[Dovecot] Evolution IMAP with Dovecot as proxy
We have some users who use Evolution as mail client.
During migration process we are run Dovecot as proxy of Courier-imap until any user get migrated depend of ldap attribute.
At present, the problem is that with Thunderbird and other clients, The client run as normal. But Evolution can't get new messages or Suscription list.
Capabilities on Courier and Dovecot are differents, but when a connection is proxied to Courier, Courier print the Capabilitites.
Any body has any idea of this?
-- Antonio Pérez-Aranda Alcaide aperezaranda@yaco.es
Yaco Sistemas S.L. http://www.yaco.es/ C/ Rioja 5, 41001 Sevilla Teléfono +34 954 50 00 57 Fax +34 954 50 09 29
We are using the attribute "mailPlugins" to decide if the user is migrated. If this attribute is empty, then, the use isn't migrated and then Dovecot send to Courier de petition. It easy adding a new passdb with proxy enabled and mailHost with Courier Server as target.
After some works on Courier CAPABILITIES, I get read mails but it fail to fetch and other operations. It's very strange.
2011/2/16 Charles Marcus <CMarcus@media-brokers.com>:
On 2011-02-16 12:28 PM, Antonio Perez-Aranda wrote:
During migration process we are run Dovecot as proxy of Courier-imap until any user get migrated depend of ldap attribute.
Details of how you did this would be much appreciated...
--
Best regards,
Charles
-- Antonio Pérez-Aranda Alcaide aperezaranda@yaco.es
Yaco Sistemas S.L. http://www.yaco.es/ C/ Rioja 5, 41001 Sevilla Teléfono +34 954 50 00 57 Fax +34 954 50 09 29
On Wed, 2011-02-16 at 18:28 +0100, Antonio Perez-Aranda wrote:
At present, the problem is that with Thunderbird and other clients, The client run as normal. But Evolution can't get new messages or Suscription list.
Capabilities on Courier and Dovecot are differents, but when a connection is proxied to Courier, Courier print the Capabilitites.
Even though capabilities are sent to client on login, there's no guarantee that the client actually uses them. I think Evolution might be one of the clients that just ignores any updated capabilities.
What capabilities before login does Dovecot report? Have you set imap_capability setting? Maybe the problem is that Dovecot has LITERAL+ capability, which Courier doesn't support, and Evolution doesn't realize that it won't work after login. Try setting:
imap_capability = IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE
Ok, until now, I change the Courier Capabilities, maybe I need change prelogin dovecot capabilities.
Ok, I try removing LITERAL+ and playing with any other prelogin capabilities.
Thanks.
2011/2/17 Timo Sirainen <tss@iki.fi>:
On Wed, 2011-02-16 at 18:28 +0100, Antonio Perez-Aranda wrote:
At present, the problem is that with Thunderbird and other clients, The client run as normal. But Evolution can't get new messages or Suscription list.
Capabilities on Courier and Dovecot are differents, but when a connection is proxied to Courier, Courier print the Capabilitites.
Even though capabilities are sent to client on login, there's no guarantee that the client actually uses them. I think Evolution might be one of the clients that just ignores any updated capabilities.
What capabilities before login does Dovecot report? Have you set imap_capability setting? Maybe the problem is that Dovecot has LITERAL+ capability, which Courier doesn't support, and Evolution doesn't realize that it won't work after login. Try setting:
imap_capability = IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE
-- Antonio Pérez-Aranda Alcaide aperezaranda@yaco.es
Yaco Sistemas S.L. http://www.yaco.es/ C/ Rioja 5, 41001 Sevilla Teléfono +34 954 50 00 57 Fax +34 954 50 09 29
Great, Evolution is running.
Thanks.
2011/2/17 Antonio Perez-Aranda <aperezaranda@yaco.es>:
Ok, until now, I change the Courier Capabilities, maybe I need change prelogin dovecot capabilities.
Ok, I try removing LITERAL+ and playing with any other prelogin capabilities.
Thanks.
2011/2/17 Timo Sirainen <tss@iki.fi>:
On Wed, 2011-02-16 at 18:28 +0100, Antonio Perez-Aranda wrote:
At present, the problem is that with Thunderbird and other clients, The client run as normal. But Evolution can't get new messages or Suscription list.
Capabilities on Courier and Dovecot are differents, but when a connection is proxied to Courier, Courier print the Capabilitites.
Even though capabilities are sent to client on login, there's no guarantee that the client actually uses them. I think Evolution might be one of the clients that just ignores any updated capabilities.
