<html>
  <head>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
  </head>
  <body>
    <font face="Lato">Thanks Robert, I read that. I will also wait for a
      patch and stay<br>
      <br>
      Cheers<br>
    </font><br>
    <div class="moz-cite-prefix">On 30/10/2021 12:59, Robert Nowotny
      wrote:<br>
    </div>
    <blockquote type="cite"
      cite="mid:39099ca7-edf4-1cf7-7711-8a3377c99273@rotek.at">
      <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
      <font face="Courier New">the reason is : <br>
        <br>
      </font><font face="Courier New"><font face="Lato">ssl_ca =
          </etc/ssl/certs/ca-bundle.crt<br>
          <br>
          if "</font></font><font face="Courier New"><font face="Lato"><font
            face="Courier New"><font face="Lato">ca-bundle.crt" </font></font>is
          too big, You will get that error.<br>
          this should be fixed, but as a workaround You might pull out
          the certificates You need.<br>
          I personally wait for the patch and stay at 2.3.16 for the
          time beeing.<br>
          <br>
          yours sincerely<br>
          Robert<br>
        </font></font><br>
      <br>
      <div class="moz-cite-prefix">Am 30.10.2021 um 10:34 schrieb TG
        Servers:<br>
      </div>
      <blockquote type="cite"
        cite="mid:5490c634-f7da-50bc-3909-ce6be1a7f1ed@prvtmail.net">
        <meta http-equiv="content-type" content="text/html;
          charset=UTF-8">
        <font face="Lato">Hello,<br>
          <br>
          tonight my dovecot upgraded to 2.3.17 and completely broke on
          recent CentOS 8 installation.<br>
          <br>
          I found the service in status <br>
          <br>
          [root@riot ~]# systemctl status dovecot<br>
          ● dovecot.service - Dovecot IMAP/POP3 email server<br>
             Loaded: loaded (/usr/lib/systemd/system/dovecot.service;
          enabled; vendor preset: disabled)<br>
             Active: failed (Result: exit-code) since Sat 2021-10-30
          09:59:11 CEST; 58s ago<br>
               Docs: man:dovecot(1)<br>
                     <a class="moz-txt-link-freetext"
            href="https://doc.dovecot.org/" moz-do-not-send="true">https://doc.dovecot.org/</a><br>
            Process: 1515 ExecStart=/usr/sbin/dovecot -F (code=exited,
          status=89)<br>
            Process: 1429
          ExecStartPre=/usr/libexec/dovecot/prestartscript (code=exited,
          status=0/SUCCESS)<br>
           Main PID: 1515 (code=exited, status=89)<br>
          <br>
          Oct 30 09:59:10 riot.<domain>.com systemd[1]: Starting
          Dovecot IMAP/POP3 email server...<br>
          Oct 30 09:59:11 riot.<domain>.com dovecot[1515]:
          doveconf: Fatal: execvp(/usr/libexec/dovecot/managesieve)
          failed: Argument list too long<br>
          Oct 30 09:59:11 riot.<domain>.com dovecot[1515]:
          doveconf: Error: managesieve-login: dump-capability process
          returned 89<br>
          Oct 30 09:59:11 riot.<domain>.com dovecot[1515]:
          doveconf: Fatal: execvp(/usr/sbin/dovecot) failed: Argument
          list too long<br>
          Oct 30 09:59:11 riot.<domain>.com systemd[1]:
          dovecot.service: Main process exited, code=exited,
          status=89/n/a<br>
          Oct 30 09:59:11 riot.<domain>.com systemd[1]:
          dovecot.service: Failed with result 'exit-code'.<br>
          Oct 30 09:59:11 riot.<domain>.com systemd[1]: Failed to
          start Dovecot IMAP/POP3 email server.<br>
          <br>
          This seems to be like a bug as no configuration was changed by
          me in the middle of the night.<br>
          I recall there were similar errors/bug reports in the past
          were it seemed it was managesieve but wasn't, people had some
          misconfigurations in the dovecot.conf. I did not change my
          dovecot.conf since April.<br>
          But maybe here it is a pigeonhole issue.<br>
          <br>
          As I did not find any reason for it I changed the repo and
          downgraded to 2.3.16-2 now and it runs without any flaws, like
          all the time before. I had no time to investigate this any
