rawlog

[Matt Bryant]

Sigh ... one issue was misconfig kinda forgot to add the script into
imap service  .. the other is I thought I had updated the dovecot
package but that was on another instance to rawlog_dir wouldnt have been
in that version. Rats .. its a shame there is not auto create though
mis-read that one.

rgds

Matt
> Aki Tuomi <mailto:aki.tuomi at dovecot.fi>
> 4 August 2017 at 4:05 am
>
> Most common mistake with rawlogs is to assume that the target
> directory gets created. It doesn't.
>
> You need to make sure the target directory exists fully expanded, e.g.
> if you have target directory /tmp/rawlogs/%u, you need to create
> /tmp/rawlogs/victim and chmod it to 0777.
>
> Aki
> Alexander Dalloz <mailto:ad+lists at uni-x.org>
> 4 August 2017 at 3:57 am
> Am 03.08.2017 um 01:04 schrieb Matt Bryant:
>> Hi,
>>
>> Trying to get rawlog working on dovecot 2.2.31 configured as per
>>
>> https://wiki2.dovecot.org/Debugging/Rawlog
>>
>> but
>>
>> a) it doesnt appear to be loggin anything
>> b) rawlog_dir which is supposed to be v2.2.26+ seems no where in site ..
>> in fact complains about unknown variable
>>
>> So does rawlog still do anything ???? Or am I missing something ...
>> config is below ....
>>
>>
>> # 2.2.19: /etc/dovecot/dovecot.conf
>
> You run dovecot 2.2.19, not v2.2.26+.
>
> From where did you take that specific version? CentOS 7 ships dovecot
> 2.2.10. I can recommend the usage of the dovecot packages from the
> ghettoforge.org repository. Then you are current (2.2.31 actually).
>
>> # Pigeonhole version 0.4.9 (357ac0a0e68b+)
>> doveconf: Warning: service auth { client_limit=30000 } is lower than
>> required under max. load (150032)
>> doveconf: Warning: service anvil { client_limit=22000 } is lower than
>> required under max. load (50027)
>> # OS: Linux 3.10.0-327.4.4.el7.x86_64 x86_64 CentOS Linux release
>> 7.2.1511 (Core)
>
> Please, keep your systems up to date! At least your kernel is terribly
> out of date.
>
> Regards
>
> Alexander
> Matt Bryant <mailto:devops at atmail.com>
> 3 August 2017 at 9:04 am
> Hi,
>
> Trying to get rawlog working on dovecot 2.2.31 configured as per
>
> https://wiki2.dovecot.org/Debugging/Rawlog
>
> but
>
> a) it doesnt appear to be loggin anything
> b) rawlog_dir which is supposed to be v2.2.26+ seems no where in site ..
> in fact complains about unknown variable
>
> So does rawlog still do anything ???? Or am I missing something ...
> config is below ....
>
>
> # 2.2.19: /etc/dovecot/dovecot.conf
> # Pigeonhole version 0.4.9 (357ac0a0e68b+)
> doveconf: Warning: service auth { client_limit=30000 } is lower than
> required under max. load (150032)
> doveconf: Warning: service anvil { client_limit=22000 } is lower than
> required under max. load (50027)
> # OS: Linux 3.10.0-327.4.4.el7.x86_64 x86_64 CentOS Linux release
> 7.2.1511 (Core)
> auth_cache_negative_ttl = 2 mins
> auth_cache_size = 10 M
> auth_cache_ttl = 10 mins
> auth_master_user_separator = *
> auth_mechanisms = plain login
> auth_worker_max_count = 10000
> default_client_limit = 50000
> default_process_limit = 50000
> disable_plaintext_auth = no
> doveadm_password = # hidden, use -P to show it
> imap_client_workarounds = delay-newmail tb-extra-mailbox-sep tb-lsub-flags
> imap_hibernate_timeout = 1 mins
> imap_idle_notify_interval = 1 mins
> login_greeting = IMAP/POP3 ready - dev-dh-ro-ms-001-b
> mail_attachment_dir = /var/lib/dovecot/attachments/%Ld
> mail_cache_min_mail_count = 5
> mail_plugins = " notify replication quota virtual"
> mailbox_list_index = yes
> managesieve_notify_capability = mailto
> managesieve_sieve_capability = fileinto reject envelope
> encoded-character vacation subaddress comparator-i;ascii-numeric
> relational regex imap4flags copy include variables body enotify
> environment mailbox date index ihave duplicate vacation-seconds spamtest
> spamtestplus editheader
