[Dovecot] maildirsize update error
According to [1], Trash is a reserverd folder name. When moving a message to it, maildirsize should be update with a negative byte count.
If I move a message from any folder to Trash, maildirsize gets two lines, one positive and one negative.
The problem is that a user can't move messages to Trash while being overquota because the positive entry goes before the negative.
I'm using dovecot-1.0rc14.
Regards maykel
[1] http://www.inter7.com/courierimap/README.maildirquota.html
On Thu, 2006-11-16 at 16:07 -0500, Maykel Moya wrote:
According to [1], Trash is a reserverd folder name. When moving a message to it, maildirsize should be update with a negative byte count.
Well, yea.. I'm ignoring that part of the Maildir++ spec. Perhaps it could be done optionally, but I'm not sure if it's still that good of an idea.
I think a better idea is to give Trash mailbox a bit of extra quota, instead of unlimited quota. Unfortunately this won't work with v1.0's quota plugin, but it is possible with my rewritten quota plugin:
http://dovecot.org/patches/1.0/quota-rewrite.diff
# Quota plugin. Multiple backends are supported: # dirsize: Find and sum all the files found from mail directory # dict: Keep quota stored in dictionary (eg. SQL) # maildir: Maildir++ quota # fs: Read-only support for filesystem quota # # Quota limits are set using "quota_rule" parameters, either in here or in # userdb. It's also possible to give mailbox-specific limits, for example: # quota_rule = *:storage=1048576 # quota_rule2 = Trash:storage=102400 # User has now 1GB quota, but when saving to Trash mailbox the user gets # additional 100MB. # # Multiple quota roots are also possible, for example: # quota = dict:user::/etc/dovecot-user-quota.conf # quota2 = dict:domain:%d:/etc/dovecot-domain-quota.conf # quota_rule = *:storage=102400 # quota2_rule = *:storage=1048576 # Gives each user their own 100MB quota and one shared 1GB quota within # the domain. #quota = maildir
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Sat, 18 Nov 2006, Timo Sirainen wrote:
On Thu, 2006-11-16 at 16:07 -0500, Maykel Moya wrote:
According to [1], Trash is a reserverd folder name. When moving a message to it, maildirsize should be update with a negative byte count.
Well, yea.. I'm ignoring that part of the Maildir++ spec. Perhaps it could be done optionally, but I'm not sure if it's still that good of an idea.
I think a better idea is to give Trash mailbox a bit of extra quota, instead of unlimited quota. Unfortunately this won't work with v1.0's quota plugin, but it is possible with my rewritten quota plugin:
The original post mentioned that to move a message into Trash fails, when the user is over quota. This, in the end, prevents an user to get under quota in MailDir++, because the messages are expunged from Trash only.
I agree that it is not good to have an unlimited Trash folder, but to move a message from one folder into Trash should be always possible. (Actually, I think it would be OK to move messages around within the same quota root regardless of the quota at all, because the message is already on the system and it does not matter in which folder, except for Trash.)
Bye,
Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux)
iQEVAwUBRWGi9S9SORjhbDpvAQIuMQgAna5mBpQbIFhTitHTPy69q85srGxInu6p yGmh7nM6GmlX6FfcdWGlqo+Nr2Pt7SftXSowswNCv7JkhH1r+2Pz8TEWEjs17K01 ntaWFsa74uDaOPNqBfwdv39ikyDY9HAJhRIFGrJO/6Nc7OmqfX35WRrHH/0jb1R4 h3tEPgtx/fy2JXCsAz7wVAztVntaEg/oSrxqCfiQf6EfsuFvdbLG/mCe3ZtPSPZl 4ZRp8CWidq97bZX3qdEQIvD8pynEzcRm4VRKy+g3dnpDQ/ziyGxU8lOD4IrIKRdA DbiygA4d66p9kResm7K64FOyaim8MHolunxc49Oc+dAcLPBRMUb9dw== =rCAQ -----END PGP SIGNATURE-----
I agree that it is not good to have an unlimited Trash folder, but to move a message from one folder into Trash should be always possible. (Actually, I think it would be OK to move messages around within the same quota root regardless of the quota at all, because the message is already on the system and it does not matter in which folder, except for Trash.)
