[Dovecot] Dovecot + vpopmail + shared folders
I'm using dovecot 1.2.14 with vpopmail.
I've enabled shared folders and the default setup was not working. The
default setup being this line:
location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u
Going through the Archives I saw a message from Timo that said to
apply a patch and use this line instead:
location =
maildir:/usr/home/vpopmail/domains/%d/%%n/Maildir:INDEX=~/Maildir/shared/%%u
It seems like the patch is already existing in version 1.2.14 and that
line works well for shared folders for domains directly under
/usr/home/vpopmail/domains.
However, with vpopmail after a certain number of domains, it starts
putting them in /usr/home/vpopmail/domains/A, ..domains/B, etc.
Shared folders do not work for those domains since my location line is
forcing it to look directly in /usr/home/vpopmail/domains/xyz.com
instead of /usr/home/vpopmail/domains/A/xyz.com
Any workaround this ? How come we can't use %h or ~/ directly ?
Is there a way to maybe create an Environment variable that will hold
everything up to the '/%d' ? Maybe populate that variable from a
post-login script that gets the root directory from the vpopmail
database ?
Quoting qmail@top-consulting.net:
I'm using dovecot 1.2.14 with vpopmail.
I've enabled shared folders and the default setup was not working.
The default setup being this line:location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u
Going through the Archives I saw a message from Timo that said to
apply a patch and use this line instead:location =
maildir:/usr/home/vpopmail/domains/%d/%%n/Maildir:INDEX=~/Maildir/shared/%%uIt seems like the patch is already existing in version 1.2.14 and
that line works well for shared folders for domains directly under
/usr/home/vpopmail/domains.However, with vpopmail after a certain number of domains, it starts
putting them in /usr/home/vpopmail/domains/A, ..domains/B, etc.Shared folders do not work for those domains since my location line
is forcing it to look directly in /usr/home/vpopmail/domains/xyz.com
instead of /usr/home/vpopmail/domains/A/xyz.comAny workaround this ? How come we can't use %h or ~/ directly ?
Anyone has any ideas ?
I also realized that not only can domains be placed within another
sub-folder if there are too many, but so can users.
For example, if a domain has 1000 users, its path might be something like:
/usr/home/vpopmail/domains/8/xyz.com/A/myuser
Therefore a static location is not feasible at all.
I'm using dovecot 1.2.14 with vpopmail.
I've enabled shared folders and the default setup was not working.
The default setup being this line:location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u
Going through the Archives I saw a message from Timo that said to
apply a patch and use this line instead:location =
maildir:/usr/home/vpopmail/domains/%d/%%n/Maildir:INDEX=~/Maildir/shared/%%uIt seems like the patch is already existing in version 1.2.14 and
that line works well for shared folders for domains directly under
/usr/home/vpopmail/domains.However, with vpopmail after a certain number of domains, it starts
putting them in /usr/home/vpopmail/domains/A, ..domains/B, etc.Shared folders do not work for those domains since my location line
is forcing it to look directly in /usr/home/vpopmail/domains/xyz.com
instead of /usr/home/vpopmail/domains/A/xyz.comAny workaround this ? How come we can't use %h or ~/ directly ?
On Fri, 2010-11-12 at 14:43 -0500, qmail@top-consulting.net wrote:
I'm using dovecot 1.2.14 with vpopmail.
I've enabled shared folders and the default setup was not working. The
default setup being this line:location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u
Going through the Archives I saw a message from Timo that said to
apply a patch and use this line instead:location =
maildir:/usr/home/vpopmail/domains/%d/%%n/Maildir:INDEX=~/Maildir/shared/%%u
I'm not sure why I would have said that (maybe you misunderstood or I was talking only about some specific situation or some workaround for something). %%h is cleaner, although it does require a userdb lookup.
Why isn't %%h working? Set auth_debug=yes and mail_debug=yes and show what the logs say when trying to access a shared mailbox then. Also instead of using a client, talk IMAP protocol directly (http://wiki.dovecot.org/TestInstallation), something like:
a LIST "" * b SELECT "shared/user/some-shared-box"
What do the commands reply?
