[Dovecot] 1.0.rc23 tomorrow
http://dovecot.org/nightly/dovecot-latest.tar.gz
Would be nice to get some testing before the actual release.
I've now finally gone through all the "TODO" mails in this list and my INBOX and fixed pretty much every problem I know of. There are still some mbox bugs, but I can't really get them fixed unless someone figures out how to reproduce them (http://wiki.dovecot.org/MboxProblems).
I think documentation is the last thing that should be done before v1.0. I'm happy enough with the code as it is now, unless some new bugs again appear.
The notable changes since rc22:
* deliver doesn't ever exit with Dovecot's internal exit codes anymore.
All its internal exit codes are changed to EX_TEMPFAIL.
+ PAM: blocking=yes in args uses an alternative way to do PAM checks.
Try it if you're having problems with PAM.
+ userdb passwd: blocking=yes in args makes the userdb lookups be done
in auth worker processes. Set it if you're doing remote NSS lookups
(eg. nss_ldap problems are fixed by this).
+ If PAM child process hasn't responded in two minutes, send KILL
signal to it (only with blocking=no)
- IMAP: APPEND ate all CPU while waiting for more data from the client
(broken in rc22)
- mbox: When saving a message to an empty mbox file it got one UID
which immediately was incremented.
- mbox: Fixed some wrong "uid-last unexpectedly lost" errors.
- auth cache: In some situations we crashed if passdb had extra_fields.
- auth cache: Special extra_fields weren't saved to auth cache.
For example allow_nets restrictions were ignored for cached entries.
- A lot of initial login processes could cause auth socket errors
in log file at startup, if dovecot-auth started slowly. Now the
login processes are started only after dovecot-auth has finished
initializing itself.
- imap/pop3 proxy: Don't crash if the remote server disconnects before
we're logged in.
- deliver: Don't bother trying to save the mail twice into the default
mailbox (eg. if it's over quota).
- mmap_disable=yes + non-Linux was really slow with large
dovecot.index.cache files
- MySQL couldn't be used as a masterdb
- Trash plugin was more or less broken
- imap/pop3 couldn't load plugins if they chrooted
- imap/pop3-login process could crash in some conditions
- checkpassword-reply crashed if USER/HOME wasn't setTimo Sirainen wrote:
- OK Dovecot ready. O LOGIN gamito@mail.sincity.lan zooropa
- BYE Internal login failure. Refer to server log for more information. Connection closed by foreign host.
http://dovecot.org/nightly/dovecot-latest.tar.gz Ok, so now, i have: [root@mail dovecot-1.0.rc22]# telnet mail.sincity.lan 143 Trying 192.168.5.129... Connected to mail.sincity.lan (192.168.5.129). Escape character is '^]'.
dovecot: Feb 17 12:50:22 Info: auth(default): client in: AUTH 1 PLAIN service=IMAP secured lip=192.168.5.129 rip=192.168.5.129 resp=<hidden> dovecot: Feb 17 12:50:22 Info: auth(default): checkpassword(gamito@mail.sincity.lan,192.168.5.129): Executed: /usr/local/bin/auth_imap /usr/local/libexec/dovecot/checkpassword-reply dovecot: Feb 17 12:50:22 Info: auth(default): checkpassword(gamito@mail.sincity.lan,192.168.5.129): Received input: userdb_uid=0 userdb_gid=0 dovecot: Feb 17 12:50:22 Info: auth(default): checkpassword(gamito@mail.sincity.lan,192.168.5.129): Received no input dovecot: Feb 17 12:50:22 Info: auth(default): checkpassword(gamito@mail.sincity.lan,192.168.5.129): exit_status=0 dovecot: Feb 17 12:50:22 Info: auth(default): client out: OK 1 user=gamito@mail.sincity.lan dovecot: Feb 17 12:50:22 Info: auth(default): master in: REQUEST 2 22717 1 dovecot: Feb 17 12:50:22 Info: auth(default): master out: USER 2 gamito@mail.sincity.lan uid=0 gid=0 dovecot: Feb 17 12:50:22 Error: Logins with UID 0 not permitted (user gamito@mail.sincity.lan) dovecot: Feb 17 12:50:22 Info: imap-login: Internal login failure: user=gamito@mail.sincity.lan, method=PLAIN, rip=192.168.5.129, lip=192.168.5.129, secured
You know, i was about to install courier-imap (which i don't like), wehn a colleague of mine that works in SAPO (i'm portuguese) recommended me dovecot, saying it was fire and forget software with qmail-ldap.
