[Dovecot] How to disable Director service?

Wesley Huang huang at utsc.utoronto.ca
Thu Apr 17 18:55:39 UTC 2014


Hi Reindl,

There was no configuration on director side.

========================================
# doveconf -n | grep director
#
# doveconf -a
...........................
director_doveadm_port = 0
director_mail_servers =
director_servers =
director_user_expire = 15 mins
director_username_hash = %Lu
...........................

service director {
   chroot = .
   client_limit = 0
   drop_priv_before_exec = no
   executable = director
   extra_groups =
   fifo_listener login/proxy-notify {
     group =
     mode = 00
     user =
   }
   group =
   idle_kill = 4294967295 secs
   privileged_group =
   process_limit = 1
   process_min_avail = 0
   protocol =
   service_count = 0
   type =
   unix_listener director-admin {
     group =
     mode = 0600
     user =
   }
   unix_listener login/director {
     group =
     mode = 00
     user =
   }
   user = $default_internal_user
   vsz_limit = 18446744073709551615 B
}
...........................

# tail -n 20 /var/log/mail.log | grep -i 'director\:'
dovecot: director: Error: Empty server list
dovecot: director: Fatal: Invalid value for director_mail_servers setting
dovecot: director: Error: Empty server list
dovecot: director: Fatal: Invalid value for director_mail_servers setting
dovecot: director: Error: Empty server list
dovecot: director: Fatal: Invalid value for director_mail_servers setting
dovecot: director: Error: Empty server list
dovecot: director: Fatal: Invalid value for director_mail_servers setting

========================================

That said, I think I've found a configuration combination that works: 
configure the "director_mail_servers = <IP address>" on the backend 
server with all other director config commented out. But this is more a 
hacking way.

Cheers,

Wesley

On 14-04-17 02:41 PM, Reindl Harald wrote:
>
> Am 17.04.2014 20:35, schrieb Wesley Huang:
>> Does anyone know how to disable the Director service.  In our current running Dovecot 2.2.4, if the director
>> configuration is commented out and Dovecot has no errors nor warnings. But the version 2.2.12 I'm testing with
>> gives out fatal errors.  We have dedicated Dovecot Director servers that serve the public frontend and separate
>> dedicated imap/pop3 servers on the backend internal network. With the new version, Dovecot is always trying to
>> start Director service and I couldn't find a way to stop Dovecot from giving out errors.
>>
>> 1. When the entire Director configuration block is commented out, there errors:
>>
>> dovecot: director: Fatal: No inet_listeners defined for director service (for standalone keep director_servers empty)
>> dovecot: master: Error: service(director): command startup failed, throttling for 2 secs
> you must have done something wrong, that below is a production "dobecont.conf"
> with no config-includes and such crap running as imap/pop3-proxy as well as
> postfix-auth-service and there is no single bit for director, that config runs
> at least 4 years unchanged, saw 2.2.12 also as it runs currently on 2.2.13
> while the last real config cahnge was 1.x to 2.x
>
> so what about post output of "dovecont -n" to help people helping you
> even do yourself a "dovecot -n | grep director"
> _________________________________________________________
>
> # provided services
> protocols                      = imap pop3
>
> # configure ssl
> ssl                            = yes
> ssl_cert                       = </etc/postfix/certs/localhost.pem
> ssl_key                        = </etc/postfix/certs/localhost.pem
> ssl_cipher_list                =
> ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:DHE-RSA-CAMELLIA128-SHA:DHE-RSA-CAMELLIA256-SHA:CAMELLIA128-SHA:CAMELLIA256-SHA:ECDHE-RSA-DES-CBC3-SHA:DES-CBC3-SHA:!SSLv2
> ssl_prefer_server_ciphers      = yes
> ssl_parameters_regenerate      = 0
>
> # configure imap-proxy
> service imap-login {
>    inet_listener imap {
>      address                    = **.**.**.**
>      port                       = 143
>    }
>    inet_listener imaps {
>      address                    = **.**.**.**
>      port                       = 993
>    }
>    vsz_limit                    = 64M
>    service_count                = 1
>    process_min_avail            = 0
>    process_limit                = 100
> }
>
> # configure pop3-proxy
> service pop3-login {
>    inet_listener pop3 {
>      address                    = **.**.**.**
>      port                       = 110
>    }
>    inet_listener pop3s {
>      address                    = **.**.**.**
>      port                       = 995
>    }
>    vsz_limit                    = 64M
>    service_count                = 1
>    process_min_avail            = 0
>    process_limit                = 100
> }
>
> # default settings
> imap_capability                = IMAP4 IMAP4rev1 ACL RIGHTS=texk NAMESPACE CHILDREN SORT QUOTA
> THREAD=ORDEREDSUBJECT UNSELECT IDLE
> login_greeting                 =
> login_log_format_elements      = %u %r %m %k
> mail_max_userip_connections    = 100
> auth_mechanisms                = CRAM-MD5 DIGEST-MD5 SCRAM-SHA-1 APOP LOGIN PLAIN
> disable_plaintext_auth         = no
> shutdown_clients               = no
> version_ignore                 = yes
>
> # Logging
> syslog_facility                = mail
>
> # authentication process
> auth_worker_max_count          = 50
> auth_cache_size                = 1024
> auth_cache_ttl                 = 600
> auth_cache_negative_ttl        = 600
> auth_username_chars            = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@%
> auth_username_translation      = %@AaBbCcDdEeFfGgHhIiJjKkLlMmNnOoPpQqRrSsTtUuVvWwXxYyZz
>
> # debug options
> auth_debug                     = no
> auth_debug_passwords           = no
> auth_verbose                   = no
> mail_debug                     = no
> verbose_ssl                    = no
>
> # configure proxy-database
> passdb {
>   driver                        = sql
>   args                          = /etc/dovecot/sql.conf
> }
>
> # we are not using local users
> userdb {
>   driver                        = static
>   args                          = static uid=10000 gid=10000 home=/dev/null
> }
>
> # configure backend for postfix sasl-auth
> service auth {
>    unix_listener /var/spool/postfix/private/auth {
>    mode                         = 0660
>    user                         = postfix
>    group                        = postfix
>   }
> }
>
>



More information about the dovecot mailing list