DUNNO
User has 500MB quota: mysql> SELECT CONCAT('/data/vmail/',CONCAT(SUBSTRING_INDEX(email,'@',-1),'/',SUBSTRING_INDEX(email,'@',1))) AS home, 110 AS uid, 110 AS gid, CONCAT('*:storage=',mailquota,'M') AS quota_rule FROM virtual_users WHERE email='kptest@asom-net.dk'; +--------------------------------+-----+-----+----------------+ | home | uid | gid | quota_rule | +--------------------------------+-----+-----+----------------+ | /data/vmail/asom-net.dk/kptest | 110 | 110 | *:storage=500M | +--------------------------------+-----+-----+----------------+ 1 row in set (0.00 sec)
maildirsize seems ok: root@mail:~# cat /data/vmail/asom-net.dk/kptest/maildirsize 524288000S 685 1 690 1
Quota-status will return unknown user if that is the case: root@mail:~# printf "recipient=kptest2@asom-net.dk\nsize=1000000000\n\n" | nc -q1 localhost 12340 action=551 5.5.1 User not found
Log file (with mail_debug = yes): Jan 12 16:52:21 mail dovecot: quota-status: Debug: auth input: kptest@asom-net.dk home=/data/vmail/asom-net.dk/kptest uid=110 gid=110 quota_rule=*:storage=500M Jan 12 16:52:21 mail dovecot: quota-status: Debug: Added userdb setting: plugin/quota_rule=*:storage=500M Jan 12 16:52:21 mail dovecot: quota-status(kptest@asom-net.dk): Debug: Effective uid=110, gid=110, home=/data/vmail/asom-net.dk/kptest Jan 12 16:52:21 mail dovecot: quota-status(kptest@asom-net.dk): Debug: Namespace inbox: type=private, prefix=, sep=, inbox=yes, hidden=no, list=yes, subscriptions=yes location=maildir:/data/vmail/asom-net.dk/kptest/ Jan 12 16:52:21 mail dovecot: quota-status(kptest@asom-net.dk): Debug: maildir++: root=/data/vmail/asom-net.dk/kptest, index=, indexpvt=, control=, inbox=/data/vmail/asom-net.dk/kptest, alt=
dovecot -n: # 2.2.13: /etc/dovecot/dovecot.conf # OS: Linux 3.16.0-4-amd64 x86_64 Debian 8.6 ext4 auth_default_realm = vejen-net.dk auth_mechanisms = plain login auth_verbose = yes disable_plaintext_auth = no first_valid_uid = 110 log_timestamp = "%Y-%m-%d %H:%M:%S " mail_debug = yes mail_location = maildir:/data/vmail/%d/%n/ mail_privileged_group = mail namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = /etc/dovecot/local-sql.conf driver = sql } plugin { quota = maildir:User quota quota_rule = *:storage=200M quota_status_nouser = 551 5.5.1 User not found quota_status_overquota = 552 5.2.2 Mailbox is full quota_status_success = DUNNO } protocols = imap pop3 service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } unix_listener auth-master { mode = 0600 user = vmail } user = root } service imap-login { client_limit = 1024 process_limit = 256 process_min_avail = 8 service_count = 0 vsz_limit = 512 M } service imap { process_limit = 10240 } service pop3-login { client_limit = 512 process_limit = 256 process_min_avail = 8 service_count = 0 vsz_limit = 512 M } service pop3 { process_limit = 10240 } service quota-status { client_limit = 1 executable = /usr/lib/dovecot/quota-status -p postfix inet_listener { port = 12340 } } ssl_cert =
local-sql.conf: driver = mysql connect = host=xyz dbname=xyz user=xyz password=xyz default_pass_scheme = CRYPT password_query = SELECT email as user, password FROM virtual_users WHERE email='%u'; user_query = SELECT CONCAT('/data/vmail/',CONCAT(SUBSTRING_INDEX(email,'@',-1),'/',SUBSTRING_INDEX(email,'@',1))) AS home, 110 AS uid, 110 AS gid, CONCAT('*:storage=',mailquota,'M') AS quota_rule FROM virtual_users WHERE email='%u';
If I do a strace on the quota-status PID, it seems to do a stat on the directory and then give up? Not sure Im interpreting it correct (only including the last few lines): ... lseek(14, 833, SEEK_SET) = 833 munmap(0x7f165d32a000, 833) = 0 close(14) = 0 geteuid() = 0 getegid() = 110 getgid() = 110 getegid() = 110 setgroups(1, [110]) = 0 setresuid(-1, 110, -1) = 0 prctl(PR_SET_DUMPABLE, 1) = 0 stat("/data/vmail/asom-net.dk/kptest", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 prctl(PR_SET_DUMPABLE, 1) = 0 setsockopt(12, SOL_TCP, TCP_CORK, [1], 4) = 0 write(12, "action=DUNNO\n\n", 14) = 14 setsockopt(12, SOL_TCP, TCP_CORK, [0], 4) = 0 epoll_wait(11, {{EPOLLIN, {u32=1593554016, u64=139734059562080}}}, 5, 59999) = 1 read(12, "", 8146) = 0 epoll_ctl(11, EPOLL_CTL_DEL, 12, 7fff0be817a0) = 0 close(12) = 0 epoll_wait(11, {}, 5, 1000) = 0 write(5, "\35q\1\0007\10\0\0\1\0\0\0", 12) = 12 epoll_wait(11, ...
