[Dovecot] Per User Quotas with LDAP on Dovecot 1.x
Alle,
We're running Dovecot V1.0.7 on RHEL5.5, using maildir. We would liketo user per user quotas with an OpenLDAP (V2.3.43) backend. We have setup a default quota in /etc/dovecot.conf:
quota = maildir:storage=10240:ignore=Trash
And have the following userdb configs in /etc/doveconf.conf:userdb ldap { args = /etc/dovecot-ldap.conf }
and the following user_attrs defined in /etc/dovecot-ldap.confuser_attrs = uidNumber=uid,gidNumber=gid,mailQuotaSize=quota=maildir:ignore=Trash:storage,mail_plugins
The user's quota setting is:dn: uid=loadtest,ou=people,dc=subaru,dc=nao,dc=ac,dc=jp mailQuotaSize: 1024000
Dovecot-imap appear to recognize the quota from ldap, as theThunderbird quota plugin reads the correct info from LDAP if the mailQuotaSize entry exists, and the default storage=10240 from doveconf.conf if there is no LDAP attr.
However, deliver bounces the mails with a quota exceeded message:deliver(loadtest): Sep 28 10:46:23 Info: msgid=20100928204620.B83876402EA@loa.subaru.nao.ac.jp : save failed to INBOX: Quota exceeded deliver(loadtest): Sep 28 10:46:23 Info: msgid=20100928204620.B83876402EA@loa.subaru.nao.ac.jp : Rejected: Quota exceeded
Are we misunderstanding the way quotas are supposed to work in 1.x, orare we just missing something, period? Any help would be appreciated.
Best Regards, Camron
-- Camron W. Fox Hilo Office High Performance Computing Group Fujitsu Management Services of America, Inc. E-mail: cwfox@us.fujitsu.com
On 2010-10-07 3:12 PM, Camron W. Fox wrote:
We're running Dovecot V1.0.7 on RHEL5.5,
Very old, you will not get much support unless/until you upgrade... 1.2.15 is recommended for most, although 2.0.5 is current stable...
Lots of changes with respect to quotas (and everything else)...
--
Best regards,
Charles Marcus I.T. Director Media Brokers International, Inc. 678.514.6200 x224 | 678.514.6299 fax
On 10/10/07 09:17, Charles Marcus wrote:
On 2010-10-07 3:12 PM, Camron W. Fox wrote:
We're running Dovecot V1.0.7 on RHEL5.5,
Very old, you will not get much support unless/until you upgrade... 1.2.15 is recommended for most, although 2.0.5 is current stable...
Lots of changes with respect to quotas (and everything else)...
Charles,
If we upgrade, then we lose RH support for any future dovecot issues(not that they're being particularly helpful with this issue).
Best Regards, Camron
-- Camron W. Fox Hilo Office High Performance Computing Group Fujitsu Management Services of America, Inc. E-mail: cwfox@us.fujitsu.com
On 07/10/2010 20:38, Camron W. Fox wrote:
If we upgrade, then we lose RH support for any future dovecot issues
And if you don't upgrade, you don't get any support from the guy who wrote Dovecot and therefore knows it inside-out :-)
I tend to suggest the practice of: Keep your server "on distro" for the most part, but don't be shy of putting a carefully-chosen handful of packages "off distro" where you get a useful "win".
(not that they're being particularly helpful with this issue).
Keep on with that line of thinking :-)
Bill
On 2010-10-07 3:38 PM, Camron W. Fox wrote:
If we upgrade, then we lose RH support for any future dovecot issues (not that they're being particularly helpful with this issue).
Personally I think you'd get much higher quality support for free right here from the developer himself...
But of course, when dealing with PHBs, logic and reality sometimes take a back-seat to silliness - like being forced to stick with ancient versions of software 'just because'.
--
Best regards,
Charles
On 10/10/07 10:08, Charles Marcus wrote:
On 2010-10-07 3:38 PM, Camron W. Fox wrote:
If we upgrade, then we lose RH support for any future dovecot issues (not that they're being particularly helpful with this issue).