Unfortunately, this seems not to be the case. Probably, it is my bad, something that i don't see or don't know how is done.
Oh well...
Warm Regards, Mário Gamito
On 17.2.2007, at 15.31, Mário Gamito wrote:
You know, i was about to install courier-imap (which i don't like),
wehn a colleague of mine that works in SAPO (i'm portuguese)
recommended me dovecot, saying it was fire and forget software with
qmail-ldap.Unfortunately, this seems not to be the case. Probably, it is my bad, something that i don't see or don't know
how is done.
The problem is that qmail-ldap doesn't work the way Dovecot expects
it to work. I'd even say that qmail-ldap'a auth_imap is broken since
it doesn't work the way checkpassword binary is supposed to work.
However setting the auth user like I said earlier would most likely
fix this. But you'll first need to know what the auth user is. It's
not the virtual username, it's some system user in /etc/passwd. But I
don't know what username qmail-ldap is using, so you'll first need to
figure out what the user is (it's the same user that's used to store
the mails).
Hi,
However setting the auth user like I said earlier would most likely fix this. But you'll first need to know what the auth user is. It's not the virtual username, it's some system user in /etc/passwd. But I don't know what username qmail-ldap is using, so you'll first need to figure out what the user is (it's the same user that's used to store the mails). Ok, so after i find which user is, how do i configure dovecote to work with it ?
The way you've suggested dovecot doesn't start: auth default { .. user = your-mail-user .. }
Any help would be appreciated.
Warm Regards, Mário Gamito
Hi, Hi,
So i inserted the user vmail (the one which delivers the messages) like you've tld me, but i got the error:
"dovecot: Feb 17 12:50:22 Error: Logins with UID 0 not permitted (user gamito@mail.sincity.lan) dovecot: Feb 17 12:50:22 Info: imap-login: Internal login failure: user=gamito@mail.sincity.lan, method=PLAIN, rip=192.168.5.129, lip=192.168.5.129, secured"
Any ideas ?
Warm Regards, Mário Gamito
On Sat, 2007-02-17 at 16:53 +0000, Mário Gamito wrote:
So i inserted the user vmail (the one which delivers the messages) like you've tld me, but i got the error:
"dovecot: Feb 17 12:50:22 Error: Logins with UID 0 not permitted (user gamito@mail.sincity.lan) dovecot: Feb 17 12:50:22 Info: imap-login: Internal login failure: user=gamito@mail.sincity.lan, method=PLAIN, rip=192.168.5.129, lip=192.168.5.129, secured"
Well that looks like dovecot-auth is still running as root instead of as vmail. What does "dovecot -n" say?
Hi,
Well that looks like dovecot-auth is still running as root instead of as vmail. What does "dovecot -n" say? [root@mail qmail]# /usr/local/sbin/dovecot -n # /usr/local/etc/dovecot.conf base_dir: /var/run/dovecot/ log_path: /var/log/dovecot/dovecot.log listen: 192.168.5.129 ssl_disable: yes ssl_cipher_list: ALL:!LOW disable_plaintext_auth: no verbose_ssl: yes login_dir: /var/run/dovecot/login login_executable: /usr/local/libexec/dovecot/imap-login mail_location: /var/qmail/maildirs:~/Maildir mail_debug: yes auth default: mechanisms: plain login user: vmail verbose: yes debug: yes passdb: driver: checkpassword args: /usr/local/bin/auth_imap userdb: driver: prefetch [root@mail qmail]#
Warm Regards, Mário Gamito P. S.: I really want to drop off courier-imap and i appreciate very much the help you've been giving to me. Thank you.
On 17.2.2007, at 20.01, Mário Gamito wrote:
"dovecot: Feb 17 12:50:22 Error: Logins with UID 0 not permitted
(user gamito@mail.sincity.lan) .. auth default: mechanisms: plain login user: vmail
Well .. The only thing I can think of is that you've created your
vmail with UID 0.
On Sat, 2007-02-17 at 18:20 +0000, Mário Gamito wrote:
Hi,
Well .. The only thing I can think of is that you've created your vmail with UID 0. vmail:x:511:506::/home/vmail:/bin/false
Ok, i rest my case :(
Well, what does ps show dovecot-auth process running as? vmail or root?