It seems like sort of permission issue? root@mail:~# su - vmail No directory, logging in with HOME=/ $ id -a uid=110(vmail) gid=110(vmail) groups=110(vmail) $ cat /data/vmail/asom-net.dk/kptest/maildirsize 524288000S 685 1 690 1
/data/vmail/asom-net.dk is actually a symlink, maybe that could be of importance?: root@mail:~# ls -ld /data/vmail/asom-net.dk lrwxrwxrwx 1 root root 19 Jan 9 11:18 /data/vmail/asom-net.dk -> ../mnt1/asom-net.dk
root@mail:~# ls -ld /data/mnt1/asom-net.dk/ drwxrwx--- 45 vmail vmail 4096 Dec 15 10:54 /data/mnt1/asom-net.dk/
root@mail:~# ls -ld /data/mnt1/asom-net.dk/kptest/ drwx------ 9 vmail vmail 4096 Jan 23 08:55 /data/mnt1/asom-net.dk/kptest/
root@mail:~# ls -ld /data/mnt1/asom-net.dk/kptest/maildirsize -rw------- 1 vmail vmail 23 Jan 12 16:50 /data/mnt1/asom-net.dk/kptest/maildirsize
Anyone have any idea what might be wrong here?
Regards,
-- Kristian Pedersen ASOM-Net Systemadministrator www.asom-net.dk Telefon: 44 400 970
Hi list,
We still did not manage to get quota-status working. We're hoping someone can provide some feedback/ideas on how we may investigate this issue further? Is it likely to be a bug fixed in a newer version?
Regards,
Kristian
On 2017-01-24 09:25, Kristian Pedersen wrote:
Hi list,
I am attempting to get quota-status service working, so I can deny email at the initial smtp dialog instead of generating bounces with lda.
I can't seem to get quota-status to return quota_status_overquota, even when an email would put an account over quota.
Quota in general works fine: Jan 22 06:39:23 mail dovecot: lda(xx@yy.dk): msgid=25c5bdb20d58fc4f649f716a947613dc@zz.org: save failed to INBOX: Quota exceeded (mailbox for user is full) Jan 22 06:39:23 mail dovecot: lda(xx@yy.dk): msgid=25c5bdb20d58fc4f649f716a947613dc@zz.org: rejected: Quota exceeded (mailbox for user is full)
The system is a pretty standard debian 8 box running virtually on a kvm/ovirt cluster: root@mail:~# dpkg --list | grep dovec ii dovecot-core 1:2.2.13-12~deb8u1 amd64 secure POP3/IMAP server - core files ii dovecot-imapd 1:2.2.13-12~deb8u1 amd64 secure POP3/IMAP server - IMAP daemon ii dovecot-lmtpd 1:2.2.13-12~deb8u1 amd64 secure POP3/IMAP server - LMTP server ii dovecot-mysql 1:2.2.13-12~deb8u1 amd64 secure POP3/IMAP server - MySQL support ii dovecot-pop3d 1:2.2.13-12~deb8u1 amd64 secure POP3/IMAP server - POP3 daemon
Mail storage is local XFS partitions as far as the dovecot server knows. Behind the scene its actually raw disk images on NFS shares from a SAN towards the kvm/ovirt cluster.
