[Dovecot] lmtp_rcpt_check_quota not working
Hi,
Dovecot 2.2.9 (Debian package from backports) does not seem to respect lmtp_rcpt_check_quota
# 2.2.9: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-4-amd64 x86_64 Debian 7.4 deliver_log_format = from=<%e>, size=%p, message-id=<%m>, status=%$ disable_plaintext_auth = no lmtp_rcpt_check_quota = yes mail_debug = yes mail_gid = mstore mail_location = maildir:~/Maildir:INDEX=/var/cache/dovecot/index/%-1.1u/%u mail_plugins = quota mail_uid = mstore managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mmap_disable = yes namespace inbox { inbox = yes location = mailbox Drafts { auto = subscribe special_use = \Drafts } mailbox Junk { auto = subscribe special_use = \Junk } mailbox Sent { auto = subscribe special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { auto = subscribe special_use = \Trash } prefix = INBOX. separator = . type = private } passdb { args = /etc/dovecot/dovecot-ldap.conf driver = ldap } plugin { quota = maildir quota_rule = ?:storage=512M quota_rule2 = INBOX.Trash:ignore quota_status_nouser = DUNNO quota_status_overquota = 452 4.2.2 Mailbox is full quota_status_success = DUNNO quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=85%% quota-warning 85 %u sieve = ~/currently-active-script.sieve sieve_dir = ~/sieve } pop3_uidl_format = %08Xv%08Xu protocols = imap lmtp sieve pop3 quota_full_tempfail = yes service anvil { client_limit = 3000 unix_listener anvil { group = sudo mode = 0660 } } service auth { client_limit = 3000 unix_listener auth-userdb { group = mstore mode = 0660 user = mstore } } service imap-login { client_limit = 1024 inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } process_limit = 2500 process_min_avail = 4 service_count = 0 } service lmtp { inet_listener lmtp { address = xxx port = 24 } } service managesieve-login { inet_listener sieve { port = 2000 } service_count = 1 } service managesieve { process_limit = 1024 } service pop3-login { inet_listener pop3 { port = 110 } inet_listener pop3s { port = 995 ssl = yes } } service quota-status { client_limit = 5 executable = quota-status -p postfix inet_listener { address = xxx port = 12340 } } service quota-warning { executable = script /etc/dovecot/quotawarnmsg.sh unix_listener quota-warning { user = mstore } user = mstore } ssl_cert = </etc/dovecot/dovecot.pem ssl_key = </etc/dovecot/private/dovecot.pem userdb { driver = prefetch } userdb { args = /etc/dovecot/dovecot-ldap.conf driver = ldap } verbose_proctitle = yes protocol imap { mail_plugins = quota imap_quota imap_zlib } protocol lda { mail_plugins = quota sieve } protocol lmtp { mail_plugins = quota sieve }
so Dovecot should reject in RCPT TO phase, but according to the logs of the upstream Postfix it does so after END-OF-DATA
(host xxx[2001:xxx] said: 452 4.2.2 <user@domain.de> Quota exceeded (mailbox for user is full) (in reply to end of DATA command))
I haven't seen any commits regarding to this in 2.2.10 or tip.
Regards, Bernhard
Le 11 févr. 2014 à 08:34, Bernhard Schmidt a écrit :
[...] so Dovecot should reject in RCPT TO phase, but according to the logs of the upstream Postfix it does so after END-OF-DATA
(host xxx[2001:xxx] said: 452 4.2.2 <user@domain.de> Quota exceeded (mailbox for user is full) (in reply to end of DATA command)) [...]
Hello Bernhard,
Could you exercise your quota-status service with variations of:
# telnet xxx 12340
Trying xxx...
Connected to xxx.
Escape character is '^]'.
recipient=john.doe@example.com
size=1000000
action=OK
^]
and see whether the replies are the expected one?
If yes, this would point to some error in Postfix' configuration.
If not, well... could be you are facing the same kind of problem I'm having here (never managed to have the service reply anything else than "OK" or "REJECT Unknown user"...)
HTH, Axel
Axel Luttgens <AxelLuttgens@swing.be> wrote:
Hi Axel,
Le 11 févr. 2014 à 08:34, Bernhard Schmidt a écrit :
[...] so Dovecot should reject in RCPT TO phase, but according to the logs of the upstream Postfix it does so after END-OF-DATA
(host xxx[2001:xxx] said: 452 4.2.2 <user@domain.de> Quota exceeded (mailbox for user is full) (in reply to end of DATA command)) [...]