I might have forgotten to mention that I am using . (dot) as separator.
Your original message that proposed that fix is here: http://www.mail-archive.com/dovecot@dovecot.org/msg20706.html
I am running the IMAP commands directly through telnet and although
the namespace exists, it doesn't show up at all:
2 namespace
- NAMESPACE (("" ".")("Labels." ".")) (("shared." ".")) NIL
here's my config for it:
namespace shared {
separator = .
prefix = shared.%%u.
location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u
#location =
maildir:/usr/home/vpopmail/domains/P/%d/%%n/Maildir:INDEX=~/Maildir/shared/%%u
subscriptions = no
list = children
}
If I use the location that I commented out, shared folders will work
for all the domains that exist under /usr/home/vpopmail/domains/P
Thanks Timo!
Quoting Timo Sirainen tss@iki.fi:
On Fri, 2010-11-12 at 14:43 -0500, qmail@top-consulting.net wrote:
I'm using dovecot 1.2.14 with vpopmail.
I've enabled shared folders and the default setup was not working. The default setup being this line:
location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u
Going through the Archives I saw a message from Timo that said to apply a patch and use this line instead:
location = maildir:/usr/home/vpopmail/domains/%d/%%n/Maildir:INDEX=~/Maildir/shared/%%u
I'm not sure why I would have said that (maybe you misunderstood or I was talking only about some specific situation or some workaround for something). %%h is cleaner, although it does require a userdb lookup.
Why isn't %%h working? Set auth_debug=yes and mail_debug=yes and show what the logs say when trying to access a shared mailbox then. Also instead of using a client, talk IMAP protocol directly (http://wiki.dovecot.org/TestInstallation), something like:
a LIST "" * b SELECT "shared/user/some-shared-box"
What do the commands reply?
On Tue, 2010-11-16 at 12:44 -0500, qmail@top-consulting.net wrote:
I might have forgotten to mention that I am using . (dot) as separator.
Your original message that proposed that fix is here: http://www.mail-archive.com/dovecot@dovecot.org/msg20706.html
I just copied the location value from what the guy was already using. The important part was that "." in usernames was messing things up, and you could now avoid that by using:
namespace shared { separator = . prefix = shared.%%u.
prefix = shared.%%n.
(This of course prevents users from sharing mailboxes across different domains.)
I am running the IMAP commands directly through telnet and although
the namespace exists, it doesn't show up at all:If I use the location that I commented out, shared folders will work
for all the domains that exist under /usr/home/vpopmail/domains/P
- Find out some mailbox name with the location=/usr/home/etc. that you can actually successfully select, i.e. something like:
a SELECT shared.user.boxname
- Switch to %%h, set mail_debug=yes and try the same again. What does the command reply? What do the logs show?
