Sync'ing two dovecot servers
Greetings,
I was pleased to see that dovecot has a sync function in doveadm. So far, other tools for moving mailbox contents from one server to another has not been successful.
However.
Perhaps I don't understand how this should work. I have a new containerized dovecot v2.4.2
# 2.4.2 (0962ed2104): /etc/dovecot/dovecot.conf
# OS: Linux 6.12.63+deb13-amd64 x86_64and I have an existing dovecot running in a VPS:
# 2.3.19.1 (9b53102964): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.5.19 (4eae2f79)
# OS: Linux 6.1.0-35-amd64 x86_64 Debian 12.11I want to move one user, as a test. I execute this in the container.
# doveadm sync -R1 -u USER tcps:OLD_SERVER:993
doveadm(USER): Error: conn OLD_SERVER:993 (IP:993): doveadm server
sent invalid handshake: * OK [CAPABILITY IMAP4rev1 SASL-IR
LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ AUTH=PLAIN AUTH=LOGIN]
Dovecot (Debian) ready.
doveadm(USER): Error: cmd sync: Disconnected from remote: Connection
closedI'm pretty sure that doveadm sync was able to negotiate the TLS connection. I don't see what it could object to in the sign-on. What am I missing?
Cheers
-- /Marc Oscar Singer/ *Woollysoft* Dial 817.1823.602.1+ from right to left.
Greetings,
I was pleased to see that dovecot has a sync function in doveadm. So far, other tools for moving mailbox contents from one server to another has not been successful.
However.
Perhaps I don't understand how this should work. I have a new containerized dovecot v2.4.2
# 2.4.2 (0962ed2104): /etc/dovecot/dovecot.conf
# OS: Linux 6.12.63+deb13-amd64 x86_64and I have an existing dovecot running in a VPS:
# 2.3.19.1 (9b53102964): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.5.19 (4eae2f79)
# OS: Linux 6.1.0-35-amd64 x86_64 Debian 12.11I want to move one user, as a test. I execute this in the container.
# doveadm sync -R1 -u USER tcps:OLD_SERVER:993
doveadm(USER): Error: conn OLD_SERVER:993 (IP:993): doveadm server sent
invalid handshake: * OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID
ENABLE IDLE LITERAL+ AUTH=PLAIN AUTH=LOGIN] Dovecot (Debian) ready.
doveadm(USER): Error: cmd sync: Disconnected from remote: Connection
closedI'm pretty sure that doveadm sync was able to negotiate the TLS connection. I don't see what it could object to in the sign-on. What am I missing?
Cheers
-- Marc Oscar Singer Woollysoft Dial 817.1823.602.1+ from right to left.
what you are trying to do is enable replication
2.3 is supported it is my understanding this was removed in 2.4 (unless you buy a contract)
basic replication is as follows :
on each server ifconfig
mail_plugins = " virtual notify replication fts fts_lucene listescape "
replication_dsync_parameters = -d -N -l 300 -U
plugin { mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename mail_log_fields = uid, box, msgid, from, subject, size, vsize, flags push_notification_driver = dlog
sieve = file:~/sieve;active=~/sieve/.dovecot.sieve #sieve = ~/.dovecot.sieve sieve_duplicate_default_period = 1h sieve_duplicate_max_period = 1h sieve_extensions = +duplicate +notify +imapflags +vacation-seconds sieve_global_dir = /usr/local/etc/dovecot/sieve sieve_before = /usr/local/etc/dovecot/sieve/duplicates.sieve sieve_max_redirects = 64 #sieve_vacation_send_from_recipient = yes
mail_replica = tcp:10.221.0.19:12345
< dedicated replication ip address and port each server points to the other server >
ie my other server is :
mail_replica = tcp:10.221.0.18:12345
when a received email or imap fuction occurs it send an explation of what to do to the other server.