          longer thand 2 hours with 2.3.17 installed as this is a
          production server and I need the email access. I also did not
          find anything adressable in the logs.<br>
          <br>
          [root@riot dovecot]# systemctl status dovecot<br>
          ● dovecot.service - Dovecot IMAP/POP3 email server<br>
             Loaded: loaded (/usr/lib/systemd/system/dovecot.service;
          enabled; vendor preset: disabled)<br>
             Active: active (running) since Sat 2021-10-30 10:18:11
          CEST; 2s ago<br>
               Docs: man:dovecot(1)<br>
                     <a class="moz-txt-link-freetext"
            href="https://doc.dovecot.org/" moz-do-not-send="true">https://doc.dovecot.org/</a><br>
            Process: 32398
          ExecStartPre=/usr/libexec/dovecot/prestartscript (code=exited,
          status=0/SUCCESS)<br>
           Main PID: 32452 (dovecot)<br>
             Status: "v2.3.16 (7e2e900c1a) running"<br>
              Tasks: 4 (limit: 99912)<br>
             Memory: 4.4M<br>
             CGroup: /system.slice/dovecot.service<br>
                     ├─32452 /usr/sbin/dovecot -F<br>
                     ├─32507 dovecot/anvil<br>
                     ├─32508 dovecot/log<br>
                     └─32513 dovecot/config<br>
          <br>
          Oct 30 10:18:11 riot.<domain>.com systemd[1]: Starting
          Dovecot IMAP/POP3 email server...<br>
          Oct 30 10:18:11 riot.<domain>.com dovecot[32452]:
          Warning: Corrected permissions for login directory
          /var/run/dovecot/token-login<br>
          Oct 30 10:18:11 riot.<domain>.com dovecot[32452]:
          master: Warning: Corrected permissions for login directory
          /var/run/dovecot/token-login<br>
          Oct 30 10:18:11 riot.<domain>.com dovecot[32452]:
          master: Dovecot v2.3.16 (7e2e900c1a) starting up for imap,
          lmtp, sieve<br>
          Oct 30 10:18:11 riot.<domain>.com systemd[1]: Started
          Dovecot IMAP/POP3 email server.<br>
          <br>
          <br>
          This is the configuration<br>
          # 2.3.16 (7e2e900c1a): /etc/dovecot/dovecot.conf<br>
          # Pigeonhole version 0.5.16 (09c29328)<br>
          # OS: Linux 4.18.0-305.19.1.el8_4.x86_64 x86_64 AlmaLinux
          release 8.4 (Electric Cheetah)<br>
          # Hostname: riot.<domain>.com<br>
          auth_mechanisms = plain login<br>
          auth_verbose = yes<br>
          listen = *<br>
          mail_gid = vmail<br>
          mail_home = /var/vmail/mailboxes/%d/%n<br>
          mail_location = maildir:~/mail:LAYOUT=fs<br>
          mail_plugins = " quota fts fts_solr"<br>
          mail_privileged_group = vmail<br>
          mail_uid = vmail<br>
          managesieve_notify_capability = mailto<br>
          managesieve_sieve_capability = fileinto reject envelope
          encoded-character vacation subaddress
          comparator-i;ascii-numeric relational regex imap4flags copy
          include variables body enotify environment mailbox date index
          ihave duplicate mime foreverypart extracttext imapsieve
          vnd.dovecot.imapsieve<br>
          namespace inbox {<br>
            inbox = yes<br>
            location =<br>
            mailbox Drafts {<br>
              auto = subscribe<br>
              special_use = \Drafts<br>
            }<br>
            mailbox Sent {<br>
              auto = subscribe<br>
              special_use = \Sent<br>
            }<br>
            mailbox Spam {<br>
              auto = subscribe<br>
              special_use = \Junk<br>
            }<br>
            mailbox Trash {<br>
              auto = subscribe<br>
              special_use = \Trash<br>
            }<br>
            prefix =<br>
            separator = .<br>
            type = private<br>
          }<br>
          passdb {<br>
            args = /etc/dovecot/dovecot-sql.conf<br>
            driver = sql<br>
          }<br>
          plugin {<br>
            fts = solr<br>
            fts_autoindex = yes<br>
            fts_solr = url=<a class="moz-txt-link-freetext"
            href="http://localhost" moz-do-not-send="true">http://localhost</a>:<solr_port>/solr/dovecot/<br>