I test by using nc towards the quota-status instance: root@mail:~# printf "recipient=kptest@asom-net.dk\nsize=1000000000\n\n" | nc -q1 localhost 12340 action=DUNNO
User has 500MB quota: mysql> SELECT CONCAT('/data/vmail/',CONCAT(SUBSTRING_INDEX(email,'@',-1),'/',SUBSTRING_INDEX(email,'@',1))) AS home, 110 AS uid, 110 AS gid, CONCAT('*:storage=',mailquota,'M') AS quota_rule FROM virtual_users WHERE email='kptest@asom-net.dk'; +--------------------------------+-----+-----+----------------+ | home | uid | gid | quota_rule | +--------------------------------+-----+-----+----------------+ | /data/vmail/asom-net.dk/kptest | 110 | 110 | *:storage=500M | +--------------------------------+-----+-----+----------------+ 1 row in set (0.00 sec)
maildirsize seems ok: root@mail:~# cat /data/vmail/asom-net.dk/kptest/maildirsize 524288000S 685 1 690 1
Quota-status will return unknown user if that is the case: root@mail:~# printf "recipient=kptest2@asom-net.dk\nsize=1000000000\n\n" | nc -q1 localhost 12340 action=551 5.5.1 User not found
Log file (with mail_debug = yes): Jan 12 16:52:21 mail dovecot: quota-status: Debug: auth input: kptest@asom-net.dk home=/data/vmail/asom-net.dk/kptest uid=110 gid=110 quota_rule=*:storage=500M Jan 12 16:52:21 mail dovecot: quota-status: Debug: Added userdb setting: plugin/quota_rule=*:storage=500M Jan 12 16:52:21 mail dovecot: quota-status(kptest@asom-net.dk): Debug: Effective uid=110, gid=110, home=/data/vmail/asom-net.dk/kptest Jan 12 16:52:21 mail dovecot: quota-status(kptest@asom-net.dk): Debug: Namespace inbox: type=private, prefix=, sep=, inbox=yes, hidden=no, list=yes, subscriptions=yes location=maildir:/data/vmail/asom-net.dk/kptest/ Jan 12 16:52:21 mail dovecot: quota-status(kptest@asom-net.dk): Debug: maildir++: root=/data/vmail/asom-net.dk/kptest, index=, indexpvt=, control=, inbox=/data/vmail/asom-net.dk/kptest, alt=
dovecot -n: # 2.2.13: /etc/dovecot/dovecot.conf # OS: Linux 3.16.0-4-amd64 x86_64 Debian 8.6 ext4 auth_default_realm = vejen-net.dk auth_mechanisms = plain login auth_verbose = yes disable_plaintext_auth = no first_valid_uid = 110 log_timestamp = "%Y-%m-%d %H:%M:%S " mail_debug = yes mail_location = maildir:/data/vmail/%d/%n/ mail_privileged_group = mail namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = /etc/dovecot/local-sql.conf driver = sql } plugin { quota = maildir:User quota quota_rule = *:storage=200M quota_status_nouser = 551 5.5.1 User not found quota_status_overquota = 552 5.2.2 Mailbox is full quota_status_success = DUNNO } protocols = imap pop3 service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } unix_listener auth-master { mode = 0600 user = vmail } user = root } service imap-login { client_limit = 1024 process_limit = 256 process_min_avail = 8 service_count = 0 vsz_limit = 512 M } service imap { process_limit = 10240 } service pop3-login { client_limit = 512 process_limit = 256 process_min_avail = 8 service_count = 0 vsz_limit = 512 M } service pop3 { process_limit = 10240 } service quota-status { client_limit = 1 executable = /usr/lib/dovecot/quota-status -p postfix inet_listener { port = 12340 } } ssl_cert =
local-sql.conf: driver = mysql connect = host=xyz dbname=xyz user=xyz password=xyz default_pass_scheme = CRYPT password_query = SELECT email as user, password FROM virtual_users WHERE email='%u'; user_query = SELECT CONCAT('/data/vmail/',CONCAT(SUBSTRING_INDEX(email,'@',-1),'/',SUBSTRING_INDEX(email,'@',1))) AS home, 110 AS uid, 110 AS gid, CONCAT('*:storage=',mailquota,'M') AS quota_rule FROM virtual_users WHERE email='%u';
If I do a strace on the quota-status PID, it seems to do a stat on the directory and then give up? Not sure Im interpreting it correct (only including the last few lines): ... lseek(14, 833, SEEK_SET) = 833 munmap(0x7f165d32a000, 833) = 0 close(14) = 0 geteuid() = 0 getegid() = 110 getgid() = 110 getegid() = 110 setgroups(1, [110]) = 0 setresuid(-1, 110, -1) = 0 prctl(PR_SET_DUMPABLE, 1) = 0 stat("/data/vmail/asom-net.dk/kptest", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 prctl(PR_SET_DUMPABLE, 1) = 0 setsockopt(12, SOL_TCP, TCP_CORK, [1], 4) = 0 write(12, "action=DUNNO\n\n", 14) = 14 setsockopt(12, SOL_TCP, TCP_CORK, [0], 4) = 0 epoll_wait(11, {{EPOLLIN, {u32=1593554016, u64=139734059562080}}}, 5, 59999) = 1 read(12, "", 8146) = 0 epoll_ctl(11, EPOLL_CTL_DEL, 12, 7fff0be817a0) = 0 close(12) = 0 epoll_wait(11, {}, 5, 1000) = 0 write(5, "\35q\1\0007\10\0\0\1\0\0\0", 12) = 12 epoll_wait(11, ...
