From spack.world at gmail.com Thu Sep 1 01:17:47 2011 From: spack.world at gmail.com (Spack) Date: Thu, 1 Sep 2011 00:17:47 +0200 Subject: [Dovecot] [PATCH] Allow verification of user's hash in doveadm-pw Message-ID: Hi, It may be useful for testing purpose to know if a generated password hash correspond to a given clear password. This can be useful to check if a hash generated by another program can be verified by Dovecot without any errors. This patch adds the ability the verify a password hash using `doveadm pw` via the `-V` option. ??? $ doveadm pw -s SSHA.hex ??? Enter new password: ??? Retype new password: ??? {SSHA.HEX}58b910d947c60b35be3e12b0d9897c1f87dfa450e6d5a75c ??? $ doveadm pw -s SSHA.hex -V{SSHA.HEX}58b910d947c60b35be3e12b0d9897c1f87dfa450e6d5a75c ??? Enter new password: ??? Retype new password: ??? {SSHA.HEX}4fdf801f57870fb624bee60895c2308187837dfb3987ca06 (verified) When the user specify a hash, it is checked in place of the usual verification process. This works with all schemes. Just be sure to escape special characters or use simple quotes. $ doveadm pw -s MD5-CRYPT -V'{MD5-CRYPT}$1$R7thDyN.$E0G0czPE/h4S0Hn/b5oVW1' Enter new password: Retype new password: {MD5-CRYPT}$1$rp8nVSqq$gDAPM5iqv1yhBoDZIWsQ4/ (verified) Lets print a failed check: doveadm pw -s CRYPT -V{CRYPT}/uuE/AAAAAAAA Enter new password: Retype new password: reverse password verification check failed FYI the word used for those test cases was "password". Regards, ___ Jimmy Thrasibule -------------- next part -------------- A non-text attachment was scrubbed... Name: user_hash-doveadm-pw.diff Type: text/x-patch Size: 1708 bytes Desc: not available URL: From stephan at rename-it.nl Thu Sep 1 02:15:39 2011 From: stephan at rename-it.nl (Stephan Bosch) Date: Thu, 01 Sep 2011 01:15:39 +0200 Subject: [Dovecot] thunderbird and subscriptions with sieve In-Reply-To: <4E5E9E36.8020904@teradactyl.com> References: <4E5E9E36.8020904@teradactyl.com> Message-ID: <4E5EC09B.6010709@rename-it.nl> On 8/31/2011 10:48 PM, Kristen J. Webb wrote: > Hi All, > I'm a newbie trying to move mail out of my ISP onto a ubuntu (lucid) > dovecot 1.2.9 server. > > Is there any way to automatically add folders created by sieve > (GNU Mailutils 2.1) to the subscriptions file for a user? > > I'm currently testing spam, and if sieve created the folder with the > first > message, the thunderbird user does not see the new folder. > Even more interesting, if the user then tries to create the Spam > directory > it thunderbird seems to quietly ignore the request and the user still > cannot see the folder, but I digress... > > I can manually subscribe with thunderbird, but this won't scale for more > complex sieve later by making the user responsible for finding > everything. > > I can turn off subscription view in advanced settings on thunderbird, > but we are trying to wean ourselves of of individual mail clients > and I don't want to have to test this everywhere. > > Many thanks in advance! If you set lda_mailbox_autosubscribe to yes, it will subscribe folders created by Sieve automatically. However, afaik Thunderbird will not notice the subscription at first. You need to reconnect for that to be noticed. Regards, Stephan. From thomas-lists at nybeta.com Thu Sep 1 03:30:11 2011 From: thomas-lists at nybeta.com (Thomas Harold) Date: Wed, 31 Aug 2011 20:30:11 -0400 Subject: [Dovecot] thunderbird and subscriptions with sieve In-Reply-To: <4E5EC09B.6010709@rename-it.nl> References: <4E5E9E36.8020904@teradactyl.com> <4E5EC09B.6010709@rename-it.nl> Message-ID: <4E5ED213.809@nybeta.com> On 8/31/2011 7:15 PM, Stephan Bosch wrote: > > If you set lda_mailbox_autosubscribe to yes, it will subscribe folders > created by Sieve automatically. > > However, afaik Thunderbird will not notice the subscription at first. > You need to reconnect for that to be noticed. > That's been my experience. Sometimes a refresh will pick it up, but Thunderbird tends to be very slow about picking up new folders until you restart Thunderbird. Note that in Dovecot v1, there's a flag that you set on the dovecot LDA to enable this behavior (lda_mailbox_autosubscribe was added in Dovecot v2): http://wiki.dovecot.org/LDA Note the "-n" and "-s" parameters. (Which get configured in master.cf if you're using Postfix. Not sure how that gets configured on other MTAs.) From thomas-lists at nybeta.com Thu Sep 1 03:40:09 2011 From: thomas-lists at nybeta.com (Thomas Harold) Date: Wed, 31 Aug 2011 20:40:09 -0400 Subject: [Dovecot] Multiple domains to one inbox and temporary redirects... In-Reply-To: <4E5E6446.1070406@bunbun.be> References: <007f01cc67f6$5622d1c0$02687540$@brereton@buongiorno.com> <4E5E6446.1070406@bunbun.be> Message-ID: <4E5ED469.5070202@nybeta.com> On 8/31/2011 12:41 PM, Nick Rosier wrote: > I'm using Postfixadmin to manage users and have server alias-domains. > All mail sent to an alias-domain is delivered to the other domain. Quite > easy if you've got postfixadmin already setup. > > Otherwise I think you could configure virtual_alias_maps in postfix to > something like hash:virtual_domains > > virtual_domains: > @example.net @example.com > It's been a while since I played with virtual_alias_maps, but does that allow Postfix to say "that account doesn't exist" during the initial SMTP transaction? We try to reject as much as possible during the SMTP session to avoid any later bounces. I remember that one of the ways of doing it was bad as Postfix would accept, then a later step (maybe the LDA) would say "whoops! can't deliver this". So we do it one by one by creating a virtual mailbox under the primary domain (user1 at example.com) and then doing a virtual alias under the secondary domain (user1 at example.net -> user1 at example.com). From micah at riseup.net Thu Sep 1 00:58:31 2011 From: micah at riseup.net (Micah Anderson) Date: Wed, 31 Aug 2011 17:58:31 -0400 Subject: [Dovecot] sorting order changed during migration from courier Message-ID: <87bov5dz08.fsf@algae.riseup.net> Hello, I've been working to migrate to dovecot (debian stable: 1:1.2.15-7) from courier (debian old-stable: 4.4.0-2). I've setup everything and migrated a test user over to the new system, and ran the courier-dovecot-migrate.pl script. The user is using alpine (the free version of pine) and their sort order changed on move to dovecot. Originally it was the default in alpine, which is to sort based on arrival. If he changes the sort order in alpine to sort based on date, then things are back to how he expects it. I noticed that there are no known issues with pine (http://wiki.dovecot.org/Clients#Pine). Ideally, I would prefer if all the users who are migrated aren't presented with a different sort order than they were used to, as the support burden will be quite high. What is it about this migration that could have caused that, and more importantly, how can I fix it? I moved the mail from the original system to this system via rsync -a. The old system was an i686 machine and ext3, this new one is amd64 and ext4. thanks for any ideas! micah # dovecot -n # 1.2.15: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.2 protocols: imap imaps pop3 pop3s disable_plaintext_auth: no verbose_ssl: yes login_dir: /var/run/dovecot/login login_executable(default): /usr/lib/dovecot/imap-login login_executable(imap): /usr/lib/dovecot/imap-login login_executable(pop3): /usr/lib/dovecot/pop3-login login_greeting: howdy, ready. login_processes_count: 10 login_max_processes_count: 256 first_valid_uid: 8 last_valid_uid: 8 first_valid_gid: 8 last_valid_gid: 8 mail_uid: 8 mail_gid: 8 mail_location: maildir:~/ maildir_copy_preserve_filename: yes maildir_very_dirty_syncs: yes mbox_write_locks: fcntl dotlock mail_executable(default): /maildir/postlogin_imap mail_executable(imap): /maildir/postlogin_imap mail_executable(pop3): /maildir/postlogin_pop mail_process_size: 512 mail_plugins(default): expire quota imap_quota mail_plugins(imap): expire quota imap_quota mail_plugins(pop3): expire quota mail_plugin_dir(default): /usr/lib/dovecot/modules/imap mail_plugin_dir(imap): /usr/lib/dovecot/modules/imap mail_plugin_dir(pop3): /usr/lib/dovecot/modules/pop3 imap_client_workarounds(default): tb-extra-mailbox-sep delay-newmail imap_client_workarounds(imap): tb-extra-mailbox-sep delay-newmail imap_client_workarounds(pop3): pop3_client_workarounds(default): pop3_client_workarounds(imap): pop3_client_workarounds(pop3): outlook-no-nuls oe-ns-eoh namespace: type: private separator: . prefix: INBOX. inbox: yes list: yes subscriptions: yes lda: postmaster_address: postmaster at riseup.net auth default: default_realm: riseup.net verbose: yes passdb: driver: sql args: /etc/dovecot/dovecot-sql.conf userdb: driver: prefetch dict: expire: mysql:/etc/dovecot/dovecot-dict-expire.conf -- -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 835 bytes Desc: not available URL: From tss at iki.fi Thu Sep 1 04:32:34 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 1 Sep 2011 04:32:34 +0300 Subject: [Dovecot] thunderbird and subscriptions with sieve In-Reply-To: <4E5E9E36.8020904@teradactyl.com> References: <4E5E9E36.8020904@teradactyl.com> Message-ID: On 31.8.2011, at 23.48, Kristen J. Webb wrote: > Is there any way to automatically add folders created by sieve > (GNU Mailutils 2.1) to the subscriptions file for a user? You mean you're using Mailutils Sieve, not Dovecot Sieve? The only reasonable solution I can think of is: Mailutils Sieve would have to subscribe to newly created folders itself, maybe by patching it or if it supports running some script then doing it that way. With Dovecot v2.0 it could run "doveadm mailbox subscribe $folder", but with v1.2 you'd have to write your own script. Any other solution would basically require always subscribing to all folders, which kind of defeats their whole purpose. From tss at iki.fi Thu Sep 1 04:34:48 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 1 Sep 2011 04:34:48 +0300 Subject: [Dovecot] Proprietary mail storage. In-Reply-To: References: <6E503447-8B67-454D-9B3E-EE34C3675405@iki.fi> Message-ID: Should work fine. On 31.8.2011, at 22.19, Alex Cherniak wrote: > Thanks, Timo. > Technically, it's not a Maildir, but my plan is to re-create one with > folders containing hard or symbolic links pointing to the real > storage. Is it going to be a problem? > > On Wed, Aug 31, 2011 at 10:52 AM, Timo Sirainen wrote: >> On 31.8.2011, at 17.24, Alex Cherniak wrote: >> >>> I have a large existing read-only collection of mails packaged in >>> individual zip files as +. Is it >>> possible (and how difficult) to create a proprietary plugin (like >>> gzip) which will open a zip file, extract mail and pass it back to >>> Dovecot? Where do I start? If plugin is not the right approach, what >>> is? >> >> Is it otherwise a Maildir? If yes, you could base your code on the zlib plugin, or perhaps more easily you could use mail-filter plugin: http://dovecot.org/patches/2.0/mail-filter.tar.gz >> >> With mail-filter you can basically just put the messages through whatever program/script you want which gets the mail as input and outputs the wanted message body. I think the v2.0 mail-filter had some (potential?) bug, v2.1 mail-filter is anyway redesigned and should work perfectly. >> >>> Another question is how will this affect Dovecot performance and how >>> to avoid any significant degradation. >> >> I doubt it's going to be a problem. >> >> > From dlie76 at yahoo.com.au Thu Sep 1 09:07:57 2011 From: dlie76 at yahoo.com.au (Daminto Lie) Date: Wed, 31 Aug 2011 23:07:57 -0700 (PDT) Subject: [Dovecot] dovecot imap permission denied In-Reply-To: <69D3650A-1B43-42C7-8FBD-C921F80C5D5F@iki.fi> References: <1314763772.49414.YahooMailNeo@web113404.mail.gq1.yahoo.com> <1314766974.8787.26.camel@hurina> <1314773266.74037.YahooMailNeo@web113409.mail.gq1.yahoo.com> <69D3650A-1B43-42C7-8FBD-C921F80C5D5F@iki.fi> Message-ID: <1314857277.11811.YahooMailNeo@web113409.mail.gq1.yahoo.com> Thanks Timo for your reply. It now works fine with Passdb LDAP with password lookups. Users can now login with no problem.? However, when trying to do LDAP authentication with Authentication binds, I received the following errors from mail.log Sep? 1 15:34:22 server1 dovecot: auth(default): client in: AUTH#0111#011PLAIN#011service=imap#011secured#011lip=127.0.0.1#011rip=127.0.0.1#011lport=143#011rport=34719#011resp=AG1pa2VfbGVlAGRsaWUzMjA1 Sep? 1 15:34:22 server1 dovecot: auth-worker(default): pam(mike_lee,127.0.0.1): lookup service=dovecot Sep? 1 15:34:22 server1 dovecot: auth-worker(default): pam(mike_lee,127.0.0.1): #1/1 style=1 msg=Password: Sep? 1 15:34:22 server1 dovecot: auth(default): new auth connection: pid=1947 Sep? 1 15:34:24 server1 dovecot: auth-worker(default): pam(mike_lee,127.0.0.1): pam_authenticate() failed: Authentication failure (password mismatch?) (given password: secrets) Sep? 1 15:34:24 server1 dovecot: auth(default): passwd(mike_lee,127.0.0.1): lookup Sep? 1 15:34:24 server1 dovecot: auth(default): passwd(mike_lee,127.0.0.1): unknown user Sep? 1 15:34:24 server1 dovecot: auth(default): ldap(mike_lee,127.0.0.1): invalid credentials (given password: secrets) Sep? 1 15:34:26 server1 dovecot: auth(default): client out: FAIL#0111#011user=mike_lee Sep? 1 15:34:31 server1 dovecot: imap-login: Aborted login (auth failed, 1 attempts): user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured I do not understand why I am getting pam() authentication issue when I deliberately chose not to use it. The following is the setting I have in dovecot-ldap.conf hosts = localhost #uris = dn = uid=dovecot,ou=accounts,dc=companyexample,dc=com,dc=au dnpass = helloworld #sasl_bind = no #sasl_mech = #sasl_realm = #sasl_authz_id = #tls = no #tls_ca_cert_file = #tls_ca_cert_dir = #tls_cert_file = #tls_key_file = #tls_cipher_suite = #tls_require_cert = #ldaprc_path = #debug_level = 0 auth_bind = yes auth_bind_userdn = cn=%u,ou=accounts,dc=companyexample,dc=com,dc=au ldap_version = 3 base = ou=accounts,dc=companyexample,dc=com,dc=au deref = never scope = subtree user_attrs = homeDirectory=home user_filter = (&(objectClass=posixAccount)(uid=%u)) #pass_attrs = uid=user,userPassword=password pass_filter = (&(objectClass=posixAccount)(uid=%u)) default_pass_scheme = PLAIN This is what I have in dovecot.conf base_dir = /var/run/dovecot protocols = imap ?? protocol imap { ???? listen = *:143 ?? } #?? protocol pop3 { #???? listen = *:10100 #???? .. #?? } #?? protocol managesieve { #???? listen = *:12000 #???? .. #?? } #listen = * disable_plaintext_auth = no log_timestamp = "%Y-%m-%d %H:%M:%S " #ssl_listen = ssl = no #ssl_cert_file = /etc/ssl/certs/dovecot.pem #ssl_key_file = /etc/ssl/private/dovecot.pem #ssl_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem #ssl_key_file = /etc/ssl/private/ssl-cert-snakeoil.key #ssl_key_password = #ssl_ca_file = #ssl_verify_client_cert = no #ssl_cert_username_field = commonName #ssl_parameters_regenerate = 168 #ssl_cipher_list = ALL:!LOW:!SSLv2 #verbose_ssl = no login_dir = /var/run/dovecot/login login_chroot = yes login_user = dovecot #login_process_size = 64 #login_process_per_connection = yes #login_processes_count = 3 #login_max_processes_count = 128 #login_max_connections = 256 #login_greeting = Dovecot ready. #login_trusted_networks = #login_log_format_elements = user=<%u> method=%m rip=%r lip=%l %c #login_log_format = %$: %s mail_location = maildir:/home/%u/Maildir mail_uid = 3000 mail_gid = 8 mail_privileged_group = mail #mail_access_groups = #mail_full_filesystem_access = no #mail_debug = no #mail_log_max_lines_per_sec = 10 #mmap_disable = no #dotlock_use_excl = yes #fsync_disable = no #mail_nfs_index = no #lock_method = fcntl #mail_drop_priv_before_exec = no verbose_proctitle = yes first_valid_uid = 3000 last_valid_uid = 3000 first_valid_gid = 8 last_valid_gid = 8 #max_mail_processes = 512 #mail_process_size = 256 #mail_max_keyword_length = 50 #valid_chroot_dirs = #mail_chroot = #mail_cache_min_mail_count = 0 #mailbox_idle_check_interval = 30 mail_save_crlf = no #maildir_stat_dirs = no maildir_copy_with_hardlinks = yes #maildir_copy_preserve_filename = no #maildir_very_dirty_syncs = no protocol imap { ? #login_executable = /usr/lib/dovecot/imap-login ? #mail_executable = /usr/lib/dovecot/imap ? #imap_max_line_length = 65536 ? #mail_max_userip_connections = 10 ? #mail_plugin_dir = /usr/lib/dovecot/modules/imap ? #imap_logout_format = bytes=%i/%o ? #imap_capability = ? #imap_idle_notify_interval = 120 ? #imap_id_send = ? #imap_id_log = ? imap_client_workarounds = outlook-idle delay-newmail netscape-eoh tb-extra-mailbox-sep oe6-fetch-no-newmail } protocol pop3 { ? pop3_uidl_format = %08Xu%08Xv } protocol managesieve { } #auth_executable = /usr/lib/dovecot/dovecot-auth #auth_process_size = 256 #auth_cache_size = 0 #auth_cache_ttl = 3600 #auth_cache_negative_ttl = 3600 #auth_realms = #auth_default_realm = #auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@ #auth_username_translation = #auth_username_format = #auth_master_user_separator = #auth_anonymous_username = anonymous auth_verbose = yes auth_debug = yes auth_debug_passwords = yes #auth_worker_max_count = 30 #auth_gssapi_hostname = #auth_krb5_keytab = #auth_use_winbind = no #auth_winbind_helper_path = /usr/bin/ntlm_auth #auth_failure_delay = 2 auth default { ? mechanisms = plain ? passdb pam { ? } ? passdb passwd { ? } ? passdb ldap { ??? args = /etc/dovecot/dovecot-ldap.conf ? } ? userdb passwd { ??? args = /etc/dovecot/dovecot-ldap-userdb.conf ? } ? userdb ldap { ??? args = /etc/dovecot/dovecot-ldap.conf ? } ? user = root ? #user = dovecot-auth??? ? #chroot = ? #count = 1 ? #ssl_require_client_cert = no ? #ssl_username_from_cert = no ? socket listen { ??? client { ????? path = /var/spool/postfix/private/auth ????? mode = 0660 ????? user = postfix ????? group = postfix ??? } ? } ? !include_try /etc/dovecot/auth.d/*.auth } plugin { } # Config files can also be included. deliver doesn't support them currently. #!include /etc/dovecot/conf.d/*.conf # Optional configurations, don't give an error if it's not found: !include_try /etc/dovecot/conf.d/*.conf #!include_try /etc/dovecot/extra.conf I wonder where I did it wrong. I did not set pam authentication. Any help would be appreciated. Thank you ________________________________ From: Timo Sirainen To: Daminto Lie Cc: "dovecot at dovecot.org" Sent: Wednesday, 31 August 2011 4:52 PM Subject: Re: [Dovecot] dovecot imap permission denied On 31.8.2011, at 9.47, Daminto Lie wrote: > Thanks a lot Timo, > > Creating directories for new users is not an issue. It's the permission that makes me headache. The error message you showed said that the user's home directory didn't exist, and the permission problem came only because it didn't exist and Dovecot tried to create it. > I tried the following > > sudo chmod o-r /home/$USER > sudo chmod g+rw /home/$USER > > It did not work until I did chmod 777 /home. Right, because only then did it have enough permissions to create the home dir. > Is it safe to make home directory with permission 777? No. From janfrode at tanso.net Thu Sep 1 10:17:43 2011 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Thu, 1 Sep 2011 09:17:43 +0200 Subject: [Dovecot] lmtp bouncing -- Invalid parameters (in reply to MAIL FROM command) In-Reply-To: <1314790730.1197.10.camel@hurina> References: <20110831110307.GA25350@oc1046828364.ibm.com> <20110831112131.GB25350@oc1046828364.ibm.com> <1314790730.1197.10.camel@hurina> Message-ID: <20110901071743.GA30405@oc1046828364.ibm.com> On Wed, Aug 31, 2011 at 02:38:50PM +0300, Timo Sirainen wrote: > On Wed, 2011-08-31 at 13:21 +0200, Jan-Frode Myklebust wrote: > > mail from:<"a b"@no.no> > > 501 5.5.4 Invalid parameters > > This is fixed in v2.0.14. Wow, you're quick :-) Thanks! -jf From janfrode at tanso.net Thu Sep 1 10:26:39 2011 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Thu, 1 Sep 2011 09:26:39 +0200 Subject: [Dovecot] Crash in director/lmtp-proxy (lmtp_proxy_output_timeout) Message-ID: <20110901072639.GB30405@oc1046828364.ibm.com> FYI, we saw one panic on our director/lmtp-proxy yesterday. It's running dovecot v2.0.13, so it very well might have been fixed already.., but here it is anyway: Aug 31 11:33:31 loadbalancer1 dovecot:: lmtp(4119): Panic: file lmtp-proxy.c: line 370 (lmtp_proxy_output_timeout): assertion failed: (proxy->data_input->eof) Aug 31 11:33:31 loadbalancer1 dovecot:: lmtp(4119): Error: Raw backtrace: /usr/lib64/dovecot/libdovecot.so.0 [0x3aabc3bb70] -> /usr/lib64/dovecot/libdovecot.so.0 [0x3aabc3bbc6] -> /usr/lib64/dovecot/libdovecot.so.0 [0x3aabc3b083] -> dovecot/lmtp [0x406c90] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_handle_timeouts+0xcd) [0x3aabc46a8d] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_handler_run+0x68) [0x3aabc47a48] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_run+0x2d) [0x3aabc466fd] -> /usr/lib64/dovecot/libdovecot.so.0(master_service_run+0x13) [0x3aabc34fe3] -> dovecot/lmtp(main+0x144) [0x404034] -> /lib64/libc.so.6(__libc_start_main+0xf4) [0x32ae81d994] -> dovecot/lmtp [0x403e39] Aug 31 11:33:31 loadbalancer1 dovecot:: master: Error: service(lmtp): child 4119 killed with signal 6 (core dumps disabled) On postfix side at the same time, we saw a few different messages about: postfix/lmtp[5178]:: 849FD1C024: lost connection with loadbalancers.example.com[192.168.42.15] while sending end of data -- message may be sent more than once so I suspect this crash took down all active lmtp-proxyed connections. -jf From r.vicinus at metaways.de Thu Sep 1 11:26:20 2011 From: r.vicinus at metaways.de (Reinhard Vicinus) Date: Thu, 01 Sep 2011 10:26:20 +0200 Subject: [Dovecot] Segmentation fault in dovecot director lmtp service In-Reply-To: <1314121487.10421.1312.camel@hurina> References: <20110817114228.2705AA0D2@mx04.metaways.net> <1314121487.10421.1312.camel@hurina> Message-ID: <4E5F41AC.7070009@metaways.de> Hi, sorry for my late reply. I have run dovecot with your patch for a week and i wasn't able to reproduce the segmentation fault and it also hasn't occurred during normal operation since then. Thanks Reinhard On 23/08/11 19:44, Timo Sirainen wrote: > On Wed, 2011-08-17 at 11:42 +0000, Reinhard Vicinus wrote: >> Hi, >> >> >> the lmtp service of our dovecot director installation quits with a >> segmentation fault if a lot of mails are simultaneously delivered. >> For example if the postfix mailqueue is filled (for whatever reason) >> and postqueue -f is run the lmtp service quits with a segmentation >> fault: > It probably means that the remote LMTP server disconnected the client > for whatever reason. http://hg.dovecot.org/dovecot-2.0/rev/2f988e370a41 > should help. > > -- Reinhard Vicinus Metaways Infosystems GmbH Pickhuben 2, D-20457 Hamburg E-Mail: r.vicinus at metaways.de Web: http://www.metaways.de Tel: +49 (0)40 317031-524 Fax: +49 (0)40 317031-10 Metaways Infosystems GmbH - Sitz: D-22967 Tremsb?ttel Handelsregister: Amtsgericht L?beck HRB 4508 AH Gesch?ftsf?hrung: Hermann Thaele, L?der-H. Thaele From tss at iki.fi Thu Sep 1 12:27:32 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 01 Sep 2011 12:27:32 +0300 Subject: [Dovecot] v2.1.alpha1 released Message-ID: <1314869252.27581.9.camel@hurina> http://dovecot.org/releases/2.1/alpha/dovecot-2.1.alpha1.tar.gz http://dovecot.org/releases/2.1/alpha/dovecot-2.1.alpha1.tar.gz.sig So it's time for the first alpha version of Dovecot v2.1. There are no huge intrusive changes, so I expect v2.1.0 to be released this year (maybe even in a few months?) The biggest changes are related to full text search handling. I'll probably still make some changes to it and its configuration. Also it wouldn't be difficult to add more backends, does anyone want to add Xapian support for Dovecot? :) Mailbox list indexes are intended to improve performance of IMAP STATUS command lookups, since they could be simply looked up from the index without even opening the mailbox. TODO related to this: 1) optimize virtual mailbox handling so that it doesn't need to actually open all of the mailboxes' index files, it can simply look at the mailbox list index for changes. 2) Implement IMAP NOTIFY extension using this. Statistics tracking can be used to look at what's happening currently in your system and also its history. You can look at what's happening in command/session/user/domain/ip level. "doveadm stats top" gives a list of currently running sessions and sorts them by whichever is using the most disk io/cpu/whatever. "doveadm stats dump" followed by one of the levels shows you a raw dump of everything stored in that level. It would be nice if someone wrote a pretty Ajaxy HTML stats browser where you could zoom in/out of levels. I'd also like to hear if anyone has suggestions on how to improve what stats are gathered or how they could be exported. (I've thought about SNMP, but I'm not entirely sure how to export the data nicely using it.) Finally here's the NEWS file: * Plugins now use UTF-8 mailbox names rather than mUTF-7: acl, autocreate, expire, trash, virtual * auth_username_format default changed to %Lu. If you really want case sensitive usernames, set it back to empty. * Solr full text search backend changed to use mailbox GUIDs instead of mailbox names, requiring reindexing everything. solr_old backend can be used with old indexes to avoid reindexing, but it doesn't support some newer features. + imapc (= IMAP client) storage allows using a remote IMAP server to be used as storage. This allows using Dovecot as a smart (caching) proxy or using dsync to do migration from remote IMAP server. + Mailbox indexing via queuing indexer service (required for Lucene) + Lucene full text search (FTS) backend rewritten with support for different languages + FTS finally supports "OR" search operation + FTS supports indexing attachments via external programs + IMAP FUZZY extension, supported by Lucene and Solr FTS backends + Mailbox list indexes + Statistics tracking via stats service. Exported via doveadm stats. + Autocreate plugin creates/subscribes mailboxes physically only when the mailbox is opened for the first time. Mailbox listing shows the autocreated mailboxes even if they don't physically exist. + Password and user databases now support default_fields and override_fields settings to specify template defaults/overrides. - listescape plugin works perfectly now From arne at drlinux.no Thu Sep 1 13:56:12 2011 From: arne at drlinux.no (Arne K. Haaje) Date: Thu, 01 Sep 2011 12:56:12 +0200 Subject: [Dovecot] Password query returned multiple matches Message-ID: <1433050.adJ7uCDQRR@trillian> Wednesday 31. August 2011 11.44.03 skrev Simon Brereton : > > -----Original Message----- > > From: Timo Sirainen [mailto:tss at iki.fi] > > > > On 31.8.2011, at 18.19, Simon Brereton wrote: > > > Aug 30 22:41:45 mail dovecot: auth-worker(default): > > sql(sbrereton at domain.co.uk,64.88.168.84): Password query returned > > multiple matches > > .. > > > > > password_query = SELECT EmailAdd AS user, Password AS password, > > > > concat('/var/spool/mail/virtual/',MailDirLoc) as userdb_home, 999 as > > userdb_uid, 115 as userdb_gid FROM MailAccounts WHERE Username='%u' > > AND active = '1'; > > > > > Since the EmailAdd is unique I don't see how it can return multiple > > > > matches. > > > > You're querying with Username, not with EmailAdd, and apparently > > there are multiple rows where Username='sbrereton at domain.co.uk'. > > Well, what do you know - there are two Usernames that at the same! I have > no idea how that happened. You could change or add the index for Username column to UNIQUE. That will ensure it does not happen again :) Arne -- Arne K. Haaje - Dr Linux http://www.drlinux.no/ ::: arne at drlinux.no LinkedIn: http://no.linkedin.com/pub/arne-haaje/27/189/bb From warden at geneseo.edu Thu Sep 1 14:50:33 2011 From: warden at geneseo.edu (David Warden) Date: Thu, 1 Sep 2011 07:50:33 -0400 Subject: [Dovecot] Kerberos GSSAPI - proper item name in keytab In-Reply-To: <20110831203956.GC30654@obsidianresearch.com> References: <4E5B9682.1040408@yandex.ru> <4E5BE3AE.7080303@inblock.ru> <4E5C7403.6020008@yandex.ru> <4E5E28CA.6020602@yandex.ru> <2332E510-FF66-4DFC-BE29-C85453561FFD@geneseo.edu> <4E5E38B8.7060404@yandex.ru> <4E5E5332.3060006@gmail.com> <20110831203956.GC30654@obsidianresearch.com> Message-ID: <68FC786C-9DF0-46CE-A943-F4B6D0B422FF@geneseo.edu> On Aug 31, 2011, at 4:39 PM, Jason Gunthorpe wrote: > On Wed, Aug 31, 2011 at 09:28:50AM -0600, Trever L. Adams wrote: > >> I have only followed part of this. It the original poster's problem is >> that the LDAP database is not being able to be accessed with an SPN >> ticket, this is because SPNs are not allowed to log in in AD. You need >> to use a user account (including MACHINE$ accounts). It took me forever >> to figure this out. To use this, you need a cron job that creates/renews >> tickets from time to time for the user/machine account. Then you use >> Dovecot's environment setup configuration to set the KRB5_CC (or >> whatever it is called, my head is elsewhere) env variable to that >> Kerberos ticket cache that was created in the cronjob. This cache needs >> to be readable by dovecot and should be owned by its user. > > This all works a 1000% better if you use Samba to join the domain and > create your keytab with the right SPNs. See my prior posts to this > list for a formula. Using the MS kerberos compatability tools is > painful, complicated and tends to make a mess. > > Samba will create a machine UPN and populate the system keytab > appropriately. From a cron job you can use 'kinit -k' to maintain an > active ticket for the machine UPN which dovecot can use for LDAP > operations. > I would agree with that is easier unless/until you are load balancing connections on a single hostname to multiple physical machines. In that scenario you can't add SPNs for the shared hostname to the machine accounts (since SPNs must be unique) and you're still looking at futzing with ktpass. > Jason From stephan at rename-it.nl Thu Sep 1 15:55:14 2011 From: stephan at rename-it.nl (Stephan Bosch) Date: Thu, 01 Sep 2011 14:55:14 +0200 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <1314869252.27581.9.camel@hurina> References: <1314869252.27581.9.camel@hurina> Message-ID: <4E5F80B2.4080105@rename-it.nl> Op 1-9-2011 11:27, Timo Sirainen wrote: > http://dovecot.org/releases/2.1/alpha/dovecot-2.1.alpha1.tar.gz > http://dovecot.org/releases/2.1/alpha/dovecot-2.1.alpha1.tar.gz.sig > > So it's time for the first alpha version of Dovecot v2.1. There are no > huge intrusive changes, so I expect v2.1.0 to be released this year > (maybe even in a few months?) There is no specific Pigeonhole repository for v2.1 yet. However, we did port it to v2.1 and there is a patch available to port Pigeonhole v0.2 to Dovecot v2.1. It is kept up-to-date in its own mq repository: http://hg.rename-it.nl/pigeonhole-0.2-dovecot-2.1-patches/file/tip/pigeonhole-0.2-dovecot-2.1.patch Just apply it to a recent dovecot-2.0-pigeonhole tree and compile it against dovecot-2.1. Regards, Stephan. From klinkov at yandex.ru Thu Sep 1 16:53:36 2011 From: klinkov at yandex.ru (Stanislav Klinkov) Date: Thu, 01 Sep 2011 17:53:36 +0400 Subject: [Dovecot] [Solved] Kerberos GSSAPI - proper item name in keytab In-Reply-To: <4E5B9682.1040408@yandex.ru> References: <4E5B9682.1040408@yandex.ru> Message-ID: <4E5F8E60.9040701@yandex.ru> OK, gentlemen. I have found the source of problem. It appears to be very unexpectedly. My testing stand was deployed on a OpenVZ-bazed virtual machine with Venet interface on board. Here are references to OpenVZ documentation: http://wiki.openvz.org/Virtual_network_device http://wiki.openvz.org/Differences_between_venet_and_veth By design venet interface coressponds to a loopback interface with one or more aliases and very foxy routing rules. For example, in Debian it looks like this: ************** ifconfig output **************** lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:956 errors:0 dropped:0 overruns:0 frame:0 TX packets:956 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:134666 (131.5 KiB) TX bytes:134666 (131.5 KiB) venet0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 UP BROADCAST POINTOPOINT RUNNING NOARP MTU:1500 Metric:1 RX packets:160164 errors:0 dropped:0 overruns:0 frame:0 TX packets:106318 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:155480098 (148.2 MiB) TX bytes:17449831 (16.6 MiB) venet0:0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 inet addr:192.168.9.36 P-t-P:192.168.9.36 Bcast:0.0.0.0 Mask:255.255.255.255 UP BROADCAST POINTOPOINT RUNNING NOARP MTU:1500 Metric:1 ************************************************ In config file it looks like this: *********** /etc/network/interfaces ********* # Auto generated lo interface auto lo iface lo inet loopback # Auto generated venet0 interface auto venet0 iface venet0 inet manual up ifconfig venet0 up up ifconfig venet0 0 up route add default dev venet0 down route del default dev venet0 down ifconfig venet0 down iface venet0 inet6 manual auto venet0:0 iface venet0:0 inet static address 192.168.9.36 netmask 255.255.255.255 ********************************************* For most cases such type of emulation works fine. But this time either krb5 libs, or dovecot, or someone else could not correctly define hostname. So, someone of them (I beleive than krb5 libs) was unable to compare proper IP with the proper stanza in keytab. And neither explicit "listen" nor "auth_gssapi_hostname" directives became helpful. So, I changed equipped emulated interface from "Venet" to more "brute" Veth, and everything flies up. Thank you all very much for such an interesting discussion. I shall describe this situation in my howto's and known issues archive, for others. In other words, my trouble is totally OpenVZ-specific. So, I may pretend to be the first who bumped into it. And then, there is a second question. Can there be a way to continue using this crafty venet interface, but force krb5 libs to look up for desired IP ? Respectfully, Stanislav Klinkov. From frank at moltke28.B.Shuttle.DE Thu Sep 1 16:57:19 2011 From: frank at moltke28.B.Shuttle.DE (Frank Elsner) Date: Thu, 1 Sep 2011 15:57:19 +0200 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <1314869252.27581.9.camel@hurina> References: <1314869252.27581.9.camel@hurina> Message-ID: (auto-added) On Thu, 01 Sep 2011 12:27:32 +0300 Timo Sirainen wrote: > http://dovecot.org/releases/2.1/alpha/dovecot-2.1.alpha1.tar.gz > http://dovecot.org/releases/2.1/alpha/dovecot-2.1.alpha1.tar.gz.sig [ ... ] > + Statistics tracking via stats service. Exported via doveadm stats. My 2.0.13 configuration works perfect with dovecot-2.1.alpha1. What must I add to my configuration to enable the stats service? --Frank Elsner From tss at iki.fi Thu Sep 1 17:05:56 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 1 Sep 2011 17:05:56 +0300 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: (auto-added) References: <1314869252.27581.9.camel@hurina> (auto-added) Message-ID: <2AAA5E22-01A2-4405-922F-CA904F92EB12@iki.fi> On 1.9.2011, at 16.57, Frank Elsner wrote: >> + Statistics tracking via stats service. Exported via doveadm stats. > > My 2.0.13 configuration works perfect with dovecot-2.1.alpha1. > What must I add to my configuration to enable the stats service? mail_plugins = $mail_plugins stats protocol imap { mail_plugins = $mail_plugins imap_stats } plugin { stats_refresh = 10s stats_track_cmds = yes } Then you can use doveadm stats top/dump. From lists at luigirosa.com Thu Sep 1 17:29:07 2011 From: lists at luigirosa.com (Luigi Rosa) Date: Thu, 01 Sep 2011 16:29:07 +0200 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <2AAA5E22-01A2-4405-922F-CA904F92EB12@iki.fi> References: <1314869252.27581.9.camel@hurina> (auto-added) <2AAA5E22-01A2-4405-922F-CA904F92EB12@iki.fi> Message-ID: <4E5F96B3.8090709@luigirosa.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Timo Sirainen said the following on 01/09/11 16:05: > Then you can use doveadm stats top/dump. did what you said, restarted dovecot, run (as root) doveadm stats top and got this in dovecot log: Error: stats: open(/var/run/dovecot//stats-mail) failed: Permission denied And the output of doveadm was simply USER SERVICE %CPU %SYS DISKIN DISKOUT # ls -al /var/run/dovecot/ total 24 drwxr-xr-x 4 root root 4096 Sep 1 16:25 . drwxr-xr-x 22 root root 4096 Sep 1 15:01 .. srw------- 1 root root 0 Sep 1 16:25 anvil srw------- 1 root root 0 Sep 1 16:25 anvil-auth-penalty srw------- 1 root root 0 Sep 1 16:25 auth-client srw------- 1 dovecot root 0 Sep 1 16:25 auth-login srw------- 1 root root 0 Sep 1 16:25 auth-master srw-rw-rw- 1 root root 0 Sep 1 16:25 auth-userdb srw------- 1 dovecot root 0 Sep 1 16:25 auth-worker srw------- 1 root root 0 Sep 1 16:25 config srw------- 1 root root 0 Sep 1 16:25 dict srw------- 1 root root 0 Sep 1 16:25 director-admin srw------- 1 root root 0 Sep 1 16:25 director-userdb srw-rw-rw- 1 root root 0 Sep 1 16:25 dns-client srw------- 1 root root 0 Sep 1 16:25 doveadm-server lrwxrwxrwx 1 root root 25 Sep 1 16:25 dovecot.conf -> /etc/dovecot/dovecot.conf drwxr-xr-x 2 root root 4096 Dec 14 2009 empty srw-rw-rw- 1 root root 0 Sep 1 16:25 indexer srw-rw-rw- 1 root root 0 Sep 1 16:25 indexer-worker srw------- 1 root root 0 Sep 1 16:25 ipc srw-rw-rw- 1 root root 0 Sep 1 16:25 lmtp drwxr-x--- 2 root dovenull 4096 Sep 1 16:25 login - -rw------- 1 root root 6 Sep 1 16:25 master.pid srw------- 1 root root 0 Sep 1 16:25 stats prw------- 1 dovecot dovecot 0 Sep 1 16:25 stats-mail Ciao, luigi - -- / +--[Luigi Rosa]-- \ Zipple grelbnot horbnofg asirvnig fzouple! Or something like that. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk5flq8ACgkQ3kWu7Tfl6ZRQcQCeNbR0bBBf8Ux2pT4doiw912jO a3AAn3UPZu+xTqHXQ9XbCuxDPrrrd2vk =W99h -----END PGP SIGNATURE----- From tss at iki.fi Thu Sep 1 17:33:19 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 1 Sep 2011 17:33:19 +0300 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <4E5F96B3.8090709@luigirosa.com> References: <1314869252.27581.9.camel@hurina> (auto-added) <2AAA5E22-01A2-4405-922F-CA904F92EB12@iki.fi> <4E5F96B3.8090709@luigirosa.com> Message-ID: <5EDA8C12-D80B-48CD-B69A-A9969609617E@iki.fi> On 1.9.2011, at 17.29, Luigi Rosa wrote: >> Then you can use doveadm stats top/dump. > > did what you said, restarted dovecot, run (as root) doveadm stats top and got > this in dovecot log: > > Error: stats: open(/var/run/dovecot//stats-mail) failed: Permission denied Right, you'll also need to figure out proper permissions for this (or simply set mode to 0666): service stats { fifo_listener stats-mail { user = something mode = 0600 } } From stephan at rename-it.nl Thu Sep 1 17:34:09 2011 From: stephan at rename-it.nl (Stephan Bosch) Date: Thu, 01 Sep 2011 16:34:09 +0200 Subject: [Dovecot] v2.1.alpha1 released; automatic Debian repository for Dovecot v2.1 now available In-Reply-To: <1314869252.27581.9.camel@hurina> References: <1314869252.27581.9.camel@hurina> Message-ID: <4E5F97E1.5070308@rename-it.nl> Op 1-9-2011 11:27, Timo Sirainen schreef: > http://dovecot.org/releases/2.1/alpha/dovecot-2.1.alpha1.tar.gz > http://dovecot.org/releases/2.1/alpha/dovecot-2.1.alpha1.tar.gz.sig > > So it's time for the first alpha version of Dovecot v2.1. There are no > huge intrusive changes, so I expect v2.1.0 to be released this year > (maybe even in a few months?) I've started an automatic Debian package builder for Dovecot v2.1. It is now also documented in the wiki: http://wiki2.dovecot.org/PrebuiltBinaries#Automatically_Built_Packages Regards, Stephan. From lists at luigirosa.com Thu Sep 1 17:41:20 2011 From: lists at luigirosa.com (Luigi Rosa) Date: Thu, 01 Sep 2011 16:41:20 +0200 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <5EDA8C12-D80B-48CD-B69A-A9969609617E@iki.fi> References: <1314869252.27581.9.camel@hurina> (auto-added) <2AAA5E22-01A2-4405-922F-CA904F92EB12@iki.fi> <4E5F96B3.8090709@luigirosa.com> <5EDA8C12-D80B-48CD-B69A-A9969609617E@iki.fi> Message-ID: <4E5F9990.6060806@luigirosa.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Timo Sirainen said the following on 01/09/11 16:33: > Right, you'll also need to figure out proper permissions for this (or simply set mode to 0666): > > service stats { > fifo_listener stats-mail { > user = something > mode = 0600 > } > } > Works, thanks! For initial tests, I put 0666 But I got this: Sep 1 16:39:43 mail dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank Sep 1 16:39:51 mail dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank Sep 1 16:40:01 mail dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank Ciao, luigi - -- / +--[Luigi Rosa]-- \ A species that enslaves other beings is hardly superior, mentally or otherwise. --James Kirk, "The Gamesters of Triskelion" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk5fmY0ACgkQ3kWu7Tfl6ZSHwQCeM50dTX6RdKBKUkfCrPJcOdRz Aa8An07wqRjwYdgYsFqL04B1ZcMKWem2 =C3vb -----END PGP SIGNATURE----- From tss at iki.fi Thu Sep 1 17:53:26 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 1 Sep 2011 17:53:26 +0300 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <4E5F9990.6060806@luigirosa.com> References: <1314869252.27581.9.camel@hurina> (auto-added) <2AAA5E22-01A2-4405-922F-CA904F92EB12@iki.fi> <4E5F96B3.8090709@luigirosa.com> <5EDA8C12-D80B-48CD-B69A-A9969609617E@iki.fi> <4E5F9990.6060806@luigirosa.com> Message-ID: <32D56AC3-9213-4459-A231-3C41C1C2C18D@iki.fi> On 1.9.2011, at 17.41, Luigi Rosa wrote: > Sep 1 16:39:43 mail dovecot: stats: Error: Mail server input error: > UPDATE-SESSION: stats shrank Oh.. What OS is this? See what it logs with http://hg.dovecot.org/dovecot-2.1/rev/1c2d8da38a06 From lists at luigirosa.com Thu Sep 1 17:55:34 2011 From: lists at luigirosa.com (Luigi Rosa) Date: Thu, 01 Sep 2011 16:55:34 +0200 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <32D56AC3-9213-4459-A231-3C41C1C2C18D@iki.fi> References: <1314869252.27581.9.camel@hurina> (auto-added) <2AAA5E22-01A2-4405-922F-CA904F92EB12@iki.fi> <4E5F96B3.8090709@luigirosa.com> <5EDA8C12-D80B-48CD-B69A-A9969609617E@iki.fi> <4E5F9990.6060806@luigirosa.com> <32D56AC3-9213-4459-A231-3C41C1C2C18D@iki.fi> Message-ID: <4E5F9CE6.3020805@luigirosa.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Timo Sirainen said the following on 01/09/11 16:53: >> Sep 1 16:39:43 mail dovecot: stats: Error: Mail server input error: >> UPDATE-SESSION: stats shrank > > Oh.. What OS is this? See what it logs with http://hg.dovecot.org/dovecot-2.1/rev/1c2d8da38a06 > Linux mail.hypertrek.info 2.6.18-238.19.1.el5.centos.plus #1 SMP Mon Jul 18 10:05:09 EDT 2011 x86_64 x86_64 x86_64 GNU/Linux Compiled with ./configure --with-mysql --with-ssl=openssl --sysconfdir=/etc --localstatedir=/var I'm leaving and I'll be back this evening. Will do further checks later Ciao, luigi - -- / +--[Luigi Rosa]-- \ You know you've landed gear-up when it takes full power to taxi. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk5fnOIACgkQ3kWu7Tfl6ZQIAwCgt411k13mnhYsMS64P+1YOUmQ hEoAoJA16LYtzlbRn5MOu61f02X9/SuX =CVfU -----END PGP SIGNATURE----- From shopik at inblock.ru Thu Sep 1 18:40:01 2011 From: shopik at inblock.ru (Nikolay Shopik) Date: Thu, 01 Sep 2011 19:40:01 +0400 Subject: [Dovecot] [Solved] Kerberos GSSAPI - proper item name in keytab In-Reply-To: <4E5F8E60.9040701@yandex.ru> References: <4E5B9682.1040408@yandex.ru> <4E5F8E60.9040701@yandex.ru> Message-ID: On 01.09.2011 17:53, Stanislav Klinkov wrote: > Can there be a way to continue using this crafty venet interface, but > force krb5 libs to look up for desired IP ? Thanks for sharing solved problem. But I think this question better to forward to Kerberos mailing list. You probably find more explicit answer there, maybe this is even some kind of bug in krb5 libs :) From dmiller at amfes.com Thu Sep 1 19:48:05 2011 From: dmiller at amfes.com (Daniel L. Miller) Date: Thu, 01 Sep 2011 09:48:05 -0700 Subject: [Dovecot] OT - small hd recommendation In-Reply-To: <4E5E8E5F.4050204@nybeta.com> References: <4E5D5985.6040103@amfes.com> <4E5E8E5F.4050204@nybeta.com> Message-ID: On 8/31/2011 12:41 PM, Thomas Harold wrote: > On 8/30/2011 5:43 PM, Daniel L. Miller wrote: >> A little OT - but I've seen a few opinions voiced here by various admins >> and I'd like to benefit. > > RAID-10 is fine (note that the default mdadm RAID10 isn't actually > RAID10, but it works well enough). RAID-6 won't be faster (and will > probably be worse) although RAID-6 does do a bit better in a > double-drive failure over RAID-10. The only way to get more > performance out of (4) drives is to switch to 10k or 15k SAS (or SSDs). > > [...] > > (Take a look at /dev/disk/by-id, /dev/disk/by-uuid, etc. Export a copy > of that information on a daily/weekly basis off of the machine. In a > software RAID environment, it gives you better information about which > drive serial # failed rather then relying on lights.) > > Our mail server is 3-way RAID1 (triple mirror) for the OS and mail > queue with a 5-disk RAID-10 (4+spare) for mail storage. Given my extensive requirements - I haven't yet filled my existing 320GB - size isn't a big deal. Am I actually deriving much benefit from 4-disk RAID10 using 160GB discs - vs a 2-4 disc 1TB RAID1 array? -- Daniel From lampacz at gmail.com Thu Sep 1 21:34:40 2011 From: lampacz at gmail.com (Lampa) Date: Thu, 1 Sep 2011 20:34:40 +0200 Subject: [Dovecot] sieve vacation problem (discarding) Message-ID: Hello, i'm using 1.2.15 version on debian. I'm getting "discarding vacation response for message implicitly delivered to " I have domain domain.com which has alias do-main.com. When sending email to main domain (domain.com) seems to be ok, but for aliased domain getting discard ;( I tried "scary things" from http://www.dovecot.org/list/dovecot/2009-August/042360.html require ["vacation", "variables", "envelope"]; if envelope :matches "to" "*" { set "envto" "${1}"; vacation :days 1 :addresses ["${envto}"] :subject "Out of order..." "Body message"; } Is implemented :addresses ["*"] in later 1.2 version ? Where is problem? What i must to do to get this thing working ? Upgrading to version 2.x isn't solution for me now. Thank you for advices and help. -- Lampa From frank at moltke28.B.Shuttle.DE Thu Sep 1 22:09:55 2011 From: frank at moltke28.B.Shuttle.DE (Frank Elsner) Date: Thu, 1 Sep 2011 21:09:55 +0200 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <2AAA5E22-01A2-4405-922F-CA904F92EB12@iki.fi> References: <1314869252.27581.9.camel@hurina> <2AAA5E22-01A2-4405-922F-CA904F92EB12@iki.fi> Message-ID: On Thu, 1 Sep 2011 17:05:56 +0300 Timo Sirainen wrote: > On 1.9.2011, at 16.57, Frank Elsner wrote: > > >> + Statistics tracking via stats service. Exported via doveadm stats. > > > > My 2.0.13 configuration works perfect with dovecot-2.1.alpha1. > > What must I add to my configuration to enable the stats service? > > mail_plugins = $mail_plugins stats > protocol imap { > mail_plugins = $mail_plugins imap_stats > } > plugin { > stats_refresh = 10s > stats_track_cmds = yes > } > > Then you can use doveadm stats top/dump. Ok, works. But when I stop dovecot I get Sep 1 17:08:17 seymour dovecot: master: Warning: Killed with signal 15 (by pid=7896 uid=0 code=kill) Sep 1 17:08:17 seymour dovecot: anvil: Panic: file master-service.c: line 584 (master_service_client_connection_de stroyed): assertion failed: (service->total_available_count > 0) Sep 1 17:08:17 seymour dovecot: auth: Error: read(anvil-auth-penalty) failed: EOF Sep 1 17:08:17 seymour dovecot: auth: Error: net_connect_unix(anvil-auth-penalty) failed: Permission denied --Frank Elsner From kwebb at teradactyl.com Thu Sep 1 22:22:28 2011 From: kwebb at teradactyl.com (Kristen J. Webb) Date: Thu, 01 Sep 2011 13:22:28 -0600 Subject: [Dovecot] thunderbird and subscriptions with sieve In-Reply-To: References: <4E5E9E36.8020904@teradactyl.com> Message-ID: <4E5FDB74.3020002@teradactyl.com> Hi All, Thanks for all the responses! While I like the idea of moving to dovecot 2.x for new features, it is not part of the ubuntu packages, so I'm going to wait. In the end, I found deliver -s in postfix master.cf did the trick. Still the problem with thunderbird not seeing the new folder until restart, but hey, mail client independence is what I'm after anyway ;) Kris On 8/31/11 7:32 PM, Timo Sirainen wrote: > On 31.8.2011, at 23.48, Kristen J. Webb wrote: > >> Is there any way to automatically add folders created by sieve >> (GNU Mailutils 2.1) to the subscriptions file for a user? > > You mean you're using Mailutils Sieve, not Dovecot Sieve? The only reasonable solution I can think of is: > > Mailutils Sieve would have to subscribe to newly created folders itself, maybe by patching it or if it supports running some script then doing it that way. With Dovecot v2.0 it could run "doveadm mailbox subscribe $folder", but with v1.2 you'd have to write your own script. > > Any other solution would basically require always subscribing to all folders, which kind of defeats their whole purpose. > > -- Mr. Kristen J. Webb Teradactyl LLC. PHONE: 1-505-242-1091 EMAIL: kwebb at teradactyl.com VISIT: http://www.teradactyl.com Home of the True incremental Backup System From gfinch at ldmltd.ca Thu Sep 1 23:33:57 2011 From: gfinch at ldmltd.ca (Gregory Finch) Date: Thu, 01 Sep 2011 13:33:57 -0700 Subject: [Dovecot] thunderbird and subscriptions with sieve In-Reply-To: <4E5FDB74.3020002@teradactyl.com> References: <4E5E9E36.8020904@teradactyl.com> <4E5FDB74.3020002@teradactyl.com> Message-ID: <4E5FEC35.9080805@ldmltd.ca> The only time I've seen thunderbird issue a LIST or LSUB command is on startup, or when you open the "Subscribe..." dialog. I believe with the IMAP protocol that is only way to find out about new and newly subscribed folders (I'm not an IMAP guru though...), so with thunderbird, that is by design. -Greg On 2011-09-01 12:22 PM, Kristen J. Webb wrote: > Hi All, > > Thanks for all the responses! While I like the idea > of moving to dovecot 2.x for new features, it is > not part of the ubuntu packages, so I'm going to > wait. In the end, I found deliver -s in postfix master.cf > did the trick. Still the problem with thunderbird not seeing > the new folder until restart, but hey, mail client independence > is what I'm after anyway ;) > > Kris > > On 8/31/11 7:32 PM, Timo Sirainen wrote: >> On 31.8.2011, at 23.48, Kristen J. Webb wrote: >> >>> Is there any way to automatically add folders created by sieve >>> (GNU Mailutils 2.1) to the subscriptions file for a user? >> >> You mean you're using Mailutils Sieve, not Dovecot Sieve? The only >> reasonable solution I can think of is: >> >> Mailutils Sieve would have to subscribe to newly created folders >> itself, maybe by patching it or if it supports running some script >> then doing it that way. With Dovecot v2.0 it could run "doveadm >> mailbox subscribe $folder", but with v1.2 you'd have to write your >> own script. >> >> Any other solution would basically require always subscribing to all >> folders, which kind of defeats their whole purpose. >> >> > -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 260 bytes Desc: OpenPGP digital signature URL: From thomas-lists at nybeta.com Fri Sep 2 03:23:45 2011 From: thomas-lists at nybeta.com (Thomas Harold) Date: Thu, 01 Sep 2011 20:23:45 -0400 Subject: [Dovecot] OT - small hd recommendation In-Reply-To: References: <4E5D5985.6040103@amfes.com> <4E5E8E5F.4050204@nybeta.com> Message-ID: <4E602211.2010800@nybeta.com> On 9/1/2011 12:48 PM, Daniel L. Miller wrote: > > Given my extensive requirements - I haven't yet filled my existing 320GB > - size isn't a big deal. Am I actually deriving much benefit from 4-disk > RAID10 using 160GB discs - vs a 2-4 disc 1TB RAID1 array? > A pair of RAID-1 mirrors: - easy to deal with - you can attempt to manually balance load between the two arrays (storage on one pair, indexes and mail queue on other pair) - disks can be pulled and taken to another machine and read one by one - slightly harder to screw up (but both setups die if the wrong 2 disks fail) RAID-10 over 4 disks: - generally faster seeks - generally faster read/write speeds due to striping - generally the better choice for performance - a bit harder to bury the disks vs a pair of mirrors - lets you have a bigger partition - all the eggs in a single array If you're having performance problems on the existing RAID-10, your only real choices are to throw more spindles at it (move to a 6 or 8 disk RAID-10 w/ a hot-spare disk), throw faster spindles at it (10k/15k SAS), or move to SSD. So, if you think you can manually balance the needs of the system, you could try a pair of independent mirrors. But if you want less hassle, stick with the RAID-10. (And look into a tool like "atop" which can be run in the terminal and does a decent job of showing you whether the CPU/DISK is overly busy.) From thomas-lists at nybeta.com Fri Sep 2 03:30:14 2011 From: thomas-lists at nybeta.com (Thomas Harold) Date: Thu, 01 Sep 2011 20:30:14 -0400 Subject: [Dovecot] sieve vacation problem (discarding) In-Reply-To: References: Message-ID: <4E602396.6080508@nybeta.com> On 9/1/2011 2:34 PM, Lampa wrote: > Hello, > > i'm using 1.2.15 version on debian. > > I'm getting "discarding vacation response for message implicitly > delivered to" > > I have domain domain.com which has alias do-main.com. > > When sending email to main domain (domain.com) seems to be ok, but for > aliased domain getting discard ;( > On our older Dovecot v1 installation, we use the :addresses tag and just put the addresses in (with all the variations). Which may not be as clever as you wanted due to manually listing the recipient addresses, but seems to work for us. require ["vacation"]; vacation :days 1 :subject "Out of office reply" :addresses ["user at example.com", "user at example.net", "user at example.org"] " Body text "; From dyd281 at gmail.com Fri Sep 2 05:34:29 2011 From: dyd281 at gmail.com (Dong Ding) Date: Fri, 2 Sep 2011 10:34:29 +0800 Subject: [Dovecot] Can't got mail by OUTLOOK for a half million mails account Message-ID: Hi, I used postfix always_bcc to backup mail. And up to now the backup account has half million mails in cur/, when I first time tried to receive the mail by outlook, it failed , no responds. Does any one has some good idea to deal with this problem? Thanks From dlie76 at yahoo.com.au Fri Sep 2 07:54:13 2011 From: dlie76 at yahoo.com.au (Daminto Lie) Date: Thu, 1 Sep 2011 21:54:13 -0700 (PDT) Subject: [Dovecot] dovecot imap permission denied In-Reply-To: <1314857277.11811.YahooMailNeo@web113409.mail.gq1.yahoo.com> References: <1314763772.49414.YahooMailNeo@web113404.mail.gq1.yahoo.com> <1314766974.8787.26.camel@hurina> <1314773266.74037.YahooMailNeo@web113409.mail.gq1.yahoo.com> <69D3650A-1B43-42C7-8FBD-C921F80C5D5F@iki.fi> <1314857277.11811.YahooMailNeo@web113409.mail.gq1.yahoo.com> Message-ID: <1314939253.9918.YahooMailNeo@web113413.mail.gq1.yahoo.com> Hi again, I tried it again. This time, I could manage to get rid of the pam_authentication issue (see below). But I still get the invalid credential. I do not understand because based on the article I found at http:// wiki.dovecot.org/AuthDatabase/LDAP/AuthBinds, it does not authenticate by the use of password, unless I miss out on something. It's really frustrating because I feel like I'm that close but not quite there yet. Sep? 2 14:32:01 server1 dovecot: auth(default): client in: AUTH#0111#011PLAIN#011service=imap#011secured#011lip=127.0.0.1#011rip=127.0.0.1#011lport=143#011rport=54128#011resp=AG1pa2VfbGVlAGRsaWUzMjA1 Sep? 2 14:32:01 server1 dovecot: auth(default): ldap(mike_lee,127.0.0.1): invalid credentials (given password: secrets) Sep? 2 14:32:01 server1 dovecot: auth(default): new auth connection: pid=4380 Sep? 2 14:32:03 server1 dovecot: auth(default): client out: FAIL#0111#011user=mike_lee Sep? 2 14:32:08 server1 dovecot: imap-login: Aborted login (auth failed, 1 attempts): user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured Any help is greatly appreciated. Thanks ________________________________ From: Daminto Lie To: Timo Sirainen Cc: "dovecot at dovecot.org" Sent: Thursday, 1 September 2011 4:07 PM Subject: Re: [Dovecot] dovecot imap permission denied Thanks Timo for your reply. It now works fine with Passdb LDAP with password lookups. Users can now login with no problem.? However, when trying to do LDAP authentication with Authentication binds, I received the following errors from mail.log Sep? 1 15:34:22 server1 dovecot: auth(default): client in: AUTH#0111#011PLAIN#011service=imap#011secured#011lip=127.0.0.1#011rip=127.0.0.1#011lport=143#011rport=34719#011resp=AG1pa2VfbGVlAGRsaWUzMjA1 Sep? 1 15:34:22 server1 dovecot: auth-worker(default): pam(mike_lee,127.0.0.1): lookup service=dovecot Sep? 1 15:34:22 server1 dovecot: auth-worker(default): pam(mike_lee,127.0.0.1): #1/1 style=1 msg=Password: Sep? 1 15:34:22 server1 dovecot: auth(default): new auth connection: pid=1947 Sep? 1 15:34:24 server1 dovecot: auth-worker(default): pam(mike_lee,127.0.0.1): pam_authenticate() failed: Authentication failure (password mismatch?) (given password: secrets) Sep? 1 15:34:24 server1 dovecot: auth(default): passwd(mike_lee,127.0.0.1): lookup Sep? 1 15:34:24 server1 dovecot: auth(default): passwd(mike_lee,127.0.0.1): unknown user Sep? 1 15:34:24 server1 dovecot: auth(default): ldap(mike_lee,127.0.0.1): invalid credentials (given password: secrets) Sep? 1 15:34:26 server1 dovecot: auth(default): client out: FAIL#0111#011user=mike_lee Sep? 1 15:34:31 server1 dovecot: imap-login: Aborted login (auth failed, 1 attempts): user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured I do not understand why I am getting pam() authentication issue when I deliberately chose not to use it. The following is the setting I have in dovecot-ldap.conf hosts = localhost #uris = dn = uid=dovecot,ou=accounts,dc=companyexample,dc=com,dc=au dnpass = helloworld #sasl_bind = no #sasl_mech = #sasl_realm = #sasl_authz_id = #tls = no #tls_ca_cert_file = #tls_ca_cert_dir = #tls_cert_file = #tls_key_file = #tls_cipher_suite = #tls_require_cert = #ldaprc_path = #debug_level = 0 auth_bind = yes auth_bind_userdn = cn=%u,ou=accounts,dc=companyexample,dc=com,dc=au ldap_version = 3 base = ou=accounts,dc=companyexample,dc=com,dc=au deref = never scope = subtree user_attrs = homeDirectory=home user_filter = (&(objectClass=posixAccount)(uid=%u)) #pass_attrs = uid=user,userPassword=password pass_filter = (&(objectClass=posixAccount)(uid=%u)) default_pass_scheme = PLAIN This is what I have in dovecot.conf base_dir = /var/run/dovecot protocols = imap ?? protocol imap { ???? listen = *:143 ?? } #?? protocol pop3 { #???? listen = *:10100 #???? .. #?? } #?? protocol managesieve { #???? listen = *:12000 #???? .. #?? } #listen = * disable_plaintext_auth = no log_timestamp = "%Y-%m-%d %H:%M:%S " #ssl_listen = ssl = no #ssl_cert_file = /etc/ssl/certs/dovecot.pem #ssl_key_file = /etc/ssl/private/dovecot.pem #ssl_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem #ssl_key_file = /etc/ssl/private/ssl-cert-snakeoil.key #ssl_key_password = #ssl_ca_file = #ssl_verify_client_cert = no #ssl_cert_username_field = commonName #ssl_parameters_regenerate = 168 #ssl_cipher_list = ALL:!LOW:!SSLv2 #verbose_ssl = no login_dir = /var/run/dovecot/login login_chroot = yes login_user = dovecot #login_process_size = 64 #login_process_per_connection = yes #login_processes_count = 3 #login_max_processes_count = 128 #login_max_connections = 256 #login_greeting = Dovecot ready. #login_trusted_networks = #login_log_format_elements = user=<%u> method=%m rip=%r lip=%l %c #login_log_format = %$: %s mail_location = maildir:/home/%u/Maildir mail_uid = 3000 mail_gid = 8 mail_privileged_group = mail #mail_access_groups = #mail_full_filesystem_access = no #mail_debug = no #mail_log_max_lines_per_sec = 10 #mmap_disable = no #dotlock_use_excl = yes #fsync_disable = no #mail_nfs_index = no #lock_method = fcntl #mail_drop_priv_before_exec = no verbose_proctitle = yes first_valid_uid = 3000 last_valid_uid = 3000 first_valid_gid = 8 last_valid_gid = 8 #max_mail_processes = 512 #mail_process_size = 256 #mail_max_keyword_length = 50 #valid_chroot_dirs = #mail_chroot = #mail_cache_min_mail_count = 0 #mailbox_idle_check_interval = 30 mail_save_crlf = no #maildir_stat_dirs = no maildir_copy_with_hardlinks = yes #maildir_copy_preserve_filename = no #maildir_very_dirty_syncs = no protocol imap { ? #login_executable = /usr/lib/dovecot/imap-login ? #mail_executable = /usr/lib/dovecot/imap ? #imap_max_line_length = 65536 ? #mail_max_userip_connections = 10 ? #mail_plugin_dir = /usr/lib/dovecot/modules/imap ? #imap_logout_format = bytes=%i/%o ? #imap_capability = ? #imap_idle_notify_interval = 120 ? #imap_id_send = ? #imap_id_log = ? imap_client_workarounds = outlook-idle delay-newmail netscape-eoh tb-extra-mailbox-sep oe6-fetch-no-newmail } protocol pop3 { ? pop3_uidl_format = %08Xu%08Xv } protocol managesieve { } #auth_executable = /usr/lib/dovecot/dovecot-auth #auth_process_size = 256 #auth_cache_size = 0 #auth_cache_ttl = 3600 #auth_cache_negative_ttl = 3600 #auth_realms = #auth_default_realm = #auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@ #auth_username_translation = #auth_username_format = #auth_master_user_separator = #auth_anonymous_username = anonymous auth_verbose = yes auth_debug = yes auth_debug_passwords = yes #auth_worker_max_count = 30 #auth_gssapi_hostname = #auth_krb5_keytab = #auth_use_winbind = no #auth_winbind_helper_path = /usr/bin/ntlm_auth #auth_failure_delay = 2 auth default { ? mechanisms = plain ? passdb pam { ? } ? passdb passwd { ? } ? passdb ldap { ??? args = /etc/dovecot/dovecot-ldap.conf ? } ? userdb passwd { ??? args = /etc/dovecot/dovecot-ldap-userdb.conf ? } ? userdb ldap { ??? args = /etc/dovecot/dovecot-ldap.conf ? } ? user = root ? #user = dovecot-auth??? ? #chroot = ? #count = 1 ? #ssl_require_client_cert = no ? #ssl_username_from_cert = no ? socket listen { ??? client { ????? path = /var/spool/postfix/private/auth ????? mode = 0660 ????? user = postfix ????? group = postfix ??? } ? } ? !include_try /etc/dovecot/auth.d/*.auth } plugin { } # Config files can also be included. deliver doesn't support them currently. #!include /etc/dovecot/conf.d/*.conf # Optional configurations, don't give an error if it's not found: !include_try /etc/dovecot/conf.d/*.conf #!include_try /etc/dovecot/extra.conf I wonder where I did it wrong. I did not set pam authentication. Any help would be appreciated. Thank you ________________________________ From: Timo Sirainen To: Daminto Lie Cc: "dovecot at dovecot.org" Sent: Wednesday, 31 August 2011 4:52 PM Subject: Re: [Dovecot] dovecot imap permission denied On 31.8.2011, at 9.47, Daminto Lie wrote: > Thanks a lot Timo, > > Creating directories for new users is not an issue. It's the permission that makes me headache. The error message you showed said that the user's home directory didn't exist, and the permission problem came only because it didn't exist and Dovecot tried to create it. > I tried the following > > sudo chmod o-r /home/$USER > sudo chmod g+rw /home/$USER > > It did not work until I did chmod 777 /home. Right, because only then did it have enough permissions to create the home dir. > Is it safe to make home directory with permission 777? No. From stsiol at yahoo.co.uk Fri Sep 2 08:55:26 2011 From: stsiol at yahoo.co.uk (Spyros Tsiolis) Date: Fri, 2 Sep 2011 06:55:26 +0100 (BST) Subject: [Dovecot] OT - small hd recommendation In-Reply-To: <4E602211.2010800@nybeta.com> References: <4E5D5985.6040103@amfes.com> <4E5E8E5F.4050204@nybeta.com> <4E602211.2010800@nybeta.com> Message-ID: <1314942926.69208.YahooMailNeo@web27208.mail.ukl.yahoo.com> Ditto, Don't know anything on RAID 10 with four disks, but I agree with the two-disk scenario. s. ? ---- "I merely function as a channel that filters music through the chaos of noise" - Vangelis ________________________________ From: Thomas Harold To: dovecot at dovecot.org Sent: Friday, 2 September 2011, 3:23 Subject: Re: [Dovecot] OT - small hd recommendation On 9/1/2011 12:48 PM, Daniel L. Miller wrote: > > Given my extensive requirements - I haven't yet filled my existing 320GB > - size isn't a big deal. Am I actually deriving much benefit from 4-disk > RAID10 using 160GB discs - vs a 2-4 disc 1TB RAID1 array? > A pair of RAID-1 mirrors: - easy to deal with - you can attempt to manually balance load between the two arrays (storage on one pair, indexes and mail queue on other pair) - disks can be pulled and taken to another machine and read one by one - slightly harder to screw up (but both setups die if the wrong 2 disks fail) RAID-10 over 4 disks: - generally faster seeks - generally faster read/write speeds due to striping - generally the better choice for performance - a bit harder to bury the disks vs a pair of mirrors - lets you have a bigger partition - all the eggs in a single array If you're having performance problems on the existing RAID-10, your only real choices are to throw more spindles at it (move to a 6 or 8 disk RAID-10 w/ a hot-spare disk), throw faster spindles at it (10k/15k SAS), or move to SSD. So, if you think you can manually balance the needs of the system, you could try a pair of independent mirrors.? But if you want less hassle, stick with the RAID-10. (And look into a tool like "atop" which can be run in the terminal and does a decent job of showing you whether the CPU/DISK is overly busy.) From robert at schetterer.org Fri Sep 2 10:04:07 2011 From: robert at schetterer.org (Robert Schetterer) Date: Fri, 02 Sep 2011 09:04:07 +0200 Subject: [Dovecot] thunderbird and subscriptions with sieve In-Reply-To: <4E5FDB74.3020002@teradactyl.com> References: <4E5E9E36.8020904@teradactyl.com> <4E5FDB74.3020002@teradactyl.com> Message-ID: <4E607FE7.8030103@schetterer.org> Am 01.09.2011 21:22, schrieb Kristen J. Webb: > Hi All, > > Thanks for all the responses! While I like the idea > of moving to dovecot 2.x for new features, it is > not part of the ubuntu packages, search list archive, there are ubuntu packs dove 2.x out there in some repositories i i.e recompile stuff from here http://xi.rename-it.nl/debian/ on lucid works like charme so I'm going to > wait. In the end, I found deliver -s in postfix master.cf > did the trick. Still the problem with thunderbird not seeing > the new folder until restart, but hey, mail client independence > is what I'm after anyway ;) > > Kris > > On 8/31/11 7:32 PM, Timo Sirainen wrote: >> On 31.8.2011, at 23.48, Kristen J. Webb wrote: >> >>> Is there any way to automatically add folders created by sieve >>> (GNU Mailutils 2.1) to the subscriptions file for a user? >> >> You mean you're using Mailutils Sieve, not Dovecot Sieve? The only >> reasonable solution I can think of is: >> >> Mailutils Sieve would have to subscribe to newly created folders >> itself, maybe by patching it or if it supports running some script >> then doing it that way. With Dovecot v2.0 it could run "doveadm >> mailbox subscribe $folder", but with v1.2 you'd have to write your own >> script. >> >> Any other solution would basically require always subscribing to all >> folders, which kind of defeats their whole purpose. >> >> > -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria From kerem.erciyes at gmail.com Fri Sep 2 10:17:29 2011 From: kerem.erciyes at gmail.com (Kerem Erciyes) Date: Fri, 2 Sep 2011 10:17:29 +0300 Subject: [Dovecot] OT - small hd recommendation In-Reply-To: <1314942926.69208.YahooMailNeo@web27208.mail.ukl.yahoo.com> References: <4E5D5985.6040103@amfes.com> <4E5E8E5F.4050204@nybeta.com> <4E602211.2010800@nybeta.com> <1314942926.69208.YahooMailNeo@web27208.mail.ukl.yahoo.com> Message-ID: Hi, At least, rather than Seagate AS series or some "green" series try using Seagate ST.SV series SATA HDDs, the 10$ difference is woth it. They are certified for 7/24 operation and will not fail on you as quickly. And they perform a little bit faster. Regards, Kerem On Fri, Sep 2, 2011 at 8:55 AM, Spyros Tsiolis wrote: > Ditto, > > Don't know anything on RAID 10 with four disks, but I agree with the two-disk scenario. > > s. > > > > ---- > "I merely function as a channel that filters > music through the chaos of noise" > - Vangelis > > > ________________________________ > From: Thomas Harold > To: dovecot at dovecot.org > Sent: Friday, 2 September 2011, 3:23 > Subject: Re: [Dovecot] OT - small hd recommendation > > On 9/1/2011 12:48 PM, Daniel L. Miller wrote: >> >> Given my extensive requirements - I haven't yet filled my existing 320GB >> - size isn't a big deal. Am I actually deriving much benefit from 4-disk >> RAID10 using 160GB discs - vs a 2-4 disc 1TB RAID1 array? >> > > A pair of RAID-1 mirrors: > > - easy to deal with > - you can attempt to manually balance load between the two arrays (storage on one pair, indexes and mail queue on other pair) > - disks can be pulled and taken to another machine and read one by one > - slightly harder to screw up (but both setups die if the wrong 2 disks fail) > > RAID-10 over 4 disks: > > - generally faster seeks > - generally faster read/write speeds due to striping > - generally the better choice for performance > - a bit harder to bury the disks vs a pair of mirrors > - lets you have a bigger partition > - all the eggs in a single array > > If you're having performance problems on the existing RAID-10, your only real choices are to throw more spindles at it (move to a 6 or 8 disk RAID-10 w/ a hot-spare disk), throw faster spindles at it (10k/15k SAS), or move to SSD. > > So, if you think you can manually balance the needs of the system, you could try a pair of independent mirrors.? But if you want less hassle, stick with the RAID-10. > > (And look into a tool like "atop" which can be run in the terminal and does a decent job of showing you whether the CPU/DISK is overly busy.) -- Kerem Erciyes - Sistem Danismani http://keremerciyes.com From centos.admin at gmail.com Fri Sep 2 11:55:16 2011 From: centos.admin at gmail.com (Emmanuel Noobadmin) Date: Fri, 2 Sep 2011 16:55:16 +0800 Subject: [Dovecot] OT - small hd recommendation In-Reply-To: References: Message-ID: On 8/31/11, Daniel L. Miller wrote: > I'm seeing some warnings & errors in my logs & dmesg - and Google tells > me this can the result of several factors, including the hard drives. I > haven't seen any SMART warnings as yet - but I am getting a little > nervous and thinking about upgrading the storage. Possible to post some of those error messages? > As part of the potential upgrade, I'm considering changing to RAID6 - > seems a bit more efficient use of space. I see no reason for SSD - I It might be more efficient but you'll take a 3x IOPS penalty for writes vs RAID 1/10. Depending on your exact workload, it is most likely going to be a bad idea since you mention that you don't actually need more space. > think a set of reasonable 7200rpm drives should be just fine. What I > don't know is, compared to my current 4 drive RAID10 with SATA 1.5, > would even a single SATA 3 drive be comparable in terms of seek > performance? Should I stick with the RAID-10? Seek performance is largely a matter of I/O latency, SATA 3 only gives you more bandwidth to play with. A SATA 3 4200RPM HDD will seek slower than a SATA 1 7200RPM HDD. For random I/O, more spindles/drives are usually the way to deal with it, like others suggested, splitting your drives into RAID 1 nodes and balancing different workloads on each node is probably your best bet if you don't mind doing it manually. From lists at luigirosa.com Fri Sep 2 12:05:10 2011 From: lists at luigirosa.com (Luigi Rosa) Date: Fri, 02 Sep 2011 11:05:10 +0200 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <32D56AC3-9213-4459-A231-3C41C1C2C18D@iki.fi> References: <1314869252.27581.9.camel@hurina> (auto-added) <2AAA5E22-01A2-4405-922F-CA904F92EB12@iki.fi> <4E5F96B3.8090709@luigirosa.com> <5EDA8C12-D80B-48CD-B69A-A9969609617E@iki.fi> <4E5F9990.6060806@luigirosa.com> <32D56AC3-9213-4459-A231-3C41C1C2C18D@iki.fi> Message-ID: <4E609C46.9010306@luigirosa.com> Timo Sirainen said the following on 01/09/11 16:53: >> Sep 1 16:39:43 mail dovecot: stats: Error: Mail server input error: >> UPDATE-SESSION: stats shrank > Oh.. What OS is this? See what it logs with http://hg.dovecot.org/dovecot-2.1/rev/1c2d8da38a06 Sorry for the delay... Sep 2 11:03:11 mail dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: ucpu 0.5999 < 0.9000 Sep 2 11:03:21 mail dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: ucpu 0.5999 < 0.9000 Sep 2 11:03:42 mail dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: ucpu 0.9998 < 0.15997 Sep 2 11:03:42 mail dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: ucpu 0.3999 < 0.8997 Sep 2 11:03:43 mail dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: ucpu 0.1999 < 0.3999 Sep 2 11:03:45 mail dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: ucpu 0.6998 < 0.6999 Sep 2 11:03:52 mail dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: ucpu 0.3999 < 0.8997 Sep 2 11:03:54 mail dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: ucpu 0.10998 < 0.18997 Sep 2 11:03:54 mail dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: ucpu 0.5999 < 0.10000 Sep 2 11:03:55 mail dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: ucpu 0.6998 < 0.6999 Ciao, luigi -- / +--[Luigi Rosa]-- \ I don't think we have the right or the wisdom to interfere, however a planet is evolving. --James Kirk, "The Omega Glory" From lists at luigirosa.com Fri Sep 2 12:46:25 2011 From: lists at luigirosa.com (Luigi Rosa) Date: Fri, 02 Sep 2011 11:46:25 +0200 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <32D56AC3-9213-4459-A231-3C41C1C2C18D@iki.fi> References: <1314869252.27581.9.camel@hurina> (auto-added) <2AAA5E22-01A2-4405-922F-CA904F92EB12@iki.fi> <4E5F96B3.8090709@luigirosa.com> <5EDA8C12-D80B-48CD-B69A-A9969609617E@iki.fi> <4E5F9990.6060806@luigirosa.com> <32D56AC3-9213-4459-A231-3C41C1C2C18D@iki.fi> Message-ID: <4E60A5F1.8000401@luigirosa.com> Timo Sirainen said the following on 01/09/11 16:53: > Oh.. What OS is this? See what it logs with http://hg.dovecot.org/dovecot-2.1/rev/1c2d8da38a06 Between a lot of ucpu events logged there are some like: Sep 2 11:41:52 mail dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: minflt 787 < 790 Sep 2 11:42:02 mail dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: minflt 787 < 790 Sep 2 11:43:42 mail dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: diskout 140735698723992 < 167507184 Sep 2 11:43:52 mail dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: diskout 140735698723992 < 167507184 Ciao, luigi -- / +--[Luigi Rosa]-- \ A beer delayed is a beer denied. From tlx at leuxner.net Fri Sep 2 13:21:33 2011 From: tlx at leuxner.net (Thomas Leuxner) Date: Fri, 2 Sep 2011 12:21:33 +0200 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <1314869252.27581.9.camel@hurina> References: <1314869252.27581.9.camel@hurina> Message-ID: <20110902102133.GA6623@nihlus.leuxner.net> Hi, any idea why STARTTLS would not work after replacing 2.0.14 with the alpha? When STARTTLS is not requested by the client it can connect. Config is unaltered working 2.0.14 one. Regards Thomas -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: Digital signature URL: From dovecot.user at seibercom.net Fri Sep 2 13:43:33 2011 From: dovecot.user at seibercom.net (Jerry) Date: Fri, 2 Sep 2011 06:43:33 -0400 Subject: [Dovecot] Can't got mail by OUTLOOK for a half million mails account In-Reply-To: References: Message-ID: <20110902064333.728fb20e@scorpio> On Fri, 2 Sep 2011 10:34:29 +0800 Dong Ding articulated: > Hi, > > I used postfix always_bcc to backup mail. And up to now the backup > account has half million mails in cur/, when I first time tried to > receive the mail by outlook, it failed , no responds. > > Does any one has some good idea to deal with this problem? You have got to supply some info. The output of "dovecot -n", "postfix -n" and any log files created would be a good start. In addition, the output from "Outlook" would be invaluable. Specifying the versions of all the applications involved would be a plus also. No one here has a crystal ball, or at least I don't. -- Jerry ? Dovecot.user at seibercom.net Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __________________________________________________________________ According to all the latest reports, there was no truth in any of the earlier reports. From klinkov at yandex.ru Fri Sep 2 14:26:10 2011 From: klinkov at yandex.ru (Stanislav Klinkov) Date: Fri, 02 Sep 2011 15:26:10 +0400 Subject: [Dovecot] [Solved] Kerberos GSSAPI - proper item name in keytab In-Reply-To: References: <4E5B9682.1040408@yandex.ru> <4E5F8E60.9040701@yandex.ru> Message-ID: <4E60BD52.7090706@yandex.ru> > Thanks for sharing solved problem. Thanks for participation too. > But I think this question better to forward to Kerberos mailing list. Unfortunately, I have difficulties with making a competent wording of my question. Source codes of KRB5 libs explode my brain. I cant understand them deeply and find the exact function that is directly dependent on network configuration. So, if someone would give me a hint, I'll try to continue my "investigation" to get to the truth. :) From gfinch at ldmltd.ca Fri Sep 2 18:01:25 2011 From: gfinch at ldmltd.ca (Gregory Finch) Date: Fri, 02 Sep 2011 08:01:25 -0700 Subject: [Dovecot] Can't got mail by OUTLOOK for a half million mails account In-Reply-To: References: Message-ID: <4E60EFC5.7050103@ldmltd.ca> Depending on Outlook pst format, I know the old (outlook 2000) format can't have more than 16383 or 32767 (can't remember which) messages in a single folder. Ran into this problem at our office once. Best solution was to use sieve to split the mail archive into folders by year and by month. This makes it easier to copy the archive offline as well. -Greg On 2011-09-01 7:34 PM, Dong Ding wrote: > Hi, > > I used postfix always_bcc to backup mail. And up to now the backup account > has half million mails in cur/, when I first time tried to receive the mail > by outlook, it failed , no responds. > > Does any one has some good idea to deal with this problem? > > > Thanks > -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 260 bytes Desc: OpenPGP digital signature URL: From stephan at rename-it.nl Fri Sep 2 20:25:18 2011 From: stephan at rename-it.nl (Stephan Bosch) Date: Fri, 02 Sep 2011 19:25:18 +0200 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <20110902102133.GA6623@nihlus.leuxner.net> References: <1314869252.27581.9.camel@hurina> <20110902102133.GA6623@nihlus.leuxner.net> Message-ID: <4E61117E.1030902@rename-it.nl> On 9/2/2011 12:21 PM, Thomas Leuxner wrote: > Hi, > > any idea why STARTTLS would not work after replacing 2.0.14 with the > alpha? When STARTTLS is not requested by the client it can connect. Config > is unaltered working 2.0.14 one. Are you perhaps using the automated Debian packages? Regards, Stephan. From tlx at leuxner.net Fri Sep 2 20:48:30 2011 From: tlx at leuxner.net (Thomas Leuxner) Date: Fri, 2 Sep 2011 19:48:30 +0200 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <4E61117E.1030902@rename-it.nl> References: <1314869252.27581.9.camel@hurina> <20110902102133.GA6623@nihlus.leuxner.net> <4E61117E.1030902@rename-it.nl> Message-ID: Am 02.09.2011 um 19:25 schrieb Stephan Bosch: > Are you perhaps using the automated Debian packages? > > Regards, > > Stephan. Indeed I am. Guilty... From thomas-lists at nybeta.com Fri Sep 2 21:29:47 2011 From: thomas-lists at nybeta.com (Thomas Harold) Date: Fri, 02 Sep 2011 14:29:47 -0400 Subject: [Dovecot] Can't got mail by OUTLOOK for a half million mails account In-Reply-To: References: Message-ID: <4E61209B.5090305@nybeta.com> On 9/1/2011 10:34 PM, Dong Ding wrote: > > I used postfix always_bcc to backup mail. And up to now the backup account > has half million mails in cur/, when I first time tried to receive the mail > by outlook, it failed , no responds. > > Does any one has some good idea to deal with this problem? > If it's IMAP, you may have to try Thunderbird or some other IMAP client. But most are going to horribly die past 100k messages in a single folder (and some will die much sooner). There's also the brute force method of moving 90% of the messages to some other temporary folder on the file system, grabbing the 50k that are left. Then moving messages back into the new/ folder in batches of 50k or so. I'll echo Gregory's comment that you really need to setup some sort of Sieve rules to split out messages to sub-folders on-the-fly going forward. From stephan at rename-it.nl Fri Sep 2 21:35:25 2011 From: stephan at rename-it.nl (Stephan Bosch) Date: Fri, 02 Sep 2011 20:35:25 +0200 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: References: <1314869252.27581.9.camel@hurina> <20110902102133.GA6623@nihlus.leuxner.net> <4E61117E.1030902@rename-it.nl> Message-ID: <4E6121ED.5020204@rename-it.nl> On 9/2/2011 7:48 PM, Thomas Leuxner wrote: > Am 02.09.2011 um 19:25 schrieb Stephan Bosch: > >> Are you perhaps using the automated Debian packages? >> >> Regards, >> >> Stephan. > Indeed I am. Guilty... Then, it actually is my fault. The v2.1 packages also involve a login patch of mine, which apparently broke STARTTLS. I've fixed it and a new set of packages is available within the hour. Regards, Stephan. From tlx at leuxner.net Fri Sep 2 21:38:05 2011 From: tlx at leuxner.net (Thomas Leuxner) Date: Fri, 2 Sep 2011 20:38:05 +0200 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <4E6121ED.5020204@rename-it.nl> References: <1314869252.27581.9.camel@hurina> <20110902102133.GA6623@nihlus.leuxner.net> <4E61117E.1030902@rename-it.nl> <4E6121ED.5020204@rename-it.nl> Message-ID: <3C903640-F45B-4BEE-ADEF-077D4592B796@leuxner.net> Am 02.09.2011 um 20:35 schrieb Stephan Bosch: > > Then, it actually is my fault. The v2.1 packages also involve a login patch of mine, which apparently broke STARTTLS. I've fixed it and a new set of packages is available within the hour. > > Regards, > > Stephan. I shall then rebuild as suggested. Thanks Stephan and guilty you :) From stephan at rename-it.nl Sat Sep 3 00:15:27 2011 From: stephan at rename-it.nl (Stephan Bosch) Date: Fri, 02 Sep 2011 23:15:27 +0200 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <3C903640-F45B-4BEE-ADEF-077D4592B796@leuxner.net> References: <1314869252.27581.9.camel@hurina> <20110902102133.GA6623@nihlus.leuxner.net> <4E61117E.1030902@rename-it.nl> <4E6121ED.5020204@rename-it.nl> <3C903640-F45B-4BEE-ADEF-077D4592B796@leuxner.net> Message-ID: <4E61476F.9090601@rename-it.nl> On 9/2/2011 8:38 PM, Thomas Leuxner wrote: > Am 02.09.2011 um 20:35 schrieb Stephan Bosch: >> Then, it actually is my fault. The v2.1 packages also involve a login patch of mine, which apparently broke STARTTLS. I've fixed it and a new set of packages is available within the hour. >> >> Regards, >> >> Stephan. > I shall then rebuild as suggested. Thanks Stephan and guilty you :) D'oh, builder did not update from patch repositories. Starting build now... Regards, Stephan. From kwebb at teradactyl.com Sat Sep 3 01:46:56 2011 From: kwebb at teradactyl.com (Kristen J. Webb) Date: Fri, 02 Sep 2011 16:46:56 -0600 Subject: [Dovecot] Control of \Seen flags dovecot 1.2.9 Message-ID: <4E615CE0.6080209@teradactyl.com> Hi All, I have public mailboxes working with ACL's now, and I'm testing the ACL behavior. I've added lrws to two users so they can check off the messages they have read. I'm using CONTROL and INDEX in the location parameter for the namespace. It appears that if one user marks a message as read, all users see that message read. Is there any way to configure dovecot, so that each user maintains their own view of read messages? Relevant config (i think): namespace private { separator = / prefix = location = maildir:/home/vmail/%d/%n/Maildir:LAYOUT=fs inbox = yes } namespace public { separator = / prefix = Public/ location = maildir:/home/vmail/Public:LAYOUT=fs:CONTROL=/home/vmail/%d/%n/Maildir/Public:INDEX=/home/vmail/%d/%n/Maildir/Public subscriptions = no } -- Mr. Kristen J. Webb Teradactyl LLC. PHONE: 1-505-242-1091 EMAIL: kwebb at teradactyl.com VISIT: http://www.teradactyl.com Home of the True incremental Backup System From kwebb at teradactyl.com Sat Sep 3 03:38:19 2011 From: kwebb at teradactyl.com (Kristen J. Webb) Date: Fri, 02 Sep 2011 18:38:19 -0600 Subject: [Dovecot] Control of \Seen flags dovecot 1.2.9 In-Reply-To: <4E615CE0.6080209@teradactyl.com> References: <4E615CE0.6080209@teradactyl.com> Message-ID: <4E6176FB.4090001@teradactyl.com> Sorry, I cleaned out all of my Maildirs and public folders and started over. Also changed ACL to lrs, and so far, everything is working as expected. Kris On 9/2/11 4:46 PM, Kristen J. Webb wrote: > Hi All, > > I have public mailboxes working with ACL's now, and I'm testing the ACL > behavior. I've added lrws to two users so they can check off the messages > they have read. I'm using CONTROL and INDEX in the location parameter for > the namespace. It appears that if one user marks a message as read, > all users see that message read. > > Is there any way to configure dovecot, so that each user maintains their > own view of read messages? > > > Relevant config (i think): > > namespace private { > separator = / > prefix = > location = maildir:/home/vmail/%d/%n/Maildir:LAYOUT=fs > inbox = yes > } > > namespace public { > separator = / > prefix = Public/ > location = > maildir:/home/vmail/Public:LAYOUT=fs:CONTROL=/home/vmail/%d/%n/Maildir/Public:INDEX=/home/vmail/%d/%n/Maildir/Public > > subscriptions = no > } > -- Mr. Kristen J. Webb Teradactyl LLC. PHONE: 1-505-242-1091 EMAIL: kwebb at teradactyl.com VISIT: http://www.teradactyl.com Home of the True incremental Backup System From kuizhang at gmail.com Sat Sep 3 06:06:18 2011 From: kuizhang at gmail.com (Kui Zhang) Date: Fri, 2 Sep 2011 20:06:18 -0700 Subject: [Dovecot] Possible signed/unsigned bug in libdovecot-storage (2:2.0.14 ) Message-ID: Hello We are getting following errors when moving mail from inbox to any folder. "Message has been copied too many times (32767+1)" lazy_expunge is enabled. Error messages seems to be from libdovecot-storage. Any one can confirm the bug? or knows of a work around? Thanks K.Z From tlx at leuxner.net Sat Sep 3 08:07:17 2011 From: tlx at leuxner.net (Thomas Leuxner) Date: Sat, 3 Sep 2011 07:07:17 +0200 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <4E61476F.9090601@rename-it.nl> References: <1314869252.27581.9.camel@hurina> <20110902102133.GA6623@nihlus.leuxner.net> <4E61117E.1030902@rename-it.nl> <4E6121ED.5020204@rename-it.nl> <3C903640-F45B-4BEE-ADEF-077D4592B796@leuxner.net> <4E61476F.9090601@rename-it.nl> Message-ID: Am 02.09.2011 um 23:15 schrieb Stephan Bosch: > D'oh, builder did not update from patch repositories. Starting build now... > > Regards, > > Stephan. Working now :) Minor glitch I noticed for the build: Appears 'libpq5' is required by 'dovecot-common' even if no SQL package is installed? Wonder if that works as designed. dpkg: dependency problems prevent configuration of dovecot-common: dovecot-common depends on libpq5 (>= 8.4~0cvs20090328); however: Package libpq5 is not installed. dpkg: error processing dovecot-common (--install): dependency problems - leaving unconfigured From tss at iki.fi Sat Sep 3 08:36:09 2011 From: tss at iki.fi (Timo Sirainen) Date: Sat, 3 Sep 2011 08:36:09 +0300 Subject: [Dovecot] Possible signed/unsigned bug in libdovecot-storage (2:2.0.14 ) In-Reply-To: References: Message-ID: <08CD5CF9-B82B-4F16-9729-C522C12BEE34@iki.fi> On 3.9.2011, at 6.06, Kui Zhang wrote: > We are getting following errors when moving mail from inbox to any folder. > > "Message has been copied too many times (32767+1)" mdbox? Is it actually copied that many times? From dovecot-ml at makomi.de Sat Sep 3 09:33:43 2011 From: dovecot-ml at makomi.de (=?iso-8859-1?Q?Michael_K=F6hler?