Ok. We are getting closer I believe:
If I run with a hardcoded location, my list "" "*" shows the shared folders:
- LIST (\HasNoChildren) "." "shared.dev1.Sent items"
- LIST (\HasNoChildren) "." "shared.qmail.INBOX"
- LIST (\HasNoChildren) "." "shared.radius.INBOX"
If I run with %%h I don't see the shared. folders and the logs show:
Nov 16 13:07:35 pop dovecot: dict: mysql: Connected to 192.168.1.7 (dovecot)
Nov 16 13:07:35 pop dovecot: IMAP(sheken@top-consulting.net): userdb
lookup: connect(/var/run/dovecot/auth-master) failed: No
such file or directory
Nov 16 13:07:35 pop dovecot: IMAP(sheken@top-consulting.net):
Namespace 'shared.': Could not lookup home for user dev1@top-con
sulting.net
Nov 16 13:07:35 pop dovecot: IMAP(sheken@top-consulting.net): userdb
lookup: connect(/var/run/dovecot/auth-master) failed: No
such file or directory
Nov 16 13:07:35 pop dovecot: IMAP(sheken@top-consulting.net):
Namespace 'shared.': Could not lookup home for user dev1@top-con
sulting.net
Nov 16 13:07:35 pop dovecot: IMAP(sheken@top-consulting.net): userdb
lookup: connect(/var/run/dovecot/auth-master) failed: No
such file or directory
Nov 16 13:07:35 pop dovecot: IMAP(sheken@top-consulting.net):
Namespace 'shared.': Could not lookup home for user qmail@top-co
nsulting.net
Nov 16 13:07:35 pop dovecot: IMAP(sheken@top-consulting.net): userdb
lookup: connect(/var/run/dovecot/auth-master) failed: No
such file or directory
Nov 16 13:07:35 pop dovecot: IMAP(sheken@top-consulting.net):
Namespace 'shared.': Could not lookup home for user radius@top-c
onsulting.net
Nov 16 13:07:35 pop dovecot: IMAP(sheken@top-consulting.net): userdb
lookup: connect(/var/run/dovecot/auth-master) failed: No
such file or directory
Nov 16 13:07:35 pop dovecot: IMAP(sheken@top-consulting.net):
Namespace 'shared.': Could not lookup home for user @top-consult
ing.net
Now, for authentication I use the vpopmail module like so:
auth default { mechanisms = plain login
passdb vpopmail { args = webmail=192.168.1.4 }
userdb vpopmail { args = quota_template=quota_rule=*:backend=%q }
Thanks!
Quoting Timo Sirainen tss@iki.fi:
On Tue, 2010-11-16 at 12:44 -0500, qmail@top-consulting.net wrote:
I might have forgotten to mention that I am using . (dot) as separator.
Your original message that proposed that fix is here: http://www.mail-archive.com/dovecot@dovecot.org/msg20706.html
I just copied the location value from what the guy was already using. The important part was that "." in usernames was messing things up, and you could now avoid that by using:
namespace shared { separator = . prefix = shared.%%u.
prefix = shared.%%n.
(This of course prevents users from sharing mailboxes across different domains.)
I am running the IMAP commands directly through telnet and although the namespace exists, it doesn't show up at all:
If I use the location that I commented out, shared folders will work for all the domains that exist under /usr/home/vpopmail/domains/P
- Find out some mailbox name with the location=/usr/home/etc. that you can actually successfully select, i.e. something like:
a SELECT shared.user.boxname
- Switch to %%h, set mail_debug=yes and try the same again. What does the command reply? What do the logs show?
On Tue, 2010-11-16 at 13:16 -0500, qmail@top-consulting.net wrote:
Nov 16 13:07:35 pop dovecot: IMAP(sheken@top-consulting.net): userdb
lookup: connect(/var/run/dovecot/auth-master) failed: No such file or directory
It should be connecting to auth-userdb. You probably have auth_socket_path changed. You could just comment it out.
The second part is that you most likely have to change auth-userdb socket's permissions as well. From example 10-master.conf:
service auth { # auth_socket_path points to this userdb socket by default. It's typically # used by dovecot-lda, doveadm, possibly imap process, etc. Its default # permissions make it readable only by root, but you may need to relax these # permissions. Users that have access to this socket are able to get a list # of all usernames and get results of everyone's userdb lookups. unix_listener auth-userdb { #mode = 0600 #user = #group = }
So probably just set "user = vmail" there.
Maybe I'm missing some part of the configuration. I don't have a
service auth { part and the auth_socket_path is commented out. Here is
my full config:
# 1.2.14: /usr/local/etc/dovecot.conf
# OS: FreeBSD 7.0-RELEASE i386
protocols: imap pop3 imaps pop3s
listen(default): *:143
listen(imap): *:143
listen(pop3): *:110
ssl_listen(default): *:993
ssl_listen(imap): *:993
ssl_listen(pop3): *:995
ssl_ca_file: /usr/local/gtech/certs/gd_bundle.crt
ssl_cert_file: /usr/local/gtech/certs/pop.crt
ssl_key_file: /usr/local/gtech/certs/rsa.pop.key
disable_plaintext_auth: no
login_dir: /var/run/dovecot/login
login_executable(default): /usr/local/libexec/dovecot/imap-login
login_executable(imap): /usr/local/libexec/dovecot/imap-login
login_executable(pop3): /usr/local/libexec/dovecot/pop3-login
login_greeting: Emailarray ready.