Hi,
thank you for not giving up on me :)
Well, what does ps show dovecot-auth process running as? vmail or root? vmail 23250 0.0 0.5 4960 1284 ? S 16:45 0:00 dovecot-auth dovecot 23251 0.0 0.4 5076 1136 ? S 16:45 0:01 imap-login dovecot 23252 0.0 0.4 5076 1136 ? S 16:45 0:01 imap-login dovecot 23255 0.0 0.4 5408 1128 ? S 16:45 0:00 imap-login root 23408 0.0 0.3 3068 784 pts/0 R+ 17:41 0:00 ps aux
Warm Regards, Mário Gamito
On 17.2.2007, at 21.26, Mário Gamito wrote:
thank you for not giving up on me :)
Well, what does ps show dovecot-auth process running as? vmail or
root? vmail 23250 0.0 0.5 4960 1284 ? S 16:45 0:00
dovecot-auth
Well, I don't really get it. Is auth_imap setuid-root? I tried
already that it worked with me.
On Sat, 2007-02-17 at 20:26 +0000, Mário Gamito wrote:
Hi,
Well, I don't really get it. Is auth_imap setuid-root? No.
I tried already that it worked with me. What have you done ? Can you show me your dovecot.conf ?
Well, I didn't try with the real qmail-ldap, only with a simple script that did what I thought was the same.
The weird thing with your problem is that checkpassword-reply sends userdb_uid=0, which means that it was running as root. But since dovecot-auth is running as vmail, I can't think of why it would be running as root.
You could try the same thing I did though, instead of auth_imap try running this simple script:
#!/bin/sh
exec $1
P. S.: I really want to drop off courier-imap and i appreciate very much the help you've been giving to me. Thank you.
I have found the support for dovecot a'la Timo to be better than any other software I've ever used... and the same goes for the quality of the s/w.
I'm really excited about dovecot getting ready to hit the 1.0 milestone, and even more excited about what will be coming in the next versions...
On Sat, 17 Feb 2007 15:09:11 +0200 Timo Sirainen tss@iki.fi wrote:
http://dovecot.org/nightly/dovecot-latest.tar.gz
Would be nice to get some testing before the actual release.
I installed here and it's working perfectly, as always. ;)-- http://u-br.net Linux 2.6.20: Homicidal Dwarf Hamster
Timo Sirainen wrote:
http://dovecot.org/nightly/dovecot-latest.tar.gz
Would be nice to get some testing before the actual release.
I've now finally gone through all the "TODO" mails in this list and my INBOX and fixed pretty much every problem I know of. There are still some mbox bugs, but I can't really get them fixed unless someone figures out how to reproduce them (http://wiki.dovecot.org/MboxProblems).
I think documentation is the last thing that should be done before v1.0. I'm happy enough with the code as it is now, unless some new bugs again appear.
The notable changes since rc22:
- deliver doesn't ever exit with Dovecot's internal exit codes anymore. All its internal exit codes are changed to EX_TEMPFAIL.
- PAM: blocking=yes in args uses an alternative way to do PAM checks. Try it if you're having problems with PAM.
- userdb passwd: blocking=yes in args makes the userdb lookups be done in auth worker processes. Set it if you're doing remote NSS lookups (eg. nss_ldap problems are fixed by this).
- If PAM child process hasn't responded in two minutes, send KILL signal to it (only with blocking=no)
- IMAP: APPEND ate all CPU while waiting for more data from the client (broken in rc22)
- mbox: When saving a message to an empty mbox file it got one UID which immediately was incremented.
- mbox: Fixed some wrong "uid-last unexpectedly lost" errors.
- auth cache: In some situations we crashed if passdb had extra_fields.
- auth cache: Special extra_fields weren't saved to auth cache. For example allow_nets restrictions were ignored for cached entries.
- A lot of initial login processes could cause auth socket errors in log file at startup, if dovecot-auth started slowly. Now the login processes are started only after dovecot-auth has finished initializing itself.
- imap/pop3 proxy: Don't crash if the remote server disconnects before we're logged in.
- deliver: Don't bother trying to save the mail twice into the default mailbox (eg. if it's over quota).
