[Dovecot] Per User Quotas
Hi All I have not been able to get per user quotas going. A general quota works fine. My LDAP server is windows 2000.
Here is my config
mail# dovecot -n # 1.1.3: /usr/local/etc/dovecot.conf log_path: /var/log/dovecot.log protocols: imaps pop3s lda managesieve listen(default): * listen(imap): * listen(pop3): * listen(managesieve): *:2000 ssl_cert_file: /usr/local/etc/dovecot/ssl/certs/dovecot.pem ssl_key_file: /usr/local/etc/dovecot/ssl/private/dovecot.pem ssl_cipher_list: ALL:!ADH!LOW:!SSLv2:!EXP:+HIGH:+MEDIUM disable_plaintext_auth: no login_dir: /var/run/dovecot/login login_executable(default): /usr/local/libexec/dovecot/imap-login login_executable(imap): /usr/local/libexec/dovecot/imap-login login_executable(pop3): /usr/local/libexec/dovecot/pop3-login login_executable(managesieve): /usr/local/libexec/dovecot/managesieve-login login_greeting: Mail Server ready. login_greeting_capability(default): yes login_greeting_capability(imap): yes login_greeting_capability(pop3): no login_greeting_capability(managesieve): no verbose_proctitle: yes first_valid_uid: 1000 first_valid_gid: 1000 mail_privileged_group: mail mail_location: maildir:~/Maildir:INBOX=~/Maildir/:INDEX=~/Maildir/tmp/index mail_debug: yes maildir_copy_preserve_filename: yes mail_executable(default): /usr/local/libexec/dovecot/imap mail_executable(imap): /usr/local/libexec/dovecot/imap mail_executable(pop3): /usr/local/libexec/dovecot/pop3 mail_executable(managesieve): /usr/local/libexec/dovecot/managesieve mail_plugins(default): quota imap_quota mail_plugins(imap): quota imap_quota mail_plugins(pop3): quota mail_plugins(managesieve): mail_plugin_dir(default): /usr/local/lib/dovecot/imap mail_plugin_dir(imap): /usr/local/lib/dovecot/imap mail_plugin_dir(pop3): /usr/local/lib/dovecot/pop3 mail_plugin_dir(managesieve): /usr/local/lib/dovecot/managesieve imap_client_workarounds(default): delay-newmail netscape-eoh tb-extra-mailbox-sep imap_client_workarounds(imap): delay-newmail netscape-eoh tb-extra-mailbox-sep imap_client_workarounds(pop3): imap_client_workarounds(managesieve): pop3_enable_last(default): no pop3_enable_last(imap): no pop3_enable_last(pop3): yes pop3_enable_last(managesieve): no pop3_client_workarounds(default): pop3_client_workarounds(imap): pop3_client_workarounds(pop3): outlook-no-nuls oe-ns-eoh pop3_client_workarounds(managesieve): managesieve_implementation_string(default): dovecot managesieve_implementation_string(imap): dovecot managesieve_implementation_string(pop3): dovecot managesieve_implementation_string(managesieve): Cyrus timsieved v2.2.13 sieve_storage(default): sieve_storage(imap): sieve_storage(pop3): sieve_storage(managesieve): ~/sieve sieve(default): sieve(imap): sieve(pop3): sieve(managesieve): ~/.dovecot.sieve auth default: mechanisms: plain login username_format: %Ln verbose: yes debug: yes passdb: driver: ldap args: /usr/local/etc/dovecot-ldap.conf userdb: driver: static args: uid=1002 gid=1002 home=/home/vmail/%u allow_all_users=yes userdb: driver: passwd args: blocking=yes socket: type: listen client: path: /var/run/dovecot/auth-client mode: 432 master: path: /var/run/dovecot/auth-master mode: 384 user: vmail group: vmail plugin: quota_warning: storage=95%% /usr/local/etc/dovecot/quota-warning.sh 95 quota_warning2: storage=80%% /usr/local/etc/dovecot/quota-warning.sh 80 quota: maildir quota2: maildir:user quota quota_rule: *:storage=512M quota_rule2: Trash:storage=10M quota_rule3: SPAM:ignore sieve: /home/vmail/%u/.dovecot.sieve
I have this in dovecot-ldap.conf hosts = 192.168.1.97 192.168.1.76 base = dc=atlas,dc=local auth_bind = yes auth_bind_userdn = atlas\%u pass_filter = (&(objectclass=person)(uid=%u)) user_attrs = homeDirectory=/home/vmail/%u,uidNumber=1002,gidNumber=1002,streetAddress=quota_rule=*:storage=%$M
I then put this in the streetAddress area of the user info in AD *:storage=256M
But no go. When I log in either in thunderbird or squirrelmail, I see the general quota for that user which is 512M and not 256M
I'm at a loss, any help would be appreciated.