mail_max_userip_connections(default): 100
mail_max_userip_connections(imap): 100
mail_max_userip_connections(pop3): 10
verbose_proctitle: yes
first_valid_uid: 89
first_valid_gid: 89
mail_privileged_group: mail
mail_uid: 89
mail_gid: 89
mail_location: maildir:~/Maildir
mail_debug: yes
mmap_disable: yes
mail_nfs_storage: yes
mail_nfs_index: yes
lock_method: dotlock
mail_executable(default): /usr/local/libexec/dovecot/imap
mail_executable(imap): /usr/local/libexec/dovecot/imap
mail_executable(pop3): /usr/local/libexec/dovecot/pop3
mail_plugins(default): quota imap_quota fts fts_solr virtual acl imap_acl
mail_plugins(imap): quota imap_quota fts fts_solr virtual acl imap_acl
mail_plugins(pop3): virtual
mail_plugin_dir(default): /usr/local/lib/dovecot/imap
mail_plugin_dir(imap): /usr/local/lib/dovecot/imap
mail_plugin_dir(pop3): /usr/local/lib/dovecot/pop3
imap_client_workarounds(default): delay-newmail netscape-eoh
tb-extra-mailbox-sep
imap_client_workarounds(imap): delay-newmail netscape-eoh tb-extra-mailbox-sep
imap_client_workarounds(pop3):
pop3_client_workarounds(default):
pop3_client_workarounds(imap):
pop3_client_workarounds(pop3): outlook-no-nuls oe-ns-eoh
namespace:
type: private
separator: .
inbox: yes
list: yes
subscriptions: yes
namespace:
type: private
separator: .
prefix: INBOX.
hidden: yes
list: no
subscriptions: yes
namespace:
type: private
separator: .
prefix: Labels.
location: virtual:~/Maildir/Labels:INDEX=MEMORY
list: yes
subscriptions: yes
namespace:
type: shared
separator: .
prefix: shared.%%n.
location: maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u
list: children
lda:
sendmail_path: /usr/sbin/sendmail
auth default:
mechanisms: plain login
username_format: %Lu
verbose: yes
passdb:
driver: vpopmail
args: webmail=192.168.1.4
userdb:
driver: vpopmail
args: quota_template=quota_rule=*:backend=%q
plugin:
fts: solr
fts_solr: break-imap-search url=http://192.168.1.4:8983/solr/
quota: maildir
quota_rule: ?:storage=0
acl: vfile
acl_shared_dict: proxy::acl
dict:
acl: mysql:/usr/local/etc/dovecot-dict-sql.conf
Here are also the files that exist in /var/run/dovecot:
ls -laR /var/run/dovecot/
total 8
drwxr-xr-x 3 root wheel 512 Nov 16 13:07 .
drwxr-xr-x 8 root wheel 1024 Nov 16 13:07 ..
srw------- 1 root wheel 0 Nov 16 13:07 auth-worker.86474
srwxrwxrwx 1 root wheel 0 Nov 16 13:07 dict-server
lrwx------ 1 root wheel 27 Nov 16 13:07 dovecot.conf ->
/usr/local/etc/dovecot.conf
drwxr-x--- 2 root dovecot 512 Nov 16 13:07 login
-rw------- 1 root wheel 6 Nov 16 13:07 master.pid
/var/run/dovecot/login: total 6 drwxr-x--- 2 root dovecot 512 Nov 16 13:07 . drwxr-xr-x 3 root wheel 512 Nov 16 13:07 .. srw-rw---- 1 root dovecot 0 Nov 16 13:07 default -rw-r--r-- 2 root wheel 230 Nov 15 06:18 ssl-parameters.dat
Thanks!