It seems like sort of permission issue? root@mail:~# su - vmail No directory, logging in with HOME=/ $ id -a uid=110(vmail) gid=110(vmail) groups=110(vmail) $ cat /data/vmail/asom-net.dk/kptest/maildirsize 524288000S 685 1 690 1
/data/vmail/asom-net.dk is actually a symlink, maybe that could be of importance?: root@mail:~# ls -ld /data/vmail/asom-net.dk lrwxrwxrwx 1 root root 19 Jan 9 11:18 /data/vmail/asom-net.dk -> ../mnt1/asom-net.dk
root@mail:~# ls -ld /data/mnt1/asom-net.dk/ drwxrwx--- 45 vmail vmail 4096 Dec 15 10:54 /data/mnt1/asom-net.dk/
root@mail:~# ls -ld /data/mnt1/asom-net.dk/kptest/ drwx------ 9 vmail vmail 4096 Jan 23 08:55 /data/mnt1/asom-net.dk/kptest/
root@mail:~# ls -ld /data/mnt1/asom-net.dk/kptest/maildirsize -rw------- 1 vmail vmail 23 Jan 12 16:50 /data/mnt1/asom-net.dk/kptest/maildirsize
Anyone have any idea what might be wrong here?
Regards,
-- Kristian Pedersen ASOM-Net Systemadministrator www.asom-net.dk Telefon: 44 400 970
Am 31. Jänner 2017 16:36:35 MEZ schrieb Kristian Pedersen kp@asom-net.dk:
Hi list,
We still did not manage to get quota-status working. We're hoping someone can provide some feedback/ideas on how we may investigate this issue further? Is it likely to be a bug fixed in a newer version?
Regards,
Kristian
[...]
Quota-status will return unknown user if that is the case: root@mail:~# printf "recipient=kptest2@asom-net.dk\nsize=1000000000\n\n" | nc -q1 localhost 12340 action=551 5.5.1 User not found
Tried this and works here. Doveconf -n output with regards to quota settings is very similar, i use a quota dict, not maildir, spotted one difference i commented in your doveconf -n and i'm using version 2.2.27 from source ...