By the way, after reading another thread, I added this to postfix but still no go. mailbox_command = /usr/local/libexec/dovecot/deliver -d "$USER"
On Wed, 2009-10-14 at 21:18 -0500, Peter Fraser wrote:
userdb: driver: static args: uid=1002 gid=1002 home=/home/vmail/%u allow_all_users=yes
This catches all userdb lookups.
userdb: driver: passwd args: blocking=yes
This is never used. You probably want to comment it out.
user_attrs = homeDirectory=/home/vmail/%u,uidNumber=1002,gidNumber=1002,streetAddress=quota_rule=*:storage=%$M
These aren't used, because you're using userdb static instead of userdb ldap.
Ok I see, so can I get per-user quotas going and still use userdb static? or do I have to change to userdb ldap?
On Thu, Oct 15, 2009 at 11:30 AM, Timo Sirainen <tss@iki.fi> wrote:
On Wed, 2009-10-14 at 21:18 -0500, Peter Fraser wrote:
userdb: driver: static args: uid=1002 gid=1002 home=/home/vmail/%u allow_all_users=yes
This catches all userdb lookups.
userdb: driver: passwd args: blocking=yes
This is never used. You probably want to comment it out.
user_attrs = homeDirectory=/home/vmail/%u,uidNumber=1002,gidNumber=1002,streetAddress=quota_rule=*:storage=%$M
These aren't used, because you're using userdb static instead of userdb ldap.
Hi Peter + Timo,
I think the solution is the right order in dovecot.conf:
"userdb ldap" should stand in front of "userdb static".
Greetings
Timo Sirainen schrieb:
On Wed, 2009-10-14 at 21:18 -0500, Peter Fraser wrote:
userdb: driver: static args: uid=1002 gid=1002 home=/home/vmail/%u allow_all_users=yes
This catches all userdb lookups.
userdb: driver: passwd args: blocking=yes
This is never used. You probably want to comment it out.
user_attrs = homeDirectory=/home/vmail/%u,uidNumber=1002,gidNumber=1002,streetAddress=quota_rule=*:storage=%$M
These aren't used, because you're using userdb static instead of userdb ldap.
On Thu, 2009-10-15 at 19:36 +0200, thedoghousemailcom wrote:
Hi Peter + Timo,
I think the solution is the right order in dovecot.conf:
"userdb ldap" should stand in front of "userdb static".
Well, if that's done then userdb static is used only when user isn't found from ldap. And I guess that should normally never happen..
OK this is what I now have. In dovecot.conf I put: userdb ldap { args = /usr/local/etc/dovecot-ldap.conf }
In dovecot-ldap.conf: hosts = 192.168.1.97 base = dc=atlas,dc=local auth_bind = yes scope = subtree auth_bind_userdn = atlas\%u user_filter = (&(objectClass=mailUser)(mail=%u)) default_pass_scheme = CRYPT pass_filter = (&(objectclass=person)(uid=%u)) pass_attrs = userPassword=password user_attrs = streetAddress=quota_rule=*:storage=%$M ,=uid=uid,=gid=gid,=home=/home/vmail/%u
And the quota in street address of AD
When I fire up thunderbird now, I see sending login information for a long time before it comes up and even when it does, I still see the general quota.
On Thu, Oct 15, 2009 at 12:40 PM, Timo Sirainen <tss@iki.fi> wrote:
On Thu, 2009-10-15 at 19:36 +0200, thedoghousemailcom wrote:
Hi Peter + Timo,
I think the solution is the right order in dovecot.conf:
"userdb ldap" should stand in front of "userdb static".