=) Date: Sat, 3 Sep 2011 08:33:43 +0200 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <4E61117E.1030902@rename-it.nl> References: <1314869252.27581.9.camel@hurina> <20110902102133.GA6623@nihlus.leuxner.net> <4E61117E.1030902@rename-it.nl> Message-ID: <6B523955-CA60-4F3E-A89A-8EF12E7F280C@makomi.de> Hello Stephan, Am 02.09.2011 um 19:25 schrieb Stephan Bosch: > Are you perhaps using the automated Debian packages? I?m also upgraded to latest Debian version and I?ve got the following errors: Preparing to replace dovecot-managesieved 2:2.0.13-0~auto+71 (using .../dovecot-managesieved_2%3a2.0.14-0~auto+4_amd64.deb) ... Stopping IMAP/POP3 mail server: dovecot. Unpacking replacement dovecot-managesieved ... doveconf: Error: Module is for different version 2.0.14: /usr/lib/dovecot/modules/settings/libmanagesieve_login_settings.so doveconf: Error: Module is for different version 2.0.14: /usr/lib/dovecot/modules/settings/libmanagesieve_settings.so doveconf: Error: service(managesieve-login): executable is empty doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf: service(managesieve-login): executable is empty Starting IMAP/POP3 mail server: dovecotdoveconf: Error: Module is for different version 2.0.14: /usr/lib/dovecot/modules/settings/libmanagesieve_login_settings.so doveconf: Error: Module is for different version 2.0.14: /usr/lib/dovecot/modules/settings/libmanagesieve_settings.so doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf: service(managesieve-login): executable is empty Preparing to replace dovecot-sieve 2:2.0.13-0~auto+71 (using .../dovecot-sieve_2%3a2.0.14-0~auto+4_amd64.deb) ... Unpacking replacement dovecot-sieve ... doveconf: Error: Module is for different version 2.0.14: /usr/lib/dovecot/modules/settings/libmanagesieve_login_settings.so doveconf: Error: Module is for different version 2.0.14: /usr/lib/dovecot/modules/settings/libmanagesieve_settings.so doveconf: Error: service(managesieve-login): executable is empty doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf: service(managesieve-login): executable is empty Starting IMAP/POP3 mail server: dovecotdoveconf: Error: Module is for different version 2.0.14: /usr/lib/dovecot/modules/settings/libmanagesieve_login_settings.so doveconf: Error: Module is for different version 2.0.14: /usr/lib/dovecot/modules/settings/libmanagesieve_settings.so doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf: service(managesieve-login): executable is empty Preparing to replace dovecot-lmtpd 2:2.0.13-0~auto+71 (using .../dovecot-lmtpd_2%3a2.0.14-0~auto+4_amd64.deb) ... doveconf: Error: Module is for different version 2.0.14: /usr/lib/dovecot/modules/settings/libmanagesieve_login_settings.so doveconf: Error: Module is for different version 2.0.14: /usr/lib/dovecot/modules/settings/libmanagesieve_settings.so doveconf: Error: service(managesieve-login): executable is empty doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf: service(managesieve-login): executable is empty Stopping IMAP/POP3 mail server: dovecot. Unpacking replacement dovecot-lmtpd ... doveconf: Error: Module is for different version 2.0.14: /usr/lib/dovecot/modules/settings/libmanagesieve_login_settings.so doveconf: Error: Module is for different version 2.0.14: /usr/lib/dovecot/modules/settings/libmanagesieve_settings.so doveconf: Error: service(managesieve-login): executable is empty doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf: service(managesieve-login): executable is empty Starting IMAP/POP3 mail server: dovecotdoveconf: Error: Module is for different version 2.0.14: /usr/lib/dovecot/modules/settings/libmanagesieve_login_settings.so doveconf: Error: Module is for different version 2.0.14: /usr/lib/dovecot/modules/settings/libmanagesieve_settings.so doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf: service(managesieve-login): executable is empty Preparing to replace dovecot-common 2:2.0.13-0~auto+71 (using .../dovecot-common_2%3a2.0.14-0~auto+4_amd64.deb) ... doveconf: Error: Module is for different version 2.0.14: /usr/lib/dovecot/modules/settings/libmanagesieve_login_settings.so doveconf: Error: Module is for different version 2.0.14: /usr/lib/dovecot/modules/settings/libmanagesieve_settings.so doveconf: Error: service(managesieve-login): executable is empty doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf: service(managesieve-login): executable is empty Stopping IMAP/POP3 mail server: dovecot. Or isn?t it a problem? At this time I don?t use sieve. Greetings, Michael From stephan at rename-it.nl Sat Sep 3 11:04:00 2011 From: stephan at rename-it.nl (Stephan Bosch) Date: Sat, 03 Sep 2011 10:04:00 +0200 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <6B523955-CA60-4F3E-A89A-8EF12E7F280C@makomi.de> References: <1314869252.27581.9.camel@hurina> <20110902102133.GA6623@nihlus.leuxner.net> <4E61117E.1030902@rename-it.nl> <6B523955-CA60-4F3E-A89A-8EF12E7F280C@makomi.de> Message-ID: <4E61DF70.5090309@rename-it.nl> On 9/3/2011 8:33 AM, Michael K?hler wrote: > Hello Stephan, > > Am 02.09.2011 um 19:25 schrieb Stephan Bosch: >> Are you perhaps using the automated Debian packages? > I?m also upgraded to latest Debian version and I?ve got the following errors: > > Preparing to replace dovecot-managesieved 2:2.0.13-0~auto+71 (using .../dovecot-managesieved_2%3a2.0.14-0~auto+4_amd64.deb) ... > Stopping IMAP/POP3 mail server: dovecot. > Unpacking replacement dovecot-managesieved ... > doveconf: Error: Module is for different version 2.0.14: /usr/lib/dovecot/modules/settings/libmanagesieve_login_settings.so > doveconf: Error: Module is for different version 2.0.14: /usr/lib/dovecot/modules/settings/libmanagesieve_settings.so > doveconf: Error: service(managesieve-login): executable is empty > doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf: service(managesieve-login): executable is empty > [...] > > Or isn?t it a problem? At this time I don?t use sieve. I've seen this the first time too and it disappeared on the second update. Not sure why this happens like this, but I have a feeling it will return at the upgrade to alpha2. Regards, Stephan. From stephan at rename-it.nl Sat Sep 3 11:56:58 2011 From: stephan at rename-it.nl (Stephan Bosch) Date: Sat, 03 Sep 2011 10:56:58 +0200 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: References: <1314869252.27581.9.camel@hurina> <20110902102133.GA6623@nihlus.leuxner.net> <4E61117E.1030902@rename-it.nl> <4E6121ED.5020204@rename-it.nl> <3C903640-F45B-4BEE-ADEF-077D4592B796@leuxner.net> <4E61476F.9090601@rename-it.nl> Message-ID: <4E61EBDA.20906@rename-it.nl> On 9/3/2011 7:07 AM, Thomas Leuxner wrote: > Am 02.09.2011 um 23:15 schrieb Stephan Bosch: > >> D'oh, builder did not update from patch repositories. Starting build now... >> >> Regards, >> >> Stephan. > Working now :) Minor glitch I noticed for the build: Appears 'libpq5' is required by 'dovecot-common' even if no SQL package is installed? Wonder if that works as designed. > > dpkg: dependency problems prevent configuration of dovecot-common: > dovecot-common depends on libpq5 (>= 8.4~0cvs20090328); however: > Package libpq5 is not installed. > dpkg: error processing dovecot-common (--install): > dependency problems - leaving unconfigured Those dependencies are added automatically and are probably caused by the following: For dovecot-2.0: $ ldd .libs/libdovecot-sql.so linux-vdso.so.1 => (0x00007fff03dc3000) libdl.so.2 => /lib/libdl.so.2 (0x00007f981d3a9000) librt.so.1 => /lib/librt.so.1 (0x00007f981d1a1000) libc.so.6 => /lib/libc.so.6 (0x00007f981ce3f000) /lib64/ld-linux-x86-64.so.2 (0x00007f981d7bf000) libpthread.so.0 => /lib/libpthread.so.0 (0x00007f981cc23000) For dovecot-2.1: $ ldd .libs/libdovecot-sql.so linux-vdso.so.1 => (0x00007fffc5549000) libdovecot.so.0 => dovecot-2.1/src/lib-dovecot/.libs/libdovecot.so.0 (0x00007f0372414000) libmysqlclient.so.16 => /usr/lib/libmysqlclient.so.16 (0x00007f0371fe9000) libpq.so.5 => /usr/lib/libpq.so.5 (0x00007f0371dc0000) libsqlite3.so.0 => /usr/lib/libsqlite3.so.0 (0x00007f0371b29000) [lots more ...] As you can see, libdovecot-sql.so now has dependencies on mysql, pgsql and sqlite. I am not sure why. The following change seems to be the cause: --- dovecot-2.0/src/lib-sql/Makefile.am 2011-04-16 22:02:06.000000000 +0200 +++ dovecot-2.1/src/lib-sql/Makefile.am 2011-08-25 23:16:57.000000000 +0200 @@ -66,7 +72,11 @@ pkglib_LTLIBRARIES = libdovecot-sql.la libdovecot_sql_la_SOURCES = -libdovecot_sql_la_LIBADD = libsql.la $(MODULE_LIBS) +libdovecot_sql_la_LIBADD = libsql.la $(deplibs) \ + $(MYSQL_LIBS) \ + $(PGSQL_LIBS) \ + $(SQLITE_LIBS) \ + $(MODULE_LIBS) libdovecot_sql_la_DEPENDENCIES = libsql.la libdovecot_sql_la_LDFLAGS = -export-dynamic Timo, any ideas? Regards, Stephan. From tss at iki.fi Sat Sep 3 12:05:31 2011 From: tss at iki.fi (Timo Sirainen) Date: Sat, 3 Sep 2011 12:05:31 +0300 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <4E61EBDA.20906@rename-it.nl> References: <1314869252.27581.9.camel@hurina> <20110902102133.GA6623@nihlus.leuxner.net> <4E61117E.1030902@rename-it.nl> <4E6121ED.5020204@rename-it.nl> <3C903640-F45B-4BEE-ADEF-077D4592B796@leuxner.net> <4E61476F.9090601@rename-it.nl> <4E61EBDA.20906@rename-it.nl> Message-ID: <7F458A22-E5FD-4E53-8039-3FC5F035AD60@iki.fi> On 3.9.2011, at 11.56, Stephan Bosch wrote: > As you can see, libdovecot-sql.so now has dependencies on mysql, pgsql and sqlite. I am not sure why. The following change seems to be the cause: > > --- dovecot-2.0/src/lib-sql/Makefile.am 2011-04-16 22:02:06.000000000 +0200 > +++ dovecot-2.1/src/lib-sql/Makefile.am 2011-08-25 23:16:57.000000000 +0200 > @@ -66,7 +72,11 @@ > > pkglib_LTLIBRARIES = libdovecot-sql.la > libdovecot_sql_la_SOURCES = > -libdovecot_sql_la_LIBADD = libsql.la $(MODULE_LIBS) > +libdovecot_sql_la_LIBADD = libsql.la $(deplibs) \ > + $(MYSQL_LIBS) \ > + $(PGSQL_LIBS) \ > + $(SQLITE_LIBS) \ > + $(MODULE_LIBS) > libdovecot_sql_la_DEPENDENCIES = libsql.la > libdovecot_sql_la_LDFLAGS = -export-dynamic > > Timo, any ideas? http://hg.dovecot.org/dovecot-2.1/rev/d2b27eae9221 probably helps? From kuizhang at gmail.com Sat Sep 3 12:29:07 2011 From: kuizhang at gmail.com (Kui Zhang) Date: Sat, 3 Sep 2011 02:29:07 -0700 Subject: [Dovecot] Possible signed/unsigned bug in libdovecot-storage (2:2.0.14 ) In-Reply-To: <08CD5CF9-B82B-4F16-9729-C522C12BEE34@iki.fi> References: <08CD5CF9-B82B-4F16-9729-C522C12BEE34@iki.fi> Message-ID: it is mdbox, file size 10M I dont know if the message was ever copy that many times. I dont know any way to tell. I was able to trigger the error message with following. a uid copy 726974 inbox_2 epoll_wait(5, {{EPOLLIN, {u32=39151008, u64=39151008}}}, 3, 18653) = 1 read(0, "a uid copy 726974 Inbox_2\n", 7545) = 26 stat("/home/user_name/mdbox/mailboxes/Inbox_2/dbox-Mails", {st_dev=makedev(9, 3), st_ino=44696357, st_mode=S_IFDIR|0700, st_nlink=2, st_uid=1000, st_gid=1000, st_blksize=4096, st_blocks=8, st_size=4096, st_atime=2011/09/02-19:27:08, st_mtime=2011/09/03-00:05:26, st_ctime=2011/09/03-00:05:26}) = 0 stat("/home/user_name/mdbox/mailboxes/Inbox_2/dbox-Mails", {st_dev=makedev(9, 3), st_ino=44696357, st_mode=S_IFDIR|0700, st_nlink=2, st_uid=1000, st_gid=1000, st_blksize=4096, st_blocks=8, st_size=4096, st_atime=2011/09/02-19:27:08, st_mtime=2011/09/03-00:05:26, st_ctime=2011/09/03-00:05:26}) = 0 stat("/home/user_name/mdbox/mailboxes/Inbox_2", {st_dev=makedev(9, 3), st_ino=44696356, st_mode=S_IFDIR|0700, st_nlink=3, st_uid=1000, st_gid=1000, st_blksize=4096, st_blocks=8, st_size=4096, st_atime=2011/09/02-19:27:08, st_mtime=2011/09/02-19:27:08, st_ctime=2011/09/02-19:27:08}) = 0 stat("/home/user_name/mdbox/mailboxes/Inbox_2", {st_dev=makedev(9, 3), st_ino=44696356, st_mode=S_IFDIR|0700, st_nlink=3, st_uid=1000, st_gid=1000, st_blksize=4096, st_blocks=8, st_size=4096, st_atime=2011/09/02-19:27:08, st_mtime=2011/09/02-19:27:08, st_ctime=2011/09/02-19:27:08}) = 0 stat("/home/user_name/mdbox/mailboxes/Inbox_2/dbox-Mails", {st_dev=makedev(9, 3), st_ino=44696357, st_mode=S_IFDIR|0700, st_nlink=2, st_uid=1000, st_gid=1000, st_blksize=4096, st_blocks=8, st_size=4096, st_atime=2011/09/02-19:27:08, st_mtime=2011/09/03-00:05:26, st_ctime=2011/09/03-00:05:26}) = 0 open("/home/user_name/mdbox/mailboxes/Inbox_2/dbox-Mails/dovecot.index.log", O_RDWR) = 11 fstat(11, {st_dev=makedev(9, 3), st_ino=44696360, st_mode=S_IFREG|0600, st_nlink=1, st_uid=1000, st_gid=1000, st_blksize=4096, st_blocks=40, st_size=16404, st_atime=2011/09/02-19:32:11, st_mtime=2011/09/03-00:05:26, st_ctime=2011/09/03-00:05:26}) = 0 pread(11, "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx") open("/home/user_name/mdbox/mailboxes/Inbox_2/dbox-Mails/dovecot.index", O_RDWR) = 12 alarm(120) = 0 fcntl(12, F_SETLKW, {type=F_RDLCK, whence=SEEK_SET, start=0, len=0}) = 0 alarm(0) = 120 fstat(12, {st_dev=makedev(9, 3), st_ino=44696353, st_mode=S_IFREG|0600, st_nlink=1, st_uid=1000, st_gid=1000, st_blksize=4096, st_blocks=72, st_size=33504, st_atime=2011/09/03-00:05:26, st_mtime=2011/09/03-00:05:26, st_ctime=2011/09/03-00:05:26}) = 0 pread(12, "xxxxxxxxxxxxxxxxxxxxxxxxxx") pread(12, "xxxxxxxxxxxxxxxxxxxxxxxxxx") fcntl(12, F_SETLK, {type=F_UNLCK, whence=SEEK_SET, start=0, len=0}) = 0 fstat(11, {st_dev=makedev(9, 3), st_ino=44696360, st_mode=S_IFREG|0600, st_nlink=1, st_uid=1000, st_gid=1000, st_blksize=4096, st_blocks=40, st_size=16404, st_atime=2011/09/02-19:32:11, st_mtime=2011/09/03-00:05:26, st_ctime=2011/09/03-00:05:26}) = 0 pread(11, "", 8192, 16404) = 0 stat("/home/user_name/mdbox/storage/dovecot.map.index.log", {st_dev=makedev(9, 3), st_ino=42730409, st_mode=S_IFREG|0600, st_nlink=1, st_uid=1000, st_gid=1000, st_blksize=4096, st_blocks=56, st_size=22356, st_atime=2011/09/02-19:31:53, st_mtime=2011/09/03-01:48:40, st_ctime=2011/09/03-01:48:40}) = 0 fstat(9, {st_dev=makedev(9, 3), st_ino=42730409, st_mode=S_IFREG|0600, st_nlink=1, st_uid=1000, st_gid=1000, st_blksize=4096, st_blocks=56, st_size=22356, st_atime=2011/09/02-19:31:53, st_mtime=2011/09/03-01:48:40, st_ctime=2011/09/03-01:48:40}) = 0 fstat(9, {st_dev=makedev(9, 3), st_ino=42730409, st_mode=S_IFREG|0600, st_nlink=1, st_uid=1000, st_gid=1000, st_blksize=4096, st_blocks=56, st_size=22356, st_atime=2011/09/02-19:31:53, st_mtime=2011/09/03-01:48:40, st_ctime=2011/09/03-01:48:40}) = 0 open("/home/user_name/mdbox/mailboxes/Inbox_2/dbox-Mails/dovecot.index.cache", O_RDWR) = 13 fstat(13, {st_dev=makedev(9, 3), st_ino=44696366, st_mode=S_IFREG|0600, st_nlink=1, st_uid=1000, st_gid=1000, st_blksize=4096, st_blocks=1608, st_size=818176, st_atime=2011/09/02-19:28:48, st_mtime=2011/09/02-20:11:59, st_ctime=2011/09/02-20:11:59}) = 0 mmap(NULL, 818176, PROT_READ, MAP_SHARED, 13, 0) = 0x7f8d081f2000 pread(14, "xxxxxxxxxxxxxxxxxxxxxxxxx") pread(14, "xxxxxxxxxxxxxxxxxxxxxxxxx") fstat(14, {st_dev=makedev(9, 3), st_ino=42731774, st_mode=S_IFREG|0600, st_nlink=1, st_uid=1000, st_gid=1000, st_blksize=4096, st_blocks=20480, st_size=10484876, st_atime=2011/09/02-19:26:41, st_mtime=2011/09/02-19:26:43, st_ctime=2011/09/02-19:26:43}) = 0 stat("/home/user_name/mdbox", {st_dev=makedev(9, 3), st_ino=42729592, st_mode=S_IFDIR|0700, st_nlink=5, st_uid=1000, st_gid=1000, st_blksize=4096, st_blocks=8, st_size=4096, st_atime=2011/04/07-09:30:08, st_mtime=2011/09/03-01:57:47, st_ctime=2011/09/03-01:58:08}) = 0 chown("/home/user_name/mdbox", 1000, 4294967295) = 0 stat("/home/user_name/mdbox/dovecot-quota", {st_dev=makedev(9, 3), st_ino=42730175, st_mode=S_IFREG|0600, st_nlink=1, st_uid=1000, st_gid=1000, st_blksize=4096, st_blocks=8, st_size=59, st_atime=2011/09/03-01:48:40, st_mtime=2011/09/03-01:48:40, st_ctime=2011/09/03-01:48:40}) = 0 fstat(15, {st_dev=makedev(9, 3), st_ino=42730175, st_mode=S_IFREG|0600, st_nlink=1, st_uid=1000, st_gid=1000, st_blksize=4096, st_blocks=8, st_size=59, st_atime=2011/09/03-01:48:40, st_mtime=2011/09/03-01:48:40, st_ctime=2011/09/03-01:48:40}) = 0 alarm(180) = 0 fcntl(9, F_SETLKW, {type=F_WRLCK, whence=SEEK_SET, start=0, len=0}) = 0 alarm(0) = 180 stat("/home/user_name/mdbox/storage/dovecot.map.index.log", {st_dev=makedev(9, 3), st_ino=42730409, st_mode=S_IFREG|0600, st_nlink=1, st_uid=1000, st_gid=1000, st_blksize=4096, st_blocks=56, st_size=22356, st_atime=2011/09/02-19:31:53, st_mtime=2011/09/03-01:48:40, st_ctime=2011/09/03-01:48:40}) = 0 fstat(9, {st_dev=makedev(9, 3), st_ino=42730409, st_mode=S_IFREG|0600, st_nlink=1, st_uid=1000, st_gid=1000, st_blksize=4096, st_blocks=56, st_size=22356, st_atime=2011/09/02-19:31:53, st_mtime=2011/09/03-01:48:40, st_ctime=2011/09/03-01:48:40}) = 0 stat("/home/user_name/mdbox/mailboxes/Inbox_2/dbox-Mails/dovecot.index.log.2", {st_dev=makedev(9, 3), st_ino=44696358, st_mode=S_IFREG|0600, st_nlink=1, st_uid=1000, st_gid=1000, st_blksize=4096, st_blocks=144, st_size=66812, st_atime=2011/09/02-19:27:08, st_mtime=2011/09/02-19:32:11, st_ctime=2011/09/02-19:32:11}) = 0 alarm(180) = 0 fcntl(11, F_SETLKW, {type=F_WRLCK, whence=SEEK_SET, start=0, len=0}) = 0 alarm(0) = 180 stat("/home/user_name/mdbox/mailboxes/Inbox_2/dbox-Mails/dovecot.index.log", {st_dev=makedev(9, 3), st_ino=44696360, st_mode=S_IFREG|0600, st_nlink=1, st_uid=1000, st_gid=1000, st_blksize=4096, st_blocks=40, st_size=16404, st_atime=2011/09/02-19:32:11, st_mtime=2011/09/03-00:05:26, st_ctime=2011/09/03-00:05:26}) = 0 fstat(11, {st_dev=makedev(9, 3), st_ino=44696360, st_mode=S_IFREG|0600, st_nlink=1, st_uid=1000, st_gid=1000, st_blksize=4096, st_blocks=40, st_size=16404, st_atime=2011/09/02-19:32:11, st_mtime=2011/09/03-00:05:26, st_ctime=2011/09/03-00:05:26}) = 0 fcntl(9, F_SETLK, {type=F_UNLCK, whence=SEEK_SET, start=0, len=0}) = 0 fcntl(11, F_SETLK, {type=F_UNLCK, whence=SEEK_SET, start=0, len=0}) = 0 write(1, "a NO [CANNOT] Message has been copied too many times (32767 + 1)\r\n", 66) = 66 epoll_wait(5, {}, 3, 5000) = 0 epoll_wait(5, {}, 3, 4) = 0 15642 timeout_reset(0x25565c0, 0x254632a, 3, 32704, 0x203a2961632e79) = 1 15642 i_stream_read(0x2556300, 0x2999108, 0, 0x25565c0, 8) = 26 15642 o_stream_ref(0x25564b8, 0x2559e0d, 0, 26, 8) = 26 15642 o_stream_cork(0x25564b8, 0x2559e0d, 0, 26, 8) = 1 15642 t_push(0x2555ed0, 1, 0x2556440, 26, 8) = 3 15642 i_stream_get_data(0x2556300, 0x7fffb16662c0, 4, 32704, 8) = 0x2559e0d 15642 buffer_create_dynamic(0x2556620, 40, 0x2556600, 1856, 8) = 0x25566c0 15642 imap_parser_read_word(0x25557a0, 0x2555ef8, 0x2556600, 1760, 8) = 0x255bd08 15642 p_strdup(0x2556620, 0x255bd08, 0, 97, 8) = 0x2556720 15642 imap_parser_read_word(0x25557a0, 0x255bd0a, 0, 97, 0x255bd08) = 0x255bd10 15642 p_strdup(0x2556620, 0x255bd10, 0, 25705, 0x255bd08) = 0x2556728 15642 t_str_new(128, 0x255bd14, 0, 0x646975, 0x255bd10) = 0x2523088 15642 str_append_c(0x2523088, 91, 0, 98, 128) = 0x25230c0 15642 str_append(0x2523088, 0x254c420, 1, 91, 128) = 0x25230c1 15642 str_len(0x2523088, 0x254c431, 0, 0x6f6840736e6f726f, 0x61632e7961777473) = 18 15642 str_append_c(0x2523088, 32, 0, 0x6f6840736e6f726f, 0x61632e7961777473) = 0x25230d2 15642 str_append(0x2523088, 0x2556728, 0, 32, 0x61632e7961777473) = 0x25230d3 15642 str_append_c(0x2523088, 93, 0, 25705, 0x2556728) = 0x25230d6 15642 str_c(0x2523088, 0x7fffb166624d, 0, 93, 0x2556728) = 0x25230c0 15642 process_title_set(0x25230c0, 0x7fffb166624d, 0, 93, 0x2556728) = 0x7fffb1666bc0 15642 array_bsearch_i(0x61feb0, 0x2556728, 0x411510, 0x5d6469752061632e, 0x746f6365766f642f 15642 strcasecmp("uid", "NOOP") = 7 15642 strcasecmp("uid", "UID COPY") = -32 15642 strcasecmp("uid", "STATUS") = 2 15642 strcasecmp("uid", "THREAD") = 1 15642 strcasecmp("uid", "UID") = 0 15642 <... array_bsearch_i resumed> ) = 0x252ca98 15642 imap_parser_read_word(0x25557a0, 0x41bd4e, 0, 0, 0) = 0x255bd18 15642 t_strconcat(0x41b57d, 0x255bd18, 0, 0x79706f63, 0) = 0x2523170 15642 array_bsearch_i(0x61feb0, 0x2523170, 0x411510, 32432, 0x255bd18 15642 strcasecmp("UID copy", "NOOP") = 7 15642 strcasecmp("UID copy", "UID COPY") = 0 15642 <... array_bsearch_i resumed> ) = 0x252cab0 15642 p_strconcat(0x2556620, 0x41b57d, 0x255bd18, 0, 0) = 0x2556730 15642 imap_parser_read_args(0x25557a0, 2, 0, 0x7fffb16660d8, 0x255bd18) = 2 15642 t_str_new(256, 0, 0, 146, 32) = 0x2523198 15642 imap_write_args(0x2523198, 0x255bc28, 0, 0, 0) = 0x25231d7 15642 str_c(0x2523198, 0x255bd2f, 0, 0x325f786f, 0x255bd28) = 0x25231d0 15642 p_strdup(0x2556620, 0x25231d0, 0, 0x325f786f, 0x255bd28) = 0x2556740 15642 imap_arg_get_astring(0x255bc28, 0x7fffb16660d0, 24, 0x325f786f626e49, 0x25231d0) = 1 15642 imap_arg_get_astring(0x255bc48, 0x7fffb16660d0, 32, 0x325f786f626e49, 0x25231d0) = 1 15642 mail_search_build_init(0x2556640, 0x255bd20, 1, 0x7fffb16661f0, 0x25231d0) = 0x2568920 15642 buffer_create_dynamic(0x2568900, 128, 0x25688e0, 3840, 8) = 0x25689e0 15642 imap_seq_set_parse(0x255bd20, 0x2568968, 0x25688e0, 3656, 8) = 0 15642 mail_search_args_init(0x2568920, 0x2556e50, 1, 0x2555fb0, 0x7fffb1666068) = 4 15642 mail_namespace_find(0x2550340, 0x7fffb1666108, 0x7fffb16661d8, 0x7fffb166620c, 8) = 0x2550340 15642 strlen("Inbox_2") = 7 15642 strlen("Inbox_2") = 7 15642 mailbox_list_get_mailbox_name_status(0x2552930, 0x255bd28, 0x7fffb166620c, 47, 0x255bd28) = 0 15642 mailbox_get_namespace(0x2556e50, 0x2550340, 0x255bd28, 0, 0) = 0x2550340 15642 mailbox_get_name(0x2556e50, 0x2550340, 0x2550340, 0, 0) = 0x25570c0 15642 strcmp("INBOX", "Inbox_2") = -32 15642 strcasecmp("INBOX", "INBOX") = 0 15642 strcasecmp("Inbox_2", "INBOX") = 95 15642 mailbox_alloc(0x2552930, 0x255bd28, 10, 0, 95) = 0x2569930 15642 mailbox_open(0x2569930, 0, 2, 32024, 104) = 0 15642 mailbox_transaction_begin(0x2569930, 6, 0x7f8d0e5aa560, 32024, 0) = 0x299cb20 15642 t_str_new(256, 0x7fffb1666120, 0, 0x299cc00, 0x7f8d0df1aeb8) = 0x25235f8 15642 mailbox_transaction_begin(0x2556e50, 0, 0, 0, 0) = 0x256c590 15642 mailbox_search_init(0x256c590, 0x2568920, 0, 0x256dc20, 0x7f8d0df1aeb8) = 0x256dc50 15642 mail_alloc(0x256c590, 0, 0, 3, 32) = 0x256e440 15642 mailbox_search_next(0x256dc50, 0x256e440, 0x7f8d0e5aa560, 30976, 88) = 1 15642 mailbox_save_alloc(0x299cb20, 726974, 0, 0x256dd30, 0) = 0x256dee0 15642 mailbox_save_copy_flags(0x256dee0, 0x256e440, -1, 0, 0) = 12 15642 mailbox_copy(0x7fffb16661c0, 0x256e440, 44, 0x2902410, 726974) = 0 15642 mailbox_search_next(0x256dc50, 0x256e440, 0, 0xffffffff, 0x7f8d0df19580) = 0 15642 mail_free(0x7fffb16661b8, 40, 0, 0x7fffb1666080, 0x7f8d0df19580) = 2065 15642 str_printfa(0x25235f8, 0x41bd53, 726974, 726974, 48) = 130 15642 mailbox_search_deinit(0x7fffb16661d0, 6, 0x2523636, 0x41bd55, 0) = 0 15642 mailbox_transaction_commit(0x7fffb16661c8, 2, 0x256de00, 132976, 0) = 0 15642 str_c(0x25235f8, 0, 0x256d3b0, 132976, 56) = 0x2523630 15642 mail_search_args_unref(0x7fffb16661f0, 0, 0x256d3b0, 132976, 56) = 4113 15642 t_str_new(256, 0, 0x2996cb0, 132976, 120) = 0x2523758 15642 mailbox_transaction_commit_get_changes(0x7fffb16661f8, 0x7fffb1666170, 0, 0, 0) = 0xffffffff 15642 mailbox_get_storage(0x2569930, 0, 0x7f8d0e5aa560, 30624, 48) = 0x2553140 15642 mailbox_free(0x7fffb1666200, 0, 0x7f8d0e5aa560, 0x2569930, 48) = 7201 15642 mailbox_is_inconsistent(0x2556e50, 0x2553140, 0x299cc80, 132976, 8) = 0 15642 mail_storage_get_last_error(0x2553140, 0x7fffb166612c, 0x4d9de690, 132976, 8) = 0x2573bf0 15642 t_strdup_printf(0x41b1d7, 0x41b19d, 0x2573bf0, 132976, 8) = 0x2523890 15642 o_stream_send_str(0x25564b8, 0x2556720, 0x2523010, 30560, 0) = 1 15642 o_stream_send(0x25564b8, 0x419dd1, 1, 97, 0x2556720) = 1 15642 o_stream_send_str(0x25564b8, 0x2523890, 0, 32, 0x2556720) = 62 15642 o_stream_send(0x25564b8, 0x41b5cf, 2, 0x3233282073656d69, 0x2931202b20373637) = 2 15642 timeout_reset(0x25565c0, 0x41b5d1, 0, 2573, 0x2931202b20373637) = 2 15642 imap_parser_reset(0x25557a0, 0x29999d8, 0, 0x25565c0, 8) = 0x25557d0 15642 t_str_new(128, 0, 0, -5, 16) = 0x25238e8 15642 str_append_c(0x25238e8, 91, 0, 98, 128) = 0x2523920 15642 str_append(0x25238e8, 0x254c420, 1, 91, 128) = 0x2523921 15642 str_append_c(0x25238e8, 93, 0, 0x6f6840736e6f726f, 0x61632e7961777473) = 0x2523932 15642 str_c(0x25238e8, 0x7fffb166621d, 0, 93, 0x61632e7961777473) = 0x2523920 15642 process_title_set(0x2523920, 0x7fffb166621d, 0, 93, 0x61632e7961777473) = 0x7fffb1666beb 15642 t_pop_check(0x7fffb16662cc, 171, 0xabababababababab, 414, 4) = 3 15642 t_push(0x7fffb16662cc, 171, 0x7f8d0e5aa560, 32704, 4) = 3 15642 i_stream_get_data(0x2556300, 0x7fffb16662b8, 4, 32704, 4) = 0x2559e26 15642 i_stream_skip(0x2556300, 1, 1, 1, 4) = 1 15642 i_stream_get_data(0x2556300, 0x7fffb16662c0, 647, 0x25562a0, 4) = 0 15642 t_pop_check(0x7fffb16662cc, 0x7fffb16662c0, 0x25562a0, 647, 4) = 3 15642 mailbox_transaction_get_count(0x2556e50, 0x7fffb16662c0, 0x7f8d0e5aa560, 32704, 4) = 0 15642 o_stream_uncork(0x25564b8, 0, 0x7f8d0e5aa560, 32704, 4) = 0 15642 o_stream_unref(0x7fffb1666310, 0, 66, 0, 4) = 1 15642 i_stream_get_data(0x2556300, 0x7fffb16662e8, 66, 0, 4) = 0 Thanks for checking KuiZ On Fri, Sep 2, 2011 at 10:36 PM, Timo Sirainen wrote: > On 3.9.2011, at 6.06, Kui Zhang wrote: > >> We are getting following errors when moving mail from inbox to any folder. >> >> "Message has been copied too many times (32767+1)" > > mdbox? Is it actually copied that many times? > > From tlx at leuxner.net Sat Sep 3 14:02:25 2011 From: tlx at leuxner.net (Thomas Leuxner) Date: Sat, 3 Sep 2011 13:02:25 +0200 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <7F458A22-E5FD-4E53-8039-3FC5F035AD60@iki.fi> References: <1314869252.27581.9.camel@hurina> <20110902102133.GA6623@nihlus.leuxner.net> <4E61117E.1030902@rename-it.nl> <4E6121ED.5020204@rename-it.nl> <3C903640-F45B-4BEE-ADEF-077D4592B796@leuxner.net> <4E61476F.9090601@rename-it.nl> <4E61EBDA.20906@rename-it.nl> <7F458A22-E5FD-4E53-8039-3FC5F035AD60@iki.fi> Message-ID: <2FF2E9E9-EDC0-4961-8392-E9A8DE9C4422@leuxner.net> Am 03.09.2011 um 11:05 schrieb Timo Sirainen: > On 3.9.2011, at 11.56, Stephan Bosch wrote: > >> As you can see, libdovecot-sql.so now has dependencies on mysql, pgsql and sqlite. I am not sure why. The following change seems to be the cause: >> >> --- dovecot-2.0/src/lib-sql/Makefile.am 2011-04-16 22:02:06.000000000 +0200 >> +++ dovecot-2.1/src/lib-sql/Makefile.am 2011-08-25 23:16:57.000000000 +0200 >> @@ -66,7 +72,11 @@ >> >> pkglib_LTLIBRARIES = libdovecot-sql.la >> libdovecot_sql_la_SOURCES = >> -libdovecot_sql_la_LIBADD = libsql.la $(MODULE_LIBS) >> +libdovecot_sql_la_LIBADD = libsql.la $(deplibs) \ >> + $(MYSQL_LIBS) \ >> + $(PGSQL_LIBS) \ >> + $(SQLITE_LIBS) \ >> + $(MODULE_LIBS) >> libdovecot_sql_la_DEPENDENCIES = libsql.la >> libdovecot_sql_la_LDFLAGS = -export-dynamic >> >> Timo, any ideas? > > http://hg.dovecot.org/dovecot-2.1/rev/d2b27eae9221 probably helps? > Looks good now, dependency gone. Thanks to both of you. From lists at wildgooses.com Sat Sep 3 16:03:39 2011 From: lists at wildgooses.com (Ed W) Date: Sat, 03 Sep 2011 14:03:39 +0100 Subject: [Dovecot] Thunderbird caching problem In-Reply-To: <4E5E91F0.3020608@bunbun.be> References: <20110831185948.GG4353@ref.nmedia.net> <4E5E8E8D.3090406@neurotica.com> <20110831194953.GN4353@ref.nmedia.net> <4E5E91F0.3020608@bunbun.be> Message-ID: <4E6225AB.7090407@wildgooses.com> On 31/08/2011 20:56, Nick Rosier wrote: > Chris Cappuccio wrote: >> Dave McGuire [mcguire at neurotica.com] wrote: >> >> Interesting..How do I know that I really should be announcing all of >> these capabilities given my current dovecot version and config? >> >> With the config I posted, here's what I send out now >> >> * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE >> IDLE STARTTLS AUTH=PLAIN AUTH=DIGEST-MD5 AUTH=CRAM-MD5] Blahfart >> > This is before login, you need to verify after login. Dovecot changes > the capabilities it advertises after login. Remove CONDSTORE and > QRESYNC; the CONDSTORE is the one messing it up for you. QRESYNC also > implies CONDSTORE so you need to disable this one as well. > > N. What you are doing is disabling CONDSTORE. You can do this on a machine by machine basis by going into the Thunderbird advanced configuration page and toggling: mail.server.default.use_condstore Note, others have reported NOT having problems when using Cyrus..? For me it happens: - Using the same username to login to the same inboxes from separate machines - Both users behind the same NAT (nat timeouts and missed messages a possibility) - Rarely Possibly: - The user that gets affected has been idle for a while (see NAT idea above) - That user is either viewing the affected folder, or recently viewed the folder. Someone needs to catch this thing in the act and get a network trace so that we can put this thing to bed. It happens so rarely for me (and in such large folders) that it's not practical to get a trace. Also note that for me it's mainly a case that I see messages marked unread, when someone else marked them read. This is often fixed by restarting TB (possibly a clue). I don't think I ever need to force a re-download of all messages? Good luck Ed W From tss at iki.fi Sun Sep 4 18:33:48 2011 From: tss at iki.fi (Timo Sirainen) Date: Sun, 04 Sep 2011 18:33:48 +0300 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <4E609C46.9010306@luigirosa.com> References: <1314869252.27581.9.camel@hurina> (auto-added) <2AAA5E22-01A2-4405-922F-CA904F92EB12@iki.fi> <4E5F96B3.8090709@luigirosa.com> <5EDA8C12-D80B-48CD-B69A-A9969609617E@iki.fi> <4E5F9990.6060806@luigirosa.com> <32D56AC3-9213-4459-A231-3C41C1C2C18D@iki.fi> <4E609C46.9010306@luigirosa.com> Message-ID: <1315150429.21981.0.camel@hurina> On Fri, 2011-09-02 at 11:05 +0200, Luigi Rosa wrote: > Sep 2 11:03:11 mail dovecot: stats: Error: Mail server input error: > UPDATE-SESSION: stats shrank: ucpu 0.5999 < 0.9000 http://hg.dovecot.org/dovecot-2.1/rev/9434093229aa should fix this. From tss at iki.fi Sun Sep 4 18:34:13 2011 From: tss at iki.fi (Timo Sirainen) Date: Sun, 04 Sep 2011 18:34:13 +0300 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: References: <1314869252.27581.9.camel@hurina> <2AAA5E22-01A2-4405-922F-CA904F92EB12@iki.fi> Message-ID: <1315150453.21981.1.camel@hurina> On Thu, 2011-09-01 at 21:09 +0200, Frank Elsner wrote: > But when I stop dovecot I get > > Sep 1 17:08:17 seymour dovecot: master: Warning: Killed with signal 15 (by pid=7896 uid=0 code=kill) > Sep 1 17:08:17 seymour dovecot: anvil: Panic: file master-service.c: line 584 (master_service_client_connection_de > stroyed): assertion failed: (service->total_available_count > 0) http://hg.dovecot.org/dovecot-2.1/rev/66453d942761 should fix this. From tss at iki.fi Sun Sep 4 18:45:49 2011 From: tss at iki.fi (Timo Sirainen) Date: Sun, 04 Sep 2011 18:45:49 +0300 Subject: [Dovecot] Possible signed/unsigned bug in libdovecot-storage (2:2.0.14 ) In-Reply-To: References: <08CD5CF9-B82B-4F16-9729-C522C12BEE34@iki.fi> Message-ID: <1315151149.21981.8.camel@hurina> On Sat, 2011-09-03 at 02:29 -0700, Kui Zhang wrote: > > >> "Message has been copied too many times (32767+1)" > it is mdbox, file size 10M > > I dont know if the message was ever copy that many times. I dont know > any way to tell. I'm pretty sure the message has been copied that many times. Possibly related to some lazy-expunge bug.. You could check this manually by: > I was able to trigger the error message with following. > a uid copy 726974 inbox_2 > First you'll need to find "map_uid" of the message: > map_uid=`doveadm dump ~/mdbox/mailboxes/INBOX/dbox-Mails/|grep -A 10 uid=726974|grep -w map_uid|awk '{print $4}'` Next you can check that the reference count for the message really is 32767: doveadm dump ~/mdbox/storage|grep -A 5 uid=$map_uid | grep -w ref And finally check where that message has actually been copied to: printf '#!/bin/sh\necho $1;doveadm dump $1 | grep "map_uid.*\\b$2\\$" | wc -l\n' > /tmp/find.sh find ~/mdbox -name dbox-Mails -exec /tmp/find.sh {} $map_uid \; From lists at luigirosa.com Sun Sep 4 19:10:48 2011 From: lists at luigirosa.com (Luigi Rosa) Date: Sun, 04 Sep 2011 18:10:48 +0200 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <1315150429.21981.0.camel@hurina> References: <1314869252.27581.9.camel@hurina> (auto-added) <2AAA5E22-01A2-4405-922F-CA904F92EB12@iki.fi> <4E5F96B3.8090709@luigirosa.com> <5EDA8C12-D80B-48CD-B69A-A9969609617E@iki.fi> <4E5F9990.6060806@luigirosa.com> <32D56AC3-9213-4459-A231-3C41C1C2C18D@iki.fi> <4E609C46.9010306@luigirosa.com> <1315150429.21981.0.camel@hurina> Message-ID: <4E63A308.4050900@luigirosa.com> Timo Sirainen said the following on 04/09/11 17:33: >> Sep 2 11:03:11 mail dovecot: stats: Error: Mail server input error: >> UPDATE-SESSION: stats shrank: ucpu 0.5999< 0.9000 > > http://hg.dovecot.org/dovecot-2.1/rev/9434093229aa should fix this. Confirmed! Ciao, luigi -- / +--[Luigi Rosa]-- \ Cheap recursion jokes are my favorite kind of cheap recursion jokes. From tss at iki.fi Sun Sep 4 21:15:04 2011 From: tss at iki.fi (Timo Sirainen) Date: Sun, 04 Sep 2011 21:15:04 +0300 Subject: [Dovecot] v2.1 stats documentation Message-ID: <1315160105.21981.34.camel@hurina> http://wiki2.dovecot.org/Statistics From kyle at averageurl.com Sun Sep 4 22:10:02 2011 From: kyle at averageurl.com (Kyle Brantley) Date: Sun, 04 Sep 2011 13:10:02 -0600 Subject: [Dovecot] Quotas not recalculating Message-ID: <4E63CD0A.50500@averageurl.com> Hello all -- I have an interesting issue, where the quotas are refusing the recalculate for anyone on my server. # doveadm quota get -u kyle at averageurl.com Quota name Type Value Limit % storage=540672 STORAGE 0 - 0 storage=540672 MESSAGE 0 - 0 # doveadm quota recalc -u kyle at averageurl.com # doveadm quota get -u kyle at averageurl.com Quota name Type Value Limit % storage=540672 STORAGE 0 - 0 storage=540672 MESSAGE 0 - 0 # du -sh /var/mail/vhosts/averageurl.com/kyle 512M /var/mail/vhosts/averageurl.com/kyle The IMAP client (Thunderbird) state that the user has no quotas in place at all. Now, if I copy the maildirsize file from another user to this user account, the quotas display in the IMAP client. At this point, however, trying to recalc the quota does nothing. Any help with this would be appreciated, config below... --Kyle # doveconf -n # 2.0.beta6 (3156315704ef): /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-71.29.1.el6.x86_64 x86_64 CentOS Linux release 6.0 (Final) ext4 auth_gssapi_hostname = imap.mail.averageurl.com auth_krb5_keytab = /etc/dovecot/krb5.keytab auth_mechanisms = plain login gssapi digest-md5 cram-md5 first_valid_uid = 502 last_valid_uid = 502 mail_debug = yes mail_location = maildir:/var/mail/vhosts/%d/%n mail_plugins = $mail_plugins quota mbox_write_locks = fcntl passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { quota = maildir:Quota sieve = /var/mail/vhosts/%d/%n/.sieve sieve_dir = /var/mail/vhosts/%d/%n/sieve/ } protocols = imap lmtp sieve service auth { unix_listener auth-userdb { group = mailstore mode = 0660 } } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } } service imap { process_limit = 128 } service lmtp { unix_listener lmtp { mode = 0666 } } service managesieve-login { inet_listener sieve { port = 4190 } process_min_avail = 0 service_count = 1 } ssl_ca = password= dbname= user_query = SELECT 502 AS uid, 502 AS gid, "/var/mail/vhosts/%d/%n" AS home, concat("maildir:storage=", floor(m.quota/1024)) AS quota FROM vmailboxes m, vhosts h WHERE `m`.`username` = '%n' AND `m`.`domain` = `h`.`UUID` AND `h`.`vhost` = '%d' default_pass_scheme = PLAIN password_query = SELECT aes_decrypt(`m`.`password`, ) AS password FROM vmailboxes m, vhosts h WHERE `m`.`username` = '%n' AND `m`.`domain` = `h`.`UUID` AND `h`.`vhost` = '%d' From kyle at averageurl.com Mon Sep 5 04:28:21 2011 From: kyle at averageurl.com (Kyle Brantley) Date: Sun, 04 Sep 2011 19:28:21 -0600 Subject: [Dovecot] Quotas not recalculating In-Reply-To: <4E63CD0A.50500@averageurl.com> References: <4E63CD0A.50500@averageurl.com> Message-ID: <4E6425B5.3080305@averageurl.com> On 9/4/2011 1:10 PM, Kyle Brantley wrote: > Hello all -- > > I have an interesting issue, where the quotas are refusing the > recalculate for anyone on my server. > > # doveadm quota get -u kyle at averageurl.com > Quota name Type Value Limit % > storage=540672 STORAGE 0 - 0 > storage=540672 MESSAGE 0 - 0 > # doveadm quota recalc -u kyle at averageurl.com > # doveadm quota get -u kyle at averageurl.com > Quota name Type Value Limit % > storage=540672 STORAGE 0 - 0 > storage=540672 MESSAGE 0 - 0 > # du -sh /var/mail/vhosts/averageurl.com/kyle > 512M /var/mail/vhosts/averageurl.com/kyle > > The IMAP client (Thunderbird) state that the user has no quotas in > place at all. Now, if I copy the maildirsize file from another user to > this user account, the quotas display in the IMAP client. At this > point, however, trying to recalc the quota does nothing. > > Any help with this would be appreciated, config below... > > --Kyle > > > Okay, something else isn't cooperating with this at all. I reconfigured it to use dirsize just to test (quota = dirsize:User quota in 90-quota.conf instead of quota = maildir:User quota), and it is still trying to use maildir quotas: Sep 5 01:24:22 serenity dovecot: imap(kyle at averageurl.com): Debug: Effective uid=502, gid=502, home=/var/mail/vhosts/averageurl.com/kyle Sep 5 01:24:22 serenity dovecot: imap(kyle at averageurl.com): Debug: Quota root: name=storage=540672 backend=maildir args= Relevant `postconf -n` changes: plugin { quota = dirsize:User quota sieve = /var/mail/vhosts/%d/%n/.sieve sieve_dir = /var/mail/vhosts/%d/%n/sieve/ } Any ideas what is going on would be great. --Kyle From tss at iki.fi Mon Sep 5 08:39:39 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 5 Sep 2011 08:39:39 +0300 Subject: [Dovecot] Quotas not recalculating In-Reply-To: <4E6425B5.3080305@averageurl.com> References: <4E63CD0A.50500@averageurl.com> <4E6425B5.3080305@averageurl.com> Message-ID: <19DE1FB3-E4F7-44B2-AD44-B5AFD7E813E2@iki.fi> On 5.9.2011, at 4.28, Kyle Brantley wrote: > Okay, something else isn't cooperating with this at all. I reconfigured it to use dirsize just to test (quota = dirsize:User quota in 90-quota.conf instead of quota = maildir:User quota), and it is still trying to use maildir quotas: Your user_query in dovecot-sql.conf overrides the quota setting. From aydin.demirel at endersys.com Mon Sep 5 09:42:46 2011 From: aydin.demirel at endersys.com (=?UTF-8?B?QXlkxLFuIERlbWlyZWw=?=) Date: Mon, 05 Sep 2011 09:42:46 +0300 Subject: [Dovecot] Trash Plugin In-Reply-To: <1313355199.10421.1288.camel@hurina> References: <1313355199.10421.1288.camel@hurina> Message-ID: <4E646F66.3080207@endersys.com> Hi; Sorry for delay; if both qmail quota settings are enabled, and storage is enabled in the dovecot config; Which will be active? ie, both the user quotas will be different Regards.. On Tue, 2011-08-09 at 14:34 +0300, Ayd?n Demirel wrote: > Hi; > > I have a question about trash plugin. I added following lines into > dovecot.conf: > > quota_rule = *:storage=2048000 > quota_rule2 = Trash:storage=1MB > quota_rule3 = SPAM:ignore That looks like simply a quota plugin setting. You haven't shown anything settings about trash plugin. Which one do you really mean? > When I set *:storage line as default quota_rule , There is no problem.. > > But when I removed this line and set Trash:storage as default > quota_rule, plugin is not working.. > > That I said, Do I have to add *:storage line as first default line in > config line? You need a *:storage rule in any case. I don't know what you'd want to happen if it didn't exist. -- *Ayd?n Demirel Endersys Ltd. Sistem Destek M?hendisi/ System Support Engineer* * *<> Phone : +90 216 470 9423 | GSM : +90 530 401 8203 Fax : +90 216 470 9508 | Web : http://www.endersys.com Blog : http://blog.endersys.com Twitter : http://www.twitter.com/endersys LPI : The #1 Linux Certification for IT Professionals LPI (Linux Professional Institute) Turkey http://www.lpi-turkey.com From janfrode at tanso.net Mon Sep 5 12:05:41 2011 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Mon, 5 Sep 2011 11:05:41 +0200 Subject: [Dovecot] limit number of simultaneous lmtp deliveries ? Message-ID: <20110905090541.GA8709@oc1046828364.ibm.com> We have quite a few frontend mail gateways that deliver incoming email trough our dovecot director (lmtp proxy) to the backend lmtp servers, and are seeing this logged on the frontend mail gateways: Sep 5 10:51:56 mailgw1 postfix/lmtp[23443]: 0E2F41C01A: to=, relay=loadbalancers.example.com[192.168.42.15]:24, delay=61, delays=0.02/0.3/31/30, dsn=4.4.0, status=deferred (host loadbalancers.example.com[192.168.42.15] said: 451 4.4.0 Remote server not answering (DATA output timeout) (in reply to end of DATA command)) It's a bit unclear to me if this leads to duplicate deliveries, or just delayed deliveries, but -- is there any way to limit the number of simultanous deliveries on either the dovecot director or the backend lmtp-servers ? Will "process_limit=10" work for "service lmtp"? -jf From stsiol at yahoo.co.uk Mon Sep 5 12:37:13 2011 From: stsiol at yahoo.co.uk (Spyros Tsiolis) Date: Mon, 5 Sep 2011 10:37:13 +0100 (BST) Subject: [Dovecot] User tries to move folder, then looses it Message-ID: <1315215433.4874.YahooMailNeo@web27202.mail.ukl.yahoo.com> Hello, Well, this is kind of difficult to explain. I have this user that keeps making mistakes on his pc and sometimes I don't know if I should believe her or not. Anywhoo, this time round, she managed to loose? a whole folder on Thunderbird. She claims she tried to move the folder from a tree directory structure (see : sub-sub-folder) she created for herself to another place underneath "root". Additionaly, she managed to mangle things up since she used on TB characters like "/"? "\" and "&" . So thunderbird refuses to access those sub-folders on the folder tree and I cannot rename them (in order to have later access). Here's dovecot info : -------------------------------------------------------------------------- # 1.2.16: /etc/dovecot/dovecot.conf # OS: Linux 2.6.18-194.17.4.el5 i686 CentOS release 5.5 (Final) ext3 base_dir: /var/run/dovecot/ log_path: /var/log/dovecot/dovecot.log info_log_path: /var/log/dovecot/dovecot-info.log ssl_parameters_regenerate: 48 verbose_ssl: yes login_dir: /var/run/dovecot//login login_executable: /usr/local/dovecot/libexec/dovecot/imap-login login_greeting: * Dovecot ready * login_max_processes_count: 64 mail_location: maildir:/var/MailRoot/domains/%d/%n/Maildir mail_plugins: zlib auth default: ? verbose: yes ? debug: yes ? debug_passwords: yes ? passdb: ??? driver: passwd-file ??? args: /etc/dovecot/passwd ? passdb: ??? driver: pam ? userdb: ??? driver: static ??? args: uid=vmail gid=vmail home=/home/vmail/%u ? userdb: ??? driver: passwd -------------------------------------------------------------------------- TIA, s. ? ---- "I merely function as a channel that filters music through the chaos of noise" - Vangelis From kuizhang at gmail.com Mon Sep 5 13:11:48 2011 From: kuizhang at gmail.com (Kui Zhang) Date: Mon, 5 Sep 2011 03:11:48 -0700 Subject: [Dovecot] Possible signed/unsigned bug in libdovecot-storage (2:2.0.14 ) In-Reply-To: <1315151149.21981.8.camel@hurina> References: <08CD5CF9-B82B-4F16-9729-C522C12BEE34@iki.fi> <1315151149.21981.8.camel@hurina> Message-ID: On Sun, Sep 4, 2011 at 8:45 AM, Timo Sirainen wrote: > On Sat, 2011-09-03 at 02:29 -0700, Kui Zhang wrote: >> > >> "Message has been copied too many times (32767+1)" >> it is mdbox, file size 10M >> >> I dont know if the message was ever copy that many times. I dont know >> any way to tell. > > I'm pretty sure the message has been copied that many times. Possibly > related to some lazy-expunge bug.. You could check this manually by: > >> I was able to trigger the error message with following. >> a uid copy 726974 inbox_2 >> > First you'll need to find "map_uid" of the message: >> > map_uid=`doveadm dump ~/mdbox/mailboxes/INBOX/dbox-Mails/|grep -A 10 uid=726974|grep -w map_uid|awk '{print $4}'` > > Next you can check that the reference count for the message really is > 32767: > The ref counter was 32767. > doveadm dump ~/mdbox/storage|grep -A 5 uid=$map_uid | grep -w ref > > And finally check where that message has actually been copied to: > > printf '#!/bin/sh\necho $1;doveadm dump $1 | grep "map_uid.*\\b$2\\$" | wc -l\n' > /tmp/find.sh > find ~/mdbox -name dbox-Mails -exec /tmp/find.sh {} $map_uid \; > > The message was copied to a secondary folder. The action match one of the client side filter rules. I found 3k other messages with same problem. They all have delete flag. I upgraded dovecot the night before. I seen plugin errors during upgrade, in the pass. Do you think client made multiple copies during plugin upgrade? I will turn on debug logging for next upgrade. What else can I do, in order to track down the problem? thanks KuiZ > From tss at iki.fi Mon Sep 5 13:17:38 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 5 Sep 2011 13:17:38 +0300 Subject: [Dovecot] Possible signed/unsigned bug in libdovecot-storage (2:2.0.14 ) In-Reply-To: References: <08CD5CF9-B82B-4F16-9729-C522C12BEE34@iki.fi> <1315151149.21981.8.camel@hurina> Message-ID: <5EC91BA7-262C-4EFB-A91E-C3C03E37645C@iki.fi> On 5.9.2011, at 13.11, Kui Zhang wrote: >> First you'll need to find "map_uid" of the message: >>> >> map_uid=`doveadm dump ~/mdbox/mailboxes/INBOX/dbox-Mails/|grep -A 10 uid=726974|grep -w map_uid|awk '{print $4}'` >> >> Next you can check that the reference count for the message really is >> 32767: > > The ref counter was 32767. Well, see what happens if you try to rebuild the dbox indexes. Does the counter shrink or is it the same? If it stays the same, the message was actually copied 32767 times somewhere.. doveadm force-resync -u user at domain INBOX > I upgraded dovecot the night before. I seen plugin errors during > upgrade, in the pass. Do you think client made multiple copies during > plugin upgrade? I will turn on debug logging for next upgrade. Having 32767 copies of the message is a bit strange. Debug logging won't show anything, but you could enable mail_log plugin and it'll log about each copy operation. From Frank.Elsner at Spamfence.NET Mon Sep 5 14:53:55 2011 From: Frank.Elsner at Spamfence.NET (Frank Elsner) Date: Mon, 5 Sep 2011 13:53:55 +0200 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <1315150453.21981.1.camel@hurina> References: <1314869252.27581.9.camel@hurina> <2AAA5E22-01A2-4405-922F-CA904F92EB12@iki.fi> <1315150453.21981.1.camel@hurina> Message-ID: (auto-added) On Sun, 04 Sep 2011 18:34:13 +0300 Timo Sirainen wrote: > On Thu, 2011-09-01 at 21:09 +0200, Frank Elsner wrote: > > But when I stop dovecot I get > > > > Sep 1 17:08:17 seymour dovecot: master: Warning: Killed with signal 15 (by pid=7896 uid=0 code=kill) > > Sep 1 17:08:17 seymour dovecot: anvil: Panic: file master-service.c: line 584 (master_service_client_connection_de > > stroyed): assertion failed: (service->total_available_count > 0) > > http://hg.dovecot.org/dovecot-2.1/rev/66453d942761 should fix this. Works. --Frank Elsner From Lutz.Pressler at SerNet.DE Mon Sep 5 17:00:00 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Mon, 5 Sep 2011 16:00:00 +0200 Subject: [Dovecot] 2.1.alpha1: SIGSEGV on EXPUNGE Message-ID: Hi, I upgraded my test installation from Debian lenny with latest 2.0.14 auto builds to squeeze with v2.1.alpha1 (amd64) auto builds. (From /var/log/mail.log: Sep 5 12:34:45 pressler dovecot: master: Dovecot v2.1.alpha1 starting up (core dumps disabled) No hg hash tag in log output anymore?) Now the imap processes segfault on every EXPUNGE command: Excerpt from telnet session: 0 store 1585:1585 flags \Deleted * 1585 FETCH (FLAGS (\Deleted)) 0 OK Store completed. 0 expunge Log output: Sep 5 15:40:59 pressler dovecot: imap(2580, lpmail): delete: box=INBOX, uid=34722, msgid=, size=1980, vsize=2031, from=Lutz Pressler , flags=(\Deleted) Sep 5 15:41:22 pressler dovecot: imap(2580, lpmail): expunge: box=INBOX, uid=34722, msgid=, size=1980, vsize=2031, from=Lutz Pressler , flags=(\Deleted) Sep 5 15:41:22 pressler dovecot: master: Error: service(imap): child 2580 killed with signal 11 (core dumps disabled) Also happens with mail_log plugin disabled. Any idea? Configuration on request (or tests with core dumps enabled). Regards, Lutz -- Lutz Pre?ler http://www.SerNet.DE/ SerNet Service Network GmbH, Bahnhofsallee 1b, D-37081 G?ttingen Tel.: +49-551-370000-2, FAX: +49-551-370000-9 AG G?ttingen, HRB 2816, GF: Dr. Johannes Loxen From tss at iki.fi Mon Sep 5 19:40:51 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 5 Sep 2011 19:40:51 +0300 Subject: [Dovecot] 2.1.alpha1: SIGSEGV on EXPUNGE In-Reply-To: References: Message-ID: <1BA84716-C1F5-4DA0-9E84-362983665865@iki.fi> On 5.9.2011, at 17.00, Lutz Pre?ler wrote: > (From /var/log/mail.log: > Sep 5 12:34:45 pressler dovecot: master: Dovecot v2.1.alpha1 starting up (core dumps disabled) > No hg hash tag in log output anymore?) You have exactly the alpha1 version without any further commits. > Sep 5 15:41:22 pressler dovecot: master: Error: service(imap): child 2580 killed with signal 11 (core dumps disabled) > > Any idea? Configuration on request (or tests with core dumps enabled). gdb backtrace is always very helpful in figuring out crashes. http://dovecot.org/bugreport.html From tss at iki.fi Mon Sep 5 19:50:20 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 05 Sep 2011 19:50:20 +0300 Subject: [Dovecot] limit number of simultaneous lmtp deliveries ? In-Reply-To: <20110905090541.GA8709@oc1046828364.ibm.com> References: <20110905090541.GA8709@oc1046828364.ibm.com> Message-ID: <1315241421.21981.57.camel@hurina> On Mon, 2011-09-05 at 11:05 +0200, Jan-Frode Myklebust wrote: > We have quite a few frontend mail gateways that deliver incoming > email trough our dovecot director (lmtp proxy) to the backend lmtp > servers, and are seeing this logged on the frontend mail gateways: > > Sep 5 10:51:56 mailgw1 postfix/lmtp[23443]: 0E2F41C01A: to=, relay=loadbalancers.example.com[192.168.42.15]:24, delay=61, delays=0.02/0.3/31/30, dsn=4.4.0, status=deferred (host loadbalancers.example.com[192.168.42.15] said: 451 4.4.0 Remote server not answering (DATA output timeout) (in reply to end of DATA command)) > > It's a bit unclear to me if this leads to duplicate deliveries, or just > delayed deliveries, Possibly randomly either one. I'll need to start looking into these LMTP proxy bugs some day.. Although for 2.0.14 I improved the error messages a little. Is this from 2.0.14 or earlier? > but -- is there any way to limit the number of > simultanous deliveries on either the dovecot director or the backend > lmtp-servers ? > > Will "process_limit=10" work for "service lmtp"? It'll work for both directory and backend, yes. Although each lmtp process can also handle multiple clients. So you might also want to set client_limit=1. Actually that could be a good idea to try in any case to see if it helps with these problems. From knute2011 at knutejohnson.com Mon Sep 5 20:52:20 2011 From: knute2011 at knutejohnson.com (Knute Johnson) Date: Mon, 05 Sep 2011 10:52:20 -0700 Subject: [Dovecot] Mail files? Message-ID: <4E650C54.4030309@knutejohnson.com> I have a Ubuntu server running dovecot 1.2.9 with mail in mbox. There are mail files in /var/mail/user and there are mail files in /home/user/mail that correspond to the IMAP folders. In the config file details below it shows mail_location: mbox:~/mail:INBOX=/var/mail/%u, does that put the INBOX in /var/mail? Is INBOX in /var/mail/user to allow local delivery or something? If I was using POP3 instead would all the mail be in the INBOX? Can I backup these files by just copying and if a file is destroyed, copy them back? # 1.2.9: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-33-generic i686 Ubuntu 10.04.3 LTS log_timestamp: %Y-%m-%d %H:%M:%S protocols: imaps ssl_cert_file: /etc/ssl/certs/ssl-cert-snakeoil.pem ssl_key_file: /etc/ssl/private/ssl-cert-snakeoil.key login_dir: /var/run/dovecot/login login_executable: /usr/lib/dovecot/imap-login mail_max_userip_connections: 16 mail_privileged_group: mail mail_location: mbox:~/mail:INBOX=/var/mail/%u mbox_write_locks: fcntl dotlock imap_capability: IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS auth default: passdb: driver: pam userdb: driver: passwd Thanks, -- Knute Johnson knute2011 at knutejohnson.com From jc at info-systems.de Mon Sep 5 20:59:53 2011 From: jc at info-systems.de (Jakob Curdes) Date: Mon, 05 Sep 2011 19:59:53 +0200 Subject: [Dovecot] Mail files? In-Reply-To: <4E650C54.4030309@knutejohnson.com> References: <4E650C54.4030309@knutejohnson.com> Message-ID: <4E650E19.3070400@info-systems.de> Am 05.09.2011 19:52, schrieb Knute Johnson: > I have a Ubuntu server running dovecot 1.2.9 with mail in mbox. There > are mail files in /var/mail/user and there are mail files in > /home/user/mail that correspond to the IMAP folders. In the config > file details below it shows mail_location: > mbox:~/mail:INBOX=/var/mail/%u, does that put the INBOX in /var/mail? yes. > Is INBOX in /var/mail/user to allow local delivery or something? If > I was using POP3 instead would all the mail be in the INBOX? .. or on your local PC. If you do not want the /var/mail delivery, why not just change the mail_location to point to the home dir only? > > Can I backup these files by just copying and if a file is destroyed, > copy them back? Yes, as they are plain mbox format. cheers jc > > # 1.2.9: /etc/dovecot/dovecot.conf > # OS: Linux 2.6.32-33-generic i686 Ubuntu 10.04.3 LTS > log_timestamp: %Y-%m-%d %H:%M:%S > protocols: imaps > ssl_cert_file: /etc/ssl/certs/ssl-cert-snakeoil.pem > ssl_key_file: /etc/ssl/private/ssl-cert-snakeoil.key > login_dir: /var/run/dovecot/login > login_executable: /usr/lib/dovecot/imap-login > mail_max_userip_connections: 16 > mail_privileged_group: mail > mail_location: mbox:~/mail:INBOX=/var/mail/%u > mbox_write_locks: fcntl dotlock > imap_capability: IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE > IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND > UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 ESEARCH > ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS > auth default: > passdb: > driver: pam > userdb: > driver: passwd > > Thanks, > From dovecot at knutejohnson.com Mon Sep 5 23:21:11 2011 From: dovecot at knutejohnson.com (Knute Johnson) Date: Mon, 05 Sep 2011 13:21:11 -0700 Subject: [Dovecot] Mail files? In-Reply-To: <4E650E19.3070400@info-systems.de> References: <4E650C54.4030309@knutejohnson.com> <4E650E19.3070400@info-systems.de> Message-ID: <4E652F37.3080108@knutejohnson.com> On 9/5/2011 10:59 AM, Jakob Curdes wrote: >> Is INBOX in /var/mail/user to allow local delivery or something? If I >> was using POP3 instead would all the mail be in the INBOX? > .. or on your local PC. If you do not want the /var/mail delivery, why > not just change the mail_location to point to the home dir only? I would also have to change where the program that sendmail uses to deliver mail delivers the mail, correct? Thanks very much, -- Knute Johnson From jc at info-systems.de Mon Sep 5 23:31:45 2011 From: jc at info-systems.de (Jakob Curdes) Date: Mon, 05 Sep 2011 22:31:45 +0200 Subject: [Dovecot] Mail files? In-Reply-To: <4E652F37.3080108@knutejohnson.com> References: <4E650C54.4030309@knutejohnson.com><4E650E19.3070400@info-systems.de> <4E652F37.3080108@knutejohnson.com> Message-ID: <4E6531B1.1000009@info-systems.de> .. or on your local PC. If you do not want the /var/mail delivery, why >> not just change the mail_location to point to the home dir only? > > I would also have to change where the program that sendmail uses to > deliver mail delivers the mail, correct? Yes, often this is procmail. You can set this in the respective config file with MAILDIR=$HOME Attention: "Maildir" here just is the mailbox location, procmail assumes the mbox format by default. If you actually use the "Maildir" _/format/_, you must specify MAILDIR=$HOME/ HTH, Jakob Curdes From dovecot at knutejohnson.com Mon Sep 5 23:59:44 2011 From: dovecot at knutejohnson.com (Knute Johnson) Date: Mon, 05 Sep 2011 13:59:44 -0700 Subject: [Dovecot] Mail files? In-Reply-To: <4E6531B1.1000009@info-systems.de> References: <4E650C54.4030309@knutejohnson.com><4E650E19.3070400@info-systems.de> <4E652F37.3080108@knutejohnson.com> <4E6531B1.1000009@info-systems.de> Message-ID: <4E653840.6040407@knutejohnson.com> On 9/5/2011 1:31 PM, Jakob Curdes wrote: > .. or on your local PC. If you do not want the /var/mail delivery, why >>> not just change the mail_location to point to the home dir only? >> >> I would also have to change where the program that sendmail uses to >> deliver mail delivers the mail, correct? > Yes, often this is procmail. > > You can set this in the respective config file with > > MAILDIR=$HOME > > Attention: "Maildir" here just is the mailbox location, procmail assumes > the mbox format by default. If you actually use the "Maildir" _/format/_, > you must specify > > MAILDIR=$HOME/ > > > > HTH, > Jakob Curdes > > Thanks very much Jakob. I'm still trying to figure out what program is actually doing the local delivery. I'll post results when I figure that one out. Thanks again, -- Knute Johnson From compconsultant at yahoo.com Tue Sep 6 08:25:43 2011 From: compconsultant at yahoo.com (Steve Fatula) Date: Mon, 5 Sep 2011 22:25:43 -0700 (PDT) Subject: [Dovecot] Extdata plugin, MySQL Message-ID: <1315286743.6198.YahooMailNeo@web39413.mail.mud.yahoo.com> Does someone have an example of configuring the Pigeonhole Sieve Extdata plugin with MySQL dict? Particularly, the map and what key might be used in this? The doc in the wiki isn;t clear at all to me when one wants to use MySQL store. The file in the doc folder of the mercurial repository is basically what I want to do, in that RFC, it's bascially looking for a discard_spam setting, I presume by user whose Sieve script is running. So, what would the sql mapping file look like? What lookup key is used? I can't really find any map documentation for the syntax, can a special key be used, perhaps, I need to append a value to the user if that is the key? Can this data be accessed via the dictionary proxy to make access more efficient? While I don't want to discard spam based on the setting in the database, I DO want to not move to the spam folder based on a setting stored in an existing MySQL database. So, very similar idea. I want to use an existing database, but, the key is username + a certain constant value for another field. Am hoping this can be mapped as well. ? Steve From listas.correo at yahoo.es Tue Sep 6 14:27:36 2011 From: listas.correo at yahoo.es (mailing lists) Date: Tue, 6 Sep 2011 12:27:36 +0100 (BST) Subject: [Dovecot] Shared Mailboxes with VirtualUsers and mail_location retrieved from ldap Message-ID: <1315308456.64827.YahooMailNeo@web29115.mail.ird.yahoo.com> Hello, I spend a couple of days configurating a new installation of dovecot 2.0.14 with virtual accounts and NFS storage for maildir home/mail directories. At this point I need shared mailboxes but since user mail/home locations are ldap attributes, how is it supposed I must configure this for shared mailboxes? for the users' mail/home directories I set this line: user_attrs = mailbox=mail=maildir:/var/maildir/%$,homeFilter=home creating a namespace like the below one for shared mbx throw a lot of errors: namespace { ? type = shared ? separator = / ? prefix = shared/%%u/ ? subscriptions = no ? list = children ? #location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u ? location = mailbox=mail=maildir:/var/maildir/%$ } I would like to hear if anyone has this configuration running. Thank you. ???? /--------------/ uris = ldap://ldap.example.com dn = cn=user,ou=People,dc=example,dc=com dnpass = secret sasl_bind = no tls = no auth_bind = yes ldap_version = 3 base = dc=example,dc=com deref = never scope = subtree user_attrs = mailbox=mail=maildir:/var/maildir/%$,homeFilter=home user_filter = (&(objectClass=CourierMailAccount)(uid=%u)) pass_filter = (&(objectClass=CourierMailAccount)(uid=%u)) # dovecot -n # 2.0.14: /etc/dovecot/dovecot.conf # OS: Linux 2.6.34.7-0.7-xen x86_64 openSUSE 11.3 (x86_64) auth_debug = yes auth_debug_passwords = yes auth_verbose = yes auth_verbose_passwords = plain base_dir = /var/run/dovecot/ disable_plaintext_auth = no mail_debug = yes mail_fsync = always mail_gid = 5000 mail_nfs_index = yes mail_nfs_storage = yes mail_plugins = acl mail_uid = 5000 managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date mmap_disable = yes namespace { ? list = children ? location = mailbox=mail=maildir:/var/maildir/%$ ? prefix = shared/%%u/ ? separator = / ? subscriptions = no ? type = shared } namespace { ? inbox = yes ? location = ? prefix = INBOX. ? separator = . } passdb { ? args = /etc/dovecot/dovecot-ldap.conf.ext ? driver = ldap } plugin { ? acl = vfile ? sieve = ~/.dovecot.sieve ? sieve_dir = ~/sieve } protocols = imap ssl = no userdb { ? args = /etc/dovecot/dovecot-ldap.conf.ext ? driver = ldap } verbose_proctitle = yes protocol imap { ? mail_max_userip_connections = 100 ? mail_plugins = acl imap_acl autocreate } From pit11 at ukr.net Tue Sep 6 15:11:53 2011 From: pit11 at ukr.net (Peter Ignatov) Date: Tue, 6 Sep 2011 15:11:53 +0300 Subject: [Dovecot] Quota fs (ignore mount) Message-ID: Hi, I set "quota: fs:INBOX:noenforcing:mount=/var/spool/mail", but receive: "fs quota add storage dir = /home/pit/mail"... Why ? In fstab: /dev/mapper/mpath1p1 /var/spool/mail ext2 usrquota 0 0 In dovecot.log: Sep 06 15:02:00 pop3-login: Info: Login: user=, method=PLAIN, rip=192.168.3.10, lip=192.168.6.3, TLS Sep 06 15:02:00 POP3(pit): Info: Loading modules from directory: /usr/lib64/dovecot/pop3 Sep 06 15:02:00 POP3(pit): Info: Module loaded: /usr/lib64/dovecot/pop3/lib10_quota_plugin.so Sep 06 15:02:00 POP3(pit): Info: Effective uid=500, gid=500, home=/home/pit Sep 06 15:02:00 POP3(pit): Info: Quota root: name=INBOX backend=fs args=noenforcing:mount=/var/spool/mail Sep 06 15:02:00 POP3(pit): Info: Quota rule: root=INBOX mailbox=* bytes=10485760 messages=0 Sep 06 15:02:00 POP3(pit): Info: Quota warning: bytes=9961472 (95%) messages=0 command=/usr/local/bin/quota-warning.sh 95 Sep 06 15:02:00 POP3(pit): Info: mbox: data=~/mail:INBOX=/var/spool/mail/pit Sep 06 15:02:00 POP3(pit): Info: fs: root=/home/pit/mail, index=, control=, inbox=/var/spool/mail/pit Sep 06 15:02:00 POP3(pit): Info: fs quota add storage dir = /home/pit/mail Sep 06 15:02:00 POP3(pit): Info: fs quota block device = /dev/cciss/c0d0p3 Sep 06 15:02:00 POP3(pit): Info: fs quota mount point = / Sep 06 15:02:00 POP3(pit): Info: fs quota mount type = ext3 Sep 06 15:02:01 POP3(pit): Info: Disconnected: Logged out top=0/0, retr=0/0, del=0/2, size=1249 dovecot --version 1.2.17 dovecot -n # 1.2.17: /etc/dovecot.conf # OS: Linux 2.6.18-274.el5.asp121 x86_64 Red Hat Enterprise Linux Server release 5.6 (Tikanga) log_path: /var/log/dovecot.log protocols: pop3 pop3s listen: * login_dir: /var/run/dovecot/login login_executable: /usr/libexec/dovecot/pop3-login verbose_proctitle: yes mail_location: mbox:~/mail:INBOX=/var/spool/mail/%u mail_debug: yes mail_executable: /usr/libexec/dovecot/pop3 mail_plugins: quota mail_plugin_dir: /usr/lib64/dovecot/pop3 auth default: passdb: driver: pam userdb: driver: passwd plugin: quota: fs:INBOX:noenforcing:mount=/var/spool/mail quota_rule: *:storage=10240 quota_warning: storage=95%% /usr/local/bin/quota-warning.sh 95 From tom at whyscream.net Tue Sep 6 22:11:49 2011 From: tom at whyscream.net (Tom Hendrikx) Date: Tue, 06 Sep 2011 21:11:49 +0200 Subject: [Dovecot] Sieve "header :value" test does not work Message-ID: <4E667075.1080003@whyscream.net> hi, After following some examples and searching for sieve samples in this ml history, I'm quite sure that the following sieve snippet should give no surprises: if header :value "ge" :comparator "i;ascii-numeric" "X-Header-Name" "0.99" { /* do something */ } However the Pigeonhole Sieve 0.2.3 on dovecot 2.0.14 gives me following error: test: line 3: error: unknown tagged argument ':value' for the header test (reported only once at first occurence). test: error: validation failed. What obvious mistake am I failing to see here? -- Tom From tom at whyscream.net Tue Sep 6 22:21:57 2011 From: tom at whyscream.net (Tom Hendrikx) Date: Tue, 06 Sep 2011 21:21:57 +0200 Subject: [Dovecot] Sieve "header :value" test does not work In-Reply-To: <4E667075.1080003@whyscream.net> References: <4E667075.1080003@whyscream.net> Message-ID: <4E6672D5.6020506@whyscream.net> On 06/09/11 21:11, Tom Hendrikx wrote: > hi, > > After following some examples and searching for sieve samples in this ml > history, I'm quite sure that the following sieve snippet should give no > surprises: > > if header :value "ge" :comparator "i;ascii-numeric" "X-Header-Name" > "0.99" { /* do something */ } > > However the Pigeonhole Sieve 0.2.3 on dovecot 2.0.14 gives me following > error: > > test: line 3: error: unknown tagged argument ':value' for the header > test (reported only once at first occurence). > test: error: validation failed. > > What obvious mistake am I failing to see here? > To answer my own question (which was found by grepping through /usr/share/doc/dovecot-2.0.14/sieve/rfc/*bz2): including the "relational" extension in the "require" statement adds support for this test. Sorry for the noise :/ -- Tom From hoogendyk at bio.umass.edu Tue Sep 6 22:35:28 2011 From: hoogendyk at bio.umass.edu (Chris Hoogendyk) Date: Tue, 06 Sep 2011 15:35:28 -0400 Subject: [Dovecot] error in logs, but system appears to work Message-ID: <4E667600.1090400@bio.umass.edu> I'm bringing up a system with dovecot that has been running for years with uw-imap. In making the switch, I put a tail on the log file, made the switch, and sent a test mail and received it. I was able to receive mail with no apparent difficulties, but the log file was disconcerting. A number of users connected during the few minutes I had it running, and for each of them there was an error, e.g., "chown ~user/mail/.imap/INBOX failed: Operation not permitted" and "mkdir ~user/mail/.imap/INBOX failed: not owner". But those directories and files appeared to have been made. The first of those errors finishes with "group based on /var/mail/user". That makes no sense. I'm hoping someone can give me an idea what might cause this. Here are the log entries in debug mode and the directories for one such user: Sep 2 17:31:33 eclogite dovecot: [ID 583609 local2.info] auth(default): new auth connection: pid=7248 Sep 2 17:31:43 eclogite dovecot: [ID 583609 local2.info] auth(default): client in: AUTH 1 PLAIN service=pop3 secured lip=128.119.45.20 rip=128.119.45.9 lport=995 rport=53865 resp=AGVicmFkbGV5AFJvd2luZzEzKg== Sep 2 17:31:43 eclogite dovecot: [ID 583609 local2.info] auth(default): shadow(ebradley,128.119.45.9): lookup Sep 2 17:31:43 eclogite dovecot: [ID 583609 local2.info] auth(default): client out: OK 1 user=ebradley Sep 2 17:31:43 eclogite dovecot: [ID 583609 local2.info] auth(default): master in: REQUEST 37 7248 1 Sep 2 17:31:43 eclogite dovecot: [ID 583609 local2.info] auth(default): passwd(ebradley,128.119.45.9): lookup Sep 2 17:31:43 eclogite dovecot: [ID 583609 local2.info] auth(default): master out: USER 37 ebradley system_groups_user=ebradley uid=6633 gid=100 home=/u1/home/grad/ebradley Sep 2 17:31:43 eclogite dovecot: [ID 583609 local2.info] POP3(ebradley): Effective uid=6633, gid=100, home=/u1/home/grad/ebradley Sep 2 17:31:43 eclogite dovecot: [ID 583609 local2.info] POP3(ebradley): mbox: data=~/mail:INBOX=/var/mail/ebradley Sep 2 17:31:43 eclogite dovecot: [ID 583609 local2.info] POP3(ebradley): fs: root=/u1/home/grad/ebradley/mail, index=, control=, inbox=/var/mail/ebradley Sep 2 17:31:43 eclogite dovecot: [ID 583609 local2.info] POP3(ebradley): Namespace : Using permissions from /u1/home/grad/ebradley/mail: mode=0700 gid=-1 Sep 2 17:31:43 eclogite dovecot: [ID 583609 local2.error] POP3(ebradley): chown(/u1/home/grad/ebradley/mail/.imap/INBOX, -1, 6(mail)) failed: Operation not permitted (egid=100(geolgrad), group based on /var/mail/ebradley) Sep 2 17:31:43 eclogite dovecot: [ID 583609 local2.error] POP3(ebradley): mkdir(/u1/home/grad/ebradley/mail/.imap/INBOX) failed: Not owner Sep 2 17:31:43 eclogite dovecot: [ID 583609 local2.info] pop3-login: Login: user=, method=PLAIN, rip=128.119.45.9, lip=128.119.45.20, TLS When I looked at their home directory, I found: drwx------ 4 ebradley geolgrad 512 Jul 28 2009 /u1/home/grad/ebradley drwx------ 4 ebradley geolgrad 512 Sep 2 17:31 /u1/home/grad/ebradley/mail drwx------ 3 ebradley geolgrad 512 Sep 2 17:31 /u1/home/grad/ebradley/mail/.imap drwxrwx--- 2 ebradley geolgrad 512 Sep 2 17:31 /u1/home/grad/ebradley/mail/.imap/INBOX -rw-rw---- 1 ebradley mail 9484323 Sep 6 15:16 /var/mail/ebradley My dovecot configuration is at the end. The other pieces are sendmail, milter-greylist, mimedefang, etc. -- --------------- Chris Hoogendyk - O__ ---- Systems Administrator c/ /'_ --- Biology& Geology Departments (*) \(*) -- 140 Morrill Science Center ~~~~~~~~~~ - University of Massachusetts, Amherst --------------- Erd?s 4 # dovecot -a # 1.2.17: /usr/local/etc/dovecot.conf Warning: fd limit 256 is lower than what Dovecot can use under full load (more than 768). Either grow the limit or change login_max_processes_count and max_mail_processes settings # OS: SunOS 5.9 sun4u base_dir: /var/run/dovecot/ log_path: info_log_path: log_timestamp: %b %d %H:%M:%S syslog_facility: local2 protocols: imaps pop3s listen: * ssl_listen: * ssl: required ssl_ca_file: /etc/mail/certs/ca-bundle.crt ssl_cert_file: /etc/mail/certs/sendmail.pem ssl_key_file: /etc/mail/certs/sendmail.pem ssl_key_password: ssl_parameters_regenerate: 168 ssl_cipher_list: ssl_cert_username_field: commonName ssl_verify_client_cert: no disable_plaintext_auth: yes verbose_ssl: no shutdown_clients: yes nfs_check: yes version_ignore: no login_dir: /var/run/dovecot/login login_executable(default): /usr/local/libexec/dovecot/imap-login login_executable(imap): /usr/local/libexec/dovecot/imap-login login_executable(pop3): /usr/local/libexec/dovecot/pop3-login login_user: dovecot login_greeting: ready. login_log_format_elements: user=<%u> method=%m rip=%r lip=%l %c login_log_format: %$: %s login_process_per_connection: yes login_chroot: yes login_trusted_networks: login_process_size: 64 login_processes_count: 3 login_max_processes_count: 128 login_max_connections: 256 valid_chroot_dirs: mail_chroot: max_mail_processes: 512 mail_max_userip_connections(default): 10 mail_max_userip_connections(imap): 10 mail_max_userip_connections(pop3): 3 verbose_proctitle: no first_valid_uid: 1000 last_valid_uid: 0 first_valid_gid: 98 last_valid_gid: 0 mail_access_groups: mail_privileged_group: mail mail_uid: mail_gid: mail_location: mbox:~/mail:INBOX=/var/mail/%u mail_cache_fields: mail_never_cache_fields: imap.envelope mail_cache_min_mail_count: 0 mailbox_idle_check_interval: 30 mail_debug: yes mail_full_filesystem_access: no mail_max_keyword_length: 50 mail_save_crlf: no mmap_disable: no dotlock_use_excl: yes fsync_disable: no mail_nfs_storage: no mail_nfs_index: no mailbox_list_index_disable: yes lock_method: fcntl maildir_stat_dirs: no maildir_copy_with_hardlinks: yes maildir_copy_preserve_filename: no maildir_very_dirty_syncs: no mbox_read_locks: fcntl mbox_write_locks: dotlock fcntl mbox_lock_timeout: 300 mbox_dotlock_change_timeout: 120 mbox_min_index_size: 0 mbox_dirty_syncs: yes mbox_very_dirty_syncs: no mbox_lazy_writes: yes dbox_rotate_size: 2048 dbox_rotate_min_size: 16 dbox_rotate_days: 1 mail_drop_priv_before_exec: no mail_executable(default): /usr/local/libexec/dovecot/imap mail_executable(imap): /usr/local/libexec/dovecot/imap mail_executable(pop3): /usr/local/libexec/dovecot/pop3 mail_process_size: 256 mail_plugins: mail_plugin_dir(default): /usr/local/lib/dovecot/imap mail_plugin_dir(imap): /usr/local/lib/dovecot/imap mail_plugin_dir(pop3): /usr/local/lib/dovecot/pop3 mail_log_prefix: %Us(%u): mail_log_max_lines_per_sec: 10 imap_max_line_length: 65536 imap_capability: imap_client_workarounds: imap_logout_format: bytes=%i/%o imap_id_send: imap_id_log: imap_idle_notify_interval: 120 pop3_no_flag_updates: no pop3_enable_last: no pop3_reuse_xuidl(default): no pop3_reuse_xuidl(imap): no pop3_reuse_xuidl(pop3): yes pop3_save_uidl: no pop3_lock_session: no pop3_uidl_format(default): %08Xu%08Xv pop3_uidl_format(imap): %08Xu%08Xv pop3_uidl_format(pop3): %08Xv%08Xu pop3_client_workarounds(default): pop3_client_workarounds(imap): pop3_client_workarounds(pop3): outlook-no-nuls oe-ns-eoh pop3_logout_format: top=%t/%p, retr=%r/%b, del=%d/%m, size=%s dict_db_config: dict_process_count: 1 auth default: mechanisms: plain realms: default_realm: cache_size: 0 cache_ttl: 3600 cache_negative_ttl: 3600 executable: /usr/local/libexec/dovecot/dovecot-auth user: root chroot: username_chars: abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_ username_translation: username_format: master_user_separator: anonymous_username: anonymous krb5_keytab: gssapi_hostname: winbind_helper_path: /usr/bin/ntlm_auth failure_delay: 2 verbose: yes debug: yes debug_passwords: yes ssl_require_client_cert: no ssl_username_from_cert: no use_winbind: no count: 1 worker_max_count: 30 process_size: 256 passdb: driver: shadow args: deny: no pass: no master: no userdb: driver: passwd args: # From tss at iki.fi Tue Sep 6 22:51:35 2011 From: tss at iki.fi (Timo Sirainen) Date: Tue, 6 Sep 2011 22:51:35 +0300 Subject: [Dovecot] error in logs, but system appears to work In-Reply-To: <4E667600.1090400@bio.umass.edu> References: <4E667600.1090400@bio.umass.edu> Message-ID: On 6.9.2011, at 22.35, Chris Hoogendyk wrote: > -rw-rw---- 1 ebradley mail 9484323 Sep 6 15:16 /var/mail/ebradley Is there any reason for this to be 0660? Most likely not, so your problem goes away simply with chmod 0600 /var/mail/* and at the same time makes your system more secure. From tobias at hachmer.de Tue Sep 6 23:01:55 2011 From: tobias at hachmer.de (Tobias Hachmer) Date: Tue, 06 Sep 2011 22:01:55 +0200 Subject: [Dovecot] Quotas not recalculating In-Reply-To: <19DE1FB3-E4F7-44B2-AD44-B5AFD7E813E2@iki.fi> References: <4E63CD0A.50500@averageurl.com> <4E6425B5.3080305@averageurl.com> <19DE1FB3-E4F7-44B2-AD44-B5AFD7E813E2@iki.fi> Message-ID: On Mon, 5 Sep 2011 08:39:39 +0300, Timo Sirainen wrote: > On 5.9.2011, at 4.28, Kyle Brantley wrote: > >> Okay, something else isn't cooperating with this at all. I >> reconfigured it to use dirsize just to test (quota = dirsize:User >> quota in 90-quota.conf instead of quota = maildir:User quota), and it >> is still trying to use maildir quotas: > > Your user_query in dovecot-sql.conf overrides the quota setting. Same problem here. But how can I use maildirsize quota && user_query in dovecot-slq.conf ? I want to manage my users in a sql table and use maildirsize quota. Greetz, Tobias From tss at iki.fi Tue Sep 6 23:08:37 2011 From: tss at iki.fi (Timo Sirainen) Date: Tue, 6 Sep 2011 23:08:37 +0300 Subject: [Dovecot] Quotas not recalculating In-Reply-To: References: <4E63CD0A.50500@averageurl.com> <4E6425B5.3080305@averageurl.com> <19DE1FB3-E4F7-44B2-AD44-B5AFD7E813E2@iki.fi> Message-ID: On 6.9.2011, at 23.01, Tobias Hachmer wrote: > On Mon, 5 Sep 2011 08:39:39 +0300, Timo Sirainen wrote: >> On 5.9.2011, at 4.28, Kyle Brantley wrote: >> >>> Okay, something else isn't cooperating with this at all. I reconfigured it to use dirsize just to test (quota = dirsize:User quota in 90-quota.conf instead of quota = maildir:User quota), and it is still trying to use maildir quotas: >> >> Your user_query in dovecot-sql.conf overrides the quota setting. > > Same problem here. > But how can I use maildirsize quota && user_query in dovecot-slq.conf ? > > I want to manage my users in a sql table and use maildirsize quota. There's nothing special in that. Just about all the examples in wiki assume you want to do that. http://wiki2.dovecot.org/Quota/Configuration#Per-user_quota From hoogendyk at bio.umass.edu Tue Sep 6 23:09:09 2011 From: hoogendyk at bio.umass.edu (Chris Hoogendyk) Date: Tue, 06 Sep 2011 16:09:09 -0400 Subject: [Dovecot] error in logs, but system appears to work In-Reply-To: References: <4E667600.1090400@bio.umass.edu> Message-ID: <4E667DE5.3090803@bio.umass.edu> On 9/6/11 3:51 PM, Timo Sirainen wrote: > On 6.9.2011, at 22.35, Chris Hoogendyk wrote: > >> -rw-rw---- 1 ebradley mail 9484323 Sep 6 15:16 /var/mail/ebradley > Is there any reason for this to be 0660? Most likely not, so your problem goes away simply with chmod 0600 /var/mail/* and at the same time makes your system more secure. So, looking at my other system that has been running dovecot for over a year, I see that the entries are mostly 0600, but there are a few 0660. The system I was just implementing has mostly 0660, but some 0600. We had seen occasional similar errors on the other system. If I change both systems so that all the directories in /var/mail are 0600, then everything will be happy? -- --------------- Chris Hoogendyk - O__ ---- Systems Administrator c/ /'_ --- Biology& Geology Departments (*) \(*) -- 140 Morrill Science Center ~~~~~~~~~~ - University of Massachusetts, Amherst --------------- Erd?s 4 From tss at iki.fi Tue Sep 6 23:14:48 2011 From: tss at iki.fi (Timo Sirainen) Date: Tue, 6 Sep 2011 23:14:48 +0300 Subject: [Dovecot] error in logs, but system appears to work In-Reply-To: <4E667DE5.3090803@bio.umass.edu> References: <4E667600.1090400@bio.umass.edu> <4E667DE5.3090803@bio.umass.edu> Message-ID: <2A848160-2EF7-4EF9-87B5-73A3DF5530A5@iki.fi> On 6.9.2011, at 23.09, Chris Hoogendyk wrote: > > > On 9/6/11 3:51 PM, Timo Sirainen wrote: >> On 6.9.2011, at 22.35, Chris Hoogendyk wrote: >> >>> -rw-rw---- 1 ebradley mail 9484323 Sep 6 15:16 /var/mail/ebradley >> Is there any reason for this to be 0660? Most likely not, so your problem goes away simply with chmod 0600 /var/mail/* and at the same time makes your system more secure. > > So, looking at my other system that has been running dovecot for over a year, I see that the entries are mostly 0600, but there are a few 0660. The system I was just implementing has mostly 0660, but some 0600. We had seen occasional similar errors on the other system. > > If I change both systems so that all the directories in /var/mail are 0600, then everything will be happy? Yep. Basically the problem is that Dovecot thinks they are shared mailboxes and the "mail" group is supposed to have access to them, so it tries to use the mail group for the index files as well, but the process doesn't belong to mail group so it fails. From tobias at hachmer.de Tue Sep 6 23:17:49 2011 From: tobias at hachmer.de (Tobias Hachmer) Date: Tue, 06 Sep 2011 22:17:49 +0200 Subject: [Dovecot] Quotas not recalculating In-Reply-To: References: <4E63CD0A.50500@averageurl.com> <4E6425B5.3080305@averageurl.com> <19DE1FB3-E4F7-44B2-AD44-B5AFD7E813E2@iki.fi> Message-ID: <811c9c72bffbccebb864705ca8935e8b@hachmer.de> On Tue, 6 Sep 2011 23:08:37 +0300, Timo Sirainen wrote: > On 6.9.2011, at 23.01, Tobias Hachmer wrote: > >> On Mon, 5 Sep 2011 08:39:39 +0300, Timo Sirainen wrote: >>> On 5.9.2011, at 4.28, Kyle Brantley wrote: >>> >>>> Okay, something else isn't cooperating with this at all. I >>>> reconfigured it to use dirsize just to test (quota = dirsize:User >>>> quota in 90-quota.conf instead of quota = maildir:User quota), and >>>> it is still trying to use maildir quotas: >>> >>> Your user_query in dovecot-sql.conf overrides the quota setting. >> >> Same problem here. >> But how can I use maildirsize quota && user_query in >> dovecot-slq.conf ? >> >> I want to manage my users in a sql table and use maildirsize quota. > > There's nothing special in that. Just about all the examples in wiki > assume you want to do that. > http://wiki2.dovecot.org/Quota/Configuration#Per-user_quota OK, thanks. Removing "CONCAT('*:bytes=', CAST(quota AS CHAR)) AS userdb_quota_rule" from user_query as well as from password_query in dovecot-sql.conf worked for me. Greetz, Tobias From voytek at sbt.net.au Tue Sep 6 23:54:23 2011 From: voytek at sbt.net.au (Voytek) Date: Wed, 7 Sep 2011 07:54:23 +1100 Subject: [Dovecot] dumb Q: how to search for email hack attempts ? Message-ID: <4dc1ead7e05d6a85b2401a1ecadf7d95.squirrel@sbt.net.au> one of the users thinks someone hacked his email, I don't have time this morning to analyze mail logs in detail, but does some one has some tips to simply searching mail logs for multiple log in attempts, etc, I'd appreciate some grepping for failed logins show give some clues ? From rick at havokmon.com Wed Sep 7 00:14:26 2011 From: rick at havokmon.com (Rick Romero) Date: Tue, 06 Sep 2011 16:14:26 -0500 Subject: [Dovecot] dumb Q: how to search for email hack attempts ? In-Reply-To: <4dc1ead7e05d6a85b2401a1ecadf7d95.squirrel@sbt.net.au> References: <4dc1ead7e05d6a85b2401a1ecadf7d95.squirrel@sbt.net.au> Message-ID: <20110906161426.Horde.GNbzHG2tkQ9OZo0yGCBxWUA@beta.vfemail.net> Quoting Voytek : > one of the users thinks someone hacked his email, I don't have time this > morning to analyze mail logs in detail, but does some one has some tips to > simply searching mail logs for multiple log in attempts, etc, I'd > appreciate some > > grepping for failed logins show give some clues ? # - one of these IPs is not like the others.. grep $username /var/log/maillog | grep -v "no auth|failed" | awk '{print $13}' |sort |uniq Rick From kyle at averageurl.com Wed Sep 7 03:01:26 2011 From: kyle at averageurl.com (Kyle Brantley) Date: Tue, 06 Sep 2011 18:01:26 -0600 Subject: [Dovecot] Quotas not recalculating In-Reply-To: <811c9c72bffbccebb864705ca8935e8b@hachmer.de> References: <4E63CD0A.50500@averageurl.com> <4E6425B5.3080305@averageurl.com> <19DE1FB3-E4F7-44B2-AD44-B5AFD7E813E2@iki.fi> <811c9c72bffbccebb864705ca8935e8b@hachmer.de> Message-ID: <4E66B456.6070707@averageurl.com> On 9/6/2011 2:17 PM, Tobias Hachmer wrote: > On Tue, 6 Sep 2011 23:08:37 +0300, Timo Sirainen wrote: >> On 6.9.2011, at 23.01, Tobias Hachmer wrote: >> >>> On Mon, 5 Sep 2011 08:39:39 +0300, Timo Sirainen wrote: >>>> On 5.9.2011, at 4.28, Kyle Brantley wrote: >>>> >>>>> Okay, something else isn't cooperating with this at all. I >>>>> reconfigured it to use dirsize just to test (quota = dirsize:User >>>>> quota in 90-quota.conf instead of quota = maildir:User quota), and >>>>> it is still trying to use maildir quotas: >>>> >>>> Your user_query in dovecot-sql.conf overrides the quota setting. >>> >>> Same problem here. >>> But how can I use maildirsize quota && user_query in dovecot-slq.conf ? >>> >>> I want to manage my users in a sql table and use maildirsize quota. >> >> There's nothing special in that. Just about all the examples in wiki >> assume you want to do that. >> http://wiki2.dovecot.org/Quota/Configuration#Per-user_quota > > OK, thanks. Removing "CONCAT('*:bytes=', CAST(quota AS CHAR)) AS > userdb_quota_rule" from user_query as well as from password_query in > dovecot-sql.conf worked for me. > > Greetz, Tobias I was migrating from 1.x to 2.x and manually rebuilt everything with respect to the configs... except for my queries. In my case, luckily, it was as easy as changing the column returned from "quota" to "quota_rule" and replacing the "maildir:storage=" with "*:storage=." Thanks for the help, all. --Kyle From jtam.home at gmail.com Wed Sep 7 04:59:27 2011 From: jtam.home at gmail.com (Joseph Tam) Date: Tue, 6 Sep 2011 18:59:27 -0700 (PDT) Subject: [Dovecot] error in logs, but system appears to work In-Reply-To: References: Message-ID: Chris Hoogendyk writes: > So, looking at my other system that has been running dovecot for over a > year, I see that the entries are mostly 0600, but there are a few 0660. > The system I was just implementing has mostly 0660, but some 0600. We > had seen occasional similar errors on the other system. Been there, done that. Timo already gave an explanation of why 0600 gets rid of the problem. I'll add a reminder that you'll need to track down the reason why mailboxes are created user:mail/0660 in the first place. It's usually done by the LDA when creating a brand new mailbox (for example, Solaris's mail.local). If you've replaced your LDA with Dovecot's deliver, then this won't be a problem anymore. You may also have to scour your userbase's personal mail collection for mailboxes that has 1) mode 0660, and 2) group membership the user is not a part of, and fix up the permissions. Such a thing could happen if you've reassigned a user's GID. Joseph Tam From janfrode at tanso.net Wed Sep 7 10:09:44 2011 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Wed, 7 Sep 2011 09:09:44 +0200 Subject: [Dovecot] limit number of simultaneous lmtp deliveries ? In-Reply-To: <1315241421.21981.57.camel@hurina> References: <20110905090541.GA8709@oc1046828364.ibm.com> <1315241421.21981.57.camel@hurina> Message-ID: <20110907070944.GA5222@oc1046828364.ibm.com> On Mon, Sep 05, 2011 at 07:50:20PM +0300, Timo Sirainen wrote: > > Possibly randomly either one. I'll need to start looking into these LMTP > proxy bugs some day.. Although for 2.0.14 I improved the error messages > a little. Is this from 2.0.14 or earlier? It's with v2.0.14 on both director and backend lmtp servers. > > > Will "process_limit=10" work for "service lmtp"? > > It'll work for both directory and backend, yes. Although each lmtp > process can also handle multiple clients. So you might also want to set > client_limit=1. Actually that could be a good idea to try in any case to > see if it helps with these problems. I now tested with: process_limit=10 client_limit=1 on both directors and backend lmtp servers, but I'm still getting these same failures. Since you're hinting about "lmtp proxy bugs", I think I'll try if it works better to skip the director/proxy and just have postfix deliver directly to backend lmtp-servers directly. -jf From listas.correo at yahoo.es Wed Sep 7 13:26:28 2011 From: listas.correo at yahoo.es (mailing lists) Date: Wed, 7 Sep 2011 11:26:28 +0100 (BST) Subject: [Dovecot] is it necessary lmtp and director to avoid index corruption in mail delivery? Message-ID: <1315391188.87744.YahooMailNeo@web29112.mail.ird.yahoo.com> Hello all, If I have several postfix/dovecot-lda boxes with shared nfs storage, how director helps in this scenario? is it necesary to use lmtp instead of dovecot-lda? With postfix/dovecot-lda boxes incoming mail happens at the smtp layer but director redirects are working in the lmtp/imap/pop3 layer. From janfrode at tanso.net Wed Sep 7 13:59:18 2011 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Wed, 7 Sep 2011 12:59:18 +0200 Subject: [Dovecot] is it necessary lmtp and director to avoid index corruption in mail delivery? In-Reply-To: <1315391188.87744.YahooMailNeo@web29112.mail.ird.yahoo.com> References: <1315391188.87744.YahooMailNeo@web29112.mail.ird.yahoo.com> Message-ID: <20110907105918.GA9780@oc1046828364.ibm.com> On Wed, Sep 07, 2011 at 11:26:28AM +0100, mailing lists wrote: > Hello all, > If I have several postfix/dovecot-lda boxes with shared nfs storage, > how director helps in this scenario? The director can help by directing each unique user to the same backend server for each delivery, which should give you better performance (indexes cached in memory on only one machine instead of on all, inotify will work for IMAP NOTIFY), and also avoid some apparent race conditions that has lead to index corruption when several nodes are writing to the same mailbox at the same time. > is it necesary to use lmtp instead of dovecot-lda? Yes. > With postfix/dovecot-lda boxes incoming mail happens at the smtp layer > but director redirects are working in the lmtp/imap/pop3 layer. Right. With LMTP you can have dovecot listening on the network (port 24/tcp) for incoming mail. No need for postfix on the backend mailstorage servers. Our setups has been: Mailgw[1-14] ---smtp--> dovecot-server[1-5] (postfix + dovecot/lda) and used MX priorities to make all deliveries go to the same dovecot-server with the others as backup. $ dig mx deliver.example.com +short 10 dove2.example.com. 15 dove3.example.com. 20 dove4.example.com. 25 dove5.example.com. 5 dove1.example.com. Now I'm moving towards: Mailgw[1-14] ---lmtp--> dovecot-server[1-5] (dovecot/lmtp) but worry that the index corruption might hit me again.. Ideally I want: Mailgw[1-14] ---lmtp--> directors --lmtp--> dovecot-server[1-5] (dovecot/lmtp) but lmtp-proxying seems to have bugs (ref: my latest mails to this list). -jf From tom at whyscream.net Wed Sep 7 15:40:09 2011 From: tom at whyscream.net (Tom Hendrikx) Date: Wed, 07 Sep 2011 14:40:09 +0200 Subject: [Dovecot] Sieve "header :value" test does not work In-Reply-To: <4E6672D5.6020506@whyscream.net> References: <4E667075.1080003@whyscream.net> <4E6672D5.6020506@whyscream.net> Message-ID: <4E676629.9000108@whyscream.net> On 06/09/11 21:21, Tom Hendrikx wrote: > On 06/09/11 21:11, Tom Hendrikx wrote: >> hi, >> >> After following some examples and searching for sieve samples in this ml >> history, I'm quite sure that the following sieve snippet should give no >> surprises: >> >> if header :value "ge" :comparator "i;ascii-numeric" "X-Header-Name" >> "0.99" { /* do something */ } >> >> However the Pigeonhole Sieve 0.2.3 on dovecot 2.0.14 gives me following >> error: >> >> test: line 3: error: unknown tagged argument ':value' for the header >> test (reported only once at first occurence). >> test: error: validation failed. >> >> What obvious mistake am I failing to see here? >> > > To answer my own question (which was found by grepping through > /usr/share/doc/dovecot-2.0.14/sieve/rfc/*bz2): including the > "relational" extension in the "require" statement adds support for this > test. > > Sorry for the noise :/ > -- > Tom > The above snippet poses some other issue that I cannot easily solve: the ascii-numeric comparator only handles integer values. All 0.xxxx header values are truncated to 0 by the comparator, just like the sieve script value "0.95". After comparision, this results in true for all cases. I don't really see a way to interact with floats in sieve, other than using regular expressions. However this gets clumsy/hairy quite fast when you're matching a hypothetical header value >=0.73 in stead of >=0.99. Any ideas? -- Regards, Tom From stephan at rename-it.nl Wed Sep 7 16:48:04 2011 From: stephan at rename-it.nl (Stephan Bosch) Date: Wed, 07 Sep 2011 15:48:04 +0200 Subject: [Dovecot] Sieve "header :value" test does not work In-Reply-To: <4E676629.9000108@whyscream.net> References: <4E667075.1080003@whyscream.net> <4E6672D5.6020506@whyscream.net> <4E676629.9000108@whyscream.net> Message-ID: <4E677614.70504@rename-it.nl> On 9/7/2011 2:40 PM, Tom Hendrikx wrote: > The above snippet poses some other issue that I cannot easily solve: the > ascii-numeric comparator only handles integer values. > > All 0.xxxx header values are truncated to 0 by the comparator, just like > the sieve script value "0.95". After comparision, this results in true > for all cases. > > I don't really see a way to interact with floats in sieve, other than > using regular expressions. However this gets clumsy/hairy quite fast > when you're matching a hypothetical header value>=0.73 in stead of>=0.99. > > Any ideas? Yes. This can be a problem. However, the usual application for this is matching against a spam header. If it is, you can use the spamtest extension instead. Then you can configure the gory details in the background (http://wiki2.dovecot.org/Pigeonhole/Sieve/Extensions/SpamtestVirustest). Otherwise, things indeed tend to get hairy. I've puzzled a bit and came up with the following: ==== require "variables"; require "relational"; require "comparator-i;ascii-numeric"; require "regex"; # Extract integer and fractional part separately: set "val_int" "0"; set "val_frac" "0"; if header :regex "X-Header-Name" "([0-9]+)\\.([0-9]+)" { set "val_int" "${1}"; set "val_frac" "${2}"; } if allof ( /* Compare the integer part */ string :comparator "i;ascii-numeric" :value "ge" "${val_int}" "5", /* Compare the fractional part */ string :value "ge" "${val_frac}" "34" ) { discard; } ==== As you can see, the integer and fractional parts of the fractional number are extracted separately using a :regex match. Then the comparison is performed. The integer part is compared using i;ascii-numeric. Quite counter-intuitively, the fractional part is compared using a normal string comparison. The earlier regex match made sure that the ${val_frac} variable only contains digits. The string comparison makes sure that the length of the fractional part does not matter (much) and that the comparison works as expected. A length difference will only have an effect when there are spurious trailing zeros and all the preceeding digits are equal, thereby causing the longer string to have higher value, which is not strictly correct. The above certainly does not deserve an award for beauty, it does not handle negative numbers (can be added), and it is not tested very well. So, use this with caution. Unfortunately, there is no i;ascii-fractional (or whatever) collation and afaik nothing like that is in the works at the IETF. Regards, Stephan. From tom at whyscream.net Wed Sep 7 17:17:33 2011 From: tom at whyscream.net (Tom Hendrikx) Date: Wed, 07 Sep 2011 16:17:33 +0200 Subject: [Dovecot] Sieve "header :value" test does not work In-Reply-To: <4E677614.70504@rename-it.nl> References: <4E667075.1080003@whyscream.net> <4E6672D5.6020506@whyscream.net> <4E676629.9000108@whyscream.net> <4E677614.70504@rename-it.nl> Message-ID: <4E677CFD.4000705@whyscream.net> On 07/09/11 15:48, Stephan Bosch wrote: > On 9/7/2011 2:40 PM, Tom Hendrikx wrote: >> The above snippet poses some other issue that I cannot easily solve: the >> ascii-numeric comparator only handles integer values. >> >> All 0.xxxx header values are truncated to 0 by the comparator, just like >> the sieve script value "0.95". After comparision, this results in true >> for all cases. >> >> I don't really see a way to interact with floats in sieve, other than >> using regular expressions. However this gets clumsy/hairy quite fast >> when you're matching a hypothetical header value>=0.73 in stead of>=0.99. >> >> Any ideas? > > Yes. This can be a problem. However, the usual application for this is > matching against a spam header. If it is, you can use the spamtest > extension instead. Then you can configure the gory details in the > background > (http://wiki2.dovecot.org/Pigeonhole/Sieve/Extensions/SpamtestVirustest). > > Otherwise, things indeed tend to get hairy. I've puzzled a bit and came > up with the following: > > ==== > require "variables"; > require "relational"; > require "comparator-i;ascii-numeric"; > require "regex"; > > # Extract integer and fractional part separately: > set "val_int" "0"; > set "val_frac" "0"; > if header :regex "X-Header-Name" "([0-9]+)\\.([0-9]+)" { > set "val_int" "${1}"; > set "val_frac" "${2}"; > } > > if allof ( > /* Compare the integer part */ > string :comparator "i;ascii-numeric" :value "ge" "${val_int}" "5", > /* Compare the fractional part */ > string :value "ge" "${val_frac}" "34" ) { > discard; > } > ==== > > As you can see, the integer and fractional parts of the fractional > number are extracted separately using a :regex match. Then the > comparison is performed. The integer part is compared using > i;ascii-numeric. Quite counter-intuitively, the fractional part is > compared using a normal string comparison. The earlier regex match made > sure that the ${val_frac} variable only contains digits. The string > comparison makes sure that the length of the fractional part does not > matter (much) and that the comparison works as expected. A length > difference will only have an effect when there are spurious trailing > zeros and all the preceeding digits are equal, thereby causing the > longer string to have higher value, which is not strictly correct. > > The above certainly does not deserve an award for beauty, it does not > handle negative numbers (can be added), and it is not tested very well. > So, use this with caution. Unfortunately, there is no i;ascii-fractional > (or whatever) collation and afaik nothing like that is in the works at > the IETF. > Thanks for the idea :) My first alternative way of thinking was to put the header value in a variable, then multiply it by 10000 (in my actual issue, the fraction always has 4 characters), then handle it as an int. However, doing a calculation is also not supported. I was trying to do some nifty stuff with DSPAM headers, which adds header that indicates "Spam" or "Innocent", and a fractional value between 0 and 1 that indicates the confidence that the filter has in its own classification: X-DSPAM-Result: Spam X-DSPAM-Confidence: 0.9456 ==> quite sure it is spam X-DSPAM-Result: Innocent X-DSPAM-Confidence: 0.9889 ==> even more sure that it is not spam Based on these headers, I wanted to do something with messages that the filter was really sure about, like pushing them to spamcop. Combining these headers in the sieve spamtest configuration to create a sliding scale between 1 and 10 is not really possible. -- Regards, Tom From marcin at mejor.pl Wed Sep 7 17:42:19 2011 From: marcin at mejor.pl (=?UTF-8?B?TWFyY2luIE1pcm9zxYJhdw==?=) Date: Wed, 07 Sep 2011 16:42:19 +0200 Subject: [Dovecot] Problem with configuring dovecot to take namespaces from database Message-ID: <4E6782CB.1060803@mejor.pl> Hello! I'd like to set up dovecot to keep namespaces in database, keep more than one namespace per user. I try to create the simplest rule (even without tuple in db table) to get new namespace, unfortunately it doesn't work. My user_query is: SELECT '/dane/domeny/%d/mail/%n/' as home, dovecot_typ_skrzynki ||':'|| '/dane/domeny/%d/mail/%n/' ||'.'|| dovecot_typ_skrzynki as mail_location, '*:bytes='||quota_mb||'M' as quota_rule , 'test33/location=mdbox:~/.mdbox/test33/' as "namespace/test3/prefix" In debug log i'm getting: Debug: master out: USER#0111#011user at examle.com#011home=/dane/domeny/mejor.pl/mail/marcin/#011mail_location=maildir:/dane/domeny/mejor.pl/mail/marcin/.maildir#011quota_rule=*:bytes=0M#011namespace/test3/prefix=test33/location=mdbox:~/.mdbox/test33/ If i knew how it should look like the line in auth debug log for working configuration it could be easier for me to write correct sql query. May i please for advice? From tss at iki.fi Wed Sep 7 17:50:56 2011 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Sep 2011 17:50:56 +0300 Subject: [Dovecot] Problem with configuring dovecot to take namespaces from database In-Reply-To: <4E6782CB.1060803@mejor.pl> References: <4E6782CB.1060803@mejor.pl> Message-ID: <04EE142A-25EF-4018-A8AB-C3A35CDF7B4E@iki.fi> dovecot -n output (with version number)? On 7.9.2011, at 17.42, Marcin Miros?aw wrote: > Hello! > I'd like to set up dovecot to keep namespaces in database, keep more than one namespace per user. > > I try to create the simplest rule (even without tuple in db table) to get new namespace, unfortunately it doesn't work. > > My user_query is: > SELECT '/dane/domeny/%d/mail/%n/' as home, dovecot_typ_skrzynki ||':'|| '/dane/domeny/%d/mail/%n/' ||'.'|| dovecot_typ_skrzynki as mail_location, '*:bytes='||quota_mb||'M' as quota_rule , 'test33/location=mdbox:~/.mdbox/test33/' as "namespace/test3/prefix" > > In debug log i'm getting: > Debug: master out: USER#0111#011user at examle.com#011home=/dane/domeny/mejor.pl/mail/marcin/#011mail_location=maildir:/dane/domeny/mejor.pl/mail/marcin/.maildir#011quota_rule=*:bytes=0M#011namespace/test3/prefix=test33/location=mdbox:~/.mdbox/test33/ > > If i knew how it should look like the line in auth debug log for working configuration it could be easier for me to write correct sql query. > May i please for advice? > From marcin at mejor.pl Wed Sep 7 17:59:27 2011 From: marcin at mejor.pl (=?UTF-8?B?TWFyY2luIE1pcm9zxYJhdw==?