What capabilities before login does Dovecot report? Have you set imap_capability setting? Maybe the problem is that Dovecot has LITERAL+ capability, which Courier doesn't support, and Evolution doesn't realize that it won't work after login. Try setting:
imap_capability = IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE
-- Antonio Pérez-Aranda Alcaide aperezaranda@yaco.es
Yaco Sistemas S.L. http://www.yaco.es/ C/ Rioja 5, 41001 Sevilla Teléfono +34 954 50 00 57 Fax +34 954 50 09 29
-- Antonio Pérez-Aranda Alcaide aperezaranda@yaco.es
Yaco Sistemas S.L. http://www.yaco.es/ C/ Rioja 5, 41001 Sevilla Teléfono +34 954 50 00 57 Fax +34 954 50 09 29
Well, I fix Evolution, but now, migrated users with Outlook get errros with custom filters (I18NLEVEL=1)
Is it possible to set the specific PRE-LOGIN capabilities and post-LOGIN capabilities?
2011/2/17 Antonio Perez-Aranda <aperezaranda@yaco.es>:
Great, Evolution is running.
Thanks.
2011/2/17 Antonio Perez-Aranda <aperezaranda@yaco.es>:
Ok, until now, I change the Courier Capabilities, maybe I need change prelogin dovecot capabilities.
Ok, I try removing LITERAL+ and playing with any other prelogin capabilities.
Thanks.
2011/2/17 Timo Sirainen <tss@iki.fi>:
On Wed, 2011-02-16 at 18:28 +0100, Antonio Perez-Aranda wrote:
At present, the problem is that with Thunderbird and other clients, The client run as normal. But Evolution can't get new messages or Suscription list.
Capabilities on Courier and Dovecot are differents, but when a connection is proxied to Courier, Courier print the Capabilitites.
Even though capabilities are sent to client on login, there's no guarantee that the client actually uses them. I think Evolution might be one of the clients that just ignores any updated capabilities.
What capabilities before login does Dovecot report? Have you set imap_capability setting? Maybe the problem is that Dovecot has LITERAL+ capability, which Courier doesn't support, and Evolution doesn't realize that it won't work after login. Try setting:
imap_capability = IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE
-- Antonio Pérez-Aranda Alcaide aperezaranda@yaco.es
Yaco Sistemas S.L. http://www.yaco.es/ C/ Rioja 5, 41001 Sevilla Teléfono +34 954 50 00 57 Fax +34 954 50 09 29
-- Antonio Pérez-Aranda Alcaide aperezaranda@yaco.es
Yaco Sistemas S.L. http://www.yaco.es/ C/ Rioja 5, 41001 Sevilla Teléfono +34 954 50 00 57 Fax +34 954 50 09 29
-- Antonio Pérez-Aranda Alcaide aperezaranda@yaco.es
Yaco Sistemas S.L. http://www.yaco.es/ C/ Rioja 5, 41001 Sevilla Teléfono +34 954 50 00 57 Fax +34 954 50 09 29
On 17.2.2011, at 11.59, Antonio Perez-Aranda wrote:
Well, I fix Evolution, but now, migrated users with Outlook get errros with custom filters (I18NLEVEL=1)
What does I18NLEVEL=1 have to do with them?
Is it possible to set the specific PRE-LOGIN capabilities and post-LOGIN capabilities?
imap_capability setting does specify both of them when running as non-proxy. But proxy gets the post-login capabilities by asking for the CAPABILITY reply from the remote server and passing that to client (which hopefully uses it).
So.. I'm not sure what exactly the problem is you have, so I can't give any good answer.
By adding this line:
imap_capability = +I18NLEVEL=1 NAMESPACE
I get that outlook's 2003 filters run wihtout change any filter. Maybe Outlook don't read CAPABILITY i18nlevel/namespace after login.
2011/2/17 Timo Sirainen <tss@iki.fi>:
On 17.2.2011, at 11.59, Antonio Perez-Aranda wrote:
Well, I fix Evolution, but now, migrated users with Outlook get errros with custom filters (I18NLEVEL=1)
What does I18NLEVEL=1 have to do with them?
Is it possible to set the specific PRE-LOGIN capabilities and post-LOGIN capabilities?
imap_capability setting does specify both of them when running as non-proxy. But proxy gets the post-login capabilities by asking for the CAPABILITY reply from the remote server and passing that to client (which hopefully uses it).
So.. I'm not sure what exactly the problem is you have, so I can't give any good answer.
-- Antonio Pérez-Aranda Alcaide aperezaranda@yaco.es
Yaco Sistemas S.L. http://www.yaco.es/ C/ Rioja 5, 41001 Sevilla Teléfono +34 954 50 00 57 Fax +34 954 50 09 29
Well, I can add I18NLEVEL and appear run as normal.
But the problem is that:
If I do login on non migrated user:
Trying 192.168.x.x ... Connected to kvm2. Escape character is '^]'.
- OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE NAMESPACE I18NLEVEL=1 STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready. . login testuser1 1234 . OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE] LOGIN Ok. . logout
- BYE Courier-IMAP server shutting down . OK LOGOUT completed
If do login on a really migrated user:
Trying 192.168.x.x ... Connected to kvm2. Escape character is '^]'.
- OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE NAMESPACE I18NLEVEL=1 STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready. . login testuser1 1234 . OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE NAMESPACE I18NLEVEL=1 QUOTA] Logged in . logout
- BYE Logging out . OK Logout completed.