> mbox_write_locks = fcntl
> mmap_disable = yes
> namespace {
> inbox = yes
> list = yes
> location =
> mailbox Archive {
> auto = create
> special_use = \Archive
> }
> mailbox Drafts {
> auto = create
> special_use = \Drafts
> }
> mailbox Sent {
> auto = create
> special_use = \Sent
> }
> mailbox Spam {
> auto = create
> special_use = \Junk
> }
> mailbox Trash {
> auto = create
> special_use = \Trash
> }
> prefix = INBOX/
> separator = /
> type = private
> }
> namespace {
> list = no
> location = virtual:/var/lib/dovecot/virtual:INDEXPVT=~/virtual
> prefix = virtual/
> separator = /
> type = private
> }
> passdb {
> args = /etc/dovecot/sql_users.conf
> driver = sql
> }
> plugin {
> mail_log_events = delete expunge
> mail_log_fields = uid box msgid size
> mail_replica = tcp:dev-ms-001-a:4000
> quota = dict:UserQuota::file:%h/dovecot-quota
> quota_rule2 = INBOX/Trash:storage=+10%%
> sieve = file:~/sieve/user;active=~/.dovecot.sieve
> sieve_default = file:/var/lib/dovecot/sieve/default.sieve
> sieve_default_name = default
> sieve_editheader_max_header_size = 1k
> sieve_extensions = +spamtest +spamtestplus +editheader +vacation-seconds
> sieve_global = file:/var/lib/dovecot/sieve
> sieve_quota_max_scripts = 5
> sieve_spamtest_max_value = 200
> sieve_spamtest_status_header = X-Spam-score-int: -?([[:digit:]]+)
> sieve_spamtest_status_type = score
> sieve_vacation_default_period = 10d
> sieve_vacation_max_period = 30d
> sieve_vacation_min_period = 1s
> }
> pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
> pop3_fast_size_lookups = yes
> protocols = imap pop3 lmtp sieve
> replication_dsync_parameters = -d -n INBOX -l 30 -U
> service aggregator {
> fifo_listener replication-notify-fifo {
> user = vmail
> }
> unix_listener replication-notify {
> user = vmail
> }
> }
> service anvil {
> client_limit = 22000
> }
> service auth-worker {
> user = $default_internal_user
> }
> service auth {
> client_limit = 30000
> unix_listener auth_client {
> mode = 0660
> user = exim
> }
> }
> service doveadm {
> client_limit = 1
> inet_listener {
> address = *
> port = 4000
> }
> process_limit = 80
> process_min_avail = 8
> service_count = 10
> }
> service imap-hibernate {
> client_limit = 8000
> process_limit = 8
> process_min_avail = 8
> service_count = 0
> unix_listener imap-hibernate {
> group = vmail
> mode = 0660
> }
> }
> service imap-login {
> client_limit = 8000
> inet_listener imap {
> port = 143
> }
> process_limit = 8
> process_min_avail = 8
> service_count = 0
> }
> service imap {
> client_limit = 1
> process_limit = 50000
> service_count = 100
> }
> service managesieve-login {
> client_limit = 1000
> inet_listener sieve {
> port = 4190
> }
> process_limit = 8
> process_min_avail = 8
> service_count = 0
> }
> service managesieve {
> process_limit = 1024
> }
> service pop3-login {
> client_limit = 1000
> inet_listener pop3 {
> port = 110
> }
> process_limit = 8
> process_min_avail = 8
> service_count = 0
> }
> service pop3 {
> process_limit = 10000
> }
> service postlogin {
> executable = script-login -d rawlog
> unix_listener postlogin {
> group = atmail
> mode = 0660
> }
> }
> service replicator {
> process_min_avail = 1
> unix_listener replicator-doveadm {
> group = atmail
> mode = 0660
> }
> }
> shutdown_clients = no
> ssl_cert = </etc/pki/dovecot/certs/dovecot.pem
> ssl_key = </etc/pki/dovecot/private/dovecot.pem
> userdb {
> driver = prefetch
> }
> userdb {
> args = /etc/dovecot/sql_users.conf
> driver = sql
> }
> protocol imap {
> mail_max_userip_connections = 30000
> mail_plugins = " notify replication quota virtual imap_quota"
> }
> protocol pop3 {
> mail_max_userip_connections = 30000
> mail_plugins = " notify replication quota virtual"
> }
> protocol lmtp {
> auth_username_format = %Lu
> mail_plugins = " notify replication quota virtual sieve quota"
> postmaster_address = mailer-daemon
> }