=) Date: Wed, 07 Sep 2011 16:59:27 +0200 Subject: [Dovecot] Problem with configuring dovecot to take namespaces from database In-Reply-To: <04EE142A-25EF-4018-A8AB-C3A35CDF7B4E@iki.fi> References: <4E6782CB.1060803@mejor.pl> <04EE142A-25EF-4018-A8AB-C3A35CDF7B4E@iki.fi> Message-ID: <4E6786CF.2020102@mejor.pl> W dniu 07.09.2011 16:50, Timo Sirainen pisze: > dovecot -n output (with version number)? Argh, i've forgot about it:( Dovecot-2.0.14 # 2.0.14: /etc/dovecot/dovecot.conf # OS: Linux 3.1.0-rc4-git2 x86_64 Gentoo Base System release 2.0.3 auth_cache_size = 1 k auth_debug = yes auth_mechanisms = login digest-md5 cram-md5 plain default_vsz_limit = 32 M deliver_log_format = msgid=%m: from=%f: phys=%p: virt=%w %$ dict { quota = pgsql:/etc/dovecot/dovecot-dict-sql.conf.ext } first_valid_uid = 8 last_valid_uid = 8 lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes mail_attachment_dir = /dane/domeny/zalaczniki mail_attachment_min_size = 64000 k mail_cache_min_mail_count = 20 mail_gid = mail mail_plugins = autocreate quota fts fts_squat notify mail_log zlib mail_privileged_group = mail mail_uid = mail maildir_stat_dirs = yes managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include var iables body enotify environment mailbox date mdbox_rotate_interval = 60 days mdbox_rotate_size = 50 M namespace { inbox = yes list = yes location = prefix = separator = . subscriptions = yes type = private } passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { autocreate = Trash autocreate2 = Spam autocreate3 = Sent autocreate4 = Drafts autosubscribe = Trash autosubscribe2 = Spam autosubscribe3 = Sent autosubscribe4 = Drafts fts = squat fts_squat = partial=4 full=10 quota = dict:User quota::proxy::quota quota_exceeded_message = Quota exceeded / Skrzynka odbiorcy jest przepelniona, wiadomosc nie zostala dostarczona sieve = /dane/domeny/%d/mail/%n/.maildir/.dovecot.sieve sieve_dir = /dane/domeny/%d/mail/%n/.maildir/sieve zlib_save = bz2 } postmaster_address = forspam at kolekcja.mejor.pl protocols = imap pop3 sieve service auth { unix_listener auth-userdb { group = mail mode = 0660 user = root } } service dict { unix_listener dict { user = mail } } service managesieve-login { inet_listener sieve_deprecated { port = 2000 } vsz_limit = 4 M } ssl_cert = References: <4E667075.1080003@whyscream.net> <4E6672D5.6020506@whyscream.net> <4E676629.9000108@whyscream.net> <4E677614.70504@rename-it.nl> <4E677CFD.4000705@whyscream.net> Message-ID: <4E67888A.8010505@rename-it.nl> On 9/7/2011 4:17 PM, Tom Hendrikx wrote: > Thanks for the idea :) > My first alternative way of thinking was to put the header value in a > variable, then multiply it by 10000 (in my actual issue, the fraction > always has 4 characters), then handle it as an int. However, doing a > calculation is also not supported. > > I was trying to do some nifty stuff with DSPAM headers, which adds > header that indicates "Spam" or "Innocent", and a fractional value > between 0 and 1 that indicates the confidence that the filter has in its > own classification: > > X-DSPAM-Result: Spam > X-DSPAM-Confidence: 0.9456 > ==> quite sure it is spam > > X-DSPAM-Result: Innocent > X-DSPAM-Confidence: 0.9889 > ==> even more sure that it is not spam > > Based on these headers, I wanted to do something with messages that the > filter was really sure about, like pushing them to spamcop. > > Combining these headers in the sieve spamtest configuration to create a > sliding scale between 1 and 10 is not really possible. > Not with the current implementation, no. But I could incorporate this new type of specification in the configuration capabilities. Using the spamtest :percent test, this could for instance map as follows: Result=Innocent; Confidence=0.0000 - 1.0000 => spamtest :percent yields 50 - 0 Result=Spam; Confidence=0.0000 - 1.0000 => spamtest :percent yields 50 - 100 Other mappings are possible of course. Regards, Stephan. From tss at iki.fi Wed Sep 7 18:09:35 2011 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Sep 2011 18:09:35 +0300 Subject: [Dovecot] Problem with configuring dovecot to take namespaces from database In-Reply-To: <4E6786CF.2020102@mejor.pl> References: <4E6782CB.1060803@mejor.pl> <04EE142A-25EF-4018-A8AB-C3A35CDF7B4E@iki.fi> <4E6786CF.2020102@mejor.pl> Message-ID: On 7.9.2011, at 17.59, Marcin Miros?aw wrote: > namespace { > inbox = yes > list = yes > location = > prefix = > separator = . > subscriptions = yes > type = private > } You want to modify this namespace, or add a completely new namespace? I don't think you can add new ones via userdb lookup.. You'll basically have to have a template in the config file first, like: namespace newspace { } Then you can add settings to it via e.g. 'namespace/newspace/location'. If all users don't have a namespace, you can set the defaults so it's invisible: namespace newspace { list = no hidden = yes } From marcin at mejor.pl Wed Sep 7 18:19:02 2011 From: marcin at mejor.pl (=?UTF-8?B?TWFyY2luIE1pcm9zxYJhdw==?=) Date: Wed, 07 Sep 2011 17:19:02 +0200 Subject: [Dovecot] Problem with configuring dovecot to take namespaces from database In-Reply-To: References: <4E6782CB.1060803@mejor.pl> <04EE142A-25EF-4018-A8AB-C3A35CDF7B4E@iki.fi> <4E6786CF.2020102@mejor.pl> Message-ID: <4E678B66.60602@mejor.pl> W dniu 07.09.2011 17:09, Timo Sirainen pisze: > On 7.9.2011, at 17.59, Marcin Miros?aw wrote: > >> namespace { >> inbox = yes >> list = yes >> location = >> prefix = >> separator = . >> subscriptions = yes >> type = private >> } > > You want to modify this namespace, or add a completely new namespace? I want to add completely new. > I don't think you can add new ones via userdb lookup.. You'll basically have to have a template in the config file first, like: > > namespace newspace { > } Hmm, it doesn't looks flexible ;) But probably should be enough for my purposes. Is feature "namespace from db" in your plans or it's too rarely needed to spend time on it? From tss at iki.fi Wed Sep 7 18:24:41 2011 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Sep 2011 18:24:41 +0300 Subject: [Dovecot] Problem with configuring dovecot to take namespaces from database In-Reply-To: <4E678B66.60602@mejor.pl> References: <4E6782CB.1060803@mejor.pl> <04EE142A-25EF-4018-A8AB-C3A35CDF7B4E@iki.fi> <4E6786CF.2020102@mejor.pl> <4E678B66.60602@mejor.pl> Message-ID: <8F07F485-4BC4-40E5-A520-7F59C87A7863@iki.fi> On 7.9.2011, at 18.19, Marcin Miros?aw wrote: >> I don't think you can add new ones via userdb lookup.. You'll basically have to have a template in the config file first, like: >> >> namespace newspace { >> } > > Hmm, it doesn't looks flexible ;) But probably should be enough for my purposes. Is feature "namespace from db" in your plans or it's too rarely needed to spend time on it? Actually I'm not completely sure if this is needed. Get it working first with this template, and then see if it continues working after removing the template. > 'test33/location=mdbox:~/.mdbox/test33/' as "namespace/test3/prefix" This is wrong in any case. It should be something like: 'mdbox:~/.mdbox/test33' as 'namespace/test33/location', 'test33.' as 'namespace/test33/prefix' From tss at iki.fi Wed Sep 7 20:17:01 2011 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Sep 2011 20:17:01 +0300 Subject: [Dovecot] Quota fs (ignore mount) In-Reply-To: References: Message-ID: On 6.9.2011, at 15.11, Peter Ignatov wrote: > I set "quota: fs:INBOX:noenforcing:mount=/var/spool/mail", but receive: "fs quota add storage dir = /home/pit/mail"... > Why ? Well .. I'm not entirely sure if the current behavior is good or not, but what you need to do to get it working is to add two quota roots. One for /home/pit/mail (i.e. without specifying mount=) and another for the INBOX's /var/spool/mail. From tss at iki.fi Wed Sep 7 20:22:46 2011 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Sep 2011 20:22:46 +0300 Subject: [Dovecot] Shared Mailboxes with VirtualUsers and mail_location retrieved from ldap In-Reply-To: <1315308456.64827.YahooMailNeo@web29115.mail.ird.yahoo.com> References: <1315308456.64827.YahooMailNeo@web29115.mail.ird.yahoo.com> Message-ID: On 6.9.2011, at 14.27, mailing lists wrote: > I spend a couple of days configurating a new installation of dovecot 2.0.14 with virtual accounts and NFS storage for maildir home/mail directories. > > > At this point I need shared mailboxes but since user mail/home locations are ldap attributes, how is it supposed I must configure this for shared mailboxes? > > for the users' mail/home directories I set this line: > > user_attrs = mailbox=mail=maildir:/var/maildir/%$,homeFilter=home Are home dirs and mail dirs related in any way? The only way you can get it working is by using home dirs, e.g.: user_attrs = mailbox=home=/var/maildir/%$ Then in dovecot.conf: mail_location = maildir:~/ > namespace { > type = shared > separator = / > prefix = shared/%%u/ > subscriptions = no > list = children location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u Of course, if you're already now using separate home dirs for some stuff, this won't really work. From mathog at caltech.edu Thu Sep 8 02:39:07 2011 From: mathog at caltech.edu (mathog) Date: Wed, 07 Sep 2011 16:39:07 -0700 Subject: [Dovecot] copy and empty userA folder1, append to /var/mail/userB Message-ID: <3ee33c7814e8f3834a9210706fa3a36c@saf.bio.caltech.edu> Dovecot 2.0.13 on a 64 bit linux. We have an archiver account on one machine. Most mailing lists that handles go directly to it and everything is fine. However, there is one campus list that will only send to real people. So for that one I subscribed. When one of these messages comes in, which is 1-2x per week, I copy it to an export folder and then manually run a script which does: cat ~me/mail/export >>/var/mail/archiver echo "" > ~me/mail/export That worked fine on our last system, but dovecot doesn't like it. It leaves the imap indices for the export mailbox in an inconsistent state, so that roundcube (through dovecot) refuses to drop messages into it. The error message roundcube emits is: ServerError: Mailbox isn't a valid mbox file. Presumably the second half is from dovecot. I need a supported way to go about this, so that the next time one comes in I can copy to that folder again. The export mailbox is always completely emptied. It would suffice if there was some way to force dovecot to create "empty"" .imap/export: dovecot.index.cache dovecot.index.log files. Note this isn't a problem for the archiver itself, since it doesn't have any imap indexed files. Suggestions? Thank you, David Mathog mathog at caltech.edu Manager, Sequence Analysis Facility, Biology Division, Caltech From karol at babioch.de Thu Sep 8 02:41:58 2011 From: karol at babioch.de (Karol Babioch) Date: Thu, 08 Sep 2011 01:41:58 +0200 Subject: [Dovecot] ManageSieve with SSL/TLS only Message-ID: <4E680146.8040107@babioch.de> Hi, I'm quite new to Dovecot and ManageSieve, so probably I've missed something, although I couldn't find any hints in the wiki. I'm interested in running ManageSieve with SSL/TLS only. So is there any way to reject any non encrypted connections? I couldn't find any parameter for this purpose. I'm currently using dovecot 1.2.15 provided with Debian Squeeze, but I couldn't find any parameter in the 2.0 branch neither. Best regards, Karol Babioch -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 898 bytes Desc: OpenPGP digital signature URL: From tss at iki.fi Thu Sep 8 10:20:57 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 08 Sep 2011 10:20:57 +0300 Subject: [Dovecot] ManageSieve with SSL/TLS only In-Reply-To: <4E680146.8040107@babioch.de> References: <4E680146.8040107@babioch.de> Message-ID: <1315466458.3876.18.camel@hurina> On Thu, 2011-09-08 at 01:41 +0200, Karol Babioch wrote: > Hi, > > I'm quite new to Dovecot and ManageSieve, so probably I've missed > something, although I couldn't find any hints in the wiki. I'm > interested in running ManageSieve with SSL/TLS only. So is there any way > to reject any non encrypted connections? I couldn't find any parameter > for this purpose. > > I'm currently using dovecot 1.2.15 provided with Debian Squeeze, but I > couldn't find any parameter in the 2.0 branch neither. a) disable_plaintext_auth=yes (default) b) ssl=required They are equivalent if you've only enabled plaintext authentication mechanisms. http://wiki.dovecot.org/SSL/DovecotConfiguration and http://wiki.dovecot.org/SSL explain more. From tss at iki.fi Thu Sep 8 10:24:27 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 08 Sep 2011 10:24:27 +0300 Subject: [Dovecot] copy and empty userA folder1, append to /var/mail/userB In-Reply-To: <3ee33c7814e8f3834a9210706fa3a36c@saf.bio.caltech.edu> References: <3ee33c7814e8f3834a9210706fa3a36c@saf.bio.caltech.edu> Message-ID: <1315466667.3876.20.camel@hurina> On Wed, 2011-09-07 at 16:39 -0700, mathog wrote: > Dovecot 2.0.13 on a 64 bit linux. > > echo "" > ~me/mail/export > > That worked fine on our last system, but dovecot doesn't like it. It > leaves the imap indices for the > export mailbox in an inconsistent state, so that roundcube (through > dovecot) refuses to drop > messages into it. The error message roundcube emits is: > > ServerError: Mailbox isn't a valid mbox file. You change the "export" mbox to be one byte size containing LF. It should instead be completely zero size. For example echo -n > ~me/mail/export Alternative could be to simply rm it? From janfrode at tanso.net Thu Sep 8 10:56:20 2011 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Thu, 8 Sep 2011 09:56:20 +0200 Subject: [Dovecot] lmtp -- save failed to INBOX: BUG: Unknown internal error Message-ID: <20110908075620.GA27139@oc1046828364.ibm.com> I've had 18 instances of this error the last 24 hours: Sep 8 08:56:00 popimap1 dovecot:: lmtp(10529, first.last at example.om): mGdAOtdlaE4hKQAAg/aw4w: msgid=: save failed to INBOX: BUG: Unknown internal error 17 on lmtp-server A, and one on lmtp-server B. On server A it was a message with 55 recepients, where 17 failed initially -- and the was then successfully delivered. lmtp pid 10529, 08:55:57-08:56:01 - 11 successfull deliveries, 17 BUGs lmtp pid 10609, 08:56:00 - 1 successfull deliveries lmtp pid 31291, 08:56:06 - 2 successfull deliveries lmtp pid 10482, 08:56:04-06 - 3 successfull deliveries lmtp pid 6738, 08:56:06 - 1 successfull deliveries lmtp pid 24488, 08:56:06-07 - 5 successfull deliveries lmtp pid 7101, 08:56:01-07 - 19 successfull deliveries lmtp pid 21330, 08:56:08 - 1 successfull deliveries lmtp pid 2177, 08:56:09 - 3 successfull deliveries lmtp pid 7085, 08:56:10 - 3 successfull deliveries lmtp pid 6633, 08:56:08-10 - 6 successfull deliveries The one on lmtp-server B was a different msgid from A, and also had several recepients (6). It was successfully delivered to the recepient that initially failed the same second. Config here: # 2.0.14: /etc/dovecot/dovecot.conf # OS: Linux 2.6.18-194.26.1.el5 x86_64 Red Hat Enterprise Linux Server release 5.5 (Tikanga) auth_verbose = yes auth_verbose_passwords = sha1 disable_plaintext_auth = no mail_gid = 3000 mail_location = maildir:~/:INDEX=/indexes/%1u/%1.1u/%u mail_plugins = quota mail_uid = 3000 mmap_disable = yes namespace { inbox = yes location = prefix = INBOX. type = private } passdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } plugin { quota = maildir:User quota } service auth-worker { user = $default_internal_user } service auth { client_limit = 4396 } service imap-login { inet_listener imap { address = * port = 143 } } service imap { executable = /usr/local/sbin/imap-wrapper.sh process_limit = 2048 } service lmtp { client_limit = 1 inet_listener lmtp { address = * port = 24 } process_limit = 25 } service pop3-login { inet_listener pop3 { address = * port = 110 } } service pop3 { executable = /usr/local/sbin/pop-wrapper.sh process_limit = 2048 } ssl = no userdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } protocol lmtp { mail_plugins = quota } protocol imap { imap_client_workarounds = delay-newmail mail_plugins = quota imap_quota } protocol pop3 { mail_plugins = quota pop3_client_workarounds = outlook-no-nuls oe-ns-eoh pop3_uidl_format = UID%u-%v } -jf From tss at iki.fi Thu Sep 8 11:53:26 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 08 Sep 2011 11:53:26 +0300 Subject: [Dovecot] lmtp -- save failed to INBOX: BUG: Unknown internal error In-Reply-To: <20110908075620.GA27139@oc1046828364.ibm.com> References: <20110908075620.GA27139@oc1046828364.ibm.com> Message-ID: <1315472006.3876.22.camel@hurina> On Thu, 2011-09-08 at 09:56 +0200, Jan-Frode Myklebust wrote: > I've had 18 instances of this error the last 24 hours: > > Sep 8 08:56:00 popimap1 dovecot:: lmtp(10529, first.last at example.om): mGdAOtdlaE4hKQAAg/aw4w: msgid=: save failed to INBOX: BUG: Unknown internal error Hmm. These are pretty annoying to find. I looked through the sources and.. Well, found one possible reason for it. Try applying these patches and see what it says then: http://hg.dovecot.org/dovecot-2.0/raw-rev/858298eb101f http://hg.dovecot.org/dovecot-2.0/raw-rev/323ab62983b6 Or were there any actual errors logged before this message? From adrian.stoica at dacris.net Thu Sep 8 12:00:58 2011 From: adrian.stoica at dacris.net (Adrian Stoica) Date: Thu, 08 Sep 2011 12:00:58 +0300 Subject: [Dovecot] test Message-ID: <4E68844A.7040907@dacris.net> Hello i use dovecot 2.0.14 , with exim 4.76 using dovecot-lda. We have the following problem: when I receive mail from the site http://www.transfer.ro, which is a file transfer site, most emails appear to be empty. Empty rows appear in email body slipped through the existing, and this makemy mail client to show me an empty mail. You can see the content only by viewing the message source. instead of "- np4e68592849da7 Content-type: text / plain, charset = utf-8 " appear "- np4e68592849da7 Content-type: text / plain, charset = utf-8 " , and that blank line spoil everything. You can check if there is somethingwrong ? -------------- next part -------------- A non-text attachment was scrubbed... Name: adrian_stoica.vcf Type: text/x-vcard Size: 195 bytes Desc: not available URL: From marcin at mejor.pl Thu Sep 8 12:26:00 2011 From: marcin at mejor.pl (=?UTF-8?B?TWFyY2luIE1pcm9zxYJhdw==?=) Date: Thu, 08 Sep 2011 11:26:00 +0200 Subject: [Dovecot] Problem with configuring dovecot to take namespaces from database In-Reply-To: <8F07F485-4BC4-40E5-A520-7F59C87A7863@iki.fi> References: <4E6782CB.1060803@mejor.pl> <04EE142A-25EF-4018-A8AB-C3A35CDF7B4E@iki.fi> <4E6786CF.2020102@mejor.pl> <4E678B66.60602@mejor.pl> <8F07F485-4BC4-40E5-A520-7F59C87A7863@iki.fi> Message-ID: <4E688A28.1090800@mejor.pl> W dniu 07.09.2011 17:24, Timo Sirainen pisze: > On 7.9.2011, at 18.19, Marcin Miros?aw wrote: > Actually I'm not completely sure if this is needed. Get it working first with this template, and then see if it continues working after removing the template. I did namespace template: namespace test33 { separator = . # without this i got error: Initialization #failed: namespace configuration error: list=yes requires #prefix=test33. to end with separator } I've change sql query to get data from table. For other user which doesn't have configured namespace in db i've got error: Initialization failed: namespace configuration error: Duplicate namespace prefix: "" So there is something which i should fix. Thanks From tss at iki.fi Thu Sep 8 12:40:08 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 08 Sep 2011 12:40:08 +0300 Subject: [Dovecot] Problem with configuring dovecot to take namespaces from database In-Reply-To: <4E688A28.1090800@mejor.pl> References: <4E6782CB.1060803@mejor.pl> <04EE142A-25EF-4018-A8AB-C3A35CDF7B4E@iki.fi> <4E6786CF.2020102@mejor.pl> <4E678B66.60602@mejor.pl> <8F07F485-4BC4-40E5-A520-7F59C87A7863@iki.fi> <4E688A28.1090800@mejor.pl> Message-ID: <1315474812.3876.23.camel@hurina> On Thu, 2011-09-08 at 11:26 +0200, Marcin Miros?aw wrote: > W dniu 07.09.2011 17:24, Timo Sirainen pisze: > > On 7.9.2011, at 18.19, Marcin Miros?aw wrote: > > Actually I'm not completely sure if this is needed. Get it working first with this template, and then see if it continues working after removing the template. > > I did namespace template: > namespace test33 { > separator = . # without this i got error: Initialization > #failed: namespace configuration error: list=yes requires > #prefix=test33. to end with separator > } > > I've change sql query to get data from table. For other user which > doesn't have configured namespace in db i've got error: > Initialization failed: namespace configuration error: Duplicate > namespace prefix: "" You can't have two namespaces with prefix="". So for example add: namespace test33 { prefix = test33. } From tss at iki.fi Thu Sep 8 12:41:58 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 08 Sep 2011 12:41:58 +0300 Subject: [Dovecot] test In-Reply-To: <4E68844A.7040907@dacris.net> References: <4E68844A.7040907@dacris.net> Message-ID: <1315474919.3876.25.camel@hurina> On Thu, 2011-09-08 at 12:00 +0300, Adrian Stoica wrote: > Hello > i use dovecot 2.0.14 , with exim 4.76 using dovecot-lda. > > We have the following problem: when I receive mail from the site > http://www.transfer.ro, which is a file transfer site, most emails > appear to be empty. > Empty rows appear in email body slipped through the existing, and this > makemy mail client to show me an empty mail. You can see the content > only by viewing the message source. > > instead of > "- np4e68592849da7 > Content-type: text / plain, charset = utf-8 > " > appear > > "- np4e68592849da7 > > Content-type: text / plain, charset = utf-8 " , and that blank line > spoil everything. > > You can check if there is somethingwrong ? I'm not aware of any such bugs ever existing in dovecot-lda. You could check this by having Exim internally deliver mails from that site to some other maildir/mbox file, and check if the empty line exists there also. I don't know the specifics of how to configure Exim this way. From tss at iki.fi Thu Sep 8 12:45:31 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 08 Sep 2011 12:45:31 +0300 Subject: [Dovecot] test In-Reply-To: <1315474919.3876.25.camel@hurina> References: <4E68844A.7040907@dacris.net> <1315474919.3876.25.camel@hurina> Message-ID: <1315475131.3876.28.camel@hurina> On Thu, 2011-09-08 at 12:41 +0300, Timo Sirainen wrote: > I'm not aware of any such bugs ever existing in dovecot-lda. You could > check this by having Exim internally deliver mails from that site to > some other maildir/mbox file, and check if the empty line exists there > also. I don't know the specifics of how to configure Exim this way. Oh, or another possibility: instead of executing dovecot-lda directly, execute dovecot-lda.sh which contains something like (warning: totally untested): #!/bin/sh tmpfile=`mktemp` cat > $tmpfile if grep -q ^From.*transfer.ro; then cp $tmpfile /tmp/transfer.ro.`date +%s` fi /usr/local/libexec/dovecot/dovecot-lda "$@" < $tmpfile ret=$? rm -f $tmpfile exit $ret From janfrode at tanso.net Thu Sep 8 13:28:52 2011 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Thu, 8 Sep 2011 12:28:52 +0200 Subject: [Dovecot] lmtp -- save failed to INBOX: BUG: Unknown internal error In-Reply-To: <1315472006.3876.22.camel@hurina> References: <20110908075620.GA27139@oc1046828364.ibm.com> <1315472006.3876.22.camel@hurina> Message-ID: <20110908102852.GA30317@oc1046828364.ibm.com> On Thu, Sep 08, 2011 at 11:53:26AM +0300, Timo Sirainen wrote: > > Hmm. These are pretty annoying to find. I looked through the sources > and.. Well, found one possible reason for it. Try applying these patches > and see what it says then: > > http://hg.dovecot.org/dovecot-2.0/raw-rev/858298eb101f > http://hg.dovecot.org/dovecot-2.0/raw-rev/323ab62983b6 Thanks, applied.. Will let you know if/when it happens again. > > Or were there any actual errors logged before this message? I couldn't find any.. but these BUG:-messages were logged as debug or info level syslog messages, which quickly drowns in everything else on busy pop/imap-servers. -jf From tss at iki.fi Thu Sep 8 13:31:22 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 8 Sep 2011 13:31:22 +0300 Subject: [Dovecot] lmtp -- save failed to INBOX: BUG: Unknown internal error In-Reply-To: <20110908102852.GA30317@oc1046828364.ibm.com> References: <20110908075620.GA27139@oc1046828364.ibm.com> <1315472006.3876.22.camel@hurina> <20110908102852.GA30317@oc1046828364.ibm.com> Message-ID: <4A95E89D-FE64-42AC-8A35-3EDBF0B97986@iki.fi> On 8.9.2011, at 13.28, Jan-Frode Myklebust wrote: > I couldn't find any.. but these BUG:-messages were logged as > debug or info level syslog messages, which quickly drowns in everything > else on busy pop/imap-servers. That's why I prefer logging errors and warnings to separate logs. Those errors logs should always stay empty. You can do this either by configuring syslog or just setting e.g.: log_path = /var/log/dovecot-errors.log info_log_path = syslog From tss at iki.fi Thu Sep 8 13:42:16 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 8 Sep 2011 13:42:16 +0300 Subject: [Dovecot] limit number of simultaneous lmtp deliveries ? In-Reply-To: <20110905090541.GA8709@oc1046828364.ibm.com> References: <20110905090541.GA8709@oc1046828364.ibm.com> Message-ID: <1A3544DD-2754-4658-9AFD-CF5DD9A675F4@iki.fi> On 5.9.2011, at 12.05, Jan-Frode Myklebust wrote: > Sep 5 10:51:56 mailgw1 postfix/lmtp[23443]: 0E2F41C01A: to=, relay=loadbalancers.example.com[192.168.42.15]:24, delay=61, delays=0.02/0.3/31/30, dsn=4.4.0, status=deferred (host loadbalancers.example.com[192.168.42.15] said: 451 4.4.0 Remote server not answering (DATA output timeout) (in reply to end of DATA command)) Well, I added even more debugging output for this message: http://hg.dovecot.org/dovecot-2.0/raw-rev/8de8752b2e94 Would be interesting to know what it logs with that. From janfrode at tanso.net Thu Sep 8 13:44:19 2011 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Thu, 8 Sep 2011 12:44:19 +0200 Subject: [Dovecot] lmtp -- save failed to INBOX: BUG: Unknown internal error In-Reply-To: <4A95E89D-FE64-42AC-8A35-3EDBF0B97986@iki.fi> References: <20110908075620.GA27139@oc1046828364.ibm.com> <1315472006.3876.22.camel@hurina> <20110908102852.GA30317@oc1046828364.ibm.com> <4A95E89D-FE64-42AC-8A35-3EDBF0B97986@iki.fi> Message-ID: <20110908104419.GA31437@oc1046828364.ibm.com> On Thu, Sep 08, 2011 at 01:31:22PM +0300, Timo Sirainen wrote: > > > I couldn't find any.. but these BUG:-messages were logged as > > debug or info level syslog messages, which quickly drowns in everything > > else on busy pop/imap-servers. > > That's why I prefer logging errors and warnings to separate logs. Those errors logs should always stay empty. You can do this either by configuring syslog or just setting e.g.: > > log_path = /var/log/dovecot-errors.log > info_log_path = syslog We have that trough syslog: mail.debug -/var/log/maillog.debug mail.* -/var/log/maillog mail.warning -/var/log/maillog.warning mail.err -/var/log/maillog.errors mail.crit -/var/log/maillog.crit but these BUG-messages only ended up in /var/log/maillog and /var/log/maillog.debug, so I think they were logged with wrong severity. But "those errors logs should always stay empty" isn't quite true for us.., since every failed ldap bind() authentication is logged as an error: $ sudo wc -l maillog.errors 2063 maillog.errors $ sudo head -1 maillog.errors ; sudo tail -1 maillog.errors Sep 8 04:02:43 popimap1 dovecot: auth: Error: ldap(user2,192.168.42.15): ldap_bind() failed: No such object Sep 8 12:39:46 popimap1 dovecot: auth: Error: ldap(user1,192.168.42.15): ldap_bind() failed: No such object -jf From marcin at mejor.pl Thu Sep 8 14:00:48 2011 From: marcin at mejor.pl (=?UTF-8?B?TWFyY2luIE1pcm9zxYJhdw==?=) Date: Thu, 08 Sep 2011 13:00:48 +0200 Subject: [Dovecot] Problem with configuring dovecot to take namespaces from database In-Reply-To: <1315474812.3876.23.camel@hurina> References: <4E6782CB.1060803@mejor.pl> <04EE142A-25EF-4018-A8AB-C3A35CDF7B4E@iki.fi> <4E6786CF.2020102@mejor.pl> <4E678B66.60602@mejor.pl> <8F07F485-4BC4-40E5-A520-7F59C87A7863@iki.fi> <4E688A28.1090800@mejor.pl> <1315474812.3876.23.camel@hurina> Message-ID: <4E68A060.8090306@mejor.pl> W dniu 08.09.2011 11:40, Timo Sirainen pisze: > You can't have two namespaces with prefix="". So for example add: > > namespace test33 { > prefix = test33. > } I admit that I slightly lost me. Let me try to summarize: - i can't use db to keep completely definition of namespace(s) -- e.g. user X has no additional namespace, user Y has 3 additonal namespaces with location Y1, Y2, Y3 - if user Z wants new namespace i have to define it in config and user_db query should return list=no and hidden=yes for users diffrent than Z. I can get from db "location" for such namespace used by user Z. This is how i understood all our talk. I hope i didn't missed too much :) Thank you. From listas.correo at yahoo.es Thu Sep 8 14:14:20 2011 From: listas.correo at yahoo.es (mailing lists) Date: Thu, 8 Sep 2011 12:14:20 +0100 (BST) Subject: [Dovecot] Shared Mailboxes with VirtualUsers and mail_location retrieved from ldap Message-ID: <1315480460.20728.YahooMailNeo@web29111.mail.ird.yahoo.com> Hello, On 09/07/2011 07:22 PM, Timo Sirainen wrote: > On 6.9.2011, at 14.27, mailing lists wrote: >> At this point I need shared mailboxes but since user mail/home locations are ldap attributes, how is it supposed I must configure this for shared mailboxes? >> >> for the users' mail/home directories I set this line: >> >> user_attrs = mailbox=mail=maildir:/var/maildir/%$,homeFilter=home > > Are home dirs and mail dirs related in any way? The only way you can get it working is by using home dirs, e.g.: > > user_attrs = mailbox=home=/var/maildir/%$ yes, my virtual users have separate directories for home and mail. Their locations are stored in ldap attributes (with random generated paths), so a flat scheme like /var/maildr/%%u isn't valid. for typical (virtual) users the location returned looks like: Sep? 8 12:48:33 imap1 dovecot: auth: Debug: ldap(user012,::1): result: mailbox(mail=maildir:/var/maildir/%$)=vol06/1/15/user012 homeFilter(home)=/var/mailfilter/vol06/1/15/user012 ... Sep? 8 12:54:50 imap1 dovecot: imap(user012): Debug: maildir++: root=/var/maildir/vol06/1/15/user012, index=, control=, inbox=/var/maildir/vol06/1/15/user012, alt= ? > Then in dovecot.conf: > > mail_location = maildir:~/ > >> namespace { >>??? type = shared >>??? separator = / >>??? prefix = shared/%%u/ >>??? subscriptions = no >>??? list = children > > location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u this is that I see in? logs and not shared folders are seen by imap clients: Sep? 8 12:57:11 imap1 dovecot: imap(user012): Debug: Namespace : type=shared, prefix=shared.%u., sep=., inbox=no, hidden=no, list=children, subscriptions=no location=maildir:%h/Maildir:INDEX=~/Maildir/shared/%u Sep? 8 12:57:11 imap1 dovecot: imap(user012): Debug: shared: root=/var/run/dovecot/, index=, control=, inbox=, alt= Sep? 8 12:57:11 imap1 dovecot: imap(user012): Debug: acl: initializing backend with data: vfile I fail to understand how %%u is retrieved from ldap... ? /----------/ # dovecot -n # 2.0.14: /etc/dovecot/dovecot.conf # OS: Linux 2.6.34.7-0.7-xen x86_64 openSUSE 11.3 (x86_64) auth_debug = yes auth_debug_passwords = yes auth_verbose = yes auth_verbose_passwords = plain base_dir = /var/run/dovecot/ disable_plaintext_auth = no mail_debug = yes mail_fsync = always mail_gid = 5000 mail_location = maildir:~/ mail_nfs_index = yes mail_nfs_storage = yes mail_plugins = acl mail_uid = 5000 managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date mmap_disable = yes namespace { ? inbox = yes ? location = ? prefix = INBOX. ? separator = . } namespace { ? list = children ? location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u ? prefix = shared.%%u. ? separator = . ? subscriptions = no ? type = shared } passdb { ? args = /etc/dovecot/dovecot-ldap.conf.ext ? driver = ldap } plugin { ? acl = vfile ? acl_shared_dict = file:/var/maildir/shared-mailboxes ? sieve = ~/.dovecot.sieve ? sieve_dir = ~/sieve } protocols = imap ssl = no userdb { ? args = /etc/dovecot/dovecot-ldap.conf.ext ? driver = ldap } verbose_proctitle = yes protocol imap { ? mail_max_userip_connections = 100 ? mail_plugins = acl imap_acl autocreate } From janfrode at tanso.net Thu Sep 8 14:22:01 2011 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Thu, 8 Sep 2011 13:22:01 +0200 Subject: [Dovecot] limit number of simultaneous lmtp deliveries ? In-Reply-To: <1A3544DD-2754-4658-9AFD-CF5DD9A675F4@iki.fi> References: <20110905090541.GA8709@oc1046828364.ibm.com> <1A3544DD-2754-4658-9AFD-CF5DD9A675F4@iki.fi> Message-ID: <20110908112201.GA708@oc1046828364.ibm.com> On Thu, Sep 08, 2011 at 01:42:16PM +0300, Timo Sirainen wrote: > > Well, I added even more debugging output for this message: http://hg.dovecot.org/dovecot-2.0/raw-rev/8de8752b2e94 > > Would be interesting to know what it logs with that. > Postfix logs: Sep 8 13:14:28 asav7 postfix/lmtp[22024]: 5ADD454030: host loadbalancers.example.com[192.168.42.15] said: 451 4.4.0 Remote server not answering (DATA output stalled for 30 secs, 36742B sent, 0B buffered) (in reply to end of DATA command) Sep 8 13:17:51 asav7 postfix/lmtp[22759]: 1981954011: host loadbalancers.example.com[192.168.42.17] said: 451 4.4.0 Remote server not answering (DATA output stalled for 30 secs, 38629B sent, 0B buffered) (in reply to end of DATA command) -jf From listas.correo at yahoo.es Thu Sep 8 14:25:08 2011 From: listas.correo at yahoo.es (mailing lists) Date: Thu, 8 Sep 2011 12:25:08 +0100 (BST) Subject: [Dovecot] is it necessary lmtp and director to avoid index corruption in mail delivery? Message-ID: <1315481108.60265.YahooMailNeo@web29117.mail.ird.yahoo.com> JF, thank you for the reply. I'm just curious how to big players fix this problem, which seems impact systems with shared storage. Have a nice day. On 09/07/2011 12:59 PM, Jan-Frode Myklebust wrote: > On Wed, Sep 07, 2011 at 11:26:28AM +0100, mailing lists wrote: >> Hello all, >> If I have several postfix/dovecot-lda boxes with shared nfs storage, >> how director helps in this scenario? > > The director can help by directing each unique user to the same backend > server for each delivery, which should give you better performance > (indexes cached in memory on only one machine instead of on all, > inotify will work for IMAP NOTIFY), and also avoid some apparent race > conditions that has lead to index corruption when several nodes are > writing to the same mailbox at the same time. > >> is it necesary to use lmtp instead of dovecot-lda? > > Yes. > > >> With postfix/dovecot-lda boxes incoming mail happens at the smtp layer >> but director redirects are working in the lmtp/imap/pop3 layer. > > Right. > > With LMTP you can have dovecot listening on the network (port 24/tcp) > for incoming mail. No need for postfix on the backend mailstorage > servers. > > Our setups has been: > > ??? Mailgw[1-14] ---smtp-->? dovecot-server[1-5] (postfix + dovecot/lda) > > and used MX priorities to make all deliveries go to the same > dovecot-server with the others as backup. > > ??? $ dig mx deliver.example.com +short > ??? 10 dove2.example.com. > ??? 15 dove3.example.com. > ??? 20 dove4.example.com. > ??? 25 dove5.example.com. > ??? 5 dove1.example.com. > > > Now I'm moving towards: > > ??? Mailgw[1-14] ---lmtp-->? dovecot-server[1-5] (dovecot/lmtp) > > but worry that the index corruption might hit me again.. Ideally > I want: > > ??? Mailgw[1-14] ---lmtp-->? directors --lmtp-->? dovecot-server[1-5] (dovecot/lmtp) > > but lmtp-proxying seems to have bugs (ref: my latest mails to this > list). > > >??? -jf From tss at iki.fi Thu Sep 8 16:03:58 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 08 Sep 2011 16:03:58 +0300 Subject: [Dovecot] lmtp -- save failed to INBOX: BUG: Unknown internal error In-Reply-To: <20110908104419.GA31437@oc1046828364.ibm.com> References: <20110908075620.GA27139@oc1046828364.ibm.com> <1315472006.3876.22.camel@hurina> <20110908102852.GA30317@oc1046828364.ibm.com> <4A95E89D-FE64-42AC-8A35-3EDBF0B97986@iki.fi> <20110908104419.GA31437@oc1046828364.ibm.com> Message-ID: <1315487039.3876.35.camel@hurina> On Thu, 2011-09-08 at 12:44 +0200, Jan-Frode Myklebust wrote: > Sep 8 08:56:00 popimap1 dovecot:: lmtp(10529, first.last at example.om): mGdAOtdlaE4hKQAAg/aw4w: msgid=: save failed to INBOX: BUG: Unknown internal error .. > but these BUG-messages only ended up in /var/log/maillog and > /var/log/maillog.debug, so I think they were logged with wrong severity. The message is logged with info-level, because it's the "what happened to the message" line. It's basically the same message that gets logged every time, regardless of what happened to the message. What should have happened above was: Error: something bad happened to your message Info: save failed to INBOX: Internal error occurred. So you should have gotten one error and one info message, but because of some bug you didn't get any error. > But "those errors logs should always stay empty" isn't quite true for us.., > since every failed ldap bind() authentication is logged as an error: > > $ sudo wc -l maillog.errors > 2063 maillog.errors > $ sudo head -1 maillog.errors ; sudo tail -1 maillog.errors > Sep 8 04:02:43 popimap1 dovecot: auth: Error: ldap(user2,192.168.42.15): ldap_bind() failed: No such object > Sep 8 12:39:46 popimap1 dovecot: auth: Error: ldap(user1,192.168.42.15): ldap_bind() failed: No such object It shouldn't be behaving like that.. Are you saying that all "unknown user" failures are logged as those errors? I get without auth_bind_userdn: Sep 08 15:56:08 auth: Info: ldap(foo,127.0.0.1): unknown user With auth_bind_userdn: Sep 08 16:00:12 auth: Info: ldap(foo,127.0.0.1): invalid credentials So the "No such object" isn't expected.. Maybe different LDAP servers work in different ways?.. Yours appears to give out the difference between "user doesn't exist" and "wrong password"? Does the attached patch change these to "unknown user" messages? -------------- next part -------------- A non-text attachment was scrubbed... Name: diff Type: text/x-patch Size: 573 bytes Desc: not available URL: From tss at iki.fi Thu Sep 8 16:07:04 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 08 Sep 2011 16:07:04 +0300 Subject: [Dovecot] Shared Mailboxes with VirtualUsers and mail_location retrieved from ldap In-Reply-To: <1315480460.20728.YahooMailNeo@web29111.mail.ird.yahoo.com> References: <1315480460.20728.YahooMailNeo@web29111.mail.ird.yahoo.com> Message-ID: <1315487225.3876.37.camel@hurina> On Thu, 2011-09-08 at 12:14 +0100, mailing lists wrote: > yes, my virtual users have separate directories for home and mail. > Their locations are stored in ldap attributes (with random generated > paths), so a flat scheme like /var/maildr/%%u isn't valid. Sorry, you're out of luck with that kind of a setup. Only the %%h can look up a home directory from LDAP. Maybe some day in future there will be other variables that can be looked up. From tss at iki.fi Thu Sep 8 16:18:41 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 08 Sep 2011 16:18:41 +0300 Subject: [Dovecot] Problem with configuring dovecot to take namespaces from database In-Reply-To: <4E68A060.8090306@mejor.pl> References: <4E6782CB.1060803@mejor.pl> <04EE142A-25EF-4018-A8AB-C3A35CDF7B4E@iki.fi> <4E6786CF.2020102@mejor.pl> <4E678B66.60602@mejor.pl> <8F07F485-4BC4-40E5-A520-7F59C87A7863@iki.fi> <4E688A28.1090800@mejor.pl> <1315474812.3876.23.camel@hurina> <4E68A060.8090306@mejor.pl> Message-ID: <1315487921.3876.40.camel@hurina> On Thu, 2011-09-08 at 13:00 +0200, Marcin Miros?aw wrote: > W dniu 08.09.2011 11:40, Timo Sirainen pisze: > > You can't have two namespaces with prefix="". So for example add: > > > > namespace test33 { > > prefix = test33. > > } > > I admit that I slightly lost me. Let me try to summarize: > - i can't use db to keep completely definition of namespace(s) > -- e.g. user X has no additional namespace, user Y has 3 additonal > namespaces with location Y1, Y2, Y3 > - if user Z wants new namespace i have to define it in config and > user_db query should return list=no and hidden=yes for users diffrent > than Z. I can get from db "location" for such namespace used by user Z. Forget all of that. I just tried a few ways and looks like you can add more namespaces by returning e.g. these fields (from SQL): namespace=nsname namespace/nsname/prefix=prefix/ namespace/nsname/location=maildir:/elsewhere namespace/nsname/separator=/ Where nsname is some unique name for the namespace. If you want more than one namespace, I think you can do it by adding another name to "namespace" field, e.g.: namespace=nsname nsname2 nsname3 From janfrode at tanso.net Thu Sep 8 16:21:52 2011 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Thu, 8 Sep 2011 15:21:52 +0200 Subject: [Dovecot] lmtp -- save failed to INBOX: BUG: Unknown internal error In-Reply-To: <1315487039.3876.35.camel@hurina> References: <20110908075620.GA27139@oc1046828364.ibm.com> <1315472006.3876.22.camel@hurina> <20110908102852.GA30317@oc1046828364.ibm.com> <4A95E89D-FE64-42AC-8A35-3EDBF0B97986@iki.fi> <20110908104419.GA31437@oc1046828364.ibm.com> <1315487039.3876.35.camel@hurina> Message-ID: <20110908132152.GA4450@oc1046828364.ibm.com> On Thu, Sep 08, 2011 at 04:03:58PM +0300, Timo Sirainen wrote: > > It shouldn't be behaving like that.. Are you saying that all "unknown > user" failures are logged as those errors? Seems so yes. > > I get without auth_bind_userdn: > > Sep 08 15:56:08 auth: Info: ldap(foo,127.0.0.1): unknown user > > With auth_bind_userdn: > > Sep 08 16:00:12 auth: Info: ldap(foo,127.0.0.1): invalid credentials > > So the "No such object" isn't expected.. Maybe different LDAP servers > work in different ways?.. We're using centos directory server - aka - red hat directory server - aka - 389ds. With: auth_verbose = yes auth_verbose_passwords = sha1 (which doesn't work) userdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } hosts = ldapm1.example.net:389 ldapm2.example.net:389 auth_bind = yes auth_bind_userdn = uid=%n,ou=people,o=%d,o=ISP,o=example,c=NO base = ou=people,o=%d,o=ISP,o=example,c=NO deref = never scope = onelevel user_attrs = mailMessageStore=home, mailLocation=mail, mailQuota=mailQuota=quota_rule=*:storage=%$ user_filter = (&(objectClass=examplePerson)(uid=%n)) Could maybe also be the user_filter or auth_bind_userdn that's turning it into an error ? > Yours appears to give out the difference > between "user doesn't exist" and "wrong password"? Does the attached > patch change these to "unknown user" messages? > diff -r 8de8752b2e94 src/auth/passdb-ldap.c > --- a/src/auth/passdb-ldap.c Thu Sep 08 13:41:20 2011 +0300 > +++ b/src/auth/passdb-ldap.c Thu Sep 08 16:03:21 2011 +0300 > @@ -157,6 +157,10 @@ > } > auth_request_log_info(auth_request, "ldap", "%s", str); > passdb_result = PASSDB_RESULT_PASSWORD_MISMATCH; > + } else if (ret == LDAP_NO_SUCH_OBJECT) { > + passdb_result = PASSDB_RESULT_USER_UNKNOWN; > + auth_request_log_info(auth_request, "ldap", > + "unknown user"); > } else { > auth_request_log_error(auth_request, "ldap", > "ldap_bind() failed: %s", I've done a bit too many unscheduled changes today... will see if I can sneak this in tomorrow :-) -jf From mathog at caltech.edu Thu Sep 8 18:05:33 2011 From: mathog at caltech.edu (mathog) Date: Thu, 08 Sep 2011 08:05:33 -0700 Subject: [Dovecot] copy and empty userA folder1, append to /var/mail/userB In-Reply-To: <1315466667.3876.20.camel@hurina> References: <3ee33c7814e8f3834a9210706fa3a36c@saf.bio.caltech.edu> <1315466667.3876.20.camel@hurina> Message-ID: <529647020022fb96e9bda2440c1b73ea@saf.bio.caltech.edu> On Thu, 08 Sep 2011 10:24:27 +0300, Timo Sirainen wrote: > On Wed, 2011-09-07 at 16:39 -0700, mathog wrote: >> Dovecot 2.0.13 on a 64 bit linux. >> >> echo "" > ~me/mail/export >> >> That worked fine on our last system, but dovecot doesn't like it. >> It >> leaves the imap indices for the >> export mailbox in an inconsistent state, so that roundcube (through >> dovecot) refuses to drop >> messages into it. The error message roundcube emits is: >> >> ServerError: Mailbox isn't a valid mbox file. > > You change the "export" mbox to be one byte size containing LF. It > should instead be completely zero size that was it. Changed the script that does the move to use cat >~me/mail/export < I'll try and break up my questions the other day about extdata that went unanswered into pieces in the hopes it will be more specific and clear. In general, I am trying to figure out the syntax of the map statement and what is allowed in that statement. So, by map statement, I mean for example perhaps the?dovecot-dict-expire.conf.ext file as shown in the doc. Is the syntax the same for the various types of files (quota vs expire)? Is there syntax to allow the specification of a different key? If so, where is this documented. I have an existing table I want to use, not the table shown in the doc. The reason I am asking is I have seen web pages that reference all sorts of statements within the map statement, and I have no idea where they are documented. Specifically, I see an example here (which is LDAP), look in section 3: http://dovecot.org/patches/1.2/ldap/HOWTO_dictldap+extdata.txt You will see lots of statements, not sure which ones can be used for MySQL (instead of LDAP). So, would like to find a list of ALL valid syntax within the map. From =?utf-8?B?0JrQvtGB0YLRi9GA0LXQsiDQkNC70LXQutGB0LDQvdC00YAg0JDQu9C10LrRgQ==?= Fri Sep 9 05:30:54 2011 From: =?utf-8?B?0JrQvtGB0YLRi9GA0LXQsiDQkNC70LXQutGB0LDQvdC00YAg0JDQu9C10LrRgQ==?= (=?utf-8?B?0JrQvtGB0YLRi9GA0LXQsiDQkNC70LXQutGB0LDQvdC00YAg0JDQu9C10LrRgQ==?=) Date: Fri, 9 Sep 2011 13:30:54 +1100 Subject: [Dovecot] debug user's message retrieval Message-ID: <213B51F00051AE48A9F0E112880177178F9F88@Delta.sc.local> Hi there! Is there any method to log user's activity with pop3 service? I'll try to explain situation: In maillog I saw that my dovecot lmtp saved four letters in user's mailbox. After a while I got a call from that user saying that he received nothing. Is there any method to log that that user RETR every single letter, maybe with full names of letter's id or something like that? From =?utf-8?B?0JrQvtGB0YLRi9GA0LXQsiDQkNC70LXQutGB0LDQvdC00YAg0JDQu9C10LrRgQ==?= Fri Sep 9 05:36:13 2011 From: =?utf-8?B?0JrQvtGB0YLRi9GA0LXQsiDQkNC70LXQutGB0LDQvdC00YAg0JDQu9C10LrRgQ==?= (=?utf-8?B?0JrQvtGB0YLRi9GA0LXQsiDQkNC70LXQutGB0LDQvdC00YAg0JDQu9C10LrRgQ==?=) Date: Fri, 9 Sep 2011 13:36:13 +1100 Subject: [Dovecot] debug user's message retrieval References: <213B51F00051AE48A9F0E112880177178F9F88@Delta.sc.local> Message-ID: <213B51F00051AE48A9F0E112880177178F9F89@Delta.sc.local> I forgot to mention that when I go to user's directory there's no letters at all. On Fri, 2011-09-09 at 13:30 +1100, ???????? ????????? ?????????? wrote: > Hi there! > > Is there any method to log user's activity with pop3 service? > > I'll try to explain situation: > > In maillog I saw that my dovecot lmtp saved four letters in user's > mailbox. > After a while I got a call from that user saying that he received > nothing. > > Is there any method to log that that user RETR every single letter, > maybe with full names of letter's id or something like that? > -- ? ?????????, ???????? ????????? ????????? ????????????? ??? "??????-?????" ???.: (423) 262-02-62 (???. 2037) ????: (423) 262-02-10 a.kostyrev at serverc.ru www.serverc.ru icq: 404-198-497 From bind at enas.net Fri Sep 9 09:29:35 2011 From: bind at enas.net (Urban Loesch) Date: Fri, 09 Sep 2011 08:29:35 +0200 Subject: [Dovecot] debug user's message retrieval In-Reply-To: <213B51F00051AE48A9F0E112880177178F9F89@Delta.sc.local> References: <213B51F00051AE48A9F0E112880177178F9F88@Delta.sc.local> <213B51F00051AE48A9F0E112880177178F9F89@Delta.sc.local> Message-ID: <4E69B24F.7070501@enas.net> Hi, perhaps the "mail_log" plugin can help you. .... # mail_log plugin provides more event logging for mail processes. plugin { # Events to log. Also available: flag_change append mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename # Group events within a transaction to one line. mail_log_group_events = no # Available fields: uid, box, msgid, from, subject, size, vsize, flags # size and vsize are available only for expunge and copy events. mail_log_fields = uid box msgid size from } ... Regards Urban ???????? ????????? ?????????? wrote: > I forgot to mention that when I go to user's directory there's no > letters at all. > > On Fri, 2011-09-09 at 13:30 +1100, ???????? ????????? ?????????? wrote: >> Hi there! >> >> Is there any method to log user's activity with pop3 service? >> >> I'll try to explain situation: >> >> In maillog I saw that my dovecot lmtp saved four letters in user's >> mailbox. >> After a while I got a call from that user saying that he received >> nothing. >> >> Is there any method to log that that user RETR every single letter, >> maybe with full names of letter's id or something like that? >> > From janfrode at tanso.net Fri Sep 9 09:54:00 2011 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Fri, 9 Sep 2011 08:54:00 +0200 Subject: [Dovecot] lmtp -- save failed to INBOX: BUG: Unknown internal error In-Reply-To: <1315487039.3876.35.camel@hurina> References: <20110908075620.GA27139@oc1046828364.ibm.com> <1315472006.3876.22.camel@hurina> <20110908102852.GA30317@oc1046828364.ibm.com> <4A95E89D-FE64-42AC-8A35-3EDBF0B97986@iki.fi> <20110908104419.GA31437@oc1046828364.ibm.com> <1315487039.3876.35.camel@hurina> Message-ID: <20110909065400.GA21187@oc1046828364.ibm.com> On Thu, Sep 08, 2011 at 04:03:58PM +0300, Timo Sirainen wrote: > > So the "No such object" isn't expected.. Maybe different LDAP servers > work in different ways?.. Yours appears to give out the difference > between "user doesn't exist" and "wrong password"? Does the attached > patch change these to "unknown user" messages? Yes it does. Before patch: Sep 9 08:46:43 popimap2 dovecot: auth: Error: ldap(user at example.co,192.168.11.16): ldap_bind() failed: No such object after patch: Sep 9 08:50:50 popimap2 dovecot: auth: ldap(user at example.co,192.168.42.15): unknown user -jf From listas.correo at yahoo.es Fri Sep 9 10:18:40 2011 From: listas.correo at yahoo.es (mailing lists) Date: Fri, 9 Sep 2011 08:18:40 +0100 (BST) Subject: [Dovecot] Shared Mailboxes with VirtualUsers and mail_location retrieved from ldap Message-ID: <1315552720.25012.YahooMailNeo@web29117.mail.ird.yahoo.com> On 09/08/2011 03:07 PM, Timo Sirainen wrote: > On Thu, 2011-09-08 at 12:14 +0100, mailing lists wrote: > >> yes, my virtual users have separate directories for home and mail. >> Their locations are stored in ldap attributes (with random generated >> paths), so a flat scheme like /var/maildr/%%u isn't valid. > > Sorry, you're out of luck with that kind of a setup. Only the %%h can > look up a home directory from LDAP. Maybe some day in future there will > be other variables that can be looked up. and how to I might configure dovecot to use the mail directory as a subdirectory of the home directory? this way all lookups for home (with %%h fetched from ldap) will return the correct locationand mail will be in (i.e.) ~/mailSubDir is this configuration possible? From janfrode at tanso.net Fri Sep 9 11:04:35 2011 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Fri, 9 Sep 2011 10:04:35 +0200 Subject: [Dovecot] Shared Mailboxes with VirtualUsers and mail_location retrieved from ldap In-Reply-To: <1315552720.25012.YahooMailNeo@web29117.mail.ird.yahoo.com> References: <1315552720.25012.YahooMailNeo@web29117.mail.ird.yahoo.com> Message-ID: <20110909080435.GA23158@oc1046828364.ibm.com> On Fri, Sep 09, 2011 at 08:18:40AM +0100, mailing lists wrote: > > and how to I might configure dovecot to use the mail directory as a subdirectory of the home directory? > > this way all lookups for home (with %%h fetched from ldap) will return the correct locationand mail will be in (i.e.) ~/mailSubDir > > is this configuration possible? In the main dovecot.conf: mail_location = maildir:~/mailSubDir In the ldap-config: user_attrs = homeFilter=home -jf From joseba.torre at ehu.es Fri Sep 9 11:37:37 2011 From: joseba.torre at ehu.es (Joseba Torre) Date: Fri, 9 Sep 2011 10:37:37 +0200 Subject: [Dovecot] debug user's message retrieval In-Reply-To: <213B51F00051AE48A9F0E112880177178F9F89@Delta.sc.local> References: <213B51F00051AE48A9F0E112880177178F9F88@Delta.sc.local> <213B51F00051AE48A9F0E112880177178F9F89@Delta.sc.local> Message-ID: <201109091037.37289.joseba.torre@ehu.es> On Viernes 09 Septiembre 2011 04:36:13 ???????? ????????? ?????????? escribi?: > I forgot to mention that when I go to user's directory there's no > letters at all. > > On Fri, 2011-09-09 at 13:30 +1100, ???????? ????????? ?????????? wrote: > > Hi there! > > > > Is there any method to log user's activity with pop3 service? > > > > I'll try to explain situation: > > > > In maillog I saw that my dovecot lmtp saved four letters in user's > > mailbox. > > After a while I got a call from that user saying that he received > > nothing. > > > > Is there any method to log that that user RETR every single letter, > > maybe with full names of letter's id or something like that? The default pop3 log is enough for me: Sep 9 05:46:37 server1 dovecot: POP3(user1): Disconnected: Logged out top=0/0, retr=1/41706, del=1/1, size=41685 This means that user1 received 1 message, deleted 1 message, and total downloaded size was 41685. Don't you have a similar line for your user? -- Joseba Torre. Vicegerencia de TICs, ?rea de Explotaci?n From Lutz.Pressler at SerNet.DE Fri Sep 9 13:01:49 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Fri, 9 Sep 2011 12:01:49 +0200 Subject: [Dovecot] 2.1: imapc LIST problem / usage question Message-ID: ----- Forwarded message from SerNet Support Lutz Pre?ler ----- From: SerNet Support Lutz Pre?ler Subject: 2.1: imapc LIST problem / usage question To: dovecot at dovecot.org Date: Fri, 9 Sep 2011 12:00:46 +0200 Organization: SerNet Service Network GmbH Hello, 2.1.alpha1 (latest Debian auto build on amd64) As a test, namespace for gmail integration set up by userdb with userdb_namespace=gmail userdb_namespace/gmail/list=yes userdb_namespace/gmail/subscriptions=no userdb_namespace/gmail/separator=. userdb_namespace/gmail/prefix=INBOX.gmail. userdb_namespace/gmail/location=imapc: userdb_imapc_host=imap.gmail.com userdb_imapc_user=ixxxxx at gmail.com userdb_imapc_password=xxxxx userdb_imapc_ssl=imaps userdb_imapc_ssl_ca_dir=/etc/ssl/certs userdb_imapc_port=993 (but having the namespace set up in config file makes no difference). This works in principle. I can e.g. 0 select "INBOX.gmail.[Gmail].Alle Nachrichten" * FLAGS (\Answered \Flagged \Deleted \Seen \Draft) * OK [PERMANENTFLAGS (\Answered \Flagged \Deleted \Seen \Draft \*)] Flags permitted. * 31 EXISTS * 0 RECENT * OK [UNSEEN 1] First unseen. * OK [UIDVALIDITY 1] UIDs valid * OK [UIDNEXT 19689] Predicted next UID * OK [NOMODSEQ] No permanent modsequences 0 OK [READ-WRITE] Select completed. and even use the gmail mailboxes within dovecot-virtual files! But: LIST seems broken: 0 list "" "*" * LIST (\HasChildren) "." "INBOX" * LIST (\HasNoChildren) "." "INBOX.privat" * LIST (\HasChildren) "." "INBOX.test" * LIST (\HasNoChildren) "." "INBOX.test.test2" * LIST (\HasNoChildren) "." "INBOX.Trash" * LIST (\HasNoChildren) "." "INBOX.in2009" [...] * LIST (\Noselect \HasChildren) "." "INBOX.gmail" * LIST (\HasNoChildren) "." "Arbeit" * LIST (\HasNoChildren) "." "Belege" * LIST (\HasNoChildren) "." "Privat" * LIST (\HasNoChildren) "." "Reisen" * LIST (\Noselect \HasNoChildren) "." "[Gmail]" * LIST (\HasNoChildren) "." "[Gmail]/Alle Nachrichten" * LIST (\HasNoChildren) "." "[Gmail]/Entw&-APw-rfe" * LIST (\HasNoChildren) "." "[Gmail]/Gesendet" * LIST (\HasNoChildren) "." "[Gmail]/Markiert" * LIST (\HasNoChildren) "." "[Gmail]/Papierkorb" * LIST (\HasNoChildren) "." "[Gmail]/Spam" * LIST (\HasNoChildren) "." "[Gmail]/Wichtig" * LIST (\HasChildren) "." "INBOX.virtual" * LIST (\HasNoChildren) "." "INBOX.virtual.week" * LIST (\HasNoChildren) "." "INBOX.virtual.sent" * LIST (\HasNoChildren) "." "INBOX.virtual.allin" 0 OK List completed. For the Gmail mailboxe the INBOX.gmail prefix is missing and / is used as separator. Second question: Is there a way to include multiple imapc instances/ namespaces with e.g. different destinations servers? I don't see how because imapc_* parameters seem to be global (now), but it would be a very useful feature. Greetings, Lutz From tss at iki.fi Fri Sep 9 13:16:52 2011 From: tss at iki.fi (Timo Sirainen) Date: Fri, 09 Sep 2011 13:16:52 +0300 Subject: [Dovecot] 2.1: imapc LIST problem / usage question In-Reply-To: References: Message-ID: <1315563414.3876.50.camel@hurina> On Fri, 2011-09-09 at 12:01 +0200, Lutz Pre?ler wrote: > As a test, namespace for gmail integration set up by userdb > with > userdb_namespace=gmail userdb_namespace/gmail/list=yes userdb_namespace/gmail/subscriptions=no userdb_namespace/gmail/separator=. userdb_namespace/gmail/prefix=INBOX.gmail. userdb_namespace/gmail/location=imapc: userdb_imapc_host=imap.gmail.com userdb_imapc_user=ixxxxx at gmail.com userdb_imapc_password=xxxxx userdb_imapc_ssl=imaps userdb_imapc_ssl_ca_dir=/etc/ssl/certs userdb_imapc_port=993 > > For the Gmail mailboxe the INBOX.gmail prefix is missing and / is used > as separator. Fixed in hg. > Second question: Is there a way to include multiple imapc instances/ > namespaces with e.g. different destinations servers? I don't see how > because imapc_* parameters seem to be global (now), but it would be a very > useful feature. I don't really understand. You're already returning per-user imapc namespace from userdb. What's missing? From Lutz.Pressler at SerNet.DE Fri Sep 9 13:21:28 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Fri, 9 Sep 2011 12:21:28 +0200 Subject: [Dovecot] 2.1: imapc LIST problem / usage question In-Reply-To: <1315563414.3876.50.camel@hurina> References: <1315563414.3876.50.camel@hurina> Message-ID: On Fr, 09 Sep 2011, Timo Sirainen wrote: > On Fri, 2011-09-09 at 12:01 +0200, Lutz Pre?ler wrote: [...] > > For the Gmail mailboxe the INBOX.gmail prefix is missing and / is used > > as separator. > > Fixed in hg. Thanks. > > > Second question: Is there a way to include multiple imapc instances/ > > namespaces with e.g. different destinations servers? I don't see how > > because imapc_* parameters seem to be global (now), but it would be a very > > useful feature. > > I don't really understand. You're already returning per-user imapc > namespace from userdb. What's missing? One local dovecot user, multiple remote IMAP servers included in different namespaces. Lutz From listas.correo at yahoo.es Fri Sep 9 13:49:18 2011 From: listas.correo at yahoo.es (mailing lists) Date: Fri, 9 Sep 2011 11:49:18 +0100 (BST) Subject: [Dovecot] Shared Mailboxes with VirtualUsers and mail_location retrieved from ldap Message-ID: <1315565358.33243.YahooMailNeo@web29115.mail.ird.yahoo.com> (I'm sorry for breaking the thread with each mail) On 09/09/2011 10:04 AM, Jan-Frode Myklebust wrote: > On Fri, Sep 09, 2011 at 08:18:40AM +0100, mailing lists wrote: >> >> and how to I might configure dovecot to use the mail directory as a subdirectory of the home directory? >> >> this way all lookups for home (with %%h fetched from ldap) will return the correct locationand mail will be in (i.e.) ~/mailSubDir >> >> is this configuration possible? > > In the main dovecot.conf: > > ??? mail_location = maildir:~/mailSubDir > > In the ldap-config: > > ??? user_attrs = homeFilter=home and which is the value for the location directive in namespace declaration ?? namespace { ? list = children ? location = maildir:%%h/mailSubDir:INDEX=~/mailSubDIr/shared/%%u ? prefix = shared.%%u. ? separator = . ? subscriptions = no ? type = shared } with the above conf. no shared folders are seen by tests users and afaik %%h is retrieved from ldap. this is that I had done until now: # telnet localhost 143 Trying ::1... Connected to localhost. Escape character is '^]'. * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN] Dovecot ready. . login user001 secret . OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT CHILDREN NAME . create INBOX.docs-user001 . OK Create completed. . setacl INBOX.docs-user001 user002 lr . OK Setacl complete. . logout * BYE Logging out . OK Logout completed. Connection closed by foreign host. # telnet localhost 143 Trying ::1... Connected to localhost. Escape character is '^]'. * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN] Dovecot ready. . login user002 secret . OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT CHILDREN NAME . create INBOX.docs-user002 . OK Create completed. . setacl INBOX.docs-user002 user001 lr . OK Setacl complete. . logout * BYE Logging out . OK Logout completed. Connection closed by foreign host. ?# cat /var/maildir/shared-mailboxes shared/shared-boxes/user/user002/user001 1 shared/shared-boxes/user/user002/user002 1 shared/shared-boxes/user/user001/user001 1 shared/shared-boxes/user/user001/user002 1 # cat /var/maildir/vol04/4/46/user001/.docs-user001/dovecot-acl user=user002 lr # cat /var/maildir/vol05/4/40/user002/.docs-user002/dovecot-acl user=user001 lr # telnet localhost 143 Trying ::1... Connected to localhost. Escape character is '^]'. * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN] Dovecot ready. . login user001 secret . OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS ACL RIGHTS=texk] Logged in . namespace * NAMESPACE (("INBOX." ".")) (("shared." ".")) NIL . OK Namespace completed. . list "shared." "*" . OK List completed. ? /--------------/ # grep? ^[^#] /etc/dovecot/dovecot-ldap.conf.ext uris = ldap://ldap.example.com dn = cn=testuser,dc=example,dc=com dnpass = secret sasl_bind = no tls = no auth_bind = yes ldap_version = 3 base = dc=example,dc=com deref = never scope = subtree user_attrs = mailbox=mail=maildir:/var/maildir/%$,homeFilter=home user_filter = (&(objectClass=CourierMailAccount)(uid=%u)) pass_filter = (&(objectClass=CourierMailAccount)(uid=%u)) # dovecot -n # 2.0.14: /etc/dovecot/dovecot.conf # OS: Linux 2.6.34.7-0.7-xen x86_64 openSUSE 11.3 (x86_64) auth_debug = yes auth_debug_passwords = yes auth_verbose = yes auth_verbose_passwords = plain base_dir = /var/run/dovecot/ disable_plaintext_auth = no mail_debug = yes mail_fsync = always mail_gid = 5000 mail_location = maildir:~/mailSubDir mail_nfs_index = yes mail_nfs_storage = yes mail_plugins = acl mail_uid = 5000 managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date mmap_disable = yes namespace { ? inbox = yes ? location = ? prefix = INBOX. ? separator = . } namespace { ? list = children ? location = maildir:%%h/mailSubDir:INDEX=~/mailSubDir/shared/%%u ? prefix = shared.%%u. ? separator = . ? subscriptions = no ? type = shared } passdb { ? args = /etc/dovecot/dovecot-ldap.conf.ext ? driver = ldap } plugin { ? acl = vfile ? acl_shared_dict = file:/var/maildir/shared-mailboxes ? sieve = ~/.dovecot.sieve ? sieve_dir = ~/sieve } protocols = imap lmtp service lmtp { ? inet_listener lmtp { ??? port = 24 ? } ? unix_listener lmtp { ??? user = vmail ? } } ssl = no userdb { ? args = /etc/dovecot/dovecot-ldap.conf.ext ? driver = ldap } verbose_proctitle = yes protocol lmtp { ? mail_plugins = acl } protocol lda { ? mail_plugins = acl } protocol imap { ? mail_max_userip_connections = 100 ? mail_plugins = acl imap_acl autocreate } From marcin at mejor.pl Fri Sep 9 14:24:08 2011 From: marcin at mejor.pl (=?UTF-8?B?TWFyY2luIE1pcm9zxYJhdw==?=) Date: Fri, 09 Sep 2011 13:24:08 +0200 Subject: [Dovecot] Problem with configuring dovecot to take namespaces from database In-Reply-To: <1315487921.3876.40.camel@hurina> References: <4E6782CB.1060803@mejor.pl> <04EE142A-25EF-4018-A8AB-C3A35CDF7B4E@iki.fi> <4E6786CF.2020102@mejor.pl> <4E678B66.60602@mejor.pl> <8F07F485-4BC4-40E5-A520-7F59C87A7863@iki.fi> <4E688A28.1090800@mejor.pl> <1315474812.3876.23.camel@hurina> <4E68A060.8090306@mejor.pl> <1315487921.3876.40.camel@hurina> Message-ID: <4E69F758.8050008@mejor.pl> W dniu 08.09.2011 15:18, Timo Sirainen pisze: > Forget all of that. I just tried a few ways and looks like you can add > more namespaces by returning e.g. these fields (from SQL): > > namespace=nsname > namespace/nsname/prefix=prefix/ > namespace/nsname/location=maildir:/elsewhere > namespace/nsname/separator=/ > > Where nsname is some unique name for the namespace. If you want more > than one namespace, I think you can do it by adding another name to > "namespace" field, e.g.: > > namespace=nsname nsname2 nsname3 select .... "test1 test2" AS namespace works, it gives me two namespaces. It's nice. Now i've another problem, how to configure them usinq sql. I can't do "recursive sql query" , sql can't create variable number of output columns depended on values in table. E.g: I imagine such table: -------------------------------------------------------------- |user_id | namespace | prefix | location | -------------------------------------------------------------- | 648 | test1 | test1. | mdbox:~/test1/.mdbox | -------------------------------------------------------------- | 648 | test2 | test2. | maildir:~/test2/.maildir | -------------------------------------------------------------- etc... In query i have to know all namespaces names to mention them in query: select ... as "namespace/test1/prefix" but i don't know if there is "test1" namespace untill i fetch record from table. Ok, maybe could it be possible to do it in other way: -------------------------------------------------------------------- |user_id | namespace_full_definition | -------------------------------------------------------------------- | 7684 | /name=test1/prefix=test1./location=mdbox:~/test1/.mdbox/ name=test2/prefix=test2/location=... | -------------------------------------------------------------------- but this isn't supported by dovecot as i know. Maybe something like "user_namespace" query could be usefull? Query could be very easy: select ... namespace_name, namespace_prefix, namespace_location where user='somuser' (and table schema like in first example). Maybe there i other, way to do it by i can't see it now. Btw, i can see dovecot 2.1 can proxy imap connections. It's a great idea! Thanks. From zaharovr at inbox.ru Fri Sep 9 14:24:32 2011 From: zaharovr at inbox.ru (=?UTF-8?B?0KDQvtC80LDQvSDQl9Cw0YXRgNC+0LI=?=) Date: Fri, 09 Sep 2011 15:24:32 +0400 Subject: [Dovecot] =?utf-8?q?dovecot_2=2E0=2E12=3A_mdbox_=26__quota=3Ddirs?= =?utf-8?q?ize?= Message-ID: #doveconf -v ...................... ? quota = dirsize:User quota ? quota_debug = yes ? quota_exceeded_message = message ? quota_warning = storage=95%% quota-warning 95 %u ? quota_warning2 = storage=80%% quota-warning 80 %u ............................? # du --max-depth=1 -h 311M??? ./storage 20K???? ./sieve 7,8M??? ./mailboxes 319M??? . # doveadm quota get -u myuser Quota name????????????????????????????????????????????????????????????? Type???? Value? Limit? % User quota????????????????????????????????????????????????????????????? STORAGE 7948 399360 2 #? then i change ./dovecot-2.0.12/src/plugins/quota?/quota-dirsize.c 165--?????????????????????????????? path = mailbox_list_get_path(namespaces[i]->list, NULL,? 166-- ??????????????????????????????????????????????????????????????? MAILBOX_LIST_PATH_TYPE_MAILBOX?); 165++???????????????????????????? path = mailbox_list_get_path(namespaces[i]->list, NULL, 166++????????????????????????????????????????????????????????????????????? MAILBOX_LIST_PATH_TYPE_DIR);?? # doveadm quota get -u myuser? Quota name????????????????????????????????????????????????????????????? Type???? Value? Limit? % User quota????????????????????????????????????????????????????????????? STORAGE 325885 399360 81 #? From listas.correo at yahoo.es Fri Sep 9 14:25:58 2011 From: listas.correo at yahoo.es (mailing lists) Date: Fri, 9 Sep 2011 12:25:58 +0100 (BST) Subject: [Dovecot] Shared Mailboxes with VirtualUsers and mail_location retrieved from ldap Message-ID: <1315567558.65773.YahooMailNeo@web29119.mail.ird.yahoo.com> and for the time that user001 execute the imap 'list' command, this is the log trace in dovecot: Sep? 9 13:09:12 imap1 dovecot: imap(user001): Debug: Namespace : type=shared, prefix=shared.%u., sep=., inbox=no, hidden=no, list=children, subscriptions=no location=maildir:%h/mailSubDir:INDEX=~/mailSubDir/shared/%u Sep? 9 13:09:12 imap1 dovecot: imap(user001): Debug: shared: root=/var/run/dovecot/, index=, control=, inbox=, alt= [...] Sep? 9 13:10:44 imap1 dovecot: auth: Debug: master in: USER?? 1?????? user002 service=lib-storage Sep? 9 13:10:44 imap1 dovecot: auth: Debug: ldap(user002): user search: base=dc=example,dc=com scope=subtree filter=(&(objectClass=CourierMailAccount)(uid=user002)) fields=mailbox,homeFilter Sep? 9 13:10:44 imap1 dovecot: auth: Debug: ldap(user002): result: mailbox(mail=maildir:/var/maildir/%$)=vol05/4/40/user002 homeFilter(home)=/var/mailfilter/vol05/4/40/user002 Sep? 9 13:10:44 imap1 dovecot: auth: Debug: master out: USER? 1?????? user002 mail=maildir:/var/maildir/vol05/4/40/user002??? home=/var/mailfilter/vol05/4/40/user002 Sep? 9 13:10:44 imap1 dovecot: imap(user001): Debug: auth input: user002 mail=maildir:/var/maildir/vol05/4/40/user002 home=/var/mailfilter/vol05/4/40/user002 Sep? 9 13:10:44 imap1 dovecot: imap(user001): Debug: maildir++: root=/var/mailfilter/vol05/4/40/user002/mailSubDir, index=/var/mailfilter/vol04/4/46/user001/mailSubDir/shared/user002, control=, inbox=/var/mailfilter/vol05/4/40/user002/mailSubDir, alt= Sep? 9 13:10:44 imap1 dovecot: imap(user001): Debug: acl: initializing backend with data: vfile Sep? 9 13:10:44 imap1 dovecot: imap(user001): Debug: acl: acl username = user001 Sep? 9 13:10:44 imap1 dovecot: imap(user001): Debug: acl: owner = 0 Sep? 9 13:10:44 imap1 dovecot: imap(user001): Debug: acl vfile: Global ACL directory: (none) Sep? 9 13:10:44 imap1 dovecot: imap(user001): Debug: acl: Mailbox not in dovecot-acl-list: shared.user002.INBOX From ramon.frontera at uib.es Fri Sep 9 15:19:38 2011 From: ramon.frontera at uib.es (=?iso-8859-1?Q?Ram=F3n_Frontera?=) Date: Fri, 9 Sep 2011 14:19:38 +0200 Subject: [Dovecot] problem migrating from maildir to dbox Message-ID: <95E776CC-912A-4BD4-A99E-AA930E5CCBFB@uib.es> Hello, we want to migrate Mail folders from Maildir to dbox without downtime. We change the mail_location to dbox in 10-mail.conf and restart dovecot. After that we use dsync -u user mirror maildir:~/Maildir. The problem is that if INBOX exists the dsync create a new folder with name like b5893c0a93ff694e551200002dfa3112 Can I migrate to the existing INBOX? or How can I merge the 2 INBOX folders? Thanks for your help! Regards, -- Ramon From tobias at hachmer.de Fri Sep 9 16:14:26 2011 From: tobias at hachmer.de (Tobias Hachmer) Date: Fri, 09 Sep 2011 15:14:26 +0200 Subject: [Dovecot] BestPractice to migrate imap mailbox from one machine to another Message-ID: <8c63a852f1cdf3633ecfe820a17bd158@hachmer.de> Hi list, currently I use dovecot v1.2.15 with maildir++ mailboxes. (Debian Squeeze) I want to set up a different server with dovecot v2, also maildir++ mailboxes. (also Debian Squeeze) What is the best way to copy the existing mailboxes from the older machine running dovecot v1.2.15 to the new naked machine? Greetz, Tobias From robert at schetterer.org Fri Sep 9 16:22:54 2011 From: robert at schetterer.org (Robert Schetterer) Date: Fri, 09 Sep 2011 15:22:54 +0200 Subject: [Dovecot] BestPractice to migrate imap mailbox from one machine to another In-Reply-To: <8c63a852f1cdf3633ecfe820a17bd158@hachmer.de> References: <8c63a852f1cdf3633ecfe820a17bd158@hachmer.de> Message-ID: <4E6A132E.9080206@schetterer.org> Am 09.09.2011 15:14, schrieb Tobias Hachmer: > Hi list, > > currently I use dovecot v1.2.15 with maildir++ mailboxes. (Debian Squeeze) > I want to set up a different server with dovecot v2, also maildir++ > mailboxes. (also Debian Squeeze) > > What is the best way to copy the existing mailboxes from the older > machine running dovecot v1.2.15 to the new naked machine? > > Greetz, Tobias i used imapsync in a bash script http://ks.lamiral.info/imapsync/ at a massive migration -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria From zaharovr at inbox.ru Fri Sep 9 16:26:59 2011 From: zaharovr at inbox.ru (=?UTF-8?B?0JfQsNGF0LDRgNC+0LIg0KDQvtC80LDQvQ==?=) Date: Fri, 09 Sep 2011 17:26:59 +0400 Subject: [Dovecot] problem migrating from maildir to dbox In-Reply-To: <95E776CC-912A-4BD4-A99E-AA930E5CCBFB@uib.es> References: <95E776CC-912A-4BD4-A99E-AA930E5CCBFB@uib.es> Message-ID: <4E6A1423.9010406@inbox.ru> 09.09.2011 16:19, Ram?n Frontera ?????: > Hello, > we want to migrate Mail folders from Maildir to dbox without downtime. > We change the mail_location to dbox in 10-mail.conf and restart dovecot. > After that we use dsync -u user mirror maildir:~/Maildir. > The problem is that if INBOX exists the dsync create a new folder with name like b5893c0a93ff694e551200002dfa3112 > Can I migrate to the existing INBOX? or How can I merge the 2 INBOX folders? > Thanks for your help! > Regards, > > -- > Ramon > > > My transition from maildir to mdbox occurred so: /Maildir - an old place of mail /Mailbox - new mail_location=%h # set home for all users maildir:/Maildir/user_name script: for i in `echo "select name from user|$sql` do res=$(dsync -u $i backup mdbox:/Mailbox/$i) if [ $res -eq 0 ];then echo "update user set home=\"mdbox:/Mailbox/$i\" where name=$i"|$sql echo "$i migrated" >> $log fi done From zaharovr at inbox.ru Fri Sep 9 16:30:27 2011 From: zaharovr at inbox.ru (=?UTF-8?B?0JfQsNGF0LDRgNC+0LIg0KDQvtC80LDQvQ==?=) Date: Fri, 09 Sep 2011 17:30:27 +0400 Subject: [Dovecot] problem migrating from maildir to dbox In-Reply-To: <95E776CC-912A-4BD4-A99E-AA930E5CCBFB@uib.es> References: <95E776CC-912A-4BD4-A99E-AA930E5CCBFB@uib.es> Message-ID: <4E6A14F3.4080803@inbox.ru> 09.09.2011 16:19, Ram?n Frontera ?????: > Hello, > we want to migrate Mail folders from Maildir to dbox without downtime. > We change the mail_location to dbox in 10-mail.conf and restart dovecot. > After that we use dsync -u user mirror maildir:~/Maildir. > The problem is that if INBOX exists the dsync create a new folder with name like b5893c0a93ff694e551200002dfa3112 > Can I migrate to the existing INBOX? or How can I merge the 2 INBOX folders? > Thanks for your help! > Regards, > > -- > Ramon > > > My transition from maildir to mdbox occurred so: /Maildir - an old place of mail /Mailbox - new mail_location=%h # set home for all users maildir:/Maildir/user_name script: for i in `echo "select name from user|$sql` do res=$(dsync -u $i backup mdbox:/Mailbox/$i) if [ $res -eq 0 ];then echo "update user set home=\"mdbox:/Mailbox/$i\" where name=$i"|$sql echo "$i migrated" >> $log fi done From tobias at hachmer.de Fri Sep 9 16:34:25 2011 From: tobias at hachmer.de (Tobias Hachmer) Date: Fri, 09 Sep 2011 15:34:25 +0200 Subject: [Dovecot] BestPractice to migrate imap mailbox from one machine to another In-Reply-To: <4E6A132E.9080206@schetterer.org> References: <8c63a852f1cdf3633ecfe820a17bd158@hachmer.de> <4E6A132E.9080206@schetterer.org> Message-ID: On Fri, 09 Sep 2011 15:22:54 +0200, Robert Schetterer wrote: > Am 09.09.2011 15:14, schrieb Tobias Hachmer: >> What is the best way to copy the existing mailboxes from the older >> machine running dovecot v1.2.15 to the new naked machine? > > i used imapsync in a bash script > http://ks.lamiral.info/imapsync/ > at a massive migration ok, but this tool is not free of charge. Are there any known problems just copying the mailboxes with scp or rsync? Tobias From pit11 at ukr.net Fri Sep 9 16:35:24 2011 From: pit11 at ukr.net (Peter Ignatov) Date: Fri, 9 Sep 2011 16:35:24 +0300 Subject: [Dovecot] Quota fs (ignore mount) Message-ID: <41158249D4DC4A7FA9ACFDFAB6C709E5@port.odessa.ua> > I set "quota: fs:INBOX:noenforcing:mount=/var/spool/mail", but receive: "fs quota add storage dir = /home/pit/mail"... > Why ? Well .. I'm not entirely sure if the current behavior is good or not, but what you need to do to get it working is to add two quota roots. One for /home/pit/mail (i.e. without specifying mount=) and another for the INBOX's /var/spool/mail. Don't work... :-( # dovecot -n # 1.2.17: /etc/dovecot.conf # OS: Linux 2.6.18-274.el5.asp121 x86_64 Red Hat Enterprise Linux Server release 5.6 (Tikanga) log_path: /var/log/dovecot.log protocols: pop3 pop3s listen: * login_dir: /var/run/dovecot/login login_executable: /usr/libexec/dovecot/pop3-login verbose_proctitle: yes mail_location: mbox:~/mail:INBOX=/var/spool/mail/%u mail_debug: yes mail_executable: /usr/libexec/dovecot/pop3 mail_plugins: quota mail_plugin_dir: /usr/lib64/dovecot/pop3 auth default: passdb: driver: pam userdb: driver: passwd plugin: quota: fs:INBOX:noenforcing quota2: fs:boxes:noenforcing:mount=/var/spool/mail quota_rule: *:storage=10240 quota_rule2: *:storage=15000 dovecot.log: ------------ Sep 09 16:13:46 pop3-login: Info: Login: user=, method=PLAIN, rip=192.168.3.10, lip=192.168.6.3, TLS Sep 09 16:13:46 POP3(pit): Info: Loading modules from directory: /usr/lib64/dovecot/pop3 Sep 09 16:13:46 POP3(pit): Info: Module loaded: /usr/lib64/dovecot/pop3/lib10_quota_plugin.so Sep 09 16:13:46 POP3(pit): Info: Effective uid=500, gid=500, home=/home/pit Sep 09 16:13:46 POP3(pit): Info: Quota root: name=INBOX backend=fs args=noenforcing Sep 09 16:13:46 POP3(pit): Info: Quota rule: root=INBOX mailbox=* bytes=10485760 messages=0 Sep 09 16:13:46 POP3(pit): Info: Quota rule: root=INBOX mailbox=* bytes=15360000 messages=0 Sep 09 16:13:46 POP3(pit): Info: Quota root: name=boxes backend=fs args=noenforcing:mount=/var/spool/mail Sep 09 16:13:46 POP3(pit): Info: mbox: data=~/mail:INBOX=/var/spool/mail/pit Sep 09 16:13:46 POP3(pit): Info: fs: root=/home/pit/mail, index=, control=, inbox=/var/spool/mail/pit Sep 09 16:13:46 POP3(pit): Info: fs quota add storage dir = /home/pit/mail Sep 09 16:13:46 POP3(pit): Info: fs quota block device = /dev/cciss/c0d0p3 Sep 09 16:13:46 POP3(pit): Info: fs quota mount point = / Sep 09 16:13:46 POP3(pit): Info: fs quota mount type = ext3 Sep 09 16:13:46 POP3(pit): Info: Disconnected: Logged out top=0/0, retr=0/0, del=0/2, size=1249 From giulio at dsi.unimi.it Fri Sep 9 16:42:57 2011 From: giulio at dsi.unimi.it (Giulio Casella) Date: Fri, 09 Sep 2011 15:42:57 +0200 Subject: [Dovecot] BestPractice to migrate imap mailbox from one machine to another In-Reply-To: References: <8c63a852f1cdf3633ecfe820a17bd158@hachmer.de> <4E6A132E.9080206@schetterer.org> Message-ID: <4E6A17E1.4000004@dsi.unimi.it> Have you tried dsync (part of dovecot)? I don't know if it works for migration to a different (major) version of dovecot, but it's a nice tool. And it works also over ssh. Giulio Hope this helps. Il 09/09/2011 15.34, Tobias Hachmer ha scritto: > On Fri, 09 Sep 2011 15:22:54 +0200, Robert Schetterer wrote: >> Am 09.09.2011 15:14, schrieb Tobias Hachmer: >>> What is the best way to copy the existing mailboxes from the older >>> machine running dovecot v1.2.15 to the new naked machine? >> >> i used imapsync in a bash script >> http://ks.lamiral.info/imapsync/ >> at a massive migration > > ok, but this tool is not free of charge. > Are there any known problems just copying the mailboxes with scp or rsync? > > Tobias > > -- Giulio Casella giulio at dsi.unimi.it System and network manager Computer Science Dept. - University of Milano From tobias at hachmer.de Fri Sep 9 16:50:49 2011 From: tobias at hachmer.de (Tobias Hachmer) Date: Fri, 09 Sep 2011 15:50:49 +0200 Subject: [Dovecot] BestPractice to migrate imap mailbox from one machine to another In-Reply-To: <4E6A17E1.4000004@dsi.unimi.it> References: <8c63a852f1cdf3633ecfe820a17bd158@hachmer.de> <4E6A132E.9080206@schetterer.org> <4E6A17E1.4000004@dsi.unimi.it> Message-ID: On Fri, 09 Sep 2011 15:42:57 +0200, Giulio Casella wrote: > Have you tried dsync (part of dovecot)? I don't know if it works for > migration to a different (major) version of dovecot, but it's a nice > tool. And it works also over ssh. Yeah, I read the sections in the dovecot v2 wiki, but I don't get how to use for migration. As far as I understood it's to keep several dovecot server at a unique data bank. An well, can I use it between dovecot v1.2 and v2? Tobias From joh.hendriks at gmail.com Fri Sep 9 17:26:37 2011 From: joh.hendriks at gmail.com (Johan Hendriks) Date: Fri, 09 Sep 2011 16:26:37 +0200 Subject: [Dovecot] BestPractice to migrate imap mailbox from one machine to another In-Reply-To: <8c63a852f1cdf3633ecfe820a17bd158@hachmer.de> References: <8c63a852f1cdf3633ecfe820a17bd158@hachmer.de> Message-ID: <4E6A221D.7060805@gmail.com> Tobias Hachmer schreef: > Hi list, > > currently I use dovecot v1.2.15 with maildir++ mailboxes. (Debian > Squeeze) > I want to set up a different server with dovecot v2, also maildir++ > mailboxes. (also Debian Squeeze) > > What is the best way to copy the existing mailboxes from the older > machine running dovecot v1.2.15 to the new naked machine? > > Greetz, Tobias I did the same thing, with no know issues so far. My old server was running dovecot 1.2.x and i coppied the whole maildir structure to the other machine. Then started Dovecot 2.x and all was fine. Should be the same as instlling 2.0 over the old 1.2.x version, then it uses the old maildir also. Well test it i would say. Just do the copy, and try if everything works. then do it for a final migration. Gr Johan Hendriks From Lutz.Pressler at SerNet.DE Fri Sep 9 17:43:49 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Fri, 9 Sep 2011 16:43:49 +0200 Subject: [Dovecot] 2.1: imapc LIST problem / usage question In-Reply-To: <20110909102128.GA762256@gabi.sernet.de> References: <1315563414.3876.50.camel@hurina> <20110909102128.GA762256@gabi.sernet.de> Message-ID: On Fr, 09 Sep 2011, Lutz Pre?ler wrote: > On Fr, 09 Sep 2011, Timo Sirainen wrote: > > > On Fri, 2011-09-09 at 12:01 +0200, Lutz Pre?ler wrote: > [...] > > > For the Gmail mailboxe the INBOX.gmail prefix is missing and / is used > > > as separator. > > > > Fixed in hg. > Thanks. LIST is now working correctly in my setup, but SUBSCRIBE ist not. With subscriptions=no, as written (but same behaviour with subscriptions=yes), SUBSCRIBE INBOX.gmail.INBOX (or others) yields 0 NO [SERVERBUG] Internal error occurred. Refer to server log for more information. [2011-09-09 16:39:40] logging (with mail_debug=yes) only Sep 9 16:39:40 host dovecot: imap(1143, user): Error: stat((null)) failed: Bad address Lutz From giulio at dsi.unimi.it Fri Sep 9 18:16:57 2011 From: giulio at dsi.unimi.it (Giulio Casella) Date: Fri, 09 Sep 2011 17:16:57 +0200 Subject: [Dovecot] BestPractice to migrate imap mailbox from one machine to another In-Reply-To: References: Message-ID: <4E6A2DE9.1060806@dsi.unimi.it> This is working for me: root at oldserver # dsync -v -D -u $user backup ssh newserver dsync -u $user where $user is a username. oldserver and newserver can also have different mailbox format (in my case was mbox -> maildir) Regards, gc -------- Messaggio originale -------- Oggetto: Re: [Dovecot] BestPractice to migrate imap mailbox from one machine to another Data: Fri, 09 Sep 2011 15:50:49 +0200 Mittente: Tobias Hachmer A: On Fri, 09 Sep 2011 15:42:57 +0200, Giulio Casella wrote: > Have you tried dsync (part of dovecot)? I don't know if it works for > migration to a different (major) version of dovecot, but it's a nice > tool. And it works also over ssh. Yeah, I read the sections in the dovecot v2 wiki, but I don't get how to use for migration. As far as I understood it's to keep several dovecot server at a unique data bank. An well, can I use it between dovecot v1.2 and v2? Tobias -- Giulio Casella giulio at dsi.unimi.it System and network manager Computer Science Dept. - University of Milano From stsiol at yahoo.co.uk Fri Sep 9 18:22:04 2011 From: stsiol at yahoo.co.uk (Spyros Tsiolis) Date: Fri, 9 Sep 2011 16:22:04 +0100 (BST) Subject: [Dovecot] How to get rid of sub-folders ? Message-ID: <1315581724.65256.YahooMailNeo@web27201.mail.ukl.yahoo.com> Hello, OK, no answers on my previous e-mail. I'll rephrase it. How can I get rid of subfolders on a users' tree-like structure on dovecot ? Which file must I "touch" ? TIA, s. ? ---- "I merely function as a channel that filters music through the chaos of noise" - Vangelis From tobias at hachmer.de Fri Sep 9 20:05:08 2011 From: tobias at hachmer.de (Tobias Hachmer) Date: Fri, 09 Sep 2011 19:05:08 +0200 Subject: [Dovecot] BestPractice to migrate imap mailbox from one machine to another In-Reply-To: <4E6A2DE9.1060806@dsi.unimi.it> References: <4E6A2DE9.1060806@dsi.unimi.it> Message-ID: On Fri, 09 Sep 2011 17:16:57 +0200, Giulio Casella wrote: > This is working for me: > > root at oldserver # dsync -v -D -u $user backup ssh newserver dsync -u > $user > > where $user is a username. oldserver and newserver can also have > different mailbox format (in my case was mbox -> maildir) Thanks for your replies, I will test first the simple copy of the maildirs when the new server is set up. So thanks a lot. Greetz, Tobias From simon.brereton at buongiorno.com Fri Sep 9 20:07:54 2011 From: simon.brereton at buongiorno.com (Simon Brereton) Date: Fri, 9 Sep 2011 13:07:54 -0400 Subject: [Dovecot] Mails repopping Message-ID: <004b01cc6f13$04a166d0$0de43470$@brereton@buongiorno.com> HI I don't know if this is a dovecot issue or a client one. But as Dovecot is the most recent change, I'll start here. I have a server that's been running Courier for about 6 years and in all that time I think I've only ever had 1 issues where an entire mail box was repopped by a webmail client. However, since moving to a new server and dovecot 4 weeks ago, I've now had the webmail client repop this account 4 times (there are about 230 mails in the account). Is there a setting I need to tighten to prevent/remedy this? I have no idea if it's happening on other accounts, but this is one that I see. The format is maildir. There has been no changes to the webmail client. Thanks. Simon From robert at schetterer.org Fri Sep 9 21:26:59 2011 From: robert at schetterer.org (Robert Schetterer) Date: Fri, 09 Sep 2011 20:26:59 +0200 Subject: [Dovecot] BestPractice to migrate imap mailbox from one machine to another In-Reply-To: References: <8c63a852f1cdf3633ecfe820a17bd158@hachmer.de> <4E6A132E.9080206@schetterer.org> Message-ID: <4E6A5A73.4050403@schetterer.org> Am 09.09.2011 15:34, schrieb Tobias Hachmer: > On Fri, 09 Sep 2011 15:22:54 +0200, Robert Schetterer wrote: >> Am 09.09.2011 15:14, schrieb Tobias Hachmer: >>> What is the best way to copy the existing mailboxes from the older >>> machine running dovecot v1.2.15 to the new naked machine? >> >> i used imapsync in a bash script >> http://ks.lamiral.info/imapsync/ >> at a massive migration > > ok, but this tool is not free of charge. ? you should donate but you can use it without too, i.e its part of ubuntu > Are there any known problems just copying the mailboxes with scp or rsync? may work too, with few problems depending on your setup, but its no real way if you make migration on the fly in my eyes better setup the new server, do tests, make imapsync > > Tobias > > > -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria From robert at schetterer.org Fri Sep 9 21:28:35 2011 From: robert at schetterer.org (Robert Schetterer) Date: Fri, 09 Sep 2011 20:28:35 +0200 Subject: [Dovecot] BestPractice to migrate imap mailbox from one machine to another In-Reply-To: <4E6A2DE9.1060806@dsi.unimi.it> References: <4E6A2DE9.1060806@dsi.unimi.it> Message-ID: <4E6A5AD3.3010802@schetterer.org> Am 09.09.2011 17:16, schrieb Giulio Casella: > This is working for me: > > root at oldserver # dsync -v -D -u $user backup ssh newserver dsync -u $user > > where $user is a username. oldserver and newserver can also have > different mailbox format (in my case was mbox -> maildir) > > Regards, > gc yes, dsync should work too, but never tested it > > -------- Messaggio originale -------- > Oggetto: Re: [Dovecot] BestPractice to migrate imap mailbox from one > machine to another > Data: Fri, 09 Sep 2011 15:50:49 +0200 > Mittente: Tobias Hachmer > A: > > On Fri, 09 Sep 2011 15:42:57 +0200, Giulio Casella wrote: >> Have you tried dsync (part of dovecot)? I don't know if it works for >> migration to a different (major) version of dovecot, but it's a nice >> tool. And it works also over ssh. > > Yeah, I read the sections in the dovecot v2 wiki, but I don't get how > to use for migration. > As far as I understood it's to keep several dovecot server at a unique > data bank. An well, can I use it between dovecot v1.2 and v2? > > Tobias > -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria From tobias at hachmer.de Fri Sep 9 22:17:35 2011 From: tobias at hachmer.de (Tobias Hachmer) Date: Fri, 09 Sep 2011 21:17:35 +0200 Subject: [Dovecot] BestPractice to migrate imap mailbox from one machine to another In-Reply-To: <4E6A5A73.4050403@schetterer.org> References: <8c63a852f1cdf3633ecfe820a17bd158@hachmer.de> <4E6A132E.9080206@schetterer.org> <4E6A5A73.4050403@schetterer.org> Message-ID: <4b0910624105abb6709a382467b4f6b1@hachmer.de> On Fri, 09 Sep 2011 20:26:59 +0200, Robert Schetterer wrote: >>> i used imapsync in a bash script >>> http://ks.lamiral.info/imapsync/ >>> at a massive migration >> >> ok, but this tool is not free of charge. > > ? you should donate > but you can use it without too, i.e its part of ubuntu Oh, cool, thanks for the hint. Yes, I will test simple copy, imapsnc and dsync. Thanks a lot. Tobias From simon.brereton at buongiorno.com Fri Sep 9 22:46:05 2011 From: simon.brereton at buongiorno.com (Simon Brereton) Date: Fri, 9 Sep 2011 15:46:05 -0400 Subject: [Dovecot] Mails repopping In-Reply-To: <4E6A6021.3000109@Media-Brokers.com> References: <004b01cc6f13$04a166d0$0de43470$@brereton@buongiorno.com> <4E6A6021.3000109@Media-Brokers.com> Message-ID: <000001cc6f29$1d950730$58bf1590$@brereton@buongiorno.com> > -----Original Message----- > From: Charles Marcus [mailto:CMarcus at Media-Brokers.com] > Sent: Friday, September 09, 2011 2:51 PM > On 2011-09-09 1:07 PM, Simon Brereton > wrote: > > I have a server that's been running Courier for about 6 years and > in > > all that time I think I've only ever had 1 issues where an entire > mail > > box was repopped by a webmail client. > > I don't understand... > > Webmail doesn't speak 'pop' (that I've ever heard of)... so how does > a webmail client 'repop' emails? What webmail is this? It's Horde webmail. Webmail does pop. Yahoo and Gmail do it too. When I first set up the server, it did it on first login - obviously because the server had changed but it's doing it once a week now (and in fact, it did it twice today). It's not fatal, no one will die. It is a PITA though. Simon From micah at riseup.net Fri Sep 9 23:05:21 2011 From: micah at riseup.net (Micah Anderson) Date: Fri, 09 Sep 2011 16:05:21 -0400 Subject: [Dovecot] quota percents Message-ID: <87sjo5wkfy.fsf@algae.riseup.net> I've noticed that http://wiki2.dovecot.org/Quota/Configuration is out of date, it says: plugin { quota = maildir:User quota quota_rule = *:storage=1GB # 10% of 1GB = 100MB quota_rule2 = Trash:storage=10%% # 20% of 1GB = 200MB quota_rule3 = Spam:storage=20%% } but if you use the '10%%' notation, dovecot complains, and *also* incorrectly: dovecot: imap(test at example.net): Warning: quota root mail quota rule Trash:bytes=10%: obsolete configuration for rule 'bytes=10%' should be changed to 'bytes=+10%' its incorrect because if you change it to what it suggests ('+10%') it wont work because that wont be 10% more, rather, it is set to bytes=+10: dovecot: imap(test at example.net): Debug: Quota rule: root=mail quota mailbox=Trash bytes=+10 messages=0 clearly, that isn't right... so I guess it needs to be changed to '+10%%', setting that provides: dovecot: imap(test at example.net): Debug: Quota rule: root=mail quota mailbox=* bytes=2211724 messages=0 dovecot: imap(test at example.net): Debug: Quota rule: root=mail quota mailbox=Trash bytes=+221172 (10%) messages=0 that seems ok, its saying the Trash mailbox is set to have 221172bytes (215 kilobytes) of quota. So, clearly http://wiki2.dovecot.org/Quota/Configuration needs to be updated. However, it doesn't seem to work in practice, because I have a user that is at 99% of quota, with nothing in the Trash who cannot move a 77KB message into the Trash without getting the quota_exceeded message and refusing to move it. so... how do I get this to work? thanks! micah -- -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 835 bytes Desc: not available URL: From npap at ecs.com.gr Sat Sep 10 00:45:26 2011 From: npap at ecs.com.gr (Nikos Papadopoulos) Date: Sat, 10 Sep 2011 00:45:26 +0300 Subject: [Dovecot] Attacking Dovecot Message-ID: <201109092145.p89LjQLb017904@panas.otenet.gr> Hello, I am using Dovecot ver.1.0.7 on an x86 server with RedHat Linux Enterprise 5 and the following configuration: # 1.0.7: /etc/dovecot.conf protocols: pop3 login_dir: /var/run/dovecot/login login_executable: /usr/libexec/dovecot/pop3-login mail_location: mbox:~/mail:INBOX=/var/mail/%u mail_executable: /usr/libexec/dovecot/pop3 mail_plugin_dir: /usr/lib/dovecot/pop3 pop3_client_workarounds: outlook-no-nuls oe-ns-eoh auth default: passdb: driver: pam userdb: driver: passwd It seems that my mail server is being attacked by someone who tries to retrieve users' credentials. Please read below an output of logwatch. dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user sandra dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user tanya dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user tanya dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user dark dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user dark dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user gibson dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user frank dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user frank Besides, some of the local users receive "spam" emails, which seem to be sent by another local user. Please assist me on how to prevent the aforementioned attack. Best Regards, Nikos From christian at siebenbergen.de Sat Sep 10 00:58:55 2011 From: christian at siebenbergen.de (Christian Schmidt) Date: Fri, 9 Sep 2011 23:58:55 +0200 Subject: [Dovecot] userdb static & Quota from LDAP? Message-ID: <20110909215855.GA4680@chemie.uni-hamburg.de> Hi all, I just configured Dovecot 2.0.14 for "virtual" (i.e. non-system-) users: passdb { driver = ldap args = /etc/dovecot/conf.d/ldap-passdb.ext } userdb { driver = static args = uid=vmail gid=vmail home=/var/maildir/%u } Works fine so far - thanks for this great piece of software, Timo!!! Now I'd like to add per-user quotas that will also be stored in the LDAP directory, and I'm not sure how to put things together. IMHO quota is the only "userdb information" requested from LDAP, and I'd like to leave all the other "userdb pieces" as the are. I changed the userdb definition to: userdb { driver = ldap args = /etc/dovecot/conf.d/ldap-userdb.ext } My /etc/dovecot/conf.d/ldap-userdb.ext contains (along other lines): user_attrs = uid=vmail,gid=vmail,home=/var/maildir/%u,mailQuota=quota=quota_rule=*:storage=%$ My quota configuration looks like this: plugin { quota = maildir:Mailbox-Quota quota_rule = *:storage=1G quota_warning = storage=80%% /usr/local/bin/quotawarn.sh 80 %u quota_warning2 = storage=95%% /usr/local/bin/quotawarn.sh 95 %u } Using this setup, "doveadm quota get -u username" doesn't reveal any quota information (except from the "headings"). Instead, dovecot logs: doveadm(username): Fatal: GID 0 isn't permitted When switching back to userdb static, I receive the correct (but also) static quota information. What am I doing wrong? Thank you very much, Christian Schmidt -- question = ( to ) ? be : ! be; -- Wm. Shakespeare From tim at bishnet.net Fri Sep 9 22:44:33 2011 From: tim at bishnet.net (Tim Bishop) Date: Fri, 9 Sep 2011 20:44:33 +0100 Subject: [Dovecot] Read-only mbox files Message-ID: <20110909194433.GB1243@carrick-users.bishnet.net> Hi all, I'm using Dovecot 1.2.16 (I can upgrade to 2.0 if need be) and I'm having trouble stopping Dovecot from modifying mbox files. The setup is that my main namespace points at my Maildir mail folders. In addition to this I have a second namespace that points at some old archived mbox folders. I rarely need to access these folders, but when I do Dovecot modifies the files (adding UID headers, etc). What I'd like to do is make it so that Dovecot can't change these files. I thought there might be a setting to mark a mail_location as read-only, but I can't find anything like that. I've looked at ACLs too, but they seem to be more about user access that what Dovecot can do to files. I could just do this at the filesystem level, but I'd feel a bit happier about working with Dovecot rather than trying to work around it. Does anyone have any suggestions? Thank you for reading. Tim. -- Tim Bishop http://www.bishnet.net/tim/ PGP Key: 0x5AE7D984 From =?utf-8?B?0JrQvtGB0YLRi9GA0LXQsiDQkNC70LXQutGB0LDQvdC00YAg0JDQu9C10LrRgQ==?