2.1 to 2.2 server migration Qs: sanity check, config ?
Aki Tuomi
aki.tuomi at dovecot.fi
Fri Dec 15 17:34:07 EET 2017
Please read between the lines =)
at least you should remove autocreate plugin.
> On December 15, 2017 at 4:47 PM voytek at sbt.net.au wrote:
>
>
> I have an old Centos 6 running dovecot 2.1.17 with Postfix 2.1x, mysql
> virtual domains, in the process of setting a new Centos 7 to migrate,
> copied /etc/dovecot, made some minor edits to get rid of errors, added
> Letsencrypt in place of self certified certs, it seems to work, using mail
> client I can log on StartSSL/110/143, TLS/995/993 with no visible errors
> when login on
>
> is there any other sanity checks I should do ? before I start putting
> users on it ?
>
> attaching dovecot.conf at the end, appreciate any suggestion or correction
>
> I see a lot of these warning, are they benign?
>
> #grep Warning /var/log/dovecot.log | wc
> 74 1102 6900
> # wc /var/log/dovecot.log
> 174 2299 19716 /var/log/dovecot.log
>
>
> Dec 16 00:57:12 auth: Warning: auth client 0 disconnected with 1 pending
> requests: Connection reset by peer
> Dec 16 00:57:52 auth: Warning: auth client 0 disconnected with 1 pending
> requests: EOF
> Dec 16 00:57:59 auth: Warning: auth client 0 disconnected with 1 pending
> requests: Connection reset by peer
>
> ( as I've re used an old host name, I can see some users already trying to
> connect, they must've never removed this server name when it was shut
> down, perhaps they're generating these errors, repeatedly logging on ?)
>
> # doveadm who
> username # proto (pids) (ips)
> five at aaa.com.au 1 imap (9047) (35.196.255.170)
> seven at aaa.com.au 1 imap (9056) (104.196.21.108)
> eight at aaa.com.au 1 imap (9062) (35.196.255.170)
> five at aa.com.au 2 imap (9240 9044) (203.194.43.48 35.196.255.170)
> six at aa.com.au 2 imap (9248 9063) (203.194.43.48 35.185.44.87)
> postbox at aa.com.au 1 imap (9057) (104.196.178.232)
> eight at aa.com.au 2 imap (9244 9050) (203.194.43.48 35.196.255.170)
> seven at aa.com.au 2 imap (9055 9242) (104.196.21.108 203.194.43.48)
> six at aaa.com.au 1 imap (9054) (35.185.44.87)
>
>
> doveconf -n -c /etc/dovecot/test/dovecot.conf >
> /etc/dovecot/test/dovecot.conf.new
>
> # cat dovecot.conf.new
>
> # 2.2.33.2 (d6601f4ec): /etc/dovecot/test/dovecot.conf
> # Pigeonhole version 0.4.21 (92477967)
> # OS: Linux 3.10.0-693.11.1.el7.x86_64 x86_64 CentOS Linux release
> 7.4.1708 (Core)
> auth_master_user_separator = *
> auth_mechanisms = PLAIN LOGIN
> dict {
> acl = mysql:/etc/dovecot/dovecot-share-folder.conf
> quotadict = mysql:/etc/dovecot/dovecot-used-quota.conf
> }
> first_valid_uid = 2000
> last_valid_uid = 2000
> listen = *
> log_path = /var/log/dovecot.log
> mail_gid = 2000
> mail_location = maildir:/%Lh/Maildir/:INDEX=/%Lh/Maildir/
The INDEX= is redundant.
> mail_plugins = quota
> mail_uid = 2000
> managesieve_notify_capability = mailto
> managesieve_sieve_capability = fileinto reject envelope encoded-character
> vacation subaddress comparator-i;ascii-numeric relational regex imap4flags
> copy include variables body enotify environment mailbox date index ihave
> duplicate mime foreverypart extracttext
> namespace {
> inbox = yes
> location =
> prefix =
> separator = /
> type = private
> }
> namespace {
> list = children
> location = maildir:/%%Lh/Maildir/:INDEX=/%%Lh/Maildir/Shared/%%u
You should read https://wiki.dovecot.org/SharedMailboxes/Shared
> prefix = Shared/%%u/
> separator = /
> subscriptions = yes
> type = shared
> }
> passdb {
> args = /etc/dovecot/dovecot-mysql.conf
> driver = sql
> }
> passdb {
> args = /etc/dovecot/dovecot-master-users-password
> driver = passwd-file
> master = yes
> }
> plugin {
> acl = vfile
> acl_shared_dict = proxy::acl
> auth_socket_path = /var/run/dovecot/auth-master
> autocreate = INBOX
> autocreate2 = Sent
> autocreate3 = Trash
> autocreate4 = Drafts
> autocreate5 = Junk
> autosubscribe = INBOX
> autosubscribe2 = Sent
> autosubscribe3 = Trash
> autosubscribe4 = Drafts
> autosubscribe5 = Junk
autocreate & autosubscribe should be converted into
namespace {
mailbox INBOX {
auto = subscribe # (or just create if subscribing is not required)
}
}
> quota = dict:user::proxy::quotadict
> quota_rule = *:storage=1G
> quota_warning = storage=85%% quota-warning 85 %u
> quota_warning2 = storage=90%% quota-warning 90 %u
> quota_warning3 = storage=95%% quota-warning 95 %u
> sieve = /%Lh/sieve/dovecot.sieve
> sieve_dir = /%Lh/sieve
> sieve_global_dir = /var/vmail/sieve
> sieve_global_path = /var/vmail/sieve/dovecot.sieve
> }
> protocols = pop3 imap sieve
> service auth {
> unix_listener /var/spool/postfix/dovecot-auth {
> group = postfix
> mode = 0666
> user = postfix
> }
This could be mode = 0600
> unix_listener auth-master {
> group = vmail
> mode = 0666
> user = vmail
> }
> unix_listener auth-userdb {
> group = vmail
> mode = 0660
> user = vmail
> }
> }
You sure you need these?
> service dict {
> unix_listener dict {
> group = vmail
> mode = 0660
> user = vmail
> }
> }
> service imap-login {
> process_limit = 500
> service_count = 1
> }
> service pop3-login {
> service_count = 1
> }
> service quota-warning {
> executable = script /usr/local/bin/dovecot-quota-warning.sh
> unix_listener quota-warning {
> group = vmail
> mode = 0660
> user = vmail
> }
> }
> ssl = required
> ssl_cert = </etc/letsencrypt/..fullchain.pem
> ssl_key = # hidden, use -P to show it
> userdb {
> args = /etc/dovecot/dovecot-mysql.conf
> driver = sql
> }
> protocol lda {
> auth_socket_path = /var/run/dovecot/auth-master
should not be needed
> lda_mailbox_autocreate = yes
> log_path = /var/log/sieve.log
> mail_plugins = quota sieve autocreate
> postmaster_address = root
> }
> protocol imap {
> imap_client_workarounds = tb-extra-mailbox-sep
> mail_max_userip_connections = 60
> mail_plugins = quota imap_quota
> }
> protocol pop3 {
> mail_plugins = quota
> pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
> pop3_uidl_format = %08Xu%08Xv
> }
> #
>
>
>
Aki
More information about the dovecot
mailing list