dovecot -n: # 2.2.13: /etc/dovecot/dovecot.conf # OS: Linux 3.16.0-4-amd64 x86_64 Debian 8.6 ext4 auth_default_realm = vejen-net.dk auth_mechanisms = plain login auth_verbose = yes disable_plaintext_auth = no first_valid_uid = 110 log_timestamp = "%Y-%m-%d %H:%M:%S " mail_debug = yes mail_location = maildir:/data/vmail/%d/%n/
The one line i'm missing here from your doveconf -n output is mail_plugins = " quota" set in conf.d/10-mail.conf
Have you added quota to the global mail plugins setting? http://wiki2.dovecot.org/Quota
mail_privileged_group = mail namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = /etc/dovecot/local-sql.conf driver = sql } plugin { quota = maildir:User quota quota_rule = *:storage=200M quota_status_nouser = 551 5.5.1 User not found quota_status_overquota = 552 5.2.2 Mailbox is full quota_status_success = DUNNO } protocols = imap pop3 service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } unix_listener auth-master { mode = 0600 user = vmail } user = root } service imap-login { client_limit = 1024 process_limit = 256 process_min_avail = 8 service_count = 0 vsz_limit = 512 M } service imap { process_limit = 10240 } service pop3-login { client_limit = 512 process_limit = 256 process_min_avail = 8 service_count = 0 vsz_limit = 512 M } service pop3 { process_limit = 10240 } service quota-status { client_limit = 1 executable = /usr/lib/dovecot/quota-status -p postfix inet_listener { port = 12340 } } ssl_cert =
local-sql.conf: driver = mysql connect = host=xyz dbname=xyz user=xyz password=xyz default_pass_scheme = CRYPT password_query = SELECT email as user, password FROM virtual_users WHERE email='%u'; user_query = SELECT
CONCAT('/data/vmail/',CONCAT(SUBSTRING_INDEX(email,'@',-1),'/',SUBSTRING_INDEX(email,'@',1)))
AS home, 110 AS uid, 110 AS gid, CONCAT('*:storage=',mailquota,'M') AS quota_rule FROM virtual_users WHERE email='%u';
If I do a strace on the quota-status PID, it seems to do a stat on the directory and then give up? Not sure Im interpreting it correct (only
including the last few lines): ... lseek(14, 833, SEEK_SET) = 833 munmap(0x7f165d32a000, 833) = 0 close(14) = 0 geteuid() = 0 getegid() = 110 getgid() = 110 getegid() = 110 setgroups(1, [110]) = 0 setresuid(-1, 110, -1) = 0 prctl(PR_SET_DUMPABLE, 1) = 0 stat("/data/vmail/asom-net.dk/kptest", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 prctl(PR_SET_DUMPABLE, 1) = 0 setsockopt(12, SOL_TCP, TCP_CORK, [1], 4) = 0 write(12, "action=DUNNO\n\n", 14) = 14 setsockopt(12, SOL_TCP, TCP_CORK, [0], 4) = 0 epoll_wait(11, {{EPOLLIN, {u32=1593554016, u64=139734059562080}}}, 5,
- = 1 read(12, "", 8146) = 0 epoll_ctl(11, EPOLL_CTL_DEL, 12, 7fff0be817a0) = 0 close(12) = 0 epoll_wait(11, {}, 5, 1000) = 0 write(5, "\35q\1\0007\10\0\0\1\0\0\0", 12) = 12 epoll_wait(11, ...
It seems like sort of permission issue? root@mail:~# su - vmail No directory, logging in with HOME=/ $ id -a uid=110(vmail) gid=110(vmail) groups=110(vmail) $ cat /data/vmail/asom-net.dk/kptest/maildirsize 524288000S 685 1 690 1
/data/vmail/asom-net.dk is actually a symlink, maybe that could be of
importance?: root@mail:~# ls -ld /data/vmail/asom-net.dk lrwxrwxrwx 1 root root 19 Jan 9 11:18 /data/vmail/asom-net.dk -> ../mnt1/asom-net.dk
root@mail:~# ls -ld /data/mnt1/asom-net.dk/ drwxrwx--- 45 vmail vmail 4096 Dec 15 10:54 /data/mnt1/asom-net.dk/
root@mail:~# ls -ld /data/mnt1/asom-net.dk/kptest/ drwx------ 9 vmail vmail 4096 Jan 23 08:55 /data/mnt1/asom-net.dk/kptest/
root@mail:~# ls -ld /data/mnt1/asom-net.dk/kptest/maildirsize -rw------- 1 vmail vmail 23 Jan 12 16:50 /data/mnt1/asom-net.dk/kptest/maildirsize
Anyone have any idea what might be wrong here?
Regards,
-- Christian Kivalo
Steps to setup quota with status:
mail_plugins = $mail_plugins quota
protocol imap { mail_plugins = $mail_plugins imap_quota }
service quota-status { executable = quota-status -p postfix inet_listener { port = 12340 # You can choose any port you want } client_limit = 1 }
plugin { quota = count:User quota # or some other backend quota_rule = *:storage=10M # or from userdb quota_grace = 10%% # 10% is the default quota_status_success = DUNNO quota_status_nouser = DUNNO quota_status_overquota = "552 5.2.2 Mailbox is full" quota_vsizes = yes }
On 01.02.2017 00:20, Christian Kivalo wrote:
Am 31. Jänner 2017 16:36:35 MEZ schrieb Kristian Pedersen kp@asom-net.dk:
Hi list,
We still did not manage to get quota-status working. We're hoping someone can provide some feedback/ideas on how we may investigate this issue further? Is it likely to be a bug fixed in a newer version?