Personally I think you'd get much higher quality support for free right here from the developer himself...
But of course, when dealing with PHBs, logic and reality sometimes take a back-seat to silliness - like being forced to stick with ancient versions of software 'just because'.
Wait, *you're* not my customer, are you? That certainly sounded like them...
-- Camron W. Fox Hilo Office High Performance Computing Group Fujitsu Management Services of America, Inc. E-mail: cwfox@us.fujitsu.com
On 10/10/07 10:08, Charles Marcus wrote:
On 2010-10-07 3:38 PM, Camron W. Fox wrote:
If we upgrade, then we lose RH support for any future dovecot issues (not that they're being particularly helpful with this issue).
Personally I think you'd get much higher quality support for free right here from the developer himself...
But of course, when dealing with PHBs, logic and reality sometimes take a back-seat to silliness - like being forced to stick with ancient versions of software 'just because'.
Charles,
I started poking @ 1.2 as you suggested, but I run into libcurl-develdependency issues. Does anyone know where to get a libcurl-devel RPM for RHEL5?
Best Regards, Camron
-- Camron W. Fox Hilo Office High Performance Computing Group Fujitsu Management Services of America, Inc. E-mail: cwfox@us.fujitsu.com
On 2010-10-08 2:10 PM, Camron W. Fox wrote:
I started poking @ 1.2 as you suggested, but I run into libcurl-devel dependency issues. Does anyone know where to get a libcurl-devel RPM for RHEL5?
I'd think you could get everything you needed from the extra repositories (I think RHEL uses the CentOS repos)...
--
Best regards,
Charles
On 10/10/08 08:59, Charles Marcus wrote:
On 2010-10-08 2:10 PM, Camron W. Fox wrote:
I started poking @ 1.2 as you suggested, but I run into libcurl-devel dependency issues. Does anyone know where to get a libcurl-devel RPM for RHEL5?
I'd think you could get everything you needed from the extra repositories (I think RHEL uses the CentOS repos)...
You would think so, but no. I checked all the CentOS additional repositories on my mrepo server here with no luck. That's why I asked. I really want to stay with package installations and away from source if I can.
Best Regards, Camron
-- Camron W. Fox Hilo Office High Performance Computing Group Fujitsu Management Services of America, Inc. E-mail: cwfox@us.fujitsu.com
Camron, if you look in the downloads link at dovecot site, you can can check:
http://wiki2.dovecot.org/PrebuiltBinaries#RPMs_of_newer_Dovecot_and_Sieve_pa...
There you will find references to third party repositories wich build latest dovecot rpm versions for rhel5.5. If you will use atrpms follow the install instructions:
http://atrpms.net/documentation/install/
For dovecot 1.2 http://packages.atrpms.net/dist/el5/dovecot-1.2.x/ For dovecot 2.x http://packages.atrpms.net/dist/el5/dovecot/
Just import atrpms rpm key, configure the repo for rhel5 and use yum to install the desired packages... good luck...
2010/10/8 Camron W. Fox cwfox@us.fujitsu.com
On 10/10/08 08:59, Charles Marcus wrote:
On 2010-10-08 2:10 PM, Camron W. Fox wrote:
I started poking @ 1.2 as you suggested, but I run into libcurl-devel dependency issues. Does anyone know where to get a libcurl-devel RPM for RHEL5?
I'd think you could get everything you needed from the extra repositories (I think RHEL uses the CentOS repos)...
You would think so, but no. I checked all the CentOS additional repositories on my mrepo server here with no luck. That's why I asked. I really want to stay with package installations and away from source if I can.
Best Regards, Camron
-- Camron W. Fox Hilo Office High Performance Computing Group Fujitsu Management Services of America, Inc. E-mail: cwfox@us.fujitsu.com
On 10/10/08 13:47, Aliet Santiesteban Sifontes wrote:
Camron, if you look in the downloads link at dovecot site, you can can check:
http://wiki2.dovecot.org/PrebuiltBinaries#RPMs_of_newer_Dovecot_and_Sieve_pa...