= Sat Sep 10 04:21:12 2011 From: =?utf-8?B?0JrQvtGB0YLRi9GA0LXQsiDQkNC70LXQutGB0LDQvdC00YAg0JDQu9C10LrRgQ==?= (=?utf-8?B?0JrQvtGB0YLRi9GA0LXQsiDQkNC70LXQutGB0LDQvdC00YAg0JDQu9C10LrRgQ==?=) Date: Sat, 10 Sep 2011 12:21:12 +1100 Subject: [Dovecot] debug user's message retrieval References: <213B51F00051AE48A9F0E112880177178F9F88@Delta.sc.local><213B51F00051AE48A9F0E112880177178F9F89@Delta.sc.local> <4E69B24F.7070501@enas.net> Message-ID: <213B51F00051AE48A9F0E112880177178F77EE@Delta.sc.local> It seems like it?s what I looked for. Many thanks! -- -----Original Message----- From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On Behalf Of Urban Loesch Sent: Friday, September 09, 2011 5:30 PM To: Dovecot Mailing List Subject: Re: [Dovecot] debug user's message retrieval Hi, perhaps the "mail_log" plugin can help you. .... # mail_log plugin provides more event logging for mail processes. plugin { # Events to log. Also available: flag_change append mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename # Group events within a transaction to one line. mail_log_group_events = no # Available fields: uid, box, msgid, from, subject, size, vsize, flags # size and vsize are available only for expunge and copy events. mail_log_fields = uid box msgid size from } ... Regards Urban ???????? ????????? ?????????? wrote: > I forgot to mention that when I go to user's directory there's no > letters at all. > > On Fri, 2011-09-09 at 13:30 +1100, ???????? ????????? ?????????? wrote: >> Hi there! >> >> Is there any method to log user's activity with pop3 service? >> >> I'll try to explain situation: >> >> In maillog I saw that my dovecot lmtp saved four letters in user's >> mailbox. >> After a while I got a call from that user saying that he received >> nothing. >> >> Is there any method to log that that user RETR every single letter, >> maybe with full names of letter's id or something like that? >> > From =?utf-8?B?0JrQvtGB0YLRi9GA0LXQsiDQkNC70LXQutGB0LDQvdC00YAg0JDQu9C10LrRgQ==?= Sat Sep 10 04:23:29 2011 From: =?utf-8?B?0JrQvtGB0YLRi9GA0LXQsiDQkNC70LXQutGB0LDQvdC00YAg0JDQu9C10LrRgQ==?= (=?utf-8?B?0JrQvtGB0YLRi9GA0LXQsiDQkNC70LXQutGB0LDQvdC00YAg0JDQu9C10LrRgQ==?=) Date: Sat, 10 Sep 2011 12:23:29 +1100 Subject: [Dovecot] debug user's message retrieval References: <213B51F00051AE48A9F0E112880177178F9F88@Delta.sc.local><213B51F00051AE48A9F0E112880177178F9F89@Delta.sc.local> <201109091037.37289.joseba.torre@ehu.es> Message-ID: <213B51F00051AE48A9F0E112880177178F77EF@Delta.sc.local> Yep, I do have info like that but I need more cowbell) -----Original Message----- From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On Behalf Of Joseba Torre Sent: Friday, September 09, 2011 7:38 PM To: dovecot at dovecot.org Subject: Re: [Dovecot] debug user's message retrieval On Viernes 09 Septiembre 2011 04:36:13 ???????? ????????? ?????????? escribi?: > I forgot to mention that when I go to user's directory there's no > letters at all. > > On Fri, 2011-09-09 at 13:30 +1100, ???????? ????????? ?????????? wrote: > > Hi there! > > > > Is there any method to log user's activity with pop3 service? > > > > I'll try to explain situation: > > > > In maillog I saw that my dovecot lmtp saved four letters in user's > > mailbox. > > After a while I got a call from that user saying that he received > > nothing. > > > > Is there any method to log that that user RETR every single letter, > > maybe with full names of letter's id or something like that? The default pop3 log is enough for me: Sep 9 05:46:37 server1 dovecot: POP3(user1): Disconnected: Logged out top=0/0, retr=1/41706, del=1/1, size=41685 This means that user1 received 1 message, deleted 1 message, and total downloaded size was 41685. Don't you have a similar line for your user? -- Joseba Torre. Vicegerencia de TICs, ?rea de Explotaci?n From henson at acm.org Sat Sep 10 05:33:16 2011 From: henson at acm.org (Paul B. Henson) Date: Fri, 09 Sep 2011 19:33:16 -0700 Subject: [Dovecot] mysql auth failover failing Message-ID: <4E6ACC6C.6020200@acm.org> We are running dovecot to provide authentication for postfix, using two mysql servers in a multi-master replication set as the password source: ---------------------------------------- # 2.0.13: /etc/dovecot/dovecot.conf # OS: Linux 2.6.37-gentoo-r4 x86_64 Gentoo Base System release 2.0.2 auth_mechanisms = plain login digest-md5 cram-md5 auth_verbose = yes passdb { args = /etc/dovecot/dovecot-sql.conf driver = sql } protocols = none service auth-worker { unix_listener auth-worker { user = postfix } user = $default_internal_user } service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } user = postfix } ssl = no userdb { driver = passwd } --------------------------------------- With an sql config of: ------------------------- driver = mysql connect = host=mysql-1.unx.csupomona.edu host=mysql-2.unx.csupomona.edu dbname=idmgmt user=postfix password=XXXXXXX default_pass_scheme = PLAIN password_query = XXXXXXXXX ------------------------- According to the sample SQL configuration file "HA / round-robin load-balancing is supported by giving multiple host settings, like: host=sql1.host.org host=sql2.host.org". However, as far as I can tell dovecot only connects to the first listed host, and processes all queries through it, there does not appear to be any load-balancing going on. That's not necessarily a dealbreaker; however, high-availability does not appear to be working either. If I shutdown the first mysql server, dovecot starts to log connection failures: Sep 9 15:47:34 tweak dovecot: auth: Error: mysql(mysql-1.unx.csupomona.edu): Connect failed to database (idmgmt): Can't connect to MySQL server on 'mysql-1.unx.csupomona.edu' (111) - waiting for 1 seconds before retry Sep 9 15:47:39 tweak dovecot: auth: Error: mysql(mysql-1.unx.csupomona.edu): Connect failed to database (idmgmt): Can't connect to MySQL server on 'mysql-1.unx.csupomona.edu' (111) - waiting for 25 seconds before retry And postfix starts to fail authentications: Sep 9 15:47:35 tweak postfix/smtpd[5119]: warning: bender.iitsys.csupomona.edu[134.71.250.134]: SASL DIGEST-MD5 authentication failed: Connection lost to authentication server Now and again the authentication process dies: Sep 9 15:47:39 tweak dovecot: auth: Panic: file auth-request-handler.c: line 697 (auth_request_handler_flush_failures): assertion failed: (auth_request->state == AUTH_REQUEST_STATE_FINISHED) Sep 9 15:47:39 tweak dovecot: auth: Error: Raw backtrace: /usr/lib64/dovecot/libdovecot.so.0(+0x3f71a) [0x7f25822ca71a] -> /usr/lib64/dovecot/libdovecot.so.0(+0x3f766) [0x7f25822ca766] -> /usr/lib64/dovecot/libdovecot.so.0(+0x198ca) [0x7f25822a48ca] -> dovecot/auth() [0x4137f4] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_handle_timeouts+0xd4) [0x7f25822d5fe4] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_handler_run+0x5b) [0x7f25822d6bcb] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_run+0x28) [0x7f25822d5c48] -> /usr/lib64/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7f25822c3de3] -> dovecot/auth(main+0x2be) [0x4179de] -> /lib64/libc.so.6(__libc_start_main+0xfd) [0x7f2581898bbd] -> dovecot/auth() [0x40bdc9] Sep 9 15:47:39 tweak dovecot: master: Error: service(auth): child 4154 killed with signal 6 (core dumps disabled) Requests start to pile up: Sep 9 15:51:46 tweak dovecot: auth: Warning: auth workers: Auth request was queued for 25 seconds, 45 left in queue Lookups time out: Sep 9 15:57:22 tweak dovecot: auth: Error: auth worker: Aborted request: Lookup timed out This occasionally pops up: Sep 9 15:58:38 tweak dovecot: auth: Fatal: net_connect_unix(auth-worker) failed: Resource temporarily unavailable And sometimes the auth process gets temporarily disabled: Sep 9 15:58:57 tweak dovecot: master: Error: service(auth): command startup failed, throttling Resulting in more postfix authentication failures: Sep 9 15:58:57 tweak postfix/smtpd[6531]: warning: bender.iitsys.csupomona.edu[134.71.250.134]: SASL DIGEST-MD5 authentication failed: Sep 9 15:59:08 tweak postfix/smtpd[6551]: fatal: no SASL authentication mechanisms To the point where postfix also temporarily throttles smtpd: Sep 9 15:59:21 tweak postfix/master[6526]: warning: /usr/lib64/postfix/smtpd: bad command startup -- throttling Resulting in a complete unavailability of smtp service, not just unavailability of authenticated services. I don't think all authentications fail during the scenario, but I think the majority do. Based on the network traffic, dovecot is almost continuously trying to connect to the first listed server. It sometimes connects to the second listed server, but when it does, the connection does not persist, it goes away almost immediately. Ideally, I would like no authentications to fail if one of the MySQL servers is unavailable. If a few fail just when the server dies, that would be undesirable but acceptable as long as they do not continuously fail while the server is down. Am I doing something wrong? Does the example sql config have incorrect information? We were previously running dovecot 1.2.11, we just recently upgraded to 2. In the previous version, we actually had two different passdb's configured, each one listing only one of the mysql servers. I seem to recall that was the recommendation at the time for high-availability. When that configuration did not seem to work under version 2, I found an updated recommendation to list both servers in the same passdb, which also does not appear to work correctly. I actually went back and tested the older version, and determined it seemed to work okay in the case where the server was up but the service was down, and connections were refused, but also failed a large number of authentication attempts when the server was completely down and connections were timing out. Thanks much... -- Paul B. Henson | (909) 979-6361 | http://www.csupomona.edu/~henson/ Operating Systems and Network Analyst | henson at csupomona.edu California State Polytechnic University | Pomona CA 91768 From noel.butler at ausics.net Sat Sep 10 06:02:57 2011 From: noel.butler at ausics.net (Noel Butler) Date: Sat, 10 Sep 2011 13:02:57 +1000 Subject: [Dovecot] mysql auth failover failing In-Reply-To: <4E6ACC6C.6020200@acm.org> References: <4E6ACC6C.6020200@acm.org> Message-ID: <1315623777.5820.21.camel@tardis> On Fri, 2011-09-09 at 19:33 -0700, Paul B. Henson wrote: > default_pass_scheme = PLAIN Uhg i'll pretend I didnt see that :) > > According to the sample SQL configuration file "HA / round-robin > load-balancing is supported by giving multiple host settings, like: > host=sql1.host.org host=sql2.host.org". > > However, as far as I can tell dovecot only connects to the first listed > host, and processes all queries through it, there does not appear to be > any load-balancing going on. > I suspect the wording here is incorrect, its just a failover AFAIK, it only hits the first entry failing to second if no response. HA would be like running a mysql slave on all the front ends failing over to the master on your CRM server etc, which is what I do and suggest, having just one master server, after all, dovecot and postfix just need to read, not alter/update/insert etc. > That's not necessarily a dealbreaker; however, high-availability does > not appear to be working either. > > If I shutdown the first mysql server, dovecot starts to log connection > failures: > > Sep 9 15:47:34 tweak dovecot: auth: Error: > mysql(mysql-1.unx.csupomona.edu): Connect failed to database (idmgmt): > Can't connect to MySQL server on 'mysql-1.unx.csupomona.edu' (111) - > waiting for 1 seconds before retry > > Sep 9 15:47:39 tweak dovecot: auth: Error: > mysql(mysql-1.unx.csupomona.edu): Connect failed to database (idmgmt): > Can't connect to MySQL server on 'mysql-1.unx.csupomona.edu' (111) - > waiting for 25 seconds before retry > yep thats correct because it has " gone away" but it still uses the second host immediately, thats just dovecot trying to re-establish its link with primary > And postfix starts to fail authentications: > err postfix is not dovecot, you need to also add failover in postfix's sql lookup commands hosts = unix:/var/run/mysql/mysql.sock 10.10.10.2 (assuming .2 is your master sql server) > > Resulting in a complete unavailability of smtp service, not just > unavailability of authenticated services. > You could have a higher sec mx smtp box that uses postfix for virtual transport for cases of if dovecot is unavailable, this of course means storing partial paths in your mail db, for use only by that one non-behind-load-balancer separated sec mx, of course this wont solve users issue of sending unless you have multiple smtp behind a load balancer, but allows for inbound still, depends on how big your setup (and budget) is or can be :) (note: I talk of load balancer as in real hardware device, not as in pretend LB's as in software) > Does the example sql config have incorrect > information? > I suspect so. -------------- next part -------------- A non-text attachment was scrubbed... Name: face-smile.png Type: image/png Size: 873 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 490 bytes Desc: This is a digitally signed message part URL: From henson at acm.org Sat Sep 10 06:16:17 2011 From: henson at acm.org (Paul B. Henson) Date: Fri, 9 Sep 2011 20:16:17 -0700 Subject: [Dovecot] mysql auth failover failing In-Reply-To: <1315623777.5820.21.camel@tardis> References: <4E6ACC6C.6020200@acm.org> <1315623777.5820.21.camel@tardis> Message-ID: <20110910031616.GN32704@bender.csupomona.edu> On Fri, Sep 09, 2011 at 08:02:57PM -0700, Noel Butler wrote: > Uhg i'll pretend I didnt see that :) We only use dovecot to provide sasl authentication to postfix smtp clients, using a separate password just for that purpose. Storing it in plaintext is the only way to support all authentication types. > I suspect the wording here is incorrect, its just a failover AFAIK, it > only hits the first entry failing to second if no response. Hmm, that would work for me, if it worked ;). > suggest, having just one master server, after all, dovecot and postfix > just need to read, not alter/update/insert etc. True; but the pieces that are altering/updating/inserting the data that postfix/dovecot need to read need redundancy as well :). > yep thats correct because it has " gone away" but it still uses the > second host immediately, thats just dovecot trying to re-establish its > link with primary Based on my testing, it doesn't use the second host immediately, but only sporadically, with most of the authentications failing. > err postfix is not dovecot, you need to also add failover in postfix's > sql lookup commands postfix relies on dovecot for authentication, this postfix error message is the result of dovecot not successfully processing an authentication request. postfix itself handles mysql failure well, it both load balances queries across both servers and also continues to function when one isn't available. > (note: I talk of load balancer as in real hardware device, not as in > pretend LB's as in software) We actually have a hardware load balancer, and I've considered just sticking the mysql servers behind it. But everything else using them handles failover ok, and initially I'd rather get dovecot doing the same before changing the current architecture. Thanks for the reply... -- Paul B. Henson | (909) 979-6361 | http://www.csupomona.edu/~henson/ Operating Systems and Network Analyst | henson at csupomona.edu California State Polytechnic University | Pomona CA 91768 From Jim at themailshack.com Sat Sep 10 06:23:45 2011 From: Jim at themailshack.com (Jim) Date: Fri, 9 Sep 2011 22:23:45 -0500 Subject: [Dovecot] Attacking Dovecot In-Reply-To: <201109092145.p89LjQLb017904@panas.otenet.gr> References: <201109092145.p89LjQLb017904@panas.otenet.gr> Message-ID: <5CD2AED2-E342-4811-B5F3-5D05091569E1@themailshack.com> There isn't enough information presented to assist, you'll want to refer to the wiki to increase your logging to get more detail: http://wiki.dovecot.org/Logging What you need is the system IP that's connecting as these users, if it's local, you should be able to track that system down easily. If it's remote, block it via a firewall to lock it out. Regarding the spam emails, they may or may not be coming from this same system, once you have more logging, you'll be able to verify that. Jim On Sep 9, 2011, at 4:45 PM, Nikos Papadopoulos wrote: > I am using Dovecot ver.1.0.7 on an x86 server with RedHat Linux Enterprise 5 > It seems that my mail server is being attacked by someone who tries to > retrieve users' credentials. > Besides, some of the local users receive "spam" emails, which seem to be > sent by another local user. From jana1972 at centrum.cz Sat Sep 10 11:04:36 2011 From: jana1972 at centrum.cz (jana1972 at centrum.cz) Date: Sat, 10 Sep 2011 10:04:36 +0200 Subject: [Dovecot] Why can NOT login as root Message-ID: <4E6B3634.18171.51F73FE@jana1972.centrum.cz> Hi i use Dovecot and it works ok for users except for root user. It is impossible to login as root Here is a log Sep 10 10:15:44 auth: Debug: Loading modules from directory: /usr/local/lib/dovecot/auth Sep 10 10:15:44 auth: Debug: auth client connected (pid=18077) Sep 10 10:15:44 auth: Debug: client in: AUTH 1 PLAIN service=imap secured lip=212.97.133.82 rip=212.97.133.82 lport=143 rport=34645 resp= Sep 10 10:15:44 auth: Debug: Loading modules from directory: /usr/local/lib/dovecot/auth Sep 10 10:15:44 auth: Debug: pam(root,212.97.133.82): lookup service=dovecot Sep 10 10:15:44 auth: Debug: pam(root,212.97.133.82): #1/1 style=1 msg=Password: Sep 10 10:15:44 auth: Debug: client out: OK 1 user=root Sep 10 10:15:44 auth: Debug: master in: REQUEST 2889482241 18077 1 3500554cf70742dfc0515671c7671bbd Sep 10 10:15:44 auth: Debug: passwd(root,212.97.133.82): lookup Sep 10 10:15:44 auth: Debug: master out: USER 2889482241 root system_groups_user=root uid=0 gid=0 home=/root Sep 10 10:15:44 imap-login: Info: Login: user=, method=PLAIN, rip=212.97.133.82, lip=212.97.133.82, mpid=18082, secured Sep 10 10:15:44 imap: Error: user root: Invalid settings in userdb: userdb returned 0 as uid Sep 10 10:15:44 imap: Error: Invalid user settings. Refer to server log for more information. Can anyone help? Thanks LL. From user+dovecot at localhost.localdomain.org Sat Sep 10 11:18:53 2011 From: user+dovecot at localhost.localdomain.org (Pascal Volk) Date: Sat, 10 Sep 2011 10:18:53 +0200 Subject: [Dovecot] Why can NOT login as root In-Reply-To: <4E6B3634.18171.51F73FE@jana1972.centrum.cz> References: <4E6B3634.18171.51F73FE@jana1972.centrum.cz> Message-ID: <4E6B1D6D.4080609@localhost.localdomain.org> On 09/10/2011 10:04 AM jana1972 at centrum.cz wrote: > Hi i use Dovecot and it works ok for users except for root user. > It is impossible to login as root > Here is a log > ? > Sep 10 10:15:44 imap: Error: user root: Invalid settings in userdb: userdb > returned 0 as uid > Sep 10 10:15:44 imap: Error: Invalid user settings. Refer to server log for > more information. > > > Can anyone help? http://hg.dovecot.org/dovecot-1.2/file/02c2ac9ddf8c/dovecot-example.conf: 374 # Valid UID range for users, defaults to 500 and above. This is mostly 375 # to make sure that users can't log in as daemons or other system users. 376 # Note that denying root logins is hardcoded to dovecot binary and can't 377 # be done even if first_valid_uid is set to 0. Regards, Pascal -- The trapper recommends today: cafebabe.1125310 at localdomain.org From ionic at ionic.de Sat Sep 10 05:36:57 2011 From: ionic at ionic.de (Mihai Moldovan) Date: Sat, 10 Sep 2011 04:36:57 +0200 Subject: [Dovecot] Annoying "feature" in dovecot/pidgeonhole - include depth limitation Message-ID: <4E6ACD49.6090406@ionic.de> Hi all, I'm using dovecot 2.0.14 build on Debian. The maintainers obviously patch the dovecot source so that it uses the pidgeonhole sieve system. Today I ran into a very annoying issue: I created several sieve scripts and interlinked via the include command, only to find dovecot spewing this error message at me: SWREG Newsletter: line 14: error: cannot nest includes deeper than 10 levels. As far as I could see this limitation is hardcoded to a depth of 10 and can only be changed at compile time. Why is it in place? I understand that you CAN create loops via the include command and limiting the inclusion depth is a way to circumvent loops - but ten is a very low value and the fact that you can't change it via a config file or sorta is even worse. My "fix" so far has been ignoring this, i.e. not returning false. I'm pretty sure that's not the best way to do it but it seems to be working so far. I'd really like to hear your opinion on this issue. Best regards, Mihai ** -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 4369 bytes Desc: S/MIME Cryptographic Signature URL: From noel.butler at ausics.net Sat Sep 10 11:49:59 2011 From: noel.butler at ausics.net (Noel Butler) Date: Sat, 10 Sep 2011 18:49:59 +1000 Subject: [Dovecot] mysql auth failover failing In-Reply-To: <20110910031616.GN32704@bender.csupomona.edu> References: <4E6ACC6C.6020200@acm.org> <1315623777.5820.21.camel@tardis> <20110910031616.GN32704@bender.csupomona.edu> Message-ID: <1315644599.5471.12.camel@tardis> On Fri, 2011-09-09 at 20:16 -0700, Paul B. Henson wrote: > On Fri, Sep 09, 2011 at 08:02:57PM -0700, Noel Butler wrote: > > suggest, having just one master server, after all, dovecot and postfix > > just need to read, not alter/update/insert etc. > > True; but the pieces that are altering/updating/inserting the data that > postfix/dovecot need to read need redundancy as well :). > Yep, depends on your network design I suppose, I rather leave the front ends to be just that, with all interactions with master DB server and the NAS done via second interface on a dedicated private LAN so those nasty bored teenagers out there can't get near it :) > > yep thats correct because it has " gone away" but it still uses the > > second host immediately, thats just dovecot trying to re-establish its > > link with primary > > Based on my testing, it doesn't use the second host immediately, but > only sporadically, with most of the authentications failing. Sounds like you have bigger issues, maybe relating as to why the primary fails? > > > err postfix is not dovecot, you need to also add failover in postfix's > > sql lookup commands > > postfix relies on dovecot for authentication, this postfix error message > is the result of dovecot not successfully processing an authentication > request. postfix itself handles mysql failure well, it both load > balances queries across both servers and also continues to function when > one isn't available. > my bad, I did see that and it is as how I do it (i'm not all there at present, had the flu for a week grrrr) but I never had a situation where primary (local slave copy) has gone away unless I'm deliberately upgrading mysql ) when doing so (tested) it hits the master server (as in secondary host=) right away, no auth failures. Cheers -------------- next part -------------- A non-text attachment was scrubbed... Name: face-smile.png Type: image/png Size: 873 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 490 bytes Desc: This is a digitally signed message part URL: From david at davidfavor.com Sat Sep 10 21:36:06 2011 From: david at davidfavor.com (David Favor) Date: Sat, 10 Sep 2011 13:36:06 -0500 Subject: [Dovecot] BestPractice to migrate imap mailbox from one machineto another In-Reply-To: <4E6A221D.7060805@gmail.com> References: <8c63a852f1cdf3633ecfe820a17bd158@hachmer.de> <4E6A221D.7060805@gmail.com> Message-ID: <4E6BAE16.90805@davidfavor.com> Johan Hendriks wrote: > Tobias Hachmer schreef: >> Hi list, >> >> currently I use dovecot v1.2.15 with maildir++ mailboxes. (Debian >> Squeeze) >> I want to set up a different server with dovecot v2, also maildir++ >> mailboxes. (also Debian Squeeze) >> >> What is the best way to copy the existing mailboxes from the older >> machine running dovecot v1.2.15 to the new naked machine? >> >> Greetz, Tobias > I did the same thing, with no know issues so far. > > My old server was running dovecot 1.2.x and i coppied the whole maildir > structure to the other machine. > Then started Dovecot 2.x and all was fine. > > Should be the same as instlling 2.0 over the old 1.2.x version, then it > uses the old maildir also. > > Well test it i would say. > Just do the copy, and try if everything works. > then do it for a final migration. > > Gr > Johan Hendriks Yes. So long as you're using same file structure, just tar + compress your Maildir hierarchy + scp it to your new machine + untar/uncompress... You'll be good to go. -- Love feeling your best ever, all day, every day? Click http://RadicalHealth.com for the easy way! From michael at orlitzky.com Sat Sep 10 21:36:58 2011 From: michael at orlitzky.com (Michael Orlitzky) Date: Sat, 10 Sep 2011 14:36:58 -0400 Subject: [Dovecot] BestPractice to migrate imap mailbox from one machine to another In-Reply-To: References: <8c63a852f1cdf3633ecfe820a17bd158@hachmer.de> <4E6A132E.9080206@schetterer.org> Message-ID: <4E6BAE4A.2080805@orlitzky.com> On 09/09/11 09:34, Tobias Hachmer wrote: > On Fri, 09 Sep 2011 15:22:54 +0200, Robert Schetterer wrote: >> Am 09.09.2011 15:14, schrieb Tobias Hachmer: >>> What is the best way to copy the existing mailboxes from the older >>> machine running dovecot v1.2.15 to the new naked machine? >> >> i used imapsync in a bash script >> http://ks.lamiral.info/imapsync/ >> at a massive migration > > ok, but this tool is not free of charge. > Are there any known problems just copying the mailboxes with scp or > rsync? > https://fedorahosted.org/released/imapsync/ From dnewman at networktest.com Sat Sep 10 22:49:39 2011 From: dnewman at networktest.com (David Newman) Date: Sat, 10 Sep 2011 12:49:39 -0700 Subject: [Dovecot] sieve and pattern matching Message-ID: <4E6BBF53.3010607@networktest.com> Dovecot 1.2.17 What is the sieve syntax for matching text somewhere in a subject line, but not at the beginning of the line? Background: Multiple machines each send a message with the subject of " operations run" to a mail server. The value is different for each sender. This sieve filter does not match any message: require ["fileinto","envelope","reject","vacation","imapflags","relational","co mparator-i;ascii-numeric","regex","notify"]; require ["body", "fileinto", "regex"]; # currentops reports if header :contains "Subject" ".* operations run" { fileinto "currentops"; stop; } However, a similar filter will match if, and only if, the string occurs at the beginning of the subject line. The various sieve help pages I've found suggest that pattern matching anywhere in the subject line should work, not just at the beginning. How to achieve this? TIA dn From compconsultant at yahoo.com Sat Sep 10 23:23:52 2011 From: compconsultant at yahoo.com (Steve Fatula) Date: Sat, 10 Sep 2011 13:23:52 -0700 (PDT) Subject: [Dovecot] MySQL, map files In-Reply-To: <1315525950.915.YahooMailNeo@web39420.mail.mud.yahoo.com> References: <1315525950.915.YahooMailNeo@web39420.mail.mud.yahoo.com> Message-ID: <1315686232.19193.YahooMailNeo@web39412.mail.mud.yahoo.com> ----- Original Message ----- > From: Steve Fatula > To: Dovecot List > Cc: > Sent: Thursday, September 8, 2011 6:52 PM > Subject: [Dovecot] MySQL, map files > > I'll try and break up my questions the other day about extdata that went > unanswered into pieces in the hopes it will be more specific and clear. > > In general, I am trying to figure out the syntax of the map statement and what > is allowed in that statement. So, by map statement, I mean for example perhaps > the?dovecot-dict-expire.conf.ext file as shown in the doc. Is the syntax the > same for the various types of files (quota vs expire)? Is there syntax to allow > the specification of a different key? If so, where is this documented. I have an > existing table I want to use, not the table shown in the doc. > > The reason I am asking is I have seen web pages that reference all sorts of > statements within the map statement, and I have no idea where they are > documented. Specifically, I see an example here (which is LDAP), look in section > 3: > > http://dovecot.org/patches/1.2/ldap/HOWTO_dictldap+extdata.txt > > > You will see lots of statements, not sure which ones can be used for MySQL > (instead of LDAP). So, would like to find a list of ALL valid syntax within the > map. > I am guessing no one knows the answer then. Oh well, will have to give up on it then as it is un-documented. From compconsultant at yahoo.com Sat Sep 10 23:36:55 2011 From: compconsultant at yahoo.com (Steve Fatula) Date: Sat, 10 Sep 2011 13:36:55 -0700 (PDT) Subject: [Dovecot] Sieve, before script - Can it include "personal" scripts? Message-ID: <1315687015.24912.YahooMailNeo@web39415.mail.mud.yahoo.com> Using sieve_before, can the script it references include a file from the personal space? I want to set some parameters (by user using the variables extension) there to control what the before script does, so, every user would have the file in their personal include space. If not, is there another way? Can the sieve_before and sieve_global_path be set from userdb extra fields? From allen at vo.lu Sun Sep 11 00:36:18 2011 From: allen at vo.lu (John Allen) Date: Sat, 10 Sep 2011 23:36:18 +0200 Subject: [Dovecot] Why can NOT login as root In-Reply-To: <4E6B3634.18171.51F73FE@jana1972.centrum.cz> References: <4E6B3634.18171.51F73FE@jana1972.centrum.cz> Message-ID: <4E6BD852.5000306@vo.lu> As far as I recall, IMAP servers generally don't allow access to root. According to the Dovecot wiki, this is hard-coded in the binary: http://wiki.dovecot.org/MainConfig see under "first_valid_uid" If the root user is receiving emails, these need to be redirected to another user so they can be read via IMAP. John On 10/09/2011 10:04, jana1972 at centrum.cz wrote: > Hi i use Dovecot and it works ok for users except for root user. > It is impossible to login as root > Here is a log > > > Sep 10 10:15:44 auth: Debug: Loading modules from directory: > /usr/local/lib/dovecot/auth > Sep 10 10:15:44 auth: Debug: auth client connected (pid=18077) > Sep 10 10:15:44 auth: Debug: client in: AUTH 1 PLAIN service=imap > secured lip=212.97.133.82 rip=212.97.133.82 lport=143 > rport=34645 resp= > Sep 10 10:15:44 auth: Debug: Loading modules from directory: > /usr/local/lib/dovecot/auth > Sep 10 10:15:44 auth: Debug: pam(root,212.97.133.82): lookup service=dovecot > Sep 10 10:15:44 auth: Debug: pam(root,212.97.133.82): #1/1 style=1 > msg=Password: > Sep 10 10:15:44 auth: Debug: client out: OK 1 user=root > Sep 10 10:15:44 auth: Debug: master in: REQUEST 2889482241 18077 1 > 3500554cf70742dfc0515671c7671bbd > Sep 10 10:15:44 auth: Debug: passwd(root,212.97.133.82): lookup > Sep 10 10:15:44 auth: Debug: master out: USER 2889482241 root > system_groups_user=root uid=0 gid=0 home=/root > Sep 10 10:15:44 imap-login: Info: Login: user=, method=PLAIN, > rip=212.97.133.82, lip=212.97.133.82, mpid=18082, secured > Sep 10 10:15:44 imap: Error: user root: Invalid settings in userdb: userdb > returned 0 as uid > Sep 10 10:15:44 imap: Error: Invalid user settings. Refer to server log for > more information. > > > Can anyone help? > Thanks > LL. From stephan at rename-it.nl Sun Sep 11 13:01:57 2011 From: stephan at rename-it.nl (Stephan Bosch) Date: Sun, 11 Sep 2011 12:01:57 +0200 Subject: [Dovecot] Annoying "feature" in dovecot/pidgeonhole - include depth limitation In-Reply-To: <4E6ACD49.6090406@ionic.de> References: <4E6ACD49.6090406@ionic.de> Message-ID: <4E6C8715.6060803@rename-it.nl> On 9/10/2011 4:36 AM, Mihai Moldovan wrote: > Hi all, > > I'm using dovecot 2.0.14 build on Debian. > > The maintainers obviously patch the dovecot source so that it uses the > pidgeonhole sieve system. > > Today I ran into a very annoying issue: I created several sieve scripts > and interlinked via the include command, only to find dovecot spewing > this error message at me: > SWREG Newsletter: line 14: error: cannot nest includes deeper than 10 > levels. > > As far as I could see this limitation is hardcoded to a depth of 10 and > can only be changed at compile time. Yes, it is. > Why is it in place? I understand that you CAN create loops via the > include command and limiting the inclusion depth is a way to circumvent > loops - but ten is a very low value and the fact that you can't change > it via a config file or sorta is even worse. True. This is one of those typical 'this aught to be enough for every one' issues. Up until now, this was true :) > My "fix" so far has been ignoring this, i.e. not returning false. I'm > pretty sure that's not the best way to do it but it seems to be working > so far. > > I'd really like to hear your opinion on this issue. I've made the limits for the include extension configurable now. This will be included in the next release. Regards, Stephan. From tss at iki.fi Sun Sep 11 13:07:00 2011 From: tss at iki.fi (Timo Sirainen) Date: Sun, 11 Sep 2011 13:07:00 +0300 Subject: [Dovecot] Annoying "feature" in dovecot/pidgeonhole - include depth limitation In-Reply-To: <4E6C8715.6060803@rename-it.nl> References: <4E6ACD49.6090406@ionic.de> <4E6C8715.6060803@rename-it.nl> Message-ID: <55C16496-EE9A-4985-B45E-86A99426A551@iki.fi> On 11.9.2011, at 13.01, Stephan Bosch wrote: > I've made the limits for the include extension configurable now. This will be included in the next release. Is there really a need for such a limit? Isn't it mainly to avoid infinite loops, which could also be detected by seeing if there are any actual include loops? From stephan at rename-it.nl Sun Sep 11 13:13:24 2011 From: stephan at rename-it.nl (Stephan Bosch) Date: Sun, 11 Sep 2011 12:13:24 +0200 Subject: [Dovecot] Sieve, before script - Can it include "personal" scripts? In-Reply-To: <1315687015.24912.YahooMailNeo@web39415.mail.mud.yahoo.com> References: <1315687015.24912.YahooMailNeo@web39415.mail.mud.yahoo.com> Message-ID: <4E6C89C4.7030606@rename-it.nl> On 9/10/2011 10:36 PM, Steve Fatula wrote: > Using sieve_before, can the script it references include a file from the personal space? Yes, that should work, however... > I want to set some parameters (by user using the variables extension) there to control what the before script does, so, every user would have the file in their personal include space. ... there is usually no way to guarantee that the user will have this script in place and that it does not produce any compile/run-time errors. This way, the user can break Sieve processing in the sieve_before stage. The first part can be mended with the new :optional tag recently added to the include extension's specification (not implemented in Pigeonhole so far). Unfortunately, there is no way to resolve the second part. > If not, is there another way? > > Can the sieve_before and sieve_global_path be set from userdb extra fields? Yes. Regards, Stephan. From stephan at rename-it.nl Sun Sep 11 13:29:40 2011 From: stephan at rename-it.nl (Stephan Bosch) Date: Sun, 11 Sep 2011 12:29:40 +0200 Subject: [Dovecot] Annoying "feature" in dovecot/pidgeonhole - include depth limitation In-Reply-To: <55C16496-EE9A-4985-B45E-86A99426A551@iki.fi> References: <4E6ACD49.6090406@ionic.de> <4E6C8715.6060803@rename-it.nl> <55C16496-EE9A-4985-B45E-86A99426A551@iki.fi> Message-ID: <4E6C8D94.7030308@rename-it.nl> On 9/11/2011 12:07 PM, Timo Sirainen wrote: > On 11.9.2011, at 13.01, Stephan Bosch wrote: > >> I've made the limits for the include extension configurable now. This will be included in the next release. > Is there really a need for such a limit? Isn't it mainly to avoid infinite loops, which could also be detected by seeing if there are any actual include loops? The detection of actual include loops is already in place, so the depth limit could be a bit of overkill indeed. The existence of this limit probably has something to do with the fact that code generation for the include extension is still a recursive process (whereas runtime interpretation is not). This means that (very) deep nesting could cause stack overflow at compile time. Once the include extension goes RFC I'll fix this along with implementing the new :optional tag. Regards, Stephan. From stephan at rename-it.nl Sun Sep 11 18:06:48 2011 From: stephan at rename-it.nl (Stephan Bosch) Date: Sun, 11 Sep 2011 17:06:48 +0200 Subject: [Dovecot] sieve and pattern matching In-Reply-To: <4E6BBF53.3010607@networktest.com> References: <4E6BBF53.3010607@networktest.com> Message-ID: <4E6CCE88.9050307@rename-it.nl> On 9/10/2011 9:49 PM, David Newman wrote: > Dovecot 1.2.17 > > What is the sieve syntax for matching text somewhere in a subject line, > but not at the beginning of the line? > > Background: Multiple machines each send a message with the subject of > " operations run" to a mail server. The value is > different for each sender. If I understand your question correctly, the following is the easiest answer: if header :matches "subject" "* operations run" { } > This sieve filter does not match any message: > > require > ["fileinto","envelope","reject","vacation","imapflags","relational","co > mparator-i;ascii-numeric","regex","notify"]; > require ["body", "fileinto", "regex"]; > > # currentops reports > if header :contains "Subject" ".* operations run" > { > fileinto "currentops"; > stop; > } Right, because that is not how :contains works. Check http://tools.ietf.org/html/rfc5228#section-2.7.1 for more info. Regards, Stephan. From lists at kokelnet.de Sun Sep 11 19:40:44 2011 From: lists at kokelnet.de (Tobias Hachmer) Date: Sun, 11 Sep 2011 18:40:44 +0200 Subject: [Dovecot] setacl on complete mailbox Message-ID: <344f5f741af038d8ae8aaab40b4267fa@kokelnet.de> Hi List, how can I grant a user full control on another mailbox (the complete mailbox with all folder and subfolders). With the setacl command I could do this but first I have to list all folders and then I have to do one setacl command for each folder. Is there a command to this in one line? Also for new created folders? Greetz, Tobias From dnewman at networktest.com Sun Sep 11 20:01:36 2011 From: dnewman at networktest.com (David Newman) Date: Sun, 11 Sep 2011 10:01:36 -0700 Subject: [Dovecot] sieve and pattern matching In-Reply-To: <4E6CCE88.9050307@rename-it.nl> References: <4E6BBF53.3010607@networktest.com> <4E6CCE88.9050307@rename-it.nl> Message-ID: <4E6CE970.9000105@networktest.com> On 9/11/11 8:06 AM, Stephan Bosch wrote: >> What is the sieve syntax for matching text somewhere in a subject line, >> but not at the beginning of the line? >> >> Background: Multiple machines each send a message with the subject of >> " operations run" to a mail server. The value is >> different for each sender. > > If I understand your question correctly, the following is the easiest > answer: > > if header :matches "subject" "* operations run" { > } Bingo! Thanks. > Right, because that is not how :contains works. > > Check http://tools.ietf.org/html/rfc5228#section-2.7.1 for more info. Thanks too for this pointer. I hadn't understood the difference between :contains and :matches. dn From Lutz.Pressler at SerNet.DE Sun Sep 11 22:22:29 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Sun, 11 Sep 2011 21:22:29 +0200 Subject: [Dovecot] 2.1: problems compiling fts-lucene - CLucene git version necessary? Message-ID: Hello! I have problems recompiling the Debian squeeze auto build packages with "--with-lecene". Is the git (2.3) version of CLucene necessary? Debian includes 0.9.21b, which does not work. Lutz From a.a.moraru at gmail.com Sun Sep 11 22:30:59 2011 From: a.a.moraru at gmail.com (Andriy Moraru) Date: Sun, 11 Sep 2011 22:30:59 +0300 Subject: [Dovecot] Filter Mail to Pipe to External Program Message-ID: Hello all! How do I add a filter that would pipe the mail message (containing a certain "To:" field) to some other program? I am running Dovecot 1.0.15. Thanks! From tss at iki.fi Sun Sep 11 22:45:56 2011 From: tss at iki.fi (Timo Sirainen) Date: Sun, 11 Sep 2011 22:45:56 +0300 Subject: [Dovecot] Filter Mail to Pipe to External Program In-Reply-To: References: Message-ID: <76872554-D3C6-4263-9A73-B4430BD0CDCC@iki.fi> On 11.9.2011, at 22.30, Andriy Moraru wrote: > How do I add a filter that would pipe the mail message (containing a > certain "To:" field) to some other program? Pipe it when? When it's delivered? Probably better to do it in MTA instead of Dovecot. From tss at iki.fi Sun Sep 11 22:46:42 2011 From: tss at iki.fi (Timo Sirainen) Date: Sun, 11 Sep 2011 22:46:42 +0300 Subject: [Dovecot] 2.1: problems compiling fts-lucene - CLucene git version necessary? In-Reply-To: References: Message-ID: <7C9B9C67-A1FD-472B-8514-BC54F1B01D00@iki.fi> On 11.9.2011, at 22.22, Lutz Pre?ler wrote: > I have problems recompiling the Debian squeeze auto build packages > with "--with-lecene". Is the git (2.3) version of CLucene necessary? Yes. > Debian includes 0.9.21b, which does not work. Right, it doesn't. From Lutz.Pressler at SerNet.DE Sun Sep 11 22:50:50 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Sun, 11 Sep 2011 21:50:50 +0200 Subject: [Dovecot] 2.1: imapc SUBSCRIBE problem In-Reply-To: <20110909144349.GA846637@gabi.sernet.de> References: <1315563414.3876.50.camel@hurina> <20110909102128.GA762256@gabi.sernet.de> <20110909144349.GA846637@gabi.sernet.de> Message-ID: On Fri, 09 Sep 2011, Lutz Pre?ler wrote: > LIST is now working correctly in my setup, but SUBSCRIBE ist not. > With subscriptions=no, as written (but same behaviour with subscriptions=yes), > SUBSCRIBE INBOX.gmail.INBOX (or others) yields > 0 NO [SERVERBUG] Internal error occurred. Refer to server log for more information. [2011-09-09 16:39:40] > logging (with mail_debug=yes) only > Sep 9 16:39:40 host dovecot: imap(1143, user): Error: stat((null)) failed: Bad address After putting (with subscriptions=no) an entry manually into the root subscriptions file, everything including UNSUBSCRIBE works fine. Lutz From al-dovecot at none.at Sun Sep 11 23:35:00 2011 From: al-dovecot at none.at (Aleksandar Lazic) Date: Sun, 11 Sep 2011 22:35:00 +0200 Subject: [Dovecot] Sieve envelope :detail "to" "xxx" does not deliver to fileinto destination Message-ID: <20110911203500.GA22889@none.at> Dear Listmember. I try to migrate from my current courier-mta setup fo postfix dovecot setup. I use the following scirpt to filter to the destination mailbox. ### /var/vmail/none.at/al/sieve/lists.sieve require ["fileinto", "subaddress", "envelope" ]; if envelope :detail "to" "pdnsusers" { fileinto "Lists.pdnsusers"; } ### postfix/master ### dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop} -a ${original_recipient} # flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop} -m ${extension} -a ${original_recipient} ### Log ### Sep 11 21:47:48 lvps46-163-74-15 postfix/smtpd[7788]: connect from Sep 11 21:48:12 lvps46-163-74-15 postfix/smtpd[7788]: 495EF9FECAF9: Sep 11 21:48:27 lvps46-163-74-15 postfix/cleanup[7795]: 495EF9FECAF9: message-id=<> Sep 11 21:48:27 lvps46-163-74-15 postfix/qmgr[7785]: 495EF9FECAF9: from=, size=268, nrcpt=1 (queue active) Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda: Debug: Loading modules from directory: /usr/lib/dovecot/modules Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda: Debug: Module loaded: /usr/lib/dovecot/modules/lib90_sieve_plugin.so Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda: Debug: auth input: al at none.at uid=5000 gid=5000 home=/var/vmail/none.at/al Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: Effective uid=5000, gid=5000, home=/var/vmail/none.at/al Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: maildir: root exists (/var/vmail/none.at/al/Maildir) Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: maildir++: root=/var/vmail/none.at/al/Maildir, index=, control=, inbox=/var/vmail/none.at/al/Maildir, alt= Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: none: root=, index=, control=, inbox=, alt= Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: Destination address: al-pdnsuser at none.at (source: -a parameter) Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: sieve: using sieve path for user's script: /var/vmail/none.at/al/.dovecot.sieve Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: sieve: opening script /var/vmail/none.at/al/.dovecot.sieve Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: sieve: script binary /var/vmail/none.at/al/.dovecot.svbin successfully loaded Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: sieve: binary save: not saving binary /var/vmail/none.at/al/.dovecot.svbin, because it is already stored Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: sieve: executing script from /var/vmail/none.at/al/.dovecot.svbin Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): sieve: msgid=unspecified: stored mail into mailbox 'INBOX' Sep 11 21:48:27 lvps46-163-74-15 postfix/pipe[7797]: 495EF9FECAF9: to=, relay=dovecot, delay=28, delays=28/0.02/0/0.22, dsn=2.0.0, status=sent (delivered via dovecot service) Sep 11 21:48:27 lvps46-163-74-15 postfix/qmgr[7785]: 495EF9FECAF9: removed Sep 11 21:48:28 lvps46-163-74-15 postfix/smtpd[7788]: disconnect from xxx ### dovecot -n => attachment dovecot_-n Due to the fact that I'am new to dovecot and sieve I hope anybody can help the solve this issue. My target is to filter the mailinglists based on address extention or is it better to filter on to header? Is there a 'log' or 'print' command in the sieve filter or how can I write a message to the log file? Many thanks for your help BR Aleks -------------- next part -------------- # 2.0.14: /etc/dovecot/dovecot.conf # OS: Linux 2.6.18-028stab092.1 x86_64 Ubuntu 10.04.3 LTS auth_mechanisms = plain login digest-md5 cram-md5 disable_plaintext_auth = no log_timestamp = "%Y-%m-%d %H:%M:%S " mail_debug = yes mail_privileged_group = mail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date passdb { args = /etc/dovecot/dovecot-sql.conf driver = sql } protocols = imap recipient_delimiter = - service auth { unix_listener auth-userdb { group = vmail mode = 0755 user = vmail } user = root } ssl_cert = References: <4E6ACC6C.6020200@acm.org> <1315623777.5820.21.camel@tardis> <20110910031616.GN32704@bender.csupomona.edu> <1315644599.5471.12.camel@tardis> Message-ID: <20110911220504.GD27941@bender.csupomona.edu> On Sat, Sep 10, 2011 at 01:49:59AM -0700, Noel Butler wrote: > Sounds like you have bigger issues, maybe relating as to why the primary > fails? For testing purposes, it fails because I stick a firewall rule in place preventing access to it ;). In production, it came to our attention because a hardware failure required downtime on one of the mysql servers to replace parts, and we received complaints of failed authentications while it was down. In general, both are up, but things using them need to be able to survive when one is down. > primary (local slave copy) has gone away unless I'm deliberately > upgrading mysql ) when doing so (tested) it hits the master server (as > in secondary host=) right away, no auth failures. Hmm, what version of dovecot are you using? In version 1 failover seems to work if the primary returns connection refused (which your scenario would). In version 2, it seems flaky for both connection refused and connection timed out. Unless I've got something misconfigured, but there doesn't seem to be that much to it... -- Paul B. Henson | (909) 979-6361 | http://www.csupomona.edu/~henson/ Operating Systems and Network Analyst | henson at csupomona.edu California State Polytechnic University | Pomona CA 91768 From listas.correo at yahoo.es Mon Sep 12 11:14:03 2011 From: listas.correo at yahoo.es (mailing lists) Date: Mon, 12 Sep 2011 09:14:03 +0100 (BST) Subject: [Dovecot] NO Unknown subscription namespace. Message-ID: <1315815243.20177.YahooMailNeo@web29114.mail.ird.yahoo.com> Hello, what this message means? "NO Unknown subscription namespace." the shared namespace is visible and I can fetch messages from it, but subscription fails with the above message. (user002 is sharing the folder named docs-users002 with user user001) # telnet localhost 143 Trying ::1... Connected to localhost. Escape character is '^]'. * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN] Dovecot ready. . login user001 secret . OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS ACL RIGHTS=texk] Logged in . list "shared." "*" * LIST (\Noselect \HasChildren) "." "shared.user002" . OK List completed. . list "shared.user002." "*" * LIST (\HasNoChildren) "." "shared.user002.docs-user002" . OK List completed. . list "shared.user002.docs-user002." "*" . OK List completed. . select "shared.user002.docs-user002" * FLAGS (\Answered \Flagged \Deleted \Seen \Draft) * OK [PERMANENTFLAGS (\Answered \Flagged \Deleted \Seen \Draft)] Flags permitted. * 2 EXISTS * 0 RECENT * OK [UIDVALIDITY 1315765265] UIDs valid * OK [UIDNEXT 3] Predicted next UID * OK [HIGHESTMODSEQ 3] Highest . OK [READ-WRITE] Select completed. . fetch 1 all * 1 FETCH (FLAGS (\Seen) INTERNALDATE "24-Nov-2009 11:58:34 +0100" RFC822.SIZE 3734 ENVELOPE ("Tue, 24 Nov 2009 07:58:34 -0400 (AST)" "Thank you for registering for the Red Hat Virtual Experience" (("support at virtualevents365.com" NIL "support" "virtualevents365.com")) (("support at virtualevents365.com" NIL "support" "virtualevents365.com")) (("support at virtualevents365.com" NIL "support" "virtualevents365.com")) (("damocles- at hotmail.com" NIL "damocles-" "hotmail.com")) NIL NIL NIL "<6955854.2731259063914762.JavaMail.root at app130.vs.int.cgsinc.ca>")) . OK Fetch completed. . subscribe "shared.user002.docs-user002" . NO Unknown subscription namespace. . logout * BYE Logging out . OK Logout completed. Connection closed by foreign host. ???? /----------------/ namespace { ? inbox = yes ? location = ? prefix = INBOX. ? separator = . ? subscriptions = yes } namespace { ? list = yes ? location = maildir:/var/virtual-maildir/%%n ? prefix = shared.%%n. ? separator = . ? subscriptions = no ? type = shared } From mike at skew.org Mon Sep 12 11:55:22 2011 From: mike at skew.org (Mike Brown) Date: Mon, 12 Sep 2011 02:55:22 -0600 Subject: [Dovecot] signal 11 crash, sometimes, during mbox bz2 decompression In-Reply-To: <1314121664.10421.1314.camel@hurina> References: <201108161100.p7GB0P3R073897@chilled.skew.org> <1314121664.10421.1314.camel@hurina> Message-ID: <4E6DC8FA.2050709@skew.org> On 8/23/2011 11:47 AM, Timo Sirainen wrote: > On Tue, 2011-08-16 at 05:00 -0600, Mike Brown wrote: > >> I'm running dovecot 1.2.16 from the ports collection on FreeBSD 8.1-STABLE, >> amd64. > .. Thanks for the reply. Since you recommended updating to dovecot2, I'm now testing dovecot 2.0.14 from the ports collection on a different machine. Hopefully I got the configuration right. # dovecot -n # 2.0.14: /usr/local/etc/dovecot/dovecot.conf # OS: FreeBSD 8.2-RELEASE-p2 i386 mail_location = mbox:~/mail:INBOX=/var/mail/%u mail_plugins = " zlib" passdb { args = %s driver = pam } plugin { zlib_save = bz2 zlib_save_level = 9 } protocols = imap ssl_cert = >> Well .. I'm not entirely sure if the current behavior is good or not, but what you need to do to get it working is to add two quota roots. One for /home/pit/mail (i.e. without specifying mount=) and another for the INBOX's /var/spool/mail. > Don't work... :-( After I installed version 2.0.13 - mount is correct: # doveadm -Dv quota get -u pit doveadm(pit): Debug: auth input: pit system_groups_user=pit uid=500 gid=500 home=/home/pit doveadm(pit): Debug: Effective uid=500, gid=500, home=/home/pit doveadm(pit): Debug: Quota root: name=INBOX backend=fs args=mount=/var/spool/mail doveadm(pit): Debug: Quota rule: root=INBOX mailbox=* bytes=19922944 messages=0 doveadm(pit): Debug: Quota warning: bytes=3984588 (20%) messages=0 reverse=no command=quota-warning 20 pit doveadm(pit): Debug: fs: root=/home/pit/mail, index=, control=, inbox=/var/spool/mail/pit doveadm(pit): Debug: fs quota add mailbox dir = /var/spool/mail doveadm(pit): Debug: fs quota block device = /dev/mapper/mpath1p1 doveadm(pit): Debug: fs quota mount point = /var/spool/mail doveadm(pit): Debug: fs quota mount type = ext2 Quota name Type Value Limit % INBOX STORAGE 4824 19456 24 But now don't work script quota-warning.sh: #!/bin/sh PERCENT=$1 USER=$2 cat << EOF | /usr/libexec/dovecot/dovecot-lda -d $USER -o "plugin/quota=fs:INBOX:mount=/var/spool/mail:noenforcing" From: postmaster at domen.org Subject: quota warning Your mailbox is now $PERCENT% full. EOF #dovecot -n # 2.0.13: /etc/dovecot/dovecot.conf # OS: Linux 2.6.18-274.3.1.el5.asp121 x86_64 Red Hat Enterprise Linux Server release 5.6 (Tikanga) disable_plaintext_auth = no listen = * log_path = /var/log/dovecot.log mail_debug = yes mail_location = mbox:~/mail:INBOX=/var/spool/mail/%u mail_plugins = quota mail_privileged_group = mail mbox_write_locks = fcntl passdb { driver = pam } plugin { quota = fs:INBOX:mount=/var/spool/mail quota_rule = *:storage=19456 quota_warning = storage=20%% quota-warning 20 %u } protocols = pop3 service quota-warning { executable = script /usr/local/bin/quota-warning.sh unix_listener quota-warning { mode = 0666 } user = root } ssl_cert = References: <1315563414.3876.50.camel@hurina> <20110909102128.GA762256@gabi.sernet.de> <20110909144349.GA846637@gabi.sernet.de> Message-ID: <1315822557.7326.0.camel@hurina> On Sun, 2011-09-11 at 21:50 +0200, Lutz Pre?ler wrote: > On Fri, 09 Sep 2011, Lutz Pre?ler wrote: > > LIST is now working correctly in my setup, but SUBSCRIBE ist not. > > With subscriptions=no, as written (but same behaviour with subscriptions=yes), > > SUBSCRIBE INBOX.gmail.INBOX (or others) yields > > 0 NO [SERVERBUG] Internal error occurred. Refer to server log for more information. [2011-09-09 16:39:40] > > logging (with mail_debug=yes) only > > Sep 9 16:39:40 host dovecot: imap(1143, user): Error: stat((null)) failed: Bad address > After putting (with subscriptions=no) an entry manually into the root > subscriptions file, everything including UNSUBSCRIBE works fine. Yeah, but then remote subscriptions don't work. I think the imapc subscription problems and namespace prefix problems are now fixed in hg. From tss at iki.fi Mon Sep 12 13:17:21 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 13:17:21 +0300 Subject: [Dovecot] 2.1: imapc LIST problem / usage question In-Reply-To: References: <1315563414.3876.50.camel@hurina> Message-ID: <1315822641.7326.2.camel@hurina> On Fri, 2011-09-09 at 12:21 +0200, Lutz Pre?ler wrote: > > > Second question: Is there a way to include multiple imapc instances/ > > > namespaces with e.g. different destinations servers? I don't see how > > > because imapc_* parameters seem to be global (now), but it would be a very > > > useful feature. > > > > I don't really understand. You're already returning per-user imapc > > namespace from userdb. What's missing? > One local dovecot user, multiple remote IMAP servers included in different > namespaces. I think you should be able to return e.g. "namespace=ns1 ns2" and then return namespaces for namespace/ns1/* and namespace/ns2/*. From tss at iki.fi Mon Sep 12 13:21:58 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 13:21:58 +0300 Subject: [Dovecot] Problem with configuring dovecot to take namespaces from database In-Reply-To: <4E69F758.8050008@mejor.pl> References: <4E6782CB.1060803@mejor.pl> <04EE142A-25EF-4018-A8AB-C3A35CDF7B4E@iki.fi> <4E6786CF.2020102@mejor.pl> <4E678B66.60602@mejor.pl> <8F07F485-4BC4-40E5-A520-7F59C87A7863@iki.fi> <4E688A28.1090800@mejor.pl> <1315474812.3876.23.camel@hurina> <4E68A060.8090306@mejor.pl> <1315487921.3876.40.camel@hurina> <4E69F758.8050008@mejor.pl> Message-ID: <1315822918.7326.5.camel@hurina> On Fri, 2011-09-09 at 13:24 +0200, Marcin Miros?aw wrote: > Ok, maybe could it be possible to do it in other way: > -------------------------------------------------------------------- > |user_id | namespace_full_definition | > -------------------------------------------------------------------- > | 7684 | /name=test1/prefix=test1./location=mdbox:~/test1/.mdbox/ > name=test2/prefix=test2/location=... | > -------------------------------------------------------------------- > > but this isn't supported by dovecot as i know. Not exactly like that, but you should be able to have a field called "userdb_import" that contains data like: namespace=n1 n2namespace/n1/prefix=blah.etc. other fields The s would of course have to be actual tab characters. From tss at iki.fi Mon Sep 12 13:25:02 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 13:25:02 +0300 Subject: [Dovecot] NO Unknown subscription namespace. In-Reply-To: <1315815243.20177.YahooMailNeo@web29114.mail.ird.yahoo.com> References: <1315815243.20177.YahooMailNeo@web29114.mail.ird.yahoo.com> Message-ID: <1315823103.7326.8.camel@hurina> On Mon, 2011-09-12 at 09:14 +0100, mailing lists wrote: > Hello, > > what this message means? > > "NO Unknown subscription namespace." It means that the namespace itself has subscriptions=no, and there are no "parent namespaces" with subscriptions=yes. > namespace { > inbox = yes > location = > prefix = INBOX. > separator = . > subscriptions = yes > } > namespace { > list = yes > location = maildir:/var/virtual-maildir/%%n > prefix = shared.%%n. > separator = . > subscriptions = no > type = shared > } I guess you'd want INBOX. namespace to handle the subscriptions here, but it doesn't work like that because in some configuration it could be ambiguous which namespace to use.. You'll need to create a prefix="" namespace to handle the subscriptions. For example: namespace { prefix = list = no hidden = yes } From tss at iki.fi Mon Sep 12 13:28:18 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 13:28:18 +0300 Subject: [Dovecot] setacl on complete mailbox In-Reply-To: <344f5f741af038d8ae8aaab40b4267fa@kokelnet.de> References: <344f5f741af038d8ae8aaab40b4267fa@kokelnet.de> Message-ID: <1315823298.7326.10.camel@hurina> On Sun, 2011-09-11 at 18:40 +0200, Tobias Hachmer wrote: > Hi List, > > how can I grant a user full control on another mailbox (the complete > mailbox with all folder and subfolders). > With the setacl command I could do this but first I have to list all > folders and then I have to do one setacl command for each folder. > > Is there a command to this in one line? Not currently. I guess doveadm acl commands could be modified to support wildcards quite easily. > Also for new created folders? Newly created folders' ACLs are copied from their parent at the create time. From tss at iki.fi Mon Sep 12 13:31:03 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 13:31:03 +0300 Subject: [Dovecot] Read-only mbox files In-Reply-To: <20110909194433.GB1243@carrick-users.bishnet.net> References: <20110909194433.GB1243@carrick-users.bishnet.net> Message-ID: <1315823464.7326.12.camel@hurina> On Fri, 2011-09-09 at 20:44 +0100, Tim Bishop wrote: > The setup is that my main namespace points at my Maildir mail folders. > In addition to this I have a second namespace that points at some old > archived mbox folders. I rarely need to access these folders, but when I > do Dovecot modifies the files (adding UID headers, etc). > > What I'd like to do is make it so that Dovecot can't change these files. > I thought there might be a setting to mark a mail_location as read-only, > but I can't find anything like that. I've looked at ACLs too, but they > seem to be more about user access that what Dovecot can do to files. Not possible without modifying Dovecot code, and seems like such a rarely wanted feature that it's not really worth the trouble, especially because..: > I could just do this at the filesystem level, but I'd feel a bit happier > about working with Dovecot rather than trying to work around it. Yeah, just chmod a-w them and that'll work. You don't want anything modifying them anyway, right? So seems like a pretty clean solution to me. From tss at iki.fi Mon Sep 12 13:33:27 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 13:33:27 +0300 Subject: [Dovecot] userdb static & Quota from LDAP? In-Reply-To: <20110909215855.GA4680@chemie.uni-hamburg.de> References: <20110909215855.GA4680@chemie.uni-hamburg.de> Message-ID: <1315823607.7326.14.camel@hurina> On Fri, 2011-09-09 at 23:58 +0200, Christian Schmidt wrote: > userdb { > driver = static > args = uid=vmail gid=vmail home=/var/maildir/%u > } These can be replaced with global settings: mail_uid = vmail mail_gid = vmail mail_home = /var/maildir/%u > Now I'd like to add per-user quotas that will also be stored in the > LDAP directory, and I'm not sure how to put things together. > IMHO quota is the only "userdb information" requested from LDAP, and > I'd like to leave all the other "userdb pieces" as the are. I changed > the userdb definition to: > userdb { > driver = ldap > args = /etc/dovecot/conf.d/ldap-userdb.ext > } > > My /etc/dovecot/conf.d/ldap-userdb.ext contains (along other lines): > > user_attrs = uid=vmail,gid=vmail,home=/var/maildir/%u,mailQuota=quota=quota_rule=*:storage=%$ Just set those global settings and drop uid/gid/home from here. Or you could get them working here too, but the syntax is slightly wrong: user_attrs = =uid=vmail, =gid=vmail, .. (With the above settings you're telling Dovecot that LDAP "uid" field will be assigned to Dovecot's "vmail" field, and the "gid" field immediately overrides it, and LDAP "home" field's value is set to Dovecot's "/var/maildir/%u" field.) From tss at iki.fi Mon Sep 12 13:37:26 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 13:37:26 +0300 Subject: [Dovecot] Mails repopping In-Reply-To: <004b01cc6f13$04a166d0$0de43470$@brereton@buongiorno.com> References: <004b01cc6f13$04a166d0$0de43470$@brereton@buongiorno.com> Message-ID: <1315823847.7326.17.camel@hurina> On Fri, 2011-09-09 at 13:07 -0400, Simon Brereton wrote: > I have a server that's been running Courier for about 6 years and in > all that time I think I've only ever had 1 issues where an entire mail > box was repopped by a webmail client. However, since moving to a new > server and dovecot 4 weeks ago, I've now had the webmail client repop > this account 4 times (there are about 230 mails in the account). > > Is there a setting I need to tighten to prevent/remedy this? I have > no idea if it's happening on other accounts, but this is one that I > see. The format is maildir. There has been no changes to the webmail > client. dovecot -n output would have been nice. Also do you see anything in error logs? If you're using the default pop3_uidl_format it'll rely on IMAP UIDs to stay the same, and I guess it's possible that due to some other problem they change (that should be logged as an error/warning though). You could try setting pop3_uidl_format=%f, but it will cause everyone to redownload mails. With newer Dovecot versions you could set pop3_save_uidl=yes and when you think everyone's downloaded mails once you can safely change the pop3_uidl_format. From tss at iki.fi Mon Sep 12 13:40:12 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 13:40:12 +0300 Subject: [Dovecot] How to get rid of sub-folders ? In-Reply-To: <1315581724.65256.YahooMailNeo@web27201.mail.ukl.yahoo.com> References: <1315581724.65256.YahooMailNeo@web27201.mail.ukl.yahoo.com> Message-ID: <1315824012.7326.19.camel@hurina> On Fri, 2011-09-09 at 16:22 +0100, Spyros Tsiolis wrote: > OK, no answers on my previous e-mail. I'll rephrase it. > How can I get rid of subfolders on a users' tree-like structure on dovecot ? > Which file must I "touch" ? This still isn't very understandable. You can delete subfolders with either IMAP client (= IMAP DELETE command) or simply rm -rf in the filesystem. Or do you mean moving the subfolders to be root level folders? Again IMAP client should be able to do this, or in filesystem level (assuming Maildir++) you'd do something like: mv ~/Maildir/.root.subfolder ~/Maildir/.subfolder From tss at iki.fi Mon Sep 12 13:43:28 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 13:43:28 +0300 Subject: [Dovecot] quota percents In-Reply-To: <87sjo5wkfy.fsf@algae.riseup.net> References: <87sjo5wkfy.fsf@algae.riseup.net> Message-ID: <1315824208.7326.21.camel@hurina> On Fri, 2011-09-09 at 16:05 -0400, Micah Anderson wrote: > I've noticed that http://wiki2.dovecot.org/Quota/Configuration is out of > date, it says: > > plugin { > quota = maildir:User quota > quota_rule = *:storage=1GB > # 10% of 1GB = 100MB > quota_rule2 = Trash:storage=10%% > # 20% of 1GB = 200MB > quota_rule3 = Spam:storage=20%% > } > > but if you use the '10%%' notation, dovecot complains, and *also* incorrectly: > > dovecot: imap(test at example.net): Warning: quota root mail quota rule Trash:bytes=10%: obsolete configuration for rule 'bytes=10%' should be changed to 'bytes=+10%' Right, fixed in wiki. Although this was only a warning, so it still worked. > its incorrect because if you change it to what it suggests ('+10%') it > wont work because that wont be 10% more, rather, it is set to bytes=+10: Well, that's a more complex problem. The %% escaping needs to be done in dovecot.conf, but it doesn't need to be done elsewhere. If this said that "use +10%%" and someone gives that in SQL user_query, it will break. So I'm not changing the warning. > However, it doesn't seem to work in practice, because I have a user that > is at 99% of quota, with nothing in the Trash who cannot move a 77KB > message into the Trash without getting the quota_exceeded message and > refusing to move it. dovecot -n output? From tss at iki.fi Mon Sep 12 13:44:34 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 13:44:34 +0300 Subject: [Dovecot] problem migrating from maildir to dbox In-Reply-To: <95E776CC-912A-4BD4-A99E-AA930E5CCBFB@uib.es> References: <95E776CC-912A-4BD4-A99E-AA930E5CCBFB@uib.es> Message-ID: <1315824275.7326.22.camel@hurina> On Fri, 2011-09-09 at 14:19 +0200, Ram?n Frontera wrote: > Hello, > we want to migrate Mail folders from Maildir to dbox without downtime. > We change the mail_location to dbox in 10-mail.conf and restart dovecot. > After that we use dsync -u user mirror maildir:~/Maildir. > The problem is that if INBOX exists the dsync create a new folder with name like b5893c0a93ff694e551200002dfa3112 > Can I migrate to the existing INBOX? or How can I merge the 2 INBOX folders? dovecot -n output? From dick at fouter.net Mon Sep 12 14:03:07 2011 From: dick at fouter.net (Dick Middleton) Date: Mon, 12 Sep 2011 12:03:07 +0100 Subject: [Dovecot] Dsync and hidden files Message-ID: <4E6DE6EB.3080000@fouter.net> Hi, I'm in the process of changing from Dovecot v1 to v2 and changing to mdbox in the process. I've come across a little problem which I was hoping there would be a workaround for. There are sieve config files in the home directories which are hidden files. Dsync croaks when it finds one of these because they are not mbox format. It would be nice if they were ignored (or copied unchanged). Is there another way to deal with them other than by deleting thm? Dick From tss at iki.fi Mon Sep 12 14:04:16 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 14:04:16 +0300 Subject: [Dovecot] dovecot 2.0.12: mdbox & quota=dirsize In-Reply-To: References: Message-ID: <1315825456.7326.26.camel@hurina> On Fri, 2011-09-09 at 15:24 +0400, ????? ?????? wrote: > #doveconf -v > ...................... > quota = dirsize:User quota > quota_debug = yes There's no such setting as quota_debug. > then i change ./dovecot-2.0.12/src/plugins/quota?/quota-dirsize.c > 165-- path = mailbox_list_get_path(namespaces[i]->list, NULL,? > 166-- MAILBOX_LIST_PATH_TYPE_MAILBOX?); > 165++ path = mailbox_list_get_path(namespaces[i]->list, NULL, > 166++ MAILBOX_LIST_PATH_TYPE_DIR);?? Well.. Hmm. I suppose that's ok. Done: http://hg.dovecot.org/dovecot-2.0/rev/9ea79795088d (Looks like hg web doesn't like UTF-8 in your name.) From Lutz.Pressler at SerNet.DE Mon Sep 12 14:20:06 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Mon, 12 Sep 2011 13:20:06 +0200 Subject: [Dovecot] multiple "imapc namespaces" Re: 2.1: imapc LIST problem / usage question In-Reply-To: <1315822641.7326.2.camel@hurina> References: <1315563414.3876.50.camel@hurina> <1315822641.7326.2.camel@hurina> Message-ID: On Mo, 12 Sep 2011, Timo Sirainen wrote: > On Fri, 2011-09-09 at 12:21 +0200, Lutz Pre?ler wrote: > > > > > Second question: Is there a way to include multiple imapc instances/ > > > > namespaces with e.g. different destinations servers? I don't see how > > > > because imapc_* parameters seem to be global (now), but it would be a very > > > > useful feature. > > > > > > I don't really understand. You're already returning per-user imapc > > > namespace from userdb. What's missing? > > One local dovecot user, multiple remote IMAP servers included in different > > namespaces. > > I think you should be able to return e.g. "namespace=ns1 ns2" and then > return namespaces for namespace/ns1/* and namespace/ns2/*. Now _I_ don't really understand ;-). This is necessary, yes, but how do I set different remote parameters (imapc_host, imapc_user, ...) for each one? Lutz From tss at iki.fi Mon Sep 12 14:28:52 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 14:28:52 +0300 Subject: [Dovecot] signal 11 crash, sometimes, during mbox bz2 decompression In-Reply-To: <4E6DC8FA.2050709@skew.org> References: <201108161100.p7GB0P3R073897@chilled.skew.org> <1314121664.10421.1314.camel@hurina> <4E6DC8FA.2050709@skew.org> Message-ID: <1315826932.7326.27.camel@hurina> On Mon, 2011-09-12 at 02:55 -0600, Mike Brown wrote: > On this system, I have the same setup with bz2-compressed mbox files. > They're still inaccessible from Thunderbird, but dovecot isn't crashing > with signal 11 anymore. Instead, the maillog says this for every > compressed box it tries to check: > > Sep 12 02:37:14 chilled dovecot: imap(mike): Error: > read(/home/mike/mail/old/sent-1999-07.bz2) failed: Invalid argument (uid=2) > Sep 12 02:37:14 chilled dovecot: imap(mike): Disconnected: Internal > error occurred. Refer to server log for more information. [2011-09-12 > 02:37:14] bytes=5492/2664368 > Sep 12 02:37:14 chilled dovecot: imap(mike): Error: Next message > unexpectedly lost from mbox file /home/mike/mail/old/sent-1999-07.bz2 at > 536 (cached) Oh, wonder why no one else has complained about that. Fixed: http://hg.dovecot.org/dovecot-2.0/rev/a930318a74a1 From tss at iki.fi Mon Sep 12 14:30:21 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 14:30:21 +0300 Subject: [Dovecot] multiple "imapc namespaces" Re: 2.1: imapc LIST problem / usage question In-Reply-To: References: <1315563414.3876.50.camel@hurina> <1315822641.7326.2.camel@hurina> Message-ID: <1315827025.7326.29.camel@hurina> On Mon, 2011-09-12 at 13:20 +0200, Lutz Pre?ler wrote: > > I think you should be able to return e.g. "namespace=ns1 ns2" and then > > return namespaces for namespace/ns1/* and namespace/ns2/*. > Now _I_ don't really understand ;-). This is necessary, yes, but how > do I set different remote parameters (imapc_host, imapc_user, ...) > for each one? Oh, yeah, didn't think about that :) I was considering making those settings per-namespace though.. Then you could change namespace/ns1/imapc_* settings. I guess most mail-related settings could be made per-namespace. I'll see if I can manage to do it easily. :) From ramon.frontera at uib.es Mon Sep 12 14:52:01 2011 From: ramon.frontera at uib.es (=?iso-8859-1?Q?Ram=F3n_Frontera?=) Date: Mon, 12 Sep 2011 13:52:01 +0200 Subject: [Dovecot] problem migrating from maildir to dbox In-Reply-To: <1315824275.7326.22.camel@hurina> References: <95E776CC-912A-4BD4-A99E-AA930E5CCBFB@uib.es> <1315824275.7326.22.camel@hurina> Message-ID: <16C8C54C-F9E5-4786-B52F-44E27CF7DD54@uib.es> hello, thanks in advance! Regards, $ dovecot -n # 2.0.13: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-131.6.1.el6.x86_64 x86_64 Red Hat Enterprise Linux Server release 6.1 (Santiago) nfs base_dir = /var/run/dovecot/ first_valid_uid = 96 listen = 10.80.82.21 log_path = /var/log/dovecot.log mail_gid = 97 mail_location = sdbox:/vmail/0/%u/dbox mail_plugins = acl quota mail_log notify mail_uid = 97 managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date mbox_write_locks = fcntl mmap_disable = yes namespace { hidden = no inbox = yes list = yes location = prefix = separator = / subscriptions = yes type = private } namespace { hidden = no inbox = no list = children location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%n prefix = shared/%%n/ separator = / subscriptions = no type = shared } passdb { driver = pam } passdb { args = /etc/dovecot/dovecot-ldap-pass.conf.ext.local driver = ldap } passdb { args = scheme=plain username_format=%u /etc/dovecot/imap.passwd driver = passwd-file } plugin { acl = vfile acl_shared_dict = file:/vmail/1/dovecot/shared-mailboxes quota = maildir:User quota quota_rule = *:storage=2500M quota_rule2 = Trash:storage=+500M quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=80%% quota-warning 80 %u } postmaster_address = xavier.pons at uib.es protocols = imap pop3 lmtp sieve service auth { unix_listener auth-userdb { group = vmail mode = 0660 } } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } } service lmtp { inet_listener lmtp { port = 30025 } } service pop3-login { inet_listener pop3 { port = 110 } inet_listener pop3s { port = 995 ssl = yes } } service quota-warning { executable = script /usr/local/bin/quota-warning.sh unix_listener quota-warning { user = vmail } user = dovecot } ssl = required ssl_cert = On Fri, 2011-09-09 at 14:19 +0200, Ram?n Frontera wrote: >> Hello, >> we want to migrate Mail folders from Maildir to dbox without downtime. >> We change the mail_location to dbox in 10-mail.conf and restart dovecot. >> After that we use dsync -u user mirror maildir:~/Maildir. >> The problem is that if INBOX exists the dsync create a new folder with name like b5893c0a93ff694e551200002dfa3112 >> Can I migrate to the existing INBOX? or How can I merge the 2 INBOX folders? > > dovecot -n output? > > From tss at iki.fi Mon Sep 12 14:52:19 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 14:52:19 +0300 Subject: [Dovecot] MySQL, map files In-Reply-To: <1315525950.915.YahooMailNeo@web39420.mail.mud.yahoo.com> References: <1315525950.915.YahooMailNeo@web39420.mail.mud.yahoo.com> Message-ID: <1315828341.7326.35.camel@hurina> On Thu, 2011-09-08 at 16:52 -0700, Steve Fatula wrote: > I'll try and break up my questions the other day about extdata that > went unanswered into pieces in the hopes it will be more specific and > clear. > > In general, I am trying to figure out the syntax of the map statement > and what is allowed in that statement. So, by map statement, I mean > for example perhaps the dovecot-dict-expire.conf.ext file as shown in > the doc. Is the syntax the same for the various types of files (quota > vs expire)? Is there syntax to allow the specification of a different > key? If so, where is this documented. I have an existing table I want > to use, not the table shown in the doc. They aren't really documented anywhere. Also I'm kind of hoping one day to replace the files anyway with a new syntax that allows mixed configuration of sql/file/other backends. The dict configuration itself is anyway generic and works basically the same for expire/quota/others, except they use different keys (=different patterns when matching). I'm not sure if there is any useful way to even explain how it works now. There is the example SQL configuration for expire and quota. Somewhere in wiki is example flat file config for them. There's really not much else you can do with them. > The reason I am asking is I have seen web pages that reference all > sorts of statements within the map statement, and I have no idea where > they are documented. Specifically, I see an example here (which is > LDAP), look in section 3: > > http://dovecot.org/patches/1.2/ldap/HOWTO_dictldap+extdata.txt > > > You will see lots of statements, not sure which ones can be used for > MySQL (instead of LDAP). That patch's mapping references to Pigeonhole's extdata plugin. If you install that plugin you can use SQL or flat file for the same maps. > So, would like to find a list of ALL valid syntax within the map. Plugins can always add more maps. From tss at iki.fi Mon Sep 12 15:06:44 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 15:06:44 +0300 Subject: [Dovecot] problem migrating from maildir to dbox In-Reply-To: <16C8C54C-F9E5-4786-B52F-44E27CF7DD54@uib.es> References: <95E776CC-912A-4BD4-A99E-AA930E5CCBFB@uib.es> <1315824275.7326.22.camel@hurina> <16C8C54C-F9E5-4786-B52F-44E27CF7DD54@uib.es> Message-ID: <1315829204.7326.38.camel@hurina> On Mon, 2011-09-12 at 13:52 +0200, Ram?n Frontera wrote: > >> After that we use dsync -u user mirror maildir:~/Maildir. > >> The problem is that if INBOX exists the dsync create a new folder with name like b5893c0a93ff694e551200002dfa3112 > >> Can I migrate to the existing INBOX? or How can I merge the 2 INBOX folders? Have you created the dbox directory before running dsync? And opened it with some tool? I tried with your config and it worked fine. The reason why these duplicate INBOXes happen is when INBOX exists both in source and in destination when dsync is run. Typically this means that you've created the destination INBOX already by e.g. logging in or delivering a mail there or something.. From ajb2 at mssl.ucl.ac.uk Mon Sep 12 15:11:16 2011 From: ajb2 at mssl.ucl.ac.uk (Alan Brown) Date: Mon, 12 Sep 2011 13:11:16 +0100 Subject: [Dovecot] general advice sought Message-ID: <4E6DF6E4.2070102@mssl.ucl.ac.uk> I'd like to hear the thoughts of list members on which type of storage method seems "best" for inboxes and for folders. The filesystem is GFS2 and for various reasons I can't change it. Inboxes - currently Mbox format. Some users have upwards of 5000 messages in there (the largest is about 18k entries) and thanks to attachments some inboxes are 40-200Mb with a few sitting at 2-3Gb. (Suicidal, I know but enforcing rules is politik-laden and getting academics to behave sensibly is like herding cats) Folders: Mdir format. Thanks to GFS2 filesystem limitations(*) I'm currently enforcing a limit of 4000 messages/folder. It'd be nice to have a "better" way of storing these which doesn't drive up backup loads tremendously. The mail spool has around 6 million files in the folders, covering about 400Gb. GFS2 filesystem limitations are painful. While there are no hard limits, It really doesn't cope well with a lot of files in any given directory thanks to limitations in the way that cluster locking is propagated, There are marked slowdowns about 100 files, this becomes awful above 1000 and effectively unusable above about 8000 entries as the entire IO system gets halted momentarily when such directories are opened and the directory may take up to 5 minutes to return a "ls" result. Some users had upwards of 80k files in their mail folders (~40k messages) and accessing these brought the entire system to a halt. If I migrate to other formats (eg mdbox), then it needs to be able to be done on the fly. (Taking the mailservers down for a day won't go down well, even an hour raises howls). Any suggestions? From tss at iki.fi Mon Sep 12 15:30:45 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 15:30:45 +0300 Subject: [Dovecot] mysql auth failover failing In-Reply-To: <4E6ACC6C.6020200@acm.org> References: <4E6ACC6C.6020200@acm.org> Message-ID: <1315830646.7326.46.camel@hurina> On Fri, 2011-09-09 at 19:33 -0700, Paul B. Henson wrote: > According to the sample SQL configuration file "HA / round-robin > load-balancing is supported by giving multiple host settings, like: > host=sql1.host.org host=sql2.host.org". > > However, as far as I can tell dovecot only connects to the first listed > host, and processes all queries through it, there does not appear to be > any load-balancing going on. The current code creates connection to the second server only when the first connection is already busy with an SQL query, or when it's not working. Once there are more connections, it starts doing round robin lookups. This works okay enough with PostgreSQL because it does asynchronous lookups, so two simultaneous lookups create a second connection. MySQL does synchronous lookups though, so the second connection is normally never created. I suppose the fix to this would be to always connect to all SQL servers at startup. > That's not necessarily a dealbreaker; however, high-availability does > not appear to be working either. > > If I shutdown the first mysql server, dovecot starts to log connection > failures: > > Sep 9 15:47:34 tweak dovecot: auth: Error: > mysql(mysql-1.unx.csupomona.edu): Connect failed to database (idmgmt): > Can't connect to MySQL server on 'mysql-1.unx.csupomona.edu' (111) - > waiting for 1 seconds before retry > > Sep 9 15:47:39 tweak dovecot: auth: Error: > mysql(mysql-1.unx.csupomona.edu): Connect failed to database (idmgmt): > Can't connect to MySQL server on 'mysql-1.unx.csupomona.edu' (111) - > waiting for 25 seconds before retry Those are intentional. > And postfix starts to fail authentications: > > Sep 9 15:47:35 tweak postfix/smtpd[5119]: warning: > bender.iitsys.csupomona.edu[134.71.250.134]: SASL DIGEST-MD5 > authentication failed: Connection lost to authentication server It should have created the second connection here and not fail.. > Now and again the authentication process dies: > > Sep 9 15:47:39 tweak dovecot: auth: Panic: file auth-request-handler.c: > line 697 (auth_request_handler_flush_failures): assertion failed: > (auth_request->state == AUTH_REQUEST_STATE_FINISHED) And this of course shouldn't happen either. > Requests start to pile up: > > Sep 9 15:51:46 tweak dovecot: auth: Warning: auth workers: Auth request > was queued for 25 seconds, 45 left in queue > > Lookups time out: > > Sep 9 15:57:22 tweak dovecot: auth: Error: auth worker: Aborted > request: Lookup timed out These are the result of the previous failures. > This occasionally pops up: > > Sep 9 15:58:38 tweak dovecot: auth: Fatal: > net_connect_unix(auth-worker) failed: Resource temporarily unavailable Probably this too. > And sometimes the auth process gets temporarily disabled: > > Sep 9 15:58:57 tweak dovecot: master: Error: service(auth): command > startup failed, throttling Most likely related to the crash, although I think this still shouldn't have happened. > I don't think all authentications fail during the scenario, but I think > the majority do. Based on the network traffic, dovecot is almost > continuously trying to connect to the first listed server. It sometimes > connects to the second listed server, but when it does, the connection > does not persist, it goes away almost immediately. There are multiple auth-worker processes, each one having their own internal MySQL connections with separate retry counters. I'll try to debug this soon. From tss at iki.fi Mon Sep 12 15:34:07 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 15:34:07 +0300 Subject: [Dovecot] general advice sought In-Reply-To: <4E6DF6E4.2070102@mssl.ucl.ac.uk> References: <4E6DF6E4.2070102@mssl.ucl.ac.uk> Message-ID: <1315830847.7326.48.camel@hurina> On Mon, 2011-09-12 at 13:11 +0100, Alan Brown wrote: > I'd like to hear the thoughts of list members on which type of storage > method seems "best" for inboxes and for folders. > > The filesystem is GFS2 and for various reasons I can't change it. .. > If I migrate to other formats (eg mdbox), then it needs to be able to be > done on the fly. (Taking the mailservers down for a day won't go down > well, even an hour raises howls). Have you had any trouble with Dovecot's index files in your current setup? Any errors at all? If not, I'd think mdbox will work fine. You can do it incrementally per-user (and you really should try it first with only a few users). http://wiki2.dovecot.org/Tools/Dsync explains how to do it on the fly. From tss at iki.fi Mon Sep 12 16:32:48 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 16:32:48 +0300 Subject: [Dovecot] Dsync and hidden files In-Reply-To: <4E6DE6EB.3080000@fouter.net> References: <4E6DE6EB.3080000@fouter.net> Message-ID: <1315834368.7326.55.camel@hurina> On Mon, 2011-09-12 at 12:03 +0100, Dick Middleton wrote: > I'm in the process of changing from Dovecot v1 to v2 and changing to mdbox in > the process. I've come across a little problem which I was hoping there would > be a workaround for. > > There are sieve config files in the home directories which are hidden files. > Dsync croaks when it finds one of these because they are not mbox format. > > It would be nice if they were ignored (or copied unchanged). Is there another > way to deal with them other than by deleting thm? Here: http://hg.dovecot.org/dovecot-2.0/raw-rev/3c8b44bb1974 From ramon.frontera at uib.es Mon Sep 12 16:38:00 2011 From: ramon.frontera at uib.es (=?iso-8859-1?Q?Ram=F3n_Frontera?=) Date: Mon, 12 Sep 2011 15:38:00 +0200 Subject: [Dovecot] problem migrating from maildir to dbox In-Reply-To: <1315829204.7326.38.camel@hurina> References: <95E776CC-912A-4BD4-A99E-AA930E5CCBFB@uib.es> <1315824275.7326.22.camel@hurina> <16C8C54C-F9E5-4786-B52F-44E27CF7DD54@uib.es> <1315829204.7326.38.camel@hurina> Message-ID: <055A7E98-5B9A-4140-AF3E-90EA34F5E271@uib.es> While the dovecot is running with the new mail_location to dbox, I try to migrate the maildir content. This is the reason because INBOX already exists. -- ------------------------------------------ Ramon Frontera Gallardo Centre de Tecnologies de la Informaci? Universitat de les Illes Balears Ctra. Valldemossa km 7,5 07122 Palma de Mallorca El 12/09/2011, a las 14:06, Timo Sirainen escribi?: > On Mon, 2011-09-12 at 13:52 +0200, Ram?n Frontera wrote: >>>> After that we use dsync -u user mirror maildir:~/Maildir. >>>> The problem is that if INBOX exists the dsync create a new folder with name like b5893c0a93ff694e551200002dfa3112 >>>> Can I migrate to the existing INBOX? or How can I merge the 2 INBOX folders? > > Have you created the dbox directory before running dsync? And opened it > with some tool? I tried with your config and it worked fine. > > The reason why these duplicate INBOXes happen is when INBOX exists both > in source and in destination when dsync is run. Typically this means > that you've created the destination INBOX already by e.g. logging in or > delivering a mail there or something.. > > From tss at iki.fi Mon Sep 12 17:09:57 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 17:09:57 +0300 Subject: [Dovecot] problem migrating from maildir to dbox In-Reply-To: <055A7E98-5B9A-4140-AF3E-90EA34F5E271@uib.es> References: <95E776CC-912A-4BD4-A99E-AA930E5CCBFB@uib.es> <1315824275.7326.22.camel@hurina> <16C8C54C-F9E5-4786-B52F-44E27CF7DD54@uib.es> <1315829204.7326.38.camel@hurina> <055A7E98-5B9A-4140-AF3E-90EA34F5E271@uib.es> Message-ID: <1315836597.7326.74.camel@hurina> You changed the mail_location globally to dbox? You should instead do it one user at a time, like explained in http://wiki2.dovecot.org/Tools/Dsync (with initial dsync done before user's mail_location is ever changed). Otherwise you'll get these duplicate INBOXes and you'll need to somehow manually figure out how to merge them. There are "doveadm move" and "doveadm mailbox delete" commands for example. On Mon, 2011-09-12 at 15:38 +0200, Ram?n Frontera wrote: > While the dovecot is running with the new mail_location to dbox, I try to migrate the maildir content. > This is the reason because INBOX already exists. > > -- > ------------------------------------------ > Ramon Frontera Gallardo > Centre de Tecnologies de la Informaci? > Universitat de les Illes Balears > Ctra. Valldemossa km 7,5 > 07122 Palma de Mallorca > > > > > El 12/09/2011, a las 14:06, Timo Sirainen escribi?: > > > On Mon, 2011-09-12 at 13:52 +0200, Ram?n Frontera wrote: > >>>> After that we use dsync -u user mirror maildir:~/Maildir. > >>>> The problem is that if INBOX exists the dsync create a new folder with name like b5893c0a93ff694e551200002dfa3112 > >>>> Can I migrate to the existing INBOX? or How can I merge the 2 INBOX folders? > > > > Have you created the dbox directory before running dsync? And opened it > > with some tool? I tried with your config and it worked fine. > > > > The reason why these duplicate INBOXes happen is when INBOX exists both > > in source and in destination when dsync is run. Typically this means > > that you've created the destination INBOX already by e.g. logging in or > > delivering a mail there or something.. > > > > > From dick at fouter.net Mon Sep 12 17:53:18 2011 From: dick at fouter.net (Dick Middleton) Date: Mon, 12 Sep 2011 15:53:18 +0100 Subject: [Dovecot] Dsync and hidden files In-Reply-To: <1315834368.7326.55.camel@hurina> References: <4E6DE6EB.3080000@fouter.net> <1315834368.7326.55.camel@hurina> Message-ID: <4E6E1CDE.3090300@fouter.net> On 09/12/11 14:32, Timo Sirainen wrote: > On Mon, 2011-09-12 at 12:03 +0100, Dick Middleton wrote: >> It would be nice if they were ignored (or copied unchanged). Is there another >> way to deal with them other than by deleting thm? > > Here: http://hg.dovecot.org/dovecot-2.0/raw-rev/3c8b44bb1974 Did you just do that? For me? Wow, I'm flattered. Many thanks. Dick From simon.brereton at buongiorno.com Mon Sep 12 18:02:33 2011 From: simon.brereton at buongiorno.com (Simon Brereton) Date: Mon, 12 Sep 2011 11:02:33 -0400 Subject: [Dovecot] Mails repopping In-Reply-To: <1315823847.7326.17.camel@hurina> References: <004b01cc6f13$04a166d0$0de43470$@brereton@buongiorno.com> <1315823847.7326.17.camel@hurina> Message-ID: <021d01cc715d$015f9400$041ebc00$@brereton@buongiorno.com> > -----Original Message----- > From: Timo Sirainen [mailto:tss at iki.fi] > On Fri, 2011-09-09 at 13:07 -0400, Simon Brereton wrote: > > > I have a server that's been running Courier for about 6 years and > in > > all that time I think I've only ever had 1 issues where an entire > mail > > box was repopped by a webmail client. However, since moving to a > new > > server and dovecot 4 weeks ago, I've now had the webmail client > repop > > this account 4 times (there are about 230 mails in the account). > > > > Is there a setting I need to tighten to prevent/remedy this? I > have > > no idea if it's happening on other accounts, but this is one that I > > see. The format is maildir. There has been no changes to the > webmail > > client. > > dovecot -n output would have been nice. Also do you see anything in > error logs? Ah. My apologies of course. Here it is.. mail:~# dovecot -n # 1.2.15: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.2 ext3 log_timestamp: %Y-%m-%d %H:%M:%S protocols: imap imaps pop3 pop3s ssl_ca_file: /etc/ssl/keys/rhodes-ca.crt ssl_cert_file: /etc/ssl/keys/mail.domain.net.crt ssl_key_file: /etc/ssl/private/mail.domain.net.key disable_plaintext_auth: no login_dir: /var/run/dovecot/login login_executable(default): /usr/lib/dovecot/imap-login login_executable(imap): /usr/lib/dovecot/imap-login login_executable(pop3): /usr/lib/dovecot/pop3-login mail_privileged_group: mailsystem mail_location: maildir:/var/spool/mail/virtual/%d/%n maildir_very_dirty_syncs: yes mbox_write_locks: fcntl dotlock mail_executable(default): /usr/lib/dovecot/imap mail_executable(imap): /usr/lib/dovecot/imap mail_executable(pop3): /usr/lib/dovecot/pop3 mail_plugins(default): quota imap_quota mail_plugins(imap): quota imap_quota mail_plugins(pop3): quota mail_plugin_dir(default): /usr/lib/dovecot/modules/imap mail_plugin_dir(imap): /usr/lib/dovecot/modules/imap mail_plugin_dir(pop3): /usr/lib/dovecot/modules/pop3 imap_client_workarounds(default): outlook-idle delay-newmail imap_client_workarounds(imap): outlook-idle delay-newmail imap_client_workarounds(pop3): pop3_client_workarounds(default): pop3_client_workarounds(imap): pop3_client_workarounds(pop3): outlook-no-nuls oe-ns-eoh lda: postmaster_address: postmaster at domain.net mail_plugins: quota log_path: info_log_path: deliver_log_format: msgid=%m: %f: %$ auth default: mechanisms: plain login user: mailsystem verbose: yes passdb: driver: sql args: /etc/dovecot/dovecot-sql.conf userdb: driver: prefetch userdb: driver: static args: uid=999 gid=115 home=/var/spool/mail/virtual/%d/%n allow_all_users=yes socket: type: listen client: path: /var/spool/postfix/private/auth mode: 432 user: postfix group: mailsystem master: path: /var/run/dovecot/auth-master mode: 432 user: mailsystem group: mailsystem plugin: quota: maildir Could you make dovecot -n munge the certificate and postmaster email addresses? I'm not comfortable with that floating on the internet.. The only thing I have in the logs is 2 sessions where mail was popped (note, it doesn't even add up to the 183 messages in the mail box). But those sessions are vastly longer than the regular ones (tens of minutes compared to a few seconds). Since both IPs are on the back-bone, that's quite a while to download 100 mails (none of which are over Sep 11 21:36:25 mail dovecot: pop3-login: Login: user=, method=PLAIN, rip=64.88.168.84, lip=83.170.65.xxx, TLS Sep 11 21:36:34 mail dovecot: POP3(user at domain.com): Disconnected: Logged out top=0/0, retr=0/0, del=0/183, size=14025971 Sep 11 21:43:44 mail dovecot: pop3-login: Login: user=, method=PLAIN, rip=64.88.168.84, lip=83.170.65.xxx, TLS Sep 11 21:44:54 mail dovecot: POP3(user at domain.com): Disconnected: Logged out top=0/0, retr=0/0, del=0/183, size=14025971 Sep 11 21:52:31 mail dovecot: pop3-login: Login: user=, method=PLAIN, rip=64.88.168.84, lip=83.170.65.xxx, TLS Sep 11 22:56:01 mail dovecot: POP3(user at domain.com): Disconnected: Logged out top=0/0, retr=100/9182678, del=0/183, size=14025971 Sep 11 23:08:58 mail dovecot: pop3-login: Login: user=, method=PLAIN, rip=64.88.168.84, lip=83.170.65.xxx, TLS Sep 11 23:37:57 mail dovecot: POP3(user at domain.com): Disconnected: Logged out top=0/0, retr=75/4748674, del=0/183, size=14025971 Sep 12 00:04:11 mail dovecot: pop3-login: Login: user=, method=PLAIN, rip=64.88.168.84, lip=83.170.65.xxx, TLS Sep 12 00:04:26 mail dovecot: POP3(user at domain.com): Disconnected: Logged out top=0/0, retr=0/0, del=0/183, size=14025971 Sep 12 00:07:40 mail dovecot: pop3-login: Login: user=, method=PLAIN, rip=64.88.168.84, lip=83.170.65.xxx, TLS Sep 12 00:07:53 mail dovecot: POP3(user at domain.com): Disconnected: Logged out top=0/0, retr=0/0, del=0/183, size=14025971 > If you're using the default pop3_uidl_format it'll rely on IMAP UIDs > to stay the same, and I guess it's possible that due to some other > problem they change (that should be logged as an error/warning > though). > > You could try setting pop3_uidl_format=%f, but it will cause everyone > to redownload mails. With newer Dovecot versions you could set > pop3_save_uidl=yes and when you think everyone's downloaded mails > once you can safely change the pop3_uidl_format. Sorry, I'm very new to dovecot and I'm not sure I understand. I presume because neither of those keys are in the dovecot -n output that they are as the defaults, yes? The account is indeed accessed by IMAP as well (from a mobile device mostly), but I don't see anything fishy there either. How could I see if the IMAP UIDs have changed? Sep 11 21:20:32 mail dovecot: IMAP(user at domain.com): Connection closed bytes=1095/8292 Sep 11 21:26:03 mail dovecot: imap-login: Login: user=, method=PLAIN, rip=174.252.83.244, lip=83.170.65.xxx, TLS Sep 11 22:11:20 mail dovecot: IMAP(user at domain.com): Disconnected for inactivity bytes=725/5638 Sep 11 22:17:10 mail dovecot: imap-login: Login: user=, method=PLAIN, rip=174.252.83.244, lip=83.170.65.xxx, TLS Sep 11 23:12:06 mail dovecot: IMAP(user at domain.com): Disconnected for inactivity bytes=1471/11025 Sep 11 23:23:22 mail dovecot: imap-login: Login: user=, method=PLAIN, rip=174.252.83.244, lip=83.170.65.xxx, TLS Sep 11 23:52:52 mail dovecot: IMAP(user at domain.com): Connection closed bytes=1841/13679 Sep 12 00:08:47 mail dovecot: imap-login: Login: user=, method=PLAIN, rip=174.252.83.244, lip=83.170.65.xxx, TLS Sep 12 01:19:05 mail dovecot: imap-login: Login: user=, method=PLAIN, rip=174.252.83.244, lip=83.170.65.xxx, TLS Sep 12 02:57:01 mail dovecot: IMAP(user at domain.com): Connection closed bytes=2713/60026 Sep 12 02:57:01 mail dovecot: IMAP(user at domain.com): Connection closed bytes=2688/18635 There are no errors or warnings in the mail log (I have one shared log file for postfix, amavis and dovecot). Reading the notes for pop3_save_uidl it doesn't seem to be a dangerous option - should I turn that on? Why will it force everyone to redownload mails (there's nothing about it on the wiki)? Thanks! Simon From simon.brereton at buongiorno.com Mon Sep 12 18:21:14 2011 From: simon.brereton at buongiorno.com (Simon Brereton) Date: Mon, 12 Sep 2011 11:21:14 -0400 Subject: [Dovecot] Mails repopping In-Reply-To: <021d01cc715d$015f9400$041ebc00$@brereton@buongiorno.com> References: <004b01cc6f13$04a166d0$0de43470$@brereton@buongiorno.com> <1315823847.7326.17.camel@hurina> <021d01cc715d$015f9400$041ebc00$@brereton@buongiorno.com> Message-ID: <022801cc715f$9d2e49b0$d78add10$@brereton@buongiorno.com> > -----Original Message----- > From: dovecot-bounces at dovecot.org [mailto:dovecot- > bounces at dovecot.org] On Behalf Of Simon Brereton > > -----Original Message----- > > From: Timo Sirainen [mailto:tss at iki.fi] On Fri, 2011-09-09 at 13:07 > > -0400, Simon Brereton wrote: > > > > > I have a server that's been running Courier for about 6 years and > > in > > > all that time I think I've only ever had 1 issues where an entire > > mail > > > box was repopped by a webmail client. However, since moving to a > > new > > > server and dovecot 4 weeks ago, I've now had the webmail client > > repop > > > this account 4 times (there are about 230 mails in the account). > > > > > > Is there a setting I need to tighten to prevent/remedy this? I > > have > > > no idea if it's happening on other accounts, but this is one that > I > > > see. The format is maildir. There has been no changes to the > > webmail > > > client. > > > > dovecot -n output would have been nice. Also do you see anything in > > error logs? > > Ah. My apologies of course. Here it is.. > > mail:~# dovecot -n > # 1.2.15: /etc/dovecot/dovecot.conf > # OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.2 ext3 I've only just noticed that installing from apt-get on Debian 64-bit installs Dovecot 1.2 - does anyone know when 2.x will be available via apt? Simon From zaharovr at inbox.ru Mon Sep 12 18:24:41 2011 From: zaharovr at inbox.ru (Roman Zakharov) Date: Mon, 12 Sep 2011 19:24:41 +0400 Subject: [Dovecot] dovecot 2.0.12: mdbox & quota=dirsize In-Reply-To: <1315825456.7326.26.camel@hurina> References: <1315825456.7326.26.camel@hurina> Message-ID: <4E6E2439.3080109@inbox.ru> 12.09.2011 15:04, Timo Sirainen ?????: > On Fri, 2011-09-09 at 15:24 +0400, ????? ?????? wrote: >> #doveconf -v >> ...................... >> quota = dirsize:User quota >> quota_debug = yes > There's no such setting as quota_debug. Yes, really, not used adjustment, but doesn't cause errors :) > >> then i change ./dovecot-2.0.12/src/plugins/quota?