[Dovecot] Problem overriding default quota limit
Hi,
We get user's quota limit from LDAP. It works fine when user has quota attribute in LDAP (this is when it's different from default quota). But when user doesn't have quota limit attribute Dovecot doesn't take default value defined in quota plugin and assign unlimit quota to user.
Our configuration is similar to the example from wiki ( http://wiki2.dovecot.org/Quota/Configuration ). This is the plugin configuration
_plugin {_
_ quota = maildir:User quota_
_ quota_rule = *:storage=1G_
_ .........._
_}_
And this is the recovered fields in LDAP search:
_user_attrs = mailMessageStore=home,mailquotasize=quota_rule=*:bytes=%$_
It works if user has mailquotasize in its LDAP entry. But if it hasn't it Dovecot assign 0 instead of *:STORAGE=1G
This is the log when LTMP deliver a mail to a user without mailquotasize attribute:
_auth: Debug: master in: USER#0111#011eepp68#011service=lmtp#011lip=172.31.100.120#011lport=24#011rip=172.31.100.119#011rport=41452_
_auth: Debug: userdb-cache(eepp68,172.31.100.119): miss_
_auth: Debug: ldap(eepp68,172.31.100.119): user search: base=o=Junta de Castilla-La Mancha,c=ES scope=subtree filter=(uid=eepp68) fields=mailMessageStore,MAILQUOTASIZE_
_auth: Debug: ldap(eepp68,172.31.100.119): result: mailMessageStore=/buzones1/e/eepp68; MAILQUOTASIZE MISSING_
_auth: Debug: master out: USER#0111#011eepp68#011home=/buzones1/e/eepp68#011QUOTA_RULE=*:BYTES=_
_lmtp(8235): Debug: auth input: eepp68 home=/buzones1/e/eepp68 quota_rule=*:bytes=_
_lmtp(8235): Debug: Added userdb setting: plugin/quota_rule=*:bytes=_
_lmtp(8235, eepp68): Debug: Effective uid=11184, gid=2110, home=/buzones1/e/eepp68_
_lmtp(8235, eepp68): Debug: Quota root: name=User quota backend=maildir args=_
_lmtp(8235, eepp68): Debug: Quota rule: root=User quota mailbox=* bytes=0 messages=0_
I tried it with defining default_fields in userdb but I get the same result:
_userdb {_
driver = ldap
args = /etc/dovecot/dovecot-ldap-lmtp.conf.ext
default_fields = quota_rule=*:bytes=1073741824
}
If I don't recover mailquotasize (user_attrs = mailMessageStore=home) Dovecot assign default quota limit, so it works in this case:
auth: Debug: master in: USER#0111#011eepp68#011service=lmtp#011lip=172.31.100.120#011lport=24#011rip=172.31.100.119#011rport=41427
auth: Debug: userdb-cache(eepp68,172.31.100.119): miss
auth: Debug: ldap(eepp68,172.31.100.119): user search: base=o=Junta de Castilla-La Mancha,c=ES scope=subtree filter=(uid=eepp68) fields=mailMessageStore
auth: Debug: ldap(eepp68,172.31.100.119): result: mailMessageStore=/buzones1/e/eepp68
auth: Debug: master out: USER#0111#011eepp68#011home=/buzones1/e/eepp68
lmtp(8198): Debug: auth input: eepp68 home=/buzones1/e/eepp68
lmtp(8198, eepp68): Debug: Effective uid=11184, gid=2110, home=/buzones1/e/eepp68
lmtp(8198, eepp68): Debug: Quota root: name=User quota backend=maildir args=
lmtp(8198, eepp68): Debug: Quota rule: root=User quota mailbox=* bytes=1073741824 messages=0
Any idea about where is the problem?
This is my LDAP configuration for LTMP:
hosts = xxx.xxxx.es:389 dn = ........ dnpass = xxxxxxx ldap_version = 3 base = o=mibase,c=ES user_attrs = mailMessageStore=home,mailquotasize=quota_rule=*:bytes=%$ user_filter = (uid=%u)
And this is my Dovecot configuracion:
# 2.1.1: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-279.1.1.el6.x86_64 x86_64 CentOS release 6.3 (Final) auth_cache_size = 20 M auth_debug = yes auth_verbose = yes base_dir = /var/run/dovecot/ default_internal_user = vmail default_process_limit = 200 disable_plaintext_auth = no dotlock_use_excl = no hostname = correo.jccm.es lda_mailbox_autocreate = yes login_greeting = Correo jccm.es mail_debug = yes mail_fsync = always mail_gid = 2110 mail_location = maildir:~/Maildir:INDEX=/var/dovecot/index/%n mail_nfs_storage = yes mail_plugins = " quota" mail_uid = 11184 managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave vnd.dovecot.pipe vnd.dovecot.execute mbox_write_locks = fcntl mmap_disable = yes namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = INBOX. separator = . type = private } passdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } plugin { quota = maildir:User quota quota_rule = *:storage=1G quota_warning = storage=80%% quota-warning 80 %n sieve = ~/.dovecot.sieve sieve_execute_bin_dir = /repositorio/paulo/scripts/sieve/extprograms sieve_extensions = +vnd.dovecot.execute +vnd.dovecot.pipe sieve_filter_bin_dir = /repositorio/paulo/scripts/sieve/extprograms sieve_pipe_bin_dir = /repositorio/paulo/scripts/sieve/extprograms sieve_plugins = sieve_extprograms } postmaster_address = postmaster@jccm.es protocols = imap pop3 lmtp sieve rejection_reason = Tu mensaje enviado a fue automaticamente rechazado:%n%r rejection_subject = Rechazado: %s service imap-login { process_min_avail = 10 service_count = 0 } service imap-postlogin { drop_priv_before_exec = yes executable = script-login /repositorio/paulo/scripts/dovecot/migrar-postlogin.sh user = $default_internal_user } service lmtp { inet_listener lmtp { port = 24 } } service pop3-login { service_count = 0 } service pop3-postlogin { drop_priv_before_exec = yes executable = script-login /repositorio/paulo/scripts/dovecot/migrar-postlogin.sh user = $default_internal_user } service quota-warning { executable = script /repositorio/paulo/scripts/postfix-quota-warning.sh unix_listener quota-warning { user = vmail } user = dovecot } ssl_cert =
Hi Raul,
Raul Jareño Morago wrote:
We get user's quota limit from LDAP. It works fine when user has quota attribute in LDAP (this is when it's different from default quota). But when user doesn't have quota limit attribute Dovecot doesn't take default value defined in quota plugin and assign unlimit quota to user.