Hello Bernhard,
Could you exercise your quota-status service with variations of:
# telnet xxx 12340 Trying xxx... Connected to xxx. Escape character is '^]'. recipient=john.doe@example.com size=1000000
action=OK
^]
and see whether the replies are the expected one?
If yes, this would point to some error in Postfix' configuration.
If not, well... could be you are facing the same kind of problem I'm having here (never managed to have the service reply anything else than "OK" or "REJECT Unknown user"...)
quota-status works absolutely fine, our frontend MXes defer mails for mailboxes over quota. But when we try to send a mail to the mailbox nevertheless through LMTP (i.e. because it was generated on a server that doesn't check quota-status), it is deferred in LMTP in the END-OF-DATA phase, not in RCPT TO as expected.
Bernhard
Bernhard Schmidt <berni@birkenwald.de> wrote:
Hi,
Axel Luttgens <AxelLuttgens@swing.be> wrote:
Hi Axel,
Le 11 févr. 2014 à 08:34, Bernhard Schmidt a écrit :
[...] so Dovecot should reject in RCPT TO phase, but according to the logs of the upstream Postfix it does so after END-OF-DATA
(host xxx[2001:xxx] said: 452 4.2.2 <user@domain.de> Quota exceeded (mailbox for user is full) (in reply to end of DATA command)) [...]
Hello Bernhard,
Could you exercise your quota-status service with variations of:
# telnet xxx 12340 Trying xxx... Connected to xxx. Escape character is '^]'. recipient=john.doe@example.com size=1000000
action=OK
^]
and see whether the replies are the expected one?
If yes, this would point to some error in Postfix' configuration.
If not, well... could be you are facing the same kind of problem I'm having here (never managed to have the service reply anything else than "OK" or "REJECT Unknown user"...)
quota-status works absolutely fine, our frontend MXes defer mails for mailboxes over quota. But when we try to send a mail to the mailbox nevertheless through LMTP (i.e. because it was generated on a server that doesn't check quota-status), it is deferred in LMTP in the END-OF-DATA phase, not in RCPT TO as expected.
To follow up here:
Dovecot 2.2.13 (from Debian testing compiled on wheezy) is still showing the same behaviour as 2.2.9. lmtp_rcpt_check_quota is apparently ignored, the over-quota defer happens after the DATA phase.
# 2.2.13: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-4-amd64 x86_64 Debian 7.8 [...] lmtp_rcpt_check_quota = yes quota_full_tempfail = yes protocol lmtp { mail_plugins = quota sieve }
-> MAIL FROM:<sender@domain.de> <- 250 2.1.0 OK -> RCPT TO:<recipient@domain.de> <- 250 2.1.5 OK -> DATA <- 354 OK -> Date: Thu, 29 Jan 2015 13:35:51 +0100 -> To: recipient@domain.de -> From: sender@domain.de -> Subject: test Thu, 29 Jan 2015 13:35:51 +0100 -> X-Mailer: swaks v20120320.0 jetmore.org/john/code/swaks/ -> -> This is a test mailing -> -> . <** 452 4.2.2 <recipient@domain.de> Quota exceeded (mailbox for user is full)
With 2.2.15 from dovecot-ee it is different. The quota is now checked at RCPT stage
# 2.2.15.8 (912dd04d7a14+): /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.6 (4b9b9a88ac9b) # OS: Linux 3.2.0-4-amd64 x86_64 Debian 7.8
-> MAIL FROM:<sender@domain.de> <- 250 2.1.0 OK -> RCPT TO:<recipient@domain.de> <** 552 5.2.2 <recipient@domain.de> Quota exceeded (mailbox for user is full)
But as you can see, the setting for quota_full_tempfail is now ignored. It should be deferring the message, not rejecting it. When I disable lmtp_rcpt_check_quota it behaves like 2.2.13.
Summary:
- In 2.2.9 and 2.2.13 lmtp_rcpt_check_quota is ignored
- In 2.2.15 lmtp_rcpt_check_quota works, but quota_full_tempfail is ignored at the RCPT TO stage. It still works at the DATA stage, so disabling lmtp_rcpt_check_quota is a workaround falling back to 2.2.13 behaviour
Bernhard
Bernhard Schmidt <berni@birkenwald.de> wrote:
*bump* this is still an issue with Dovecot 2.2.18.2 from the dovecot-ee repository
With 2.2.15 from dovecot-ee it is different. The quota is now checked at RCPT stage
# 2.2.15.8 (912dd04d7a14+): /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.6 (4b9b9a88ac9b) # OS: Linux 3.2.0-4-amd64 x86_64 Debian 7.8
-> MAIL FROM:<sender@domain.de> <- 250 2.1.0 OK -> RCPT TO:<recipient@domain.de> <** 552 5.2.2 <recipient@domain.de> Quota exceeded (mailbox for user is full)
But as you can see, the setting for quota_full_tempfail is now ignored. It should be deferring the message, not rejecting it. When I disable lmtp_rcpt_check_quota it behaves like 2.2.13.