Wouldn't it be easier to simply delete messages immediately, instead of moving them to the trash, when the user is over quota?
--
Best regards,
Charles
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Mon, 20 Nov 2006, Charles Marcus wrote:
I agree that it is not good to have an unlimited Trash folder, but to move a message from one folder into Trash should be always possible. (Actually, I think it would be OK to move messages around within the same quota root regardless of the quota at all, because the message is already on the system and it does not matter in which folder, except for Trash.)
Wouldn't it be easier to simply delete messages immediately, instead of moving them to the trash, when the user is over quota?
Yes, BUT:
- MailDir++ sets this method in stone.
- Many people (users, actually) like and use this "Move to Trashbin" feature of "Mozilla" and many other MUAs, most often this method is the default. -- Note: the user would need to reconfigure the MUA in order to be able to delete a message.
- There were talks on this list that a WebMail frontend (SquirrelMail??) uses this method as default, too. You had to disable this method and lost some feature, if I remember correctly.
Bye,
Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux)
iQEVAwUBRWG0Pi9SORjhbDpvAQLfGwf/fmSMJZmq1oGYk44j5CusK1ZCzHPTZs2Z 4PcmDffAJYm6bEiAEAN5ZnHPN/x4iw8O5zTPlfMe7jyo1pkHTejWf3PAKfABYnP4 Hy6XUJpFW506XQeZBwqI5A592DrXAnYf3xv2+hHDrhUnDjHYiqZvw2NcF/e6xzka c2MOIZSvhtdz4iiq4lwc6mVJTlT2l6yW2aLwAvBpXfvHEH+SSnJW1/ca9tjaK+mF 0C6uPwEu+WGkVhVpgAlDi5o2L7O7v28gyWK06c7877HJRUCWCfTJH2wypOwUwRtQ iuZDwE+uWRJHW8JWO/KK5AOO9SuezAJsPlC+aFBY1mjgDXyDnc1OKQ== =VJBU -----END PGP SIGNATURE-----
El lun, 20-11-2006 a las 13:43 +0100, Steffen Kaiser escribió:
On Sat, 18 Nov 2006, Timo Sirainen wrote:
On Thu, 2006-11-16 at 16:07 -0500, Maykel Moya wrote:
According to [1], Trash is a reserverd folder name. When moving a message to it, maildirsize should be update with a negative byte count.
Well, yea.. I'm ignoring that part of the Maildir++ spec. Perhaps it could be done optionally, but I'm not sure if it's still that good of an idea.
I think a better idea is to give Trash mailbox a bit of extra quota, instead of unlimited quota. Unfortunately this won't work with v1.0's quota plugin, but it is possible with my rewritten quota plugin:
The original post mentioned that to move a message into Trash fails, when the user is over quota. This, in the end, prevents an user to get under quota in MailDir++, because the messages are expunged from Trash only.
I detected the problem with complaints from users trying to empty their mail boxes. The webmail tried to move the deleted messages to Trash.
I desirable behaviour would be:
- Add a negative byte and message count to maildirsize whenever a mail is moved into Trash.
- While moving a message do not touch maildirsize at all at least that one of the folders involved (origin / destination) were Trash.
[1] may be nicely combinated with a hard quota limit imposed in dovecot.conf to Trash folder. [2] is necessary regardless the patch Timo provided so a user can move messages among its folders while being overquota.
