[Dovecot] Dovecot has no understandable configuration any more
Hello,
for many years i used an mailserver with dovecot V1 very satisfied! http://mailserver.decotrain.de/ One of the reasons to use dovecot was a simply configuration. Dovecot was the best choice for IMAP for me!
Now i updated the server to Debian testing with dovecot 2.1.7. It's not possible for me to get a running authentication for virtual mail users!
I recently found this mailing and have the same problem: http://www.dovecot.org/list/dovecot/2012-March/064181.html
The documentation says *nothing* about my problem how to authenticate with mysql! http://wiki2.dovecot.org/VirtualUsers
I can solve the problem only with try and error without a chance in this complex system. It's nice to have all this possibilites but they are not useful if not documented. There should be some clear examples for different scenarios to be found in your wiki.
My problem at this time:
I don't know how to configure the userdb to work with mysql authentification? All mail is running under the special user mail.
dovecot.conf
disable_plaintext_auth = yes
passdb { driver = sql # Path for SQL configuration file, see example-config/dovecot-sql.conf.ext args = /etc/dovecot/dovecot-sql.conf
}
userdb { driver = prefetch }
first_valid_uid = 8 last_valid_uid = 8
first_valid_gid = 8 last_valid_gid = 8
mail_location = maildir:/srv/mail/%d/%n
dovecot-sql.conf
driver = mysql
connect = host=/var/run/mysqld/mysqld.sock dbname=... => WORKS!
default_pass_scheme = SHA1
password_query = SELECT password, '/srv/mail/%d/%n' AS home, 'mail' AS uid, 'mail' AS gid FROM user WHERE username = '%n' AND domain = '%d' AND IMAP_allowed = 'YES'
Errors
Apr 30 10:28:22 auth: Debug: client out: OK 1 user=xxxx@yyyy
home=/srv/mail/yyyy/xxxx uid=mail
gid=mail
Apr 30 10:28:22 auth: Debug: master in: REQUEST 3163291649 5347
1 87066c907eef8f4e5ed71319b560dd2a
Apr 30 10:28:22 auth: Error:
prefetch(xxxx@yyyy,::1,
I have no idea how to solve the problem and up to know i could not find an example with google. Please help.
Best regards Karsten
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Tue, 30 Apr 2013, forum wrote:
for many years i used an mailserver with dovecot V1 very satisfied! http://mailserver.decotrain.de/ One of the reasons to use dovecot was a simply configuration. Dovecot was the best choice for IMAP for me!
Hmm, there not many changes in how to configure Dovecot.
The documentation says *nothing* about my problem how to authenticate with mysql! http://wiki2.dovecot.org/VirtualUsers
Funny, that the link had the answer. Did you configured Dovecot v1 differently then?
The static userdb had not changed since v1.
Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux)
iQEVAwUBUX/WaV3r2wJMiz2NAQK36Af9EjydgVte2ChWWV7sXc0UCiP0o+3VgcGG 89uMAWdimcuZRWAs5JyvSFuh1FSbXBm6LR0MSVIq60oGJtkpNeCb+YKaEgtz74vs KGEnJxyBfmrF3RxKyvjwWcfQ4nifzDLOCTLfEakQSXRhW2+8OuTfE9pzhOq2DwLP p4D8Q5Jc1wtidm65DkKp3UFBubAdmU+PTrRMmTNMkjENKiXM4h1HuklCJ0/HtERZ gfi8QXRXdTTi6tT5PQnC821IM/PUVLU+m4aCObztiu2Fgr982ruz7kCQjyaaLio7 1OZo2nbg3lRoAtFcTSCFqliDa+rFDxYA31xmfhppG203n0xOwhRxpw== =viiU -----END PGP SIGNATURE-----
Am 30.04.2013 16:34, schrieb Steffen Kaiser:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Tue, 30 Apr 2013, forum wrote:
for many years i used an mailserver with dovecot V1 very satisfied! http://mailserver.decotrain.de/ One of the reasons to use dovecot was a simply configuration. Dovecot was the best choice for IMAP for me!
Hmm, there not many changes in how to configure Dovecot.