            imapsieve_mailbox1_before = <a
            class="moz-txt-link-freetext"
            href="file:/var/vmail/sieve/global/learn-spam.sieve"
            moz-do-not-send="true">file:/var/vmail/sieve/global/learn-spam.sieve</a><br>
            imapsieve_mailbox1_causes = COPY<br>
            imapsieve_mailbox1_name = Spam<br>
            imapsieve_mailbox2_before = <a
            class="moz-txt-link-freetext"
            href="file:/var/vmail/sieve/global/learn-ham.sieve"
            moz-do-not-send="true">file:/var/vmail/sieve/global/learn-ham.sieve</a><br>
            imapsieve_mailbox2_causes = COPY<br>
            imapsieve_mailbox2_from = Spam<br>
            imapsieve_mailbox2_name = *<br>
            quota = maildir:User quota<br>
            quota_exceeded_message = User %u is over the storage quota<br>
            sieve = <a class="moz-txt-link-freetext"
href="file:/var/vmail/sieve/%d/%n/scripts;active=/var/vmail/sieve/%d/%n/active-script.sieve"
            moz-do-not-send="true">file:/var/vmail/sieve/%d/%n/scripts;active=/var/vmail/sieve/%d/%n/active-script.sieve</a><br>
            sieve_before = /var/vmail/sieve/global/spam-global.sieve<br>
            sieve_global_extensions = +vnd.dovecot.pipe<br>
            sieve_pipe_bin_dir = /usr/bin<br>
            sieve_plugins = sieve_imapsieve sieve_extprograms<br>
          }<br>
          protocols = imap lmtp sieve<br>
          service auth {<br>
            unix_listener /var/spool/postfix/private/auth {<br>
              group = postfix<br>
              mode = 0660<br>
              user = postfix<br>
            }<br>
            unix_listener auth-userdb {<br>
              group = vmail<br>
              mode = 0660<br>
              user = vmail<br>
            }<br>
          }<br>
          service imap-login {<br>
            inet_listener imap {<br>
              port = 0<br>
            }<br>
            inet_listener imaps {<br>
              port = 993<br>
            }<br>
          }<br>
          service lmtp {<br>
            unix_listener /var/spool/postfix/private/dovecot-lmtp {<br>
              group = postfix<br>
              mode = 0660<br>
              user = postfix<br>
            }<br>
            user = vmail<br>
          }<br>
          service managesieve-login {<br>
            inet_listener sieve {<br>
              port = 4190<br>
            }<br>
          }<br>
          ssl = required<br>
          ssl_ca = </etc/ssl/certs/ca-bundle.crt<br>
          ssl_cert = </etc/ssl/certs/<domain>.com_chain.crt<br>
          ssl_cipher_list =
TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:EECDH+AESGCM:EDH+AESGCM:@SECLEVEL=2<br>
          ssl_client_ca_dir = /etc/ssl/certs<br>
          ssl_client_ca_file = /etc/ssl/certs/ca-bundle.crt<br>
          ssl_dh = # hidden, use -P to show it<br>
          ssl_key = # hidden, use -P to show it<br>
          ssl_prefer_server_ciphers = yes<br>
          userdb {<br>
            args = /etc/dovecot/dovecot-sql.conf<br>
            driver = sql<br>
          }<br>
          protocol imap {<br>
            imap_idle_notify_interval = 24 mins<br>
            mail_max_userip_connections = 20<br>
            mail_plugins = " quota fts fts_solr imap_quota imap_sieve"<br>
          }<br>
          protocol lmtp {<br>
            mail_plugins = " quota fts fts_solr sieve"<br>
            postmaster_address = postmaster@<domain>.com<br>
          }<br>
          local_name mail.<domain_3>.com {<br>
            ssl_cert = </etc/ssl/certs/<domain_3>.com_chain.crt<br>
            ssl_key = # hidden, use -P to show it<br>
          }<br>
          local_name mail.<domain_2>.net {<br>
            ssl_cert = </etc/ssl/certs/<domain_2>.net_chain.crt<br>
            ssl_key = # hidden, use -P to show it<br>
          }<br>
          local_name mail.<domain>.com {<br>
            ssl_cert = </etc/ssl/certs/<domain>.com_chain.crt<br>
            ssl_key = # hidden, use -P to show it<br>
          }<br>
          <br>
          <br>
          <br>
          <br>
          <br>
          <br>
        </font> </blockquote>
      <br>
    </blockquote>
    <br>
  </body>
</html>