Regards, maykel
On 21/11/2006, at 9:11 AM, Maykel Moya wrote:
El lun, 20-11-2006 a las 13:43 +0100, Steffen Kaiser escribió:
On Sat, 18 Nov 2006, Timo Sirainen wrote:
On Thu, 2006-11-16 at 16:07 -0500, Maykel Moya wrote:
According to [1], Trash is a reserverd folder name. When moving a message to it, maildirsize should be update with a negative byte
count.Well, yea.. I'm ignoring that part of the Maildir++ spec. Perhaps it could be done optionally, but I'm not sure if it's still that
good of an idea.I think a better idea is to give Trash mailbox a bit of extra quota, instead of unlimited quota. Unfortunately this won't work with
v1.0's quota plugin, but it is possible with my rewritten quota plugin:The original post mentioned that to move a message into Trash
fails, when the user is over quota. This, in the end, prevents an user to get under quota in MailDir++, because the messages are expunged from Trash only.I detected the problem with complaints from users trying to empty
their mail boxes. The webmail tried to move the deleted messages to Trash.I desirable behaviour would be:
- Add a negative byte and message count to maildirsize whenever a
mail is moved into Trash.
What happens when users find that they can store stuff in the Trash
dir when they are out of quota in the other folders? Such behavior
would make trash a haven for getting around quota limits. You could
perhaps threaten users with periodic enforced purges of the trash but
that wouldn't go down well (At least where I work).
- While moving a message do not touch maildirsize at all at least
that one of the folders involved (origin / destination) were Trash.
Given that there is no move in the IMAP specification, Dovecot would
have to do a lookahead to find the expunge command after the copy
command for all move operations. That would mean that dovecot would
have to falsely return success for all copies in order to "see" the
next IMAP command. In short I don't think that it is good/desirable
behavior because of these problems.
Regards,
Ben Marsh
What happens when users find that they can store stuff in the Trash dir when they are out of quota in the other folders? Such behavior would make trash a haven for getting around quota limits. You could perhaps threaten users with periodic enforced purges of the trash but that wouldn't go down well (At least where I work).
I'm curious... we don't use quotas here, but I've been thinking about implementing them.
We also use Thunderbird as our preferred mail client, and while I agree that our users would *not* be happy about losing the ability to keep a weeks worth of trashed mail, Thunderbird does (don't most?) have the ability to delete a message immediately, bypassing the 'Move to trash' operation, by simply holding the 'Shift' key while deleting a message.
How does/would dovecot react if a user did this? If dovecot allowed the operation, then wouldn't a simple user education be a viable workaround this happens?
- just tell people how to do this in the mail client they are using when
--
Best regards,
Charles
On 21/11/2006, at 10:56 PM, Charles Marcus wrote:
What happens when users find that they can store stuff in the
Trash dir when they are out of quota in the other folders? Such
behavior would make trash a haven for getting around quota
limits. You could perhaps threaten users with periodic enforced
purges of the trash but that wouldn't go down well (At least where
I work).I'm curious... we don't use quotas here, but I've been thinking
about implementing them.We also use Thunderbird as our preferred mail client, and while I
agree that our users would *not* be happy about losing the ability
to keep a weeks worth of trashed mail, Thunderbird does (don't
most?) have the ability to delete a message immediately, bypassing
the 'Move to trash' operation, by simply holding the 'Shift' key
while deleting a message.How does/would dovecot react if a user did this? If dovecot allowed
the operation, then wouldn't a simple user education be a viable
workaround - just tell people how to do this in the mail client
they are using when this happens?
I guess it all depends on how amenable to education the users are.
But, if user education was all that was necessary, I don't think that
we would need quotas at all.
Regards,
Ben Marsh
Thunderbird does (don't most?) have the ability to delete a message immediately, bypassing the 'Move to trash' operation, by simply holding the 'Shift' key while deleting a message.
How does/would dovecot react if a user did this? If dovecot allowed the operation, then wouldn't a simple user education be a viable workaround - just tell people how to do this in the mail client they are using when this happens?
I guess it all depends on how amenable to education the users are. But, if user education was all that was necessary, I don't think that we would need quotas at all.