Well, the at the imap with no proxy or modified capabilitys show this:
. OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS QUOTA] Logged in
Well, I set imap_capability = value1 value2 then we loose search, lists, context and many others.
2011/2/17 Antonio Perez-Aranda <aperezaranda@yaco.es>:
By adding this line:
imap_capability = +I18NLEVEL=1 NAMESPACE
I get that outlook's 2003 filters run wihtout change any filter. Maybe Outlook don't read CAPABILITY i18nlevel/namespace after login.
2011/2/17 Timo Sirainen <tss@iki.fi>:
On 17.2.2011, at 11.59, Antonio Perez-Aranda wrote:
Well, I fix Evolution, but now, migrated users with Outlook get errros with custom filters (I18NLEVEL=1)
What does I18NLEVEL=1 have to do with them?
Is it possible to set the specific PRE-LOGIN capabilities and post-LOGIN capabilities?
imap_capability setting does specify both of them when running as non-proxy. But proxy gets the post-login capabilities by asking for the CAPABILITY reply from the remote server and passing that to client (which hopefully uses it).
So.. I'm not sure what exactly the problem is you have, so I can't give any good answer.
-- Antonio Pérez-Aranda Alcaide aperezaranda@yaco.es
Yaco Sistemas S.L. http://www.yaco.es/ C/ Rioja 5, 41001 Sevilla Teléfono +34 954 50 00 57 Fax +34 954 50 09 29
-- Antonio Pérez-Aranda Alcaide aperezaranda@yaco.es
Yaco Sistemas S.L. http://www.yaco.es/ C/ Rioja 5, 41001 Sevilla Teléfono +34 954 50 00 57 Fax +34 954 50 09 29
On 17.2.2011, at 12.41, Antonio Perez-Aranda wrote:
If I do login on non migrated user:
Trying 192.168.x.x ... Connected to kvm2. Escape character is '^]'.
- OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE NAMESPACE I18NLEVEL=1 STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready. . login testuser1 1234 . OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE] LOGIN Ok. . logout
- BYE Courier-IMAP server shutting down . OK LOGOUT completed
So this is correct.
If do login on a really migrated user:
Trying 192.168.x.x ... Connected to kvm2. Escape character is '^]'.
- OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE NAMESPACE I18NLEVEL=1 STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready. . login testuser1 1234 . OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE NAMESPACE I18NLEVEL=1 QUOTA] Logged in . logout
- BYE Logging out . OK Logout completed.
The second capability comes from the remote Dovecot server. Did you change imap_capability there too? It should have been necessary only in the proxy. Or is the proxy the same server as the destination Dovecot server? If so, I guess you'll have to run two Dovecot installations until the proxying is done .. or patch the sources so imap_capability is used only by imap-login, not imap.
I haven't a secondary dovecot server.
We have two passdb
- The first passdb check one attribute in LDAP (mailPlugins) if it is empty, then the user match and Dovecot send the connection to Courier
- The second passdb match at another case and Dovecot the same imap instance server all data as normal.
Well, another possiblity is to use only some capabilities antil migration is done.
I think that with this can be sufficient:
imap_capability = IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE NAMESPACE I18NLEVEL=1 SORT=DISPLAY THREAD=REFERENCES CHILDREN UIDPLUS SEARCHRES CONTEXT=SEARCH QUOTA
And courier seem run.
2011/2/17 Timo Sirainen <tss@iki.fi>:
On 17.2.2011, at 12.41, Antonio Perez-Aranda wrote:
If I do login on non migrated user:
Trying 192.168.x.x ... Connected to kvm2. Escape character is '^]'.
- OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE NAMESPACE I18NLEVEL=1 STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready. . login testuser1 1234 . OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE] LOGIN Ok. . logout
- BYE Courier-IMAP server shutting down . OK LOGOUT completed
So this is correct.
If do login on a really migrated user:
Trying 192.168.x.x ... Connected to kvm2. Escape character is '^]'.
- OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE NAMESPACE I18NLEVEL=1 STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready. . login testuser1 1234 . OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE NAMESPACE I18NLEVEL=1 QUOTA] Logged in . logout
- BYE Logging out . OK Logout completed.
The second capability comes from the remote Dovecot server. Did you change imap_capability there too? It should have been necessary only in the proxy. Or is the proxy the same server as the destination Dovecot server? If so, I guess you'll have to run two Dovecot installations until the proxying is done .. or patch the sources so imap_capability is used only by imap-login, not imap.
-- Antonio Pérez-Aranda Alcaide aperezaranda@yaco.es
Yaco Sistemas S.L. http://www.yaco.es/ C/ Rioja 5, 41001 Sevilla Teléfono +34 954 50 00 57 Fax +34 954 50 09 29
participants (3)
-
Antonio Perez-Aranda
-
Charles Marcus
-
Timo Sirainen