There you will find references to third party repositories wich build latest dovecot rpm versions for rhel5.5. If you will use atrpms follow the install instructions:
http://atrpms.net/documentation/install/
For dovecot 1.2 http://packages.atrpms.net/dist/el5/dovecot-1.2.x/ For dovecot 2.x http://packages.atrpms.net/dist/el5/dovecot/
Just import atrpms rpm key, configure the repo for rhel5 and use yum to install the desired packages... good luck...
Aliet,
I took your advice and installed 1.2.14 from ATRPMS on a RHEL5.5 box,but continue to have the same problem. I followed the procedures from /usr/share/doc/dovecot-1.2.14/wiki/Quota.1.1.txt. Here are the pertinent entries from dovecot.conf:
protocol imap { login_executable = /usr/libexec/dovecot/imap-login mail_executable = /usr/libexec/dovecot/imap mail_plugins = quota imap_quota mail_log mail_plugin_dir = /usr/lib64/dovecot/imap imap_client_workarounds = outlook-idle delay-newmail }
auth default { mechanisms = plain passdb ldap { args = /etc/dovecot-ldap.conf } userdb ldap { args = /etc/dovecot-ldap.conf } user = nobody count = 1 socket listen { master { path = /var/run/dovecot/auth-master mode = 0666 } client { path = /var/run/dovecot/auth-client mode = 0660 } } }
plugin { quota = maildir:User quota quota_rule = *:storage=10M quota_rule2 = Trash:ignore quota_warning = storage=60%% /utils/bin/quota-warning.sh 60 quota_warning2 = storage=55%% /utils/bin/quota-warning.sh 55 quota_warning3 = storage=50%% /utils/bin/quota-warning.sh 50 }
Here is the user_attr line from dovecot-ldap.conf:user_attrs = uidNumber=uid,gidNumber=gid,mailQuotaSize=quota_rule=*:bytes=%$
And the quota entry for the user:dn: uid=$USER,ou=people,dc=example,dc=com mailQuotaSize: 20971520
Once again, dovecot-imap seems to read the info correctly, as the TBirdplugin reads 20MB as the user quota, but deliver begins to reject mail at the 10MB default. Also, the quota warning messages are sent base on the default, not the user override.
Any help would be appreciated.Best Regards, Camron
-- Camron W. Fox Hilo Office High Performance Computing Group Fujitsu Management Services of America, Inc. E-mail: cwfox@us.fujitsu.com
On Fri, 2010-10-15 at 09:29 -1000, Camron W. Fox wrote:
Once again, dovecot-imap seems to read the info correctly, asthe TBird plugin reads 20MB as the user quota, but deliver begins to reject mail at the 10MB default. Also, the quota warning messages are sent base on the default, not the user override.
You're not calling deliver with -d parameter?
On 10/10/18 04:15, Timo Sirainen wrote:
On Fri, 2010-10-15 at 09:29 -1000, Camron W. Fox wrote:
Once again, dovecot-imap seems to read the info correctly, asthe TBird plugin reads 20MB as the user quota, but deliver begins to reject mail at the 10MB default. Also, the quota warning messages are sent base on the default, not the user override.
You're not calling deliver with -d parameter?
Timo,
No. Did I miss that in the documentation? Where is that configured?This is what I have in postfix main.cf:
mailbox_command = /usr/libexec/dovecot/deliver
Best Regards, Camron
-- Camron W. Fox Hilo Office High Performance Computing Group Fujitsu Management Services of America, Inc. E-mail: cwfox@us.fujitsu.com
On 18.10.2010, at 20.42, Camron W. Fox wrote:
You're not calling deliver with -d parameter?
No. Did I miss that in the documentation? Where is that configured? This is what I have in postfix main.cf:
mailbox_command = /usr/libexec/dovecot/deliver
Often that's done with system users who have no extra stuff in userdb. I'm not sure how to configure it right. Try something like:
mailbox_command = /usr/libexec/dovecot/deliver -d $user
If that doesn't work, look into Postfix docs to find out what $user should be replaced with.