i need to run a mysql or pgsql database for this to work
dovecot-pgsql.conf driver = pgsql connect = host=localhost port=5433 dbname=scom_billing user=pgsql password=xxxxx default_pass_scheme = PLAIN password_query = SELECT username as user, password FROM email_users WHERE username = '%u' and password <> 'alias' and status = True and destination = '%u'
user_query = SELECT home, uid, gid FROM email_users WHERE username = '%u' and password <> 'alias' and status = True and destination = '%u'
#iterate_query = SELECT user, password FROM email_users WHERE username = '%u' and password <> 'alias' and status = True and destination = '%u'
iterate_query = SELECT "username" as user, domain FROM email_users WHERE status = True and alias_flag = False
}
...
iterate_query returns what is to be replicated / synced
...
protocol imap { imap_literal_minus = yes imap_idle_notify_interval = 30 seconds imapc_max_idle_time = 1440 mins mail_max_userip_connections = 50 mail_plugins = $mail_plugins notify replication }
protocol pop3 { mail_max_userip_connections = 50 mail_plugins = $mail_plugins notify replication }
protocol imaps { mail_max_userip_connections = 50 mail_plugins = $mail_plugins notify replication }
protocol pop3s { mail_max_userip_connections = 50 mail_plugins = $mail_plugins notify replication }
replication_max_conns = 100
replication_full_sync_interval = 3d
service replicator { client_limit = 0 drop_priv_before_exec = no idle_kill = 4294967295s process_limit = 1 process_min_avail = 0 service_count = 0 vsz_limit = 8g unix_listener replicator-doveadm { mode = 0600 user = vmail } vsz_limit = 8192M }
service aggregator { process_limit = 1000 #vsz_limit = 1g fifo_listener replication-notify-fifo { user = vmail group = vmail mode = 0666 }
Hopes this helps.
Thanks - Paul Kudla (Manager SCOM.CA Internet Services Inc.)
Have A Happy Wednesday AND Happy Sucessful 2026 !
Scom.ca Internet Services <http://www.scom.ca> 104-1009 Byron Street South Whitby, Ontario - Canada L1N 4S3
Toronto 416.642.7266 Main 1.866.411.7266 Fax 1.888.892.7266 Email paul@scom.ca
On 2026-03-04 12:30 p.m., Marc Singer via dovecot wrote:
Greetings, I was pleased to see that dovecot has a sync function in doveadm. So far, other tools for moving mailbox contents from one server to another has not been successful. However. Perhaps I don't understand how this should work. I have a new containerized dovecot v2.4.2 # 2.4.2 (0962ed2104): /etc/dovecot/dovecot.conf # OS: Linux 6.12.63+deb13-amd64 x86_64 and I have an existing dovecot running in a VPS: # 2.3.19.1 (9b53102964): /etc/dovecot/dovecot.conf # Pigeonhole version 0.5.19 (4eae2f79) # OS: Linux 6.1.0-35-amd64 x86_64 Debian 12.11 I want to move one user, as a test. I execute this in the container. # doveadm sync -R1 -u USER tcps:OLD_SERVER:993 doveadm(USER): Error: conn OLD_SERVER:993 (IP:993): doveadm server sent invalid handshake: * OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ AUTH=PLAIN AUTH=LOGIN] Dovecot (Debian) ready. doveadm(USER): Error: cmd sync: Disconnected from remote: Connection closed I'm pretty sure that doveadm sync was able to negotiate the TLS connection. I don't see what it could object to in the sign-on. What am I missing? Cheers -- Marc Oscar Singer Woollysoft Dial 817.1823.602.1+ from right to left.
dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-leave@dovecot.org
On 04/03/2026 20:19 EET Paul Kudla via dovecot <dovecot@dovecot.org> wrote:
what you are trying to do is enable replication
2.3 is supported it is my understanding this was removed in 2.4 (unless you buy a contract)
Paul, replication is not available even with contract. There are some open source alternatives if you want to use replication, e.g. wormhole plugin.