Well, if that's done then userdb static is used only when user isn't found from ldap. And I guess that should normally never happen..
On Thu, 2009-10-15 at 14:11 -0500, Peter Fraser wrote:
user_attrs = streetAddress=quota_rule=*:storage=%$M ,=uid=uid,=gid=gid,=home=/home/vmail/%u
The =uid=uid part looks wrong. Should be more like =uid=1000, =gid=1000.
Anyway.. Post again dovecot -n output and also logs with auth_debug=yes and mail_debug=yes.
Here they are
mail# dovecot -n # 1.1.16: /usr/local/etc/dovecot.conf # OS: FreeBSD 7.2-RELEASE-p1 i386 protocols: imaps pop3s imap ssl_cert_file: /usr/local/etc/dovecot/ssl/certs/dovecot.pem ssl_key_file: /usr/local/etc/dovecot/ssl/private/dovecot.pem ssl_cipher_list: ALL:!ADH!LOW:!SSLv2:!EXP:+HIGH:+MEDIUM disable_plaintext_auth: no login_dir: /var/run/dovecot/login login_executable(default): /usr/local/libexec/dovecot/imap-login login_executable(imap): /usr/local/libexec/dovecot/imap-login login_executable(pop3): /usr/local/libexec/dovecot/pop3-login login_greeting: POP3 Server ready. verbose_proctitle: yes first_valid_gid: 0 mail_access_groups: mail mail_location: maildir:~/Maildir mail_debug: yes mail_executable(default): /usr/local/libexec/dovecot/imap mail_executable(imap): /usr/local/libexec/dovecot/imap mail_executable(pop3): /usr/local/libexec/dovecot/pop3 mail_plugins(default): quota imap_quota mail_plugins(imap): quota imap_quota mail_plugins(pop3): quota mail_plugin_dir(default): /usr/local/lib/dovecot/imap mail_plugin_dir(imap): /usr/local/lib/dovecot/imap mail_plugin_dir(pop3): /usr/local/lib/dovecot/pop3 imap_client_workarounds(default): delay-newmail outlook-idle netscape-eoh tb-extra-mailbox-sep imap_client_workarounds(imap): delay-newmail outlook-idle netscape-eoh tb-extra-mailbox-sep imap_client_workarounds(pop3): pop3_client_workarounds(default): pop3_client_workarounds(imap): pop3_client_workarounds(pop3): outlook-no-nuls oe-ns-eoh auth default: username_format: %Lu debug: yes passdb: driver: pam passdb: driver: ldap args: /usr/local/etc/dovecot-ldap.conf userdb: driver: ldap args: /usr/local/etc/dovecot-ldap.conf userdb: driver: passwd plugin: quota: maildir quota2: maildir:user quota quota_rule: *:storage=512M quota_rule2: Trash:storage=10M quota_rule3: SPAM:ignore
Maillog Below Oct 15 14:44:22 mail dovecot: dovecot v1.1.16 starting up Oct 15 14:44:23 mail dovecot: auth(default): new auth connection: pid=27040 Oct 15 14:44:23 mail dovecot: auth(default): new auth connection: pid=27038 Oct 15 14:44:23 mail dovecot: auth(default): new auth connection: pid=27039 Oct 15 14:44:23 mail dovecot: auth(default): new auth connection: pid=27041 Oct 15 14:44:23 mail dovecot: auth(default): new auth connection: pid=27042 Oct 15 14:44:23 mail dovecot: auth(default): new auth connection: pid=27043 Oct 15 14:45:43 mail dovecot: auth(default): new auth connection: pid=27048 Oct 15 14:45:45 mail dovecot: auth(default): client in: AUTH 1 PLAIN service=imap secured lip=192.168.1.80 rip=192.168.1. Oct 15 14:45:45 mail dovecot: auth(default): client out: CONT 1 Oct 15 14:45:45 mail dovecot: auth(default): client in: CONT<hidden> Oct 15 14:45:45 mail dovecot: auth-worker(default): pam(peter.fraser,192.168.1.112): lookup service=dovecot Oct 15 14:45:45 mail dovecot: auth-worker(default): pam(peter.fraser,192.168.1.112): #1/1 style=1 msg=Password: Oct 15 14:45:45 mail dovecot: auth-worker(default): pam(peter.fraser,192.168.1.112): pam_authenticate() failed: authentication error (password Oct 15 14:45:45 mail dovecot: auth(default): client out: OK 1 user=peter.fraser Oct 15 14:45:45 mail dovecot: auth(default): master in: REQUEST 1 27043 1 Oct 15 14:45:45 mail dovecot: auth(default): ldap(peter.fraser,192.168.1.112): user search: base=dc=atlas,dc=local scope=subtree filter=(&(obj Oct 15 14:47:28 mail postfix/scache[26993]: statistics: start interval Oct 15 14:44:08
On Thu, Oct 15, 2009 at 2:25 PM, Timo Sirainen <tss@iki.fi> wrote:
On Thu, 2009-10-15 at 14:11 -0500, Peter Fraser wrote:
user_attrs = streetAddress=quota_rule=*:storage=%$M ,=uid=uid,=gid=gid,=home=/home/vmail/%u
The =uid=uid part looks wrong. Should be more like =uid=1000, =gid=1000.