Quoting Timo Sirainen tss@iki.fi:
On Tue, 2010-11-16 at 13:16 -0500, qmail@top-consulting.net wrote:
Nov 16 13:07:35 pop dovecot: IMAP(sheken@top-consulting.net): userdb lookup: connect(/var/run/dovecot/auth-master) failed: No such file or directory
It should be connecting to auth-userdb. You probably have auth_socket_path changed. You could just comment it out.
The second part is that you most likely have to change auth-userdb socket's permissions as well. From example 10-master.conf:
service auth { # auth_socket_path points to this userdb socket by default. It's typically # used by dovecot-lda, doveadm, possibly imap process, etc. Its default # permissions make it readable only by root, but you may need to
relax these # permissions. Users that have access to this socket are able to get a list # of all usernames and get results of everyone's userdb lookups. unix_listener auth-userdb { #mode = 0600 #user = #group = }So probably just set "user = vmail" there.
On Tue, 2010-11-16 at 13:27 -0500, qmail@top-consulting.net wrote:
Maybe I'm missing some part of the configuration. I don't have a
service auth { part and the auth_socket_path is commented out. Here is
my full config:# 1.2.14: /usr/local/etc/dovecot.conf
Oh, I thought you had v2.0. In that case you need to add the auth-master socket, as explained by http://wiki.dovecot.org/LDA#Virtual_users
(v2.0 prefers auth-userdb instead of auth-master, you can name it either way for now.)
It works...wow!
I was sure it would have required some massive modifications but it didn't.
Thank you Timo!
On Tue, 2010-11-16 at 13:27 -0500, qmail@top-consulting.net wrote:
Maybe I'm missing some part of the configuration. I don't have a service auth { part and the auth_socket_path is commented out. Here is my full config:
# 1.2.14: /usr/local/etc/dovecot.conf
Oh, I thought you had v2.0. In that case you need to add the auth-master socket, as explained by http://wiki.dovecot.org/LDA#Virtual_users
(v2.0 prefers auth-userdb instead of auth-master, you can name it either way for now.)
Another issue appeared however. I added these lines:
socket listen { master { # Typically under base_dir/, if not the directory must be created. path = /var/run/dovecot/auth-master
mode = 0600
user = vpopmail # User running deliver
#group = mail # Or alternatively mode 0660 + deliver user in this group
}}
and shared folders work just fine. However, I am seeing a lot of new
errors like these in the maillog file now:
Nov 16 17:20:46 mx dovecot: auth(default): vpopmail(@domain1.com):
unknown user
Nov 16 17:20:51 mx dovecot: auth(default): vpopmail(@domain2.com):
unknown user
As far as I can tell the users are not having any issues logging in
and haven't received any complaints.
I tried with mail_debug=yes but it didn't offer any other clues since
I don't know who the user is.
Quoting qmail@top-consulting.net:
It works...wow!
I was sure it would have required some massive modifications but it didn't.
Thank you Timo!
On Tue, 2010-11-16 at 13:27 -0500, qmail@top-consulting.net wrote:
Maybe I'm missing some part of the configuration. I don't have a service auth { part and the auth_socket_path is commented out. Here is my full config:
# 1.2.14: /usr/local/etc/dovecot.conf
Oh, I thought you had v2.0. In that case you need to add the auth-master socket, as explained by http://wiki.dovecot.org/LDA#Virtual_users
(v2.0 prefers auth-userdb instead of auth-master, you can name it either way for now.)
On Tue, 2010-11-16 at 17:26 -0500, qmail@top-consulting.net wrote:
and shared folders work just fine. However, I am seeing a lot of new
errors like these in the maillog file now:Nov 16 17:20:46 mx dovecot: auth(default): vpopmail(@domain1.com):
unknown user
Looks like some bug related to listing mailboxes. Probably fixed in v2.0 and too much trouble to look into it for v1.2.
participants (2)
-
qmail@top-consulting.net
-
Timo Sirainen