On 10/10/18 11:28, Timo Sirainen wrote:
On 18.10.2010, at 20.42, Camron W. Fox wrote:
You're not calling deliver with -d parameter?
No. Did I miss that in the documentation? Where is that configured? This is what I have in postfix main.cf:
mailbox_command = /usr/libexec/dovecot/deliver
Often that's done with system users who have no extra stuff in userdb. I'm not sure how to configure it right. Try something like:
mailbox_command = /usr/libexec/dovecot/deliver -d $user
If that doesn't work, look into Postfix docs to find out what $user should be replaced with.
Timo,
Looking at the logs, it appears that it must already be using -d $userbecause of the username shown in the deliver lines in dovecot.log, right?
Oct 15 09:07:05 deliver(loadtest): Info: Loading modules from directory: /usr/lib64/dovecot/lda Oct 15 09:07:05 deliver(loadtest): Info: Module loaded: /usr/lib64/dovecot/lda/lib10_quota_plugin.so Oct 15 09:07:05 deliver(loadtest): Info: Module loaded: /usr/lib64/dovecot/lda/lib20_mail_log_plugin.so Oct 15 09:07:05 deliver(loadtest): Info: Quota root: name=User quota backend=maildir args= Oct 15 09:07:05 deliver(loadtest): Info: Quota rule: root=User quota mailbox=* bytes=10485760 messages=0 Oct 15 09:07:05 deliver(loadtest): Info: Quota rule: root=User quota mailbox=Trash ignored Oct 15 09:07:05 deliver(loadtest): Info: Quota warning: bytes=6291456 (60%) messages=0 command=/utils/bin/ quota-warning.sh 60 Oct 15 09:07:05 deliver(loadtest): Info: Quota warning: bytes=5767168 (55%) messages=0 command=/utils/bin/ quota-warning.sh 55 Oct 15 09:07:05 deliver(loadtest): Info: Quota warning: bytes=5242880 (50%) messages=0 command=/utils/bin/ quota-warning.sh 50 Oct 15 09:07:05 deliver(loadtest): Info: maildir: data=/var/spool/mail/loadtest Oct 15 09:07:05 deliver(loadtest): Info: maildir++: root=/var/spool/mail/loadtest, index=, control=, inbox =/var/spool/mail/loadtest Oct 15 09:07:05 deliver(loadtest): Info: Namespace : Using permissions from /var/spool/mail/loadtest: mode =0755 gid=-1 Oct 15 09:07:05 deliver(loadtest): Info: msgid=20101015190702.0D4AC64029B@loa.subaru.nao.ac.jp: save fai led to INBOX: Quota exceeded (mailbox for user is full) Oct 15 09:07:05 deliver(loadtest): Info: msgid=20101015190702.0D4AC64029B@loa.subaru.nao.ac.jp: rejected : Quota exceeded (mailbox for user is full) Oct 15 09:07:05 deliver(loadtest): Info: Sending a rejection to loadtest: Quota exceeded (mailbox for user is full)
Best Regards, Camron
-- Camron W. Fox Hilo Office High Performance Computing Group Fujitsu Management Services of America, Inc. E-mail: cwfox@us.fujitsu.com
On Mon, 2010-10-18 at 13:09 -1000, Camron W. Fox wrote:
Looking at the logs, it appears that it must already be using -d $userbecause of the username shown in the deliver lines in dovecot.log, right?
No. The username is sent another way to deliver. Anyway, I think -d $RECIPIENT is the right way.
On 10/10/19 08:01, Timo Sirainen wrote:
No. The username is sent another way to deliver. Anyway, I think -d $RECIPIENT is the right way.