Summary:
- In 2.2.9 and 2.2.13 lmtp_rcpt_check_quota is ignored
- In 2.2.15 lmtp_rcpt_check_quota works, but quota_full_tempfail is ignored at the RCPT TO stage. It still works at the DATA stage, so disabling lmtp_rcpt_check_quota is a workaround falling back to 2.2.13 behaviour
Bernhard
On 29 Jan 2015, at 14:53, Bernhard Schmidt <berni@birkenwald.de> wrote:
- In 2.2.9 and 2.2.13 lmtp_rcpt_check_quota is ignored
- In 2.2.15 lmtp_rcpt_check_quota works, but quota_full_tempfail is ignored at the RCPT TO stage. It still works at the DATA stage, so disabling lmtp_rcpt_check_quota is a workaround falling back to 2.2.13 behaviour
Finally fixed in upcoming v2.2.20.
Bernhard Schmidt <berni@birkenwald.de> wrote:
Hi Timo,
in case you missed that...
Hi,
Dovecot 2.2.9 (Debian package from backports) does not seem to respect lmtp_rcpt_check_quota
# 2.2.9: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-4-amd64 x86_64 Debian 7.4 deliver_log_format = from=<%e>, size=%p, message-id=<%m>, status=%$ disable_plaintext_auth = no lmtp_rcpt_check_quota = yes mail_debug = yes mail_gid = mstore mail_location = maildir:~/Maildir:INDEX=/var/cache/dovecot/index/%-1.1u/%u mail_plugins = quota mail_uid = mstore managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mmap_disable = yes namespace inbox { inbox = yes location = mailbox Drafts { auto = subscribe special_use = \Drafts } mailbox Junk { auto = subscribe special_use = \Junk } mailbox Sent { auto = subscribe special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { auto = subscribe special_use = \Trash } prefix = INBOX. separator = . type = private } passdb { args = /etc/dovecot/dovecot-ldap.conf driver = ldap } plugin { quota = maildir quota_rule = ?:storage=512M quota_rule2 = INBOX.Trash:ignore quota_status_nouser = DUNNO quota_status_overquota = 452 4.2.2 Mailbox is full quota_status_success = DUNNO quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=85%% quota-warning 85 %u sieve = ~/currently-active-script.sieve sieve_dir = ~/sieve } pop3_uidl_format = %08Xv%08Xu protocols = imap lmtp sieve pop3 quota_full_tempfail = yes service anvil { client_limit = 3000 unix_listener anvil { group = sudo mode = 0660 } } service auth { client_limit = 3000 unix_listener auth-userdb { group = mstore mode = 0660 user = mstore } } service imap-login { client_limit = 1024 inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } process_limit = 2500 process_min_avail = 4 service_count = 0 } service lmtp { inet_listener lmtp { address = xxx port = 24 } } service managesieve-login { inet_listener sieve { port = 2000 } service_count = 1 } service managesieve { process_limit = 1024 } service pop3-login { inet_listener pop3 { port = 110 } inet_listener pop3s { port = 995 ssl = yes } } service quota-status { client_limit = 5 executable = quota-status -p postfix inet_listener { address = xxx port = 12340 } } service quota-warning { executable = script /etc/dovecot/quotawarnmsg.sh unix_listener quota-warning { user = mstore } user = mstore } ssl_cert = </etc/dovecot/dovecot.pem ssl_key = </etc/dovecot/private/dovecot.pem userdb { driver = prefetch } userdb { args = /etc/dovecot/dovecot-ldap.conf driver = ldap } verbose_proctitle = yes protocol imap { mail_plugins = quota imap_quota imap_zlib } protocol lda { mail_plugins = quota sieve } protocol lmtp { mail_plugins = quota sieve }
so Dovecot should reject in RCPT TO phase, but according to the logs of the upstream Postfix it does so after END-OF-DATA
(host xxx[2001:xxx] said: 452 4.2.2 <user@domain.de> Quota exceeded (mailbox for user is full) (in reply to end of DATA command))
I haven't seen any commits regarding to this in 2.2.10 or tip.
Regards, Bernhard
participants (3)
-
Axel Luttgens
-
Bernhard Schmidt
-
Timo Sirainen