Anyway.. Post again dovecot -n output and also logs with auth_debug=yes and mail_debug=yes.
Hi Peter,
this is my working dovecot-configuration:
Dovecot 1.2.4
dovecot.conf (extract)
username_translation: @_._
passdb: driver: ldap args: /etc/dovecot-ldap.conf userdb: driver: ldap args: /etc/dovecot-ldap-userdb.conf userdb: driver: static args: uid=500 gid=500 home=/home/vmail/%Lu allow_all_users=yes
dovecot-ldap.conf
hosts = 1.2.3.4 1.2.3.5 base = DC=first,DC=bank,DC=com ldap_version = 3 auth_bind = yes auth_bind_userdn = %u@first.bank.com user_filter = (&(objectClass=person)(cn=%u)) user_attrs = homeDirectory=home=/home/vmail/%Lu,description=quota_rule=*:bytes=%$
dovecot-ldap-userdb.conf
hosts = 1.2.3.4 1.2.3.5 base = DC=first,DC=bank,DC=com ldap_version = 3 auth_bind = no dn =first\domain-user dnpass = password user_filter = (&(objectClass=person)(userPrincipalName=%u@first.bank.com)) user_attrs = description=quota_rule=*:bytes=%$
Peter Fraser schrieb:
OK this is what I now have. In dovecot.conf I put: userdb ldap { args = /usr/local/etc/dovecot-ldap.conf }
In dovecot-ldap.conf: hosts = 192.168.1.97 base = dc=atlas,dc=local auth_bind = yes scope = subtree auth_bind_userdn = atlas\%u user_filter = (&(objectClass=mailUser)(mail=%u)) default_pass_scheme = CRYPT pass_filter = (&(objectclass=person)(uid=%u)) pass_attrs = userPassword=password user_attrs = streetAddress=quota_rule=*:storage=%$M ,=uid=uid,=gid=gid,=home=/home/vmail/%u
And the quota in street address of AD
When I fire up thunderbird now, I see sending login information for a long time before it comes up and even when it does, I still see the general quota.
On Thu, Oct 15, 2009 at 12:40 PM, Timo Sirainen <tss@iki.fi> wrote:
On Thu, 2009-10-15 at 19:36 +0200, thedoghousemailcom wrote:
Hi Peter + Timo,
I think the solution is the right order in dovecot.conf:
"userdb ldap" should stand in front of "userdb static".
Well, if that's done then userdb static is used only when user isn't found from ldap. And I guess that should normally never happen..
Ok thanks I tried your config. Just edited to my my setup. This is what I now have
dovecot.conf
passdb ldap { args = /usr/local/etc/dovecot-ldap.conf }
userdb ldap { args = /usr/local/etc/dovecot-ldap-userdb.conf }
userdb static { args = uid=1002 gid=1002 home=/home/vmail/%u allow_all_users=yes }
dovecot-ldap.conf
hosts = 192.168.0.97 192.168.0.76 base = dc=atlas,dc=local auth_bind = yes auth_bind_userdn = atlas\%u #auth_bind_userdn = atlas\%u user_filter = (&(objectClass=person)(cn=%u)) user_attrs = homeDirectory=home=/home/vmail/%u,description=quota_rule=*:bytes=%$
dovecot-ldap-userdb.conf
hosts = 192.168.0.97 192.168.0.76 base = dc=atlas,dc=local ldap_version = 3 auth_bind = no dn = atlas\user dnpass = password user_filter = (&(objectClass=person)(userPrincipalName=%u@atlas.local)) user_attrs = description=quota_rule=*:bytes=%$
And of course, I put in a users description field in Active Directory *:bytes=%1024
When I log in as that user, and check the quota, I'm still seeing 512 MB
Very strange.