Well, that's definitely true, as far as it goes, but not germane to the point under discussion...
No one has answered this question:
How does/would dovecot react if a user did this? If dovecot allowed the operation,
Can someone who has quotas enabled answer the following 3 questions:
- If a user is over quota, and they try to delete a big message while holding down the shift key (in Thunderbird) - does dovecot delete the message and update the users Quota properly, thus resolving the over quota issue?
If so, then - in my case at least - this is a viable option. Of course, it will not eliminate the help desk calls, but at least I can simply point them to their user manual and yell at them for bothering me about something they should already know how to do and that is well documented in both their user manual and explicitly covered during their orientation ;)...
(may have already been answered - if so, I missed it and apologize)... if a user is over quota, and their trash has a bunch of garbage in it - can the delete individual messages from there without an error (since it wouldn't be a 'move' operation anymore)?
Same question for an 'Empty Trash' operation...
In my opinion, the answers to questions 2 & 3 should already be yes - and if not, I would suggest that fixing the code to allow these operations in an over quota situation would be 'a good thing'.
Thanks - this discussion is timely for me...
--
Best regards,
Charles
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Wed, 22 Nov 2006, Ben Marsh wrote:
What happens when users find that they can store stuff in the Trash dir when they are out of quota in the other folders? Such behavior would make trash a
Therefore I wrote before:
I agree that it is not good to have an unlimited Trash folder, but to move a message from one folder into Trash should be always possible.
periodic enforced purges of the trash but that wouldn't go down well (At least where I work).
Here as well.
- While moving a message do not touch maildirsize at all at least that one of the folders involved (origin / destination) were Trash.
Given that there is no move in the IMAP specification, Dovecot would have to do a lookahead to find the expunge command after the copy command for all move operations. That would mean that dovecot would have to falsely return success for all copies in order to "see" the next IMAP command. In short I don't think that it is good/desirable behavior because of these problems.
OK, that's a problem.
Hm, one could restrict this to Trash and rollback the action after the user logs out, N commands or something else, unless the original messages had been expunged. How about to have a feature like "try to hardlink when COPY into Trash"?
Bye,
Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux)
iQEVAwUBRWP6cy9SORjhbDpvAQIyQwf/UqvCpY2E7gRJtaYezHz/PJQLg/RPe8p4 uXpcj68VTSru6GSoyOanVY0jm5UfK5drFixtsh2TjW9ORTLrmTOs8NCW3746EbWh U8nABxR6zvum45epegV15o6YgvaAWZnk1SZjAf6LXckn2TkkhE6h7kDzmlqFkemn H0qmpBw/1apk6B1RFx7wE21rv8r7z2uCQqLlAPf8sTDihNVyR2DWOz53ShmzKLzg bfFuzGFFps2ZaHgWF44gkhxDgyEwRIlP1T9UaVOWgNrnxY3t3eSE0dJugfqj2qJM Qw9nl1ezEfubvvRn3tzLsygohlZ62M7kCFA7LebSqsk/2H1lQVOdgw== =rKcc -----END PGP SIGNATURE-----
-----Original Message----- From: dovecot-bounces@dovecot.org [mailto:dovecot-bounces@dovecot.org] On Behalf Of Steffen Kaiser Sent: Wednesday, November 22, 2006 8:21 AM To: dovecot@dovecot.org Subject: Re: [Dovecot] maildirsize update error
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Wed, 22 Nov 2006, Ben Marsh wrote:
What happens when users find that they can store stuff in the Trash dir when they are out of quota in the other folders? Such behavior would make trash a
Therefore I wrote before:
I agree that it is not good to have an unlimited Trash folder, but to move a message from one folder into Trash should be always possible.
periodic enforced purges of the trash but that wouldn't go down well (At least where I work).
Here as well.
- While moving a message do not touch maildirsize at all at least that one of the folders involved (origin / destination) were Trash.