/quota-dirsize.c >> 165--path = mailbox_list_get_path(namespaces[i]->list, NULL,? >> 166-- MAILBOX_LIST_PATH_TYPE_MAILBOX?); >> 165++path = mailbox_list_get_path(namespaces[i]->list, NULL, >> 166++ MAILBOX_LIST_PATH_TYPE_DIR);?? > Well.. Hmm. I suppose that's ok. Done: > http://hg.dovecot.org/dovecot-2.0/rev/9ea79795088d > (Looks like hg web doesn't like UTF-8 in your name.) > > Roman Zakharov, it is not important, i think From ka at pacific.net Mon Sep 12 18:49:11 2011 From: ka at pacific.net (Ken A) Date: Mon, 12 Sep 2011 10:49:11 -0500 Subject: [Dovecot] Attacking Dovecot In-Reply-To: <201109092145.p89LjQLb017904@panas.otenet.gr> References: <201109092145.p89LjQLb017904@panas.otenet.gr> Message-ID: <4E6E29F7.90401@pacific.net> That's all normal activity (failed logins) for any internet facing machine. They may be dictionary attacks, or not... If they get on your nerves, block them. Strong passwords will help more. Also, it's likely that you have forged mail coming in from outside, and not really "spam from local users" ? If it is really locally generated, then disable the account. Ken On 9/9/2011 4:45 PM, Nikos Papadopoulos wrote: > Hello, > > > > I am using Dovecot ver.1.0.7 on an x86 server with RedHat Linux Enterprise 5 > and the following configuration: > > > > # 1.0.7: /etc/dovecot.conf > > protocols: pop3 > > login_dir: /var/run/dovecot/login > > login_executable: /usr/libexec/dovecot/pop3-login > > mail_location: mbox:~/mail:INBOX=/var/mail/%u > > mail_executable: /usr/libexec/dovecot/pop3 > > mail_plugin_dir: /usr/lib/dovecot/pop3 > > pop3_client_workarounds: outlook-no-nuls oe-ns-eoh > > auth default: > > passdb: > > driver: pam > > userdb: > > driver: passwd > > > > > > It seems that my mail server is being attacked by someone who tries to > retrieve users' credentials. Please read below an output of logwatch. > > > > dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information > about > > user sandra > > dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information > about > > user tanya > > dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information > about > > user tanya > > dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information > about > > user dark > > dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information > about > > user dark > > dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information > about > > user gibson > > dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information > about > > user frank > > dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information > about > > user frank > > > > > > > > Besides, some of the local users receive "spam" emails, which seem to be > sent by another local user. > > > > Please assist me on how to prevent the aforementioned attack. > > > > Best Regards, > > > > Nikos > > > > -- Ken Anderson Pacific Internet - http://www.pacific.net Latest Pacific.Net Status - http://twitter.com/pacnetstatus From listas.correo at yahoo.es Mon Sep 12 18:55:51 2011 From: listas.correo at yahoo.es (mailing lists) Date: Mon, 12 Sep 2011 16:55:51 +0100 (BST) Subject: [Dovecot] director ignoring director_mail_servers for lmtp connections Message-ID: <1315842951.89437.YahooMailNeo@web29120.mail.ird.yahoo.com> Hello, Following Jan-Frode's advise I am trying this configuration: {postfix} ---lmtp---> {director} ---lmtp---> {dovecot} so I have two dovecot instances for director/proxy and lmtp delivery on ports 1024 and 24 respectively. whilst for imap connections I can specify a pool of imap backend servers via 'director_mail_servers' it seems is not possible with lmtp. Sep 12 17:14:13 imap1 dovecot: auth: Debug: master in: PASS?? 1?????? user001 at example.com ?? service=lmtp??? lip=::1 lport=1024????? rip=::1 rpor5 Sep 12 17:14:13 imap1 dovecot: auth: Debug: static(user001 at example.com,::1): lookup Sep 12 17:14:13 imap1 dovecot: auth: Debug: password(user001 at eexample.com,::1): Credentials: Sep 12 17:14:13 imap1 dovecot: auth: Debug: master out: PASS? 1?????? user=user001 at example.com?????? proxy?? port=24 Sep 12 17:14:13 imap1 dovecot: lmtp(25682): Debug: auth input: user=user001 at example.com proxy port=24 Sep 12 17:14:13 imap1 dovecot: lmtp(25682): Error: proxy: host not given Sep 12 17:14:13 imap1 dovecot: lmtp(25682): Debug: Loading modules from directory: /usr/lib64/dovecot/modules Sep 12 17:14:13 imap1 dovecot: lmtp(25682): Debug: Module loaded: /usr/lib64/dovecot/modules/lib01_acl_plugin.so Sep 12 17:14:13 imap1 dovecot: auth: Debug: master in: USER?? 2?????? user001 at example.com??? service=lmtp??? lip=::1 rip=::1 Sep 12 17:14:13 imap1 dovecot: auth: Debug: static(user001 at example.com,::1): lookup Sep 12 17:14:13 imap1 dovecot: auth: Debug: password(user001 at example.com,::1): Credentials: Sep 12 17:14:13 imap1 dovecot: auth: Debug: master out: USER? 2?????? user001 at example.com Sep 12 17:14:13 imap1 dovecot: lmtp(25682): Debug: auth input: user001 at example.com Sep 12 17:14:43 imap1 dovecot: lmtp(25682): Disconnect from ::1: Client quit (in RCPT TO) how I can redirect incoming lmtp request to backend lmtp servers (and not just one)? what I'm missing here? ??? /----------/ # dovecot -c /etc/dovecot-director/dovecot.conf -n # 2.0.14: /etc/dovecot-director/dovecot.conf # OS: Linux 2.6.34.7-0.7-xen x86_64 openSUSE 11.3 (x86_64) auth_debug = yes auth_debug_passwords = yes auth_verbose = yes auth_verbose_passwords = plain base_dir = /var/run/dovecot-director/ director_mail_servers = 101.180.245.101 director_servers = 101.180.245.101 disable_plaintext_auth = no lmtp_proxy = yes mail_debug = yes mail_fsync = always mail_gid = 5000 mail_nfs_index = yes mail_nfs_storage = yes mail_plugins = acl mail_uid = 5000 managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date mmap_disable = yes passdb { ? args = proxy=y nopassword=y ? driver = static } plugin { ? acl = vfile ? sieve = ~/.dovecot.sieve ? sieve_dir = ~/sieve } protocols = imap lmtp service auth { ? unix_listener auth-userdb { ??? group = vmail ??? mode = 0666 ??? user = vmail ? } } service director { ? fifo_listener login/proxy-notify { ??? mode = 0666 ? } ? inet_listener { ??? port = 9090 ? } ? unix_listener director-userdb { ??? mode = 0666 ? } ? unix_listener login/director { ??? mode = 0666 ? } } service imap-login { ? executable = imap-login director ? inet_listener imap { ??? port = 10143 ? } } service lmtp { ? inet_listener lmtp { ??? port = 1024 ? } } ssl = no verbose_proctitle = yes protocol lmtp { ? passdb { ??? args = proxy=y nopassword=y port=24 ??? driver = static ? } } protocol imap { ? mail_max_userip_connections = 100 } From Christian.Schmidt at chemie.uni-hamburg.de Mon Sep 12 19:03:35 2011 From: Christian.Schmidt at chemie.uni-hamburg.de (Christian Schmidt) Date: Mon, 12 Sep 2011 18:03:35 +0200 Subject: [Dovecot] userdb static & Quota from LDAP? In-Reply-To: <1315823607.7326.14.camel@hurina> References: <20110909215855.GA4680@chemie.uni-hamburg.de> <1315823607.7326.14.camel@hurina> Message-ID: <20110912160335.GG16271@chemie.uni-hamburg.de> Hello Timo, Timo Sirainen, 12.09.2011 (d.m.y): > On Fri, 2011-09-09 at 23:58 +0200, Christian Schmidt wrote: > > userdb { > > driver = static > > args = uid=vmail gid=vmail home=/var/maildir/%u > > } > > These can be replaced with global settings: > > mail_uid = vmail > mail_gid = vmail > mail_home = /var/maildir/%u > > > Now I'd like to add per-user quotas that will also be stored in the > > LDAP directory, and I'm not sure how to put things together. > > IMHO quota is the only "userdb information" requested from LDAP, and > > I'd like to leave all the other "userdb pieces" as the are. I changed > > the userdb definition to: > > userdb { > > driver = ldap > > args = /etc/dovecot/conf.d/ldap-userdb.ext > > } > > > > My /etc/dovecot/conf.d/ldap-userdb.ext contains (along other lines): > > > > user_attrs = uid=vmail,gid=vmail,home=/var/maildir/%u,mailQuota=quota=quota_rule=*:storage=%$ > > Just set those global settings and drop uid/gid/home from here. Or you > could get them working here too, but the syntax is slightly wrong: > > user_attrs = =uid=vmail, =gid=vmail, .. > > (With the above settings you're telling Dovecot that LDAP "uid" field > will be assigned to Dovecot's "vmail" field, and the "gid" field > immediately overrides it, and LDAP "home" field's value is set to > Dovecot's "/var/maildir/%u" field.) This is working now: user_attrs = mailQuota=quota_rule=*:bytes=%$ Thank you, Timo! Gruss/Regards, Christian Schmidt -- You're at the end of the road again. From dave.stubbs at utoronto.ca Mon Sep 12 19:10:46 2011 From: dave.stubbs at utoronto.ca (Dave Stubbs) Date: Mon, 12 Sep 2011 12:10:46 -0400 Subject: [Dovecot] Possible to Customize File Naming Scheme? Message-ID: <4E6E2F06.6000507@utoronto.ca> Hello all, [Sorry if this has been covered already - I searched back a little way in the archive and didn't find anything recent on the topic.] I'm wondering if it is possible to customize the way dovecot creates or modifies filenames in the maildir directories? I'm watching how my mail system works, and I see that procmail creates a new file in the /new directory, each time an email is received. This file is some complex combination of UIDs and things, suffixed by the server name. So far, the filename has alphanumerics, a couple underscores, and a dot or two only. But once dovecot gets it's hands on the file and moves it to the /cur directory, it starts doing "terrible" things to the file name. Now, the filename starts to have "evil" things in it, like colons and commas. Is there a way to change this? I'm asking this primarily because I use dovecot as a massive long-term email archiving system. One of the things one needs to be able to do when running a long-term archive like this is keep things as simple and accessible as possible. The reason I use maildir is that I totally buy into the "one email, one file" idea - it means I don't have to store messages in big consolidated database files that are changeable with each new version of the vendor's software release (such as exchange DBs or Outlook PST files) or that are horrible performers (such as mbox). One of the nice things about the maildir "each email is a separate file" idea is that you are not limited to maildir or dovecot or any other piece of software to handle, read, and process the files. For instance, I would like to backup my maildir by using rsync to synchronize my dovecot-managed maildir to a Windows server running NFS. From there the files are synchronized via Windows DFS ( to which there is no open source solution that is even close) to several other servers around the continent. Only thing: The evil commas and colons in the filenames are anathema to Windows. So instead I tar the maildir folders to tgz files on the windows server, and the tgz's are synchronized to other DR sites. If I could do without the need for tar (mandated solely because of the colons and commas in the dovecot filename scheme) I could minimize the time to backup (only synchronizing changes) and suddenly I would have a lot of other benefits opened up. One simple one would be that if I could configure dovecot to append the .eml extension to the end of every file (technically each file in a maildir is an eml file regardless of the extension being present or not - eml is just a raw mail file just like what you'd find in a maildir) I would have instant access to them using Search Server Express, which can read eml files but strongly prefers to use extentions to recognize files as such. To be clear: I'm not requesting that dovecot's file naming convention be changed to match my quirky requirements - I'm just asking if it could be made configurable, so I could change it to match my needs and others could change it to match theirs. In the interests of REALLY being able to use the elegantly simple idea of each mail being a separate file, I'm trying to get more out of that great pile of folders and files I'm amassing in my mail archive server. The more use I can make of them with other software other than dovecot (i.e. data crawling, indexing, easy recovery in a catastrophe, etc) the more valuable this format is. Is this possible? From micah at riseup.net Mon Sep 12 19:17:09 2011 From: micah at riseup.net (Micah Anderson) Date: Mon, 12 Sep 2011 12:17:09 -0400 Subject: [Dovecot] quota percents References: <87sjo5wkfy.fsf@algae.riseup.net> <1315824208.7326.21.camel@hurina> Message-ID: <8739g1ka62.fsf@algae.riseup.net> Timo Sirainen writes: > On Fri, 2011-09-09 at 16:05 -0400, Micah Anderson wrote: > >> its incorrect because if you change it to what it suggests ('+10%') it >> wont work because that wont be 10% more, rather, it is set to bytes=+10: > > Well, that's a more complex problem. The %% escaping needs to be done in > dovecot.conf, but it doesn't need to be done elsewhere. If this said > that "use +10%%" and someone gives that in SQL user_query, it will > break. So I'm not changing the warning. Ok, that makes sense. >> However, it doesn't seem to work in practice, because I have a user that >> is at 99% of quota, with nothing in the Trash who cannot move a 77KB >> message into the Trash without getting the quota_exceeded message and >> refusing to move it. > > dovecot -n output? NOTE: i turned off the quota plugins while this is sorted, so you wont see them enabled below. # 2.0.13: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.2 auth_default_realm = example.net auth_verbose = yes default_process_limit = 256 default_vsz_limit = 512 M dict { expire = mysql:/etc/dovecot/dovecot-dict-sql.conf quota = mysql:/etc/dovecot/dovecot-dict-sql.conf } disable_plaintext_auth = no first_valid_gid = 8 first_valid_uid = 8 last_valid_gid = 8 last_valid_uid = 8 listen = * login_greeting = howdy, ready. mail_location = mdbox:~/mdbox mail_plugins = expire maildir_very_dirty_syncs = yes namespace { inbox = yes location = prefix = separator = . } namespace { hidden = yes inbox = no list = no location = prefix = INBOX. separator = . } passdb { args = /etc/dovecot/dovecot-sql.conf driver = sql } plugin { expire = Trash expire2 = Trash/* expire3 = Spam expire_dict = proxy::expire quota = dict:Your mail quota::proxy::quota quota_exceeded_message = You are over quota. To avoid losing mail, immediately empty your Trash and Sent folders and delete emails with large attachments. quota_rule = *:bytes=24117248 quota_rule2 = Trash:bytes=+50%% quota_rule3 = Spam:bytes=+20%% } postmaster_address = postmaster at example.net protocols = imap pop3 service dict { unix_listener dict { group = mail mode = 0600 user = mail } } service imap-login { process_min_avail = 10 service_count = 0 vsz_limit = 512 M } service imap-postlogin { executable = script-login /maildir/postlogin_imap user = $default_internal_user } service pop3-postlogin { executable = script-login /maildir/postlogin_pop user = $default_internal_user } ssl_cert = References: <4E6E2F06.6000507@utoronto.ca> Message-ID: <20110912131803.Horde.lV3aUMm_qOVObjC720uXbjA@mail.kalinowski.com.br> On Seg, 12 Set 2011, Dave Stubbs wrote: > Hello all, > > I'm watching how my mail system works, and I see that procmail > creates a new file in the /new directory, each time an email > is received. This file is some complex combination of UIDs and > things, suffixed by the server name. So far, the filename has > alphanumerics, a couple underscores, and a dot or two only. > > But once dovecot gets it's hands on the file and moves it to the > /cur directory, it starts doing "terrible" things to the > file name. Now, the filename starts to have "evil" things in it, > like colons and commas. The colon and commas are part of the Maildir spec[0], so no, it can't be changed. [0]http://cr.yp.to/proto/maildir.html -- If you want to read about love and marriage you've got to buy two separate books. -- Alan King Eduardo M KALINOWSKI eduardo at kalinowski.com.br From tss at iki.fi Mon Sep 12 19:22:23 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 19:22:23 +0300 Subject: [Dovecot] Possible to Customize File Naming Scheme? In-Reply-To: <4E6E2F06.6000507@utoronto.ca> References: <4E6E2F06.6000507@utoronto.ca> Message-ID: <94C2EC27-49CF-49EE-B778-7C09ED3A6B0A@iki.fi> On 12.9.2011, at 19.10, Dave Stubbs wrote: > I'm watching how my mail system works, and I see that procmail creates a new file in the /new directory, each time an email is received. This file is some complex combination of UIDs and things, suffixed by the server name. So far, the filename has alphanumerics, a couple underscores, and a dot or two only. > > But once dovecot gets it's hands on the file and moves it to the /cur directory, it starts doing "terrible" things to the file name. Now, the filename starts to have "evil" things in it, like colons and commas. Is there a way to change this? That's how Maildir works to store message flags. If you don't like it, use something else. > I'm asking this primarily because I use dovecot as a massive long-term email archiving system. One of the things one needs to be able to do when running a long-term archive like this is keep things as simple and accessible as possible. The reason I use maildir is that I totally buy into the "one email, one file" idea - it means I don't have to store messages in big consolidated database files that are changeable with each new version of the vendor's software release (such as exchange DBs or Outlook PST files) or that are horrible performers (such as mbox). Dovecot v2.0's sdbox format could work for you. > One of the nice things about the maildir "each email is a separate file" idea is that you are not limited to maildir or dovecot or any other piece of software to handle, read, and process the files. Well, sdbox isn't good for that then anymore. Cydir backend could possibly work, although it is missing some features that dbox has and was mainly intended as an example code for super simple mailbox format. > For instance, I would like to backup my maildir by using rsync to synchronize my dovecot-managed maildir to a Windows server running NFS. From there the files are synchronized via Windows DFS ( to which there is no open source solution that is even close) to several other servers around the continent. Only thing: The evil commas and colons in the filenames are anathema to Windows. So instead I tar the maildir folders to tgz files on the windows server, and the tgz's are synchronized to other DR sites. You could patch Dovecot's maildir code to use something else than commas and colons in maildir-storage.h: #define MAILDIR_INFO_SEP ':' #define MAILDIR_EXTRA_SEP ',' #define MAILDIR_FLAGS_SEP ',' #define MAILDIR_INFO_SEP_S ":" #define MAILDIR_EXTRA_SEP_S "," #define MAILDIR_FLAGS_SEP_S "," > If I could do without the need for tar (mandated solely because of the colons and commas in the dovecot filename scheme) I could minimize the time to backup (only synchronizing changes) and suddenly I would have a lot of other benefits opened up. One simple one would be that if I could configure dovecot to append the .eml extension to the end of every file (technically each file in a maildir is an eml file regardless of the extension being present or not - eml is just a raw mail file just like what you'd find in a maildir) I would have instant access to them using Search Server Express, which can read eml files but strongly prefers to use extentions to recognize files as such. The message flags should still be stored somewhere if not in the filename. dbox and cydir stores them in Dovecot's index files. > To be clear: I'm not requesting that dovecot's file naming convention be changed to match my quirky requirements - I'm just asking if it could be made configurable, so I could change it to match my needs and others could change it to match theirs. In the interests of REALLY being able to use the elegantly simple idea of each mail being a separate file, I'm trying to get more out of that great pile of folders and files I'm amassing in my mail archive server. The more use I can make of them with other software other than dovecot (i.e. data crawling, indexing, easy recovery in a catastrophe, etc) the more valuable this format is. > > Is this possible? One last possibility is to create your own mailbox format that works exactly like you want. From al-dovecot at none.at Mon Sep 12 20:14:48 2011 From: al-dovecot at none.at (Aleksandar Lazic) Date: Mon, 12 Sep 2011 19:14:48 +0200 Subject: [Dovecot] Sieve envelope :detail "to" "extention" does not deliver to fileinto destination Message-ID: <20110912171448.GB320@none.at> Dear Listmember. I resend this with different Subject so that the spamfilter does not drop the mail, I hope ;-) I try to migrate from my current courier-mta setup fo postfix dovecot setup. I use the following scirpt to filter to the destination mailbox. ### /var/vmail/none.at/al/.dovecot.sieve # from http://wiki.dovecot.org/LDA/Sieve require ["fileinto", "envelope", "subaddress", "include"]; include "lists.sieve"; if envelope :detail "to" "work" { fileinto "INBOX.work"; } ### ### /var/vmail/none.at/al/sieve/lists.sieve require ["fileinto", "subaddress", "envelope" ]; if envelope :detail "to" "pdnsusers" { fileinto "Lists.pdnsusers"; } ### postfix/master ### dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop} -a ${original_recipient} # flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop} -m ${extension} -a ${original_recipient} ### Log ### Sep 11 21:47:48 lvps46-163-74-15 postfix/smtpd[7788]: connect from Sep 11 21:48:12 lvps46-163-74-15 postfix/smtpd[7788]: 495EF9FECAF9: Sep 11 21:48:27 lvps46-163-74-15 postfix/cleanup[7795]: 495EF9FECAF9: message-id=<> Sep 11 21:48:27 lvps46-163-74-15 postfix/qmgr[7785]: 495EF9FECAF9: from=, size=268, nrcpt=1 (queue active) Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda: Debug: Loading modules from directory: /usr/lib/dovecot/modules Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda: Debug: Module loaded: /usr/lib/dovecot/modules/lib90_sieve_plugin.so Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda: Debug: auth input: al at none.at uid=5000 gid=5000 home=/var/vmail/none.at/al Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: Effective uid=5000, gid=5000, home=/var/vmail/none.at/al Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: maildir: root exists (/var/vmail/none.at/al/Maildir) Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: maildir++: root=/var/vmail/none.at/al/Maildir, index=, control=, inbox=/var/vmail/none.at/al/Maildir, alt= Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: none: root=, index=, control=, inbox=, alt= Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: Destination address: al-pdnsuser at none.at (source: -a parameter) Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: sieve: using sieve path for user's script: /var/vmail/none.at/al/.dovecot.sieve Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: sieve: opening script /var/vmail/none.at/al/.dovecot.sieve Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: sieve: script binary /var/vmail/none.at/al/.dovecot.svbin successfully loaded Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: sieve: binary save: not saving binary /var/vmail/none.at/al/.dovecot.svbin, because it is already stored Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: sieve: executing script from /var/vmail/none.at/al/.dovecot.svbin Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): sieve: msgid=unspecified: stored mail into mailbox 'INBOX' Sep 11 21:48:27 lvps46-163-74-15 postfix/pipe[7797]: 495EF9FECAF9: to=, relay=dovecot, delay=28, delays=28/0.02/0/0.22, dsn=2.0.0, status=sent (delivered via dovecot service) Sep 11 21:48:27 lvps46-163-74-15 postfix/qmgr[7785]: 495EF9FECAF9: removed Sep 11 21:48:28 lvps46-163-74-15 postfix/smtpd[7788]: disconnect from xxx ### dovecot -n => attachment dovecot_-n ~#: egrep -v '^(#|$)' /etc/dovecot/dovecot-sql.conf #### driver = mysql connect = host=127.0.0.1 dbname=mailserver user=$USER \ password=$PASSWORD default_pass_scheme = PLAIN-MD5 password_query = SELECT user_email AS user, \ user_password AS password \ FROM virtual_users WHERE user_email='%u'; #### Due to the fact that I'am new to dovecot and sieve I hope anybody can help the solve this issue. My target is to filter the mailinglists based on address extention or is it better to filter on to header? Is there a 'log' or 'print' command in the sieve filter or how can I write a message to the log file? Many thanks for your help BR Aleks -------------- next part -------------- # 2.0.14: /etc/dovecot/dovecot.conf # OS: Linux 2.6.18-028stab092.1 x86_64 Ubuntu 10.04.3 LTS auth_mechanisms = plain login digest-md5 cram-md5 disable_plaintext_auth = no log_timestamp = "%Y-%m-%d %H:%M:%S " mail_debug = yes mail_privileged_group = mail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date passdb { args = /etc/dovecot/dovecot-sql.conf driver = sql } protocols = imap recipient_delimiter = - service auth { unix_listener auth-userdb { group = vmail mode = 0755 user = vmail } user = root } ssl_cert = References: <1315581724.65256.YahooMailNeo@web27201.mail.ukl.yahoo.com> <1315824012.7326.19.camel@hurina> Message-ID: <1315850294.2049.YahooMailNeo@web27201.mail.ukl.yahoo.com> On Fri, 2011-09-09 at 16:22 +0100, Spyros Tsiolis wrote: > OK, no answers on my previous e-mail. I'll rephrase it. > How can I get rid of subfolders on a users' tree-like structure on dovecot ? > Which file must I "touch" ? This still isn't very understandable. You can delete subfolders with either IMAP client (= IMAP DELETE command) or simply rm -rf in the filesystem. Or do you mean moving the subfolders to be root level folders? Again IMAP client should be able to do this, or in filesystem level (assuming Maildir++) you'd do something like: mv ~/Maildir/.root.subfolder ~/Maildir/.subfolder ________________________________ Timo, thank you kindly for your time and patience, It's a weird scenario where the user uses Thunderbird and managed to create folders underneath the subscribers' (her) root folder with symbols that are not accepted by thunderbird. Hence, the trouble of not being able to get rid of these folders. Thanks for the pointer. I'll have to look more closely to the help pages for the IMAP protocol. Best Regards, spyros ? ---- "I merely function as a channel that filters music through the chaos of noise" - Vangelis From dave.stubbs at utoronto.ca Mon Sep 12 21:00:49 2011 From: dave.stubbs at utoronto.ca (Dave Stubbs) Date: Mon, 12 Sep 2011 14:00:49 -0400 Subject: [Dovecot] Possible to Customize File Naming Scheme? In-Reply-To: <94C2EC27-49CF-49EE-B778-7C09ED3A6B0A@iki.fi> References: <4E6E2F06.6000507@utoronto.ca> <94C2EC27-49CF-49EE-B778-7C09ED3A6B0A@iki.fi> Message-ID: <4E6E48D1.3040802@utoronto.ca> On 9/12/2011 12:22 PM, Timo Sirainen wrote: > On 12.9.2011, at 19.10, Dave Stubbs wrote: > >> I'm watching how my mail system works, and I see that procmail creates a new file in the/new directory, each time an email is received. This file is some complex combination of UIDs and things, suffixed by the server name. So far, the filename has alphanumerics, a couple underscores, and a dot or two only. >> >> But once dovecot gets it's hands on the file and moves it to the/cur directory, it starts doing "terrible" things to the file name. Now, the filename starts to have "evil" things in it, like colons and commas. Is there a way to change this? > That's how Maildir works to store message flags. If you don't like it, use something else. Fair enough > >> I'm asking this primarily because I use dovecot as a massive long-term email archiving system. One of the things one needs to be able to do when running a long-term archive like this is keep things as simple and accessible as possible. The reason I use maildir is that I totally buy into the "one email, one file" idea - it means I don't have to store messages in big consolidated database files that are changeable with each new version of the vendor's software release (such as exchange DBs or Outlook PST files) or that are horrible performers (such as mbox). > Dovecot v2.0's sdbox format could work for you. > >> One of the nice things about the maildir "each email is a separate file" idea is that you are not limited to maildir or dovecot or any other piece of software to handle, read, and process the files. > Well, sdbox isn't good for that then anymore. Cydir backend could possibly work, although it is missing some features that dbox has and was mainly intended as an example code for super simple mailbox format. Well, maybe sdbox could still work. Just a quick question - what is the format of the u.* file? Is it still a raw (possibly partially) mime-encoded file that contains the all-important From: line, just like a mail file in a maildir folder? If so, I could sync the sdbox files elsewhere and index them if I could convince dovecot to use the filename scheme u.*.eml instead of u.* Possible? Or is the sdbox file format different? From tss at iki.fi Mon Sep 12 21:07:28 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 21:07:28 +0300 Subject: [Dovecot] Possible to Customize File Naming Scheme? In-Reply-To: <4E6E48D1.3040802@utoronto.ca> References: <4E6E2F06.6000507@utoronto.ca> <94C2EC27-49CF-49EE-B778-7C09ED3A6B0A@iki.fi> <4E6E48D1.3040802@utoronto.ca> Message-ID: On 12.9.2011, at 21.00, Dave Stubbs wrote: >>> One of the nice things about the maildir "each email is a separate file" idea is that you are not limited to maildir or dovecot or any other piece of software to handle, read, and process the files. >> Well, sdbox isn't good for that then anymore. Cydir backend could possibly work, although it is missing some features that dbox has and was mainly intended as an example code for super simple mailbox format. > Well, maybe sdbox could still work. Just a quick question - what is the format of the u.* file? Is it still a raw (possibly partially) mime-encoded file that contains the all-important From: line, just like a mail file in a maildir folder? If so, I could sync the sdbox files elsewhere and index them if I could convince dovecot to use the filename scheme u.*.eml instead of u.* sdbox begins with a small dbox header, followed by the message text and finally a dbox metadata footer. Something like: 2 M1e C4e327f7d ^A^BN 0000000000000906 ^A^C R4e327f7d V94e G39670b147d7f324e0e1d000074ccac23 dbox-file.h describes the headers and lists the metadata characters and what they mean. Because of this extra metadata I don't really know if it would be a good idea to name them *.eml. Yes, you could copy specific sdbox files elsewhere and run "doveadm force-resync" on them. All message flags would be lost though, since they're stored only in Dovecot's index files. From tss at iki.fi Mon Sep 12 21:10:38 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 21:10:38 +0300 Subject: [Dovecot] quota percents In-Reply-To: <8739g1ka62.fsf@algae.riseup.net> References: <87sjo5wkfy.fsf@algae.riseup.net> <1315824208.7326.21.camel@hurina> <8739g1ka62.fsf@algae.riseup.net> Message-ID: On 12.9.2011, at 19.17, Micah Anderson wrote: >>> However, it doesn't seem to work in practice, because I have a user that >>> is at 99% of quota, with nothing in the Trash who cannot move a 77KB >>> message into the Trash without getting the quota_exceeded message and >>> refusing to move it. >> >> dovecot -n output? > > namespace { > inbox = yes > location = > prefix = > separator = . > } > namespace { > hidden = yes > inbox = no > list = no > location = > prefix = INBOX. > separator = . > } Maybe the client is using the INBOX. namespace and trying to copy to INBOX.Trash instead of Trash? You could try adding another quota rule for INBOX.Trash. I should probably also change the quota code to follow "alias_for" directives. Then you could have only a single Trash, if you add "alias_for = " to the INBOX. namespace. From nhelauro at gmail.com Mon Sep 12 21:10:56 2011 From: nhelauro at gmail.com (Lauro C.) Date: Mon, 12 Sep 2011 15:10:56 -0300 Subject: [Dovecot] Custom error messages. Message-ID: I am using Dovecot 1.2.9. Is it possible to have custom error messages? I want to translate some of the messages (for instance mailbox full), so it can be more user friendly. I already use the quota warning feature. But I need to translate the messages anyways, is it possible? Lauro From Lutz.Pressler at SerNet.DE Mon Sep 12 21:15:08 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Mon, 12 Sep 2011 20:15:08 +0200 Subject: [Dovecot] 2.1: imapc SUBSCRIBE problem In-Reply-To: <1315822557.7326.0.camel@hurina> References: <1315563414.3876.50.camel@hurina> <20110909102128.GA762256@gabi.sernet.de> <20110909144349.GA846637@gabi.sernet.de> <1315822557.7326.0.camel@hurina> Message-ID: On Mon, 12 Sep 2011, Timo Sirainen wrote: > On Sun, 2011-09-11 at 21:50 +0200, Lutz Pre?ler wrote: > > On Fri, 09 Sep 2011, Lutz Pre?ler wrote: > > > LIST is now working correctly in my setup, but SUBSCRIBE ist not. > > > With subscriptions=no, as written (but same behaviour with subscriptions=yes), > > > SUBSCRIBE INBOX.gmail.INBOX (or others) yields > > > 0 NO [SERVERBUG] Internal error occurred. Refer to server log for more information. [2011-09-09 16:39:40] > > > logging (with mail_debug=yes) only > > > Sep 9 16:39:40 host dovecot: imap(1143, user): Error: stat((null)) failed: Bad address > > After putting (with subscriptions=no) an entry manually into the root > > subscriptions file, everything including UNSUBSCRIBE works fine. > > Yeah, but then remote subscriptions don't work. I think the imapc > subscription problems and namespace prefix problems are now fixed in hg. Not really. No error on SUBSCRIBE anymore, but it does not work permanently: 0 lsub "" "*" * LSUB () "." "INBOX.test.test2" [... further entries ...] 0 OK Lsub completed. 0 subscribe "INBOX.gmail.[Gmail].Spam" 0 OK Subscribe completed. <--- now subscriptions file includes "gmail.[Gmail]/Spam" 0 lsub "" "*" * LSUB () "." "INBOX.test.test2" [... further entries, but NOT INBOX.gmail.[Gmail].Spam ...] 0 OK Lsub completed. <--- now the "gmail.[Gmail]/Spam" line is gone from subscriptions file again! The same happens with INBOX.gmail.INBOX, so it's not the "[]" characters. I have to test with debugging turned on later. Lutz From tss at iki.fi Mon Sep 12 21:16:34 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 21:16:34 +0300 Subject: [Dovecot] Custom error messages. In-Reply-To: References: Message-ID: On 12.9.2011, at 21.10, Lauro C. wrote: > Is it possible to have custom error messages? I want to translate some of > the messages (for instance mailbox full), so it can be more user friendly. I > already use the quota warning feature. But I need to translate the messages > anyways, is it possible? For "mailbox full", yes: http://wiki2.dovecot.org/Quota/Configuration#Custom_Quota_Exceeded_Message Anything else: no. Do you have specific examples of anything else you'd want to change? From tss at iki.fi Mon Sep 12 21:18:12 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 21:18:12 +0300 Subject: [Dovecot] 2.1: imapc SUBSCRIBE problem In-Reply-To: References: <1315563414.3876.50.camel@hurina> <20110909102128.GA762256@gabi.sernet.de> <20110909144349.GA846637@gabi.sernet.de> <1315822557.7326.0.camel@hurina> Message-ID: On 12.9.2011, at 21.15, Lutz Pre?ler wrote: >> Yeah, but then remote subscriptions don't work. I think the imapc >> subscription problems and namespace prefix problems are now fixed in hg. > Not really. No error on SUBSCRIBE anymore, but it does not work > permanently: > > 0 lsub "" "*" > * LSUB () "." "INBOX.test.test2" > [... further entries ...] > 0 OK Lsub completed. > 0 subscribe "INBOX.gmail.[Gmail].Spam" > 0 OK Subscribe completed. > <--- now subscriptions file includes > "gmail.[Gmail]/Spam" There shouldn't be any changes to subscriptions file! The subscriptions are stored on remote IMAP server. What exactly have you set to your namespaces now? From dovecot.user at seibercom.net Mon Sep 12 21:22:39 2011 From: dovecot.user at seibercom.net (Jerry) Date: Mon, 12 Sep 2011 14:22:39 -0400 Subject: [Dovecot] Sieve envelope :detail "to" "extention" does not deliver to fileinto destination In-Reply-To: <20110912171448.GB320@none.at> References: <20110912171448.GB320@none.at> Message-ID: <20110912142239.7ec8eb49@scorpio> On Mon, 12 Sep 2011 19:14:48 +0200 Aleksandar Lazic articulated: > dovecot unix - n n - - pipe > flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f > ${sender} -d ${user}@${nexthop} -a ${original_recipient} > # flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f > ${sender} -d ${user}@${nexthop} -m ${extension} -a > ${original_recipient} I use plus addressing and this is the entry in the master.cf file from Postfix: dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/usr/local/libexec/dovecot/deliver -f ${sender} -d ${user}@${nexthop} -a ${recipient} The "argv" could be different on your system; however the rest should be the same as mine I would assume. If you do make a change, you will have to restart Postfix for it to take effect. -- Jerry ? Dovecot.user at seibercom.net Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __________________________________________________________________ From compconsultant at yahoo.com Mon Sep 12 21:23:35 2011 From: compconsultant at yahoo.com (Steve Fatula) Date: Mon, 12 Sep 2011 11:23:35 -0700 (PDT) Subject: [Dovecot] MySQL, map files In-Reply-To: <1315828341.7326.35.camel@hurina> References: <1315525950.915.YahooMailNeo@web39420.mail.mud.yahoo.com> <1315828341.7326.35.camel@hurina> Message-ID: <1315851815.71073.YahooMailNeo@web39415.mail.mud.yahoo.com> ----- Original Message ----- > From: Timo Sirainen > To: Steve Fatula > Cc: Dovecot List > Sent: Monday, September 12, 2011 6:52 AM > Subject: Re: [Dovecot] MySQL, map files > >> The reason I am asking is I have seen web pages that reference all >> sorts of statements within the map statement, and I have no idea where >> they are documented. Specifically, I see an example here (which is >> LDAP), look in section 3: >> >> http://dovecot.org/patches/1.2/ldap/HOWTO_dictldap+extdata.txt >> >> >> You will see lots of statements, not sure which ones can be used for >> MySQL (instead of LDAP). > > That patch's mapping references to Pigeonhole's extdata plugin. If you > install that plugin you can use SQL or flat file for the same maps. > Ok, so, now we get to the issue. What syntax can be used for the extdata plugin?? If I have an existing MySQL table with the structure: username preference value Username would be the dovecot user name. preference would be a constant, and, value is the variable I want to set via the extdata plugin. The primary key is username + preference (constant, in this case, say it's set to "POP3"). I want to use extdata to retrieve that value. Can it be done using extdata and MySQL map syntax, and if so, can you provide an example? Can I specify the query itself (i.e., select value from table t, another table at where....) From henson at acm.org Mon Sep 12 23:26:17 2011 From: henson at acm.org (Paul B. Henson) Date: Mon, 12 Sep 2011 13:26:17 -0700 Subject: [Dovecot] mysql auth failover failing In-Reply-To: <1315830646.7326.46.camel@hurina> References: <4E6ACC6C.6020200@acm.org> <1315830646.7326.46.camel@hurina> Message-ID: <4E6E6AE9.6040105@acm.org> On 9/12/2011 5:30 AM, Timo Sirainen wrote: > This works okay enough with PostgreSQL because it does asynchronous > lookups, so two simultaneous lookups create a second connection. > MySQL does synchronous lookups though, so the second connection is > normally never created. If I could, I think I'd rather run postgres; but so many things only support mysql you can't really get away with running only postgres, and it's not worth the effort to run two separate sql services . > I suppose the fix to this would be to always connect to all SQL > servers at startup. Perhaps it could be an option, either load balancing between all available servers, or only using later listed servers when the earlier listed ones are failing. For my purposes, either way is fine, as long as authentications don't fail :). The other contributor to this thread, who has a local mysql replica listed first and the central master listed second probably wouldn't want the load balanced between them. > It should have created the second connection here and not fail.. Based on the network traffic, it is really pounding the primary trying to connect, and occasionally connecting to the secondary only to immediately disconnect after either only one or very few queries. > I'll try to debug this soon. Thanks; let me know if there's anything I could do to help, or if there are any potential fixes you would like tested. -- Paul B. Henson | (909) 979-6361 | http://www.csupomona.edu/~henson/ Operating Systems and Network Analyst | henson at csupomona.edu California State Polytechnic University | Pomona CA 91768 From Lutz.Pressler at SerNet.DE Tue Sep 13 01:10:54 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Tue, 13 Sep 2011 00:10:54 +0200 Subject: [Dovecot] 2.1: imapc SUBSCRIBE problem In-Reply-To: References: <1315563414.3876.50.camel@hurina> <20110909102128.GA762256@gabi.sernet.de> <20110909144349.GA846637@gabi.sernet.de> <1315822557.7326.0.camel@hurina> Message-ID: On Mo, 12 Sep 2011, Timo Sirainen wrote: > On 12.9.2011, at 21.15, Lutz Pre?ler wrote: > > Not really. No error on SUBSCRIBE anymore, but it does not work > > permanently: > > > > 0 lsub "" "*" > > * LSUB () "." "INBOX.test.test2" > > [... further entries ...] > > 0 OK Lsub completed. > > 0 subscribe "INBOX.gmail.[Gmail].Spam" > > 0 OK Subscribe completed. > > <--- now subscriptions file includes > > "gmail.[Gmail]/Spam" The problem seems to be the different separators (I missed the "/" earlier). First level mailboxes on gmail do work (I mixed it up... INBOX.gmail.INBOX is fine, as is INBOX.gmail.test). > > There shouldn't be any changes to subscriptions file! The subscriptions are stored on remote IMAP server. Why? With subscriptions=no I would expect the local subscriptions file beeing used (and this is useful!) > What exactly have you set to your namespaces now? The imapc namespace has subscriptions=no. I also tested subscriptions=yes now. That works as expected. (Some glitch with "INBOX.gmail.[Gmail]" not beeing UNSUBSCRIBEbable when \Noselect, but that's probably a Gmail IMAP problem). Lutz From al-dovecot at none.at Tue Sep 13 01:42:44 2011 From: al-dovecot at none.at (Aleksandar Lazic) Date: Tue, 13 Sep 2011 00:42:44 +0200 Subject: [Dovecot] Sieve envelope :detail "to" "extention" does not deliver to fileinto destination In-Reply-To: <20110912142239.7ec8eb49@scorpio> References: <20110912171448.GB320@none.at> <20110912142239.7ec8eb49@scorpio> Message-ID: <20110912224244.GA27446@none.at> Dear Jerry, On Mon 12.09.2011 14:22, Jerry wrote: >On Mon, 12 Sep 2011 19:14:48 +0200 >Aleksandar Lazic articulated: > > > >> dovecot unix - n n - - pipe >> flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f >> ${sender} -d ${user}@${nexthop} -a ${original_recipient} >> # flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f >> ${sender} -d ${user}@${nexthop} -m ${extension} -a >> ${original_recipient} > >I use plus addressing and this is the entry in the master.cf file from >Postfix: > >dovecot unix - n n - - pipe > flags=DRhu user=vmail:vmail argv=/usr/local/libexec/dovecot/deliver -f ${sender} > -d ${user}@${nexthop} -a ${recipient} > >The "argv" could be different on your system; however the rest should >be the same as mine I would assume. If you do make a change, you will >have to restart Postfix for it to take effect. thanks for your info. I have changed the -a to recipient but nothing changed. I have now changed the if statement to ### if header :contains "Delivered-To" "pdnsusers" { ### this works, but the best would be to be able to use ### if envelope :contains :detail "to" "pdnsusers" { ### Is there a command like 'print envelope' or something else to see what variables and envelope deliver have? Here is the log, maybe you can see more the I ;-) ### Sep 13 00:33:18 lvps46-163-74-15 postfix/smtpd[6011]: connect from localhost.localdomain[127.0.0.1] Sep 13 00:33:52 lvps46-163-74-15 postfix/smtpd[6011]: B1EFE9FECC15: client=localhost.localdomain[127.0.0.1] Sep 13 00:34:12 lvps46-163-74-15 postfix/cleanup[5999]: B1EFE9FECC15: message-id=<20110912223352.B1EFE9FECC15 at external.non e.at> Sep 13 00:34:12 lvps46-163-74-15 postfix/qmgr[22260]: B1EFE9FECC15: from=, size=357, nrcpt=1 (queue active) Sep 13 00:34:12 lvps46-163-74-15 dovecot: lda: Debug: Loading modules from directory: /usr/lib/dovecot/modules Sep 13 00:34:12 lvps46-163-74-15 dovecot: lda: Debug: Module loaded: /usr/lib/dovecot/modules/lib15_notify_plugin.so Sep 13 00:34:12 lvps46-163-74-15 dovecot: lda: Debug: Module loaded: /usr/lib/dovecot/modules/lib20_mail_log_plugin.so Sep 13 00:34:12 lvps46-163-74-15 dovecot: lda: Debug: Module loaded: /usr/lib/dovecot/modules/lib90_sieve_plugin.so Sep 13 00:34:12 lvps46-163-74-15 dovecot: lda: Debug: auth input: al at none.at uid=5000 gid=5000 home=/var/vmail/none.at/al Sep 13 00:34:12 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: Effective uid=5000, gid=5000, home=/var/vmail/none.at/al Sep 13 00:34:12 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: maildir: root exists (/var/vmail/none.at/al/Maildir) Sep 13 00:34:12 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: maildir++: root=/var/vmail/none.at/al/Maildir, index=, control=, inbox=/var/vmail/none.at/al/Maildir, alt= Sep 13 00:34:12 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: none: root=, index=, control=, inbox=, alt= Sep 13 00:34:12 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: Destination address: al-pdnsusers at none.at (source: -a parameter) Sep 13 00:34:12 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: sieve: using sieve path for user's script: /var/vmail/none.at/al/.dovecot.sieve Sep 13 00:34:12 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: sieve: opening script /var/vmail/none.at/al/.dovecot.sieve Sep 13 00:34:12 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: sieve: script binary /var/vmail/none.at/al/.dovecot.svbin successfully loaded Sep 13 00:34:12 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: sieve: binary save: not saving binary /var/vmail/none.at/al/.dovecot.svbin, because it is already stored Sep 13 00:34:12 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: sieve: executing script from /var/vmail/none.at/al/.dovecot.svbin Sep 13 00:34:12 lvps46-163-74-15 dovecot: lda(al at none.at): save: box=INBOX, uid=61, msgid=<20110912223352.B1EFE9FECC15 at external.none.at>, size=412 Sep 13 00:34:12 lvps46-163-74-15 dovecot: lda(al at none.at): sieve: msgid=<20110912223352.B1EFE9FECC15 at external.none.at>: stored mail into mailbox 'INBOX' Sep 13 00:34:12 lvps46-163-74-15 postfix/pipe[6001]: B1EFE9FECC15: to=, relay=dovecot, delay=28, delays=28/0/0/0.02, dsn=2.0.0, status=sent (delivered via dovecot service) Sep 13 00:34:12 lvps46-163-74-15 postfix/qmgr[22260]: B1EFE9FECC15: removed Sep 13 00:34:14 lvps46-163-74-15 postfix/smtpd[6011]: disconnect from localhost.localdomain[127.0.0.1] ### From michael.abbott at apple.com Tue Sep 13 02:00:51 2011 From: michael.abbott at apple.com (Mike Abbott) Date: Mon, 12 Sep 2011 18:00:51 -0500 Subject: [Dovecot] two little fixes for 2.0.14 Message-ID: --- a/dovecot/src/lib-index/mail-index-view.c +++ b/dovecot/src/lib-index/mail-index-view.c @@ -9,7 +9,7 @@ void mail_index_view_clone(struct mail_index_view *dest, const struct mail_index_view *src) { - memset(dest, 0, sizeof(dest)); + memset(dest, 0, sizeof(*dest)); dest->refcount = 1; dest->v = src->v; dest->index = src->index; --- a/dovecot/src/lib-storage/mail-storage-service.c +++ b/dovecot/src/lib-storage/mail-storage-service.c @@ -870,7 +870,7 @@ } user = p_new(user_pool, struct mail_storage_service_user, 1); - memset(user_r, 0, sizeof(user_r)); + memset(user_r, 0, sizeof(*user_r)); user->pool = user_pool; user->input = *input; user->input.userdb_fields = NULL; From tss at iki.fi Tue Sep 13 02:10:29 2011 From: tss at iki.fi (Timo Sirainen) Date: Tue, 13 Sep 2011 02:10:29 +0300 Subject: [Dovecot] two little fixes for 2.0.14 In-Reply-To: References: Message-ID: <19B9A715-148B-4FCC-897F-D9F8CD5ECD77@iki.fi> On 13.9.2011, at 2.00, Mike Abbott wrote: > --- a/dovecot/src/lib-index/mail-index-view.c > +++ b/dovecot/src/lib-index/mail-index-view.c > @@ -9,7 +9,7 @@ > void mail_index_view_clone(struct mail_index_view *dest, > const struct mail_index_view *src) > { > - memset(dest, 0, sizeof(dest)); > + memset(dest, 0, sizeof(*dest)); > dest->refcount = 1; > dest->v = src->v; > dest->index = src->index; Luckily the only caller had it already cleared. Fixed anyway. > --- a/dovecot/src/lib-storage/mail-storage-service.c > +++ b/dovecot/src/lib-storage/mail-storage-service.c > @@ -870,7 +870,7 @@ > } > > user = p_new(user_pool, struct mail_storage_service_user, 1); > - memset(user_r, 0, sizeof(user_r)); > + memset(user_r, 0, sizeof(*user_r)); > user->pool = user_pool; > user->input = *input; > user->input.userdb_fields = NULL; Here the sizeof() is the same in both cases, but the entire memset() is rather pointless, so removed it. Did you find these with some tool, or grepping manually? :) From dovecot.user at seibercom.net Tue Sep 13 02:17:07 2011 From: dovecot.user at seibercom.net (Jerry) Date: Mon, 12 Sep 2011 19:17:07 -0400 Subject: [Dovecot] Sieve envelope :detail "to" "extention" does not deliver to fileinto destination In-Reply-To: <20110912224244.GA27446@none.at> References: <20110912171448.GB320@none.at> <20110912142239.7ec8eb49@scorpio> <20110912224244.GA27446@none.at> Message-ID: <20110912191707.42127757@scorpio> On Tue, 13 Sep 2011 00:42:44 +0200 Aleksandar Lazic articulated: > Dear Jerry, > > On Mon 12.09.2011 14:22, Jerry wrote: > >On Mon, 12 Sep 2011 19:14:48 +0200 > >Aleksandar Lazic articulated: > > > > > > > >> dovecot unix - n n - - pipe > >> flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f > >> ${sender} -d ${user}@${nexthop} -a ${original_recipient} > >> # flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f > >> ${sender} -d ${user}@${nexthop} -m ${extension} -a > >> ${original_recipient} > > > >I use plus addressing and this is the entry in the master.cf file > >from Postfix: > > > >dovecot unix - n n - - pipe > > flags=DRhu user=vmail:vmail > > argv=/usr/local/libexec/dovecot/deliver -f ${sender} -d > > ${user}@${nexthop} -a ${recipient} > > > >The "argv" could be different on your system; however the rest should > >be the same as mine I would assume. If you do make a change, you will > >have to restart Postfix for it to take effect. > > thanks for your info. > I have changed the -a to recipient but nothing changed. > > I have now changed the if statement to > > ### > if header :contains "Delivered-To" "pdnsusers" { > ### > > this works, but the best would be to be able to use > > ### > if envelope :contains :detail "to" "pdnsusers" { > ### > > Is there a command like 'print envelope' or something else to see what > variables and envelope deliver have? This is what I use, and it works fine. The example is something I use for FreeBSD. Example address: user+fbsd at example.com This is my sieve recipe: if envelope :detail "To" "fbsd" {fileinto "FreeBSD"; stop;} I hope this helps. -- Jerry ? Dovecot.user at seibercom.net Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __________________________________________________________________ Quidquid latine dictum sit, altum viditur. (Whatever is said in Latin sounds profound.) From mike at skew.org Tue Sep 13 05:55:34 2011 From: mike at skew.org (Mike Brown) Date: Mon, 12 Sep 2011 20:55:34 -0600 Subject: [Dovecot] signal 11 crash, sometimes, during mbox bz2 decompression In-Reply-To: <1315826932.7326.27.camel@hurina> References: <201108161100.p7GB0P3R073897@chilled.skew.org> <1314121664.10421.1314.camel@hurina> <4E6DC8FA.2050709@skew.org> <1315826932.7326.27.camel@hurina> Message-ID: <4E6EC626.2040305@skew.org> On 9/12/2011 5:28 AM, Timo Sirainen wrote: > Oh, wonder why no one else has complained about that. Fixed: > http://hg.dovecot.org/dovecot-2.0/rev/a930318a74a1 I tested this patch, and it's working like a charm. Thanks! From janfrode at tanso.net Tue Sep 13 09:34:12 2011 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Tue, 13 Sep 2011 08:34:12 +0200 Subject: [Dovecot] director ignoring director_mail_servers for lmtp connections In-Reply-To: <1315842951.89437.YahooMailNeo@web29120.mail.ird.yahoo.com> References: <1315842951.89437.YahooMailNeo@web29120.mail.ird.yahoo.com> Message-ID: <20110913063412.GA24399@oc1046828364.ibm.com> On Mon, Sep 12, 2011 at 04:55:51PM +0100, mailing lists wrote: > > how I can redirect incoming lmtp request to backend lmtp servers (and not just one)? what I'm missing here? > > director_mail_servers = 101.180.245.101 > director_servers = 101.180.245.101 Is this a loop maybe? director_mail_servers should list all your backend dovecot servers, space separated. Here's mine: director_mail_servers = 192.168.42.7 192.168.42.8 192.168.42.9 192.168.42.10 192.168.42.11 192.168.42.28 192.168.42.29 and director_servers should list all your director servers so that they can share info on where to direct each user, like: director_servers = 192.168.42.15 192.168.42.17 Then, if this is configured correctly "doveadm director status" should list your backend director_mail_servers: $ sudo doveadm director status mail server ip vhosts users 192.168.42.28 100 5220 192.168.42.29 100 4733 $ sudo doveadm director status janfrode at tanso.net Current: 192.168.42.28 (expires 2011-09-13 08:46:42) Hashed: 192.168.42.28 Initial config: 192.168.42.11 -jf From listas.correo at yahoo.es Tue Sep 13 10:45:34 2011 From: listas.correo at yahoo.es (mailing lists) Date: Tue, 13 Sep 2011 08:45:34 +0100 (BST) Subject: [Dovecot] director ignoring director_mail_servers for lmtp connections Message-ID: <1315899934.22565.YahooMailNeo@web29117.mail.ird.yahoo.com> On 09/13/2011 08:34 AM, Jan-Frode Myklebust wrote: > On Mon, Sep 12, 2011 at 04:55:51PM +0100, mailing lists wrote: >> >> director_mail_servers = 101.180.245.101 >> director_servers = 101.180.245.101 it works with imap connections, so I assumed it also would do it for lmtp. Sep 13 09:04:03 imap1 dovecot: imap-login: proxy(user001): started proxying to 10.180.245.101:143: user=, method=PLAIN, rip=::1, lip=:??? :1, secured > Is this a loop maybe?? director_mail_servers should list all > your backend dovecot servers, space separated. Here's mine: > > ??? director_mail_servers = 192.168.42.7 192.168.42.8 192.168.42.9 192.168.42.10 192.168.42.11 192.168.42.28 192.168.42.29 using only one director and backend would be fine for tests purposes (as it was with imap and not loops were formed) What I don't understand is why director insists in providing a proxy host from passdb when all it needs to do is pick the ones in director_mail_servers ?? Sep 12 17:14:13 imap1 dovecot: lmtp(25682): Error: proxy: host not given please could you post you lmtp configuration?? From pit11 at ukr.net Tue Sep 13 11:06:23 2011 From: pit11 at ukr.net (Peter Ignatov) Date: Tue, 13 Sep 2011 11:06:23 +0300 Subject: [Dovecot] Quota fs (don't start script quota-warning.sh) Message-ID: Hi, # doveadm -Dv quota get -u pit doveadm(pit): Debug: auth input: pit system_groups_user=pit uid=500 gid=500 home=/home/pit doveadm(pit): Debug: Effective uid=500, gid=500, home=/home/pit doveadm(pit): Debug: Quota root: name=INBOX backend=fs args=mount=/var/spool/mail doveadm(pit): Debug: Quota rule: root=INBOX mailbox=* bytes=19922944 messages=0 doveadm(pit): Debug: Quota warning: bytes=3984588 (20%) messages=0 reverse=no command=quota-warning 20 pit doveadm(pit): Debug: fs: root=/home/pit/mail, index=, control=, inbox=/var/spool/mail/pit doveadm(pit): Debug: fs quota add mailbox dir = /var/spool/mail doveadm(pit): Debug: fs quota block device = /dev/mapper/mpath1p1 doveadm(pit): Debug: fs quota mount point = /var/spool/mail doveadm(pit): Debug: fs quota mount type = ext2 Quota name Type Value Limit % INBOX STORAGE 4824 19456 24 But don't start script quota-warning.sh: #!/bin/sh PERCENT=$1 USER=$2 cat << EOF | /usr/libexec/dovecot/dovecot-lda -d $USER -o "plugin/quota=fs:INBOX:mount=/var/spool/mail:noenforcing" From: postmaster at domen.org Subject: quota warning Your mailbox is now $PERCENT% full. EOF #dovecot -n # 2.0.13: /etc/dovecot/dovecot.conf # OS: Linux 2.6.18-274.3.1.el5.asp121 x86_64 Red Hat Enterprise Linux Server release 5.6 (Tikanga) disable_plaintext_auth = no listen = * log_path = /var/log/dovecot.log mail_debug = yes mail_location = mbox:~/mail:INBOX=/var/spool/mail/%u mail_plugins = quota mail_privileged_group = mail mbox_write_locks = fcntl passdb { driver = pam } plugin { quota = fs:INBOX:mount=/var/spool/mail quota_rule = *:storage=19456 quota_warning = storage=20%% quota-warning 20 %u } protocols = pop3 service quota-warning { executable = script /usr/local/bin/quota-warning.sh unix_listener quota-warning { mode = 0666 } user = root } ssl_cert = References: Message-ID: <1315901546.10952.3.camel@hurina> On Tue, 2011-09-13 at 11:06 +0300, Peter Ignatov wrote: > Hi, > > # doveadm -Dv quota get -u pit > doveadm(pit): Debug: auth input: pit system_groups_user=pit uid=500 gid=500 home=/home/pit > doveadm(pit): Debug: Effective uid=500, gid=500, home=/home/pit > doveadm(pit): Debug: Quota root: name=INBOX backend=fs args=mount=/var/spool/mail > doveadm(pit): Debug: Quota rule: root=INBOX mailbox=* bytes=19922944 messages=0 > doveadm(pit): Debug: Quota warning: bytes=3984588 (20%) messages=0 reverse=no command=quota-warning 20 pit > Quota name Type Value Limit % > INBOX STORAGE 4824 19456 24 > > But don't start script quota-warning.sh: Have you read (and understood) when the quota warning gets run? Just because you're over quota now doesn't mean that the script is going to be run. http://wiki2.dovecot.org/Quota/Configuration#Quota_warnings (It's possible that there's a bug here with FS quota since no one's probably tried it before, but it's a lot of trouble for me to actually test that..) From listas.correo at yahoo.es Tue Sep 13 11:34:22 2011 From: listas.correo at yahoo.es (mailing lists) Date: Tue, 13 Sep 2011 09:34:22 +0100 (BST) Subject: [Dovecot] director ignoring director_mail_servers for lmtp connections Message-ID: <1315902862.4818.YahooMailNeo@web29104.mail.ird.yahoo.com> Hello, it works!! I was missing this line "auth_socket_path = director-userdb" Sep 13 10:26:12 imap1 dovecot: auth: Debug: master in: PASS?? 1?????? user001 at example.com ?? service=lmtp??? lip=100.180.245.101????? lport=1024? 8 Sep 13 10:26:12 imap1 dovecot: auth: Debug: static(user001 at example.com,100.180.242.38): lookup Sep 13 10:26:12 imap1 dovecot: auth: Debug: password(user001 at example.com,100.180.242.38): Credentials: Sep 13 10:26:12 imap1 dovecot: auth: Debug: master out: PASS? 1?????? user=user001 at example.com ????? proxy?? port=24 Sep 13 10:26:12 imap1 dovecot: lmtp(29659): Debug: auth input: user=user001 at example.com proxy port=24 host=100.180.245.101 proxy_refresh=450 Sep 13 10:26:12 imap1 dovecot: lmtp(29658): Debug: none: root=, index=, control=, inbox=, alt= Sep 13 10:26:12 imap1 dovecot: lmtp(29658): Connect from 100.180.245.101 full config for the archives: # dovecot? -c /etc/dovecot-director/dovecot.conf -n # 2.0.14: /etc/dovecot-director/dovecot.conf # OS: Linux 2.6.34.7-0.7-xen x86_64 openSUSE 11.3 (x86_64) auth_debug = yes auth_debug_passwords = yes auth_verbose = yes auth_verbose_passwords = plain base_dir = /var/run/dovecot-director/ director_mail_servers = 100.180.245.101 director_servers = 100.180.245.101 disable_plaintext_auth = no lmtp_proxy = yes mail_debug = yes mail_fsync = always mail_gid = 5000 mail_nfs_index = yes mail_nfs_storage = yes mail_plugins = acl mail_uid = 5000 managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy ine mmap_disable = yes passdb { ? args = proxy=y nopassword=y ? driver = static } plugin { ? acl = vfile ? sieve = ~/.dovecot.sieve ? sieve_dir = ~/sieve } protocols = imap lmtp service auth { ? unix_listener auth-userdb { ??? group = vmail ??? mode = 0666 ??? user = vmail ? } } service director { ? fifo_listener login/proxy-notify { ??? mode = 0666 ? } ? inet_listener { ??? port = 9090 ? } ? unix_listener director-userdb { ??? mode = 0666 ? } ? unix_listener login/director { ??? mode = 0666 ? } } service imap-login { ? executable = imap-login director ? inet_listener imap { ??? port = 10143 ? } } service lmtp { ? inet_listener lmtp { ??? port = 1024 ? } } ssl = no verbose_proctitle = yes protocol lmtp { ? auth_socket_path = director-userdb ? passdb { ??? args = proxy=y nopassword=y port=24 ??? driver = static ? } } protocol imap { ? mail_max_userip_connections = 100 } From tss at iki.fi Tue Sep 13 11:39:37 2011 From: tss at iki.fi (Timo Sirainen) Date: Tue, 13 Sep 2011 11:39:37 +0300 Subject: [Dovecot] 2.1: imapc SUBSCRIBE problem In-Reply-To: References: <1315563414.3876.50.camel@hurina> <20110909102128.GA762256@gabi.sernet.de> <20110909144349.GA846637@gabi.sernet.de> <1315822557.7326.0.camel@hurina> Message-ID: <1315903179.10952.4.camel@hurina> On Tue, 2011-09-13 at 00:10 +0200, Lutz Pre?ler wrote: > On Mo, 12 Sep 2011, Timo Sirainen wrote: > > On 12.9.2011, at 21.15, Lutz Pre?ler wrote: > > > Not really. No error on SUBSCRIBE anymore, but it does not work > > > permanently: > > > > > > 0 lsub "" "*" > > > * LSUB () "." "INBOX.test.test2" > > > [... further entries ...] > > > 0 OK Lsub completed. > > > 0 subscribe "INBOX.gmail.[Gmail].Spam" > > > 0 OK Subscribe completed. > > > <--- now subscriptions file includes > > > "gmail.[Gmail]/Spam" > The problem seems to be the different separators (I missed the "/" > earlier). First level mailboxes on gmail do work (I mixed it up... > INBOX.gmail.INBOX is fine, as is INBOX.gmail.test). Fixed: http://hg.dovecot.org/dovecot-2.1/rev/f3eb6cc4b627 > I also tested subscriptions=yes now. That works as expected. (Some glitch > with "INBOX.gmail.[Gmail]" not beeing UNSUBSCRIBEbable when \Noselect, > but that's probably a Gmail IMAP problem). Fixed: http://hg.dovecot.org/dovecot-2.1/rev/50d0906b556f From cgregoir99 at yahoo.com Tue Sep 13 11:59:08 2011 From: cgregoir99 at yahoo.com (Christian Gregoire) Date: Tue, 13 Sep 2011 09:59:08 +0100 (BST) Subject: [Dovecot] Dovecot and Lustre FS Message-ID: <1315904348.54893.YahooMailNeo@web29004.mail.ird.yahoo.com> Hello, Right now, I'm using Exim and a customized version of an old?(10 years old)?Atmail POP3 server written in Perl, with ~10000 mailboxes located on a?Lustre file system.?So far so good. Though, I plan to migrate from Atmail to Dovecot, to provide our customers with IMAP support. Has anyone any experience with Dovecot on Lustre FS ? Thanks Christian ? From tss at iki.fi Tue Sep 13 12:04:43 2011 From: tss at iki.fi (Timo Sirainen) Date: Tue, 13 Sep 2011 12:04:43 +0300 Subject: [Dovecot] Dovecot and Lustre FS In-Reply-To: <1315904348.54893.YahooMailNeo@web29004.mail.ird.yahoo.com> References: <1315904348.54893.YahooMailNeo@web29004.mail.ird.yahoo.com> Message-ID: <1315904688.10952.6.camel@hurina> On Tue, 2011-09-13 at 09:59 +0100, Christian Gregoire wrote: > Right now, I'm using Exim and a customized version of an old (10 years > old) Atmail POP3 server written in Perl, with ~10000 mailboxes located > on a Lustre file system. So far so good. > > Though, I plan to migrate from Atmail to Dovecot, to provide our > customers with IMAP support. Has anyone any experience with Dovecot on > Lustre FS ? If there's just one Dovecot server accessing mails, there shouldn't be any problems. If there are more, you should read http://wiki2.dovecot.org/MailLocation/SharedDisk and stress test the same mailbox at the same time from 2+ servers using http://imapwiki.org/ImapTest From tss at iki.fi Tue Sep 13 12:11:04 2011 From: tss at iki.fi (Timo Sirainen) Date: Tue, 13 Sep 2011 12:11:04 +0300 Subject: [Dovecot] MySQL, map files In-Reply-To: <1315851815.71073.YahooMailNeo@web39415.mail.mud.yahoo.com> References: <1315525950.915.YahooMailNeo@web39420.mail.mud.yahoo.com> <1315828341.7326.35.camel@hurina> <1315851815.71073.YahooMailNeo@web39415.mail.mud.yahoo.com> Message-ID: <1315905064.10952.10.camel@hurina> On Mon, 2011-09-12 at 11:23 -0700, Steve Fatula wrote: > >> http://dovecot.org/patches/1.2/ldap/HOWTO_dictldap+extdata.txt > >> > >> > >> You will see lots of statements, not sure which ones can be used for > >> MySQL (instead of LDAP). > > > > That patch's mapping references to Pigeonhole's extdata plugin. If you > > install that plugin you can use SQL or flat file for the same maps. > > > > > Ok, so, now we get to the issue. What syntax can be used for the extdata plugin? > > If I have an existing MySQL table with the structure: > > username > preference > value > > Username would be the dovecot user name. preference would be a constant, and, value is the variable I want to set via the extdata plugin. The primary key is username + preference (constant, in this case, say it's set to "POP3"). I want to use extdata to retrieve that value. Can it be done using extdata and MySQL map syntax, and if so, can you provide an example? Can I specify the query itself (i.e., select value from table t, another table at where....) Well, there are two fields that you need to map: responder_mode and responder_text (explained in the .txt file). Lets assume you have those two fields in an SQL table named responders. The maps would then be: map { pattern = priv/responder_mode table = responders username_field = username value_field = responder_mode } map { pattern = priv/responder_text table = responders username_field = username value_field = responder_text } You can change anything above except the patterns. From tss at iki.fi Tue Sep 13 12:45:26 2011 From: tss at iki.fi (Timo Sirainen) Date: Tue, 13 Sep 2011 12:45:26 +0300 Subject: [Dovecot] mysql auth failover failing In-Reply-To: <4E6E6AE9.6040105@acm.org> References: <4E6ACC6C.6020200@acm.org> <1315830646.7326.46.camel@hurina> <4E6E6AE9.6040105@acm.org> Message-ID: <1315907129.10952.12.camel@hurina> On Mon, 2011-09-12 at 13:26 -0700, Paul B. Henson wrote: > > I'll try to debug this soon. > > Thanks; let me know if there's anything I could do to help, or if there > are any potential fixes you would like tested. I can't seem to be able to reproduce this. It always connects to the second MySQL without any user visible errors. What does it log with the attached debug patch? -------------- next part -------------- A non-text attachment was scrubbed... Name: diff Type: text/x-patch Size: 3408 bytes Desc: not available URL: From ibrahim.harrani at gmail.com Tue Sep 13 13:53:59 2011 From: ibrahim.harrani at gmail.com (Ibrahim Harrani) Date: Tue, 13 Sep 2011 13:53:59 +0300 Subject: [Dovecot] "Waiting for authentication process to respond" for invalid users with auth_dovecot Message-ID: Hi, I am testing dovecot 2.0.13 and 2.0.14 with qmail-ldap and auth_dovecot patch. If i login to dovecot (pop3/imap) with correct user and password. no problem, I can login immediately. but if I try with nonexistant user, dovecot does not immediate answer, wait for a while and says "Waiting for authentication process to respond." auth_dovecot process remains working in the background. How can I avoid this situation? # telnet 0 143 Trying 0.0.0.0... Connected to 0. Escape character is '^]'. * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS AUTH=PLAIN] Dovecot ready. o login validuser validpass o OK [CAPABILITY IMAP4rev1 LITERAL+ SASL o login validuser wrongpass o NO [UNAVAILABLE] Temporary authentication failure. o login non-existant anypass * OK Waiting for authentication process to respond.. Here is output of dovecot -n # OS: Linux 2.6.32-71.el6.x86_64 x86_64 CentOS Linux release 6.0 (Final) auth_debug = yes auth_verbose = yes base_dir = /var/run/dovecot disable_plaintext_auth = no first_valid_gid = 100 last_valid_gid = 65000 last_valid_uid = 65000 listen = * log_path = /var/log/dovecot mail_debug = yes mail_location = maildir:~/Maildir passdb { args =/opt/qmail/smtp/bin/auth_dovecot ./Maildir/ driver = checkpassword } plugin { mechanisms = plain login quota = maildir } protocols = imap pop3 service imap-login { inet_listener imaps { port = 993 ssl = yes } process_min_avail = 1 } service imap-postlogin { executable = script-login /opt/qmail/scripts/dovecotpostlogin.sh } service imap { executable = imap imap-postlogin } service pop3-login { inet_listener pop3s { port = 995 ssl = yes } process_min_avail = 1 } ssl_cert = References: <1315904348.54893.YahooMailNeo@web29004.mail.ird.yahoo.com> Message-ID: <4E6F4EAE.30303@iinet.com.au> Hi Gregoire, > [..] with ~10000 mailboxes located on a Lustre file system. So far so good. This may be a bit off topic but... I thought that a lustre filesystem was not designed to store a lot of small files (e.g: due to MDS inodes) Can you tell us more about your experience ? Thomas From marcin at mejor.pl Tue Sep 13 16:42:16 2011 From: marcin at mejor.pl (=?UTF-8?B?TWFyY2luIE1pcm9zxYJhdw==?=) Date: Tue, 13 Sep 2011 15:42:16 +0200 Subject: [Dovecot] Problem with configuring dovecot to take namespaces from database In-Reply-To: <1315822918.7326.5.camel@hurina> References: <4E6782CB.1060803@mejor.pl> <04EE142A-25EF-4018-A8AB-C3A35CDF7B4E@iki.fi> <4E6786CF.2020102@mejor.pl> <4E678B66.60602@mejor.pl> <8F07F485-4BC4-40E5-A520-7F59C87A7863@iki.fi> <4E688A28.1090800@mejor.pl> <1315474812.3876.23.camel@hurina> <4E68A060.8090306@mejor.pl> <1315487921.3876.40.camel@hurina> <4E69F758.8050008@mejor.pl> <1315822918.7326.5.camel@hurina> Message-ID: <4E6F5DB8.60201@mejor.pl> W dniu 12.09.2011 12:21, Timo Sirainen pisze: > Not exactly like that, but you should be able to have a field called > "userdb_import" that contains data like: > > namespace=n1 n2namespace/n1/prefix=blah.etc. other fields > > Thes would of course have to be actual tab characters. Cool. I've changed field separator in db to more visible for human eyes, next i do replace in sql to tab and works good. Thank you for help! Regards, Marcin From cgregoir99 at yahoo.com Tue Sep 13 16:58:24 2011 From: cgregoir99 at yahoo.com (Christian Gregoire) Date: Tue, 13 Sep 2011 14:58:24 +0100 (BST) Subject: [Dovecot] Re : Dovecot and Lustre FS In-Reply-To: <4E6F4EAE.30303@iinet.com.au> References: <1315904348.54893.YahooMailNeo@web29004.mail.ird.yahoo.com> <4E6F4EAE.30303@iinet.com.au> Message-ID: <1315922304.12541.YahooMailNeo@web29005.mail.ird.yahoo.com> >> [..] with ~10000 mailboxes located on a Lustre file system. So far so good. >This may be a bit off topic but... I thought that a lustre filesystem was not designed to store a lot of small files (e.g: due to MDS inodes) >Can you tell us more about your experience ? Hi Thomas, We've developped our own MDA, and customized the POP server, thus for a given email, headers are stored in a MySQL database and the whole message (headers+body, mbox format) in the Lustre FS, in a directory based on the last 3 digits of its internal id (MySQL autoincrement) : 000 ?\_986544000 <- one email ?\_852125000 ??[...] 001 ?\_780284001 ?\_986545001 ??[...] [...] 999 ?\_489288999 ?\_326541999 ??[...] As we only provide POP support, we reach a maximum of 2500 files per directory. Lustre version is 1.4, with one MDS and 3 OST. We have 9 SMTP/POP servers connected to the LFS. Indeed, I have many concerns about IMAP+Lustre. For example,?should I use mbox or maildir ? I'd go with the second one but really don't know how Lustre would behave with potentially tens of thousands of files in one directory (according to the Lustre FAQ, it should perform fine :?http://wiki.lustre.org/index.php/FAQ_-_Sizing), but ... I've been through some previous posts (http://dovecot.org/list/dovecot/2010-January/046106.html and?http://www.dovecot.org/list/dovecot/2010-March/047673.html) and I'm also wondering whether I should switch to another FS. Any advice ? What is the most widely used clustered FS with Dovecot ?? Thanks in avance for sharing your experience. Christian From tss at iki.fi Tue Sep 13 17:06:20 2011 From: tss at iki.fi (Timo Sirainen) Date: Tue, 13 Sep 2011 17:06:20 +0300 Subject: [Dovecot] Re : Dovecot and Lustre FS In-Reply-To: <1315922304.12541.YahooMailNeo@web29005.mail.ird.yahoo.com> References: <1315904348.54893.YahooMailNeo@web29004.mail.ird.yahoo.com> <4E6F4EAE.30303@iinet.com.au> <1315922304.12541.YahooMailNeo@web29005.mail.ird.yahoo.com> Message-ID: <0621D64A-1E76-41AE-A1A6-9D6ECBF2299A@iki.fi> On 13.9.2011, at 16.58, Christian Gregoire wrote: > Indeed, I have many concerns about IMAP+Lustre. For example, should I use mbox or maildir ? I'd go with the second one but really don't know how Lustre would behave with potentially tens of thousands of files in one directory (according to the Lustre FAQ, it should perform fine : http://wiki.lustre.org/index.php/FAQ_-_Sizing), but ... You should try Dovecot's mdbox format. From Lutz.Pressler at SerNet.DE Tue Sep 13 19:12:37 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Tue, 13 Sep 2011 18:12:37 +0200 Subject: [Dovecot] imapc and imap_acl Message-ID: Hello (Timo), yes, I know... maybe it's a bit far fetched, but I do have a use case. Would it be (reasonably easily) possible to implement IMAP ACL support for "imported" imapc namespaces/mailboxes? There is no local directory (like with the virtual plugin) yet... Greetings, Lutz -- Lutz Pre?ler http://www.SerNet.DE/ SerNet Service Network GmbH, Bahnhofsallee 1b, D-37081 G?ttingen Tel.: +49-551-370000-2, FAX: +49-551-370000-9 AG G?ttingen, HRB 2816, GF: Dr. Johannes Loxen From tss at iki.fi Tue Sep 13 19:22:03 2011 From: tss at iki.fi (Timo Sirainen) Date: Tue, 13 Sep 2011 19:22:03 +0300 Subject: [Dovecot] imapc and imap_acl In-Reply-To: References: Message-ID: <57674CC7-1F64-4131-98C6-45CF8B54F23B@iki.fi> On 13.9.2011, at 19.12, Lutz Pre?ler wrote: > yes, I know... maybe it's a bit far fetched, but I do have a use case. > Would it be (reasonably easily) possible to implement IMAP ACL > support for "imported" imapc namespaces/mailboxes? > There is no local directory (like with the virtual plugin) yet... You mean you'd want local ACLs that apply to imapc mailboxes? I think that should work. For example if you set: mail_location = imapc:~/imapc Then for mailbox foo/bar the ACL file should be in ~/imapc/.foo.bar/dovecot-acl "Proxying" remote IMAP ACLs isn't possible and I'm not sure how that could be nicely implemented. From Lutz.Pressler at SerNet.DE Tue Sep 13 19:46:31 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Tue, 13 Sep 2011 18:46:31 +0200 Subject: [Dovecot] imapc and imap_acl In-Reply-To: <57674CC7-1F64-4131-98C6-45CF8B54F23B@iki.fi> References: <57674CC7-1F64-4131-98C6-45CF8B54F23B@iki.fi> Message-ID: On Di, 13 Sep 2011, Timo Sirainen wrote: > On 13.9.2011, at 19.12, Lutz Pre?ler wrote: > > > yes, I know... maybe it's a bit far fetched, but I do have a use case. > > Would it be (reasonably easily) possible to implement IMAP ACL > > support for "imported" imapc namespaces/mailboxes? > > There is no local directory (like with the virtual plugin) yet... > > You mean you'd want local ACLs that apply to imapc mailboxes? Yes, exactly. Great for "integrating" legacy IMAP servers without e.g. ACL support. > I think that should work. For example if you set: > > mail_location = imapc:~/imapc Oh, had not realized that a path argument is possible for imapc:. There are even index file then... > > Then for mailbox foo/bar the ACL file should be in ~/imapc/.foo.bar/dovecot-acl It almost works: Sep 13 18:37:58 hhh dovecot: imap(4482, uuu): Error: file_dotlock_open(/home/uuu/Maildir/gmail/.[Gmail].Alle Nachrichten /dovecot-acl) failed: No such file or directory After manually creating the ".