Regards,
Kristian
[...]
Quota-status will return unknown user if that is the case: root@mail:~# printf "recipient=kptest2@asom-net.dk\nsize=1000000000\n\n" | nc -q1 localhost 12340 action=551 5.5.1 User not found
Tried this and works here. Doveconf -n output with regards to quota settings is very similar, i use a quota dict, not maildir, spotted one difference i commented in your doveconf -n and i'm using version 2.2.27 from source ...
dovecot -n: # 2.2.13: /etc/dovecot/dovecot.conf # OS: Linux 3.16.0-4-amd64 x86_64 Debian 8.6 ext4 auth_default_realm = vejen-net.dk auth_mechanisms = plain login auth_verbose = yes disable_plaintext_auth = no first_valid_uid = 110 log_timestamp = "%Y-%m-%d %H:%M:%S " mail_debug = yes mail_location = maildir:/data/vmail/%d/%n/ The one line i'm missing here from your doveconf -n output is mail_plugins = " quota" set in conf.d/10-mail.conf
Have you added quota to the global mail plugins setting? http://wiki2.dovecot.org/Quota
mail_privileged_group = mail namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = /etc/dovecot/local-sql.conf driver = sql } plugin { quota = maildir:User quota quota_rule = *:storage=200M quota_status_nouser = 551 5.5.1 User not found quota_status_overquota = 552 5.2.2 Mailbox is full quota_status_success = DUNNO } protocols = imap pop3 service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } unix_listener auth-master { mode = 0600 user = vmail } user = root } service imap-login { client_limit = 1024 process_limit = 256 process_min_avail = 8 service_count = 0 vsz_limit = 512 M } service imap { process_limit = 10240 } service pop3-login { client_limit = 512 process_limit = 256 process_min_avail = 8 service_count = 0 vsz_limit = 512 M } service pop3 { process_limit = 10240 } service quota-status { client_limit = 1 executable = /usr/lib/dovecot/quota-status -p postfix inet_listener { port = 12340 } } ssl_cert =
local-sql.conf: driver = mysql connect = host=xyz dbname=xyz user=xyz password=xyz default_pass_scheme = CRYPT password_query = SELECT email as user, password FROM virtual_users WHERE email='%u'; user_query = SELECT
CONCAT('/data/vmail/',CONCAT(SUBSTRING_INDEX(email,'@',-1),'/',SUBSTRING_INDEX(email,'@',1)))
AS home, 110 AS uid, 110 AS gid, CONCAT('*:storage=',mailquota,'M') AS quota_rule FROM virtual_users WHERE email='%u';
If I do a strace on the quota-status PID, it seems to do a stat on the directory and then give up? Not sure Im interpreting it correct (only including the last few lines): ... lseek(14, 833, SEEK_SET) = 833 munmap(0x7f165d32a000, 833) = 0 close(14) = 0 geteuid() = 0 getegid() = 110 getgid() = 110 getegid() = 110 setgroups(1, [110]) = 0 setresuid(-1, 110, -1) = 0 prctl(PR_SET_DUMPABLE, 1) = 0 stat("/data/vmail/asom-net.dk/kptest", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 prctl(PR_SET_DUMPABLE, 1) = 0 setsockopt(12, SOL_TCP, TCP_CORK, [1], 4) = 0 write(12, "action=DUNNO\n\n", 14) = 14 setsockopt(12, SOL_TCP, TCP_CORK, [0], 4) = 0 epoll_wait(11, {{EPOLLIN, {u32=1593554016, u64=139734059562080}}}, 5, 59999) = 1 read(12, "", 8146) = 0 epoll_ctl(11, EPOLL_CTL_DEL, 12, 7fff0be817a0) = 0 close(12) = 0 epoll_wait(11, {}, 5, 1000) = 0 write(5, "\35q\1\0007\10\0\0\1\0\0\0", 12) = 12 epoll_wait(11, ...