Given that there is no move in the IMAP specification, Dovecot would have to do a lookahead to find the expunge command after the copy command for all move operations. That would mean that dovecot would have to falsely return success for all copies in order to "see" the next IMAP command. In short I don't think that it is good/desirable behavior because of these problems.
OK, that's a problem.
Hm, one could restrict this to Trash and rollback the action after the user logs out, N commands or something else, unless the original messages had been expunged. How about to have a feature like "try to hardlink when COPY into Trash"?
Bye,
Just a stupid suggestion from a newcomer... Why not introducing a separate quotum for Trash? Could be a percentage of total quota or a predifined amount independent of 'real' quota.
Just my 2 $c
Egbert Jan
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Wed, 22 Nov 2006, Egbert Jan wrote:
Just a stupid suggestion from a newcomer... Why not introducing a separate quotum for Trash? Could be a percentage of total quota or a predifined amount independent of 'real' quota.
OK, consider the following scenario:
All the mailboxes except Trash may allocate 500MB. Trash may allocate any percentage below 100% of 500MB.
One message arrives of the size 500MB, it get spooled into INBOX.
Now try to do anything with it.
OK, this is a worst-case scenario; the independed Trash quota must be larger than or equal to the maximum message size you accept.
Second, someone already pointed out that the user can use Trash as yet-another-folder, e.g. to store information. You effectively increased the quota of the user, or you lower the user's quota (in the view of the user) by reserving part of his quota for Trash. Well, many people will point out that hard disk space is cheap today.
In my opinion, one user has one quota for all the message storred on the system. I used to empose file system quota, with the same effect that a full mailbox locks the users from deleting through Trash. :-(
Bye.
Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux)
iQEVAwUBRWQFyC9SORjhbDpvAQJ8ZAf+NE4EgbpL6pDlrQdm4mYpN/ia0WJ3bhuq r4ii7h4oEUzjopgE2YpTx3tL+m1j1voEF2Paa4ypKyPZmjW4qpJ1SRvlY1BrTpJQ SblYIMXD9fLI4ubf0v5YT/t/Z0g2ppp3XUF2iZ8nN77v7Sug5CZ0GELJgo7q3ss9 RVVsbyyk7cyWn0pZsoK5UNmS08iI0MdUbdreg4EPMncQ4l9N0N4EfeZ4yHHRYZaf EcF7S+XDxGQBlmIx2CujADKIqGDS82ydf4WuhNJ4BDkFKrikVggFoiMIUr9tXh96 cTlZP3KQ0yEjt9S8visZrxTAfuTPATiK9mnJ8F/Hs5x+eyZR0o3cmw== =8cUg -----END PGP SIGNATURE-----
El sáb, 18-11-2006 a las 22:31 +0200, Timo Sirainen escribió:
On Thu, 2006-11-16 at 16:07 -0500, Maykel Moya wrote:
According to [1], Trash is a reserverd folder name. When moving a message to it, maildirsize should be update with a negative byte count.
Well, yea.. I'm ignoring that part of the Maildir++ spec. Perhaps it could be done optionally, but I'm not sure if it's still that good of an idea.
I think a better idea is to give Trash mailbox a bit of extra quota, instead of unlimited quota. Unfortunately this won't work with v1.0's quota plugin, but it is possible with my rewritten quota plugin:
The patch didn't apply cleanly to rc15.
root@pepita:/usr/src/redhat/BUILD/dovecot-1.0.rc15# patch -p0
Regards,
maykel
On Thu, 2006-11-16 at 16:07 -0500, Maykel Moya wrote:
According to [1], Trash is a reserverd folder name. When moving a message to it, maildirsize should be update with a negative byte count.
If I move a message from any folder to Trash, maildirsize gets two lines, one positive and one negative.
The problem is that a user can't move messages to Trash while being overquota because the positive entry goes before the negative.