[Gmail].Alle Nachrichten" directory, SETACL succeeds. > > "Proxying" remote IMAP ACLs isn't possible and I'm not sure how that could be nicely implemented. Would surely have it's use, too (but not here at the moment). Thanks, Lutz From Lutz.Pressler at SerNet.DE Tue Sep 13 19:58:31 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Tue, 13 Sep 2011 18:58:31 +0200 Subject: [Dovecot] multiple "imapc namespaces" Re: imapc and imap_acl In-Reply-To: <20110913164631.GA1874905@gabi.sernet.de> References: <57674CC7-1F64-4131-98C6-45CF8B54F23B@iki.fi> <20110913164631.GA1874905@gabi.sernet.de> Message-ID: On Tue, 13 Sep 2011, Lutz Pre?ler wrote: > On Di, 13 Sep 2011, Timo Sirainen wrote: > > mail_location = imapc:~/imapc > Oh, had not realized that a path argument is possible for imapc:. There are > even index file then... What about taking imapc parameters/credentials optionally from a file in this directory (like dovecot-virtual)? Lutz From al-dovecot at none.at Tue Sep 13 20:07:10 2011 From: al-dovecot at none.at (Aleksandar Lazic) Date: Tue, 13 Sep 2011 19:07:10 +0200 Subject: [Dovecot] Sieve envelope :detail "to" "extention" does not deliver to fileinto destination In-Reply-To: <20110912191707.42127757@scorpio> References: <20110912171448.GB320@none.at> <20110912142239.7ec8eb49@scorpio> <20110912224244.GA27446@none.at> <20110912191707.42127757@scorpio> Message-ID: <20110913170709.GA31770@none.at> On Mon 12.09.2011 19:17, Jerry wrote: >On Tue, 13 Sep 2011 00:42:44 +0200 >Aleksandar Lazic articulated: [snip] >> ### >> if envelope :contains :detail "to" "pdnsusers" { >> ### >> >> Is there a command like 'print envelope' or something else to see >> what variables and envelope deliver have? > >This is what I use, and it works fine. The example is something I use >for FreeBSD. > >Example address: user+fbsd at example.com > >This is my sieve recipe: > >if envelope :detail "To" "fbsd" {fileinto "FreeBSD"; stop;} > >I hope this helps. Thanks for you help. I haven't solved the issue, I moved to if header :contains "to" "pdnsusers" { fileinto "Lists.pdnsusers"; } Cheers Aleks From james.r.carr at gmail.com Tue Sep 13 20:24:38 2011 From: james.r.carr at gmail.com (James Carr) Date: Tue, 13 Sep 2011 12:24:38 -0500 Subject: [Dovecot] Migrating a dovecot setup from one server to another Message-ID: Hi All, I have a server with a dovecot + postfix setup and unfortunately the server is EOL'd. I have built a new ubuntu server out and I'm in the process of migrating everything over. In migrating the dovecot setup over, this is the list of items I have done: install dovecot, postfix, etc on the new server copy configuration files over copy /var/spool and /var/mail over Is there anything else I need to consider before switching MX records to point to the new server? Thanks, James From niksfirefly at net2000.pl Tue Sep 13 20:34:35 2011 From: niksfirefly at net2000.pl (Maciek Jackowski) Date: Tue, 13 Sep 2011 19:34:35 +0200 Subject: [Dovecot] any drawbacks with using Mailbox sharing with symlinks??? Message-ID: are there any drawbacks with using Mailbox sharing with symlinks??? based on: http://wiki.dovecot.org/SharedMailboxes/Symlinks I got virtual users with same permission unix user/group and didnt noticed any drawbacks yet but i want to ask From micah at riseup.net Tue Sep 13 23:16:28 2011 From: micah at riseup.net (Micah Anderson) Date: Tue, 13 Sep 2011 16:16:28 -0400 Subject: [Dovecot] quota percents References: <87sjo5wkfy.fsf@algae.riseup.net> <1315824208.7326.21.camel@hurina> <8739g1ka62.fsf@algae.riseup.net> Message-ID: <87wrdcfbab.fsf@algae.riseup.net> Timo Sirainen writes: > On 12.9.2011, at 19.17, Micah Anderson wrote: > >>>> However, it doesn't seem to work in practice, because I have a user that >>>> is at 99% of quota, with nothing in the Trash who cannot move a 77KB >>>> message into the Trash without getting the quota_exceeded message and >>>> refusing to move it. >>> >>> dovecot -n output? >> >> namespace { >> inbox = yes >> location = >> prefix = >> separator = . >> } >> namespace { >> hidden = yes >> inbox = no >> list = no >> location = >> prefix = INBOX. >> separator = . >> } > > Maybe the client is using the INBOX. namespace and trying to copy to INBOX.Trash instead of Trash? You could try adding another quota rule for INBOX.Trash. I should probably also change the quota code to follow "alias_for" directives. Then you could have only a single Trash, if you add "alias_for = " to the INBOX. namespace. ok, I made an INBOX.Trash quota rule: 90-quota.conf: quota_rule = *:bytes=24117248 90-quota.conf: quota_rule2 = Trash:bytes=+10%% 90-quota.conf: quota_rule2 = INBOX.Trash:bytes=+10%% 90-quota.conf: quota_rule3 = INBOX.Spam:bytes=+20%% and that seemed to solve the problem! micah ps - its very annoying to test quota with thunderbird, it doesn't update the information very reliably. -- From stephan at rename-it.nl Tue Sep 13 23:56:09 2011 From: stephan at rename-it.nl (Stephan Bosch) Date: Tue, 13 Sep 2011 22:56:09 +0200 Subject: [Dovecot] Released Pigeonhole v0.2.4 for Dovecot v2.0.14 Message-ID: <4E6FC369.1090506@rename-it.nl> Hello Dovecot users, I release a new version of Pigeonhole tonight. This release extends the configuration capabilities of the include and vacation extensions, adds the ihave extension (RFC 5463), and fixes a few small other things. Judging by Timo's plans, this will be one of the last feature releases for Dovecot v2.0, since I'll be switching active development to Dovecot v2.1 once that matures a little more. Changelog v0.2.4: + Vacation extension: finally added support for using the original recipient in vacation address check. It is also possible to disable the recipient address check entirely. Check doc/vacation.txt for configuration information. + Include extension: made limits on the include depth and the total number of included scripts configurable. Check doc/include.txt for configuration information. + Implemented ihave extension. This allows checking for the availability of Sieve language extensions at 'runtime'. Actually, this is checked at compile time. At runtime the interpreter checks whether extensions that were not previously available are still unavailable. If the situation changed, the script is re-compiled and the ihave tests are evaluated again. + Sieve: optimized compilation of tests that yield constant results (i.e. known at compile tme), such as 'true' and 'false'. No code is produced anymore for script sections that are never executed. Also, semantics are not verified anymore in uncompiled script sections. + Made vnd.dovecot.debug extension available to the LDA plugin instead of only the command line tools. + Sieve: redirect action now adds X-Sieve-Redirected-From header (mainly for people using SPF/SRS). - Sieve: fixed bug in handling flags and keywords; in case of error an assertion was triggered. - Script storage: improved handling of unconfigured user home directory. Originally this would produce an unhelpful error message. - Imap4flags extension: prevent forcibly enabling imap4flags when imapflags is enabled. - Fixed various -Wunused-but-set-variable compiler warnings. - Include extension: forgot to check variable identifier syntax for 'global' command. - Sieve: fixed debug mode; no messages were logged in some situations. - sievec tool: forgot to enable -D (debug) parameter. The release is available as follows: http://www.rename-it.nl/dovecot/2.0/dovecot-2.0-pigeonhole-0.2.4.tar.gz http://www.rename-it.nl/dovecot/2.0/dovecot-2.0-pigeonhole-0.2.4.tar.gz.sig Refer to http://pigeonhole.dovecot.org and the Dovecot v2.0 wiki for more information. Have fun testing this new release and don't hesitate to notify me when there are any problems. Regards, -- Stephan Bosch stephan at rename-it.nl From simon.brereton at buongiorno.com Wed Sep 14 00:47:18 2011 From: simon.brereton at buongiorno.com (Simon Brereton) Date: Tue, 13 Sep 2011 17:47:18 -0400 Subject: [Dovecot] Mails repopping In-Reply-To: <021d01cc715d$015f9400$041ebc00$@brereton@buongiorno.com> References: <004b01cc6f13$04a166d0$0de43470$@brereton@buongiorno.com> <1315823847.7326.17.camel@hurina> <021d01cc715d$015f9400$041ebc00$@brereton@buongiorno.com> Message-ID: <03a601cc725e$b66bc470$23434d50$@brereton@buongiorno.com> > -----Original Message----- > From: dovecot-bounces at dovecot.org [mailto:dovecot- > bounces at dovecot.org] On Behalf Of Simon Brereton > > -----Original Message----- > > From: Timo Sirainen [mailto:tss at iki.fi] On Fri, 2011-09-09 at 13:07 > > -0400, Simon Brereton wrote: > > > > > I have a server that's been running Courier for about 6 years and > > in > > > all that time I think I've only ever had 1 issues where an entire > > mail > > > box was repopped by a webmail client. However, since moving to a > > new > > > server and dovecot 4 weeks ago, I've now had the webmail client > > repop > > > this account 4 times (there are about 230 mails in the account). > > > > > > Is there a setting I need to tighten to prevent/remedy this? I > > have > > > no idea if it's happening on other accounts, but this is one that > I > > > see. The format is maildir. There has been no changes to the > > webmail > > > client. > > > > dovecot -n output would have been nice. Also do you see anything in > > error logs? > > Ah. My apologies of course. Here it is.. > > mail:~# dovecot -n > # 1.2.15: /etc/dovecot/dovecot.conf > # OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.2 ext3 > log_timestamp: %Y-%m-%d %H:%M:%S > protocols: imap imaps pop3 pop3s > ssl_ca_file: /etc/ssl/keys/rhodes-ca.crt > ssl_cert_file: /etc/ssl/keys/mail.domain.net.crt > ssl_key_file: /etc/ssl/private/mail.domain.net.key > disable_plaintext_auth: no > login_dir: /var/run/dovecot/login > login_executable(default): /usr/lib/dovecot/imap-login > login_executable(imap): /usr/lib/dovecot/imap-login > login_executable(pop3): /usr/lib/dovecot/pop3-login > mail_privileged_group: mailsystem > mail_location: maildir:/var/spool/mail/virtual/%d/%n > maildir_very_dirty_syncs: yes > mbox_write_locks: fcntl dotlock > mail_executable(default): /usr/lib/dovecot/imap > mail_executable(imap): /usr/lib/dovecot/imap > mail_executable(pop3): /usr/lib/dovecot/pop3 > mail_plugins(default): quota imap_quota > mail_plugins(imap): quota imap_quota > mail_plugins(pop3): quota > mail_plugin_dir(default): /usr/lib/dovecot/modules/imap > mail_plugin_dir(imap): /usr/lib/dovecot/modules/imap > mail_plugin_dir(pop3): /usr/lib/dovecot/modules/pop3 > imap_client_workarounds(default): outlook-idle delay-newmail > imap_client_workarounds(imap): outlook-idle delay-newmail > imap_client_workarounds(pop3): > pop3_client_workarounds(default): > pop3_client_workarounds(imap): > pop3_client_workarounds(pop3): outlook-no-nuls oe-ns-eoh > lda: > postmaster_address: postmaster at domain.net > mail_plugins: quota > log_path: > info_log_path: > deliver_log_format: msgid=%m: %f: %$ > auth default: > mechanisms: plain login > user: mailsystem > verbose: yes > passdb: > driver: sql > args: /etc/dovecot/dovecot-sql.conf > userdb: > driver: prefetch > userdb: > driver: static > args: uid=999 gid=115 home=/var/spool/mail/virtual/%d/%n > allow_all_users=yes > socket: > type: listen > client: > path: /var/spool/postfix/private/auth > mode: 432 > user: postfix > group: mailsystem > master: > path: /var/run/dovecot/auth-master > mode: 432 > user: mailsystem > group: mailsystem > plugin: > quota: maildir > > Could you make dovecot -n munge the certificate and postmaster email > addresses? I'm not comfortable with that floating on the internet.. > > The only thing I have in the logs is 2 sessions where mail was popped > (note, it doesn't even add up to the 183 messages in the mail box). > But those sessions are vastly longer than the regular ones (tens of > minutes compared to a few seconds). Since both IPs are on the back- > bone, that's quite a while to download 100 mails (none of which are > over > > Sep 11 21:36:25 mail dovecot: pop3-login: Login: > user=, method=PLAIN, rip=64.88.168.84, > lip=83.170.65.xxx, TLS Sep 11 21:36:34 mail dovecot: > POP3(user at domain.com): Disconnected: Logged out top=0/0, retr=0/0, > del=0/183, size=14025971 Sep 11 21:43:44 mail dovecot: pop3-login: > Login: user=, method=PLAIN, rip=64.88.168.84, > lip=83.170.65.xxx, TLS Sep 11 21:44:54 mail dovecot: > POP3(user at domain.com): Disconnected: Logged out top=0/0, retr=0/0, > del=0/183, size=14025971 Sep 11 21:52:31 mail dovecot: pop3-login: > Login: user=, method=PLAIN, rip=64.88.168.84, > lip=83.170.65.xxx, TLS Sep 11 22:56:01 mail dovecot: > POP3(user at domain.com): Disconnected: Logged out top=0/0, > retr=100/9182678, del=0/183, size=14025971 Sep 11 23:08:58 mail > dovecot: pop3-login: Login: user=, method=PLAIN, > rip=64.88.168.84, lip=83.170.65.xxx, TLS Sep 11 23:37:57 mail > dovecot: POP3(user at domain.com): Disconnected: Logged out top=0/0, > retr=75/4748674, del=0/183, size=14025971 Sep 12 00:04:11 mail > dovecot: pop3-login: Login: user=, method=PLAIN, > rip=64.88.168.84, lip=83.170.65.xxx, TLS Sep 12 00:04:26 mail > dovecot: POP3(user at domain.com): Disconnected: Logged out top=0/0, > retr=0/0, del=0/183, size=14025971 Sep 12 00:07:40 mail dovecot: > pop3-login: Login: user=, method=PLAIN, > rip=64.88.168.84, lip=83.170.65.xxx, TLS Sep 12 00:07:53 mail > dovecot: POP3(user at domain.com): Disconnected: Logged out top=0/0, > retr=0/0, del=0/183, size=14025971 > > > > If you're using the default pop3_uidl_format it'll rely on IMAP > UIDs > > to stay the same, and I guess it's possible that due to some other > > problem they change (that should be logged as an error/warning > > though). > > > > You could try setting pop3_uidl_format=%f, but it will cause > everyone > > to redownload mails. With newer Dovecot versions you could set > > pop3_save_uidl=yes and when you think everyone's downloaded mails > once > > you can safely change the pop3_uidl_format. > > Sorry, I'm very new to dovecot and I'm not sure I understand. I > presume because neither of those keys are in the dovecot -n output > that they are as the defaults, yes? The account is indeed accessed > by IMAP as well (from a mobile device mostly), but I don't see > anything fishy there either. How could I see if the IMAP UIDs have > changed? > > Sep 11 21:20:32 mail dovecot: IMAP(user at domain.com): Connection > closed bytes=1095/8292 > > Sep 11 21:26:03 mail dovecot: imap-login: Login: > user=, method=PLAIN, rip=174.252.83.244, > lip=83.170.65.xxx, TLS Sep 11 22:11:20 mail dovecot: > IMAP(user at domain.com): Disconnected for inactivity bytes=725/5638 Sep > 11 22:17:10 mail dovecot: imap-login: Login: user=, > method=PLAIN, rip=174.252.83.244, lip=83.170.65.xxx, TLS Sep 11 > 23:12:06 mail dovecot: IMAP(user at domain.com): Disconnected for > inactivity bytes=1471/11025 Sep 11 23:23:22 mail dovecot: imap-login: > Login: user=, method=PLAIN, rip=174.252.83.244, > lip=83.170.65.xxx, TLS Sep 11 23:52:52 mail dovecot: > IMAP(user at domain.com): Connection closed bytes=1841/13679 Sep 12 > 00:08:47 mail dovecot: imap-login: Login: user=, > method=PLAIN, rip=174.252.83.244, lip=83.170.65.xxx, TLS Sep 12 > 01:19:05 mail dovecot: imap-login: Login: user=, > method=PLAIN, rip=174.252.83.244, lip=83.170.65.xxx, TLS Sep 12 > 02:57:01 mail dovecot: IMAP(user at domain.com): Connection closed > bytes=2713/60026 Sep 12 02:57:01 mail dovecot: IMAP(user at domain.com): > Connection closed bytes=2688/18635 > > > There are no errors or warnings in the mail log (I have one shared > log file for postfix, amavis and dovecot). Reading the notes for > pop3_save_uidl it doesn't seem to be a dangerous option - should I > turn that on? Why will it force everyone to redownload mails > (there's nothing about it on the wiki)? > > Thanks! > > Simon Any help would be appreciated. Thanks. Simon From stephan at rename-it.nl Wed Sep 14 01:14:24 2011 From: stephan at rename-it.nl (Stephan Bosch) Date: Wed, 14 Sep 2011 00:14:24 +0200 Subject: [Dovecot] New plugin for Pigeonhole Sieve: sieve_pipe Message-ID: <4E6FD5C0.5050304@rename-it.nl> Hello, I've finished up work on a new plugin for Pigeonhole Sieve: sieve_pipe. It adds a new Sieve extension (vnd.dovecot.pipe) providing a new action command that provides the possibility to pipe messages to external programs (e.g. shell scripts). The programs available to this command are explicitly limited and subject to administrator configuration. The plugin can currently only be downloaded from the Mercurial repository: http://hg.rename-it.nl/pigeonhole-0.2-sieve-pipe Check the README/INSTALL files in the repository or the new wiki page for more information: http://hg.rename-it.nl/pigeonhole-0.2-sieve-pipe/raw-file/tip/README http://hg.rename-it.nl/pigeonhole-0.2-sieve-pipe/raw-file/tip/INSTALL http://master.wiki2.dovecot.org/Pigeonhole/Sieve/Plugins/Pipe The specification of the vnd.dovecot.pipe extension can be found here: http://hg.rename-it.nl/pigeonhole-0.2-sieve-pipe/raw-file/tip/doc/rfc/spec-bosch-sieve-pipe.txt I'd still call this thing very much experimental, so be sure to test it extensively first. Don't hesitate to notify me when there are any problems. Regards, Stephan. From slusarz at curecanti.org Wed Sep 14 01:15:36 2011 From: slusarz at curecanti.org (Michael M Slusarz) Date: Tue, 13 Sep 2011 16:15:36 -0600 Subject: [Dovecot] Mails repopping Message-ID: <20110913161536.Horde.smZyNoF5lbhOb9YIt_IE8WA@bigworm.curecanti.org> Quoting Simon Brereton : >> -----Original Message----- >> From: dovecot-bounces at dovecot.org [mailto:dovecot- >> bounces at dovecot.org] On Behalf Of Simon Brereton >> > -----Original Message----- >> > From: Timo Sirainen [mailto:tss at iki.fi] On Fri, 2011-09-09 at 13:07 >> > -0400, Simon Brereton wrote: >> > >> > > I have a server that's been running Courier for about 6 years and >> > in >> > > all that time I think I've only ever had 1 issues where an entire >> > mail >> > > box was repopped by a webmail client. However, since moving to a >> > new >> > > server and dovecot 4 weeks ago, I've now had the webmail client >> > repop >> > > this account 4 times (there are about 230 mails in the account). >> > > >> > > Is there a setting I need to tighten to prevent/remedy this? I >> > have >> > > no idea if it's happening on other accounts, but this is one that >> I >> > > see. The format is maildir. There has been no changes to the >> > webmail >> > > client. >> > >> > dovecot -n output would have been nice. Also do you see anything in >> > error logs? >> >> Ah. My apologies of course. Here it is.. >> >> mail:~# dovecot -n >> # 1.2.15: /etc/dovecot/dovecot.conf >> # OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.2 ext3 >> log_timestamp: %Y-%m-%d %H:%M:%S >> protocols: imap imaps pop3 pop3s >> ssl_ca_file: /etc/ssl/keys/rhodes-ca.crt >> ssl_cert_file: /etc/ssl/keys/mail.domain.net.crt >> ssl_key_file: /etc/ssl/private/mail.domain.net.key >> disable_plaintext_auth: no >> login_dir: /var/run/dovecot/login >> login_executable(default): /usr/lib/dovecot/imap-login >> login_executable(imap): /usr/lib/dovecot/imap-login >> login_executable(pop3): /usr/lib/dovecot/pop3-login >> mail_privileged_group: mailsystem >> mail_location: maildir:/var/spool/mail/virtual/%d/%n >> maildir_very_dirty_syncs: yes >> mbox_write_locks: fcntl dotlock >> mail_executable(default): /usr/lib/dovecot/imap >> mail_executable(imap): /usr/lib/dovecot/imap >> mail_executable(pop3): /usr/lib/dovecot/pop3 >> mail_plugins(default): quota imap_quota >> mail_plugins(imap): quota imap_quota >> mail_plugins(pop3): quota >> mail_plugin_dir(default): /usr/lib/dovecot/modules/imap >> mail_plugin_dir(imap): /usr/lib/dovecot/modules/imap >> mail_plugin_dir(pop3): /usr/lib/dovecot/modules/pop3 >> imap_client_workarounds(default): outlook-idle delay-newmail >> imap_client_workarounds(imap): outlook-idle delay-newmail >> imap_client_workarounds(pop3): >> pop3_client_workarounds(default): >> pop3_client_workarounds(imap): >> pop3_client_workarounds(pop3): outlook-no-nuls oe-ns-eoh >> lda: >> postmaster_address: postmaster at domain.net >> mail_plugins: quota >> log_path: >> info_log_path: >> deliver_log_format: msgid=%m: %f: %$ >> auth default: >> mechanisms: plain login >> user: mailsystem >> verbose: yes >> passdb: >> driver: sql >> args: /etc/dovecot/dovecot-sql.conf >> userdb: >> driver: prefetch >> userdb: >> driver: static >> args: uid=999 gid=115 home=/var/spool/mail/virtual/%d/%n >> allow_all_users=yes >> socket: >> type: listen >> client: >> path: /var/spool/postfix/private/auth >> mode: 432 >> user: postfix >> group: mailsystem >> master: >> path: /var/run/dovecot/auth-master >> mode: 432 >> user: mailsystem >> group: mailsystem >> plugin: >> quota: maildir >> >> Could you make dovecot -n munge the certificate and postmaster email >> addresses? I'm not comfortable with that floating on the internet.. >> >> The only thing I have in the logs is 2 sessions where mail was popped >> (note, it doesn't even add up to the 183 messages in the mail box). >> But those sessions are vastly longer than the regular ones (tens of >> minutes compared to a few seconds). Since both IPs are on the back- >> bone, that's quite a while to download 100 mails (none of which are >> over >> >> Sep 11 21:36:25 mail dovecot: pop3-login: Login: >> user=, method=PLAIN, rip=64.88.168.84, >> lip=83.170.65.xxx, TLS Sep 11 21:36:34 mail dovecot: >> POP3(user at domain.com): Disconnected: Logged out top=0/0, retr=0/0, >> del=0/183, size=14025971 Sep 11 21:43:44 mail dovecot: pop3-login: >> Login: user=, method=PLAIN, rip=64.88.168.84, >> lip=83.170.65.xxx, TLS Sep 11 21:44:54 mail dovecot: >> POP3(user at domain.com): Disconnected: Logged out top=0/0, retr=0/0, >> del=0/183, size=14025971 Sep 11 21:52:31 mail dovecot: pop3-login: >> Login: user=, method=PLAIN, rip=64.88.168.84, >> lip=83.170.65.xxx, TLS Sep 11 22:56:01 mail dovecot: >> POP3(user at domain.com): Disconnected: Logged out top=0/0, >> retr=100/9182678, del=0/183, size=14025971 Sep 11 23:08:58 mail >> dovecot: pop3-login: Login: user=, method=PLAIN, >> rip=64.88.168.84, lip=83.170.65.xxx, TLS Sep 11 23:37:57 mail >> dovecot: POP3(user at domain.com): Disconnected: Logged out top=0/0, >> retr=75/4748674, del=0/183, size=14025971 Sep 12 00:04:11 mail >> dovecot: pop3-login: Login: user=, method=PLAIN, >> rip=64.88.168.84, lip=83.170.65.xxx, TLS Sep 12 00:04:26 mail >> dovecot: POP3(user at domain.com): Disconnected: Logged out top=0/0, >> retr=0/0, del=0/183, size=14025971 Sep 12 00:07:40 mail dovecot: >> pop3-login: Login: user=, method=PLAIN, >> rip=64.88.168.84, lip=83.170.65.xxx, TLS Sep 12 00:07:53 mail >> dovecot: POP3(user at domain.com): Disconnected: Logged out top=0/0, >> retr=0/0, del=0/183, size=14025971 >> >> >> > If you're using the default pop3_uidl_format it'll rely on IMAP >> UIDs >> > to stay the same, and I guess it's possible that due to some other >> > problem they change (that should be logged as an error/warning >> > though). >> > >> > You could try setting pop3_uidl_format=%f, but it will cause >> everyone >> > to redownload mails. With newer Dovecot versions you could set >> > pop3_save_uidl=yes and when you think everyone's downloaded mails >> once >> > you can safely change the pop3_uidl_format. >> >> Sorry, I'm very new to dovecot and I'm not sure I understand. I >> presume because neither of those keys are in the dovecot -n output >> that they are as the defaults, yes? The account is indeed accessed >> by IMAP as well (from a mobile device mostly), but I don't see >> anything fishy there either. How could I see if the IMAP UIDs have >> changed? >> >> Sep 11 21:20:32 mail dovecot: IMAP(user at domain.com): Connection >> closed bytes=1095/8292 >> >> Sep 11 21:26:03 mail dovecot: imap-login: Login: >> user=, method=PLAIN, rip=174.252.83.244, >> lip=83.170.65.xxx, TLS Sep 11 22:11:20 mail dovecot: >> IMAP(user at domain.com): Disconnected for inactivity bytes=725/5638 Sep >> 11 22:17:10 mail dovecot: imap-login: Login: user=, >> method=PLAIN, rip=174.252.83.244, lip=83.170.65.xxx, TLS Sep 11 >> 23:12:06 mail dovecot: IMAP(user at domain.com): Disconnected for >> inactivity bytes=1471/11025 Sep 11 23:23:22 mail dovecot: imap-login: >> Login: user=, method=PLAIN, rip=174.252.83.244, >> lip=83.170.65.xxx, TLS Sep 11 23:52:52 mail dovecot: >> IMAP(user at domain.com): Connection closed bytes=1841/13679 Sep 12 >> 00:08:47 mail dovecot: imap-login: Login: user=, >> method=PLAIN, rip=174.252.83.244, lip=83.170.65.xxx, TLS Sep 12 >> 01:19:05 mail dovecot: imap-login: Login: user=, >> method=PLAIN, rip=174.252.83.244, lip=83.170.65.xxx, TLS Sep 12 >> 02:57:01 mail dovecot: IMAP(user at domain.com): Connection closed >> bytes=2713/60026 Sep 12 02:57:01 mail dovecot: IMAP(user at domain.com): >> Connection closed bytes=2688/18635 >> >> >> There are no errors or warnings in the mail log (I have one shared >> log file for postfix, amavis and dovecot). Reading the notes for >> pop3_save_uidl it doesn't seem to be a dangerous option - should I >> turn that on? Why will it force everyone to redownload mails >> (there's nothing about it on the wiki)? >> >> Thanks! >> >> Simon > > Any help would be appreciated. What do you mean by "repopped"? You mean downloading the entire data of the messages from the POP3 server? This is expected behavior when using a stateless (e.g. webmail) client. Kind of the whole reason you don't use POP3 in the first place. Although caching can help. e.g., Here's what the first connection to the server looks like (this is using IMP 5 on a mailstore with 82 messages): S (1315951197.4976): +OK Dovecot ready. C (1315951197.513): [AUTH PLAIN Command - username: slusarz] S (1315951197.5319): +OK Logged in. C (1315951197.5325): STAT S (1315951197.5328): +OK 82 482351 C (1315951197.5348): UIDL S (1315951197.5354): +OK S (1315951197.5354): 1 000000014935d409 S (1315951197.5354): 2 000000024935d409 S (1315951197.5354): 3 000000114935d409 [...] S (1315951197.5363): 82 000000824935d409 S (1315951197.5363): . C (1315951197.9582): TOP 1 0 S (1315951198.0411): From user at domain.com Thu Jun 22 11:16:26 2006 [...] S (1315951198.0416): . [...] C (1315951199.0607): LIST S (1315951199.061): +OK 82 messages: S (1315951199.061): 1 118630 [...] S (1315951199.0619): . We need to grab all headers so we can build the envelope information (needed to produce the mailbox listing). And the LIST command grabs the size information (also used in the mailbox listing). But remember that the full headers will need to be redownloaded *EVERY* time you reload the page unless some sort of caching is enabled in the client. That's just the nature of POP3. (IMAP has the same sort of issues - if the stateless client does not cache, the envelope information must be downloaded on every access. However, with IMAP, the network traffic is reduced - you can download only the needed information, not all header text - and IMAP servers have the ability to cache this information behind the scenes due to the abstraction of the API.). This is where caching is pretty much essential on the webmail side. If caching is enabled, the best-case scenario is that the the webmail server only needs to grab the list of UIDLs on every POP3 server access going forward - if the UIDL list has not changed, we know the mailbox hasn't changed and the cached information is still valid. (CONDSTORE/QRESYNC extensions for IMAP make this synchronization check even more efficient in IMAP) michael From janfrode at tanso.net Wed Sep 14 10:12:52 2011 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Wed, 14 Sep 2011 09:12:52 +0200 Subject: [Dovecot] Warning: Subscriptions file .. Removing invalid entry: Message-ID: <20110914071252.GA13849@oc1046828364.ibm.com> One of our dovecot-servers (v2.0.14) got a bit too busy last evening: Sep 13 20:39:18 popimap1 dovecot: master: Warning: service(pop3-login): process_limit reached, client connections are being dropped then logged a few: Sep 13 20:39:20 popimap1 dovecot: pop3(XXXXXXXXX at YYYYY.YY): Warning: I/O leak: 0x3829233d20 (10) Sep 13 20:39:20 popimap1 dovecot: pop3(XXXXXXXXX at YYYYY.YY): Warning: Timeout leak: 0x3829233ce0 Sep 13 20:39:20 popimap1 dovecot: pop3(ZZZZZ.ZZZZZ at ZZZZZZ.ZZ): Warning: I/O leak: 0x3829233d20 (10) Sep 13 20:39:20 popimap1 dovecot: pop3(ZZZZZ.ZZZZZ at ZZZZZZ.ZZ): Warning: Timeout leak: 0x3829233ce0 Sep 13 20:39:20 popimap1 dovecot: pop3(YYYYYYY at YYYY.YYY): Warning: I/O leak: 0x3829233d20 (10) Sep 13 20:39:20 popimap1 dovecot: pop3(YYYYYYY at YYYY.YYY): Warning: Timeout leak: 0x3829233ce0 Sep 13 20:39:20 popimap1 dovecot: pop3-postlogin: Error: Fatal: fd_send() failed: Broken pipe Sep 13 20:39:20 popimap1 dovecot: pop3-postlogin: Error: Fatal: fd_send() failed: Broken pipe and: Error: net_connect_unix(/var/run/dovecot/pop3-postlogin) failed: Resource temporarily unavailable but what has me a bit worried is these: imap(user at xxx.xxx): Warning: Subscriptions file /path/to/user at xxx.xxx/subscriptions: Removing invalid entry: .Sent imap(user at xxx.xxx): Warning: Subscriptions file /path/to/user at xxx.xxx/subscriptions: Removing invalid entry: .Spam imap(user at xxx.xxx): Warning: Subscriptions file /path/to/user at xxx.xxx/subscriptions: Removing invalid entry: .Drafts imap(user at xxx.xxx): Warning: Subscriptions file /path/to/user at xxx.xxx/subscriptions: Removing invalid entry: .Trash which happened for a two users during this high load periode. Looking at their mail directory I can't see why these should be invalid? They're there, has sane permissions and contains messages.. -jf From janfrode at tanso.net Wed Sep 14 10:34:21 2011 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Wed, 14 Sep 2011 09:34:21 +0200 Subject: [Dovecot] Warning: Subscriptions file .. Removing invalid entry: In-Reply-To: <20110914071252.GA13849@oc1046828364.ibm.com> References: <20110914071252.GA13849@oc1046828364.ibm.com> Message-ID: <20110914073421.GA14411@oc1046828364.ibm.com> On Wed, Sep 14, 2011 at 09:12:52AM +0200, Jan-Frode Myklebust wrote: > but what has me a bit worried is these: > > imap(user at xxx.xxx): Warning: Subscriptions file /path/to/user at xxx.xxx/subscriptions: Removing invalid entry: .Sent > imap(user at xxx.xxx): Warning: Subscriptions file /path/to/user at xxx.xxx/subscriptions: Removing invalid entry: .Spam > imap(user at xxx.xxx): Warning: Subscriptions file /path/to/user at xxx.xxx/subscriptions: Removing invalid entry: .Drafts > imap(user at xxx.xxx): Warning: Subscriptions file /path/to/user at xxx.xxx/subscriptions: Removing invalid entry: .Trash > > which happened for a two users during this high load periode. Looking at > their mail directory I can't see why these should be invalid? They're there, > has sane permissions and contains messages.. I see now that this probably has nothing to do with the pop3 process_limit. It's been happening regularly since we upgraded from v1.2.16 to v2.0 on August 30. Initially 200+ times a day, but has dropped down to 30-50 times a day for the last few days. Probably because of subscription files getting emptied for the imap-users. Is this a problem with our namespace: namespace { inbox = yes location = prefix = INBOX. type = private } which for v1.2.x was defined as: namespace private { prefix = INBOX. inbox = yes } -jf From isolderj at webmail.co.za Wed Sep 14 08:48:28 2011 From: isolderj at webmail.co.za (James isolder) Date: Wed, 14 Sep 2011 07:48:28 +0200 Subject: [Dovecot] IMAP delete logs Message-ID: Version - 1.2.17 Is there a way to include message or folder deletion logs in the dovecot log files. Thanks in advance. ____________________________________________________________ South Africas premier free email service - www.webmail.co.za For super low premiums, click here. http://www.dialdirect.co.za/?vdn=15828 From bra at fsn.hu Wed Sep 14 14:32:09 2011 From: bra at fsn.hu (Attila Nagy) Date: Wed, 14 Sep 2011 13:32:09 +0200 Subject: [Dovecot] Maildir "locking" Message-ID: <4E7090B9.1000103@fsn.hu> Hello, I'm looking for the alternative of qmail's chmod -t (sticky bit on the maildir root) for Dovecot. What I'm trying to achieve with this lock: - Dovecot lmtp should give back a temporary error (so the email will be deferred and re-delivered later) - all other Dovecot daemons (pop, imap) should work as usual, but should not alter maildir contents (they can modify their own files, like indexes, logs etc) What is the best way to do this? If there is no such thing currently, would it be hard to implement the sticky bit checking on the root? Thanks, From Lutz.Pressler at SerNet.DE Wed Sep 14 14:40:00 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Wed, 14 Sep 2011 13:40:00 +0200 Subject: [Dovecot] imapc vs auth-userdb security Message-ID: Hello, with imapc settings coming from userdb (individual configuration necessary) there exists a security problem if access to auth-userdb socket is given to normal (shell) users: testuser at host:~$ doveadm user user1 userdb: lpmail uid : 1000 gid : 1111 home : /home/user1 namespace : gmail namespace/gmail/list: yes namespace/gmail/subscriptions: no namespace/gmail/separator: . namespace/gmail/prefix: INBOX.gmail. namespace/gmail/location: imapc:~/Maildir/gmail imapc_host: imap.gmail.com imapc_user: someuser at gmail.com imapc_password: cleartextpassword! imapc_ssl : imaps imapc_ssl_ca_dir: /etc/ssl/certs imapc_port: 993 Lutz From tss at iki.fi Wed Sep 14 14:46:26 2011 From: tss at iki.fi (Timo Sirainen) Date: Wed, 14 Sep 2011 14:46:26 +0300 Subject: [Dovecot] imapc vs auth-userdb security In-Reply-To: References: Message-ID: <346DECBE-B7F8-40A2-9485-EFF3B547C8ED@iki.fi> On 14.9.2011, at 14.40, Lutz Pre?ler wrote: > with imapc settings coming from userdb (individual configuration necessary) > there exists a security problem if access to auth-userdb socket is given > to normal (shell) users: So don't give it to them? :) Actually this should be pretty much solved with v2.1 defaults. If the auth-userdb socket is 0666 root:root (default now), it requires that the calling process either has root user/group privileges or its uid matches the one returned by userdb, otherwise it won't return any fields. From Lutz.Pressler at SerNet.DE Wed Sep 14 14:57:00 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Wed, 14 Sep 2011 13:57:00 +0200 Subject: [Dovecot] imapc vs auth-userdb security In-Reply-To: <346DECBE-B7F8-40A2-9485-EFF3B547C8ED@iki.fi> References: <346DECBE-B7F8-40A2-9485-EFF3B547C8ED@iki.fi> Message-ID: On Mi, 14 Sep 2011, Timo Sirainen wrote: > On 14.9.2011, at 14.40, Lutz Pre?ler wrote: > > > with imapc settings coming from userdb (individual configuration necessary) > > there exists a security problem if access to auth-userdb socket is given > > to normal (shell) users: > > So don't give it to them? :) Actually this should be pretty much solved with v2.1 defaults. If the auth-userdb socket is 0666 root:root (default now), it requires that the calling process either has root user/group privileges or its uid matches the one returned by userdb, otherwise it won't return any fields. I had to change that because of shared mailboxes and usage of %%h. Maybe one could return only home if uid does not match? Lutz From mailing at securitylabs.it Wed Sep 14 15:40:21 2011 From: mailing at securitylabs.it (mailing at securitylabs.it) Date: Wed, 14 Sep 2011 14:40:21 +0200 Subject: [Dovecot] IMAP delete logs In-Reply-To: References: Message-ID: <4E70A0B5.2060706@securitylabs.it> Il 14/09/2011 07:48, James isolder ha scritto: > Version - 1.2.17 > > Is there a way to include message or folder deletion logs in the dovecot log > files. > > Yes, you can use the mail logger plugin: http://wiki.dovecot.org/Plugins/MailLog From gjlama94 at gmail.com Wed Sep 14 14:14:15 2011 From: gjlama94 at gmail.com (Gerald LaMontagne) Date: Wed, 14 Sep 2011 07:14:15 -0400 Subject: [Dovecot] General IMAP Question Message-ID: <20110914111415.GA4866@stryder.lamafam.org> Hi- I'm developing an IMAP client library in lua and tried using a literal form of the STATUS command. Dovecot rejected the command. I was successfully able to use a literal form of the LOGIN command, so I have some confidence in my code working properly. Is this correct and, if so, is there a list of IMAP commands that don't support the literal form? I searched hi and lo for something, but have been unable to find an answer. Thanks for your time. Regards- Gerry LaMontagne -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 230 bytes Desc: Digital signature URL: From tss at iki.fi Wed Sep 14 16:23:23 2011 From: tss at iki.fi (Timo Sirainen) Date: Wed, 14 Sep 2011 16:23:23 +0300 Subject: [Dovecot] General IMAP Question In-Reply-To: <20110914111415.GA4866@stryder.lamafam.org> References: <20110914111415.GA4866@stryder.lamafam.org> Message-ID: <565DA56D-E2B7-4E42-9AE0-F2BED99E1D89@iki.fi> On 14.9.2011, at 14.14, Gerald LaMontagne wrote: > I'm developing an IMAP client library in lua and tried using a literal > form of the STATUS command. Dovecot rejected the command. I was > successfully able to use a literal form of the LOGIN command, so I > have some confidence in my code working properly. There are no "literal forms of commands". Individual parameters have literal forms. In LOGIN command the username and password can be literals. In STATUS the mailbox name can be a literal, which is followed by a list of atoms. > Is this correct and, if so, is there a list of IMAP commands that > don't support the literal form? I searched hi and lo for something, > but have been unable to find an answer. Read the ABNF rules from RFC 3501. They tell exactly what is allowed. From dovecot at lists.grepular.com Wed Sep 14 16:46:10 2011 From: dovecot at lists.grepular.com (Mike Cardwell) Date: Wed, 14 Sep 2011 14:46:10 +0100 Subject: [Dovecot] Shredding instead of deleting Message-ID: <4E70B022.3050502@lists.grepular.com> Hi, I have a wishlist item. Is there an appropriate place for me to post it? Basically, I would like to know that my email isn't recoverable from the local disk on the mail server after I delete it. So instead of just deleting the file from my Maildir, I'd like the option to exist for Dovecot to shred it.. Ie, overwrite the file with random data and/or null bytes before deletion. In the same way that GNU shred behaves: https://www.gnu.org/software/coreutils/manual/html_node/shred-invocation.html -- Mike Cardwell https://grepular.com/ https://twitter.com/mickeyc Professional http://cardwellit.com/ http://linkedin.com/in/mikecardwell PGP.mit.edu 0018461F/35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 455 bytes Desc: OpenPGP digital signature URL: From tss at iki.fi Wed Sep 14 17:06:33 2011 From: tss at iki.fi (Timo Sirainen) Date: Wed, 14 Sep 2011 17:06:33 +0300 Subject: [Dovecot] Shredding instead of deleting In-Reply-To: <4E70B022.3050502@lists.grepular.com> References: <4E70B022.3050502@lists.grepular.com> Message-ID: <30659D1F-80F3-40D5-A239-38D2BE963243@iki.fi> On 14.9.2011, at 16.46, Mike Cardwell wrote: > I have a wishlist item. Is there an appropriate place for me to post it? > Basically, I would like to know that my email isn't recoverable from the > local disk on the mail server after I delete it. So instead of just > deleting the file from my Maildir, I'd like the option to exist for > Dovecot to shred it.. Ie, overwrite the file with random data and/or > null bytes before deletion. In the same way that GNU shred behaves: Well, the choices are: a) Patch Dovecot sources b) Use a LD_PRELOAD library to override unlink() c) Use a FUSE filesystem that replaces unlinks with shredding d) Wait until I've finished making dbox code use lib-fs, and write a lib-fs wrapper plugin that replaces unlink() I'm not anyway planning on distributing any of these solutions with Dovecot. It won't even work with newer copy-on-write filesystems (ZFS, BTRFS, etc.) From dovecot at lists.grepular.com Wed Sep 14 17:15:35 2011 From: dovecot at lists.grepular.com (dovecot at lists.grepular.com) Date: Wed, 14 Sep 2011 15:15:35 +0100 Subject: [Dovecot] Shredding instead of deleting In-Reply-To: <30659D1F-80F3-40D5-A239-38D2BE963243@iki.fi> References: <4E70B022.3050502@lists.grepular.com> <30659D1F-80F3-40D5-A239-38D2BE963243@iki.fi> Message-ID: <4E70B707.4060200@lists.grepular.com> On 14/09/11 15:06, Timo Sirainen wrote: >> I have a wishlist item. Is there an appropriate place for me to post it? >> Basically, I would like to know that my email isn't recoverable from the >> local disk on the mail server after I delete it. So instead of just >> deleting the file from my Maildir, I'd like the option to exist for >> Dovecot to shred it.. Ie, overwrite the file with random data and/or >> null bytes before deletion. In the same way that GNU shred behaves: > > Well, the choices are: > > a) Patch Dovecot sources > > b) Use a LD_PRELOAD library to override unlink() > > c) Use a FUSE filesystem that replaces unlinks with shredding > > d) Wait until I've finished making dbox code use lib-fs, and write a lib-fs wrapper plugin that replaces unlink() > > I'm not anyway planning on distributing any of these solutions with Dovecot. It won't even work with newer copy-on-write filesystems (ZFS, BTRFS, etc.) Is there no general wishlist area for Dovecot then? I didn't necessarily expect the functionality to be packaged with Dovecot, but thought that somebody might pick up the idea and write a plugin for it if it was written down somewhere. From a privacy/security perspective, making sure deleted email isn't recoverable does have real value for some people. I did consider FUSE. I might tackle that one myself. I don't really have the expertise to modify Dovecot it's self though. -- Mike Cardwell https://grepular.com/ https://twitter.com/mickeyc Professional http://cardwellit.com/ http://linkedin.com/in/mikecardwell PGP.mit.edu 0018461F/35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 455 bytes Desc: OpenPGP digital signature URL: From smt at vgersoft.com Wed Sep 14 17:19:58 2011 From: smt at vgersoft.com (Steve Thompson) Date: Wed, 14 Sep 2011 10:19:58 -0400 (EDT) Subject: [Dovecot] Shredding instead of deleting In-Reply-To: <4E70B707.4060200@lists.grepular.com> References: <4E70B022.3050502@lists.grepular.com> <30659D1F-80F3-40D5-A239-38D2BE963243@iki.fi> <4E70B707.4060200@lists.grepular.com> Message-ID: On Wed, 14 Sep 2011, dovecot at lists.grepular.com wrote: > From a privacy/security perspective, making sure deleted email isn't > recoverable does have real value for some people. What would you do about backups? From simon.brereton at buongiorno.com Wed Sep 14 17:25:43 2011 From: simon.brereton at buongiorno.com (Simon Brereton) Date: Wed, 14 Sep 2011 10:25:43 -0400 Subject: [Dovecot] Mails repopping In-Reply-To: <20110913161536.Horde.smZyNoF5lbhOb9YIt_IE8WA@bigworm.curecanti.org> References: <20110913161536.Horde.smZyNoF5lbhOb9YIt_IE8WA@bigworm.curecanti.org> Message-ID: <04db01cc72ea$30612b90$912382b0$@brereton@buongiorno.com> > -----Original Message----- > From: dovecot-bounces at dovecot.org [mailto:dovecot- > bounces at dovecot.org] On Behalf Of Michael M Slusarz > Quoting Simon Brereton : > > >> -----Original Message----- > >> From: dovecot-bounces at dovecot.org [mailto:dovecot- > >> bounces at dovecot.org] On Behalf Of Simon Brereton > >> > -----Original Message----- > >> > From: Timo Sirainen [mailto:tss at iki.fi] On Fri, 2011-09-09 at > 13:07 > >> > -0400, Simon Brereton wrote: > >> > > >> > > I have a server that's been running Courier for about 6 years > and > >> > in > >> > > all that time I think I've only ever had 1 issues where an > entire > >> > mail > >> > > box was repopped by a webmail client. However, since moving > to a > >> > new > >> > > server and dovecot 4 weeks ago, I've now had the webmail > client > >> > repop > >> > > this account 4 times (there are about 230 mails in the > account). > >> > > > >> > > Is there a setting I need to tighten to prevent/remedy this? > I > >> > have > >> > > no idea if it's happening on other accounts, but this is one > that > >> I > >> > > see. The format is maildir. There has been no changes to the > >> > webmail > >> > > client. > >> > > >> > dovecot -n output would have been nice. Also do you see anything > in > >> > error logs? > >> > >> Ah. My apologies of course. Here it is.. > >> > >> mail:~# dovecot -n > >> # 1.2.15: /etc/dovecot/dovecot.conf > >> # OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.2 ext3 > >> log_timestamp: %Y-%m-%d %H:%M:%S > >> protocols: imap imaps pop3 pop3s > >> ssl_ca_file: /etc/ssl/keys/rhodes-ca.crt > >> ssl_cert_file: /etc/ssl/keys/mail.domain.net.crt > >> ssl_key_file: /etc/ssl/private/mail.domain.net.key > >> disable_plaintext_auth: no > >> login_dir: /var/run/dovecot/login > >> login_executable(default): /usr/lib/dovecot/imap-login > >> login_executable(imap): /usr/lib/dovecot/imap-login > >> login_executable(pop3): /usr/lib/dovecot/pop3-login > >> mail_privileged_group: mailsystem > >> mail_location: maildir:/var/spool/mail/virtual/%d/%n > >> maildir_very_dirty_syncs: yes > >> mbox_write_locks: fcntl dotlock > >> mail_executable(default): /usr/lib/dovecot/imap > >> mail_executable(imap): /usr/lib/dovecot/imap > >> mail_executable(pop3): /usr/lib/dovecot/pop3 > >> mail_plugins(default): quota imap_quota > >> mail_plugins(imap): quota imap_quota > >> mail_plugins(pop3): quota > >> mail_plugin_dir(default): /usr/lib/dovecot/modules/imap > >> mail_plugin_dir(imap): /usr/lib/dovecot/modules/imap > >> mail_plugin_dir(pop3): /usr/lib/dovecot/modules/pop3 > >> imap_client_workarounds(default): outlook-idle delay-newmail > >> imap_client_workarounds(imap): outlook-idle delay-newmail > >> imap_client_workarounds(pop3): > >> pop3_client_workarounds(default): > >> pop3_client_workarounds(imap): > >> pop3_client_workarounds(pop3): outlook-no-nuls oe-ns-eoh > >> lda: > >> postmaster_address: postmaster at domain.net > >> mail_plugins: quota > >> log_path: > >> info_log_path: > >> deliver_log_format: msgid=%m: %f: %$ auth default: > >> mechanisms: plain login > >> user: mailsystem > >> verbose: yes > >> passdb: > >> driver: sql > >> args: /etc/dovecot/dovecot-sql.conf > >> userdb: > >> driver: prefetch > >> userdb: > >> driver: static > >> args: uid=999 gid=115 home=/var/spool/mail/virtual/%d/%n > >> allow_all_users=yes > >> socket: > >> type: listen > >> client: > >> path: /var/spool/postfix/private/auth > >> mode: 432 > >> user: postfix > >> group: mailsystem > >> master: > >> path: /var/run/dovecot/auth-master > >> mode: 432 > >> user: mailsystem > >> group: mailsystem > >> plugin: > >> quota: maildir > >> > >> Could you make dovecot -n munge the certificate and postmaster > email > >> addresses? I'm not comfortable with that floating on the > internet.. > >> > >> The only thing I have in the logs is 2 sessions where mail was > popped > >> (note, it doesn't even add up to the 183 messages in the mail > box). > >> But those sessions are vastly longer than the regular ones (tens > of > >> minutes compared to a few seconds). Since both IPs are on the > back- > >> bone, that's quite a while to download 100 mails (none of which > are > >> over > >> > >> Sep 11 21:36:25 mail dovecot: pop3-login: Login: > >> user=, method=PLAIN, rip=64.88.168.84, > >> lip=83.170.65.xxx, TLS Sep 11 21:36:34 mail dovecot: > >> POP3(user at domain.com): Disconnected: Logged out top=0/0, retr=0/0, > >> del=0/183, size=14025971 Sep 11 21:43:44 mail dovecot: pop3-login: > >> Login: user=, method=PLAIN, rip=64.88.168.84, > >> lip=83.170.65.xxx, TLS Sep 11 21:44:54 mail dovecot: > >> POP3(user at domain.com): Disconnected: Logged out top=0/0, retr=0/0, > >> del=0/183, size=14025971 Sep 11 21:52:31 mail dovecot: pop3-login: > >> Login: user=, method=PLAIN, rip=64.88.168.84, > >> lip=83.170.65.xxx, TLS Sep 11 22:56:01 mail dovecot: > >> POP3(user at domain.com): Disconnected: Logged out top=0/0, > >> retr=100/9182678, del=0/183, size=14025971 Sep 11 23:08:58 mail > >> dovecot: pop3-login: Login: user=, method=PLAIN, > >> rip=64.88.168.84, lip=83.170.65.xxx, TLS Sep 11 23:37:57 mail > >> dovecot: POP3(user at domain.com): Disconnected: Logged out top=0/0, > >> retr=75/4748674, del=0/183, size=14025971 Sep 12 00:04:11 mail > >> dovecot: pop3-login: Login: user=, method=PLAIN, > >> rip=64.88.168.84, lip=83.170.65.xxx, TLS Sep 12 00:04:26 mail > >> dovecot: POP3(user at domain.com): Disconnected: Logged out top=0/0, > >> retr=0/0, del=0/183, size=14025971 Sep 12 00:07:40 mail dovecot: > >> pop3-login: Login: user=, method=PLAIN, > >> rip=64.88.168.84, lip=83.170.65.xxx, TLS Sep 12 00:07:53 mail > >> dovecot: POP3(user at domain.com): Disconnected: Logged out top=0/0, > >> retr=0/0, del=0/183, size=14025971 > >> > >> > >> > If you're using the default pop3_uidl_format it'll rely on IMAP > >> UIDs > >> > to stay the same, and I guess it's possible that due to some > other > >> > problem they change (that should be logged as an error/warning > >> > though). > >> > > >> > You could try setting pop3_uidl_format=%f, but it will cause > >> everyone > >> > to redownload mails. With newer Dovecot versions you could set > >> > pop3_save_uidl=yes and when you think everyone's downloaded > mails > >> once > >> > you can safely change the pop3_uidl_format. > >> > >> Sorry, I'm very new to dovecot and I'm not sure I understand. I > >> presume because neither of those keys are in the dovecot -n output > >> that they are as the defaults, yes? The account is indeed > accessed > >> by IMAP as well (from a mobile device mostly), but I don't see > >> anything fishy there either. How could I see if the IMAP UIDs > have > >> changed? > >> > >> Sep 11 21:20:32 mail dovecot: IMAP(user at domain.com): Connection > >> closed bytes=1095/8292 > >> > >> Sep 11 21:26:03 mail dovecot: imap-login: Login: > >> user=, method=PLAIN, rip=174.252.83.244, > >> lip=83.170.65.xxx, TLS Sep 11 22:11:20 mail dovecot: > >> IMAP(user at domain.com): Disconnected for inactivity bytes=725/5638 > Sep > >> 11 22:17:10 mail dovecot: imap-login: Login: > user=, > >> method=PLAIN, rip=174.252.83.244, lip=83.170.65.xxx, TLS Sep 11 > >> 23:12:06 mail dovecot: IMAP(user at domain.com): Disconnected for > >> inactivity bytes=1471/11025 Sep 11 23:23:22 mail dovecot: imap- > login: > >> Login: user=, method=PLAIN, rip=174.252.83.244, > >> lip=83.170.65.xxx, TLS Sep 11 23:52:52 mail dovecot: > >> IMAP(user at domain.com): Connection closed bytes=1841/13679 Sep 12 > >> 00:08:47 mail dovecot: imap-login: Login: user=, > >> method=PLAIN, rip=174.252.83.244, lip=83.170.65.xxx, TLS Sep 12 > >> 01:19:05 mail dovecot: imap-login: Login: user=, > >> method=PLAIN, rip=174.252.83.244, lip=83.170.65.xxx, TLS Sep 12 > >> 02:57:01 mail dovecot: IMAP(user at domain.com): Connection closed > >> bytes=2713/60026 Sep 12 02:57:01 mail dovecot: > IMAP(user at domain.com): > >> Connection closed bytes=2688/18635 > >> > >> > >> There are no errors or warnings in the mail log (I have one shared > >> log file for postfix, amavis and dovecot). Reading the notes for > >> pop3_save_uidl it doesn't seem to be a dangerous option - should > I > >> turn that on? Why will it force everyone to redownload mails > >> (there's nothing about it on the wiki)? > >> > >> Thanks! > >> > >> Simon > > > > Any help would be appreciated. > > What do you mean by "repopped"? You mean downloading the entire data > of the messages from the POP3 server? This is expected behavior when > using a stateless (e.g. webmail) client. Kind of the whole reason > you don't use POP3 in the first place. Michael - I use a spam filtering service, that uses Horde as the web-front end. Essentially, it pops all my mail accounts (that allow popping) one of which is the one I control and is now running Dovecot - though was previously running Courier. Until now, mails that the service has popped once have never been repopped. That is, I assume that when Horde does a RETR on the account it knows what it has already popped and what it new and only retrieves the new mails. Right now though, it's redownloaded them all 5 or 6 times in 4 weeks. I don't think this is a Horde issue (since that hasn't changed), which is why I didn't post there. Horde continues to be a fantastic project. >From my limited knowledge (meaning I didn't understand the rest of your mail :) I suspect that Dovecot is doing something with the IDs that Courier wasn't doing and that's causing Horde to see those old mails as new every now and again. Simon > Although caching can help. e.g., Here's what the first connection to > the server looks like (this is using IMP 5 on a mailstore with 82 > messages): > > S (1315951197.4976): +OK Dovecot ready. > C (1315951197.513): [AUTH PLAIN Command - username: slusarz] S > (1315951197.5319): +OK Logged in. > C (1315951197.5325): STAT > S (1315951197.5328): +OK 82 482351 > C (1315951197.5348): UIDL > S (1315951197.5354): +OK > S (1315951197.5354): 1 000000014935d409 > S (1315951197.5354): 2 000000024935d409 > S (1315951197.5354): 3 000000114935d409 > [...] > S (1315951197.5363): 82 000000824935d409 S (1315951197.5363): . > C (1315951197.9582): TOP 1 0 > S (1315951198.0411): From user at domain.com Thu Jun 22 11:16:26 2006 > [...] S (1315951198.0416): . > [...] > C (1315951199.0607): LIST > S (1315951199.061): +OK 82 messages: > S (1315951199.061): 1 118630 > [...] > S (1315951199.0619): . > > We need to grab all headers so we can build the envelope information > (needed to produce the mailbox listing). And the LIST command grabs > the size information (also used in the mailbox listing). > > But remember that the full headers will need to be redownloaded > *EVERY* time you reload the page unless some sort of caching is > enabled in the client. That's just the nature of POP3. (IMAP has > the same sort of issues - if the stateless client does not cache, the > envelope information must be downloaded on every access. However, > with IMAP, the network traffic is reduced - you can download only the > needed information, not all header text - and IMAP servers have the > ability to cache this information behind the scenes due to the > abstraction of the API.). > > This is where caching is pretty much essential on the webmail side. > If caching is enabled, the best-case scenario is that the the webmail > server only needs to grab the list of UIDLs on every POP3 server > access going forward - if the UIDL list has not changed, we know the > mailbox hasn't changed and the cached information is still valid. > (CONDSTORE/QRESYNC extensions for IMAP make this synchronization > check even more efficient in IMAP) > > michael From tss at iki.fi Wed Sep 14 17:26:44 2011 From: tss at iki.fi (Timo Sirainen) Date: Wed, 14 Sep 2011 17:26:44 +0300 Subject: [Dovecot] Shredding instead of deleting In-Reply-To: <4E70B707.4060200@lists.grepular.com> References: <4E70B022.3050502@lists.grepular.com> <30659D1F-80F3-40D5-A239-38D2BE963243@iki.fi> <4E70B707.4060200@lists.grepular.com> Message-ID: <25487043-CBC6-43AA-990B-1D15A1E30E8C@iki.fi> On 14.9.2011, at 17.15, dovecot at lists.grepular.com wrote: > On 14/09/11 15:06, Timo Sirainen wrote: > >>> I have a wishlist item. Is there an appropriate place for me to post it? >>> Basically, I would like to know that my email isn't recoverable from the >>> local disk on the mail server after I delete it. So instead of just >>> deleting the file from my Maildir, I'd like the option to exist for >>> Dovecot to shred it.. Ie, overwrite the file with random data and/or >>> null bytes before deletion. In the same way that GNU shred behaves: >> >> Well, the choices are: .. > Is there no general wishlist area for Dovecot then? There's my internal TODO list distributed with source code :) > I didn't necessarily > expect the functionality to be packaged with Dovecot, but thought that > somebody might pick up the idea and write a plugin for it if it was > written down somewhere. I guess some wishlist page could be added to wiki, but I don't know if it would be all that useful. Few people want to code features they don't want themselves, and things I want to add are already being added to my own TODO list. > From a privacy/security perspective, making sure > deleted email isn't recoverable does have real value for some people. I > did consider FUSE. I might tackle that one myself. I don't really have > the expertise to modify Dovecot it's self though. The LD_PRELOAD way would be simple. Probably 10-20 lines of C code for something that would replace unlink()s to mail files with fork+exec to /usr/bin/shred. From dovecot at lists.grepular.com Wed Sep 14 17:27:06 2011 From: dovecot at lists.grepular.com (dovecot at lists.grepular.com) Date: Wed, 14 Sep 2011 15:27:06 +0100 Subject: [Dovecot] Shredding instead of deleting In-Reply-To: References: <4E70B022.3050502@lists.grepular.com> <30659D1F-80F3-40D5-A239-38D2BE963243@iki.fi> <4E70B707.4060200@lists.grepular.com> Message-ID: <4E70B9BA.9020303@lists.grepular.com> On 14/09/11 15:19, Steve Thompson wrote: >> From a privacy/security perspective, making sure deleted email isn't >> recoverable does have real value for some people. > > What would you do about backups? I realise that there are lots of other areas where an email can be leaked. It only makes sense to address how Dovecot behaves on this list though. I also need to address this for my MTA's mail spool and client caches. I will address your backup question, but I'd prefer if people don't expand on this. I currently use some open source software called Duplicity, which allows me to perform incremental, gnupg encrypted backups. Also, all of my incoming email is automatically encrypted with my public GnuPG key as described here: https://grepular.com/Automatically_Encrypting_all_Incoming_Email Even though it is encrypted, I'd like the mail to be shredded on delete because the message headers are stored in plain text, even if the message bodies are encrypted. -- Mike Cardwell https://grepular.com/ https://twitter.com/mickeyc Professional http://cardwellit.com/ http://linkedin.com/in/mikecardwell PGP.mit.edu 0018461F/35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 455 bytes Desc: OpenPGP digital signature URL: From dovecot at lists.grepular.com Wed Sep 14 18:05:18 2011 From: dovecot at lists.grepular.com (dovecot at lists.grepular.com) Date: Wed, 14 Sep 2011 16:05:18 +0100 Subject: [Dovecot] Shredding instead of deleting In-Reply-To: <25487043-CBC6-43AA-990B-1D15A1E30E8C@iki.fi> References: <4E70B022.3050502@lists.grepular.com> <30659D1F-80F3-40D5-A239-38D2BE963243@iki.fi> <4E70B707.4060200@lists.grepular.com> <25487043-CBC6-43AA-990B-1D15A1E30E8C@iki.fi> Message-ID: <4E70C2AE.10900@lists.grepular.com> On 14/09/11 15:26, Timo Sirainen wrote: >> From a privacy/security perspective, making sure >> deleted email isn't recoverable does have real value for some people. I >> did consider FUSE. I might tackle that one myself. I don't really have >> the expertise to modify Dovecot it's self though. > > The LD_PRELOAD way would be simple. Probably 10-20 lines of C code for something that would replace unlink()s to mail files with fork+exec to /usr/bin/shred. Simple for somebody who can code in C you mean :) -- Mike Cardwell https://grepular.com/ https://twitter.com/mickeyc Professional http://cardwellit.com/ http://linkedin.com/in/mikecardwell PGP.mit.edu 0018461F/35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 455 bytes Desc: OpenPGP digital signature URL: From tss at iki.fi Wed Sep 14 18:19:06 2011 From: tss at iki.fi (Timo Sirainen) Date: Wed, 14 Sep 2011 18:19:06 +0300 Subject: [Dovecot] Shredding instead of deleting In-Reply-To: <4E70C2AE.10900@lists.grepular.com> References: <4E70B022.3050502@lists.grepular.com> <30659D1F-80F3-40D5-A239-38D2BE963243@iki.fi> <4E70B707.4060200@lists.grepular.com> <25487043-CBC6-43AA-990B-1D15A1E30E8C@iki.fi> <4E70C2AE.10900@lists.grepular.com> Message-ID: <35E08247-C7CB-47EE-936D-127DFE68CC02@iki.fi> On 14.9.2011, at 18.05, dovecot at lists.grepular.com wrote: >> The LD_PRELOAD way would be simple. Probably 10-20 lines of C code for something that would replace unlink()s to mail files with fork+exec to /usr/bin/shred. > > Simple for somebody who can code in C you mean :) I have no idea if this works (or even compiles), it's based on a web page I found: #define _GNU_SOURCE #include #include #include int unlink(const char *path) { static int (*libc_unlink)(const char *) = NULL; char *args[3]; int status; if (libc_unlink == NULL) *(void **)(&libc_unlink) = dlsym(RTLD_NEXT, "unlink"); if (strstr(path, "Maildir/") != NULL) { args[0] = "/usr/bin/shred"; args[1] = path; args[2] = NULL; switch (fork()) { case -1: return -1; case 0: execve(args[0], args); exit(99); default: if (wait(&status) < 0) return -1; } if (WIFEXITED(status) && WEXITSTATUS(status) == 0) return 0; errno = ENOENT; /* not really correct, should maybe check it properly */ return -1; } else { libc_unlink(path); } } From dovecot at lists.grepular.com Wed Sep 14 18:23:00 2011 From: dovecot at lists.grepular.com (dovecot at lists.grepular.com) Date: Wed, 14 Sep 2011 16:23:00 +0100 Subject: [Dovecot] Shredding instead of deleting In-Reply-To: <35E08247-C7CB-47EE-936D-127DFE68CC02@iki.fi> References: <4E70B022.3050502@lists.grepular.com> <30659D1F-80F3-40D5-A239-38D2BE963243@iki.fi> <4E70B707.4060200@lists.grepular.com> <25487043-CBC6-43AA-990B-1D15A1E30E8C@iki.fi> <4E70C2AE.10900@lists.grepular.com> <35E08247-C7CB-47EE-936D-127DFE68CC02@iki.fi> Message-ID: <4E70C6D4.5090605@lists.grepular.com> On 14/09/11 16:19, Timo Sirainen wrote: >>> The LD_PRELOAD way would be simple. Probably 10-20 lines of C code for something that would replace unlink()s to mail files with fork+exec to /usr/bin/shred. >> >> Simple for somebody who can code in C you mean :) > > I have no idea if this works (or even compiles), it's based on a web page I found: Thanks. That gives me an excellent starting point. I'll have a play with this code next week when I have some free time. -- Mike Cardwell https://grepular.com/ https://twitter.com/mickeyc Professional http://cardwellit.com/ http://linkedin.com/in/mikecardwell PGP.mit.edu 0018461F/35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 455 bytes Desc: OpenPGP digital signature URL: From asai at globalchangemusic.org Wed Sep 14 19:04:57 2011 From: asai at globalchangemusic.org (Asai) Date: Wed, 14 Sep 2011 09:04:57 -0700 Subject: [Dovecot] Dsync Permissions Issue Message-ID: <4E70D0A9.8060604@globalchangemusic.org> Greetings, I recently upgraded Dovecot from 1.2 to 2.0.14, for purposes of using Dsync to migrate emails from one server to another. I'm using MySQL for authentication. However I get this error message when I try to run Dsync, and after looking around for an answer, I'm at a bit of a loss: [root at triata ~]# dsync -v -u asai at globalchangemusic.org backup ssh -p22222 vmail at xx.xxx.xx.xxx dsync -u asai at globalchangemusic.org vmail at xx.xxx.xx.xxx's password: dsync(vmail): Error: userdb lookup: connect(/var/run/dovecot/auth-userdb) failed: Permission denied (euid=1001(vmail) egid=1001(vmail) missing +r perm: /var/run/dovecot/auth-userdb, euid is not dir owner) dsync(vmail): Fatal: User lookup failed: Internal error occurred. Refer to server log for more information. dsync-local(asai at globalchangemusic.org): Error: read() from worker server failed: EOF Config as follows: [root at triata ~]# doveconf -n # 2.0.14: /etc/dovecot/dovecot.conf # OS: Linux 2.6.18-92.1.10.el5.xs5.0.0.39xen x86_64 CentOS release 5 (Final) ext3 auth_mechanisms = plain login mail_home = /vmail/%d/%n/home mail_location = maildir:/vmail/%d/%n managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date namespace { inbox = yes location = prefix = separator = / type = private } passdb { args = /etc/dovecot-mysql.conf driver = sql } plugin { sieve = /vmail/%d/%n/sievescript } service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } unix_listener auth-master { group = vmail mode = 0660 user = vmail } unix_listener auth-userdb { group = vmail mode = 0666 user = vmail } user = root } ssl_cert = The dovecot lda panics with "Trying to sync mailbox INBOX with open transactions" if a user has no sieve script defined. Debugging shows: Sep 14 19:49:26 server dovecot: [ID 583609 local0.debug] lda(userxx): Debug: sieve: user's script path /home/grp/userxx/.dovecot.sieve doesn't exist (using global script path in stead) Sep 14 19:49:26 server dovecot: [ID 583609 local0.debug] lda(userxx): Debug: sieve: user has no valid personal script Sep 14 19:49:26 server dovecot: [ID 583609 local0.debug] lda(userxx): Debug: sieve: no scripts to execute: reverting to default delivery. Sep 14 19:49:26 server dovecot: [ID 583609 local0.crit] lda(userxx): Panic: Trying to sync mailbox INBOX with open transactions Sep 14 19:49:26 server dovecot: [ID 583609 local0.error] lda(userxx): Error: Raw backtrace: 0xff1cc2ac -> 0xff1cbb70 -> 0xff2a6474 -> 0xff2a668c -> 0xff2fa444 -> 0xff2a63c8 -> 0xff2668ec -> 0xff266f74 -> 0xff26741c -> 0x12720 -> 0x11948 I then did create an empty sieve script file with touch /home/grp/userxx/.dovecot.sieve and after that lda worked: Sep 14 19:50:55 server dovecot: [ID 583609 local0.debug] lda(userxx): Debug: sieve: using sieve path for user's script: /home/grp/userxx/.dovecot.sieve Sep 14 19:50:55 server dovecot: [ID 583609 local0.debug] lda(userxx): Debug: sieve: opening script /home/grp/userxx/.dovecot.sieve Sep 14 19:50:55 server dovecot: [ID 583609 local0.debug] lda(userxx): Debug: sieve: script /home/grp/userxx/.dovecot.sieve successfully compiled Sep 14 19:50:55 server dovecot: [ID 583609 local0.debug] lda(userxx): Debug: sieve: executing script from /home/grp/userxx/.dovecot.sieve Sep 14 19:50:56 server dovecot: [ID 583609 local0.info] lda(userxx): save: box=INBOX, uid=6, msgid=<201109141750.p8EHotbE015854 at server.hrz.uni-giessen.de>, size=1035 Sep 14 19:50:56 server dovecot: [ID 583609 local0.debug] lda(userxx): Debug: box=/var/mail/userxx mount=/var/mail match=yes Sep 14 19:50:56 server dovecot: [ID 583609 local0.info] lda(userxx): sieve: msgid=<201109141750.p8EHotbE015854 at server.hrz.uni-giessen.de>: stored mail into mailbox 'INBOX' I think the lda worked in previous releases without a sieve script file in the users home directory. dovecot -n output is: # 2.0.14: /opt/local/etc/dovecot/dovecot.conf # OS: SunOS 5.10 sun4v auth_debug = yes auth_debug_passwords = yes auth_verbose = yes disable_plaintext_auth = no listen = server.hrz.uni-giessen.de localhost mail_debug = yes mail_fsync = always mail_location = mbox:~/Mail:INBOX=/var/mail/%u mail_nfs_index = yes mail_nfs_storage = yes mail_plugins = mail_log notify quota mail_privileged_group = mail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mmap_disable = yes namespace { inbox = yes location = prefix = separator = / type = private } namespace { hidden = yes list = no location = prefix = Mail/ separator = / subscriptions = yes type = private } passdb { driver = pam } passdb { args = /opt/local/etc/dovecot/dovecot-ldap.conf.ext driver = ldap } plugin { autocreate = Trash autocreate2 = caughtspam autocreate3 = Sent autosubscribe = Trash autosubscribe2 = caughtspam autosubscribe3 = Sent mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename mail_log_fields = uid box msgid size quota = fs:Home-Verzeichnis:noenforcing quota2 = fs:INBOX:noenforcing:mount=/var/mail sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } postmaster_address = postmaster at hrz.uni-giessen.de protocols = imap pop3 lmtp sieve sendmail_path = /usr/lib/sendmail service auth { client_limit = 11120 } service imap-login { process_min_avail = 16 service_count = 0 vsz_limit = 640 M } service imap { process_limit = 4096 vsz_limit = 1 G } ssl_cert = Hi I'm a little confused as there are two repos for the dovecot-antispam plugin. Eugene's hg repo is explicitly labeled "for Dovecot 2", but the Johannes' git repo has commits later in date: hg: http://wiki2.dovecot.org/Plugins/Antispam git: http://git.sipsolutions.net/?p=dovecot-antispam.git I guess the unrelease hg code ist the one for Dovecot 2, but what is Eugene's 1.4 code for? Thanks! From compconsultant at yahoo.com Wed Sep 14 22:53:34 2011 From: compconsultant at yahoo.com (Steve Fatula) Date: Wed, 14 Sep 2011 12:53:34 -0700 (PDT) Subject: [Dovecot] Which dovecot-antispam with dovecot 2? In-Reply-To: References: Message-ID: <1316030014.84244.YahooMailNeo@web39424.mail.mud.yahoo.com> ----- Original Message ----- > From: Svoop > To: dovecot at dovecot.org > Cc: > Sent: Wednesday, September 14, 2011 2:06 PM > Subject: [Dovecot] Which dovecot-antispam with dovecot 2? > > Hi > > I'm a little confused as there are two repos for the dovecot-antispam > plugin. > Eugene's hg repo is explicitly labeled "for Dovecot 2", but the > Johannes' git > repo has commits later in date: > > hg:? http://wiki2.dovecot.org/Plugins/Antispam > git: http://git.sipsolutions.net/?p=dovecot-antispam.git > > I guess the unrelease hg code ist the one for Dovecot 2, but what is > Eugene's > 1.4 code for? Yes, the HG code works fine with Dovecot 2, am using it. The Berg site is for Dovecot 1. Dovecot 1 is in use in many distributions like Centos 5, etc. So, it still needs updates. From micah at riseup.net Thu Sep 15 06:17:50 2011 From: micah at riseup.net (Micah Anderson) Date: Wed, 14 Sep 2011 23:17:50 -0400 Subject: [Dovecot] movming mail out of alt storage Message-ID: <87sjnya3z5.fsf@algae.riseup.net> I moved some mail into the alt storage: doveadm altmove -u johnd at example.com seen savedbefore 1w and now I want to move it back to the regular INBOX, but I can't see how I can do that with either 'altmove' or 'mailbox move'. thanks! micah -- -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 835 bytes Desc: not available URL: From kjonca at o2.pl Thu Sep 15 09:48:55 2011 From: kjonca at o2.pl (Kamil =?iso-8859-2?Q?Jo=F1ca?=) Date: Thu, 15 Sep 2011 08:48:55 +0200 Subject: [Dovecot] compressed mboxes very slow References: <87iptnoans.fsf@alfa.kjonca> <1305041104.10421.131.camel@hurina> <87ipti8ffk.fsf@alfa.kjonca> <9DE1215A-F41F-4397-B24B-2282E54F523D@iki.fi> Message-ID: <877h5axpuw.fsf@alfa.kjonca> Timo Sirainen writes: > On 10.5.2011, at 23.32, Kamil Jo?ca wrote: > >> Timo Sirainen writes: >> >>> Here are some fixes: >>> >>> http://hg.dovecot.org/dovecot-2.0/rev/15a0687ec9d0 >>> http://hg.dovecot.org/dovecot-2.0/rev/66ec075a49d3 >> >> Hard to say, but I can't see any significant improvement after applying >> them :| > > Get strace -tt output of such slowness and send them to me. Some time ago I complained about very slow mbox. In the meantime I have no time to check it. But recently I have to use them (compressed mboxes) again. And no progress :( Under http://strony.aster.pl/kjonca/mbox.log.gz (WARN: ~170MB) is file with output of strace -tt when dovecot try to open rather huge bzipped mbox. And it took about four hours. Second open is a lot faster (about minute), but sometimes message fetching take about 30-60s KJ -- http://modnebzdury.wordpress.com/2009/10/01/niewiarygodny-list-prof-majewskiej-wprowadzenie/ Zanim wlaczysz komputer, zastanow sie: Czy jestes absolutnie pewien(na), ze nie jest podlaczany do wyrzutni rakiet? From tss at iki.fi Thu Sep 15 11:13:28 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 15 Sep 2011 11:13:28 +0300 Subject: [Dovecot] imapc vs auth-userdb security In-Reply-To: References: <346DECBE-B7F8-40A2-9485-EFF3B547C8ED@iki.fi> Message-ID: <1316074408.12936.1.camel@hurina> On Wed, 2011-09-14 at 13:57 +0200, Lutz Pre?ler wrote: > On Mi, 14 Sep 2011, Timo Sirainen wrote: > > > On 14.9.2011, at 14.40, Lutz Pre?ler wrote: > > > > > with imapc settings coming from userdb (individual configuration necessary) > > > there exists a security problem if access to auth-userdb socket is given > > > to normal (shell) users: > > > > So don't give it to them? :) Actually this should be pretty much solved with v2.1 defaults. If the auth-userdb socket is 0666 root:root (default now), it requires that the calling process either has root user/group privileges or its uid matches the one returned by userdb, otherwise it won't return any fields. > I had to change that because of shared mailboxes and usage of %%h. > Maybe one could return only home if uid does not match? Well, you could also solve it by making it 0660 with group=dovecot and then set mail_access_groups=dovecot. From tss at iki.fi Thu Sep 15 11:19:40 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 15 Sep 2011 11:19:40 +0300 Subject: [Dovecot] Maildir "locking" In-Reply-To: <4E7090B9.1000103@fsn.hu> References: <4E7090B9.1000103@fsn.hu> Message-ID: <1316074780.12936.5.camel@hurina> On Wed, 2011-09-14 at 13:32 +0200, Attila Nagy wrote: > Hello, > > I'm looking for the alternative of qmail's chmod -t (sticky bit on the > maildir root) for Dovecot. What I'm trying to achieve with this lock: > - Dovecot lmtp should give back a temporary error (so the email will be > deferred and re-delivered later) > - all other Dovecot daemons (pop, imap) should work as usual, but should > not alter maildir contents (they can modify their own files, like > indexes, logs etc) > > What is the best way to do this? If there is no such thing currently, > would it be hard to implement the sticky bit checking on the root? dovecot-uidlist.lock basically does this. Dovecot comes with maildirlock utility to properly create it. How long would your locks be? They are assumed stale after 2 minutes if you don't update the mtime. Readers will block and if they're still locked after 2 minutes they'll abort (if mtime has been changed). There's also mail_max_lock_timeout setting that changes this wait (you could e.g. lower it only with lmtp). From bra at fsn.hu Thu Sep 15 11:25:43 2011 From: bra at fsn.hu (Attila Nagy) Date: Thu, 15 Sep 2011 10:25:43 +0200 Subject: [Dovecot] Maildir "locking" In-Reply-To: <1316074780.12936.5.camel@hurina> References: <4E7090B9.1000103@fsn.hu> <1316074780.12936.5.camel@hurina> Message-ID: <4E71B687.10005@fsn.hu> On 09/15/11 10:19, Timo Sirainen wrote: > On Wed, 2011-09-14 at 13:32 +0200, Attila Nagy wrote: >> Hello, >> >> I'm looking for the alternative of qmail's chmod -t (sticky bit on the >> maildir root) for Dovecot. What I'm trying to achieve with this lock: >> - Dovecot lmtp should give back a temporary error (so the email will be >> deferred and re-delivered later) >> - all other Dovecot daemons (pop, imap) should work as usual, but should >> not alter maildir contents (they can modify their own files, like >> indexes, logs etc) >> >> What is the best way to do this? If there is no such thing currently, >> would it be hard to implement the sticky bit checking on the root? > dovecot-uidlist.lock basically does this. Dovecot comes with maildirlock > utility to properly create it. How long would your locks be? They are > assumed stale after 2 minutes if you don't update the mtime. Readers > will block and if they're still locked after 2 minutes they'll abort (if > mtime has been changed). There's also mail_max_lock_timeout setting that > changes this wait (you could e.g. lower it only with lmtp). > Well, basically "forever" in the sense that I would like to move the mailbox to a different machine, so if lmtp waits for the lock to disappear and that happens when the mailbox is deleted, and it will do the delivery, it's a bad thing. Before Dovecot, we've had the following process of mailbox moving: - set the sticky bit on the maildir, so qmail won't deliver into it (will give back 4XX) - start to sync/copy the mailbox to the other machine - if it's over, remove the directory on the source machine So what I'm looking for is a lock method, which makes the mailbox read only, so every modification should "soft" fail (no 500 errors on lmtp). What would be the best for this (moving mailboxes between machines)? BTW, the process can be time consuming, even tens of minutes (lots of mails). From tss at iki.fi Thu Sep 15 11:39:22 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 15 Sep 2011 11:39:22 +0300 Subject: [Dovecot] Maildir "locking" In-Reply-To: <4E71B687.10005@fsn.hu> References: <4E7090B9.1000103@fsn.hu> <1316074780.12936.5.camel@hurina> <4E71B687.10005@fsn.hu> Message-ID: <1316075963.12936.14.camel@hurina> On Thu, 2011-09-15 at 10:25 +0200, Attila Nagy wrote: > >> What is the best way to do this? If there is no such thing currently, > >> would it be hard to implement the sticky bit checking on the root? > > dovecot-uidlist.lock basically does this. Dovecot comes with maildirlock > > utility to properly create it. How long would your locks be? They are > > assumed stale after 2 minutes if you don't update the mtime. Readers > > will block and if they're still locked after 2 minutes they'll abort (if > > mtime has been changed). There's also mail_max_lock_timeout setting that > > changes this wait (you could e.g. lower it only with lmtp). > > > Well, basically "forever" in the sense that I would like to move the > mailbox to a different machine, So you have a proxy that decides what backend server the connections are redirected to? How about you do it completely without locking with dsync? Moving between servers works basically the same as converting a mailbox format, with the difference of "changing mail_location" you "change backend server". http://wiki2.dovecot.org/Tools/Dsync#example_converting From tss at iki.fi Thu Sep 15 11:58:53 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 15 Sep 2011 11:58:53 +0300 Subject: [Dovecot] movming mail out of alt storage In-Reply-To: <87sjnya3z5.fsf@algae.riseup.net> References: <87sjnya3z5.fsf@algae.riseup.net> Message-ID: <1316077133.12936.18.camel@hurina> On Wed, 2011-09-14 at 23:17 -0400, Micah Anderson wrote: > I moved some mail into the alt storage: > > doveadm altmove -u johnd at example.com seen savedbefore 1w > > and now I want to move it back to the regular INBOX, but I can't see how > I can do that with either 'altmove' or 'mailbox move'. Is this sdbox or mdbox? With sdbox you could simply "mv" the files. Or apply patch: http://hg.dovecot.org/dovecot-2.0/rev/1910c76a6cc9 From stephan at rename-it.nl Thu Sep 15 12:29:23 2011 From: stephan at rename-it.nl (Stephan Bosch) Date: Thu, 15 Sep 2011 11:29:23 +0200 Subject: [Dovecot] Sieve envelope :detail "to" "extention" does not deliver to fileinto destination In-Reply-To: <20110912171448.GB320@none.at> References: <20110912171448.GB320@none.at> Message-ID: <4E71C573.2040407@rename-it.nl> Op 12-9-2011 19:14, Aleksandar Lazic schreef: > Is there a 'log' or 'print' command in the sieve filter or how can I > write a message to the log file? With the latest Pigeonhole (0.2.4), you can use the vnd.dovecot.debug extension (which is not available by default and therefore needs to be added to sieve_extensions), e.g. === require "vnd.dovecot.debug"; require "envelope"; require "variables"; if envelope :matches "to" "*" { debug_log "envelope to `${1}'"; } === A message should be logged to the user's personal log file (typically ~/.dovecot.sieve.log), e.g: === sieve: info: started log at Sep 15 11:27:26. main_script: line 6: info: DEBUG: envelope to = `user at example.com'. info: msgid=3453453534r42 at example.com: stored mail into mailbox 'INBOX'. === Regards, Stephan. From tss at iki.fi Thu Sep 15 12:34:33 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 15 Sep 2011 12:34:33 +0300 Subject: [Dovecot] LDA panics without sieve script In-Reply-To: <20110914212225.20430xx3alpgxomo@webmail.hrz.uni-giessen.de> References: <20110914212225.20430xx3alpgxomo@webmail.hrz.uni-giessen.de> Message-ID: <1316079275.12936.21.camel@hurina> On Wed, 2011-09-14 at 21:22 +0200, J?rgen Obermann wrote: > The dovecot lda panics with "Trying to sync mailbox INBOX with open > transactions" if a user has no sieve script defined. Debugging shows: Fixed: http://hg.dovecot.org/dovecot-2.0/rev/0264ac68c770 From bra at fsn.hu Thu Sep 15 12:37:12 2011 From: bra at fsn.hu (Attila Nagy) Date: Thu, 15 Sep 2011 11:37:12 +0200 Subject: [Dovecot] Maildir "locking" In-Reply-To: <1316075963.12936.14.camel@hurina> References: <4E7090B9.1000103@fsn.hu> <1316074780.12936.5.camel@hurina> <4E71B687.10005@fsn.hu> <1316075963.12936.14.camel@hurina> Message-ID: <4E71C748.1080004@fsn.hu> On 09/15/11 10:39, Timo Sirainen wrote: > On Thu, 2011-09-15 at 10:25 +0200, Attila Nagy wrote: >>>> What is the best way to do this? If there is no such thing currently, >>>> would it be hard to implement the sticky bit checking on the root? >>> dovecot-uidlist.lock basically does this. Dovecot comes with maildirlock >>> utility to properly create it. How long would your locks be? They are >>> assumed stale after 2 minutes if you don't update the mtime. Readers >>> will block and if they're still locked after 2 minutes they'll abort (if >>> mtime has been changed). There's also mail_max_lock_timeout setting that >>> changes this wait (you could e.g. lower it only with lmtp). >>> >> Well, basically "forever" in the sense that I would like to move the >> mailbox to a different machine, > So you have a proxy that decides what backend server the connections are > redirected to? How about you do it completely without locking with > dsync? Moving between servers works basically the same as converting a > mailbox format, with the difference of "changing mail_location" you > "change backend server". > http://wiki2.dovecot.org/Tools/Dsync#example_converting > Yes, there is a proxy in front of the servers. Is dsync usable with 3rd party maildir programs? (not only Dovecot uses these mailboxes) From tss at iki.fi Thu Sep 15 12:43:56 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 15 Sep 2011 12:43:56 +0300 Subject: [Dovecot] Maildir "locking" In-Reply-To: <4E71C748.1080004@fsn.hu> References: <4E7090B9.1000103@fsn.hu> <1316074780.12936.5.camel@hurina> <4E71B687.10005@fsn.hu> <1316075963.12936.14.camel@hurina> <4E71C748.1080004@fsn.hu> Message-ID: <1316079836.12936.26.camel@hurina> On Thu, 2011-09-15 at 11:37 +0200, Attila Nagy wrote: > > So you have a proxy that decides what backend server the connections are > > redirected to? How about you do it completely without locking with > > dsync? Moving between servers works basically the same as converting a > > mailbox format, with the difference of "changing mail_location" you > > "change backend server". > > http://wiki2.dovecot.org/Tools/Dsync#example_converting > > > Yes, there is a proxy in front of the servers. Is dsync usable with 3rd > party maildir programs? (not only Dovecot uses these mailboxes) The problems with 3rd party maildir programs come if during the move they: - Expunge last message(s) from mailbox. (dsync can't know if it should add or expunge them, so it plays it safe and adds them back) - Delete a mailbox. (dsync can't know if it should add or delete it, so again it just adds it back.) - Remove subscriptions. (again pretty much the same reason.) It's probably quite unlikely that they do any of this during the move. You could even reduce the window by doing: 1. dsync backup 2. dsync backup 3. switch to new server 4. kill all existing connections 5. dsync mirror The 3-5 steps probably take only a few seconds. The "dsync backup" then guarantees that the destination server will look exactly like the source server. ("dsync mirror" is used in step 5, because between steps 3-4 either server can get changes.) From bra at fsn.hu Thu Sep 15 12:46:42 2011 From: bra at fsn.hu (Attila Nagy) Date: Thu, 15 Sep 2011 11:46:42 +0200 Subject: [Dovecot] Maildir "locking" In-Reply-To: <1316079836.12936.26.camel@hurina> References: <4E7090B9.1000103@fsn.hu> <1316074780.12936.5.camel@hurina> <4E71B687.10005@fsn.hu> <1316075963.12936.14.camel@hurina> <4E71C748.1080004@fsn.hu> <1316079836.12936.26.camel@hurina> Message-ID: <4E71C982.8080503@fsn.hu> On 09/15/11 11:43, Timo Sirainen wrote: > On Thu, 2011-09-15 at 11:37 +0200, Attila Nagy wrote: >>> So you have a proxy that decides what backend server the connections are >>> redirected to? How about you do it completely without locking with >>> dsync? Moving between servers works basically the same as converting a >>> mailbox format, with the difference of "changing mail_location" you >>> "change backend server". >>> http://wiki2.dovecot.org/Tools/Dsync#example_converting >>> >> Yes, there is a proxy in front of the servers. Is dsync usable with 3rd >> party maildir programs? (not only Dovecot uses these mailboxes) > The problems with 3rd party maildir programs come if during the move > they: > > - Expunge last message(s) from mailbox. (dsync can't know if it should > add or expunge them, so it plays it safe and adds them back) > > - Delete a mailbox. (dsync can't know if it should add or delete it, so > again it just adds it back.) > > - Remove subscriptions. (again pretty much the same reason.) > > It's probably quite unlikely that they do any of this during the move. > You could even reduce the window by doing: > > 1. dsync backup > 2. dsync backup > 3. switch to new server > 4. kill all existing connections > 5. dsync mirror > > The 3-5 steps probably take only a few seconds. The "dsync backup" then > guarantees that the destination server will look exactly like the source > server. ("dsync mirror" is used in step 5, because between steps 3-4 > either server can get changes.) > OK, thanks for the info, I will try it out. From Juergen.Obermann at hrz.uni-giessen.de Thu Sep 15 12:58:31 2011 From: Juergen.Obermann at hrz.uni-giessen.de (g033) Date: Thu, 15 Sep 2011 11:58:31 +0200 Subject: [Dovecot] LDA panics without sieve script In-Reply-To: <1316079275.12936.21.camel@hurina> References: <20110914212225.20430xx3alpgxomo@webmail.hrz.uni-giessen.de> <1316079275.12936.21.camel@hurina> Message-ID: <52d414697945a8554a6e4a598950d126@imapproxy.hrz> On Thu, 15 Sep 2011 12:34:33 +0300, Timo Sirainen wrote: > On Wed, 2011-09-14 at 21:22 +0200, J?rgen Obermann wrote: > >> The dovecot lda panics with "Trying to sync mailbox INBOX with open >> transactions" if a user has no sieve script defined. Debugging >> shows: > > Fixed: http://hg.dovecot.org/dovecot-2.0/rev/0264ac68c770 [1] Thank you, with this fix lda works now! J?rgen Obermann From Lutz.Pressler at SerNet.DE Thu Sep 15 13:46:41 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Thu, 15 Sep 2011 12:46:41 +0200 Subject: [Dovecot] sharing of non-INBOX namespaces? Re: imapc and imap_acl In-Reply-To: <20110913164631.GA1874905@gabi.sernet.de> References: <57674CC7-1F64-4131-98C6-45CF8B54F23B@iki.fi> <20110913164631.GA1874905@gabi.sernet.de> Message-ID: Hi, On Tue, 13 Sep 2011, Lutz Pre?ler wrote: > On Di, 13 Sep 2011, Timo Sirainen wrote: > > You mean you'd want local ACLs that apply to imapc mailboxes? > Yes, exactly. Great for "integrating" legacy IMAP servers without e.g. > ACL support. > > I think that should work. For example if you set: > > > > mail_location = imapc:~/imapc > Oh, had not realized that a path argument is possible for imapc:. There are > even index file then... > > > > Then for mailbox foo/bar the ACL file should be in ~/imapc/.foo.bar/dovecot-acl > It almost works: > Sep 13 18:37:58 hhh dovecot: imap(4482, uuu): Error: file_dotlock_open(/home/uuu/Maildir/gmail/.[Gmail].Alle Nachrichten > /dovecot-acl) failed: No such file or directory > After manually creating the ".[Gmail].Alle Nachrichten" directory, SETACL > succeeds. Ok, I thought I tested accessing the mailbox afterwards, too - but I probably had not. I have a more general problem now: shared mailboxes from any "non-INBOX" namespace are not available to other users. That's not only with virtual or imapc namespaces, but also tested with two Maildir ones: namespace personal { inbox = yes location = maildir:~/Maildir prefix = INBOX. type = private } namespace second { inbox = no location = maildir:~/Maildir2 prefix = INBOX.second. type = private } namespace others { type = shared separator = . prefix = INBOX.shared.%%u. location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u #location = maildir:/home/%%n/Maildir:INDEX=~/Maildir/shared/%%u subscriptions = no list = children } [...] I can as user1 SETACL INBOX.second.box ~user1/Maildir2/dovecot-acl-list contains "1316082286 box" ~user1/Maildir2/.box/dovecot-acl contains "user=testuser lrs" (as does ~user1/Maildir/.in2007/dovecot-acl) The shared mailboxes dict contains shared/shared-boxes/user/testuser/user1 1 But - as testuser - 0 list "" "*" * LIST (\HasChildren) "." "INBOX" * LIST (\HasNoChildren) "." "INBOX.test" * LIST (\HasNoChildren) "." "INBOX.second" * LIST (\Noselect \HasChildren) "." "INBOX.shared.user1" * LIST (\HasNoChildren) "." "INBOX.virtual" * LIST (\HasNoChildren) "." "INBOX.shared.user1.in2007" 0 OK List completed. INBOX.shared.user1.second.box is missing. Also 0 select INBOX.shared.user1.second.box * OK [CLOSED] Previous mailbox closed. 0 NO Mailbox doesn't exist: second.box Log shows then: Sep 15 12:39:48 host dovecot: imap(8796, testuser): Debug: acl vfile: file /etc/dovecot/global-acls/INBOX.shared.user1.second.box not found Sep 15 12:39:48 host dovecot: imap(8796, testuser): Debug: acl vfile: file /home/user1/Maildir/.second.box/dovecot-acl not found ... not searching for the acl file correctly. Thought I tested this with earlier (2.0) versions. Changed group set up inbetween, but this does not seem relevant. Regards, Lutz From tss at iki.fi Thu Sep 15 13:53:28 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 15 Sep 2011 13:53:28 +0300 Subject: [Dovecot] mysql auth failover failing In-Reply-To: <4E6ACC6C.6020200@acm.org> References: <4E6ACC6C.6020200@acm.org> Message-ID: <1316084011.12936.31.camel@hurina> On Fri, 2011-09-09 at 19:33 -0700, Paul B. Henson wrote: > Sep 9 15:47:34 tweak dovecot: auth: Error: > mysql(mysql-1.unx.csupomona.edu): Connect failed to database (idmgmt): > Can't connect to MySQL server on 'mysql-1.unx.csupomona.edu' (111) - > waiting for 1 seconds before retry I did several fixes related to this in v2.0 hg. > And postfix starts to fail authentications: > > Sep 9 15:47:35 tweak postfix/smtpd[5119]: warning: > bender.iitsys.csupomona.edu[134.71.250.134]: SASL DIGEST-MD5 > authentication failed: Connection lost to authentication server The reason why it kept failing with Postfix was because Dovecot had 10 second timeout for SQL connecting, and Postfix had 10 second timeout before failing authentication. So Postfix never waited long enough for Dovecot to attempt a second connection to the second MySQL server. I dropped Dovecot's SQL connect timeout to 5 seconds. > Now and again the authentication process dies: > > Sep 9 15:47:39 tweak dovecot: auth: Panic: file auth-request-handler.c: > line 697 (auth_request_handler_flush_failures): assertion failed: > (auth_request->state == AUTH_REQUEST_STATE_FINISHED) This happened only with non-plaintext authentication (e.g. DIGEST-MD5). Fixed also. From tss at iki.fi Thu Sep 15 14:12:18 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 15 Sep 2011 14:12:18 +0300 Subject: [Dovecot] sharing of non-INBOX namespaces? Re: imapc and imap_acl In-Reply-To: References: <57674CC7-1F64-4131-98C6-45CF8B54F23B@iki.fi> <20110913164631.GA1874905@gabi.sernet.de> Message-ID: <1316085138.12936.39.camel@hurina> On Thu, 2011-09-15 at 12:46 +0200, Lutz Pre?ler wrote: > I have a more general problem now: shared mailboxes from any "non-INBOX" > namespace are not available to other users. That's not only with virtual or > imapc namespaces, but also tested with two Maildir ones: > namespace others { > type = shared > separator = . > prefix = INBOX.shared.%%u. > location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u Right, because here you have configured a shared namespace for ~/Maildir. If you want to access also ~/Maildir2, you'd need to create a second shared namespace for it. Perhaps in future there could be some kind of automated detection of namespaces and putting them all under a single shared namespace. Configuration could probably be something like: namespace others { type = shared separator = . prefix = INBOX.shared.%%u. location = shared:INBOX.:INDEX=~/Maildir/shared/%%u } The above would then map "INBOX.shared.%%u." namespace to other user's "INBOX." namespace and also export any other private namespaces under it. From robert at schetterer.org Thu Sep 15 14:39:14 2011 From: robert at schetterer.org (Robert Schetterer) Date: Thu, 15 Sep 2011 13:39:14 +0200 Subject: [Dovecot] mysql auth failover failing In-Reply-To: <1316084011.12936.31.camel@hurina> References: <4E6ACC6C.6020200@acm.org> <1316084011.12936.31.camel@hurina> Message-ID: <4E71E3E2.1080600@schetterer.org> Am 15.09.2011 12:53, schrieb Timo Sirainen: > On Fri, 2011-09-09 at 19:33 -0700, Paul B. Henson wrote: > >> Sep 9 15:47:34 tweak dovecot: auth: Error: >> mysql(mysql-1.unx.csupomona.edu): Connect failed to database (idmgmt): >> Can't connect to MySQL server on 'mysql-1.unx.csupomona.edu' (111) - >> waiting for 1 seconds before retry > > I did several fixes related to this in v2.0 hg. > >> And postfix starts to fail authentications: >> >> Sep 9 15:47:35 tweak postfix/smtpd[5119]: warning: >> bender.iitsys.csupomona.edu[134.71.250.134]: SASL DIGEST-MD5 >> authentication failed: Connection lost to authentication server > > The reason why it kept failing with Postfix was because Dovecot had 10 > second timeout for SQL connecting, and Postfix had 10 second timeout > before failing authentication. So Postfix never waited long enough for > Dovecot to attempt a second connection to the second MySQL server. I > dropped Dovecot's SQL connect timeout to 5 seconds. > >> Now and again the authentication process dies: >> >> Sep 9 15:47:39 tweak dovecot: auth: Panic: file auth-request-handler.c: >> line 697 (auth_request_handler_flush_failures): assertion failed: >> (auth_request->state == AUTH_REQUEST_STATE_FINISHED) > > This happened only with non-plaintext authentication (e.g. DIGEST-MD5). > Fixed also. > Hi Timo, silly question is there really a native failover mysql in dovecot ? cant remember this , i only remember this as part of dovecot proxiing -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria From Lutz.Pressler at SerNet.DE Thu Sep 15 14:41:43 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Thu, 15 Sep 2011 13:41:43 +0200 Subject: [Dovecot] sharing of non-INBOX namespaces? Re: imapc and imap_acl In-Reply-To: <1316085138.12936.39.camel@hurina> References: <57674CC7-1F64-4131-98C6-45CF8B54F23B@iki.fi> <20110913164631.GA1874905@gabi.sernet.de> <1316085138.12936.39.camel@hurina> Message-ID: On Do, 15 Sep 2011, Timo Sirainen wrote: > On Thu, 2011-09-15 at 12:46 +0200, Lutz Pre?ler wrote: > > I have a more general problem now: shared mailboxes from any "non-INBOX" > > namespace are not available to other users. That's not only with virtual or > > imapc namespaces, but also tested with two Maildir ones: > > > namespace others { > > type = shared > > separator = . > > prefix = INBOX.shared.%%u. > > location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u > > Right, because here you have configured a shared namespace for > ~/Maildir. Uh, oh... of course. Stupid to expect it to work as your proposal for future extension already... but that would be the most flexible way, please implement :-). > If you want to access also ~/Maildir2, you'd need to create a > second shared namespace for it. Maybe I mess something up the second time today - but I cannot get it to work: namespace others { type = shared separator = . prefix = INBOX.shared.%%u. location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u subscriptions = no list = children } namespace otherssecond { type = shared separator = . prefix = INBOX.shared2.%%u. location = maildir:%%h/Maildir2:INDEX=~/Maildir/shared2/%%u subscriptions = no list = children } As testuser: 0 select INBOX.shared2.user1.box 0 NO Mailbox doesn't exist: shared2.user1.box with log: Sep 15 13:28:51 host dovecot: imap(17320, testuser): Debug: acl vfile: file /etc/dovecot/global-acls/INBOX.shared2.user1.box not found Sep 15 13:28:51 host dovecot: imap(17320, testuser): Debug: acl vfile: file /home/testuser/Maildir/.shared2.user1.box/dovecot-acl not found like the otherssecond namespace beeing ignored (yes, I've restarted dovecot). First I tried in otherssecond prefix = INBOX.shared.%%u.second. location = maildir:%%h/Maildir2:INDEX=~/Maildir/shared/%%u/second - don't know if this is even supposed to work, but both variants do not. Lutz From tss at iki.fi Thu Sep 15 14:43:04 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 15 Sep 2011 14:43:04 +0300 Subject: [Dovecot] mysql auth failover failing In-Reply-To: <4E71E3E2.1080600@schetterer.org> References: <4E6ACC6C.6020200@acm.org> <1316084011.12936.31.camel@hurina> <4E71E3E2.1080600@schetterer.org> Message-ID: <1316086984.12936.49.camel@hurina> On Thu, 2011-09-15 at 13:39 +0200, Robert Schetterer wrote: > > is there really a native failover mysql in dovecot ? > cant remember this , i only remember this as part of dovecot proxiing For SQL authentication it can use multiple SQL server hosts (with both MySQL and PostgreSQL) and do HA/load balancing. From tss at iki.fi Thu Sep 15 14:45:01 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 15 Sep 2011 14:45:01 +0300 Subject: [Dovecot] multiple "imapc namespaces" Re: imapc and imap_acl In-Reply-To: References: <57674CC7-1F64-4131-98C6-45CF8B54F23B@iki.fi> <20110913164631.GA1874905@gabi.sernet.de> Message-ID: <1316087101.12936.51.camel@hurina> On Tue, 2011-09-13 at 18:58 +0200, Lutz Pre?ler wrote: > On Tue, 13 Sep 2011, Lutz Pre?ler wrote: > > On Di, 13 Sep 2011, Timo Sirainen wrote: > > > mail_location = imapc:~/imapc > > Oh, had not realized that a path argument is possible for imapc:. There are > > even index file then... > What about taking imapc parameters/credentials optionally from > a file in this directory (like dovecot-virtual)? Hmm. I'd rather not implement something that gets obsolete later. If there were per-namespace imapc_ settings, this (and other things) could be implemented by having per-user configuration files. From tss at iki.fi Thu Sep 15 14:50:08 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 15 Sep 2011 14:50:08 +0300 Subject: [Dovecot] Warning: Subscriptions file .. Removing invalid entry: In-Reply-To: <20110914071252.GA13849@oc1046828364.ibm.com> References: <20110914071252.GA13849@oc1046828364.ibm.com> Message-ID: <1316087409.12936.55.camel@hurina> On Wed, 2011-09-14 at 09:12 +0200, Jan-Frode Myklebust wrote: > One of our dovecot-servers (v2.0.14) got a bit too busy last evening: > > Sep 13 20:39:18 popimap1 dovecot: master: Warning: service(pop3-login): process_limit reached, client connections are being dropped > > then logged a few: > > Sep 13 20:39:20 popimap1 dovecot: pop3(XXXXXXXXX at YYYYY.YY): Warning: I/O leak: 0x3829233d20 (10) > Sep 13 20:39:20 popimap1 dovecot: pop3(XXXXXXXXX at YYYYY.YY): Warning: Timeout leak: 0x3829233ce0 Could you show the output of: gdb /usr/local/libexec/dovecot/pop3 # or whatever path it is in x 0x3829233d20 x 0x3829233ce0 I guess the client isn't being destroyed properly for some reason.. > but what has me a bit worried is these: > > imap(user at xxx.xxx): Warning: Subscriptions file /path/to/user at xxx.xxx/subscriptions: Removing invalid entry: .Sent > imap(user at xxx.xxx): Warning: Subscriptions file /path/to/user at xxx.xxx/subscriptions: Removing invalid entry: .Spam > imap(user at xxx.xxx): Warning: Subscriptions file /path/to/user at xxx.xxx/subscriptions: Removing invalid entry: .Drafts > imap(user at xxx.xxx): Warning: Subscriptions file /path/to/user at xxx.xxx/subscriptions: Removing invalid entry: .Trash These are simply broken subscription entries that have never worked. They're not supposed to begin with a ".". In older Dovecot versions they were shown to clients, but I don't know what clients would have done with such broken entries. I guess some could have shown them "correctly", some could have shown them in a broken way and some could have just ignored them. From robert at schetterer.org Thu Sep 15 15:11:13 2011 From: robert at schetterer.org (Robert Schetterer) Date: Thu, 15 Sep 2011 14:11:13 +0200 Subject: [Dovecot] mysql auth failover failing In-Reply-To: <1316086984.12936.49.camel@hurina> References: <4E6ACC6C.6020200@acm.org> <1316084011.12936.31.camel@hurina> <4E71E3E2.1080600@schetterer.org> <1316086984.12936.49.camel@hurina> Message-ID: <4E71EB61.2090508@schetterer.org> Am 15.09.2011 13:43, schrieb Timo Sirainen: > On Thu, 2011-09-15 at 13:39 +0200, Robert Schetterer wrote: >> >> is there really a native failover mysql in dovecot ? >> cant remember this , i only remember this as part of dovecot proxiing > > For SQL authentication it can use multiple SQL server hosts (with both > MySQL and PostgreSQL) and do HA/load balancing. > > ok, i see, but i have nearly all possible parameters in mysql ( i use a mysql cluster ), thx anyway for answer -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria From janfrode at tanso.net Thu Sep 15 15:11:15 2011 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Thu, 15 Sep 2011 14:11:15 +0200 Subject: [Dovecot] Warning: Subscriptions file .. Removing invalid entry: In-Reply-To: <1316087409.12936.55.camel@hurina> References: <20110914071252.GA13849@oc1046828364.ibm.com> <1316087409.12936.55.camel@hurina> Message-ID: <20110915121115.GA10074@oc1046828364.ibm.com> On Thu, Sep 15, 2011 at 02:50:08PM +0300, Timo Sirainen wrote: > > Sep 13 20:39:20 popimap1 dovecot: pop3(XXXXXXXXX at YYYYY.YY): Warning: I/O leak: 0x3829233d20 (10) > > Sep 13 20:39:20 popimap1 dovecot: pop3(XXXXXXXXX at YYYYY.YY): Warning: Timeout leak: 0x3829233ce0 > > Could you show the output of: > > gdb /usr/local/libexec/dovecot/pop3 # or whatever path it is in > x 0x3829233d20 > x 0x3829233ce0 sorry, but I have no debugging enabled.. % gdb /usr/libexec/dovecot/pop3 Reading symbols from /usr/libexec/dovecot/pop3...(no debugging symbols found)...done. (gdb) x 0x3829233d20 0x3829233d20: Cannot access memory at address 0x3829233d20 (gdb) x 0x3829233ce0 0x3829233ce0: Cannot access memory at address 0x3829233ce0 (gdb) quit > > imap(user at xxx.xxx): Warning: Subscriptions file /path/to/user at xxx.xxx/subscriptions: Removing invalid entry: .Drafts > > imap(user at xxx.xxx): Warning: Subscriptions file /path/to/user at xxx.xxx/subscriptions: Removing invalid entry: .Trash > > These are simply broken subscription entries that have never worked. > They're not supposed to begin with a ".". In older Dovecot versions they > were shown to clients, but I don't know what clients would have done > with such broken entries. I guess some could have shown them > "correctly", some could have shown them in a broken way and some could > have just ignored them. Ok, thanks for the explanation. -jf From tom at elysium.ltd.uk Thu Sep 15 16:40:34 2011 From: tom at elysium.ltd.uk (Tom Clark) Date: Thu, 15 Sep 2011 14:40:34 +0100 Subject: [Dovecot] Shared folder not listing Message-ID: <005501cc73ad$0bc3cea0$234b6be0$@elysium.ltd.uk> Hi Timo, I've got a weird problem on our dovecot. We're trying to setup private shared folder access. I have 2 users. tom at mailbox.com and system at mailbox.com. I have set the ACL's on all the folders (and subfolders) on system at mailbox.com. However, I'm not getting any of them listed when I check tom at mailbox.com 's IMAP folders. Our configuration is below (we're migrating from Courier hence the INBOX.): In 10-mail.conf: namespace { type = private prefix = INBOX. separator = . inbox = yes list = yes hidden = yes } namespace { type = shared separator = . prefix = INBOX.Shared.%%u location = maildir:%%h/Maildir:INDEX=~/Maildir/Shared/%%u subscriptions = no list = children } mail_plugins = acl protocol imap { mail_plugins = $mail_plugins imap_acl } In 90-acl.conf: plugin { #acl = vfile:/etc/dovecot/acls:cache_secs=300 acl = vfile } # To let users LIST mailboxes shared by other users, Dovecot needs a # shared mailbox dictionary. For example: plugin { acl_shared_dict = file:/var/vpopmail/domains/%d/shared-mailboxes } Have I missed anthing!?!? Thanks in advance! Tom From CMarcus at Media-Brokers.com Thu Sep 15 17:23:10 2011 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Thu, 15 Sep 2011 10:23:10 -0400 Subject: [Dovecot] Shared folder not listing In-Reply-To: <005501cc73ad$0bc3cea0$234b6be0$@elysium.ltd.uk> References: <005501cc73ad$0bc3cea0$234b6be0$@elysium.ltd.uk> Message-ID: <4E720A4E.5050303@Media-Brokers.com> On 2011-09-15 9:40 AM, Tom Clark wrote: > Have I missed anthing!?!? Only to please not copy/paste from your config files, but post output of doveconf -n. This ensures that your settings really are what you think they are. -- Best regards, Charles From tom at elysium.ltd.uk Thu Sep 15 17:39:52 2011 From: tom at elysium.ltd.uk (Tom Clark) Date: Thu, 15 Sep 2011 15:39:52 +0100 Subject: [Dovecot] Shared folder not listing In-Reply-To: <4E720A4E.5050303@Media-Brokers.com> References: <005501cc73ad$0bc3cea0$234b6be0$@elysium.ltd.uk> <4E720A4E.5050303@Media-Brokers.com> Message-ID: <00a401cc73b5$543c6220$fcb52660$@elysium.ltd.uk> Fair enough. Here is output from doveconf -n # 2.0.13: /etc/dovecot/dovecot.conf # OS: Linux 2.6.35.6-45.fc14.x86_64 x86_64 Fedora release 14 (Laughlin) auth_debug_passwords = yes auth_verbose = yes auth_verbose_passwords = plain base_dir = /var/run/dovecot/ disable_plaintext_auth = no first_valid_uid = 1 login_greeting = Ready mail_debug = yes mail_location = maildir:~/Maildir mail_plugins = acl managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date mbox_write_locks = fcntl namespace { hidden = yes inbox = yes list = yes location = prefix = INBOX. separator = . type = private } namespace { list = children location = maildir:/var/vpopmail/domains/%d/%%n/Maildir:INDEX=~/Maildir/Shared/%d/%%u prefix = INBOX.Shared.%%u separator = . subscriptions = no type = shared } passdb { driver = vpopmail } plugin { acl = vfile acl_shared_dict = file:/var/vpopmail/domains/%d/shared-mailboxes sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } ssl_cert = wrote: > Have I missed anthing!?!? Only to please not copy/paste from your config files, but post output of doveconf -n. This ensures that your settings really are what you think they are. -- Best regards, Charles From ajb2 at mssl.ucl.ac.uk Thu Sep 15 17:39:52 2011 From: ajb2 at mssl.ucl.ac.uk (Alan Brown) Date: Thu, 15 Sep 2011 15:39:52 +0100 Subject: [Dovecot] dovecot Digest, Vol 101, Issue 26 In-Reply-To: References: Message-ID: <4E720E38.7040109@mssl.ucl.ac.uk> > From: Timo Sirainen > Subject: Re: [Dovecot] general advice sought > Message-ID: <1315830847.7326.48.camel at hurina> > Content-Type: text/plain; charset="ISO-8859-15" > > On Mon, 2011-09-12 at 13:11 +0100, Alan Brown wrote: >> I'd like to hear the thoughts of list members on which type of storage >> method seems "best" for inboxes and for folders. >> >> The filesystem is GFS2 and for various reasons I can't change it. > .. >> If I migrate to other formats (eg mdbox), then it needs to be able to be >> done on the fly. (Taking the mailservers down for a day won't go down >> well, even an hour raises howls). > > Have you had any trouble with Dovecot's index files in your current > setup? Any errors at all? Zero. The issues which have arisen are: 1: Really slow access to messages in large folders (GFS2 issue) 2: Users trashing their inbox then demanding we drop everything to restore "all my important mail" > If not, I'd think mdbox will work fine. You > can do it incrementally per-user (and you really should try it first > with only a few users). http://wiki2.dovecot.org/Tools/Dsync explains > how to do it on the fly. I thought so too, just wanted to hear opinions on doing it vs other approaches. :) From Lutz.Pressler at SerNet.DE Thu Sep 15 18:15:18 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Thu, 15 Sep 2011 17:15:18 +0200 Subject: [Dovecot] unexpected LSUB / LIST (SUBSCRIBED) output Re: Panic: file mailbox-list-subscriptions.c: line 66 (mailbox_list_subscription_fill_one): assertion failed: (ns!= NULL && (ns->flags & NAMESPACE_FLAG_AUTOCREATED) != 0) In-Reply-To: <1316078544.12936.20.camel@hurina> References: <1316078544.12936.20.camel@hurina> Message-ID: On Thu, 15 Sep 2011, Timo Sirainen wrote: > On Wed, 2011-09-14 at 12:10 +0200, Lutz Pre?ler wrote: > > imap(2717, testuser): Panic: file mailbox-list-subscriptions.c: line > > 66 (mailbox_list_subscription_fill_one): assertion failed: (ns!= NULL > > && (ns->flags & NAMESPACE_FLAG_AUTOCREATED) != 0) > > > Fixed: http://hg.dovecot.org/dovecot-2.1/rev/309a707c22c0 No assertion anymore. 0 login testuser password [...] 0 list "" "*" * LIST (\HasChildren) "." "INBOX" * LIST (\HasNoChildren) "." "INBOX.test" * LIST (\Noselect \HasChildren) "." "INBOX.shared.user1" * LIST (\HasNoChildren) "." "INBOX.virtual" * LIST (\HasNoChildren) "." "INBOX.shared.user1.in2007" 0 OK List completed. 0 lsub "" "*" * LSUB (\Noselect) "." "INBOX.shared.user1" 0 OK Lsub completed. 