- mmap_disable=yes + non-Linux was really slow with large dovecot.index.cache files
- MySQL couldn't be used as a masterdb
- Trash plugin was more or less broken
- imap/pop3 couldn't load plugins if they chrooted
- imap/pop3-login process could crash in some conditions
- checkpassword-reply crashed if USER/HOME wasn't set
works as stable with me (Linux 2.4.31, Thunderbird Windows XP-Client, IMAPS) as rc22.
except:
dovecot: Feb 18 11:44:07 Info: IMAP(rainer): copy -> Trash: uid=203, msgid=SAjf071BeSip6f@route66.homenet.local dovecot: Feb 18 11:44:07 Info: IMAP(rainer): copy -> Trash: uid=204, msgid=SABwXVsN9w9KSK@route66.homenet.local dovecot: Feb 18 11:44:07 Info: IMAP(rainer): copy -> Trash: uid=205, msgid=SAGoI6iNDc8E0e@route66.homenet.local dovecot: Feb 18 11:44:07 Error: IMAP(rainer): Sending log messages too fast, throttling..
with mail_log_max_lines_per_sec = 2 (have continuously been reducing the value from 10, but it keeps happening.)
-- in diesem Sinne, Rainer
On Sun, 2007-02-18 at 11:49 +0100, Rainer Ophoven wrote:
dovecot: Feb 18 11:44:07 Error: IMAP(rainer): Sending log messages too fast, throttling..
with mail_log_max_lines_per_sec = 2 (have continuously been reducing the value from 10, but it keeps happening.)
Lowering only makes the problem worse :) Either disable it by setting it to 0 or set it higher.
Timo Sirainen schrieb:
http://dovecot.org/nightly/dovecot-latest.tar.gz
Would be nice to get some testing before the actual release.
I've now finally gone through all the "TODO" mails in this list and my INBOX and fixed pretty much every problem I know of. There are still some mbox bugs, but I can't really get them fixed unless someone figures out how to reproduce them (http://wiki.dovecot.org/MboxProblems).
I think documentation is the last thing that should be done before v1.0. I'm happy enough with the code as it is now, unless some new bugs again appear.
The notable changes since rc22:
- deliver doesn't ever exit with Dovecot's internal exit codes anymore. All its internal exit codes are changed to EX_TEMPFAIL.
Does this happen for definitive (= permanent) "no such user" issues, too? If so, EX_NOUSER should perhaps be supported as well, to name just one example.
- PAM: blocking=yes in args uses an alternative way to do PAM checks. Try it if you're having problems with PAM.
- userdb passwd: blocking=yes in args makes the userdb lookups be done in auth worker processes. Set it if you're doing remote NSS lookups (eg. nss_ldap problems are fixed by this).
This "blocking" is one of the knobs that are hard to explain to end users. More information is required as to when exactly these are mandatory and what exactly they fix, and how.
Oh, and given the amount of changes this release had, there should be no changes before the release that aren't made available as rc24. Just remember Linux 2.6.8...
On Tue, 2007-02-20 at 15:24 +0100, Matthias Andree wrote:
The notable changes since rc22:
- deliver doesn't ever exit with Dovecot's internal exit codes anymore. All its internal exit codes are changed to EX_TEMPFAIL.
Does this happen for definitive (= permanent) "no such user" issues, too? If so, EX_NOUSER should perhaps be supported as well, to name just one example.
Yes, those were done before and are also now. I only changed that now all i_fatal() calls (eg. config errors, out of memory, etc.) return EX_TEMPFAIL.
- PAM: blocking=yes in args uses an alternative way to do PAM checks. Try it if you're having problems with PAM.
- userdb passwd: blocking=yes in args makes the userdb lookups be done in auth worker processes. Set it if you're doing remote NSS lookups (eg. nss_ldap problems are fixed by this).
This "blocking" is one of the knobs that are hard to explain to end users. More information is required as to when exactly these are mandatory and what exactly they fix, and how.
I think userdb passwd's wiki page explains it well enough now. I should add it also to PAM. Although in PAM case I'm not sure how useful it is going to be to anyone.
Oh, and given the amount of changes this release had, there should be no changes before the release that aren't made available as rc24. Just remember Linux 2.6.8...
Yes, that was my intent. Only change in v1.0 vs. previous RC will be the version number change.
participants (6)
-
Charles Marcus
-
Dâniel Fraga
-
Matthias Andree
-
Mário Gamito
-
Rainer Ophoven
-
Timo Sirainen