Oh - there are quiet more possibilities and the syntax slightly has changed.
The documentation says *nothing* about my problem how to authenticate with mysql! http://wiki2.dovecot.org/VirtualUsers
Funny, that the link had the answer. Did you configured Dovecot v1 differently then?
The problem is to understand the dependencies.
The static userdb had not changed since v1.
Then the old configuration should work. But it does not.
Now i have found the solution. It seems to help to ask you. ;)
The solution was to change from listen = [::] to listen = *, [::]
There is no explanation for it - just try and error ...
I can connect to dovecot locally with an webmailer. But there is no listener process to be seen outside of the server?
Locally this ports are working, but not outside:
# netstat -tulpn | grep dove tcp6 0 0 :::110 :::*
LISTEN 5741/dovecot tcp6 0 0 :::143 :::*
LISTEN 5741/dovecot tcp6 0 0 :::993 :::*
LISTEN 5741/dovecot tcp6 0 0 :::995 :::*
LISTEN 5741/dovecotWhere is:
a) the listener on IPv4
PC in LAN.
b) the output of dovecot -n ?
Is this a configuration problem inside dovecot?
That knows your doveconf -n output.
The output seems only to be the configuration that was read.
I lost many hours just to find out that i have to define e.g. service imap-login { Before there was no error, dovecot running and no ports listening. Sorry - that's foolish.
Apr 30 11:14:57 imap(xxxx@yyyy): Error: Broken file /srv/mail/yyyy/xxxx/.INBOX.dir.09/dovecot-uidlist line 1: Broken header (uidvalidity = 0, next_uid=697)
How can i recover this?
Does this error persists or do you see it just once per mailbox?
Seems only onetime. So no problem.
Has someone an idea how to migrate the emails from charset ISO8859-1 to UTF-8?
The mailbody? recode Latin1..utf8 < in > out, but IMAP defines, that you cannot change messages inplace. The client need to redownload them.
The client should left the message on the server with no local copy.
The directory name? Probably there is some tool. Otherwise:
for dir in ...; do mv "$dir" "$(echo "$dir"| recode latin1..utf8)" done
That's an good idea. I will try this.
- -- Steffen Kaiser
Thank you! Karsten
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Tue, 30 Apr 2013, forum wrote:
Now i have found the solution. It seems to help to ask you. ;)
The solution was to change from listen = [::] to listen = *, [::]
There is no explanation for it - just try and error ...
Hmm, [::] -> in6addr_any (any in IPv6 protocol), therefore you had no listener (er, Dovecot listener process) on IPv4, but IPv6 only. Maybe Dovecot v1 handled [::] differently and added *.
I lost many hours just to find out that i have to define e.g. service imap-login { Before there was no error, dovecot running and no ports listening.
http://wiki2.dovecot.org/Tools/Doveconf has the example:
" doveconf can be also used to convert v1.x configuration files into v2.x format.
doveconf -n -c /oldpath/dovecot.conf > /etc/dovecot/dovecot.conf.new "
Has someone an idea how to migrate the emails from charset ISO8859-1 to UTF-8?
The mailbody? recode Latin1..utf8 < in > out, but IMAP defines, that you cannot change messages inplace. The client need to redownload them.
The client should left the message on the server with no local copy.
No, I mean: IMAP defines that messages are immutable, you must not change a message file on the server. Therefore you cannot recode a message file on the server and hope that the clients pick up the change. You need to cause that the MUAs think that the modified message is new. E.g. with Maildir backend you rename each message file:
1367436834.P516Q0M961879.server:2,Sa -> 1367436834.P516Q0M961879.server.a:2,Sa
see change before ":". Then each MUA thinks that it had not seen the message, because Dovecot assigns a new UID to it.
Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux)
iQEVAwUBUYIhDF3r2wJMiz2NAQLrJQf/QqXAMdy++l9a9agj7uW6T2QQ3OGkixLd TdWOAQw+0XX7uudeHkJ0QMi1U6BS44eDdaxE8EuShCLRTHwZgLmQOUjQgBWJoaoe ha8LGpY1HjtUIeGxPEGsZux8gnbk9dfLKqAm4R1R8bIYeexFJQYfGTszRkPpsGpf pH1Jai4R6E+Fr4d65xBfqp/x7tZc5Qhk2Xft4mJK2BqMXN28fTbtB0FF++pjd8lf sn0hcODIH+/AI4lCZXqkh2oMRzHpTrum4YisEcPP+mpSGR3T7ZDZ4HPzzOrMofYt DsJPUI+t7v0qAVx7ycjcIkG0jVsMqBqUv0g3xQDA6e2WdH1h3x9kuQ== =3bKR -----END PGP SIGNATURE-----
Hello Steffen,
Am 02.05.2013 10:17, schrieb Steffen Kaiser:
On Tue, 30 Apr 2013, forum wrote:
Now i have found the solution. It seems to help to ask you. ;)
The solution was to change from listen = [::] to listen = *, [::]
There is no explanation for it - just try and error ...
Hmm, [::] -> in6addr_any (any in IPv6 protocol), therefore you had no listener (er, Dovecot listener process) on IPv4, but IPv6 only. Maybe Dovecot v1 handled [::] differently and added *.
I can only say that it was working afterwards.
I lost many hours just to find out that i have to define e.g. service imap-login { Before there was no error, dovecot running and no ports listening.
http://wiki2.dovecot.org/Tools/Doveconf has the example:
" doveconf can be also used to convert v1.x configuration files into v2.x format.
doveconf -n -c /oldpath/dovecot.conf > /etc/dovecot/dovecot.conf.new "
Good to know - but to late for me. The utilites are a good idea!
I think there are (to many) details handled slightly different. Of course this is no problem - but not easy to find out.
I had some problems like this upgrading from exim 4.6 to 4.8 - but not so hard. Dovecot steps into the same problems as exim. It becomes so mighty that everything is possible - but it is hard to understand how to master it. The wiki is a good solution, but i miss a description of the dependencies that are not clear. You only understand it when you have mastered it.
Has someone an idea how to migrate the emails from charset ISO8859-1 to UTF-8?
The mailbody? recode Latin1..utf8 < in > out, but IMAP defines, that you cannot change messages inplace. The client need to redownload them.
The client should left the message on the server with no local copy.
No, I mean: IMAP defines that messages are immutable, you must not change a message file on the server. Therefore you cannot recode a message file on the server and hope that the clients pick up the change. You need to cause that the MUAs think that the modified message is new. E.g. with Maildir backend you rename each message file:
Yes - i understand. The encoding is defined in the email - so this should be no problem.
I had the problem that Thunderbird deletes some Emails because he thought they should be deleted. Is this marked somewhere?
1367436834.P516Q0M961879.server:2,Sa -> 1367436834.P516Q0M961879.server.a:2,Sa
Ahh - good to know.
see change before ":". Then each MUA thinks that it had not seen the message, because Dovecot assigns a new UID to it.
At least i deleted all the index files and stepped with the client through the directories. Now everything is working fine.
Thanks for your help and tips!
Cheers Karsten
forum, 30.04.2013 16:55:
Now i have found the solution. It seems to help to ask you. ;)
The solution was to change from listen = [::] to listen = *, [::]
There is no explanation for it - just try and error ...
This is not dovecot's fault. See here: http://serverfault.com/a/39561
In short: In Linux, binding to :: means "bind to both ipv6 and ipv4". Setting /proc/sys/net/ipv6/bindv6only to 1 changes this behaviour, and Debian had this by default in some testing versions of squeeze, as was recently discussed on the asterisk-users list: http://lists.digium.com/pipermail/asterisk-users/2013-March/278296.html
On 3.5.2013, at 12.34, Jakob Hirsch jh@plonk.de wrote:
forum, 30.04.2013 16:55:
Now i have found the solution. It seems to help to ask you. ;)
The solution was to change from listen = [::] to listen = *, [::]
There is no explanation for it - just try and error ...