Well I did all that and when I look at the properties for the inbox in thunderbird under quotas, It still shows 512MB for that user.
These are the logs below: dovecot: Oct 16 09:54:44 Info: dovecot v1.1.16 starting up dovecot: Oct 16 09:54:46 Info: auth(default): new auth connection: pid=32854 dovecot: Oct 16 09:54:46 Info: auth(default): new auth connection: pid=32855 dovecot: Oct 16 09:54:46 Info: auth(default): new auth connection: pid=32856 dovecot: Oct 16 09:54:46 Info: auth(default): new auth connection: pid=32857 dovecot: Oct 16 09:54:46 Info: auth(default): new auth connection: pid=32858 dovecot: Oct 16 09:54:46 Info: auth(default): new auth connection: pid=32859 dovecot: Oct 16 10:09:27 Error: auth(default): LDAP: Connection lost to LDAP server, reconnecting dovecot: Oct 16 10:09:57 Error: auth(default): LDAP: Connection lost to LDAP server, reconnecting dovecot: Oct 16 10:24:27 Error: auth(default): LDAP: Connection lost to LDAP server, reconnecting dovecot: Oct 16 10:24:57 Error: auth(default): LDAP: Connection lost to LDAP server, reconnecting dovecot: Oct 16 10:36:33 Info: auth(default): new auth connection: pid=32984 dovecot: Oct 16 10:36:35 Info: auth(default): client in: AUTH 1 PLAIN service=imap secured lip=192.168.1.80 rip=192.168.1.112 lport=993 rport=1857 dovecot: Oct 16 10:36:35 Info: auth(default): client out: CONT 1 dovecot: Oct 16 10:36:35 Info: auth(default): client in: CONT<hidden> dovecot: Oct 16 10:36:35 Info: auth-worker(default): pam(peter.fraser,192.168.1.112): lookup service=dovecot dovecot: Oct 16 10:36:35 Info: auth-worker(default): pam(peter.fraser,192.168.1.112): #1/1 style=1 msg=Password: dovecot: Oct 16 10:36:35 Info: auth-worker(default): pam(peter.fraser,192.168.1.112): pam_authenticate() failed: authentication error (password mismatch?) dovecot: Oct 16 10:36:35 Info: auth(default): client out: OK 1 user=peter.fraser dovecot: Oct 16 10:36:35 Info: auth(default): master in: REQUEST 1 32859 1 dovecot: Oct 16 10:36:35 Info: auth(default): ldap(peter.fraser,192.168.1.112): user search: base=dc=atlas,dc=local scope=subtree filter=(&(objectClass=person)(userPrincipalName=peter.fraser@atlas.local)) fields=description dovecot: Oct 16 10:39:35 Info: imap-login: Disconnected: Inactivity (auth failed, 1 attempts): user=<peter.fraser>, method=PLAIN, rip=192.168.1.112, lip=192.168.1.80, TLS dovecot: Oct 16 10:46:31 Info: auth(default): new auth connection: pid=33006 dovecot: Oct 16 10:49:30 Info: imap-login: Disconnected: Inactivity (no auth attempts): rip=192.168.1.112, lip=192.168.1.80, TLS handshaking dovecot: Oct 16 10:51:28 Error: auth(default): LDAP: Connection lost to LDAP server, reconnecting dovecot: Oct 16 10:51:28 Error: auth(default): LDAP: Connection lost to LDAP server, reconnecting dovecot: Oct 16 10:51:30 Info: auth(default): ldap(peter.fraser,192.168.1.112): Aborting (timeout), we're not connected to LDAP server dovecot: Oct 16 10:51:30 Info: auth(default): master out: USER 1 peter.fraser uid=1002 gid=1002 home=/home/vmail/peter.fraser dovecot: Oct 16 10:51:30 Info: IMAP(peter.fraser): Loading modules from directory: /usr/local/lib/dovecot/imap dovecot: Oct 16 10:51:30 