0 list (subscribed) "" "*" * LIST (\NonExistent) "." "INBOX.shared.user1" 0 OK List completed. >>> ~testuser/Maildir/subscription is empty here 0 subscribe INBOX.shared.user1.in2007 0 OK Subscribe completed. 0 lsub "" "*" * LSUB (\Noselect) "." "INBOX.shared.user1" * LSUB () "." "INBOX.shared.user1.in2007" 0 OK Lsub completed. 0 list (subscribed) "" "*" * LIST (\NonExistent) "." "INBOX.shared.user1" * LIST (\Subscribed) "." "INBOX.shared.user1.in2007" 0 OK List completed. >>> ~testuser/Maildir/subscription now contains "shared.user1.in2007" Is this "INBOX.shared.user1" LSUB/LIST output correct? Lutz From tom at elysium.ltd.uk Thu Sep 15 18:23:30 2011 From: tom at elysium.ltd.uk (Tom Clark) Date: Thu, 15 Sep 2011 16:23:30 +0100 Subject: [Dovecot] Shared folder not listing In-Reply-To: <00a401cc73b5$543c6220$fcb52660$@elysium.ltd.uk> References: <005501cc73ad$0bc3cea0$234b6be0$@elysium.ltd.uk> <4E720A4E.5050303@Media-Brokers.com> <00a401cc73b5$543c6220$fcb52660$@elysium.ltd.uk> Message-ID: <011201cc73bb$6d0626a0$471273e0$@elysium.ltd.uk> I have managed to sort this out myself. Initially I was missing the ending "." from the prefix. I also noted that %%d wasn't returning the domain correctly (mailbox instead of mailbox.com). I changed to using %d which worked fine (as I'm not sharing folders outside the domain). I'm not sure if this is a bug and whether it would have been fixed in a later version of Dovecot. Tom -----Original Message----- From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On Behalf Of Tom Clark Sent: 15 September 2011 3:40 PM To: 'Dovecot Mailing List' Subject: Re: [Dovecot] Shared folder not listing Fair enough. Here is output from doveconf -n # 2.0.13: /etc/dovecot/dovecot.conf # OS: Linux 2.6.35.6-45.fc14.x86_64 x86_64 Fedora release 14 (Laughlin) auth_debug_passwords = yes auth_verbose = yes auth_verbose_passwords = plain base_dir = /var/run/dovecot/ disable_plaintext_auth = no first_valid_uid = 1 login_greeting = Ready mail_debug = yes mail_location = maildir:~/Maildir mail_plugins = acl managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date mbox_write_locks = fcntl namespace { hidden = yes inbox = yes list = yes location = prefix = INBOX. separator = . type = private } namespace { list = children location = maildir:/var/vpopmail/domains/%d/%%n/Maildir:INDEX=~/Maildir/Shared/%d/%%u prefix = INBOX.Shared.%%u separator = . subscriptions = no type = shared } passdb { driver = vpopmail } plugin { acl = vfile acl_shared_dict = file:/var/vpopmail/domains/%d/shared-mailboxes sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } ssl_cert = wrote: > Have I missed anthing!?!? Only to please not copy/paste from your config files, but post output of doveconf -n. This ensures that your settings really are what you think they are. -- Best regards, Charles From micah at riseup.net Thu Sep 15 20:14:39 2011 From: micah at riseup.net (Micah Anderson) Date: Thu, 15 Sep 2011 13:14:39 -0400 Subject: [Dovecot] moving mail out of alt storage References: <87sjnya3z5.fsf@algae.riseup.net> <1316077133.12936.18.camel@hurina> Message-ID: <87obylafsw.fsf_-_@algae.riseup.net> Timo Sirainen writes: > On Wed, 2011-09-14 at 23:17 -0400, Micah Anderson wrote: >> I moved some mail into the alt storage: >> >> doveadm altmove -u johnd at example.com seen savedbefore 1w >> >> and now I want to move it back to the regular INBOX, but I can't see how >> I can do that with either 'altmove' or 'mailbox move'. > > Is this sdbox or mdbox? With sdbox you could simply "mv" the files. Or > apply patch: http://hg.dovecot.org/dovecot-2.0/rev/1910c76a6cc9 This is mdbox, which is why I am not sure how to operate because I am used to individual files as is with maildir. micah From al-dovecot at none.at Thu Sep 15 22:13:32 2011 From: al-dovecot at none.at (Aleksandar Lazic) Date: Thu, 15 Sep 2011 21:13:32 +0200 Subject: [Dovecot] Sieve envelope :detail "to" "extention" does not deliver to fileinto destination In-Reply-To: <4E71C573.2040407@rename-it.nl> References: <20110912171448.GB320@none.at> <4E71C573.2040407@rename-it.nl> Message-ID: <20110915191332.GA29568@none.at> Dear Stephan, On Don 15.09.2011 11:29, Stephan Bosch wrote: >Op 12-9-2011 19:14, Aleksandar Lazic schreef: >>Is there a 'log' or 'print' command in the sieve filter or how can I >>write a message to the log file? > >With the latest Pigeonhole (0.2.4), you can use the vnd.dovecot.debug >extension (which is not available by default and therefore needs to be >added to sieve_extensions), e.g. > >=== >require "vnd.dovecot.debug"; >require "envelope"; >require "variables"; > >if envelope :matches "to" "*" { debug_log "envelope to `${1}'"; } >=== [snipp] Thank you. debug_log "envelope to `${1}'"; debug_log "envelope to detail `${detail}'"; <= is this a default variable? I get === sieve: info: started log at Sep 15 21:07:07. lists.sieve: line 15: info: DEBUG: envelope to `al-pdnsusers at none.at'. lists.sieve: line 16: info: DEBUG: envelope to detail `'. info: msgid=<20110915190707.256ED9FECC31 at external.none.at>: stored mail into mailbox 'Lists.pdnsusers'. === Is there a possibility to print the :detail from the subaddress module? Maybe like Pseudocode: === set "detail" :detail if :detail not empty === Is there a possibility to dump all variables? Are there any default variables in variables module? What does I make wrong that I haven't the :detail from the subaddress?! BR Aleks From al-dovecot at none.at Thu Sep 15 22:15:24 2011 From: al-dovecot at none.at (Aleksandar Lazic) Date: Thu, 15 Sep 2011 21:15:24 +0200 Subject: [Dovecot] convert maildrop filter to sieve Message-ID: <20110915191524.GB29568@none.at> Dear list member, does anybody have a script which can convert maildrop filter to sive filter? BR Aleks From henson at acm.org Thu Sep 15 23:40:28 2011 From: henson at acm.org (Paul B. Henson) Date: Thu, 15 Sep 2011 13:40:28 -0700 Subject: [Dovecot] mysql auth failover failing In-Reply-To: <1316084011.12936.31.camel@hurina> References: <4E6ACC6C.6020200@acm.org> <1316084011.12936.31.camel@hurina> Message-ID: <4E7262BC.6070709@acm.org> On 9/15/2011 3:53 AM, Timo Sirainen wrote: > I did several fixes related to this in v2.0 hg. Cool, thanks. Any thoughts on when you'll release a new version including them? Looks like the relevant changesets are 0dffdc3bfad1, 3334c12a2b1a, c056bd23fdcc, 11273f581686, 1b829680dce4, 55552b4e8c65, 3955a5b2a917, and 20a901f1de31. I'll suck those down and try to make a patch for the current release version and give it a test. > The reason why it kept failing with Postfix was because Dovecot had 10 > second timeout for SQL connecting, and Postfix had 10 second timeout > before failing authentication. D'oh :). I thought about timeout issues, but there doesn't appear to be any way in dovecot or postfix to change them via the configuration file. -- Paul B. Henson | (909) 979-6361 | http://www.csupomona.edu/~henson/ Operating Systems and Network Analyst | henson at csupomona.edu California State Polytechnic University | Pomona CA 91768 From al-dovecot at none.at Fri Sep 16 01:02:46 2011 From: al-dovecot at none.at (Aleksandar Lazic) Date: Fri, 16 Sep 2011 00:02:46 +0200 Subject: [Dovecot] Detecting duplicate messages with sieve Message-ID: <20110915220246.GA17639@none.at> Dear Listmember, I use http://www.courier-mta.org/reformail.html for "Detecting duplicate messages" ### The -D option implements a simple way to delete duplicate messages in incoming mail. filename is a file that will be approximately 'len' bytes long. This file will be used by reformail to save message IDs seen in recent mail. reformail reads the message on standard input. If the message has a Message-ID: header that's already in the cache file, reformail terminates with the exit code set to 0. Otherwise, reformail terminates with the exit code set to 1. ### ### my entry in mailfilter `reformail -D 8192 $HOME/.msg.cache` if ($RETURNCODE == 0) { /^From: *!.*/ FROM1=${MATCH2} /^Subject: *!.*/ log "$FROM (${FROM1}) => Not Delivered duplicate MSG-ID. Subject ${MATCH2}\n" exit } ### Is there a similar feature in sieve or can I still use the upper setup? Another question is about to add this header line in every mail. xfilter "${REFORMAIL} -a\"Lines: $LINES\"" Thanks for your help. BR Aleks From serarien at baqs.net Fri Sep 16 01:58:30 2011 From: serarien at baqs.net (Pierre) Date: Fri, 16 Sep 2011 00:58:30 +0200 Subject: [Dovecot] dovecot-virtual folder configuration Message-ID: <2a82c4fe9e3aba3c621fe9eb2e530200@mail3.serarien.com> Hi all, Long story short, I'd like to configure a folder containing: INBOX (some other folders) -> unseen emails from these folders + all other emails (also seen) from the same thread -> seen emails from these folders, but only the recent ones + all other emails from the same thread I tried: # inthread refs (or (or recent unseen) recent ) inthread refs unseen # inthread refs (or unseen ( recent seen) ) # inthread refs recent unseen # inthread refs unseen #inthread refs recent (or unseen ) # inthread refs (recent seen (or unseen )) # (inthread refs (or unseen) recent seen) #( inthread refs (or (or recent unseen) flagged) ) without success. Where could I find proper,understandable doc for this? Could anybody help me on configuring such rule(s) ? Thanks a lot in adavance, Pierre From henson at acm.org Fri Sep 16 03:03:25 2011 From: henson at acm.org (Paul B. Henson) Date: Thu, 15 Sep 2011 17:03:25 -0700 Subject: [Dovecot] mysql auth failover failing In-Reply-To: <1316084011.12936.31.camel@hurina> References: <4E6ACC6C.6020200@acm.org> <1316084011.12936.31.camel@hurina> Message-ID: <4E72924D.8090709@acm.org> On 9/15/2011 3:53 AM, Timo Sirainen wrote: > I did several fixes related to this in v2.0 hg. I patched version 2.0.13 with these fixes and tested it out. As far as I can tell, it still doesn't do load balancing. When started, it only connects to the primary server, and as long as that server is available never seems to try and connect to the other one. However, the failover is much better. There are a few failed authentications when the primary server first becomes unavailable (seems to depend on load; under a light load, only a couple fail, the heavier the load, the more fail). After that blip though, authentications work fine. Thanks much for your help resolving this issue, I greatly appreciate it. -- Paul B. Henson | (909) 979-6361 | http://www.csupomona.edu/~henson/ Operating Systems and Network Analyst | henson at csupomona.edu California State Polytechnic University | Pomona CA 91768 From florob at babelmonkeys.de Fri Sep 16 03:47:56 2011 From: florob at babelmonkeys.de (Florian Zeitz) Date: Fri, 16 Sep 2011 02:47:56 +0200 Subject: [Dovecot] [PATCH] SCRAM-SHA-1 authentication Message-ID: <4E729CBC.5080600@babelmonkeys.de> Hy, over the last days I have implemented SCRAM-SHA-1 in Dovecot's 2.1 branch. It does not do SCRAM-SHA-1-PLUS, but should be extendable enough to introduce it later. There are some checks for the message format which (assuming the client acts correclty) are not strictly necessary during parsing. This is partially in the hope that it might aid client implementers, partially because it (IMHO) improves readability when checking against the RFC. Also errors found in this way could be sent to the client, this is however strictly OPTIONAL in the RFC, for now they are just logged. Some of the variable names are rather long. This is in order to have them match the terms introduced in the RFC, again I expect it to help readability (maybe my recent Objective-C programming showing though). I do feel somewhat insecure about my usage of some lib functions. Hopefully no API has been abused too much. I also note that there are a lot of fields in the scram_auth_request struct. I think they are all there for a reason, however feel free to prove me wrong. Attached is a hg export. It also includes a hmac-sha1 implementation, an adaption off of the hmac-md5 implementation already in Dovecot. I guess those should eventually be merged into a hash-independent hmac implementation, but I figured this would have to do for now. The implementation has been tested against GNU SASL and does appear to work fine. (The command line was `gsasl -m SCRAM-SHA-1 -a user -p pass --imap host` for those curious) Regards Florian "Florob" Zeitz -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: scram-sha-1.exp URL: From tss at iki.fi Fri Sep 16 12:21:36 2011 From: tss at iki.fi (Timo Sirainen) Date: Fri, 16 Sep 2011 12:21:36 +0300 Subject: [Dovecot] mysql auth failover failing In-Reply-To: <4E72924D.8090709@acm.org> References: <4E6ACC6C.6020200@acm.org> <1316084011.12936.31.camel@hurina> <4E72924D.8090709@acm.org> Message-ID: <1316164896.12936.57.camel@hurina> On Thu, 2011-09-15 at 17:03 -0700, Paul B. Henson wrote: > > I did several fixes related to this in v2.0 hg. > > I patched version 2.0.13 with these fixes and tested it out. > > As far as I can tell, it still doesn't do load balancing. Oh. http://hg.dovecot.org/dovecot-2.0/rev/327698228158 should finally fix it. :) From amateo at um.es Fri Sep 16 12:51:19 2011 From: amateo at um.es (Angel L. Mateo) Date: Fri, 16 Sep 2011 11:51:19 +0200 Subject: [Dovecot] Deleted mailboxes with lazy_expunge Message-ID: <4E731C17.5090305@um.es> Hello, I'm trying to configure lazy_expunge plugin (as a way to provide easy backup for mails). This is my configuration (as explained in dovecot wiki): # Default namespace namespace { prefix = separator = / inbox = yes } # namespaces for lazy_expunge plugin: namespace { prefix = .EXPUNGED/ separator = / location = maildir:~/Maildir/expunged } namespace { prefix = .DELETED/ separator = / location = maildir:~/Maildir/deleted } namespace { prefix = .DELETED/.EXPUNGED/ separator = / location = maildir:~/Maildir/deleted/expunged lazy_expunge = .EXPUNGED/ .DELETED/ .DELETED/.EXPUNGED/ I use just one namespace because I don't want to differentiate between deleting mails or deleting mailboxes, but I have the same problem using the 3 namespaces. With this configuration, when a user connects, if he doesn't have the expunged folder, dovecot logs: Sep 16 10:53:35 myotis30 dovecot: imap(angel.luis): Debug: Namespace : type=private, prefix=.EXPUNGED/, sep=/, inbox=no, hidden=no, list=yes, subscriptions=yes location=maildir:~/Maildir/expunged Sep 16 10:53:35 myotis30 dovecot: imap(angel.luis): Debug: maildir++: root=/home/alumnos/46/113246/Maildir/expunged, index=, control=, inbox= Sep 16 10:53:35 myotis30 dovecot: imap(angel.luis): Debug: Namespace .EXPUNGED/: Permission lookup failed from /home/alumnos/46/113246/Maildir/expunged Sep 16 10:53:35 myotis30 dovecot: imap(angel.luis): Debug: Namespace .EXPUNGED/: Using permissions from /home/alumnos/46/113246/Maildir/expunged: mode=0700 gid=-1 and the expunged folder is created (without the cur, new neither tmp folders). When I delete a message in the INBOX folder (for example), dovecot logs: Sep 16 10:57:19 myotis30 dovecot: imap(angel.luis): Debug: Namespace .EXPUNGED/: Permission lookup failed from /home/alumnos/46/113246/Maildir/expunged/.INBOX Sep 16 10:57:19 myotis30 dovecot: imap(angel.luis): Debug: Namespace .EXPUNGED/: Using permissions from /home/alumnos/46/113246/Maildir/expunged: mode=0700 gid=-1 Sep 16 10:57:19 myotis30 dovecot: imap(angel.luis): Debug: Namespace .EXPUNGED/: Permission lookup failed from /home/alumnos/46/113246/Maildir/expunged/.INBOX Sep 16 10:57:19 myotis30 dovecot: imap(angel.luis): Debug: Namespace .EXPUNGED/: Using permissions from /home/alumnos/46/113246/Maildir/expunged: mode=0700 gid=-1 and the message is stored in the expunge namespace (that is an imap INBOX folder is created in the namespace, with its cur, new and tmp, and the message is stored). But when I try to delete a whole imap folder (in the example I delete it from trash folder because I use thunderbird and it previously move the folder to trash), dovecot logs: Sep 16 11:45:46 myotis30 dovecot: imap(angel.luis): Debug: Namespace .DELETED/: Using permissions from /home/alumnos/46/113246/Maildir/deleted: mode=0700 gid=-1 Sep 16 11:45:46 myotis30 dovecot: imap(angel.luis): Debug: Namespace .DELETED/: Permission lookup failed from /home/alumnos/46/113246/Maildir/deleted/.Trash.kk-20110916-114546 Sep 16 11:45:46 myotis30 dovecot: imap(angel.luis): Debug: Namespace .DELETED/: Using permissions from /home/alumnos/46/113246/Maildir/deleted: mode=0700 gid=-1 Sep 16 11:45:46 myotis30 dovecot: imap(angel.luis): Debug: Namespace .DELETED/: Permission lookup failed from /home/alumnos/46/113246/Maildir/deleted/.Trash.kk-20110916-114546 Sep 16 11:45:46 myotis30 dovecot: imap(angel.luis): Debug: Namespace .DELETED/: Using permissions from /home/alumnos/46/113246/Maildir/deleted: mode=0700 gid=-1 and my mail client reports the error "[CANNOT] Can't rename mailboxes accross specified storages" and the mail folder isn't created in the DELETED namespace. Any idea? -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n _o) y las Comunicaciones Aplicadas (ATICA) / \\ http://www.um.es/atica _(___V Tfo: 868887590 Fax: 868888337 From tss at iki.fi Fri Sep 16 13:08:08 2011 From: tss at iki.fi (Timo Sirainen) Date: Fri, 16 Sep 2011 13:08:08 +0300 Subject: [Dovecot] Deleted mailboxes with lazy_expunge In-Reply-To: <4E731C17.5090305@um.es> References: <4E731C17.5090305@um.es> Message-ID: <1316167688.12936.61.camel@hurina> On Fri, 2011-09-16 at 11:51 +0200, Angel L. Mateo wrote: > Hello, > > I'm trying to configure lazy_expunge plugin (as a way to provide easy > backup for mails). This is my configuration (as explained in dovecot wiki): dovecot -n output would have been better. What do you use as mail_location? My guess is that you have specified INDEX or CONTROL path there, which isn't currently compatible with this.. > # Default namespace > namespace { > prefix = > separator = / > inbox = yes > } > > # namespaces for lazy_expunge plugin: > namespace { > prefix = .EXPUNGED/ > separator = / > location = maildir:~/Maildir/expunged > } > namespace { > prefix = .DELETED/ > separator = / > location = maildir:~/Maildir/deleted > } > namespace { > prefix = .DELETED/.EXPUNGED/ > separator = / > location = maildir:~/Maildir/deleted/expunged > > > lazy_expunge = .EXPUNGED/ .DELETED/ .DELETED/.EXPUNGED/ > > I use just one namespace because I don't want to differentiate between > deleting mails or deleting mailboxes, but I have the same problem using > the 3 namespaces. In above config you're using 3 namespaces, not 1. This problem shouldn't exist if you use just one namespace. > and my mail client reports the error "[CANNOT] Can't rename mailboxes > accross specified storages" and the mail folder isn't created in the > DELETED namespace. With http://hg.dovecot.org/dovecot-2.0/rev/e57bd3e2ec27 it'll now log the reason why it's not possible. From tss at iki.fi Fri Sep 16 13:18:41 2011 From: tss at iki.fi (Timo Sirainen) Date: Fri, 16 Sep 2011 13:18:41 +0300 Subject: [Dovecot] Shared folder not listing In-Reply-To: <011201cc73bb$6d0626a0$471273e0$@elysium.ltd.uk> References: <005501cc73ad$0bc3cea0$234b6be0$@elysium.ltd.uk> <4E720A4E.5050303@Media-Brokers.com> <00a401cc73b5$543c6220$fcb52660$@elysium.ltd.uk> <011201cc73bb$6d0626a0$471273e0$@elysium.ltd.uk> Message-ID: <1316168321.12936.65.camel@hurina> On Thu, 2011-09-15 at 16:23 +0100, Tom Clark wrote: > I have managed to sort this out myself. Initially I was missing the ending > "." from the prefix. It usually complains if that's missing, but looks like shared namespaces were a special case. Fixed: http://hg.dovecot.org/dovecot-2.0/rev/ea657df52a85 > I also noted that %%d wasn't returning the domain > correctly (mailbox instead of mailbox.com). I changed to using %d which > worked fine (as I'm not sharing folders outside the domain). > > I'm not sure if this is a bug and whether it would have been fixed in a > later version of Dovecot. Where were you using %%d? It's not in any config you posted here. But anyway "." is problematic, because you're also using it as hierarchy separator. I think you're going to run into trouble unless you change the separator. From amateo at um.es Fri Sep 16 13:34:16 2011 From: amateo at um.es (Angel L. Mateo) Date: Fri, 16 Sep 2011 12:34:16 +0200 Subject: [Dovecot] Deleted mailboxes with lazy_expunge In-Reply-To: <1316167688.12936.61.camel@hurina> References: <4E731C17.5090305@um.es> <1316167688.12936.61.camel@hurina> Message-ID: <4E732628.4000209@um.es> El 16/09/11 12:08, Timo Sirainen escribi?: > On Fri, 2011-09-16 at 11:51 +0200, Angel L. Mateo wrote: >> Hello, >> >> I'm trying to configure lazy_expunge plugin (as a way to provide easy >> backup for mails). This is my configuration (as explained in dovecot wiki): > > dovecot -n output would have been better. What do you use as Yes, I know but I forgot it :-(. You have now the config. > mail_location? My guess is that you have specified INDEX or CONTROL path > there, which isn't currently compatible with this.. > Yes, I'm using INDEX in mail_location >> I use just one namespace because I don't want to differentiate between >> deleting mails or deleting mailboxes, but I have the same problem using >> the 3 namespaces. > > In above config you're using 3 namespaces, not 1. This problem shouldn't > exist if you use just one namespace. I have tried with both configurations with the same problem. I have made another test, this time with 1 namespace and with thunderbird directly expunging messages (to avoid moving them to trash and then purging trash). With this, dovecot logs: Sep 16 12:26:48 myotis30 dovecot: imap(angel.luis): Debug: Namespace .EXPUNGED/: Using permissions from /home/alumnos/46/113246/Maildir/expunged: mode=0700 gid=-1 Sep 16 12:26:48 myotis30 dovecot: imap(angel.luis): Debug: Namespace .EXPUNGED/: Permission lookup failed from /home/alumnos/46/113246/Maildir/expunged/.kk Sep 16 12:26:48 myotis30 dovecot: imap(angel.luis): Debug: Namespace .EXPUNGED/: Using permissions from /home/alumnos/46/113246/Maildir/expunged: mode=0700 gid=-1 Sep 16 12:26:48 myotis30 dovecot: imap(angel.luis): Debug: Namespace .EXPUNGED/: Permission lookup failed from /home/alumnos/46/113246/Maildir/expunged/.kk Sep 16 12:26:48 myotis30 dovecot: imap(angel.luis): Debug: Namespace .EXPUNGED/: Using permissions from /home/alumnos/46/113246/Maildir/expunged: mode=0700 gid=-1 but "kk" mail folder isn't created in the expunge namespace. > >> and my mail client reports the error "[CANNOT] Can't rename mailboxes >> accross specified storages" and the mail folder isn't created in the >> DELETED namespace. > > With http://hg.dovecot.org/dovecot-2.0/rev/e57bd3e2ec27 it'll now log > the reason why it's not possible. > I'm going to try it... -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n _o) y las Comunicaciones Aplicadas (ATICA) / \\ http://www.um.es/atica _(___V Tfo: 868887590 Fax: 868888337 -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: doveconf.txt URL: From amateo at um.es Fri Sep 16 14:24:53 2011 From: amateo at um.es (Angel L. Mateo) Date: Fri, 16 Sep 2011 13:24:53 +0200 Subject: [Dovecot] Deleted mailboxes with lazy_expunge In-Reply-To: <1316167688.12936.61.camel@hurina> References: <4E731C17.5090305@um.es> <1316167688.12936.61.camel@hurina> Message-ID: <4E733205.5050406@um.es> El 16/09/11 12:08, Timo Sirainen escribi?: > > With http://hg.dovecot.org/dovecot-2.0/rev/e57bd3e2ec27 it'll now log > the reason why it's not possible. > These are the logs reported with this patch: ep 16 13:21:00 myotis30 dovecot: imap(angel.luis): Debug: Namespace .DELETED/: Using permissions from /home/alumnos/46/113246/Maildir/deleted: mode=0700 gid=-1 Sep 16 13:21:00 myotis30 dovecot: imap(angel.luis): Debug: Namespace .DELETED/: Permission lookup failed from /home/alumnos/46/113246/Maildir/deleted/.kk-20110916-132100 Sep 16 13:21:00 myotis30 dovecot: imap(angel.luis): Debug: Namespace .DELETED/: Using permissions from /home/alumnos/46/113246/Maildir/deleted: mode=0700 gid=-1 Sep 16 13:21:00 myotis30 dovecot: imap(angel.luis): Debug: Namespace .DELETED/: Permission lookup failed from /home/alumnos/46/113246/Maildir/deleted/.kk-20110916-132100 Sep 16 13:21:00 myotis30 dovecot: imap(angel.luis): Debug: Namespace .DELETED/: Using permissions from /home/alumnos/46/113246/Maildir/deleted: mode=0700 gid=-1 Sep 16 13:21:00 myotis30 dovecot: imap(angel.luis): Debug: Can't rename 'kk' to '.DELETED/kk-20110916-132100': index dirs don't match I have try to remove the same folder without INDEX in mail_location. Without this option it works. -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n _o) y las Comunicaciones Aplicadas (ATICA) / \\ http://www.um.es/atica _(___V Tfo: 868887590 Fax: 868888337 From leho at kraav.com Fri Sep 16 14:48:35 2011 From: leho at kraav.com (Leho Kraav) Date: Fri, 16 Sep 2011 14:48:35 +0300 Subject: [Dovecot] Plugins: virtuals vs acls Message-ID: <4E733793.3030304@kraav.com> Hi all dovecot-virtual: * all when dovecot-acl files restrict some subset of * for a user, does dovecot respect these ACLs when collecting messages for virtual folder? I'd like a confirmation about what I should be seeing when I start implementing this setup. From tss at iki.fi Fri Sep 16 14:53:39 2011 From: tss at iki.fi (Timo Sirainen) Date: Fri, 16 Sep 2011 14:53:39 +0300 Subject: [Dovecot] unexpected LSUB / LIST (SUBSCRIBED) output Re: Panic: file mailbox-list-subscriptions.c: line 66 (mailbox_list_subscription_fill_one): assertion failed: (ns!= NULL && (ns->flags & NAMESPACE_FLAG_AUTOCREATED) != 0) In-Reply-To: References: <1316078544.12936.20.camel@hurina> Message-ID: <1316174020.12936.66.camel@hurina> On Thu, 2011-09-15 at 17:15 +0200, Lutz Pre?ler wrote: > 0 lsub "" "*" > * LSUB (\Noselect) "." "INBOX.shared.user1" > 0 OK Lsub completed. > 0 list (subscribed) "" "*" > * LIST (\NonExistent) "." "INBOX.shared.user1" > 0 OK List completed. These shouldn't be here. > 0 lsub "" "*" > * LSUB (\Noselect) "." "INBOX.shared.user1" The above entry shouldn't be here. > * LSUB () "." "INBOX.shared.user1.in2007" > 0 OK Lsub completed. > 0 list (subscribed) "" "*" > * LIST (\NonExistent) "." "INBOX.shared.user1" > * LIST (\Subscribed) "." "INBOX.shared.user1.in2007" > 0 OK List completed. > > >>> ~testuser/Maildir/subscription now contains "shared.user1.in2007" > > Is this "INBOX.shared.user1" LSUB/LIST output correct? http://hg.dovecot.org/dovecot-2.1/rev/080c8f9521d2 should fix these and other related problems. From tss at iki.fi Fri Sep 16 15:01:11 2011 From: tss at iki.fi (Timo Sirainen) Date: Fri, 16 Sep 2011 15:01:11 +0300 Subject: [Dovecot] Deleted mailboxes with lazy_expunge In-Reply-To: <4E733205.5050406@um.es> References: <4E731C17.5090305@um.es> <1316167688.12936.61.camel@hurina> <4E733205.5050406@um.es> Message-ID: <1316174471.12936.70.camel@hurina> On Fri, 2011-09-16 at 13:24 +0200, Angel L. Mateo wrote: > > Sep 16 13:21:00 myotis30 dovecot: imap(angel.luis): Debug: Can't rename > 'kk' to '.DELETED/kk-20110916-132100': index dirs don't match > > I have try to remove the same folder without INDEX in mail_location. > Without this option it works. Alternatively you could add INDEX path to lazy_expunge namespaces and it would work. The important thing is that both source and destination either have or don't have INDEX path specified, but it can't be mixed. (Looks like I messed up those new debug messages - clarified them in hg now.) From tss at iki.fi Fri Sep 16 15:03:47 2011 From: tss at iki.fi (Timo Sirainen) Date: Fri, 16 Sep 2011 15:03:47 +0300 Subject: [Dovecot] Plugins: virtuals vs acls In-Reply-To: <4E733793.3030304@kraav.com> References: <4E733793.3030304@kraav.com> Message-ID: <1316174628.12936.72.camel@hurina> On Fri, 2011-09-16 at 14:48 +0300, Leho Kraav wrote: > dovecot-virtual: > * > all > > when dovecot-acl files restrict some subset of * for a user, does > dovecot respect these ACLs when collecting messages for virtual folder? If they aren't respected, it's a bug. From tss at iki.fi Fri Sep 16 15:08:23 2011 From: tss at iki.fi (Timo Sirainen) Date: Fri, 16 Sep 2011 15:08:23 +0300 Subject: [Dovecot] dovecot-virtual folder configuration In-Reply-To: <2a82c4fe9e3aba3c621fe9eb2e530200@mail3.serarien.com> References: <2a82c4fe9e3aba3c621fe9eb2e530200@mail3.serarien.com> Message-ID: <1316174903.12936.76.camel@hurina> On Fri, 2011-09-16 at 00:58 +0200, Pierre wrote: > Hi all, > > Long story short, I'd like to configure a folder containing: > > INBOX > (some other folders) > > -> unseen emails from these folders + all other emails (also seen) from > the same thread > -> seen emails from these folders, but only the recent ones + all other > emails from the same thread The "other mails from same thread" is still a bit problematic with virtual folders. From my TODO: - virtual: If last message matching INTHREAD rule gets expunged, the rest of the thread doesn't go away First you'll need to create a virtual folder that has all the mails that you would ever want to see in threads. For example: virtual/all/dovecot-virtual: ----- INBOX Sent some other folders all ----- Then based on that create the virtual mailbox you want: virtual/newstuff/dovecot-virtual: ----- virtual/all inthread refs or unseen recent ----- From tss at iki.fi Fri Sep 16 15:11:27 2011 From: tss at iki.fi (Timo Sirainen) Date: Fri, 16 Sep 2011 15:11:27 +0300 Subject: [Dovecot] Detecting duplicate messages with sieve In-Reply-To: <20110915220246.GA17639@none.at> References: <20110915220246.GA17639@none.at> Message-ID: <1316175087.12936.78.camel@hurina> On Fri, 2011-09-16 at 00:02 +0200, Aleksandar Lazic wrote: > "Detecting duplicate messages" .. > Is there a similar feature in sieve No. > or can I still use the upper setup? I think so. > Another question is about to add this header line in every mail. > > xfilter "${REFORMAIL} -a\"Lines: $LINES\"" What do you need it for? But nope, I don't think there's a way to do that with Sieve either. There's an extension to add headers, but it's not implemented yet. And I don't think there's a way to get the number of header lines. From tss at iki.fi Fri Sep 16 15:40:51 2011 From: tss at iki.fi (Timo Sirainen) Date: Fri, 16 Sep 2011 15:40:51 +0300 Subject: [Dovecot] [PATCH] SCRAM-SHA-1 authentication In-Reply-To: <4E729CBC.5080600@babelmonkeys.de> References: <4E729CBC.5080600@babelmonkeys.de> Message-ID: <1316176851.12936.91.camel@hurina> On Fri, 2011-09-16 at 02:47 +0200, Florian Zeitz wrote: > over the last days I have implemented SCRAM-SHA-1 in Dovecot's 2.1 > branch. It does not do SCRAM-SHA-1-PLUS, but should be extendable enough > to introduce it later. Looks pretty good. Below are a few things I noticed. I could fix these myself next week also, or you can do them during weekend if you want to. :) > I also note that there are a lot of fields in the scram_auth_request > struct. I think they are all there for a reason, however feel free to > prove me wrong. The username wouldn't necessarily have to be there. Also its name was confusing me for a while since I thought you were setting auth_request->user directly. > + snonce[i] = (snonce[i] % ('~' - '!')) + '!'; > + if (snonce[i] == ',') > + snonce[i] = '.'; Here '~' is actually never used. But a nice solution would be to simply replace ',' with '~' so '.' isn't more likely to occur than others. > + fields = t_strsplit((const char*)data, ","); Not safe. data isn't guaranteed to be NUL-terminated. One simple solution would be: t_strsplit(t_strndup(data, size), ",") And others: - Could be nicer if client->proof was stored base64-decoded, so its validity could be checked and also later there wouldn't be need to base64-encode signature when testing it. - There's no log message is authentication fails due to wrong password? - Doesn't verify_credentials() need to check the credentials in any way that it contains expected (sized) data? Anything is allowed? From tss at iki.fi Fri Sep 16 16:02:26 2011 From: tss at iki.fi (Timo Sirainen) Date: Fri, 16 Sep 2011 16:02:26 +0300 Subject: [Dovecot] sharing of non-INBOX namespaces? Re: imapc and imap_acl In-Reply-To: References: <57674CC7-1F64-4131-98C6-45CF8B54F23B@iki.fi> <20110913164631.GA1874905@gabi.sernet.de> <1316085138.12936.39.camel@hurina> Message-ID: <1316178147.12936.92.camel@hurina> On Thu, 2011-09-15 at 13:41 +0200, Lutz Pre?ler wrote: > > If you want to access also ~/Maildir2, you'd need to create a > > second shared namespace for it. > Maybe I mess something up the second time today - but I cannot get > it to work: Yeah, it didn't work. Fixed now in hg. From tss at iki.fi Fri Sep 16 16:09:23 2011 From: tss at iki.fi (Timo Sirainen) Date: Fri, 16 Sep 2011 16:09:23 +0300 Subject: [Dovecot] Dsync Permissions Issue In-Reply-To: <4E70D0A9.8060604@globalchangemusic.org> References: <4E70D0A9.8060604@globalchangemusic.org> Message-ID: <1316178563.12936.97.camel@hurina> On Wed, 2011-09-14 at 09:04 -0700, Asai wrote: > [root at triata ~]# dsync -v -u asai at globalchangemusic.org backup ssh > -p22222 vmail at xx.xxx.xx.xxx dsync -u asai at globalchangemusic.org > vmail at xx.xxx.xx.xxx's password: > dsync(vmail): Error: userdb lookup: > connect(/var/run/dovecot/auth-userdb) failed: Permission denied > (euid=1001(vmail) egid=1001(vmail) missing +r perm: > /var/run/dovecot/auth-userdb, euid is not dir owner) .. > service auth { > unix_listener auth-userdb { > group = vmail > mode = 0666 > user = vmail > } > user = root > } So clearly you've given more than necessary permissions in here. 0600 with user=vmail should be enough. But the permission problem isn't on the server where you ran this "doveconf -n". The problem is on your remote server's Dovecot config. BTW: > unix_listener auth-master { > group = vmail > mode = 0660 > user = vmail > } There's no reason to change this from defaults. From tss at iki.fi Fri Sep 16 16:11:11 2011 From: tss at iki.fi (Timo Sirainen) Date: Fri, 16 Sep 2011 16:11:11 +0300 Subject: [Dovecot] "Waiting for authentication process to respond" for invalid users with auth_dovecot In-Reply-To: References: Message-ID: <1316178672.12936.99.camel@hurina> On Tue, 2011-09-13 at 13:53 +0300, Ibrahim Harrani wrote: > I am testing dovecot 2.0.13 and 2.0.14 with qmail-ldap and > auth_dovecot patch. If i login to dovecot (pop3/imap) with correct > user and password. > no problem, I can login immediately. but if I try with nonexistant > user, dovecot does not immediate answer, wait for a while and says > "Waiting for authentication process to respond." > auth_dovecot process remains working in the background. > How can I avoid this situation? If auth_dovecot process keeps running, the bug is in auth_dovecot. I've never looked at it (or probably even heard of it). From micah at riseup.net Fri Sep 16 16:53:31 2011 From: micah at riseup.net (Micah Anderson) Date: Fri, 16 Sep 2011 09:53:31 -0400 Subject: [Dovecot] convert maildrop filter to sieve References: <20110915191524.GB29568@none.at> Message-ID: <87bouka90k.fsf@algae.riseup.net> Aleksandar Lazic writes: > Dear list member, > > does anybody have a script which can convert maildrop filter to sive > filter? I would also like this, but I'm afraid it may be too complicated due to the different possibilities. Moving to sieve from maildrop would be great, but in practice quite difficult to do when you have a large number of people with customized mailfilters. micah From tss at iki.fi Fri Sep 16 17:09:47 2011 From: tss at iki.fi (Timo Sirainen) Date: Fri, 16 Sep 2011 17:09:47 +0300 Subject: [Dovecot] v2.0.15 released Message-ID: <1316182189.12936.111.camel@hurina> http://dovecot.org/releases/2.0/dovecot-2.0.15.tar.gz http://dovecot.org/releases/2.0/dovecot-2.0.15.tar.gz.sig + doveadm altmove: Added -r parameter to move mails back to primary storage. - v2.0.14: Index reading could have eaten a lot of memory in some situations - doveadm index no longer affects future caching decisions - mbox: Fixed crash during mail delivery when mailbox didn't yet have GUID assigned to it. - zlib+mbox: Fetching last message from compressed mailboxes crashed. - lib-sql: Fixed load balancing and error handling when multiple hosts are used. From tss at iki.fi Fri Sep 16 17:11:11 2011 From: tss at iki.fi (Timo Sirainen) Date: Fri, 16 Sep 2011 17:11:11 +0300 Subject: [Dovecot] v2.1.alpha2 released Message-ID: <1316182272.12936.112.camel@hurina> http://dovecot.org/releases/2.1/alpha/dovecot-2.1.alpha2.tar.gz http://dovecot.org/releases/2.1/alpha/dovecot-2.1.alpha2.tar.gz.sig This is actually looking rather stable. I'm still calling it "alpha" in case I think of doing some more API changes, but I think the next one will be called "beta1", hopefully soon followed by "rc1". - Statistics gathering improvements (more fields) and fixes. - Lots of imapc fixes and improvements - Fixes to handling shared namespaces - Several other fixes From asai at globalchangemusic.org Fri Sep 16 18:17:12 2011 From: asai at globalchangemusic.org (Asai) Date: Fri, 16 Sep 2011 08:17:12 -0700 Subject: [Dovecot] Dsync Permissions Issue In-Reply-To: <1316178563.12936.97.camel@hurina> References: <4E70D0A9.8060604@globalchangemusic.org> <1316178563.12936.97.camel@hurina> Message-ID: <4E736878.5000103@globalchangemusic.org> Thank you for your assistance, I have changed permissions on the remote server and all is well. On 9/16/2011 6:09 AM, Timo Sirainen wrote: > On Wed, 2011-09-14 at 09:04 -0700, Asai wrote: > >> [root at triata ~]# dsync -v -u asai at globalchangemusic.org backup ssh >> -p22222 vmail at xx.xxx.xx.xxx dsync -u asai at globalchangemusic.org >> vmail at xx.xxx.xx.xxx's password: >> dsync(vmail): Error: userdb lookup: >> connect(/var/run/dovecot/auth-userdb) failed: Permission denied >> (euid=1001(vmail) egid=1001(vmail) missing +r perm: >> /var/run/dovecot/auth-userdb, euid is not dir owner) > .. >> service auth { >> unix_listener auth-userdb { >> group = vmail >> mode = 0666 >> user = vmail >> } >> user = root >> } > So clearly you've given more than necessary permissions in here. 0600 > with user=vmail should be enough. But the permission problem isn't on > the server where you ran this "doveconf -n". The problem is on your > remote server's Dovecot config. > > BTW: > >> unix_listener auth-master { >> group = vmail >> mode = 0660 >> user = vmail >> } > There's no reason to change this from defaults. > From simon.brereton at buongiorno.com Fri Sep 16 19:05:15 2011 From: simon.brereton at buongiorno.com (Simon Brereton) Date: Fri, 16 Sep 2011 12:05:15 -0400 Subject: [Dovecot] v2.0.15 released In-Reply-To: <1316182189.12936.111.camel@hurina> References: <1316182189.12936.111.camel@hurina> Message-ID: <001901cc748a$6cacbaf0$460630d0$@brereton@buongiorno.com> -----Original Message----- From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On Behalf Of Timo Sirainen http://dovecot.org/releases/2.0/dovecot-2.0.15.tar.gz http://dovecot.org/releases/2.0/dovecot-2.0.15.tar.gz.sig + doveadm altmove: Added -r parameter to move mails back to primary storage. - v2.0.14: Index reading could have eaten a lot of memory in some situations - doveadm index no longer affects future caching decisions - mbox: Fixed crash during mail delivery when mailbox didn't yet have GUID assigned to it. - zlib+mbox: Fetching last message from compressed mailboxes crashed. - lib-sql: Fixed load balancing and error handling when multiple hosts are used. ----------- I'll bite.. But it's probably not your concern. When will we be able to get stable 2.x packages for Debian? Apt installs 1.2.15-7 Thanks. Simon (Sorry about breaking the quotes) From odhiambo at gmail.com Fri Sep 16 19:08:24 2011 From: odhiambo at gmail.com (Odhiambo Washington) Date: Fri, 16 Sep 2011 19:08:24 +0300 Subject: [Dovecot] v2.1.alpha2 released In-Reply-To: <1316182272.12936.112.camel@hurina> References: <1316182272.12936.112.camel@hurina> Message-ID: On Fri, Sep 16, 2011 at 17:11, Timo Sirainen wrote: > http://dovecot.org/releases/2.1/alpha/dovecot-2.1.alpha2.tar.gz > http://dovecot.org/releases/2.1/alpha/dovecot-2.1.alpha2.tar.gz.sig > > This is actually looking rather stable. I'm still calling it "alpha" in > case I think of doing some more API changes, but I think the next one > will be called "beta1", hopefully soon followed by "rc1". > > - Statistics gathering improvements (more fields) and fixes. > - Lots of imapc fixes and improvements > - Fixes to handling shared namespaces > - Several other fixes > I am trying to compile on FreeBSD 8.2-STABLE with the following options: #!/bin/sh ./configure \ --prefix=/opt/dovecot2.1 \ --with-ioloop=kqueue \ --with-notify=kqueue \ --with-sql=yes \ --with-mysql \ --with-zlib \ --with-bzlib \ --with-ssl=openssl \ --with-storages="maildir mdbox sdbox cydir" And I get a failure, viz: jaribu# make make all-recursive Making all in . /bin/bash ./update-version.sh . . Making all in src Making all in lib-test Making all in lib make all-am Making all in lib-auth Making all in lib-charset Making all in lib-dns Making all in lib-fs Making all in lib-mail Making all in lib-imap Making all in lib-master Making all in lib-dict Making all in lib-settings Making all in lib-ssl-iostream /bin/bash ../../libtool --tag=CC --mode=link gcc -std=gnu99 -g -O2 -Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -Wstrict-aliasing=2 -export-dynamic -Wl,--as-needed -Wl,--no-undefined -o libdovecot-ssl.la-rpath /opt/dovecot2.1/lib/dovecot libssl_iostream.la ../lib/liblib.la -export-dynamic -lrt libtool: link: gcc -shared -fPIC -DPIC -Wl,--whole-archive ./.libs/libssl_iostream.a ../lib/.libs/liblib.a -Wl,--no-whole-archive -lssl -lcrypto -lrt -O2 -Wl,--as-needed -Wl,--no-undefined -Wl,-soname -Wl,libdovecot-ssl.so.0 -o .libs/libdovecot-ssl.so.0 ../lib/.libs/liblib.a(env-util.o)(.text+0x31): In function `env_get_environ_p': /usr/home/wash/Tools/Dovecot/dovecot-2.1.alpha2/src/lib/env-util.c:148: undefined reference to `environ' ../lib/.libs/liblib.a(env-util.o)(.text+0x1f8): In function `env_clean': /usr/home/wash/Tools/Dovecot/dovecot-2.1.alpha2/src/lib/env-util.c:71: undefined reference to `environ' *** Error code 1 Stop in /usr/home/wash/Tools/Dovecot/dovecot-2.1.alpha2/src/lib-ssl-iostream. *** Error code 1 Stop in /usr/home/wash/Tools/Dovecot/dovecot-2.1.alpha2/src. *** Error code 1 Stop in /usr/home/wash/Tools/Dovecot/dovecot-2.1.alpha2. *** Error code 1 Stop in /usr/home/wash/Tools/Dovecot/dovecot-2.1.alpha2. -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ I can't hear you -- I'm using the scrambler. Please consider the environment before printing this email. -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.png Type: image/png Size: 652 bytes Desc: not available URL: From odhiambo at gmail.com Fri Sep 16 19:09:47 2011 From: odhiambo at gmail.com (Odhiambo Washington) Date: Fri, 16 Sep 2011 19:09:47 +0300 Subject: [Dovecot] v2.0.15 released In-Reply-To: <4e7373ea.0a41df0a.7188.ffffcd51SMTPIN_ADDED@mx.google.com> References: <1316182189.12936.111.camel@hurina> <4e7373ea.0a41df0a.7188.ffffcd51SMTPIN_ADDED@mx.google.com> Message-ID: I think someone else is responsible for the Debianization of Dovecot, not Timo. On Fri, Sep 16, 2011 at 19:05, Simon Brereton wrote: > -----Original Message----- > From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On > Behalf Of Timo Sirainen > > http://dovecot.org/releases/2.0/dovecot-2.0.15.tar.gz > http://dovecot.org/releases/2.0/dovecot-2.0.15.tar.gz.sig > > + doveadm altmove: Added -r parameter to move mails back to primary > storage. > - v2.0.14: Index reading could have eaten a lot of memory in some > situations > - doveadm index no longer affects future caching decisions > - mbox: Fixed crash during mail delivery when mailbox didn't yet > have > GUID assigned to it. > - zlib+mbox: Fetching last message from compressed mailboxes > crashed. > - lib-sql: Fixed load balancing and error handling when multiple > hosts > are used. > > > ----------- > > I'll bite.. But it's probably not your concern. When will we be able to > get stable 2.x packages for Debian? Apt installs 1.2.15-7 > > Thanks. > > Simon > (Sorry about breaking the quotes) > > -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ I can't hear you -- I'm using the scrambler. Please consider the environment before printing this email. -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.png Type: image/png Size: 652 bytes Desc: not available URL: From eduardo at kalinowski.com.br Fri Sep 16 19:20:56 2011 From: eduardo at kalinowski.com.br (Eduardo M KALINOWSKI) Date: Fri, 16 Sep 2011 13:20:56 -0300 Subject: [Dovecot] v2.0.15 released In-Reply-To: <001901cc748a$6cacbaf0$460630d0$@brereton@buongiorno.com> References: <1316182189.12936.111.camel@hurina> <001901cc748a$6cacbaf0$460630d0$@brereton@buongiorno.com> Message-ID: <20110916132056.Horde.IMEjKcm_qOVOc3doMo93biA@mail.kalinowski.com.br> On Sex, 16 Set 2011, Simon Brereton wrote: > I'll bite.. But it's probably not your concern. When will we be > able to get stable 2.x packages for Debian? Apt installs 1.2.15-7 In Debian stable? Only when the next stable version (wheezy) is released. Not in squeeze. Though perhaps a backport might appear. -- Colors may fade in time. Eduardo M KALINOWSKI eduardo at kalinowski.com.br From kuizhang at gmail.com Fri Sep 16 21:10:25 2011 From: kuizhang at gmail.com (Kui Zhang) Date: Fri, 16 Sep 2011 11:10:25 -0700 Subject: [Dovecot] outlook 2007 very slow. Message-ID: Hello I have a user with 2500+ sub folders. Total mailboxes size is around 6G. (mdbox, dovecot 2:2.0.14) Syncing/Receiving appears to be slow, with outlook 2007. He does not want to switch to an alternative, due to various reasons. I did not find any error logs indicate issues. during idle, imap process appears to loop at adding inotify watches to all folders. I found outlook-idle in wiki, but it is obsolete. doveconf: Warning: Obsolete setting in /etc/dovecot/conf.d/20-imap.conf:55: imap_client_workarounds=outlook-idle is no longer necessary Any one else having similar issue? Anything else I should do to narrow down the issue? Thanks KuiZ From robert at schetterer.org Fri Sep 16 21:47:20 2011 From: robert at schetterer.org (Robert Schetterer) Date: Fri, 16 Sep 2011 20:47:20 +0200 Subject: [Dovecot] v2.0.15 released In-Reply-To: <20110916132056.Horde.IMEjKcm_qOVOc3doMo93biA@mail.kalinowski.com.br> References: <1316182189.12936.111.camel@hurina> <001901cc748a$6cacbaf0$460630d0$@brereton@buongiorno.com> <20110916132056.Horde.IMEjKcm_qOVOc3doMo93biA@mail.kalinowski.com.br> Message-ID: <4E7399B8.70904@schetterer.org> Am 16.09.2011 18:20, schrieb Eduardo M KALINOWSKI: > On Sex, 16 Set 2011, Simon Brereton wrote: >> I'll bite.. But it's probably not your concern. When will we be able >> to get stable 2.x packages for Debian? Apt installs 1.2.15-7 > > In Debian stable? Only when the next stable version (wheezy) is > released. Not in squeeze. Though perhaps a backport might appear. > > http://xi.rename-it.nl/debian has a up2date repository -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria From Lutz.Pressler at SerNet.DE Fri Sep 16 22:19:57 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Fri, 16 Sep 2011 21:19:57 +0200 Subject: [Dovecot] sharing of non-INBOX namespaces? Re: imapc and imap_acl In-Reply-To: <1316178147.12936.92.camel@hurina> References: <57674CC7-1F64-4131-98C6-45CF8B54F23B@iki.fi> <20110913164631.GA1874905@gabi.sernet.de> <1316085138.12936.39.camel@hurina> <1316178147.12936.92.camel@hurina> Message-ID: Timo, On Fri, 16 Sep 2011, Timo Sirainen wrote: > On Thu, 2011-09-15 at 13:41 +0200, Lutz Pre?ler wrote: > > > > If you want to access also ~/Maildir2, you'd need to create a > > > second shared namespace for it. > > Maybe I mess something up the second time today - but I cannot get > > it to work: > > Yeah, it didn't work. Fixed now in hg. multiple shared namespaces do work now, but: I retried to have in otherssecond prefix = INBOX.shared.%%u.second. location = maildir:%%h/Maildir2:INDEX=~/Maildir/shared/%%u/second This is found to be a configuration error: Sep 16 20:49:32 host dovecot: imap(5025, testuser): Error: user lpmail: Initialization failed: namespace configuration error: Dupl icate namespace prefix: "INBOX.shared." Sep 16 20:49:32 host dovecot: imap(5025, testuser): Error: Invalid user settings. Refer to server log for more information. I think the test is too strict, as in general "prefix = bla.%%u.blubb." does work for a shared namespace. Or is there some other problem with this attempt to manually map source to destination structure? Btw, I found a SIGSEGV when SELECTing INBOX.shared. I'll send it seperately. Have a nice weekend, Lutz From Lutz.Pressler at SerNet.DE Fri Sep 16 23:06:15 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Fri, 16 Sep 2011 22:06:15 +0200 Subject: [Dovecot] imapc and imap_acl In-Reply-To: <20110913164631.GA1874905@gabi.sernet.de> References: <57674CC7-1F64-4131-98C6-45CF8B54F23B@iki.fi> <20110913164631.GA1874905@gabi.sernet.de> Message-ID: On Tue, 13 Sep 2011, Lutz Pre?ler wrote: > On Di, 13 Sep 2011, Timo Sirainen wrote: > > You mean you'd want local ACLs that apply to imapc mailboxes? > Yes, exactly. Great for "integrating" legacy IMAP servers without e.g. > ACL support. ... but as long as imapc parameters are global that's of no real use, I just realized... > > I think that should work. For example if you set: > > > > mail_location = imapc:~/imapc > > Then for mailbox foo/bar the ACL file should be in ~/imapc/.foo.bar/dovecot-acl > It almost works: > Sep 13 18:37:58 hhh dovecot: imap(4482, uuu): Error: file_dotlock_open(/home/uuu/Maildir/gmail/.[Gmail].Alle Nachrichten > /dovecot-acl) failed: No such file or directory > After manually creating the ".[Gmail].Alle Nachrichten" directory, SETACL > succeeds. ... so this does not really matter yet. Lutz From tss at iki.fi Fri Sep 16 23:55:15 2011 From: tss at iki.fi (Timo Sirainen) Date: Fri, 16 Sep 2011 23:55:15 +0300 Subject: [Dovecot] v2.1.alpha2 released In-Reply-To: References: <1316182272.12936.112.camel@hurina> Message-ID: <2B96294B-2E59-45F0-B614-554D193CAAE2@iki.fi> On 16.9.2011, at 19.08, Odhiambo Washington wrote: > /usr/home/wash/Tools/Dovecot/dovecot-2.1.alpha2/src/lib/env-util.c:148: > undefined reference to `environ' Hmm. I suppose it works if you remove this line from configure: NOPLUGIN_LDFLAGS="-Wl,--as-needed -Wl,--no-undefined" and then re-configure + make. I wonder what's the difference to Linux.. From stephan at rename-it.nl Sat Sep 17 00:11:24 2011 From: stephan at rename-it.nl (Stephan Bosch) Date: Fri, 16 Sep 2011 23:11:24 +0200 Subject: [Dovecot] v2.0.15 released In-Reply-To: <4E7399B8.70904@schetterer.org> References: <1316182189.12936.111.camel@hurina> <001901cc748a$6cacbaf0$460630d0$@brereton@buongiorno.com> <20110916132056.Horde.IMEjKcm_qOVOc3doMo93biA@mail.kalinowski.com.br> <4E7399B8.70904@schetterer.org> Message-ID: <4E73BB7C.3050406@rename-it.nl> Op 16-9-2011 20:47, Robert Schetterer schreef: > http://xi.rename-it.nl/debian has a up2date repository Yes, extremely up-to-date. So, just don't forget to mention that this repository is not for production setups. Regards, Stephan. From stephan at rename-it.nl Sat Sep 17 00:35:40 2011 From: stephan at rename-it.nl (Stephan Bosch) Date: Fri, 16 Sep 2011 23:35:40 +0200 Subject: [Dovecot] Sieve envelope :detail "to" "extention" does not deliver to fileinto destination In-Reply-To: <20110915191332.GA29568@none.at> References: <20110912171448.GB320@none.at> <4E71C573.2040407@rename-it.nl> <20110915191332.GA29568@none.at> Message-ID: <4E73C12C.2050803@rename-it.nl> Hi Aleksandar, Op 15-9-2011 21:13, Aleksandar Lazic schreef: > Dear Stephan, > > [...] > debug_log "envelope to `${1}'"; > debug_log "envelope to detail `${detail}'"; <= is this a default > variable? Eh, no. > I get > === > sieve: info: started log at Sep 15 21:07:07. > lists.sieve: line 15: info: DEBUG: envelope to `al-pdnsusers at none.at'. > lists.sieve: line 16: info: DEBUG: envelope to detail `'. > info: msgid=<20110915190707.256ED9FECC31 at external.none.at>: stored mail > into mailbox 'Lists.pdnsusers'. > === > > Is there a possibility to print the :detail from the subaddress module? > Maybe like > > Pseudocode: > === > set "detail" :detail if :detail not empty > === Let's just print all relevant stuff: === require "vnd.dovecot.debug"; require "envelope"; require "variables"; require "subaddress"; if envelope :matches "to" "*" { debug_log "envelope to `${1}'"; } if envelope :localpart :matches "to" "*" { debug_log "envelope to; localpart `${1}'"; } if envelope :user :matches "to" "*" { debug_log "envelope to; user `${1}'"; } /* This will print nothing if there is no detail */ if envelope :detail :matches "to" "*" { debug_log "envelope to; detail `${1}'"; } === Yielding, e.g.: === main_script: line 6: info: DEBUG: envelope to `stephan-frop at rename-it.nl'. main_script: line 7: info: DEBUG: envelope to; localpart `stephan-frop'. main_script: line 8: info: DEBUG: envelope to; user `stephan'. main_script: line 9: info: DEBUG: envelope to; detail `frop'. info: msgid=unspecified: stored mail into mailbox 'INBOX'. === > Is there a possibility to dump all variables? > Are there any default variables in variables module? There are no variables defined other than those that you define (using the set command or implicitly for match values). > > What does I make wrong that I haven't the :detail from the subaddress?! My guess is that you need to add the recipient_delimiter setting to the plugin section also: plugin { recipient_delimiter = - } Matbe this should be unified somehow. Regards, Stephan. From stephan at rename-it.nl Sat Sep 17 02:30:23 2011 From: stephan at rename-it.nl (Stephan Bosch) Date: Sat, 17 Sep 2011 01:30:23 +0200 Subject: [Dovecot] Sieve envelope :detail "to" "extention" does not deliver to fileinto destination In-Reply-To: <4E73C12C.2050803@rename-it.nl> References: <20110912171448.GB320@none.at> <4E71C573.2040407@rename-it.nl> <20110915191332.GA29568@none.at> <4E73C12C.2050803@rename-it.nl> Message-ID: <4E73DC0F.6060903@rename-it.nl> Op 16-9-2011 23:35, Stephan Bosch schreef: > > My guess is that you need to add the recipient_delimiter setting to > the plugin section also: > > plugin { > recipient_delimiter = - > } > > Matbe this should be unified somehow. > This should be fixed in hg now. Regards, Stephan. From henson at acm.org Sat Sep 17 03:38:20 2011 From: henson at acm.org (Paul B. Henson) Date: Fri, 16 Sep 2011 17:38:20 -0700 Subject: [Dovecot] mysql auth failover failing In-Reply-To: <1316164896.12936.57.camel@hurina> References: <4E6ACC6C.6020200@acm.org> <1316084011.12936.31.camel@hurina> <4E72924D.8090709@acm.org> <1316164896.12936.57.camel@hurina> Message-ID: <4E73EBFC.3010409@acm.org> On 9/16/2011 2:21 AM, Timo Sirainen wrote: >> As far as I can tell, it still doesn't do load balancing. > > Oh. http://hg.dovecot.org/dovecot-2.0/rev/327698228158 should finally > fix it. :) I installed the new 2.0.15 release including this change, and can confirm it does now successfully load balance across my two servers. Not only that, but with this change, there are no failed authentications at all when one of the servers goes away :). I have it running on one of my three production mail servers now, and barring any unexpected issues will deploy it on the other two next week, and then we'll be sitting pretty ;). Thanks again... -- Paul B. Henson | (909) 979-6361 | http://www.csupomona.edu/~henson/ Operating Systems and Network Analyst | henson at csupomona.edu California State Polytechnic University | Pomona CA 91768 From robert at schetterer.org Sat Sep 17 10:46:15 2011 From: robert at schetterer.org (Robert Schetterer) Date: Sat, 17 Sep 2011 09:46:15 +0200 Subject: [Dovecot] v2.0.15 released In-Reply-To: <4E73BB7C.3050406@rename-it.nl> References: <1316182189.12936.111.camel@hurina> <001901cc748a$6cacbaf0$460630d0$@brereton@buongiorno.com> <20110916132056.Horde.IMEjKcm_qOVOc3doMo93biA@mail.kalinowski.com.br> <4E7399B8.70904@schetterer.org> <4E73BB7C.3050406@rename-it.nl> Message-ID: <4E745047.3010507@schetterer.org> Am 16.09.2011 23:11, schrieb Stephan Bosch: > Op 16-9-2011 20:47, Robert Schetterer schreef: >> http://xi.rename-it.nl/debian has a up2date repository > > Yes, extremely up-to-date. So, just don't forget to mention that this > repository is not for production setups. > > Regards, > > Stephan. anyway i used it in production, with small problems since ever so thx ! -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria From odhiambo at gmail.com Sat Sep 17 11:45:27 2011 From: odhiambo at gmail.com (Odhiambo Washington) Date: Sat, 17 Sep 2011 11:45:27 +0300 Subject: [Dovecot] v2.1.alpha2 released In-Reply-To: <2B96294B-2E59-45F0-B614-554D193CAAE2@iki.fi> References: <1316182272.12936.112.camel@hurina> <2B96294B-2E59-45F0-B614-554D193CAAE2@iki.fi> Message-ID: On Fri, Sep 16, 2011 at 23:55, Timo Sirainen wrote: > On 16.9.2011, at 19.08, Odhiambo Washington wrote: > > > /usr/home/wash/Tools/Dovecot/dovecot-2.1.alpha2/src/lib/env-util.c:148: > > undefined reference to `environ' > > Hmm. I suppose it works if you remove this line from configure: > > NOPLUGIN_LDFLAGS="-Wl,--as-needed -Wl,--no-undefined" > > and then re-configure + make. I wonder what's the difference to Linux.. > > Yes, that made it work. You are welcome to login to this box and spot the difference to Linux :-) -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ I can't hear you -- I'm using the scrambler. Please consider the environment before printing this email. -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.png Type: image/png Size: 652 bytes Desc: not available URL: From al-dovecot at none.at Sat Sep 17 13:52:08 2011 From: al-dovecot at none.at (Aleksandar Lazic) Date: Sat, 17 Sep 2011 12:52:08 +0200 Subject: [Dovecot] Sieve envelope :detail "to" "extention" does not deliver to fileinto destination In-Reply-To: <4E73DC0F.6060903@rename-it.nl> References: <20110912171448.GB320@none.at> <4E71C573.2040407@rename-it.nl> <20110915191332.GA29568@none.at> <4E73C12C.2050803@rename-it.nl> <4E73DC0F.6060903@rename-it.nl> Message-ID: <20110917105208.GA31187@none.at> Dear Stephan, On Sam 17.09.2011 01:30, Stephan Bosch wrote: >Op 16-9-2011 23:35, Stephan Bosch schreef: >> >>My guess is that you need to add the recipient_delimiter setting to >>the plugin section also: >> >>plugin { >>recipient_delimiter = - >>} >> >>Matbe this should be unified somehow. >> > >This should be fixed in hg now. Your guess was right, thanks. Thanks also that the next release will use the global recipient_delimiter. Aleks From al-dovecot at none.at Sat Sep 17 13:54:57 2011 From: al-dovecot at none.at (Aleksandar Lazic) Date: Sat, 17 Sep 2011 12:54:57 +0200 Subject: [Dovecot] Detecting duplicate messages with sieve In-Reply-To: <1316175087.12936.78.camel@hurina> References: <20110915220246.GA17639@none.at> <1316175087.12936.78.camel@hurina> Message-ID: <20110917105457.GB31187@none.at> On Fre 16.09.2011 15:11, Timo Sirainen wrote: >On Fri, 2011-09-16 at 00:02 +0200, Aleksandar Lazic wrote: > >> "Detecting duplicate messages" >.. >> Is there a similar feature in sieve > >No. > >> or can I still use the upper setup? > >I think so. Maybe I have overseen this possibiliy but how an I execute a shell command in LDA / Sieve? >> Another question is about to add this header line in every mail. >> >> xfilter "${REFORMAIL} -a\"Lines: $LINES\"" > >What do you need it for? But nope, I don't think there's a way to do >that with Sieve either. There's an extension to add headers, but it's >not implemented yet. And I don't think there's a way to get the number >of header lines. Well this was for the mutt mail client. Maildrop saves the whole line of a mail into LINES-ENV-Variable. It was just a question, maybe a feature request ;-) Cheers Aleks From zash at zash.se Sat Sep 17 15:30:48 2011 From: zash at zash.se (Kim Alvefur) Date: Sat, 17 Sep 2011 14:30:48 +0200 Subject: [Dovecot] Auth protocol and XMPP Message-ID: <1316262648.7480.37.camel@carcharodon> Hello. I've written an authentication backend for the XMPP server Prosody, which makes it use Dovecots auth socket and protocol, and letting the client use any SASL mechanism Dovecot offers. However, setups using the full user at domain as authnid won't work, due to most XMPP clients assuming that the authnid is the localpart. I want to avoid hardcoding it to PLAIN, or otherwise doing MITM/rewrites if possible. (There exists an older auth backend that does just that already) Ideas? -- Kim Alvefur From ef at math.uni-bonn.de Sat Sep 17 17:16:53 2011 From: ef at math.uni-bonn.de (=?iso-8859-1?Q?Edgar_Fu=DF?=) Date: Sat, 17 Sep 2011 16:16:53 +0200 Subject: [Dovecot] FreeBSD compilation issues (was: v2.1.alpha2 released) In-Reply-To: References: <1316182272.12936.112.camel@hurina> <2B96294B-2E59-45F0-B614-554D193CAAE2@iki.fi> Message-ID: <3A33324B-98AF-41B0-A591-6FFBA1A359CE@math.uni-bonn.de> > You are welcome to login to this box and spot the difference to Linux Could this be a problem similar to that mentioned in http://mail-index.NetBSD.org/tech-pkg/2011/09/05/msg007628.html and its follow-ups? From mr88talent at gmail.com Sun Sep 18 00:39:54 2011 From: mr88talent at gmail.com (Gary V) Date: Sat, 17 Sep 2011 15:39:54 -0600 Subject: [Dovecot] default_pass_scheme = PLAIN and blank password Message-ID: I'm using Dovecot 1.2.15 on Ubuntu, but I think this applies to other versions as well. I store user info and passwords in MySQL. It appears 'default_pass_scheme = PLAIN' allows blank passwords. My question is: Is this a bug or is this by design? If it is by design, is there a setting that I'm not aware of that changes this behavior? Of course let me know if you need additional info on the setup I'm using. Thank you, Gary V From florob at babelmonkeys.de Sun Sep 18 04:44:48 2011 From: florob at babelmonkeys.de (Florian Zeitz) Date: Sun, 18 Sep 2011 03:44:48 +0200 Subject: [Dovecot] [PATCH] SCRAM-SHA-1 authentication In-Reply-To: <1316176851.12936.91.camel@hurina> References: <4E729CBC.5080600@babelmonkeys.de> <1316176851.12936.91.camel@hurina> Message-ID: <4E754D10.5010404@babelmonkeys.de> Am 16.09.2011 14:40, schrieb Timo Sirainen: > On Fri, 2011-09-16 at 02:47 +0200, Florian Zeitz wrote: > > Looks pretty good. Below are a few things I noticed. I could fix these > myself next week also, or you can do them during weekend if you want > to. :) > I decided to do it myself, hope this fixes all issues. > - Could be nicer if client->proof was stored base64-decoded, so its > validity could be checked and also later there wouldn't be need to > base64-encode signature when testing it. > > - Doesn't verify_credentials() need to check the credentials in any way > that it contains expected (sized) data? Anything is allowed? > I don't think it needs to. The password read from the database can legitimately have any length and from the client it just takes a base64 encoded SHA-1 hash. The correct size of that was previously implicitly checked when comparing the base64 encoded data (strings of different length don't compare equal). It's now explicitly checked after base64 decoding the client proof. -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: scram-sha-1.exp URL: From Lutz.Pressler at SerNet.DE Sun Sep 18 14:27:54 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Sun, 18 Sep 2011 13:27:54 +0200 Subject: [Dovecot] 2.1: problems compiling fts-lucene - CLucene git version necessary? In-Reply-To: <7C9B9C67-A1FD-472B-8514-BC54F1B01D00@iki.fi> References: <7C9B9C67-A1FD-472B-8514-BC54F1B01D00@iki.fi> Message-ID: Hello, On So, 11 Sep 2011, Timo Sirainen wrote: > On 11.9.2011, at 22.22, Lutz Pre?ler wrote: > > I have problems recompiling the Debian squeeze auto build packages > > with "--with-lecene". Is the git (2.3) version of CLucene necessary? > Yes. Ok, I now tried to test with clucene-core-2.3.3.4. Quite unsucessfully... I built libclucene-core-static.a and libclucene-shared-static.a after changing the cmake option (BUILD_STATIC_LIBRARIES). But despite enabling BUILD_CONTRIBS, BUILD_CONTRIBS_LIB no snowball/libstemmer has been build. (I am quite unfamiliar with the cmake process. Timo, maybe you can document how you build clucene - if you do it youself.) Anyway, I then changed the Debian auto package source to configure --with-lucene (but not --with-stemmer), and added/changed include paths and the static library to get lib21_fts_lucene_plugin.so (and doveadm/lib20_doveadm_fts_lucene_plugin.so). Adding "fts and fts_lucene" to mail_plugins and "fts = lucene" in plugin section this loads fine. But: trying to use it with SEARCH yields dovecot: imap(...): Error: fts_lucene: default_language set, but Dovecot built without stemmer support (and 3 times Error: fts: Failed to initialize backend 'lucene': Invalid fts_lucene setting) In fts_lucene_plugin_init_settings (src/plugins/fts-lucene/fts-lucene-plugin.c) default_language is initally set to 'english', and I don't find a way to get it unset. Adding to plugin section fts_lucene = default_language= or fts_lucene = default_language="" does not work. Bug? I changed the source (set variable to NULL before interpreting the settings) to fix this. Now it's crashing though when trying a SEARCH. In crc32_str_more (crc=0, str=0x0) at crc32.c:87 87 for (; *p != '\0'; p++) (dovecot src/lib/crc32.c, not clucene). I'll send the full back trace seperately. Lutz From serarien at baqs.net Sun Sep 18 20:06:42 2011 From: serarien at baqs.net (Pierre) Date: Sun, 18 Sep 2011 19:06:42 +0200 Subject: [Dovecot] dovecot-virtual folder configuration In-Reply-To: <1316174903.12936.76.camel@hurina> References: <2a82c4fe9e3aba3c621fe9eb2e530200@mail3.serarien.com> <1316174903.12936.76.camel@hurina> Message-ID: <20110918170642.GA15868@mail3.serarien.com> Thanks for the tip Timo. I was trying to make this work, when I got stupid issue: I named my namespace "#virtual", but putting "#" at the beginning of dovecot-virtual line makes it be a comment. I tryed with '#", \#... without success Is there any method to make it work ? thx, Pierre On 16/sept. - 15:08, Timo Sirainen wrote: > On Fri, 2011-09-16 at 00:58 +0200, Pierre wrote: > > Hi all, > > > > Long story short, I'd like to configure a folder containing: > > > > INBOX > > (some other folders) > > > > -> unseen emails from these folders + all other emails (also seen) from > > the same thread > > -> seen emails from these folders, but only the recent ones + all other > > emails from the same thread > > The "other mails from same thread" is still a bit problematic with > virtual folders. From my TODO: > > - virtual: If last message matching INTHREAD rule gets expunged, the rest of > the thread doesn't go away > > First you'll need to create a virtual folder that has all the mails that > you would ever want to see in threads. For example: > > virtual/all/dovecot-virtual: > ----- > INBOX > Sent > some > other > folders > all > ----- > > Then based on that create the virtual mailbox you want: > > virtual/newstuff/dovecot-virtual: > ----- > virtual/all > inthread refs or unseen recent > ----- > From micah at riseup.net Mon Sep 19 01:27:10 2011 From: micah at riseup.net (Micah Anderson) Date: Sun, 18 Sep 2011 18:27:10 -0400 Subject: [Dovecot] v2.0.15 released References: <1316182189.12936.111.camel@hurina> <18462.520853109$1316189132@news.gmane.org> Message-ID: <87k4951o75.fsf@algae.riseup.net> "Simon Brereton" writes: > I'll bite.. But it's probably not your concern. When will we be able > to get stable 2.x packages for Debian? Apt installs 1.2.15-7 2.x packages are available in Debian Wheezy and Sid. A backport to Squeeze (stable) will be made once the 1.x transition packages make it into Wheezy (~10 days from now). micah From al-dovecot at none.at Mon Sep 19 04:24:18 2011 From: al-dovecot at none.at (Aleksandar Lazic) Date: Mon, 19 Sep 2011 03:24:18 +0200 Subject: [Dovecot] convert maildrop filter to sieve In-Reply-To: <87bouka90k.fsf@algae.riseup.net> References: <20110915191524.GB29568@none.at> <87bouka90k.fsf@algae.riseup.net> Message-ID: <20110919012417.GA30394@none.at> Hi Micah, On Fre 16.09.2011 09:53, Micah Anderson wrote: >Aleksandar Lazic writes: > >> Dear list member, >> >> does anybody have a script which can convert maildrop filter to sive >> filter? > >I would also like this, but I'm afraid it may be too complicated due to >the different possibilities. Moving to sieve from maildrop would be >great, but in practice quite difficult to do when you have a large >number of people with customized mailfilters. I have written a small script for me to convert my mailfilter into sieve. There are some manual fixes which I make after a script run but there are so less that I have decided to show it to the list ;-) Maybe someone can use it also for the migration. BR Aleks -------------- next part -------------- A non-text attachment was scrubbed... Name: convert_maildropfilter_sieve.pl Type: application/x-perl Size: 8254 bytes Desc: not available URL: From tom at elysium.ltd.uk Mon Sep 19 11:27:41 2011 From: tom at elysium.ltd.uk (Tom Clark) Date: Mon, 19 Sep 2011 09:27:41 +0100 Subject: [Dovecot] mail_max_userip_connections=10 Message-ID: <002d01cc76a5$ff88f970$fe9aec50$@elysium.ltd.uk> Hi, A couple of questions rather than a problem for once! We've got our Dovecot server running smoothly now apart from our MD. He's having problems with mail_max_userip_connections. He has 3 (Phone/Laptop/Tablet) items that all connect to the server at about the same time. Which means he's frequently running over the max_userip_connections. My questions are: Is there anyway of whitelisting an IP so that it can ignore mail_max_userip_connections=10? What should we set mail_max_userip_connections too realistically? 10 seems a bit low? Thanks Tom From amateo at um.es Mon Sep 19 12:07:51 2011 From: amateo at um.es (Angel L. Mateo) Date: Mon, 19 Sep 2011 11:07:51 +0200 Subject: [Dovecot] Deleted mailboxes with lazy_expunge In-Reply-To: <1316174471.12936.70.camel@hurina> References: <4E731C17.5090305@um.es> <1316167688.12936.61.camel@hurina> <4E733205.5050406@um.es> <1316174471.12936.70.camel@hurina> Message-ID: <4E770667.7060609@um.es> El 16/09/11 14:01, Timo Sirainen escribi?: > On Fri, 2011-09-16 at 13:24 +0200, Angel L. Mateo wrote: >> >> Sep 16 13:21:00 myotis30 dovecot: imap(angel.luis): Debug: Can't rename >> 'kk' to '.DELETED/kk-20110916-132100': index dirs don't match >> >> I have try to remove the same folder without INDEX in mail_location. >> Without this option it works. > > Alternatively you could add INDEX path to lazy_expunge namespaces and it > would work. The important thing is that both source and destination > either have or don't have INDEX path specified, but it can't be mixed. > (Looks like I messed up those new debug messages - clarified them in hg > now.) > > OK. I have configured all namespaces with the same INDEX path and the problem is solved. Thank you, Timo. -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n _o) y las Comunicaciones Aplicadas (ATICA) / \\ http://www.um.es/atica _(___V Tfo: 868887590 Fax: 868888337 From paulg at cse.yorku.ca Mon Sep 19 15:29:37 2011 From: paulg at cse.yorku.ca (Paul Griffith) Date: Mon, 19 Sep 2011 08:29:37 -0400 Subject: [Dovecot] mail_max_userip_connections=10 In-Reply-To: <002d01cc76a5$ff88f970$fe9aec50$@elysium.ltd.uk> References: <002d01cc76a5$ff88f970$fe9aec50$@elysium.ltd.uk> Message-ID: <4E7735B1.5000501@cse.yorku.ca> On 09/19/11 04:27, Tom Clark wrote: > Hi, > > > > A couple of questions rather than a problem for once! > > > > We've got our Dovecot server running smoothly now apart from our MD. He's > having problems with mail_max_userip_connections. He has 3 > (Phone/Laptop/Tablet) items that all connect to the server at about the same > time. Which means he's frequently running over the max_userip_connections. > > > > My questions are: > > > > Is there anyway of whitelisting an IP so that it can ignore > mail_max_userip_connections=10? > > > > What should we set mail_max_userip_connections too realistically? 10 seems a > bit low? > Hi Tom, The setting mail_max_userip_connections is per IP. from 20-imap.conf (version 2.0.13, the version we are running) # Maximum number of IMAP connections allowed for a user from each IP address. # NOTE: The username is compared case-sensitively. #mail_max_userip_connections = 10 I am going to assume he has a different IP for each device, in this case that would allow up to 30 connections. You need to post your 'doveconf -n' output! Cheers, Paul From tom at elysium.ltd.uk Mon Sep 19 15:36:53 2011 From: tom at elysium.ltd.uk (Tom Clark) Date: Mon, 19 Sep 2011 13:36:53 +0100 Subject: [Dovecot] mail_max_userip_connections=10 In-Reply-To: <4E7735B1.5000501@cse.yorku.ca> References: <002d01cc76a5$ff88f970$fe9aec50$@elysium.ltd.uk> <4E7735B1.5000501@cse.yorku.ca> Message-ID: <006e01cc76c8$cf849090$6e8db1b0$@elysium.ltd.uk> Hi Paul, It's coming from the same IP address through his ADSL. Hence he gets the problem with max_userip_connections. I think I tracked down the problem. He's been using K9 mail which seems to have a problem where it doesn't release a connection and has 1 connection per subscribed folder.... Ta, Tom -----Original Message----- From: Paul Griffith [mailto:paulg at cse.yorku.ca] Sent: 19 September 2011 1:30 PM To: Tom Clark Cc: dovecot at dovecot.org Subject: Re: [Dovecot] mail_max_userip_connections=10 On 09/19/11 04:27, Tom Clark wrote: > Hi, > > > > A couple of questions rather than a problem for once! > > > > We've got our Dovecot server running smoothly now apart from our MD. > He's having problems with mail_max_userip_connections. He has 3 > (Phone/Laptop/Tablet) items that all connect to the server at about > the same time. Which means he's frequently running over the max_userip_connections. > > > > My questions are: > > > > Is there anyway of whitelisting an IP so that it can ignore > mail_max_userip_connections=10? > > > > What should we set mail_max_userip_connections too realistically? 10 > seems a bit low? > Hi Tom, The setting mail_max_userip_connections is per IP. from 20-imap.conf (version 2.0.13, the version we are running) # Maximum number of IMAP connections allowed for a user from each IP address. # NOTE: The username is compared case-sensitively. #mail_max_userip_connections = 10 I am going to assume he has a different IP for each device, in this case that would allow up to 30 connections. You need to post your 'doveconf -n' output! Cheers, Paul From tss at iki.fi Mon Sep 19 18:35:40 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 19 Sep 2011 18:35:40 +0300 Subject: [Dovecot] 2.1: problems compiling fts-lucene - CLucene git version necessary? In-Reply-To: References: <7C9B9C67-A1FD-472B-8514-BC54F1B01D00@iki.fi> Message-ID: <1316446540.12936.114.camel@hurina> On Sun, 2011-09-18 at 13:27 +0200, Lutz Pre?ler wrote: > Hello, > On So, 11 Sep 2011, Timo Sirainen wrote: > > On 11.9.2011, at 22.22, Lutz Pre?ler wrote: > > > I have problems recompiling the Debian squeeze auto build packages > > > with "--with-lecene". Is the git (2.3) version of CLucene necessary? > > Yes. > Ok, I now tried to test with clucene-core-2.3.3.4. Quite unsucessfully... > I built libclucene-core-static.a and libclucene-shared-static.a after > changing the cmake option (BUILD_STATIC_LIBRARIES). But despite enabling > BUILD_CONTRIBS, BUILD_CONTRIBS_LIB no snowball/libstemmer has been build. You need to install libstemmer separately. I think I used http://snowball.tartarus.org/dist/libstemmer_c.tgz > dovecot: imap(...): Error: fts_lucene: default_language set, but Dovecot built without stemmer support Fixed: http://hg.dovecot.org/dovecot-2.1/rev/02c84406c661 From list at airstreamcomm.net Mon Sep 19 18:55:53 2011 From: list at airstreamcomm.net (list at airstreamcomm.net) Date: Mon, 19 Sep 2011 10:55:53 -0500 Subject: [Dovecot] ODBC support Message-ID: I was wondering if ODBC support was on the road map for Dovecot, or if it has ever been discussed? Thanks. From micah at riseup.net Mon Sep 19 20:19:07 2011 From: micah at riseup.net (Micah Anderson) Date: Mon, 19 Sep 2011 13:19:07 -0400 Subject: [Dovecot] dsync with quotas Message-ID: <8762kozbzo.fsf@algae.riseup.net> I have been working on converting people from courier maildir -> dovecot mdbox and during some of the dsync runs I'm seeing the quota_exceeded_message be printed as an Error: dsync(): Error: Can't save message to mailbox INBOX: You are over quota. To avoid losing mail, immediately empty your Trash and Sent folders and \ delete emails with large attachments. dsync(): Info: INBOX: Couldn't keep all uids^M Its possible the user was over quota on the originating courier side, but I would still like to migrate their mail proprely to mdbox, but it seems like being over quota is inhibiting that. Are the quota calculations including both the maildir files as well as the converted mdbox files, resulting in a double counting? I'm not entirely sure if the messages above indicate that the migration failed for that user or not, so I've been manually increasing their quota, then redoing the dsync mirror until it works properly. I wonder if it would be better if I turned off quota entirely during migration so I don't run into this problem? thanks, micah -- -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 835 bytes Desc: not available URL: From asai at globalchangemusic.org Mon Sep 19 20:43:57 2011 From: asai at globalchangemusic.org (Asai) Date: Mon, 19 Sep 2011 10:43:57 -0700 Subject: [Dovecot] mail_max_userip_connections=10 In-Reply-To: <006e01cc76c8$cf849090$6e8db1b0$@elysium.ltd.uk> References: <002d01cc76a5$ff88f970$fe9aec50$@elysium.ltd.uk> <4E7735B1.5000501@cse.yorku.ca> <006e01cc76c8$cf849090$6e8db1b0$@elysium.ltd.uk> Message-ID: <4E777F5D.7050006@globalchangemusic.org> On 9/19/2011 5:36 AM, Tom Clark wrote: > Hi Paul, > > It's coming from the same IP address through his ADSL. Hence he gets the > problem with max_userip_connections. > > I think I tracked down the problem. He's been using K9 mail which seems to > have a problem where it doesn't release a connection and has 1 connection > per subscribed folder.... > > Ta, > > Tom If you figure it out, please post the solution, because we're running into a similar issue right now with K9 mail where it's causing us to get this error:imap-login: Disconnected: Connection queue full From tss at iki.fi Mon Sep 19 21:12:24 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 19 Sep 2011 21:12:24 +0300 Subject: [Dovecot] mail_max_userip_connections=10 In-Reply-To: <4E777F5D.7050006@globalchangemusic.org> References: <002d01cc76a5$ff88f970$fe9aec50$@elysium.ltd.uk> <4E7735B1.5000501@cse.yorku.ca> <006e01cc76c8$cf849090$6e8db1b0$@elysium.ltd.uk> <4E777F5D.7050006@globalchangemusic.org> Message-ID: <42D8EE74-351A-4508-99BC-626318016346@iki.fi> On 19.9.2011, at 20.43, Asai wrote: > If you figure it out, please post the solution, because we're running into a similar issue right now with K9 mail where it's causing us to get this error:imap-login: Disconnected: Connection queue full That's a different problem. You need to increase number of login processes / connections. http://wiki2.dovecot.org/LoginProcess From dovecot at tlinx.org Tue Sep 20 02:03:54 2011 From: dovecot at tlinx.org (Linda Walsh) Date: Mon, 19 Sep 2011 16:03:54 -0700 Subject: [Dovecot] outlook 2007 very slow. In-Reply-To: References: Message-ID: <4E77CA5A.6010506@tlinx.org> ` Kui Zhang wrote: > Hello > > I have a user with 2500+ sub folders. Total mailboxes size is around > 6G. (mdbox, dovecot 2:2.0.14) > > Syncing/Receiving appears to be slow, with outlook 2007. He does not > want to switch to an alternative, due to various reasons. > > Any one else having similar issue? > Anything else I should do to narrow down the issue? > ---- I can't speak for outlook 2007, but back in outlook 2000, as well as outlook 2002, it spoke a broken dialect of IMAP that would cause it to hang if you enabled it to read multiple mailboxes at one time. The only safe way I found to use it was to only let it use 1 connection at a time, and even then it wasn't impossible to cause to to fail. Perhaps MS limited outlook to only 1 connection to IMAP servers -- when I spoke to the engineer, they said that really had IMAP support at the lowest level, as it allowed the use of non-MS servers and mail servers -- and they only wanted to support Exchange (in order to get sites to buy exchange!)... The issue was reported broken in 2000, and they had not fixed it by 2002 (office XP), so I moved to thunderbird... I missed a few-several features, but I didn't miss the slowness and unreliability in everyday reading of email. Another problem -- AFAIK, outlook is only 32bit. My mom gets harassed, constantly to move things out of her primary .pst file and into 'archives', (where she can't easily access them and they don't have to be indexed...) because, the internal format became more strained as it got larger. With 6G of folders, indexing those, your user might be hitting outlook memory problems (not running out, but 'thrashing')... If possible, he might try unsubbing to older boxes on his main account, and setup an alternate account to 'go into the archives'...that way syncing only with currently active folders should go much faster)... Send him my condolences... -l > > Thanks > KuiZ > From dovecot at tlinx.org Tue Sep 20 02:22:34 2011 From: dovecot at tlinx.org (Linda Walsh) Date: Mon, 19 Sep 2011 16:22:34 -0700 Subject: [Dovecot] Why can NOT login as root In-Reply-To: <4E6BD852.5000306@vo.lu> References: <4E6B3634.18171.51F73FE@jana1972.centrum.cz> <4E6BD852.5000306@vo.lu> Message-ID: <4E77CEBA.8050603@tlinx.org> John Allen wrote: > As far as I recall, IMAP servers generally don't allow access to root. > > According to the Dovecot wiki, this is hard-coded in the binary: > http://wiki.dovecot.org/MainConfig see under "first_valid_uid" > > If the root user is receiving emails, these need to be redirected to > another user so they can be read via IMAP. --- I guess the source needs a patch. Why would dovecot choose to play nursemaid to people who want to read root email remotely via IMAPS? I can log in via SSH, so why not allow it with secure IMAP? I suppose really, if someone wants to run as root with no password dovecot should be **configurable** to allow this -- as we can't always understand the needs of end users. Example. You have a system on which root uid=0 means nothing (assigns no privs -- all assigned via privilege/capability bits). This means dovecot is hardcoded to lock out a user that may have no privileges, but has no prob permitting access to those with full Capability/priv sets. That is NOT remotely a secure design -- Not that it "allows login to those w/caps", but that it bogusly tries to invalidate site-security policies that it doesn't like Samba has done this and actually disparages people who don't use conventional security policies 'insecure', when those same people can point out a multitude of ways samba can be easily -- in the ways that the samba team, _recommend_, that samba can be accidentally or surreptitiously configured insecurely. When it is asked why alternate security policies are insecure -- they change the subject and agree grudgingly to re-allow 'banned' commands under options like "allow insecure XXXX"... Trying to 'play nursemaid' to users is a bad security policy -- since as soon you (like samba team leader said, "we had to make it impossible to configure samba insecurely", you are asking for trouble; cuz then users think they don't have to worry about how they config things, it will always be secure...and we know that is very untrue! From tss at iki.fi Tue Sep 20 02:50:32 2011 From: tss at iki.fi (Timo Sirainen) Date: Tue, 20 Sep 2011 02:50:32 +0300 Subject: [Dovecot] Why can NOT login as root In-Reply-To: <4E77CEBA.8050603@tlinx.org> References: <4E6B3634.18171.51F73FE@jana1972.centrum.cz> <4E6BD852.5000306@vo.lu> <4E77CEBA.8050603@tlinx.org> Message-ID: On 20.9.2011, at 2.22, Linda Walsh wrote: > I can log in via SSH, so why not allow it with secure IMAP? I suppose > really, if someone wants to run as root with no password dovecot should be > **configurable** to allow this -- as we can't always understand the needs > of end users. Because there's no good reason to read mails as root. If you can give me a good reason I might reconsider, but I highly doubt that's going to happen. Anyway it's mainly about making sure that in the case of some internal security hole (or misconfiguration) in Dovecot at least that security hole couldn't be leveraged to gain root privileges that would allow reading everyone's mails. > Example. You have a system on which root uid=0 means nothing (assigns no > privs -- all assigned via privilege/capability bits). > > This means dovecot is hardcoded to lock out a user that may have no > privileges, but has no prob permitting access to those with full > Capability/priv sets. Rare, and in such cases irrelevant. From user+dovecot at localhost.localdomain.org Tue Sep 20 02:53:32 2011 From: user+dovecot at localhost.localdomain.org (Pascal Volk) Date: Tue, 20 Sep 2011 01:53:32 +0200 Subject: [Dovecot] Why can NOT login as root In-Reply-To: <4E77CEBA.8050603@tlinx.org> References: <4E6B3634.18171.51F73FE@jana1972.centrum.cz> <4E6BD852.5000306@vo.lu> <4E77CEBA.8050603@tlinx.org> Message-ID: <4E77D5FC.5060608@localhost.localdomain.org> On 09/20/2011 01:22 AM Linda Walsh wrote: > I guess the source needs a patch. > > Why would dovecot choose to play nursemaid to people who want to read > root email remotely via IMAPS? > ? So, why do you not simply create and apply the patch? Dovecot is OSS. You are free to modify it in order to satisfy your special requirements. EOD Pascal -- The trapper recommends today: f007ba11.1126301 at localdomain.org From kuizhang at gmail.com Tue Sep 20 05:10:05 2011 From: kuizhang at gmail.com (Kui Zhang) Date: Mon, 19 Sep 2011 19:10:05 -0700 Subject: [Dovecot] outlook 2007 very slow. In-Reply-To: <4E77CA5A.6010506@tlinx.org> References: <4E77CA5A.6010506@tlinx.org> Message-ID: On Mon, Sep 19, 2011 at 4:03 PM, Linda Walsh wrote: > > > > ` Kui Zhang wrote: >> >> Hello >> >> I have a user with 2500+ sub folders. Total mailboxes size is around >> 6G. (mdbox, dovecot 2:2.0.14) >> >> Syncing/Receiving appears to be slow, with outlook 2007. He does not >> want to switch to an alternative, due to various reasons. >> >> Any one else having similar issue? >> Anything else I should do to narrow down the issue? >> > > ---- > ? I can't speak for outlook 2007, but back in outlook 2000, as well as > outlook 2002, it spoke a broken dialect of IMAP that would cause it to > hang if you enabled it to read multiple mailboxes at one time. > > The only safe way I found to use it was to only let it use 1 connection at > a time, and even then it wasn't impossible to cause to to fail. > > Perhaps MS limited outlook to only 1 connection to IMAP servers -- when I > spoke to the engineer, they said that really had IMAP support at the > lowest level, as it allowed the use of non-MS servers and mail servers -- > and they only wanted to support Exchange (in order to get sites to buy > exchange!)... > I thought it might have been something anti-competitive... We decided to give outlook 2k10 a try. Everything appears to work so far. It seems to be using only 1 connection... 2k7 was using 5 connections, with multiple connections in idle state(adding inotify watches) > ? The issue was reported broken in 2000, and they had not fixed it by > 2002 (office XP), so I moved to thunderbird... > thunderbird does not really work for us, due to amount of emails per mailbox. It was hogging all the memory + cpu. Trying out claw-mail. It is working really well. > ? I missed a few-several features, but I didn't miss the slowness and > unreliability in everyday reading of email. > > ? Another problem -- AFAIK, outlook is only 32bit. ?My mom gets > harassed, constantly to move things out of her primary .pst file and into > 'archives', (where she can't easily access them and they don't have to be > indexed...) because, the internal format became more strained as it got > larger. ? With 6G of folders, indexing those, your user might be hitting > outlook memory problems (not running out, but 'thrashing')... > > ? If possible, he might try unsubbing to older boxes on his main > account, and setup an alternate account to 'go into the archives'...that > way syncing only with currently active folders should go much faster)... > > Send him my condolences... > > > -l > > > > >> >> Thanks >> KuiZ >> > From other at ahhyes.net Tue Sep 20 06:49:23 2011 From: other at ahhyes.net (Alex) Date: Tue, 20 Sep 2011 13:49:23 +1000 Subject: [Dovecot] Why can NOT login as root In-Reply-To: References: <4E6B3634.18171.51F73FE@jana1972.centrum.cz> <4E6BD852.5000306@vo.lu> <4E77CEBA.8050603@tlinx.org> Message-ID: <308b79326740349f16af13f2077c1f62@ahhyes.net> On Tue, 20 Sep 2011 02:50:32 +0300, Timo Sirainen wrote: > On 20.9.2011, at 2.22, Linda Walsh wrote: > >> I can log in via SSH, so why not allow it with secure IMAP? I >> suppose >> really, if someone wants to run as root with no password dovecot >> should be >> **configurable** to allow this -- as we can't always understand the >> needs >> of end users. > > Because there's no good reason to read mails as root. If you can give > me a good reason I might reconsider, but I highly doubt that's going > to happen. > > Anyway it's mainly about making sure that in the case of some > internal security hole (or misconfiguration) in Dovecot at least that > security hole couldn't be leveraged to gain root privileges that > would > allow reading everyone's mails. > >> Example. You have a system on which root uid=0 means nothing >> (assigns no >> privs -- all assigned via privilege/capability bits). >> >> This means dovecot is hardcoded to lock out a user that may have no >> privileges, but has no prob permitting access to those with full >> Capability/priv sets. > > Rare, and in such cases irrelevant. From other at ahhyes.net Tue Sep 20 07:03:29 2011 From: other at ahhyes.net (Alex) Date: Tue, 20 Sep 2011 14:03:29 +1000 Subject: [Dovecot] Why can NOT login as root In-Reply-To: <308b79326740349f16af13f2077c1f62@ahhyes.net> References: <4E6B3634.18171.51F73FE@jana1972.centrum.cz> <4E6BD852.5000306@vo.lu> <4E77CEBA.8050603@tlinx.org> <308b79326740349f16af13f2077c1f62@ahhyes.net> Message-ID: <9dbaaa16a9731eefa05cef6c3c6a9dbf@ahhyes.net> On Tue, 20 Sep 2011 13:49:23 +1000, Alex wrote: > On Tue, 20 Sep 2011 02:50:32 +0300, Timo Sirainen wrote: >> On 20.9.2011, at 2.22, Linda Walsh wrote: >> >>> I can log in via SSH, so why not allow it with secure IMAP? I >>> suppose >>> really, if someone wants to run as root with no password dovecot >>> should be >>> **configurable** to allow this -- as we can't always understand >>> the needs >>> of end users. >> >> Because there's no good reason to read mails as root. If you can >> give >> me a good reason I might reconsider, but I highly doubt that's going >> to happen. >> >> Anyway it's mainly about making sure that in the case of some >> internal security hole (or misconfiguration) in Dovecot at least >> that >> security hole couldn't be leveraged to gain root privileges that >> would >> allow reading everyone's mails. >> >>> Example. You have a system on which root uid=0 means nothing >>> (assigns no >>> privs -- all assigned via privilege/capability bits). >>> >>> This means dovecot is hardcoded to lock out a user that may have no >>> privileges, but has no prob permitting access to those with full >>> Capability/priv sets. >> >> Rare, and in such cases irrelevant. From other at ahhyes.net Tue Sep 20 07:06:16 2011 From: other at ahhyes.net (Alex) Date: Tue, 20 Sep 2011 14:06:16 +1000 Subject: [Dovecot] Default permissions on newly created maildir Message-ID: Hi Guys, I am setting up SQL auth for mail. Auth works fine, I notice that if no maildir exists for the authenticated user, it is created automatically (depending on the homedir specified in the sql table entry). The problem is that it creates the dir with "700" permissions which is causing grief for my MTA when it comes time for it to try and drop mail there. If I chmod the dir to 770 things work fine. How do I change the default permissions that dovecot uses whenever it creates a new mail account? From Lutz.Pressler at SerNet.DE Tue Sep 20 10:12:45 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Tue, 20 Sep 2011 09:12:45 +0200 Subject: [Dovecot] 2.1: problems compiling fts-lucene - CLucene git version necessary? In-Reply-To: <1316446540.12936.114.camel@hurina> References: <7C9B9C67-A1FD-472B-8514-BC54F1B01D00@iki.fi> <1316446540.12936.114.camel@hurina> Message-ID: On Mo, 19 Sep 2011, Timo Sirainen wrote: > On Sun, 2011-09-18 at 13:27 +0200, Lutz Pre?ler wrote: > > Hello, > > On So, 11 Sep 2011, Timo Sirainen wrote: > > > On 11.9.2011, at 22.22, Lutz Pre?ler wrote: > > > > I have problems recompiling the Debian squeeze auto build packages > > > > with "--with-lecene". Is the git (2.3) version of CLucene necessary? > > > Yes. > > Ok, I now tried to test with clucene-core-2.3.3.4. Quite unsucessfully... > > I built libclucene-core-static.a and libclucene-shared-static.a after > > changing the cmake option (BUILD_STATIC_LIBRARIES). But despite enabling > > BUILD_CONTRIBS, BUILD_CONTRIBS_LIB no snowball/libstemmer has been build. > > You need to install libstemmer separately. I think I used > http://snowball.tartarus.org/dist/libstemmer_c.tgz Still having build problems --with-stemmer... libstemmer built and referenced seperately, libtextcat as Debian package, it's: lucene-wrapper.cc: In function 'lucene_index* lucene_index_init(const char*, mailbox_list*, const fts_lucene_settings*)': lucene-wrapper.cc:108: error: no matching function for call to 'lucene::analysis::snowball::SnowballAnalyzer::SnowballAnalyzer(const char*&)' ../../../../clucene-core-2.3.3.4/src/contribs-lib/CLucene/snowball/SnowballAnalyzer.h:32: note: candidates are: lucene::analysis::snowball::SnowballAnalyzer::SnowballAnalyzer(const TCHAR*, const TCHAR**) ../../../../clucene-core-2.3.3.4/src/contribs-lib/CLucene/snowball/SnowballAnalyzer.h:28: note: lucene::analysis::snowball::SnowballAnalyzer::SnowballAnalyzer(const TCHAR*) ../../../../clucene-core-2.3.3.4/src/contribs-lib/CLucene/snowball/SnowballAnalyzer.h:22: note: lucene::analysis::snowball::SnowballAnalyzer::SnowballAnalyzer(const lucene::analysis::snowball::SnowballAnalyzer&) index->set.default_language is char, but TCHAR is wchar_t but not char? > > > dovecot: imap(...): Error: fts_lucene: default_language set, but Dovecot built without stemmer support > > Fixed: http://hg.dovecot.org/dovecot-2.1/rev/02c84406c661 Without stemmer support it works nicely now though. One further question: Is fts indexing after delivery still on your TODO list? Lutz From tom at elysium.ltd.uk Tue Sep 20 11:15:01 2011 From: tom at elysium.ltd.uk (Tom Clark) Date: Tue, 20 Sep 2011 09:15:01 +0100 Subject: [Dovecot] mail_max_userip_connections=10 In-Reply-To: <42D8EE74-351A-4508-99BC-626318016346@iki.fi> References: <002d01cc76a5$ff88f970$fe9aec50$@elysium.ltd.uk> <4E7735B1.5000501@cse.yorku.ca> <006e01cc76c8$cf849090$6e8db1b0$@elysium.ltd.uk> <4E777F5D.7050006@globalchangemusic.org> <42D8EE74-351A-4508-99BC-626318016346@iki.fi> Message-ID: <000d01cc776d$653d5280$2fb7f780$@elysium.ltd.uk> If it is the same problem with K9 (although Timo doesn't think it is) we fixed it on the K9 machine by turning off PUSH mail folders. Tom -----Original Message----- From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On Behalf Of Timo Sirainen Sent: 19 September 2011 7:12 PM To: Asai Cc: Dovecot Mailing List Subject: Re: [Dovecot] mail_max_userip_connections=10 On 19.9.2011, at 20.43, Asai wrote: > If you figure it out, please post the solution, because we're running into a similar issue right now with K9 mail where it's causing us to get this error:imap-login: Disconnected: Connection queue full That's a different problem. You need to increase number of login processes / connections. http://wiki2.dovecot.org/LoginProcess From usuda at designet.co.jp Tue Sep 20 12:28:49 2011 From: usuda at designet.co.jp (USUDA Hisashi) Date: Tue, 20 Sep 2011 18:28:49 +0900 Subject: [Dovecot] DRAC plugin for Dovecot-2.x Message-ID: <4E785CD1.5030907@designet.co.jp> Hello All, I released the DRAC plugin for dovecot-2.x. http://sourceforge.jp/projects/dovecot2-drac/ It's based the plugin for dovecot-1.1: http://dovecot.org/patches/1.1/drac.c Please see README file for details. Best regards, -- mailto:usuda at designet.co.jp From CMarcus at Media-Brokers.com Tue Sep 20 13:21:50 2011 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Tue, 20 Sep 2011 06:21:50 -0400 Subject: [Dovecot] outlook 2007 very slow. In-Reply-To: <4E77CA5A.6010506@tlinx.org> References: <4E77CA5A.6010506@tlinx.org> Message-ID: <4E78693E.3080308@Media-Brokers.com> On 2011-09-19 7:03 PM, Linda Walsh wrote: > Another problem -- AFAIK, outlook is only 32bit. My mom gets > harassed, constantly to move things out of her primary .pst file and > into 'archives', (where she can't easily access them and they don't > have to be indexed...) because, the internal format became more > strained as it got larger. With 6G of folders, indexing those, your > user might be hitting outlook memory problems (not running out, but > 'thrashing')... Outlook < 2007 were limited to 2GB .pst files. > 2007 could use max of 20GB .pst files, although in my experience it gets slow/sluggish with more than 10GB (and keep good backups, .pst files can get corrupted if you look at them too hard)... IMAP support got much better in 2007, and is even better in 2010, but Outlook still only really shines as an Exchange client, and that is the way Microsoft wants it (and understandably so)... Personally, I would only use Outlook in an Exchange environment, never as a standalone email client, although it's calendar is much better than Thunderbird+Lightning I'm sad to say... -- Best regards, Charles From CMarcus at Media-Brokers.com Tue Sep 20 13:23:51 2011 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Tue, 20 Sep 2011 06:23:51 -0400 Subject: [Dovecot] Why can NOT login as root In-Reply-To: <4E77CEBA.8050603@tlinx.org> References: <4E6B3634.18171.51F73FE@jana1972.centrum.cz> <4E6BD852.5000306@vo.lu> <4E77CEBA.8050603@tlinx.org> Message-ID: <4E7869B7.4090209@Media-Brokers.com> On 2011-09-19 7:22 PM, Linda Walsh wrote: >> If the root user is receiving emails, these need to be redirected to >> another user so they can be read via IMAP. > I guess the source needs a patch. Only if you like wasting your time. > Why would dovecot choose to play nursemaid to people who want to read > root email remotely via IMAPS? It is generally considered 'standard procedure' to alias root to another user account for mail. That's one of the first things I do when setting up a new server, whether it is a mail server or other... -- Best regards, Charles From dovecot at lists.grepular.com Tue Sep 20 13:30:26 2011 From: dovecot at lists.grepular.com (dovecot at lists.grepular.com) Date: Tue, 20 Sep 2011 11:30:26 +0100 Subject: [Dovecot] outlook 2007 very slow. In-Reply-To: <4E78693E.3080308@Media-Brokers.com> References: <4E77CA5A.6010506@tlinx.org> <4E78693E.3080308@Media-Brokers.com> Message-ID: <4E786B42.8090706@lists.grepular.com> On 20/09/11 11:21, Charles Marcus wrote: > IMAP support got much better in 2007, How did it get better? They removed NAMESPACE support when moving from 2003 to 2007, which was a complete ball ache for us. > and is even better in 2010 Do they support ACL in 2010? They don't in 2007, which is really frustrating. What is better about 2010 IMAP support compared to 2007? I'm genuinely interested to know... -- Mike Cardwell https://grepular.com/ https://twitter.com/mickeyc Professional http://cardwellit.com/ http://linkedin.com/in/mikecardwell PGP.mit.edu 0018461F/35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 455 bytes Desc: OpenPGP digital signature URL: From CMarcus at Media-Brokers.com Tue Sep 20 13:46:17 2011 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Tue, 20 Sep 2011 06:46:17 -0400 Subject: [Dovecot] outlook 2007 very slow. In-Reply-To: <4E786B42.8090706@lists.grepular.com> References: <4E77CA5A.6010506@tlinx.org> <4E78693E.3080308@Media-Brokers.com> <4E786B42.8090706@lists.grepular.com> Message-ID: <4E786EF9.8090101@Media-Brokers.com> On 2011-09-20 6:30 AM, dovecot at lists.grepular.com wrote: > On 20/09/11 11:21, Charles Marcus wrote: > >> IMAP support got much better in 2007, > > How did it get better? They removed NAMESPACE support when moving from > 2003 to 2007, which was a complete ball ache for us. 2003 was basically unusable on large mail stores. 