OK, fine, added support for this:
http://dovecot.org/list/dovecot-cvs/2006-December/007001.html http://wiki.dovecot.org/Quota/Maildir
quota-rewrite.diff patch has also been updated for rc15.
El dom, 03-12-2006 a las 18:17 +0200, Timo Sirainen escribió:
On Thu, 2006-11-16 at 16:07 -0500, Maykel Moya wrote:
According to [1], Trash is a reserverd folder name. When moving a message to it, maildirsize should be update with a negative byte count.
If I move a message from any folder to Trash, maildirsize gets two lines, one positive and one negative.
The problem is that a user can't move messages to Trash while being overquota because the positive entry goes before the negative.
OK, fine, added support for this:
http://dovecot.org/list/dovecot-cvs/2006-December/007001.html http://wiki.dovecot.org/Quota/Maildir
quota-rewrite.diff patch has also been updated for rc15.
The patch applied cleanly but Dovecot didn't compiled. Using rc15
Regards maykel
trash-plugin.c:103: warning: struct quota_root_transaction_context' declared inside parameter list trash-plugin.c:103: warning: its scope is only this definition or declaration, which is probably not what you want. trash-plugin.c: In function trash_try_clean_mails':
trash-plugin.c:118: dereferencing pointer to incomplete type
trash-plugin.c: At top level:
trash-plugin.c:183: warning: struct quota_root_transaction_context' declared inside parameter list trash-plugin.c: In function trash_quota_root_try_alloc':
trash-plugin.c:185: dereferencing pointer to incomplete type
trash-plugin.c:189: structure has no member named try_alloc' trash-plugin.c:202: warning: passing arg 1 of trash_try_clean_mails'
from incompatible pointer type
trash-plugin.c:186: warning: ret' might be used uninitialized in this function trash-plugin.c: At top level: trash-plugin.c:212: warning: struct quota_root_transaction_context'
declared inside parameter list
trash-plugin.c: In function trash_quota_root_try_alloc_bytes': trash-plugin.c:214: dereferencing pointer to incomplete type trash-plugin.c:218: structure has no member named try_alloc_bytes'
trash-plugin.c:226: warning: passing arg 1 of trash_try_clean_mails' from incompatible pointer type trash-plugin.c:215: warning: ret' might be used uninitialized in this
function
trash-plugin.c: At top level:
trash-plugin.c:236: warning: struct quota_root_transaction_context' declared inside parameter list trash-plugin.c: In function trash_quota_root_test_alloc_bytes':
trash-plugin.c:238: dereferencing pointer to incomplete type
trash-plugin.c:242: structure has no member named test_alloc_bytes' trash-plugin.c:250: warning: passing arg 1 of trash_try_clean_mails'
from incompatible pointer type
trash-plugin.c:239: warning: ret' might be used uninitialized in this function trash-plugin.c: In function trash_quota_root_created':
trash-plugin.c:277: structure has no member named v' trash-plugin.c:278: structure has no member named v'
trash-plugin.c:279: structure has no member named v' trash-plugin.c:280: structure has no member named v'
trash-plugin.c:281: structure has no member named v' make[4]: *** [trash-plugin.lo] Error 1 make[4]: Leaving directory /usr/src/redhat/BUILD/dovecot-1.0.rc15/src/plugins/trash'
make[3]: *** [all-recursive] Error 1
make[3]: Leaving directory
/usr/src/redhat/BUILD/dovecot-1.0.rc15/src/plugins' make[2]: *** [all-recursive] Error 1 make[2]: Leaving directory /usr/src/redhat/BUILD/dovecot-1.0.rc15/src'
make[1]: *** [all-recursive] Error 1
make[1]: Leaving directory `/usr/src/redhat/BUILD/dovecot-1.0.rc15'
make: *** [all] Error 2
participants (6)
-
Ben Marsh
-
Charles Marcus
-
Egbert Jan
-
Maykel Moya
-
Steffen Kaiser
-
Timo Sirainen