It seems like sort of permission issue? root@mail:~# su - vmail No directory, logging in with HOME=/ $ id -a uid=110(vmail) gid=110(vmail) groups=110(vmail) $ cat /data/vmail/asom-net.dk/kptest/maildirsize 524288000S 685 1 690 1
/data/vmail/asom-net.dk is actually a symlink, maybe that could be of importance?: root@mail:~# ls -ld /data/vmail/asom-net.dk lrwxrwxrwx 1 root root 19 Jan 9 11:18 /data/vmail/asom-net.dk -> ../mnt1/asom-net.dk
root@mail:~# ls -ld /data/mnt1/asom-net.dk/ drwxrwx--- 45 vmail vmail 4096 Dec 15 10:54 /data/mnt1/asom-net.dk/
root@mail:~# ls -ld /data/mnt1/asom-net.dk/kptest/ drwx------ 9 vmail vmail 4096 Jan 23 08:55 /data/mnt1/asom-net.dk/kptest/ root@mail:~# ls -ld /data/mnt1/asom-net.dk/kptest/maildirsize -rw------- 1 vmail vmail 23 Jan 12 16:50 /data/mnt1/asom-net.dk/kptest/maildirsize
Anyone have any idea what might be wrong here?
Regards,
Forgot to add the postfix config:
smtpd_recipient_restrictions = ... check_policy_service inet:localhost:12340
Aki
On 01.02.2017 09:34, Aki Tuomi wrote:
Steps to setup quota with status:
mail_plugins = $mail_plugins quota
protocol imap { mail_plugins = $mail_plugins imap_quota }
service quota-status { executable = quota-status -p postfix inet_listener { port = 12340 # You can choose any port you want } client_limit = 1 }
plugin { quota = count:User quota # or some other backend quota_rule = *:storage=10M # or from userdb quota_grace = 10%% # 10% is the default quota_status_success = DUNNO quota_status_nouser = DUNNO quota_status_overquota = "552 5.2.2 Mailbox is full" quota_vsizes = yes }
On 01.02.2017 00:20, Christian Kivalo wrote:
Am 31. Jänner 2017 16:36:35 MEZ schrieb Kristian Pedersen kp@asom-net.dk:
Hi list,
We still did not manage to get quota-status working. We're hoping someone can provide some feedback/ideas on how we may investigate this issue further? Is it likely to be a bug fixed in a newer version?
Regards,
Kristian
[...]
Quota-status will return unknown user if that is the case: root@mail:~# printf "recipient=kptest2@asom-net.dk\nsize=1000000000\n\n" | nc -q1 localhost 12340 action=551 5.5.1 User not found
Tried this and works here. Doveconf -n output with regards to quota settings is very similar, i use a quota dict, not maildir, spotted one difference i commented in your doveconf -n and i'm using version 2.2.27 from source ...
dovecot -n: # 2.2.13: /etc/dovecot/dovecot.conf # OS: Linux 3.16.0-4-amd64 x86_64 Debian 8.6 ext4 auth_default_realm = vejen-net.dk auth_mechanisms = plain login auth_verbose = yes disable_plaintext_auth = no first_valid_uid = 110 log_timestamp = "%Y-%m-%d %H:%M:%S " mail_debug = yes mail_location = maildir:/data/vmail/%d/%n/ The one line i'm missing here from your doveconf -n output is mail_plugins = " quota" set in conf.d/10-mail.conf
Have you added quota to the global mail plugins setting? http://wiki2.dovecot.org/Quota
mail_privileged_group = mail namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = /etc/dovecot/local-sql.conf driver = sql } plugin { quota = maildir:User quota quota_rule = *:storage=200M quota_status_nouser = 551 5.5.1 User not found quota_status_overquota = 552 5.2.2 Mailbox is full quota_status_success = DUNNO } protocols = imap pop3 service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } unix_listener auth-master { mode = 0600 user = vmail } user = root } service imap-login { client_limit = 1024 process_limit = 256 process_min_avail = 8 service_count = 0 vsz_limit = 512 M } service imap { process_limit = 10240 } service pop3-login { client_limit = 512 process_limit = 256 process_min_avail = 8 service_count = 0 vsz_limit = 512 M } service pop3 { process_limit = 10240 } service quota-status { client_limit = 1 executable = /usr/lib/dovecot/quota-status -p postfix inet_listener { port = 12340 } } ssl_cert =