Marc, your problem is that you are trying to setup sync over IMAP. If you are attempting to do this for migration, see https://doc.dovecot.org/2.4.2/core/admin/migration.html
If you are indeed trying to do bidirectional sync with tcps you need to configure, on both servers
service doveadm { inet_listener 12345 { ssl = yes } }
doveadm_password = foobar
and then use
doveadm sync -R1 -u USER tcps:OLD_SERVER:12345
Aki
On 3/4/26 10:41, Aki Tuomi via dovecot wrote:
On 04/03/2026 20:19 EET Paul Kudla via dovecot<dovecot@dovecot.org> wrote:
what you are trying to do is enable replication
2.3 is supported it is my understanding this was removed in 2.4 (unless you buy a contract)
Paul, replication is not available even with contract. There are some open source alternatives if you want to use replication, e.g. wormhole plugin.
I tried a couple of the open-source replicators. Neither worked and probably for different reasons.
Marc, your problem is that you are trying to setup sync over IMAP. If you are attempting to do this for migration, seehttps://doc.dovecot.org/2.4.2/core/admin/migration.html
I'll work with those instructions. Thanks. Sometimes, the problem is knowing what this thing is called that one wants to do.
Cheers
If you are indeed trying to do bidirectional sync with tcps you need to configure, on both servers
service doveadm { inet_listener 12345 { ssl = yes } }
doveadm_password = foobar
and then use
doveadm sync -R1 -u USER tcps:OLD_SERVER:12345
Aki
dovecot mailing list --dovecot@dovecot.org To unsubscribe send an email todovecot-leave@dovecot.org
-- /Marc Oscar Singer/ *Woollysoft* Dial 817.1823.602.1+ from right to left.
On 3/4/26 10:41, Aki Tuomi via dovecot wrote:
On 04/03/2026 20:19 EET Paul Kudla via dovecot [1]<dovecot@dovecot.org> wrote:
what you are trying to do is enable replication
2.3 is supported it is my understanding this was removed in 2.4 (unless you buy a contract)
Paul, replication is not available even with contract. There are some open source alternatives if you want to use replication, e.g. wormhole plugin.
I tried a couple of the open-source replicators. Neither worked and probably for different reasons.
Marc, your problem is that you are trying to setup sync over IMAP. If you are attempting to do this for migration, see [2]https://doc.dovecot.org/2.4.2/core/admin/migration.html
I'll work with those instructions. Thanks. Sometimes, the problem is knowing what this thing is called that one wants to do.
Cheers
If you are indeed trying to do bidirectional sync with tcps you need to configure, on both servers
service doveadm { inet_listener 12345 { ssl = yes } }
doveadm_password = foobar
and then use
doveadm sync -R1 -u USER tcps:OLD_SERVER:12345
Aki
dovecot mailing list -- [3]dovecot@dovecot.org To unsubscribe send an email to [4]dovecot-leave@dovecot.org
-- Marc Oscar Singer Woollysoft Dial 817.1823.602.1+ from right to left.
References
Visible links
- mailto:dovecot@dovecot.org
- https://doc.dovecot.org/2.4.2/core/admin/migration.html
- mailto:dovecot@dovecot.org
- mailto:dovecot-leave@dovecot.org
Oh, OK. That explains why it doesn't work.
I don't need replication, per-se. I only need to move mail one time.
Cheers
On 3/4/26 10:19, Paul Kudla via dovecot wrote:
what you are trying to do is enable replication
2.3 is supported it is my understanding this was removed in 2.4 (unless you buy a contract)
-- /Marc Oscar Singer/ *Woollysoft* Dial 817.1823.602.1+ from right to left.
Oh, OK. That explains why it doesn't work.
I don't need replication, per-se. I only need to move mail one time.
Cheers
On 3/4/26 10:19, Paul Kudla via dovecot wrote:
what you are trying to do is enable replication
2.3 is supported it is my understanding this was removed in 2.4 (unless
you buy a contract)-- Marc Oscar Singer Woollysoft Dial 817.1823.602.1+ from right to left.
participants (3)
-
Aki Tuomi
-
Marc Singer
-
Paul Kudla