Info: IMAP(peter.fraser): Module loaded: /usr/local/lib/dovecot/imap/lib10_quota_plugin.so dovecot: Oct 16 10:51:30 Info: IMAP(peter.fraser): Module loaded: /usr/local/lib/dovecot/imap/lib11_imap_quota_plugin.so dovecot: Oct 16 10:51:30 Info: IMAP(peter.fraser): Effective uid=1002, gid=1002, home=/home/vmail/peter.fraser dovecot: Oct 16 10:51:30 Info: IMAP(peter.fraser): Quota root: name= backend=maildir args= dovecot: Oct 16 10:51:30 Info: IMAP(peter.fraser): Quota rule: root= mailbox=* bytes=536870912 messages=0 dovecot: Oct 16 10:51:30 Info: IMAP(peter.fraser): Quota rule: root= mailbox=Trash bytes=10485760 messages=0 dovecot: Oct 16 10:51:30 Info: IMAP(peter.fraser): Quota rule: root= mailbox=SPAM ignored dovecot: Oct 16 10:51:30 Info: IMAP(peter.fraser): Quota root: name=user quota backend=maildir args= dovecot: Oct 16 10:51:30 Info: IMAP(peter.fraser): maildir: data=~/Maildir dovecot: Oct 16 10:51:30 Info: IMAP(peter.fraser): maildir++: root=/home/vmail/peter.fraser/Maildir, index=, control=, inbox=/home/vmail/peter.fraser/Maildir dovecot: Oct 16 10:51:30 Info: IMAP(peter.fraser): Connection closed bytes=0/0
On Fri, Oct 16, 2009 at 1:31 AM, thedoghousemailcom <thedoghousemailcom@googlemail.com> wrote:
Hi Peter,
please insert 1024M in the description field in active directory.
Greetings
And of course, I put in a users description field in Active Directory *:bytes=%1024
When I log in as that user, and check the quota, I'm still seeing 512 MB
Very strange.
On Fri, 2009-10-16 at 14:55 -0500, Peter Fraser wrote:
dovecot: Oct 16 10:09:27 Error: auth(default): LDAP: Connection lost to LDAP server, reconnecting .. dovecot: Oct 16 10:51:30 Info: auth(default): ldap(peter.fraser,192.168.1.112): Aborting (timeout), we're not connected to LDAP server
That seems to be your problem. Is LDAP working at all?
Yes, the servers are up servicing clients and my production mail server with dovecot even uses it to authenticate users for email. They are all up and running.
On Fri, Oct 16, 2009 at 3:02 PM, Timo Sirainen <tss@iki.fi> wrote:
On Fri, 2009-10-16 at 14:55 -0500, Peter Fraser wrote:
dovecot: Oct 16 10:09:27 Error: auth(default): LDAP: Connection lost to LDAP server, reconnecting .. dovecot: Oct 16 10:51:30 Info: auth(default):p ldap(peter.fraser,192.168.1.112): Aborting (timeout), we're not connected to LDAP server
That seems to be your problem. Is LDAP working at all?
Do the "args" point to same file now in passdb ldap and userdb ldap?
On Fri, 2009-10-16 at 15:17 -0500, Peter Fraser wrote:
Yes, the servers are up servicing clients and my production mail server with dovecot even uses it to authenticate users for email. They are all up and running.
On Fri, Oct 16, 2009 at 3:02 PM, Timo Sirainen <tss@iki.fi> wrote:
On Fri, 2009-10-16 at 14:55 -0500, Peter Fraser wrote:
dovecot: Oct 16 10:09:27 Error: auth(default): LDAP: Connection lost to LDAP server, reconnecting .. dovecot: Oct 16 10:51:30 Info: auth(default):p ldap(peter.fraser,192.168.1.112): Aborting (timeout), we're not connected to LDAP server
That seems to be your problem. Is LDAP working at all?
participants (3)
-
Peter Fraser
-
thedoghousemailcom
-
Timo Sirainen