local-sql.conf: driver = mysql connect = host=xyz dbname=xyz user=xyz password=xyz default_pass_scheme = CRYPT password_query = SELECT email as user, password FROM virtual_users WHERE email='%u'; user_query = SELECT
CONCAT('/data/vmail/',CONCAT(SUBSTRING_INDEX(email,'@',-1),'/',SUBSTRING_INDEX(email,'@',1)))
AS home, 110 AS uid, 110 AS gid, CONCAT('*:storage=',mailquota,'M') AS quota_rule FROM virtual_users WHERE email='%u';
If I do a strace on the quota-status PID, it seems to do a stat on the directory and then give up? Not sure Im interpreting it correct (only including the last few lines): ... lseek(14, 833, SEEK_SET) = 833 munmap(0x7f165d32a000, 833) = 0 close(14) = 0 geteuid() = 0 getegid() = 110 getgid() = 110 getegid() = 110 setgroups(1, [110]) = 0 setresuid(-1, 110, -1) = 0 prctl(PR_SET_DUMPABLE, 1) = 0 stat("/data/vmail/asom-net.dk/kptest", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 prctl(PR_SET_DUMPABLE, 1) = 0 setsockopt(12, SOL_TCP, TCP_CORK, [1], 4) = 0 write(12, "action=DUNNO\n\n", 14) = 14 setsockopt(12, SOL_TCP, TCP_CORK, [0], 4) = 0 epoll_wait(11, {{EPOLLIN, {u32=1593554016, u64=139734059562080}}}, 5, 59999) = 1 read(12, "", 8146) = 0 epoll_ctl(11, EPOLL_CTL_DEL, 12, 7fff0be817a0) = 0 close(12) = 0 epoll_wait(11, {}, 5, 1000) = 0 write(5, "\35q\1\0007\10\0\0\1\0\0\0", 12) = 12 epoll_wait(11, ...
It seems like sort of permission issue? root@mail:~# su - vmail No directory, logging in with HOME=/ $ id -a uid=110(vmail) gid=110(vmail) groups=110(vmail) $ cat /data/vmail/asom-net.dk/kptest/maildirsize 524288000S 685 1 690 1
/data/vmail/asom-net.dk is actually a symlink, maybe that could be of importance?: root@mail:~# ls -ld /data/vmail/asom-net.dk lrwxrwxrwx 1 root root 19 Jan 9 11:18 /data/vmail/asom-net.dk -> ../mnt1/asom-net.dk
root@mail:~# ls -ld /data/mnt1/asom-net.dk/ drwxrwx--- 45 vmail vmail 4096 Dec 15 10:54 /data/mnt1/asom-net.dk/
root@mail:~# ls -ld /data/mnt1/asom-net.dk/kptest/ drwx------ 9 vmail vmail 4096 Jan 23 08:55 /data/mnt1/asom-net.dk/kptest/ root@mail:~# ls -ld /data/mnt1/asom-net.dk/kptest/maildirsize -rw------- 1 vmail vmail 23 Jan 12 16:50 /data/mnt1/asom-net.dk/kptest/maildirsize
Anyone have any idea what might be wrong here?
Regards,
Hi Christian,
On 2017-01-31 23:20, Christian Kivalo wrote:
dovecot -n: # 2.2.13: /etc/dovecot/dovecot.conf # OS: Linux 3.16.0-4-amd64 x86_64 Debian 8.6 ext4 auth_default_realm = vejen-net.dk auth_mechanisms = plain login auth_verbose = yes disable_plaintext_auth = no first_valid_uid = 110 log_timestamp = "%Y-%m-%d %H:%M:%S " mail_debug = yes mail_location = maildir:/data/vmail/%d/%n/ The one line i'm missing here from your doveconf -n output is mail_plugins = " quota" set in conf.d/10-mail.conf
Have you added quota to the global mail plugins setting? http://wiki2.dovecot.org/Quota
That did it, now it seems to work!
I thought the global mail_plugins was only a variable not a config option. But it seems it must be set.
So this works:
mail_plugins = $mail_plugins quota protocol imap { mail_plugins = $mail_plugins imap_quota } protocol pop3 { mail_plugins = $mail_plugins }
But this does not: protocol imap { mail_plugins = quota imap_quota } protocol pop3 { mail_plugins = quota }
Thank you very much for helping me along. Also thanks to Aki Tuomi who pointed out the same issue.
Regards,
-- Kristian Pedersen ASOM-Net Systemadministrator www.asom-net.dk Telefon: 44 400 970
participants (3)
-
Aki Tuomi
-
Christian Kivalo
-
Kristian Pedersen