Timo,
I modified the mailbox command in /etc/postfix/main.cf:mailbox_command = /usr/libexec/dovecot/deliver -d ${recipient}
This causes postfix to bounce the message with this error:Oct 27 09:06:57 rb8 postfix/local[1931]: A99494E0D25: to=loadtest@subaru.naoj.org, relay=local, delay=10, delays=0.08/0/0/10, dsn=5.3.0, status=bounced (command line usage error. Command output: Fatal: Missing -d argument )
Any ideas?Best Regards, Camron
-- Camron W. Fox Hilo Office High Performance Computing Group Fujitsu Management Services of America, Inc. E-mail: cwfox@us.fujitsu.com
On 27.10.2010, at 21.11, Camron W. Fox wrote:
mailbox_command = /usr/libexec/dovecot/deliver -d ${recipient}
This causes postfix to bounce the message with this error:
Oct 27 09:06:57 rb8 postfix/local[1931]: A99494E0D25: to=loadtest@subaru.naoj.org, relay=local, delay=10, delays=0.08/0/0/10, dsn=5.3.0, status=bounced (command line usage error. Command output: Fatal: Missing -d argument )
-d has no argument, i.e. ${recipient} expands to empty. Maybe it's case sensitive? Try ${RECIPIENT} ? If not, find something else from Postfix docs..
On Wed, 27 Oct 2010 09:11:02 -1000 Camron W. Fox cwfox@us.fujitsu.com articulated:
On 10/10/19 08:01, Timo Sirainen wrote:
No. The username is sent another way to deliver. Anyway, I think -d $RECIPIENT is the right way.
Timo,
I modified the mailbox command in /etc/postfix/main.cf:
mailbox_command = /usr/libexec/dovecot/deliver -d ${recipient}
This causes postfix to bounce the message with this error:
Oct 27 09:06:57 rb8 postfix/local[1931]: A99494E0D25: to=loadtest@subaru.naoj.org, relay=local, delay=10, delays=0.08/0/0/10, dsn=5.3.0, status=bounced (command line usage error. Command output: Fatal: Missing -d argument )
See: http://www.postfix.com/postconf.5.html#mailbox_command
If you still cannot get it to work, I would suggest asking on the Postfix forum since it is issuing the error message.
-- Jerry ✌ Dovecot.user@seibercom.net
Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header.
On 10/10/27 09:56, Jerry wrote:
On Wed, 27 Oct 2010 09:11:02 -1000 Camron W. Fox cwfox@us.fujitsu.com articulated:
On 10/10/19 08:01, Timo Sirainen wrote:
No. The username is sent another way to deliver. Anyway, I think -d $RECIPIENT is the right way.
Timo,
I modified the mailbox command in /etc/postfix/main.cf:
mailbox_command = /usr/libexec/dovecot/deliver -d ${recipient}
This causes postfix to bounce the message with this error:
Oct 27 09:06:57 rb8 postfix/local[1931]: A99494E0D25: to=loadtest@subaru.naoj.org, relay=local, delay=10, delays=0.08/0/0/10, dsn=5.3.0, status=bounced (command line usage error. Command output: Fatal: Missing -d argument )
See: http://www.postfix.com/postconf.5.html#mailbox_command
If you still cannot get it to work, I would suggest asking on the Postfix forum since it is issuing the error message.
Jerry,
Perfect. I was looking for $USER, not $RECIPIENT.
Thank you both for your help.Best Regards, Camron
-- Camron W. Fox Hilo Office High Performance Computing Group Fujitsu Management Services of America, Inc. E-mail: cwfox@us.fujitsu.com
On 7.10.2010, at 22.12, Camron W. Fox wrote:
Dovecot-imap appear to recognize the quota from ldap, as the Thunderbird quota plugin reads the correct info from LDAP if the mailQuotaSize entry exists, and the default storage=10240 from doveconf.conf if there is no LDAP attr.
ok, so
However, deliver bounces the mails with a quota exceeded message:
you mean deliver doesn't read the quota from ldap and just uses the default? Are you calling it with -d parameter? Otherwise it doesn't do userdb lookup at all.
participants (6)
-
Aliet Santiesteban Sifontes
-
Camron W. Fox
-
Charles Marcus
-
Jerry
-
Timo Sirainen
-
William Blunn