This is not dovecot's fault. See here: http://serverfault.com/a/39561
In short: In Linux, binding to :: means "bind to both ipv6 and ipv4". Setting /proc/sys/net/ipv6/bindv6only to 1 changes this behaviour, and Debian had this by default in some testing versions of squeeze, as was recently discussed on the asterisk-users list: http://lists.digium.com/pipermail/asterisk-users/2013-March/278296.html
Software can also specify if they want that functionality or not. In Dovecot v1.0 [::] may have listened also on IPv4, but since v1.1 [::] has only listened on IPv6. So I guess the complaint wasn't really about Dovecot v2.x, but about v1.1+.
Hmm. So Debian stable is switching from Dovecot v1.0 -> v2.1? Maybe it would be worth mentioning this somewhere.
On 3.5.2013, at 12.46, Timo Sirainen tss@iki.fi wrote:
Hmm. So Debian stable is switching from Dovecot v1.0 -> v2.1? Maybe it would be worth mentioning this somewhere.
No, previous stable had v1.2.15, so I guess there won't be any mass moving from v1.0 to v2.x.
On 03/05/2013 10:50, Timo Sirainen wrote:
On 3.5.2013, at 12.46, Timo Sirainentss@iki.fi wrote:
Hmm. So Debian stable is switching from Dovecot v1.0 -> v2.1? Maybe it would be worth mentioning this somewhere.
No, previous stable had v1.2.15, so I guess there won't be any mass moving from v1.0 to v2.x.
I've just newly put Debian Stable on a machine. Stable does have 1.2.15, as you say. I've enabled squeeeze-backports, which also allows me to install 2.1.7 (dovecot-core 2.1.7-7~bpo50+1, as I write).
(I've not installed either yet, still checking how to bring the real-user maildirs across from 1.0.15 without losing the metadata, so that all the clients (meaning the human ones) don't have a shock at seeing xx,000 'new' mails. Recently discussed on the list, so plenty of advice.)
regards, Ron
Hello,
Am 03.05.2013 11:34, schrieb Jakob Hirsch:
forum, 30.04.2013 16:55:
Now i have found the solution. It seems to help to ask you. ;)
The solution was to change from listen = [::] to listen = *, [::]
There is no explanation for it - just try and error ...
This is not dovecot's fault. See here: http://serverfault.com/a/39561
I never write that something is the fault of dovecot. ;-) As i complain the configuration is not so easy as before.
But what is the meaning of the addional "*," now? Listening specially to IPV4 and IPV6?
In short: In Linux, binding to :: means "bind to both ipv6 and ipv4". Setting /proc/sys/net/ipv6/bindv6only to 1 changes this behaviour, and Debian had this by default in some testing versions of squeeze, as was recently discussed on the asterisk-users list: http://lists.digium.com/pipermail/asterisk-users/2013-March/278296.html
Aha - thank you for this hint. I have an additional problem with a R8169 ethernet interface loosing IPV4 communication.
But at this time the binding for IPV4 is not deactivated. root@PC# cat /proc/sys/net/ipv6/bindv6only 0
Regards Karsten
Hello,
Am 03.05.2013 11:34, schrieb Jakob Hirsch:
forum, 30.04.2013 16:55:
Now i have found the solution. It seems to help to ask you. ;)
The solution was to change from listen = [::] to listen = *, [::]
There is no explanation for it - just try and error ...
This is not dovecot's fault. See here: http://serverfault.com/a/39561
I never write that something is the fault of dovecot. ;-) As i complain the configuration is not so easy as before.
But what is the meaning of the addional "*," now? Listening specially to IPV4 and IPV6?
In short: In Linux, binding to :: means "bind to both ipv6 and ipv4". Setting /proc/sys/net/ipv6/bindv6only to 1 changes this behaviour, and Debian had this by default in some testing versions of squeeze, as was recently discussed on the asterisk-users list: http://lists.digium.com/pipermail/asterisk-users/2013-March/278296.html
Aha - thank you for this hint. I have an additional problem with a R8169 ethernet interface loosing IPV4 communication.
But at this time the binding for IPV4 is not deactivated. root@PC# cat /proc/sys/net/ipv6/bindv6only 0
Regards Karsten
participants (8)
-
Forum
-
forum
-
Forum
-
Jakob Hirsch
-
Noel Butler
-
Ron Leach
-
Steffen Kaiser
-
Timo Sirainen