Our configuration is similar to the example from wiki ( http://wiki2.dovecot.org/Quota/Configuration ). This is the plugin configuration
plugin { quota = maildir:User quota quota_rule = *:storage=1G }
And this is the recovered fields in LDAP search:
user_attrs = > mailMessageStore=home,mailquotasize=quota_rule=*:bytes=%$
It works if user has mailquotasize in its LDAP entry. But if it hasn't it Dovecot assign 0 instead of *:STORAGE=1G
This is the log when LTMP deliver a mail to a user without mailquotasize attribute:
_auth: Debug: ldap(eepp68,172.31.100.119): result: mailMessageStore=/buzones1/e/eepp68; MAILQUOTASIZE MISSING
LDAP Entry for mailquotasize is missing... so far so good.
auth: Debug: master out: USER#0111#011eepp68#011home=/buzones1/e/eepp68#011QUOTA_RULE=*:BYTES= lmtp(8235): Debug: auth input: eepp68 home=/buzones1/e/eepp68 quota_rule=*:bytes= lmtp(8235): Debug: Added userdb setting: plugin/quota_rule=*:bytes=
Here comes the interesting part, ldap "userdb" has returned "QUOTA_RULE=*:BYTES=" and this empty value seems to correspond to 0 Bytes as you can read from the resulting Quota rule:
lmtp(8235, eepp68): Debug: Quota rule: root=User quota mailbox=* bytes=0 messages=0
The "bytes=..." value should be different from 0.
http://wiki2.dovecot.org/Quota/Configuration#LDAP states that user_attrs is used only if you use userdb ldap.
Where is the "userdb" ldap in your doveconf -n output and where do you get the user information like quota from?
Any idea about where is the problem?
The default is not taken since your LDAP query returns a quota_rule with an empty bytes= value when the mailquotasize entry is missing.
Regards Daniel
Hello Raul,
Raul Jareño Morago wrote:
We get user's quota limit from LDAP. It works fine when user has quota attribute in LDAP (this is when it's different from default quota). But when user doesn't have quota limit attribute Dovecot doesn't take default value defined in quota plugin and assign unlimit quota to user.
Your version 2.1.1 is affected by a bug which has been fixed in newer Dovecot Releases: http://hg.dovecot.org/dovecot-2.1/rev/4bbc12a87a29
Also see http://dovecot.org/doc/NEWS-2.1
v2.1.7 2012-05-29 Timo Sirainen tss@iki.fi
- LDAP: Compatibility fix for v2.0: ldap: If attributes contain ldapAttr=key=template%$ and ldapAttr doesn't exist, skip the key instead of using "template" value with empty %$ part for the key.
Please update to latest stable release 2.1.8 which contains a lot of important fixes.
Regards Daniel
Ok, I'll do it next monday. Thank you very much!!!
A las Sábado, 28-07-2012 en 4:34 Daniel Parthey escribió:
Hello Raul,
Raul Jareño Morago wrote:
We get user's quota limit from LDAP. It works fine when user has quota attribute in LDAP (this is when it's different from default quota). But when user doesn't have quota limit attribute Dovecot doesn't take default value defined in quota plugin and assign unlimit quota to user.
Your version 2.1.1 is affected by a bug which has been fixed in newer Dovecot Releases: http://hg.dovecot.org/dovecot-2.1/rev/4bbc12a87a29
Also see http://dovecot.org/doc/NEWS-2.1
v2.1.7 2012-05-29 Timo Sirainen
* LDAP: Compatibility fix for v2.0: ldap: If attributes contain ldapAttr=key=template%$ and ldapAttr doesn't exist, skip the key instead of using "template" value with empty %$ part for the key.
Please update to latest stable release 2.1.8 which contains a lot of important fixes.
Regards Daniel
participants (2)
-
Daniel Parthey
-
RAUL JAREÑO MORAGO