2007 actually became usable, in that it was much more responsive when working with mail, but my testing didn't really go beyond that, it was more curiosity than anything (and, I have ONE friend who insists on using Outlook because the Calendar is so much better than anything else out there). >> and is even better in 2010 > Do they support ACL in 2010? They don't in 2007, which is really > frustrating. What is better about 2010 IMAP support compared to 2007? > I'm genuinely interested to know... What do you mean by 'ACL support'? Do you mean the ability to create/edit them on shared folders? If so, then no, not natively, I don't think, but I didn't do any intensive testing, all I can tell you is it is much more responsive, especially on larger folders. -- Best regards, Charles From dovecot at lists.grepular.com Tue Sep 20 13:57:17 2011 From: dovecot at lists.grepular.com (Mike Cardwell) Date: Tue, 20 Sep 2011 11:57:17 +0100 Subject: [Dovecot] outlook 2007 very slow. In-Reply-To: <4E786EF9.8090101@Media-Brokers.com> References: <4E77CA5A.6010506@tlinx.org> <4E78693E.3080308@Media-Brokers.com> <4E786B42.8090706@lists.grepular.com> <4E786EF9.8090101@Media-Brokers.com> Message-ID: <4E78718D.6090400@lists.grepular.com> On 20/09/11 11:46, Charles Marcus wrote: >>> and is even better in 2010 > >> Do they support ACL in 2010? They don't in 2007, which is really >> frustrating. What is better about 2010 IMAP support compared to 2007? >> I'm genuinely interested to know... > > What do you mean by 'ACL support'? Do you mean the ability to > create/edit them on shared folders? Yes. Support for the IMAP ACL extension. > If so, then no, not natively, I > don't think, but I didn't do any intensive testing, all I can tell you > is it is much more responsive, especially on larger folders. This is a real shame. IMAP can do so much more than Exchange's IMAP implementation allows. -- Mike Cardwell https://grepular.com/ https://twitter.com/mickeyc Professional http://cardwellit.com/ http://linkedin.com/in/mikecardwell PGP.mit.edu 0018461F/35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 455 bytes Desc: OpenPGP digital signature URL: From stan at hardwarefreak.com Tue Sep 20 15:21:01 2011 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Tue, 20 Sep 2011 07:21:01 -0500 Subject: [Dovecot] mail_max_userip_connections=10 In-Reply-To: <006e01cc76c8$cf849090$6e8db1b0$@elysium.ltd.uk> References: <002d01cc76a5$ff88f970$fe9aec50$@elysium.ltd.uk> <4E7735B1.5000501@cse.yorku.ca> <006e01cc76c8$cf849090$6e8db1b0$@elysium.ltd.uk> Message-ID: <4E78852D.1070506@hardwarefreak.com> On 9/19/2011 7:36 AM, Tom Clark wrote: > Hi Paul, > > It's coming from the same IP address through his ADSL. Hence he gets the > problem with max_userip_connections. > > I think I tracked down the problem. He's been using K9 mail which seems to > have a problem where it doesn't release a connection and has 1 connection > per subscribed folder.... The reasoning behind the multiple socket communication design in the IMAP protocol is flawed, thus we end up with problems like yours, and others. It may have looked good on the white board but it doesn't seem to add benefit in production--only add problems. At least from an SA's perspective. Just about every other modern internet protocol gets by with a single socket, and many of those applications are more complex than IMAP. Multiple virtual channels are a good idea at the data link layer of WAN communications links, and work well there. They're a lousy idea at the application layer, however, as the IMAP protocol clearly demonstrates. Everything IMAP does over multiple sockets could have been accomplished over a single socket, with no noticeable decrease in performance, but with fewer SA headaches and fewer server resources consumed. I eagerly await a successor to the current version of IMAP, which will hopefully do away with this problematic, unnecessary, multiple socket nonsense. It may be a long wait, unfortunately... -- Stan From helge at monsternett.no Tue Sep 20 16:58:13 2011 From: helge at monsternett.no (Helge Milde) Date: Tue, 20 Sep 2011 15:58:13 +0200 Subject: [Dovecot] Trouble getting lda to gzip incomming mails (zlib plugin) Message-ID: <20110920135808.GB28582@monsternett.no> Hi! I've followed the guide at http://wiki2.dovecot.org/Plugins/Zlib to try to make Dovecot gzip incomming mails, but it doesn't seem to work. I've made pop/imap read gzipped files, and this seems to work perfectly, but LDA is still saving incomming mails in plain text. There's not too much information out there regarding the zlib module, so I'm not sure where to start debugging the problem, and was hoping someone could point me in the right direction. The only mention of zlib when LDA is delivering a file: Sep 20 15:51:19 mail dovecot: deliver(helgemil): Module loaded: /usr/lib/dovecot/modules/lda/lib20_zlib_plugin.so The most relevant lines from dovecot.conf: mail_debug = yes protocols = imap pop3 imaps pop3s mail_location = maildir:~/Maildir mail_privileged_group = mail max_mail_processes = 1024 mail_process_size = 512 protocol imap { mail_max_userip_connections = 50 mail_plugins = fts fts_squat zlib } protocol pop3 { pop3_uidl_format = %08Xu%08Xv mail_max_userip_connections = 50 mail_plugins = zlib } protocol lda { postmaster_address = postmaster at monsternett.no mail_plugins = sieve zlib mail_plugin_dir = /usr/lib/dovecot/modules/lda sieve_global_dir = /etc/dovecot/sieve/ sieve_global_path = /etc/dovecot/sieve/default.sieve } plugin { zlib_save_level = 6 zlib_save = gz fts = squat sieve = ~/dovecot.sieve sieve_dir = ~/ } -- Helge Milde, 69701808 www.monsternett.no From udo.lembke at albertbauer.com Tue Sep 20 18:36:47 2011 From: udo.lembke at albertbauer.com (Udo Lembke) Date: Tue, 20 Sep 2011 17:36:47 +0200 Subject: [Dovecot] how to disable quota for second namespace? Message-ID: <4E78B30F.7020000@albertbauer.com> Hi all, I have a second namespace as archive, where no quota should be active (work with type = shared). But if I change the type to private the quota will allways count. My dovecot version is the 2.0.13. I have tried things like this: plugin { quota_rule = *:storage=500M quota_rule2 = Trash:storage=+100M quota_rule3 = Sent:storage=+50M quota_rule4 = ns=archiv/%u/:ignore } It's also doesn't work with "quota_rule4 = archiv/%u/:ignore" The namespace: namespace { type = private separator = / prefix = "archiv/%u/" location = maildir:/var/data/archiv/%d/%n:INDEX=/var/data/indexes/archiv/%u:LAYOUT=fs inbox = no hidden = no subscriptions = no list = yes } Even if I define the namespace for quota I see the quota-value also in the "root": plugin { quota = maildir:User quota quota2 = maildir:Archiv quota:ns=archiv/%u/ } doveadm quota get -u test at example.com Quota name Type Value Limit % User quota STORAGE 1587135 512000 309 User quota MESSAGE 13346 - 0 Archiv quota STORAGE 1359379 - 0 Archiv quota MESSAGE 10577 - 0 du -ks /var/data/mail/example.com/test 234364 /var/data/mail/example.com/test du -ks /var/data/archiv/example.com/test 1383792 /var/data/archiv/example.com/test Now is the big question, how can I reach such an output? doveadm quota get -u test at example.com Quota name Type Value Limit % User quota STORAGE 227756 512000 44 User quota MESSAGE 2769 - 0 Archiv quota STORAGE 1359379 - 0 Archiv quota MESSAGE 10577 - 0 I can't believe that's only possible with a shared namespace, or? Any hints are welcome. Best regards Udo From patrickdk at patrickdk.com Tue Sep 20 18:54:21 2011 From: patrickdk at patrickdk.com (Patrick Domack) Date: Tue, 20 Sep 2011 11:54:21 -0400 Subject: [Dovecot] Trouble getting lda to gzip incomming mails (zlib plugin) In-Reply-To: <20110920135808.GB28582@monsternett.no> References: <20110920135808.GB28582@monsternett.no> Message-ID: <20110920115421.Horde.44HXTZLnE6FOeLctSTJCeHA@kishi.patrickdk.com> I thinking your mail_plugin_dir is not needed, I don't have it configured, and that path doesn't even exist on my system, maybe hangover from 1.x config? Quoting Helge Milde : > Hi! > I've followed the guide at http://wiki2.dovecot.org/Plugins/Zlib to > try to make Dovecot gzip incomming mails, but it doesn't seem to work. > I've made pop/imap read gzipped files, and this seems to work > perfectly, but LDA is still saving incomming mails in plain text. > There's not too much information out there regarding the zlib > module, so I'm not sure where to start debugging the problem, and > was hoping someone could point me in the right direction. > > The only mention of zlib when LDA is delivering a file: > Sep 20 15:51:19 mail dovecot: deliver(helgemil): Module loaded: > /usr/lib/dovecot/modules/lda/lib20_zlib_plugin.so The most > relevant lines from dovecot.conf: > mail_debug = yes > protocols = imap pop3 imaps pop3s > mail_location = maildir:~/Maildir > mail_privileged_group = mail > max_mail_processes = 1024 > mail_process_size = 512 > > protocol imap { > mail_max_userip_connections = 50 > mail_plugins = fts fts_squat zlib > } > > protocol pop3 { > pop3_uidl_format = %08Xu%08Xv > mail_max_userip_connections = 50 > mail_plugins = zlib > } > > protocol lda { > postmaster_address = postmaster at monsternett.no > mail_plugins = sieve zlib > mail_plugin_dir = /usr/lib/dovecot/modules/lda > sieve_global_dir = /etc/dovecot/sieve/ > sieve_global_path = /etc/dovecot/sieve/default.sieve > } > > plugin { > zlib_save_level = 6 > zlib_save = gz > fts = squat > sieve = ~/dovecot.sieve > sieve_dir = ~/ > } > > -- > Helge Milde, 69701808 > www.monsternett.no From helge at monsternett.no Tue Sep 20 19:22:53 2011 From: helge at monsternett.no (Helge Milde) Date: Tue, 20 Sep 2011 18:22:53 +0200 Subject: [Dovecot] Trouble getting lda to gzip incomming mails (zlib plugin) In-Reply-To: <20110920115421.Horde.44HXTZLnE6FOeLctSTJCeHA@kishi.patrickdk.com> References: <20110920135808.GB28582@monsternett.no> <20110920115421.Horde.44HXTZLnE6FOeLctSTJCeHA@kishi.patrickdk.com> Message-ID: <20110920162253.GC2939@monsternett.no> Well, I can't see why it would hurt either. The reason we're using that directory is that the sieve plugin is compiled into lda/ by default, I think. I will try to move the sieve files into dovecot/ and remove mail_plugin_dir tomorrow, but I don't think it will help since dovecot has no problems *loading* the library. On Tue, Sep 20, 2011 at 11:54:21AM -0400, Patrick Domack wrote: >I thinking your mail_plugin_dir is not needed, I don't have it >configured, and that path doesn't even exist on my system, maybe >hangover from 1.x config? > > >Quoting Helge Milde : > >>Hi! >>I've followed the guide at http://wiki2.dovecot.org/Plugins/Zlib to >>try to make Dovecot gzip incomming mails, but it doesn't seem to >>work. >>I've made pop/imap read gzipped files, and this seems to work >>perfectly, but LDA is still saving incomming mails in plain text. >>There's not too much information out there regarding the zlib >>module, so I'm not sure where to start debugging the problem, and >>was hoping someone could point me in the right direction. >> >>The only mention of zlib when LDA is delivering a file: >>Sep 20 15:51:19 mail dovecot: deliver(helgemil): Module loaded: >>/usr/lib/dovecot/modules/lda/lib20_zlib_plugin.so The most >>relevant lines from dovecot.conf: >>mail_debug = yes >>protocols = imap pop3 imaps pop3s >>mail_location = maildir:~/Maildir >>mail_privileged_group = mail >>max_mail_processes = 1024 >>mail_process_size = 512 >> >>protocol imap { >> mail_max_userip_connections = 50 >> mail_plugins = fts fts_squat zlib >>} >> >>protocol pop3 { >> pop3_uidl_format = %08Xu%08Xv >> mail_max_userip_connections = 50 >> mail_plugins = zlib >>} >> >>protocol lda { >> postmaster_address = postmaster at monsternett.no >> mail_plugins = sieve zlib >> mail_plugin_dir = /usr/lib/dovecot/modules/lda >> sieve_global_dir = /etc/dovecot/sieve/ >> sieve_global_path = /etc/dovecot/sieve/default.sieve >>} >> >>plugin { >> zlib_save_level = 6 >> zlib_save = gz >> fts = squat >> sieve = ~/dovecot.sieve >> sieve_dir = ~/ >>} >> >>-- >>Helge Milde, 69701808 >>www.monsternett.no > > > -- Helge Milde, 69701808 www.monsternett.no From asai at globalchangemusic.org Tue Sep 20 20:46:38 2011 From: asai at globalchangemusic.org (Asai) Date: Tue, 20 Sep 2011 10:46:38 -0700 Subject: [Dovecot] mail_max_userip_connections=10 In-Reply-To: <000d01cc776d$653d5280$2fb7f780$@elysium.ltd.uk> References: <002d01cc76a5$ff88f970$fe9aec50$@elysium.ltd.uk> <4E7735B1.5000501@cse.yorku.ca> <006e01cc76c8$cf849090$6e8db1b0$@elysium.ltd.uk> <4E777F5D.7050006@globalchangemusic.org> <42D8EE74-351A-4508-99BC-626318016346@iki.fi> <000d01cc776d$653d5280$2fb7f780$@elysium.ltd.uk> Message-ID: <4E78D17E.90607@globalchangemusic.org> Thanks for the insight, Tom. Yeah, it was a different problem, and we solved it. On 9/20/2011 1:15 AM, Tom Clark wrote: > If it is the same problem with K9 (although Timo doesn't think it is) we > fixed it on the K9 machine by turning off PUSH mail folders. > > Tom > > -----Original Message----- > From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On > Behalf Of Timo Sirainen > Sent: 19 September 2011 7:12 PM > To: Asai > Cc: Dovecot Mailing List > Subject: Re: [Dovecot] mail_max_userip_connections=10 > > On 19.9.2011, at 20.43, Asai wrote: > >> If you figure it out, please post the solution, because we're running into > a similar issue right now with K9 mail where it's causing us to get this > error:imap-login: Disconnected: Connection queue full > > That's a different problem. You need to increase number of login processes / > connections. http://wiki2.dovecot.org/LoginProcess > > From Anton.Aylward at antonaylward.com Tue Sep 20 23:03:39 2011 From: Anton.Aylward at antonaylward.com (Anton Aylward) Date: Tue, 20 Sep 2011 16:03:39 -0400 Subject: [Dovecot] About using Dovecot indexes with Thunderbird/kmail Message-ID: <4E78F19B.2070909@antonaylward.com> I have Dovecot running well on my Mandriva mail hub, handing out IMAP to the household LAN. This is 1.2.15. Eventually I'll upgrade the OS and get 2.x, but this is working fine. So this question is really about the mail readers I use and how they make use of Dovecot. I have Thunderbird on my laptop and KMail2 on my desktop. Dovecot indexes. GOOD! The trouble is that the mail readers want their own indexes :-( I wish that Thunderbird would NOT index mail on my laptop, but it does. I wish Kmail2 would not use nepomuk/akonadi to index the mail but it does. Why can't they both believe the indexes used by Dovecot? Is this an unreasonable request? -- "We stand behind all of our products, except for the manure spreader." -- Corporate motto of an equipment manufacturer From CMarcus at Media-Brokers.com Tue Sep 20 23:22:53 2011 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Tue, 20 Sep 2011 16:22:53 -0400 Subject: [Dovecot] About using Dovecot indexes with Thunderbird/kmail In-Reply-To: <4E78F19B.2070909@antonaylward.com> References: <4E78F19B.2070909@antonaylward.com> Message-ID: <4E78F61D.2050601@Media-Brokers.com> On 2011-09-20 4:03 PM, Anton Aylward wrote: > I wish that Thunderbird would NOT index mail on my laptop, but it does. So turn it (GLODA) off... -- Best regards, Charles From lists at necoro.eu Tue Sep 20 23:38:21 2011 From: lists at necoro.eu (=?UTF-8?B?UmVuw6kgTmV1bWFubg==?=) Date: Tue, 20 Sep 2011 22:38:21 +0200 Subject: [Dovecot] Sieve: Vacation, handle and variable Message-ID: <4E78F9BD.6090306@necoro.eu> Hi *, I am adding a generic way for vacation-replies in my sieve setup. There I set the handle and the reason using variables (see end of mail). My simple question now is: Though variable expansion is not done for subject and reason, is it done for the handle? Because else there seems no way in configuring the vacation action via variables. I tried to read the code for this extension, but ... well ... the whole sieve implementation is way more complicated then I figured ^^. Thus I take the question to the list. Thanks, Ren? ----- default.sieve ----- require [..., "include", "variables"]; # set this to the text you want to get included in the vacation-mail global ["vacation", "vhandle"]; set "vhandle" ""; set "vacation" ""; [...] include :personal "vacation"; ----- vacation.sieve ----- require ["variables", "include", "vacation"]; # this is set in the including script global ["vacation", "vhandle"]; if string :is "${vacation}" "" { return; } # ensure we have a handle if string :is "${vhandle}" "" { set "vhandle" "${vacation}"; } if header :matches "subject" "*" { set "sbj" "Out of office [was: ${1}]"; vacation :addresses [...] :from "..." :days 7 :handle "${vhandle}" :subject "${sbj}" "${vacation}"; } ------------------------- -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From Anton.Aylward at antonaylward.com Wed Sep 21 00:37:50 2011 From: Anton.Aylward at antonaylward.com (Anton Aylward) Date: Tue, 20 Sep 2011 17:37:50 -0400 Subject: [Dovecot] About using Dovecot indexes with Thunderbird/kmail In-Reply-To: <4E78F61D.2050601@Media-Brokers.com> References: <4E78F19B.2070909@antonaylward.com> <4E78F61D.2050601@Media-Brokers.com> Message-ID: <4E7907AE.2040809@antonaylward.com> Charles Marcus said the following on 09/20/2011 04:22 PM: > On 2011-09-20 4:03 PM, Anton Aylward wrote: >> I wish that Thunderbird would NOT index mail on my laptop, but it does. > > So turn it (GLODA) off... > Ah https://wiki.mozilla.org/Thunderbird:Using_Gloda Well it is off, but I still have these index files ... So perhaps its not index that taking all the space and gets rebuilt when T Bird says its downloading the headers and indexing ... And then there's nepomuk.... I'm coming to hate nepomuk! -- "Beware of bugs in the above code; I have only proved it correct, not tried it." -- Knuth From lists at necoro.eu Wed Sep 21 00:48:54 2011 From: lists at necoro.eu (=?UTF-8?B?UmVuw6kgTmV1bWFubg==?=) Date: Tue, 20 Sep 2011 23:48:54 +0200 Subject: [Dovecot] Sieve: Vacation, handle and variable In-Reply-To: <4E78F9BD.6090306@necoro.eu> References: <4E78F9BD.6090306@necoro.eu> Message-ID: <4E790A46.7020603@necoro.eu> Am 20.09.2011 22:38, schrieb Ren? Neumann: > Hi *, > > I am adding a generic way for vacation-replies in my sieve setup. There > I set the handle and the reason using variables (see end of mail). My > simple question now is: Though variable expansion is not done for > subject and reason, is it done for the handle? Because else there seems > no way in configuring the vacation action via variables. Ok. I just learned about sieve-test. And this shows me: * send vacation message: => seconds : 604800 => subject: FooSubj => from : ... => handle : ${vhandle} So the handle does not expand variables. Hence: Would it be possible to add for example a non-standard ":expand list" option to vacation, where 'list' contains the names of the options where it is safe to do variable-expansion? - Ren? -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From stephan at rename-it.nl Wed Sep 21 02:09:50 2011 From: stephan at rename-it.nl (Stephan Bosch) Date: Wed, 21 Sep 2011 01:09:50 +0200 Subject: [Dovecot] Sieve: Vacation, handle and variable In-Reply-To: <4E790A46.7020603@necoro.eu> References: <4E78F9BD.6090306@necoro.eu> <4E790A46.7020603@necoro.eu> Message-ID: <4E791D3E.1080009@rename-it.nl> Op 20-9-2011 23:48, Ren? Neumann schreef: > Am 20.09.2011 22:38, schrieb Ren? Neumann: >> Hi *, >> >> I am adding a generic way for vacation-replies in my sieve setup. There >> I set the handle and the reason using variables (see end of mail). My >> simple question now is: Though variable expansion is not done for >> subject and reason, is it done for the handle? Because else there seems >> no way in configuring the vacation action via variables. > Ok. I just learned about sieve-test. And this shows me: > > * send vacation message: > => seconds : 604800 > => subject: FooSubj > => from : ... > => handle : ${vhandle} > > So the handle does not expand variables. Hence: Would it be possible to > add for example a non-standard ":expand list" option to vacation, where > 'list' contains the names of the options where it is safe to do > variable-expansion? No need. This is a violation of the standard and it was actually a long standing FIXME already. Fortunately, it was quite simple to repair: http://hg.rename-it.nl/dovecot-2.0-pigeonhole/rev/fe6df3425850 This will be included in the next release. Regards, Stephan From wgillespie+dovecot at es2eng.com Wed Sep 21 06:35:43 2011 From: wgillespie+dovecot at es2eng.com (Willie Gillespie) Date: Tue, 20 Sep 2011 21:35:43 -0600 Subject: [Dovecot] About using Dovecot indexes with Thunderbird/kmail In-Reply-To: <4E7907AE.2040809@antonaylward.com> References: <4E78F19B.2070909@antonaylward.com> <4E78F61D.2050601@Media-Brokers.com> <4E7907AE.2040809@antonaylward.com> Message-ID: <4E795B8F.3070007@es2eng.com> On 09/20/2011 03:37 PM, Anton Aylward wrote: > https://wiki.mozilla.org/Thunderbird:Using_Gloda > Well it is off, but I still have these index files ... > > So perhaps its not index that taking all the space and gets rebuilt when > T Bird says its downloading the headers and indexing ... Just have to ask: Is "Keep messages for this account on this computer" checked under the Synchronization & Storage settings? From isolderj at webmail.co.za Wed Sep 21 08:59:58 2011 From: isolderj at webmail.co.za (James isolder) Date: Wed, 21 Sep 2011 07:59:58 +0200 Subject: [Dovecot] IMAP delete logs Message-ID: Since enabling the mail_plugins = mail_log. I now get an error. Is there anything else I need to check adn how I can put the dovecot into debug mode so I can get more info about where it is failing. dovecot not running? (check /var/run/dovecot//master.pid). Starting dovecot. Error: imap dump-capability process returned 1 Fkevent(EV_ADD, 0) failed: Operation not supported by device Fatal: Invalid configuration in /usr/local/etc/dovecot.conf # 1.2.17: /usr/local/etc/dovecot.conf # OS: FreeBSD 7.0-RELEASE i386 base_dir: /var/run/dovecot/ protocols: imap pop3 listen(default): *:1143 listen(imap): *:1143 listen(pop3): *:1110 ssl: no disable_plaintext_auth: no login_dir: /var/run/dovecot//login login_executable(default): /usr/local/libexec/dovecot/imap-login login_executable(imap): /usr/local/libexec/dovecot/imap-login login_executable(pop3): /usr/local/libexec/dovecot/pop3-login login_log_format_elements: pid=%p rsock=%r:%b lsock=%l:%a proto=%s user=%u auth_method=%m secure=%c login_log_format: role=proxy realm=test %$: %s login_process_per_connection: no login_processes_count: 50 login_max_processes_count: 5120 login_max_connections: 512 max_mail_processes: 6144 mail_max_userip_connections(imap): 8 mail_max_userip_connections(pop3): 10 verbose_proctitle: yes first_valid_uid: 1000 first_valid_gid: 1000 mail_privileged_group: mail mail_location: mbox:~/mail/:INBOX=/var/mail/%u mail_debug: yes maildir_copy_preserve_filename: yes mail_executable(default): /usr/local/libexec/dovecot/rawlog /usr/local/libexec/dovecot/imap mail_executable(imap): /usr/local/libexec/dovecot/rawlog /usr/local/libexec/dovecot/imap mail_executable(pop3): /usr/local/libexec/dovecot/rawlog /usr/local/libexec/dovecot/pop3 mail_plugins(default): mail_log mail_plugins(imap): mail_log mail_plugins(pop3): mail_plugin_dir: /usr/local/lib/dovecot/pop3 mail_log_max_lines_per_sec: 0 pop3_enable_last(default): yes pop3_enable_last(imap): yes pop3_enable_last(pop3): no pop3_client_workarounds(default): outlook-no-nuls oe-ns-eoh pop3_client_workarounds(imap): outlook-no-nuls oe-ns-eoh pop3_client_workarounds(pop3): auth default: mechanisms: plain login cache_ttl: 0 cache_negative_ttl: 0 worker_max_count: 60 process_size: 512 passdb: driver: sql args: /usr/local/etc/dovecot-proxy.sql socket: type: listen client: path: /var/run/dovecot/auth-client mode: 432 master: path: /var/run/dovecot/auth-master mode: 384 plugin: mail_log_events: delete undelete expunge copy mailbox_delete mailbox_rename On Wed, 14 Sep 2011 14:40:21 +0200 "mailing at securitylabs.it" wrote > Il 14/09/2011 07:48, James isolder ha scritto: > > Version - 1.2.17 > > > > Is there a way to include message or folder deletion logs in the dovecot > > log > > files. > > > > > > Yes, you can use the mail logger plugin: > > http://wiki.dovecot.org/Plugins/MailLog ____________________________________________________________ South Africas premier free email service - www.webmail.co.za For super low premiums, click here. http://www.dialdirect.co.za/?vdn=15828 From helge at monsternett.no Wed Sep 21 09:25:31 2011 From: helge at monsternett.no (Helge Milde) Date: Wed, 21 Sep 2011 08:25:31 +0200 Subject: [Dovecot] Trouble getting lda to gzip incomming mails (zlib plugin) In-Reply-To: <20110920162253.GC2939@monsternett.no> References: <20110920135808.GB28582@monsternett.no> <20110920115421.Horde.44HXTZLnE6FOeLctSTJCeHA@kishi.patrickdk.com> <20110920162253.GC2939@monsternett.no> Message-ID: <20110921062531.GB20799@monsternett.no> Nope. It didn't change anything. Tried delivering manually while tracing the process too, and the only mention of "zlib" is this: open("/usr/lib/dovecot/modules/lda/lib20_zlib_plugin.so", O_RDONLY) = 9 read(9, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\200\22\0\0\0\0\0\0@"..., 832) = 832 fstat(9, {st_mode=S_IFREG|0644, st_size=15080, ...}) = 0 mmap(NULL, 2110464, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 9, 0) = 0x7f1407f1a000 mprotect(0x7f1407f1d000, 2097152, PROT_NONE) = 0 mmap(0x7f140811d000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 9, 0x3000) = 0x7f140811d000 close(9) = 0 On Tue, Sep 20, 2011 at 06:22:53PM +0200, Helge Milde wrote: >Well, I can't see why it would hurt either. >The reason we're using that directory is that the sieve plugin is compiled into lda/ by default, I think. I will try to move the sieve files into dovecot/ and remove mail_plugin_dir tomorrow, but I don't think it will help since dovecot has no problems *loading* the library. > >On Tue, Sep 20, 2011 at 11:54:21AM -0400, Patrick Domack wrote: >>I thinking your mail_plugin_dir is not needed, I don't have it >>configured, and that path doesn't even exist on my system, maybe >>hangover from 1.x config? >> >> >>Quoting Helge Milde : >> >>>Hi! >>>I've followed the guide at http://wiki2.dovecot.org/Plugins/Zlib >>>to try to make Dovecot gzip incomming mails, but it doesn't seem >>>to work. >>>I've made pop/imap read gzipped files, and this seems to work >>>perfectly, but LDA is still saving incomming mails in plain text. >>>There's not too much information out there regarding the zlib >>>module, so I'm not sure where to start debugging the problem, and >>>was hoping someone could point me in the right direction. >>> >>>The only mention of zlib when LDA is delivering a file: >>>Sep 20 15:51:19 mail dovecot: deliver(helgemil): Module loaded: >>>/usr/lib/dovecot/modules/lda/lib20_zlib_plugin.so The most >>>relevant lines from dovecot.conf: >>>mail_debug = yes >>>protocols = imap pop3 imaps pop3s >>>mail_location = maildir:~/Maildir >>>mail_privileged_group = mail >>>max_mail_processes = 1024 >>>mail_process_size = 512 >>> >>>protocol imap { >>> mail_max_userip_connections = 50 >>> mail_plugins = fts fts_squat zlib >>>} >>> >>>protocol pop3 { >>> pop3_uidl_format = %08Xu%08Xv >>> mail_max_userip_connections = 50 >>> mail_plugins = zlib >>>} >>> >>>protocol lda { >>> postmaster_address = postmaster at monsternett.no >>> mail_plugins = sieve zlib >>> mail_plugin_dir = /usr/lib/dovecot/modules/lda >>> sieve_global_dir = /etc/dovecot/sieve/ >>> sieve_global_path = /etc/dovecot/sieve/default.sieve >>>} >>> >>>plugin { >>> zlib_save_level = 6 >>> zlib_save = gz >>> fts = squat >>> sieve = ~/dovecot.sieve >>> sieve_dir = ~/ >>>} >>> >>>-- >>>Helge Milde, 69701808 >>>www.monsternett.no >> >> >> > >-- >Helge Milde, 69701808 >www.monsternett.no -- Helge Milde, 69701808 www.monsternett.no From g.ankkit at gmail.com Wed Sep 21 09:37:09 2011 From: g.ankkit at gmail.com (Ankit Gupta) Date: Wed, 21 Sep 2011 12:07:09 +0530 Subject: [Dovecot] Login problem via webmail and outlook Message-ID: Hi Mentors, Please help, our users are not able to login into their mailbox account using either outlook or webmail. Please find logs from /var/log/maillog Jan 17 10:45:40 elct dovecot: imap-login: Aborted login: user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured Jan 17 10:49:17 elct dovecot: imap-login: Aborted login: user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured Jan 17 11:02:57 elct dovecot: imap-login: Aborted login: user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured Jan 17 11:03:03 elct dovecot: imap-login: Aborted login: user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured Jan 17 11:10:08 elct dovecot: imap-login: Aborted login: user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured Jan 17 11:10:14 elct dovecot: imap-login: Aborted login: user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured Please help it is urgent. -- Regards Ankit Gupta, Tel: | M: +91 - 9650594790 From lists at necoro.eu Wed Sep 21 09:52:45 2011 From: lists at necoro.eu (=?UTF-8?B?UmVuw6kgTmV1bWFubg==?=) Date: Wed, 21 Sep 2011 08:52:45 +0200 Subject: [Dovecot] Sieve: Vacation, handle and variable In-Reply-To: <4E791D3E.1080009@rename-it.nl> References: <4E78F9BD.6090306@necoro.eu> <4E790A46.7020603@necoro.eu> <4E791D3E.1080009@rename-it.nl> Message-ID: <4E7989BD.2080206@necoro.eu> Am 21.09.2011 01:09, schrieb Stephan Bosch: > Op 20-9-2011 23:48, Ren? Neumann schreef: >> Am 20.09.2011 22:38, schrieb Ren? Neumann: >>> Hi *, >>> >>> I am adding a generic way for vacation-replies in my sieve setup. There >>> I set the handle and the reason using variables (see end of mail). My >>> simple question now is: Though variable expansion is not done for >>> subject and reason, is it done for the handle? Because else there seems >>> no way in configuring the vacation action via variables. >> Ok. I just learned about sieve-test. And this shows me: >> >> * send vacation message: >> => seconds : 604800 >> => subject: FooSubj >> => from : ... >> => handle : ${vhandle} >> >> So the handle does not expand variables. Hence: Would it be possible to >> add for example a non-standard ":expand list" option to vacation, where >> 'list' contains the names of the options where it is safe to do >> variable-expansion? > > No need. This is a violation of the standard and it was actually a long > standing FIXME already. Fortunately, it was quite simple to repair: > > http://hg.rename-it.nl/dovecot-2.0-pigeonhole/rev/fe6df3425850 > > This will be included in the next release. > > Regards, > > Stephan > Thanks a lot. I'll try it out. - Ren? -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From serarien at baqs.net Wed Sep 21 15:02:52 2011 From: serarien at baqs.net (Pierre) Date: Wed, 21 Sep 2011 14:02:52 +0200 Subject: [Dovecot] dovecot-virtual folder configuration In-Reply-To: <20110918170642.GA15868@mail3.serarien.com> References: <2a82c4fe9e3aba3c621fe9eb2e530200@mail3.serarien.com> <1316174903.12936.76.camel@hurina> <20110918170642.GA15868@mail3.serarien.com> Message-ID: <20110921120250.GR32217@mail3.serarien.com> Ok, named this "VIRTUAL" at the moment... Strange behaviour: this unread folder does not get refreshed, even if I refresh 'all' folder. I read something about putting index file in memory which could solve the problem. Is this reliable ? Pierre On 18/sept. - 19:06, Pierre wrote: > Thanks for the tip Timo. > > I was trying to make this work, when I got stupid issue: > I named my namespace "#virtual", but putting "#" > at the beginning of dovecot-virtual line makes it be > a comment. > > I tryed with '#", \#... without success > > Is there any method to make it work ? > > thx, > Pierre > > On 16/sept. - 15:08, Timo Sirainen wrote: > > On Fri, 2011-09-16 at 00:58 +0200, Pierre wrote: > > > Hi all, > > > > > > Long story short, I'd like to configure a folder containing: > > > > > > INBOX > > > (some other folders) > > > > > > -> unseen emails from these folders + all other emails (also seen) from > > > the same thread > > > -> seen emails from these folders, but only the recent ones + all other > > > emails from the same thread > > > > The "other mails from same thread" is still a bit problematic with > > virtual folders. From my TODO: > > > > - virtual: If last message matching INTHREAD rule gets expunged, the rest of > > the thread doesn't go away > > > > First you'll need to create a virtual folder that has all the mails that > > you would ever want to see in threads. For example: > > > > virtual/all/dovecot-virtual: > > ----- > > INBOX > > Sent > > some > > other > > folders > > all > > ----- > > > > Then based on that create the virtual mailbox you want: > > > > virtual/newstuff/dovecot-virtual: > > ----- > > virtual/all > > inthread refs or unseen recent > > ----- > > From Anton.Aylward at antonaylward.com Wed Sep 21 15:01:23 2011 From: Anton.Aylward at antonaylward.com (Anton Aylward) Date: Wed, 21 Sep 2011 08:01:23 -0400 Subject: [Dovecot] About using Dovecot indexes with Thunderbird/kmail In-Reply-To: <4E795B8F.3070007@es2eng.com> References: <4E78F19B.2070909@antonaylward.com> <4E78F61D.2050601@Media-Brokers.com> <4E7907AE.2040809@antonaylward.com> <4E795B8F.3070007@es2eng.com> Message-ID: <4E79D213.6010401@antonaylward.com> Willie Gillespie said the following on 09/20/2011 11:35 PM: > On 09/20/2011 03:37 PM, Anton Aylward wrote: >> https://wiki.mozilla.org/Thunderbird:Using_Gloda >> Well it is off, but I still have these index files ... >> >> So perhaps its not index that taking all the space and gets rebuilt when >> T Bird says its downloading the headers and indexing ... > > Just have to ask: Is "Keep messages for this account on this computer" > checked under the Synchronization& Storage settings? :-) No, its not. I'm aware of that one. I've googled for GLODA and found some articles that makes me think its not as simple as one setting in the about:config It seems even with GLODA turned OFF (see earlier in this thread) that global-messages-db.sqlite keeps getting rebuilt - that is the index is being rebuilt. So there must be more to it. See https://developer.mozilla.org/en/Thunderbird/gloda under 'Data Storage'. Why am I making an issue of this? It seems pointless to me that I should run Dovecot on a server and let it do indexing and full text indexing "in the background" with the intent to offload this processing and storage from my laptop (and in due course netbook and 'Pad -- both of which will be underpowered and lacking in storage and memory compared to the mailhub server, when my preferred clients - Thunderbird and Kmail/nepomuk - are going to be doing the indexing over again. While it may not matter on a hefty laptop it is going to matter on the Asus eee and tablets. -- My definition of an expert in any field is a person who knows enough about what's really going on to be scared. P. J. Plauger, Computer Language, March 1983 From forumer at smartmobili.com Wed Sep 21 15:04:37 2011 From: forumer at smartmobili.com (forumer at smartmobili.com) Date: Wed, 21 Sep 2011 14:04:37 +0200 Subject: [Dovecot] Webmail architecture : questions about cache and storage backend Message-ID: <2f02a9d98f83399faa4c502fb9ef13ee@smartmobili.com> Hi, I have some questions about dovecot-2.1 and need some advice about software architecture. My company plans to develop a kind of Document Managing System (DMS) and one of its module is a webmail that is currently in a pre-alpha stage (if you are curious you can have a look here http://kairos.smartmobili.com/ but don't be surprised if it doesn't work and please do not use IE for now). From my personal analysis that I am sure is incomplete we have the following options to handle emails storage and cache: 1) Do not use a cache and rely on dovecot performance to retrieve email's header in real time. Actually don't know if it's that simple because we might need to have a transformed version of emails to be able to display them more easily in the webmail. In this case this option is not really possible. 2) Use new dovecot-2.1 imap backend and develop a kind of dummy imap server listening to a custom port and storing emails inside a mongoDB database. Advantage is it allow replication very easily. 3) Wait for dovecot2.x to implement a NoSQL storage. Will it happen soon ? If you have other suggestions or ideas I would be happy to hear them. Vincent R. From CMarcus at Media-Brokers.com Wed Sep 21 15:05:48 2011 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Wed, 21 Sep 2011 08:05:48 -0400 Subject: [Dovecot] About using Dovecot indexes with Thunderbird/kmail In-Reply-To: <4E7907AE.2040809@antonaylward.com> References: <4E78F19B.2070909@antonaylward.com> <4E78F61D.2050601@Media-Brokers.com> <4E7907AE.2040809@antonaylward.com> Message-ID: <4E79D31C.5030609@Media-Brokers.com> On 2011-09-20 5:37 PM, Anton Aylward wrote: > Charles Marcus said the following on 09/20/2011 04:22 PM: >> On 2011-09-20 4:03 PM, Anton Aylward wrote: >>> I wish that Thunderbird would NOT index mail on my laptop, but it does. >> So turn it (GLODA) off... > Ah > https://wiki.mozilla.org/Thunderbird:Using_Gloda > Well it is off, but I still have these index files ... You still have *what* index files? There is only one GLODA index file, and you have to manually delete it after disabling GLODA to make it go away. It will recreate itself, but it will be tiny, and remain static. > So perhaps its not index that taking all the space and gets rebuilt when > T Bird says its downloading the headers and indexing ... It will definitely say it is downloading headers, but it shouldn't say indexing, that is GLODA. Do you have it set to download *all* messages? That is the default, and I *hate* it. I always disable it globally, then set a few select folders to only download 'on demand' (offline use) (Inbox, Sent, and a few others). -- Best regards, Charles From CMarcus at Media-Brokers.com Wed Sep 21 15:11:45 2011 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Wed, 21 Sep 2011 08:11:45 -0400 Subject: [Dovecot] Login problem via webmail and outlook In-Reply-To: References: Message-ID: <4E79D481.1060008@Media-Brokers.com> You need to learn how to ask for help. You have provided very little information. How about saying what has changed on your system recently (dovecot update? system updates?)... Have you attempted to restart dovecot? Does it give any errors? Also, provide config info - like output of doveconf -n On 2011-09-21 2:37 AM, Ankit Gupta wrote: > Hi Mentors, > > Please help, our users are not able to login into their mailbox account > using either outlook or webmail. > > Please find logs from /var/log/maillog > > Jan 17 10:45:40 elct dovecot: imap-login: Aborted login: > user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured > Jan 17 10:49:17 elct dovecot: imap-login: Aborted login: > user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured > Jan 17 11:02:57 elct dovecot: imap-login: Aborted login: > user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured > Jan 17 11:03:03 elct dovecot: imap-login: Aborted login: > user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured > Jan 17 11:10:08 elct dovecot: imap-login: Aborted login: > user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured > Jan 17 11:10:14 elct dovecot: imap-login: Aborted login: > user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured > > > Please help it is urgent. > > -- Best regards, Charles Marcus I.T. Director Media Brokers International, Inc. 678.514.6200 x224 | 678.514.6299 fax From Anton.Aylward at antonaylward.com Wed Sep 21 15:25:27 2011 From: Anton.Aylward at antonaylward.com (Anton Aylward) Date: Wed, 21 Sep 2011 08:25:27 -0400 Subject: [Dovecot] About using Dovecot indexes with Thunderbird/kmail In-Reply-To: <4E79D31C.5030609@Media-Brokers.com> References: <4E78F19B.2070909@antonaylward.com> <4E78F61D.2050601@Media-Brokers.com> <4E7907AE.2040809@antonaylward.com> <4E79D31C.5030609@Media-Brokers.com> Message-ID: <4E79D7B7.7010805@antonaylward.com> Charles Marcus said the following on 09/21/2011 08:05 AM: > On 2011-09-20 5:37 PM, Anton Aylward wrote: >> Charles Marcus said the following on 09/20/2011 04:22 PM: >>> On 2011-09-20 4:03 PM, Anton Aylward wrote: >>>> I wish that Thunderbird would NOT index mail on my laptop, but it does. > >>> So turn it (GLODA) off... > >> Ah >> https://wiki.mozilla.org/Thunderbird:Using_Gloda >> Well it is off, but I still have these index files ... > > You still have *what* index files? There is only one GLODA index file, > and you have to manually delete it after disabling GLODA to make it go > away. It will recreate itself, but it will be tiny, and remain static. global-messages-db.sqlite No, it grows. I speculate it grows as I visit new folders but am still looking into that. >> So perhaps its not index that taking all the space and gets rebuilt when >> T Bird says its downloading the headers and indexing ... > > It will definitely say it is downloading headers, but it shouldn't say > indexing, that is GLODA. I can't say I like that but see its necessity: how else could it display them :-) But looking under ~/.thunderbird/1current/ I'm finding folders for each folder on the server that have the full text of the messages (but not in mbox format), as well as the XML styled header information. Occasionally I find binary blobs that 'strings' shows contain headers. I've deleted them but it doesn't seem to affect TBird. I'll go back and look to see if they get recreated :-( > Do you have it set to download *all* messages? That is the default, and > I *hate* it. NO I DO NOT! I NEVER HAVE AND I NEVER WILL That strikes me as such an obvious space-waster! > I always disable it globally, then set a few select folders to only > download 'on demand' (offline use) (Inbox, Sent, and a few others). Not even that. -- "Television is a medium because it is neither rare nor well done." -- Fred Friendly From tom at elysium.ltd.uk Wed Sep 21 15:50:26 2011 From: tom at elysium.ltd.uk (Tom Clark) Date: Wed, 21 Sep 2011 13:50:26 +0100 Subject: [Dovecot] Shared Namespace Message-ID: <012501cc785d$091fc370$1b5f4a50$@elysium.ltd.uk> Is there anyway of limiting a shared namespace to a domain? E.g. mailbox.com and mailbox2.com are setup with vpopmail. We've got a shared namespace but only want the ability on mailbox.com. Thanks, Tom From lists at necoro.eu Wed Sep 21 22:39:15 2011 From: lists at necoro.eu (=?UTF-8?B?UmVuw6kgTmV1bWFubg==?=) Date: Wed, 21 Sep 2011 21:39:15 +0200 Subject: [Dovecot] Sieve: Vacation, handle and variable In-Reply-To: <4E7989BD.2080206@necoro.eu> References: <4E78F9BD.6090306@necoro.eu> <4E790A46.7020603@necoro.eu> <4E791D3E.1080009@rename-it.nl> <4E7989BD.2080206@necoro.eu> Message-ID: <4E7A3D63.5040109@necoro.eu> Am 21.09.2011 08:52, schrieb Ren? Neumann: > Am 21.09.2011 01:09, schrieb Stephan Bosch: >> >> http://hg.rename-it.nl/dovecot-2.0-pigeonhole/rev/fe6df3425850 >> >> This will be included in the next release. >> >> Regards, >> >> Stephan >> > > Thanks a lot. I'll try it out. > > - Ren? > Ok ... seems to work like a charm :) (that is: pigeonhole-0.2.4 with the above patch applied). Thanks again, Ren? -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From asai at globalchangemusic.org Wed Sep 21 22:56:07 2011 From: asai at globalchangemusic.org (Asai) Date: Wed, 21 Sep 2011 12:56:07 -0700 Subject: [Dovecot] Using Dsync for Incremental Sync Message-ID: <4E7A4157.2080206@globalchangemusic.org> Greetings, We have about 26 GB of email which we're trying to sync nightly to a remote server, but what I just read from a post from Timo awhile back is that it's not possible because dsync relies on message GUIDs which aren't available in the IMAP protocol. It seems that this is still the case, is there anything on the horizon for this to change? -- *Asai* Global Change Multi-Media Internet Application Development IT and Networking Services 520-398-2542 From ar-dovecotlist at acrconsulting.co.uk Thu Sep 22 01:59:28 2011 From: ar-dovecotlist at acrconsulting.co.uk (Andrew Richards) Date: Wed, 21 Sep 2011 23:59:28 +0100 Subject: [Dovecot] Dovecot failing to parse some UTF-8 encoded attachment filenames, returning empty string instead Message-ID: Hi, I'm seeing a strange problem with some attachment filenames that are UTF-8 encoded. The problem seems to be related to spaces and/or unusual characters in filenames, like accented characters (or perhaps just to filenames if UTF-8 encoded; I've not explored that fully). These filenames are shown as empty strings in IMAP using Dovecot. I've attached a sample message that exhibits this problem, trimmed down to fairly bare essentials. By comparison I find that (for example) Courier happily returns the filename (still encoded). Although I suspect the problem lies within Dovecot, it may be an underlying Unicode or other component that's at the root of the problem. I can replicate this by putting the attached message in a mailbox (I'm using Maildir format mailboxes, so I just drop the raw file in Maildir/new and change the ownership of the file to match the mailbox owner). Then a pretend IMAP session to show the problem, $ telnet localhost 143 Trying ::1... Connected to localhost. Escape character is '^]'. * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN] Dovecot ready. 0 login some.one at test.domain password 0 OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS] Logged in 0 select inbox * FLAGS (\Answered \Flagged \Deleted \Seen \Draft) * OK [PERMANENTFLAGS (\Answered \Flagged \Deleted \Seen \Draft \*)] Flags permitted. * 4 EXISTS * 0 RECENT * OK [UNSEEN 1] First unseen. * OK [UIDVALIDITY 1316621730] UIDs valid * OK [UIDNEXT 8] Predicted next UID * OK [HIGHESTMODSEQ 1] Highest 0 OK [READ-WRITE] Select completed. 0 fetch 4 body * 4 FETCH (BODY (("text" "html" ("charset" "iso-8859-15") NIL NIL "base64" 278 5)("application" "octet-stream" ("name" "") NIL NIL "base64" 18) "mixed")) 0 OK Fetch completed. 0 logout * BYE Logging out 0 OK Logout completed. Connection closed by foreign host. $ especially note the ("name" "") part showing a supposedly empty filename. I've observed this behaviour on the following versions of Dovecot, - 1.2.9 on Ubuntu 10.04LTS (pre-compiled version) - 1.2.17 on Fedora 13 (pre-compiled version) - 2.0.15 on Fedora 13 (from source) I don't think the Dovecot configuration is relevant, but I've put it below for good measure for the 2.0.15 setup. Any ideas on what might be causing this? Best regards, Andrew. # dovecot -n # 2.0.15: /usr/local/etc/dovecot/dovecot.conf # OS: Linux 2.6.34.9-69.fc13.i686.PAE i686 Fedora release 13 (Goddard) auth_debug = yes default_login_user = nobody log_path = /var/log/dovecot.log passdb { args = /usr/local/bin/checkcdb driver = checkpassword } protocols = imap pop3 service auth { user = root } service imap-login { inet_listener imap { ssl = no } } service pop3-login { inet_listener pop3 { ssl = no } } ssl = no userdb { driver = prefetch } -------------- next part -------------- A non-text attachment was scrubbed... Name: troublesome-dovecot-message Type: application/octet-stream Size: 971 bytes Desc: not available URL: From tss at iki.fi Thu Sep 22 02:45:32 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 22 Sep 2011 02:45:32 +0300 Subject: [Dovecot] Dovecot failing to parse some UTF-8 encoded attachment filenames, returning empty string instead In-Reply-To: References: Message-ID: On 22.9.2011, at 1.59, Andrew Richards wrote: > I'm seeing a strange problem with some attachment filenames that are > UTF-8 encoded. The problem seems to be related to spaces and/or > unusual characters in filenames, like accented characters (or perhaps > just to filenames if UTF-8 encoded; I've not explored that fully). The problem is that the client sends it wrong: > Content-Type: application/octet-stream; > name==?UTF-8?B?dGhpc19mYWlscy50eHQ=?= > Content-Disposition: attachment; > filename==?UTF-8?B?dGhpc19mYWlscy50eHQ=?= These are both wrong. First of all they are illegal because they have = and ? characters, from RFC 2045: > parameter := attribute "=" value > value := token / quoted-string > token := 1* or tspecials> > tspecials := "(" / ")" / "<" / ">" / "@" / > "," / ";" / ":" / "\" / <"> > "/" / "[" / "]" / "?" / "=" > ; Must be in quoted-string, > ; to use within parameter values Also from RFC 2047 (encoded-word is the =?UTF-8?...?= thing): > + An 'encoded-word' MUST NOT be used in parameter of a MIME > Content-Type or Content-Disposition field, or in any structured > field body except within a 'comment' or 'phrase'. The proper way to do this would be to use RFC 2184, which looks something like this: > Content-Disposition: attachment; > filename*=iso-8859-1''p%E4%E4 Looks like Apple Mail also sends: > Content-Type: application/octet-stream; > name="=?iso-8859-1?Q?p=E4=E4?=" That is inside a quoted-string, so it's not broken, but clients aren't really supposed to decode that string in there either. Anyway .. I'll check tomorrow if I can easily add code to workaround your problem. If it's just a minor change I'll do it. From kuizhang at gmail.com Thu Sep 22 05:28:08 2011 From: kuizhang at gmail.com (Kui Zhang) Date: Wed, 21 Sep 2011 19:28:08 -0700 Subject: [Dovecot] global ACL inheritances Message-ID: Hello I am trying to prevent people from actively delete lazy expunged messages. ACL in following file does not appears to apply to existing or new mailboxes. dovecot/acls/.EXPUNGED/.DEFAULT owner lripk Am I missing something, or is it due to ACL inheritances support? mail_plugins = acl plugin { ... acl = vfile:/etc/dovecot/acls ... } Thank KuiZ From dovecot at knutejohnson.com Thu Sep 22 05:54:01 2011 From: dovecot at knutejohnson.com (Knute Johnson) Date: Wed, 21 Sep 2011 19:54:01 -0700 Subject: [Dovecot] Help restoring imap mail Message-ID: <4E7AA349.2080202@knutejohnson.com> My mailserver blew up today with a power hit. I've created a new server and have dovecot running and I want to restore my mail. I have a copy of the file that was in /var/mail. I set the new dovecot config up the same as the old one and copied the mail file over. I can see the INBOX mail but none of the rest of it. I'm running 1.2.15 under Ubuntu server 11.04. I'm using Thunderbird as my client running on XP. Any help would be greatly appreciated. Thanks, -- Knute Johnson From dovecot at knutejohnson.com Thu Sep 22 06:14:35 2011 From: dovecot at knutejohnson.com (Knute Johnson) Date: Wed, 21 Sep 2011 20:14:35 -0700 Subject: [Dovecot] Restoring mail Message-ID: <4E7AA81B.4000407@knutejohnson.com> I solved it myself, I forgot about the folders in the /home/user/mail directory. So kindly disregard my panicky message from before. -- Knute Johnson From Juergen.Obermann at hrz.uni-giessen.de Thu Sep 22 12:52:23 2011 From: Juergen.Obermann at hrz.uni-giessen.de (=?iso-8859-1?b?SvxyZ2Vu?= Obermann) Date: Thu, 22 Sep 2011 11:52:23 +0200 Subject: [Dovecot] doveadm mailbox list shows file system directories as mailboxes Message-ID: <20110922115223.73054v8up83ej0wg@webmail.hrz.uni-giessen.de> Hello. In our dovecvot we use mbox format with the default filesystem layout. Therefore it is not possible to have mailboxes which are subfolders of other mailboxes containing messages. The command "doveadm mailbox list" includes the file system directories, that contain only subfolders, as normal mailboxes in the output: archiv archiv/daemon archiv/dovecot Did I miss something in the dovecot configuration or is there a bug in the command "doveadm mailbox list"? # 2.0.13: /opt/local/etc/dovecot/dovecot.conf # OS: SunOS 5.10 sun4v auth_verbose = yes disable_plaintext_auth = no listen = imap.hrz.uni-giessen.de localhost mail_fsync = always mail_location = mbox:~/Mail:INBOX=/var/mail/%u mail_nfs_index = yes mail_nfs_storage = yes mail_plugins = mail_log notify managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date mmap_disable = yes namespace { inbox = yes location = prefix = separator = / type = private } namespace { hidden = yes list = no location = prefix = Mail/ separator = / subscriptions = yes type = private } Thanks, J?rgen -- Hochschulrechenzentrum der | Mail: Juergen.Obermann at hrz.uni-giessen.de Justus-Liebig-Universitaet | WWW: http://www.uni-giessen.de/obermann/ Heinrich-Buff-Ring 44 | Tel: 0641-99-13054 (0641-99-13001) D-35392 Giessen, Germany | Fax: 0641-99-13009 From tss at iki.fi Thu Sep 22 13:11:00 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 22 Sep 2011 13:11:00 +0300 Subject: [Dovecot] Dovecot failing to parse some UTF-8 encoded attachment filenames, returning empty string instead In-Reply-To: References: Message-ID: <1316686260.26085.6.camel@hurina> On Thu, 2011-09-22 at 02:45 +0300, Timo Sirainen wrote: > Anyway .. I'll check tomorrow if I can easily add code to workaround your problem. If it's just a minor change I'll do it. http://hg.dovecot.org/dovecot-2.0/rev/dc9028da338b From Lutz.Pressler at SerNet.DE Thu Sep 22 14:24:34 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Thu, 22 Sep 2011 13:24:34 +0200 Subject: [Dovecot] fts-lucene vs SEARCH header Re: 2.1: problems compiling fts-lucene - CLucene git version necessary? In-Reply-To: <20110920071245.GA3617217@gabi.sernet.de> References: <7C9B9C67-A1FD-472B-8514-BC54F1B01D00@iki.fi> <1316446540.12936.114.camel@hurina> <20110920071245.GA3617217@gabi.sernet.de> Message-ID: On Tue, 20 Sep 2011, Lutz Pre?ler wrote: > On Mo, 19 Sep 2011, Timo Sirainen wrote: > > > On Sun, 2011-09-18 at 13:27 +0200, Lutz Pre?ler wrote: > > > Hello, > > > On So, 11 Sep 2011, Timo Sirainen wrote: > > > dovecot: imap(...): Error: fts_lucene: default_language set, but Dovecot built without stemmer support > > > > Fixed: http://hg.dovecot.org/dovecot-2.1/rev/02c84406c661 > Without stemmer support it works nicely now though. Next problem :-) side effect: my test setup (some commits ago) with fts = lucene in plugin section (ftps_lucene plugin without stemmer support): SEARCH header is not working (empty result sets, no logging). Tested in different circumstances (and also happening with virtual folders). Simply disable fts option (while module is still loaded) or use fts=sqat to have header search working correctly again. Lutz From ar-dovecotlist at acrconsulting.co.uk Thu Sep 22 14:31:40 2011 From: ar-dovecotlist at acrconsulting.co.uk (Andrew Richards) Date: 22 Sep 2011 12:31:40 +0100 Subject: [Dovecot] Dovecot failing to parse some UTF-8 encoded attachment filenames, returning empty string instead In-Reply-To: References: Message-ID: <201109221231.40494.ar-dovecotlist@acrconsulting.co.uk> On Thursday 22 September 2011 00:45:32 Timo Sirainen wrote: > On 22.9.2011, at 1.59, Andrew Richards wrote: > > I'm seeing a strange problem with some attachment filenames that are > > UTF-8 encoded. The problem seems to be related to spaces and/or > > unusual characters in filenames, like accented characters (or perhaps > > just to filenames if UTF-8 encoded; I've not explored that fully). > > The problem is that the client sends it wrong: > > Content-Type: application/octet-stream; > > name==?UTF-8?B?dGhpc19mYWlscy50eHQ=?= > > Content-Disposition: attachment; > > filename==?UTF-8?B?dGhpc19mYWlscy50eHQ=?= > > These are both wrong. First of all they are illegal because they have = and ? characters, from RFC 2045: > ...snip... > Also from RFC 2047 (encoded-word is the =?UTF-8?...?= thing): > > + An 'encoded-word' MUST NOT be used in parameter of a MIME > > Content-Type or Content-Disposition field, or in any structured > > field body except within a 'comment' or 'phrase'. > ...snip... > Anyway .. I'll check tomorrow if I can easily add code to workaround your > problem. If it's just a minor change I'll do it. Wow - a very thorough response only 45 minutes after I'd posted the question, and in your follow up message you've already provided a suggested fix - a huge thank you! So in summary it's a "Garbage in -> Garbage out" issue... This also explains why I'm only getting this issue with one client after a Courier->Dovecot migration. I'll research which mail client program(s) are generating the faulty messages for completeness for this thread. I expect to test the fix later today or tomorrow, I'll update the thread accordingly when I've done so. Best regards, Andrew. From Lutz.Pressler at SerNet.DE Thu Sep 22 14:35:37 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Thu, 22 Sep 2011 13:35:37 +0200 Subject: [Dovecot] (2.1 recent:) fts_decoder Message-ID: Hello again, test setup as in previous messages. With fts = lucene, I enabled the adapted decode2text.sh (at least I tried...) as suggested in the comment section. On dovecot-start /var/run/dovecot/decode2text socket is created with sufficiant permissions (rw for anybody), but decode2text.sh is not started (it's rx for anybody). When creating lucene indexes, I cannot see it executed either (and no attachment-only content is findable afterwards). No errors with mail_debug - if I change fts_decoder to a nonexistant value, that's logged. Lutz From tss at iki.fi Thu Sep 22 14:53:17 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 22 Sep 2011 14:53:17 +0300 Subject: [Dovecot] Webmail architecture : questions about cache and storage backend In-Reply-To: <2f02a9d98f83399faa4c502fb9ef13ee@smartmobili.com> References: <2f02a9d98f83399faa4c502fb9ef13ee@smartmobili.com> Message-ID: <1316692397.21919.14.camel@hurina> On Wed, 2011-09-21 at 14:04 +0200, forumer at smartmobili.com wrote: > 1) Do not use a cache and rely on dovecot performance to retrieve > email's header in real time. > Actually don't know if it's that simple because we might need to > have a transformed version > of emails to be able to display them more easily in the webmail. In > this case this option is > not really possible. I'm not really sure what you mean by this. Dovecot can cache individual headers and make fetching them fast. > 2) Use new dovecot-2.1 imap backend and develop a kind of dummy imap > server listening to a custom port > and storing emails inside a mongoDB database. Advantage is it allow > replication very easily. I suppose that would be the easiest way to do it currently. But note that you can't get all of Dovecot's features to work through imapc backend. Especially the concept of message and mailbox GUIDs doesn't exist in IMAP protocol (some kind of a new X-DOVECOT extension could be added for those of course). Also implementing a bug-free IMAP server may not be as easy as you think, even though Dovecot uses only a small subset of IMAP commands. Be sure to stress test Dovecot using imaptest: http://imapwiki.org/ImapTest (I've noticed this week that Exchange totally screws up its internal IMAP state when stress testing.) > 3) Wait for dovecot2.x to implement a NoSQL storage. Will it happen > soon ? I hope so! :) But I can't really say when.. My priorities currently are: 1. Do whatever paying customers want (not that much currently) 2. Finish v2.1.0 (still quite a lot of small things to do) 3. Create v2.2 branch where lib-storage API is changed to support more asynchronous lookups, and modify imapc backend to use those (= support handling commands in parallel) 4. Probably change dbox code to use lib-fs, or maybe create a new backend using lib-fs 5. Implement NoSQL backend for lib-fs Actually 3 isn't really necessary for 4-5, but it improves the performance. From tss at iki.fi Thu Sep 22 16:41:19 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 22 Sep 2011 16:41:19 +0300 Subject: [Dovecot] Shared Namespace In-Reply-To: <012501cc785d$091fc370$1b5f4a50$@elysium.ltd.uk> References: <012501cc785d$091fc370$1b5f4a50$@elysium.ltd.uk> Message-ID: <695E7576-B3CD-4C31-BF9B-A8A2A810A270@iki.fi> On 21.9.2011, at 15.50, Tom Clark wrote: > Is there anyway of limiting a shared namespace to a domain? E.g. mailbox.com > and mailbox2.com are setup with vpopmail. We've got a shared namespace but > only want the ability on mailbox.com. Basically use %d instead of %%d in configuration. The client can't change it then. From tss at iki.fi Thu Sep 22 16:45:02 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 22 Sep 2011 16:45:02 +0300 Subject: [Dovecot] Trouble getting lda to gzip incomming mails (zlib plugin) In-Reply-To: <20110920135808.GB28582@monsternett.no> References: <20110920135808.GB28582@monsternett.no> Message-ID: On 20.9.2011, at 16.58, Helge Milde wrote: > plugin { > zlib_save_level = 6 > zlib_save = gz These are enough. You don't mention your Dovecot version. My guess is that your Dovecot version is too old and doesn't support saving mails with zlib. From tss at iki.fi Thu Sep 22 16:46:37 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 22 Sep 2011 16:46:37 +0300 Subject: [Dovecot] IMAP delete logs In-Reply-To: References: Message-ID: <9D9B4D05-DD78-4EFC-A473-CD3BBB7A88E9@iki.fi> On 21.9.2011, at 8.59, James isolder wrote: > Since enabling the mail_plugins = mail_log. I now get an error. Is there > anything else I need to check adn how I can put the dovecot into debug mode so > I can get more info about where it is failing. > > dovecot not running? (check /var/run/dovecot//master.pid). > Starting dovecot. > Error: imap dump-capability process returned 1 > Fkevent(EV_ADD, 0) failed: Operation not supported by device I don't really know why it's doing this, but the solutions are either a) Upgrade to v2.0. There's no more dump-capability or b) Set imap_capability setting explicitly so it doesn't dump capability. From tss at iki.fi Thu Sep 22 16:48:33 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 22 Sep 2011 16:48:33 +0300 Subject: [Dovecot] mail_max_userip_connections=10 In-Reply-To: <002d01cc76a5$ff88f970$fe9aec50$@elysium.ltd.uk> References: <002d01cc76a5$ff88f970$fe9aec50$@elysium.ltd.uk> Message-ID: <2ED64BFB-87F1-40B2-A489-226031A4633C@iki.fi> On 19.9.2011, at 11.27, Tom Clark wrote: > Is there anyway of whitelisting an IP so that it can ignore > mail_max_userip_connections=10? With v2.0 in theory: remote 1.2.3.4 { mail_max_userip_connections = 0 } I don't know if it actually works. > What should we set mail_max_userip_connections too realistically? 10 seems a > bit low? It's 10 because I thought it would be enough :) From andreas at kado-web.de Thu Sep 22 16:48:58 2011 From: andreas at kado-web.de (Andreas Cieslak) Date: Thu, 22 Sep 2011 15:48:58 +0200 Subject: [Dovecot] Create userdir on dovecot login Message-ID: <0LjODj-1Re8SF1oWF-00d1Yx@mrelayeu.kundenserver.de> Hi List, I am trying to set up automated userdir-creation on login via squirrelmail or email-client with a dovecot backend. The users are first imported on an openldap directory on the same server as the dovecot runs on. Authentication on the dovecot mail system via pam_ldap works properly. Tried already to integrate some advices from the dovecot wiki like Passdb { Driver = pam args = session=yes dovecot } But the homedir creation works only when the user logs onto the machine. When I try to log in via Squirrel on the dovecot no homedir is created and there is following message in the logs: auth: Error: pam(cieslak,193.175.157.121): pam_open_session() failed: Permission denied I think its something about the user rights, but dont really know where to search for the needle Here is the config of my environment root at server:/home# dovecot -n # 2.0.13: /usr/local/etc/dovecot/dovecot.conf # OS: Linux 2.6.32-5-686 i686 Debian 6.0.2 auth_debug = yes auth_mechanisms = login plain auth_verbose = yes first_valid_uid = 1000 hostname = server info_log_path = /var/log/dovecot-info last_valid_uid = 10000 listen = * log_path = /var/log/dovecot mail_access_groups = mail mail_debug = yes mail_full_filesystem_access = yes mail_location = maildir:~/Maildir mbox_write_locks = fcntl passdb { args = session=yes dovecot driver = pam } postmaster_address = mailaddress service auth-worker { group = shadow user = $default_internal_user } service auth { user = $default_internal_user } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } process_min_avail = 0 service_count = 0 vsz_limit = 256 M } service lmtp { unix_listener lmtp { mode = 0666 } } service pop3-login { inet_listener pop3s { port = 995 ssl = yes } } ssl_ca = References: <012501cc785d$091fc370$1b5f4a50$@elysium.ltd.uk> <695E7576-B3CD-4C31-BF9B-A8A2A810A270@iki.fi> Message-ID: <00be01cc792e$8fef1a50$afcd4ef0$@elysium.ltd.uk> Hi Timo, I'm using %d which is working great. However, mailbox2.com can still create shared folders. We just wanted to limit the ability to create shared folders only to mailbox.com Tom -----Original Message----- From: Timo Sirainen [mailto:tss at iki.fi] Sent: 22 September 2011 2:41 PM To: Tom Clark Cc: dovecot at dovecot.org Subject: Re: [Dovecot] Shared Namespace On 21.9.2011, at 15.50, Tom Clark wrote: > Is there anyway of limiting a shared namespace to a domain? E.g. > mailbox.com and mailbox2.com are setup with vpopmail. We've got a > shared namespace but only want the ability on mailbox.com. Basically use %d instead of %%d in configuration. The client can't change it then. From tom at elysium.ltd.uk Thu Sep 22 16:51:16 2011 From: tom at elysium.ltd.uk (Tom Clark) Date: Thu, 22 Sep 2011 14:51:16 +0100 Subject: [Dovecot] mail_max_userip_connections=10 In-Reply-To: <2ED64BFB-87F1-40B2-A489-226031A4633C@iki.fi> References: <002d01cc76a5$ff88f970$fe9aec50$@elysium.ltd.uk> <2ED64BFB-87F1-40B2-A489-226031A4633C@iki.fi> Message-ID: <00c001cc792e$b34546a0$19cfd3e0$@elysium.ltd.uk> Thanks Timo. I've been doing some investigation. Apart from K9 being fundamentally broken 10 is fine! I'll try the remote fix. -----Original Message----- From: Timo Sirainen [mailto:tss at iki.fi] Sent: 22 September 2011 2:49 PM To: Tom Clark Cc: dovecot at dovecot.org Subject: Re: [Dovecot] mail_max_userip_connections=10 On 19.9.2011, at 11.27, Tom Clark wrote: > Is there anyway of whitelisting an IP so that it can ignore > mail_max_userip_connections=10? With v2.0 in theory: remote 1.2.3.4 { mail_max_userip_connections = 0 } I don't know if it actually works. > What should we set mail_max_userip_connections too realistically? 10 > seems a bit low? It's 10 because I thought it would be enough :) From tss at iki.fi Thu Sep 22 16:55:06 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 22 Sep 2011 16:55:06 +0300 Subject: [Dovecot] Shared Namespace In-Reply-To: <00be01cc792e$8fef1a50$afcd4ef0$@elysium.ltd.uk> References: <012501cc785d$091fc370$1b5f4a50$@elysium.ltd.uk> <695E7576-B3CD-4C31-BF9B-A8A2A810A270@iki.fi> <00be01cc792e$8fef1a50$afcd4ef0$@elysium.ltd.uk> Message-ID: <20828CC2-E90E-4D8D-90CB-001031AC44D2@iki.fi> By "create shared folders" I guess you basically mean "be able to use SETACL command", which you could do by limiting imap_acl plugin to be loaded only to mailbox.com domain. How to do this depends on your userdb and Dovecot version (with v2.0.14 you can just add mail_plugins+=imap_acl userdb extra field). On 22.9.2011, at 16.50, Tom Clark wrote: > Hi Timo, > > I'm using %d which is working great. However, mailbox2.com can still create > shared folders. We just wanted to limit the ability to create shared folders > only to mailbox.com > > Tom > > -----Original Message----- > From: Timo Sirainen [mailto:tss at iki.fi] > Sent: 22 September 2011 2:41 PM > To: Tom Clark > Cc: dovecot at dovecot.org > Subject: Re: [Dovecot] Shared Namespace > > On 21.9.2011, at 15.50, Tom Clark wrote: > >> Is there anyway of limiting a shared namespace to a domain? E.g. >> mailbox.com and mailbox2.com are setup with vpopmail. We've got a >> shared namespace but only want the ability on mailbox.com. > > Basically use %d instead of %%d in configuration. The client can't change it > then. > > From helge at monsternett.no Thu Sep 22 16:55:25 2011 From: helge at monsternett.no (Helge Milde) Date: Thu, 22 Sep 2011 15:55:25 +0200 Subject: [Dovecot] Trouble getting lda to gzip incomming mails (zlib plugin) In-Reply-To: References: <20110920135808.GB28582@monsternett.no> Message-ID: <20110922135524.GA2394@monsternett.no> My bad, you are correct. "v2.0+" slipped by my eyes when reading your v1.x documentation at http://wiki.dovecot.org/Plugins/Zlib. On Thu, Sep 22, 2011 at 04:45:02PM +0300, Timo Sirainen wrote: >On 20.9.2011, at 16.58, Helge Milde wrote: > >> plugin { >> zlib_save_level = 6 >> zlib_save = gz > >These are enough. You don't mention your Dovecot version. My guess is that your Dovecot version is too old and doesn't support saving mails with zlib. > -- Helge Milde, 69701808 www.monsternett.no From tom at elysium.ltd.uk Thu Sep 22 17:01:25 2011 From: tom at elysium.ltd.uk (Tom Clark) Date: Thu, 22 Sep 2011 15:01:25 +0100 Subject: [Dovecot] Shared Namespace In-Reply-To: <20828CC2-E90E-4D8D-90CB-001031AC44D2@iki.fi> References: <012501cc785d$091fc370$1b5f4a50$@elysium.ltd.uk> <695E7576-B3CD-4C31-BF9B-A8A2A810A270@iki.fi> <00be01cc792e$8fef1a50$afcd4ef0$@elysium.ltd.uk> <20828CC2-E90E-4D8D-90CB-001031AC44D2@iki.fi> Message-ID: <00d501cc7930$1de7bfa0$59b73ee0$@elysium.ltd.uk> Hi Timo, Ok great. I'll look into doing that then! Thanks, Tom -----Original Message----- From: Timo Sirainen [mailto:tss at iki.fi] Sent: 22 September 2011 2:55 PM To: Tom Clark Cc: dovecot at dovecot.org Subject: Re: [Dovecot] Shared Namespace By "create shared folders" I guess you basically mean "be able to use SETACL command", which you could do by limiting imap_acl plugin to be loaded only to mailbox.com domain. How to do this depends on your userdb and Dovecot version (with v2.0.14 you can just add mail_plugins+=imap_acl userdb extra field). On 22.9.2011, at 16.50, Tom Clark wrote: > Hi Timo, > > I'm using %d which is working great. However, mailbox2.com can still > create shared folders. We just wanted to limit the ability to create > shared folders only to mailbox.com > > Tom > > -----Original Message----- > From: Timo Sirainen [mailto:tss at iki.fi] > Sent: 22 September 2011 2:41 PM > To: Tom Clark > Cc: dovecot at dovecot.org > Subject: Re: [Dovecot] Shared Namespace > > On 21.9.2011, at 15.50, Tom Clark wrote: > >> Is there anyway of limiting a shared namespace to a domain? E.g. >> mailbox.com and mailbox2.com are setup with vpopmail. We've got a >> shared namespace but only want the ability on mailbox.com. > > Basically use %d instead of %%d in configuration. The client can't > change it then. > > From baartman at lin12.triumf.ca Mon Sep 19 20:05:47 2011 From: baartman at lin12.triumf.ca (Rick Baartman) Date: Mon, 19 Sep 2011 10:05:47 -0700 Subject: [Dovecot] 64.31.19.48 attempt to break into my computer Message-ID: <201109191705.p8JH5las016087@lin12.triumf.ca> >From my secure log: Sep 19 01:16:44 lin12 dovecot-auth: pam_unix(dovecot:auth): check pass; user unknown Sep 19 01:16:44 lin12 dovecot-auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser= rhost=::ffff:64.31.19.48 Sep 19 01:16:44 lin12 dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user aaron Sep 19 01:16:45 lin12 dovecot-auth: pam_unix(dovecot:auth): check pass; user unknown Sep 19 01:16:45 lin12 dovecot-auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser= rhost=::ffff:64.31.19.48 Sep 19 01:16:45 lin12 dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user abby etc. Literally, 30,000 user names attempted. -- rick baartman TRIUMF 4004 Wesbrook Mall Vancouver, BC V6T2A3 From andreas at kado-web.de Thu Sep 22 16:41:25 2011 From: andreas at kado-web.de (Andreas Cieslak) Date: Thu, 22 Sep 2011 15:41:25 +0200 Subject: [Dovecot] Create userdir on dovecot login Message-ID: <0M1dC2-1RLmLB2SUc-00t7Te@mrelayeu.kundenserver.de> Hi List, I am trying to set up automated userdir-creation on login via squirrelmail or email-client with a dovecot backend. The users are first imported on an openldap directory on the same server as the dovecot runs on. Authentication on the dovecot mail system via pam_ldap works properly. Tried already to integrate some advices from the dovecot wiki like Passdb { Driver = pam args = session=yes dovecot } But the homedir creation works only when the user logs onto the machine. When I try to log in via Squirrel on the dovecot no homedir is created and there is following message in the logs: auth: Error: pam(cieslak,193.175.157.121): pam_open_session() failed: Permission denied I think its something about the user rights, but dont really know where to search for the needle Here is the config of my environment root at server:/home# dovecot -n # 2.0.13: /usr/local/etc/dovecot/dovecot.conf # OS: Linux 2.6.32-5-686 i686 Debian 6.0.2 auth_debug = yes auth_mechanisms = login plain auth_verbose = yes first_valid_uid = 1000 hostname = server info_log_path = /var/log/dovecot-info last_valid_uid = 10000 listen = * log_path = /var/log/dovecot mail_access_groups = mail mail_debug = yes mail_full_filesystem_access = yes mail_location = maildir:~/Maildir mbox_write_locks = fcntl passdb { args = session=yes dovecot driver = pam } postmaster_address = mailaddress service auth-worker { group = shadow user = $default_internal_user } service auth { user = $default_internal_user } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } process_min_avail = 0 service_count = 0 vsz_limit = 256 M } service lmtp { unix_listener lmtp { mode = 0666 } } service pop3-login { inet_listener pop3s { port = 995 ssl = yes } } ssl_ca = References: <201109191705.p8JH5las016087@lin12.triumf.ca> Message-ID: <4E7B4148.2090902@Media-Brokers.com> On 2011-09-19 1:05 PM, Rick Baartman wrote: > From my secure log: > > Sep 19 01:16:44 lin12 dovecot-auth: pam_unix(dovecot:auth): check pass; user unknown > Sep 19 01:16:44 lin12 dovecot-auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser= rhost=::ffff:64.31.19.48 > Sep 19 01:16:44 lin12 dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user aaron > Sep 19 01:16:45 lin12 dovecot-auth: pam_unix(dovecot:auth): check pass; user unknown > Sep 19 01:16:45 lin12 dovecot-auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser= rhost=::ffff:64.31.19.48 > Sep 19 01:16:45 lin12 dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user abby > > etc. Literally, 30,000 user names attempted. Dictionaryt attacks are quite common, nothing new here... fail2ban is what I use, would have killed this one (since it's from the same IP) almost immediately... It doesn't work so well with sophisticated bots that can change IPs at will, but the secondary method of locking out an account after X number of failed auth attempts will eliminate the risk of a focused attack on a single account, so as long as you are using strong passwords, your system is secure (from these kinds of attacks, at least). The only attack I haven't figured out how to eliminate is the social/phishing attack, where $DumbUser gives out their username password voluntarily... although I have been considering faking a phishing attack on my own users, and flagging the ones who fall for it for training. -- Best regards, Charles From Ralf.Hildebrandt at charite.de Thu Sep 22 17:12:36 2011 From: Ralf.Hildebrandt at charite.de (Ralf Hildebrandt) Date: Thu, 22 Sep 2011 16:12:36 +0200 Subject: [Dovecot] 64.31.19.48 attempt to break into my computer In-Reply-To: <201109191705.p8JH5las016087@lin12.triumf.ca> References: <201109191705.p8JH5las016087@lin12.triumf.ca> Message-ID: <20110922141236.GO18064@charite.de> * Rick Baartman : > From my secure log: > > Sep 19 01:16:44 lin12 dovecot-auth: pam_unix(dovecot:auth): check pass; user unknown > Sep 19 01:16:44 lin12 dovecot-auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser= rhost=::ffff:64.31.19.48 > Sep 19 01:16:44 lin12 dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user aaron > Sep 19 01:16:45 lin12 dovecot-auth: pam_unix(dovecot:auth): check pass; user unknown > Sep 19 01:16:45 lin12 dovecot-auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser= rhost=::ffff:64.31.19.48 > Sep 19 01:16:45 lin12 dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user abby > > etc. Literally, 30,000 user names attempted. And? Any success? -- Ralf Hildebrandt Gesch?ftsbereich IT | Abteilung Netzwerk Charit? - Universit?tsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebrandt at charite.de | http://www.charite.de From john.alexander at preachain.org Thu Sep 22 17:13:43 2011 From: john.alexander at preachain.org (John Alexander) Date: Thu, 22 Sep 2011 07:13:43 -0700 Subject: [Dovecot] 64.31.19.48 attempt to break into my computer In-Reply-To: <201109191705.p8JH5las016087@lin12.triumf.ca> References: <201109191705.p8JH5las016087@lin12.triumf.ca> Message-ID: <20110922141258.M23185@preachain.org> Fail2Ban is an excellent tool to deal with this sort of thing. On Mon, 19 Sep 2011 10:05:47 -0700, Rick Baartman wrote > >From my secure log: > > Sep 19 01:16:44 lin12 dovecot-auth: pam_unix(dovecot:auth): check > pass; user unknown > Sep 19 01:16:44 lin12 dovecot-auth: pam_unix(dovecot:auth): > authentication failure; logname= uid=0 euid=0 tty=dovecot ruser= > rhost=::ffff:64.31.19.48 > Sep 19 01:16:44 lin12 dovecot-auth: pam_succeed_if(dovecot:auth): > error retrieving information about user aaron > Sep 19 01:16:45 lin12 dovecot-auth: pam_unix(dovecot:auth): check > pass; user unknown > Sep 19 01:16:45 lin12 dovecot-auth: pam_unix(dovecot:auth): > authentication failure; logname= uid=0 euid=0 tty=dovecot ruser= > rhost=::ffff:64.31.19.48 > Sep 19 01:16:45 lin12 dovecot-auth: pam_succeed_if(dovecot:auth): > error retrieving information about user abby > > etc. Literally, 30,000 user names attempted. > -- > rick baartman > > TRIUMF > 4004 Wesbrook Mall > Vancouver, BC > V6T2A3 ------------------------------------ I've stopped trying to catch up, I'm just trying to limit the rate at which I'm falling behind John Alexander From tomislav.mihalicek at gmail.com Thu Sep 22 17:16:59 2011 From: tomislav.mihalicek at gmail.com (Tomislav Mihalicek) Date: Thu, 22 Sep 2011 07:16:59 -0700 (PDT) Subject: [Dovecot] Dovecot 1.2, problem with SQL quota and mail aliases In-Reply-To: References: Message-ID: <32503821.post@talk.nabble.com> I have the same problem but with LDAP, how to fix this on LDAP backed? scope = subtree deref = never pass_attrs = userPassword=password base = ou=accounts,dc=globalnet,dc=hr user_filter = (&(|(objectClass=qmailUser)(objectClass=mailUser))(accountService=mail)(accountService=%Ls%Lc)(|(mail=%u)(mailAlternateAddress=%u))) pass_filter = (&(|(objectClass=qmailUser)(objectClass=mailUser))(accountService=mail)(accountService=%Ls%Lc)(|(mail=%u)(mailAlternateAddress=%u))) pass_attrs = userPassword=password default_pass_scheme = MD5 user_attrs = homeDirectory=home,mailQuotaSize=quota_rule=*:bytes=%$ Jacek Osiecki wrote: > > Hello, > > I have a small server running dovecot 1.2 (still not balsy enough to > switch to 2.0 - virtual sql accounts, managesieve etc.). There are no > local users - only ones defined in the SQL database, and everything else > (including quota) is defined in SQL db too. Dovecot is used as IMAP > daemon, and dovecot-lda is responsible for delivery (in order to make use > of sieve and managesieve). I know that my configuration might be a bit > ancient, but this is not referring to any bug (at least I think so) and > rather to errors I've made in configuration. > > Several users have reported, that they are running out of quota even > though their mailboxes are empty. I thought these were some single cases, > but recently I discovered that this situation occurs when: > - user john at domain.com has a mail alias, eg. john.smith at domain.com > - he logs in to the imap account (using MUA or webmail) using his alias > (john.smith at domain.com). > > In effect, all incoming emails for john at domain.com are increasing the > counters (both "bytes" and "messages"), but since user logs in using > john.smith at domain.com - anything he deletes from the mailbox decreases > the records for john.smith at domain.com. Finally, John has two records: > > +---------------------------+-----------+----------+ > | username | bytes | messages | > +---------------------------+-----------+----------+ > | john.smith at domain.com | -5488133 | -13 | > | john at domain.com | 341411029 | 1111 | > +---------------------------+-----------+----------+ > > The record for john at domain.com finaly reaches the quota limit - and even > removing all emails does not help. > > My /etc/dovecot/dovecot-dict-quota.conf looks like this: > > map { > pattern = priv/quota/storage > table = quota > username_field = username > value_field = bytes > } > map { > pattern = priv/quota/messages > table = quota > username_field = username > value_field = messages > } > > And my question is: what is used as "username"? Always the username given > wher user logs in? Is there a way to provide some dictionary to translate > all aliases to the real username? > > Best regards, > -- > Jacek Osiecki joshua at ceti.pl GG:3828944 > I don't want something I need. I want something I want. > > -- View this message in context: http://old.nabble.com/Dovecot-1.2%2C-problem-with-SQL-quota-and-mail-aliases-tp30949509p32503821.html Sent from the Dovecot mailing list archive at Nabble.com. From dovecot at lists.grepular.com Thu Sep 22 17:17:31 2011 From: dovecot at lists.grepular.com (Mike Cardwell) Date: Thu, 22 Sep 2011 15:17:31 +0100 Subject: [Dovecot] 64.31.19.48 attempt to break into my computer In-Reply-To: <4E7B4148.2090902@Media-Brokers.com> References: <201109191705.p8JH5las016087@lin12.triumf.ca> <4E7B4148.2090902@Media-Brokers.com> Message-ID: <4E7B437B.9030600@lists.grepular.com> On 22/09/11 15:08, Charles Marcus wrote: > The only attack I haven't figured out how to eliminate is the > social/phishing attack, where $DumbUser gives out their username > password voluntarily... although I have been considering faking a > phishing attack on my own users, and flagging the ones who fall for it > for training. The University I work at was suffering from this a *lot*. Phishers kept contacting our users pretending to be from our IT helpdesk asking users to reply with their login details so that their mailbox could be refreshed or so their quota could be fixed and other such things. So I developed an application that sits on our outgoing mail routers looking for login credentials inside emails. If it finds any, it blackholes the email and sends an autoresponse to the sender telling them to never ever send login details via email under any circumstances. It Cc's me in too, and it catches people emailing their logins around on a *daily* basis. Our usernames follow a very strict format, and we have a pretty strict password policy so what my program does is pull out a list of all the *possible* usernames and passwords and then attempts to authenticate against our AD using them. I built it into a framework so other people can use it: http://kochi.lboro.ac.uk/kochi1.html You need to know how to write Perl though in order to use it. It's not plug and play. We also added ratelimiting to our outgoing mail, and a system which alerts us whenever anyone hits the limit. If it takes a phisher 2000 spams to get access to one account, but that one account only allows the phisher to send 1000 spams, then it completely destroys the point of what they're doing. -- Mike Cardwell https://grepular.com/ https://twitter.com/mickeyc Professional http://cardwellit.com/ http://linkedin.com/in/mikecardwell PGP.mit.edu 0018461F/35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 455 bytes Desc: OpenPGP digital signature URL: From nighoo at googlemail.com Thu Sep 22 17:18:23 2011 From: nighoo at googlemail.com (Nighoo) Date: Thu, 22 Sep 2011 16:18:23 +0200 Subject: [Dovecot] 64.31.19.48 attempt to break into my computer In-Reply-To: <201109191705.p8JH5las016087@lin12.triumf.ca> References: <201109191705.p8JH5las016087@lin12.triumf.ca> Message-ID: <4E7B43AF.80203@gmail.com> Am 19.09.2011 19:05, schrieb Rick Baartman: > From my secure log: > > Sep 19 01:16:44 lin12 dovecot-auth: pam_unix(dovecot:auth): check pass; user unknown > Sep 19 01:16:44 lin12 dovecot-auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser= rhost=::ffff:64.31.19.48 > Sep 19 01:16:44 lin12 dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user aaron > Sep 19 01:16:45 lin12 dovecot-auth: pam_unix(dovecot:auth): check pass; user unknown > Sep 19 01:16:45 lin12 dovecot-auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser= rhost=::ffff:64.31.19.48 > Sep 19 01:16:45 lin12 dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user abby > > etc. Literally, 30,000 user names attempted. I can advice you to use Fail2Ban. This will block that Ip-Adresse after a customizable number of failed logins. In addition you can `whois` this ip adresse and send an email to his abuse at provider. From Ralf.Hildebrandt at charite.de Thu Sep 22 17:21:52 2011 From: Ralf.Hildebrandt at charite.de (Ralf Hildebrandt) Date: Thu, 22 Sep 2011 16:21:52 +0200 Subject: [Dovecot] 64.31.19.48 attempt to break into my computer In-Reply-To: <4E7B437B.9030600@lists.grepular.com> References: <201109191705.p8JH5las016087@lin12.triumf.ca> <4E7B4148.2090902@Media-Brokers.com> <4E7B437B.9030600@lists.grepular.com> Message-ID: <20110922142152.GQ18064@charite.de> * Mike Cardwell : > The University I work at was suffering from this a *lot*. Phishers kept > contacting our users pretending to be from our IT helpdesk asking users > to reply with their login details so that their mailbox could be > refreshed or so their quota could be fixed and other such things. Same here. > So I developed an application that sits on our outgoing mail routers > looking for login credentials inside emails. If it finds any, it > blackholes the email and sends an autoresponse to the sender telling > them to never ever send login details via email under any circumstances. > It Cc's me in too, and it catches people emailing their logins around on > a *daily* basis. clamav is supposed to be capable of that functionality > Our usernames follow a very strict format, and we have a pretty strict > password policy so what my program does is pull out a list of all the > *possible* usernames and passwords and then attempts to authenticate > against our AD using them. Ah! That's a nice idea. -- Ralf Hildebrandt Gesch?ftsbereich IT | Abteilung Netzwerk Charit? - Universit?tsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebrandt at charite.de | http://www.charite.de From dovecot at lists.grepular.com Thu Sep 22 17:27:25 2011 From: dovecot at lists.grepular.com (Mike Cardwell) Date: Thu, 22 Sep 2011 15:27:25 +0100 Subject: [Dovecot] 64.31.19.48 attempt to break into my computer In-Reply-To: <20110922142152.GQ18064@charite.de> References: <201109191705.p8JH5las016087@lin12.triumf.ca> <4E7B4148.2090902@Media-Brokers.com> <4E7B437B.9030600@lists.grepular.com> <20110922142152.GQ18064@charite.de> Message-ID: <4E7B45CD.5060904@lists.grepular.com> On 22/09/11 15:21, Ralf Hildebrandt wrote: >> The University I work at was suffering from this a *lot*. Phishers kept >> contacting our users pretending to be from our IT helpdesk asking users >> to reply with their login details so that their mailbox could be >> refreshed or so their quota could be fixed and other such things. > > Same here. > >> So I developed an application that sits on our outgoing mail routers >> looking for login credentials inside emails. If it finds any, it >> blackholes the email and sends an autoresponse to the sender telling >> them to never ever send login details via email under any circumstances. >> It Cc's me in too, and it catches people emailing their logins around on >> a *daily* basis. > > clamav is supposed to be capable of that functionality > >> Our usernames follow a very strict format, and we have a pretty strict >> password policy so what my program does is pull out a list of all the >> *possible* usernames and passwords and then attempts to authenticate >> against our AD using them. > > Ah! > That's a nice idea. Perhaps, if you have a list of the plain text passwords in advance you could use ClamAV. In our case, we don't as we're using an AD. I actually copied the ClamAV tcp and local interface API so that any MTA which can plug in to ClamAV is also able to plug into Kochi. That's one of the things the framework provides. -- Mike Cardwell https://grepular.com/ https://twitter.com/mickeyc Professional http://cardwellit.com/ http://linkedin.com/in/mikecardwell PGP.mit.edu 0018461F/35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 455 bytes Desc: OpenPGP digital signature URL: From Ralf.Hildebrandt at charite.de Thu Sep 22 17:30:50 2011 From: Ralf.Hildebrandt at charite.de (Ralf Hildebrandt) Date: Thu, 22 Sep 2011 16:30:50 +0200 Subject: [Dovecot] 64.31.19.48 attempt to break into my computer In-Reply-To: <4E7B45CD.5060904@lists.grepular.com> References: <201109191705.p8JH5las016087@lin12.triumf.ca> <4E7B4148.2090902@Media-Brokers.com> <4E7B437B.9030600@lists.grepular.com> <20110922142152.GQ18064@charite.de> <4E7B45CD.5060904@lists.grepular.com> Message-ID: <20110922143050.GT18064@charite.de> > Perhaps, if you have a list of the plain text passwords in advance you > could use ClamAV. No, clamav is supposed to find stuff that looks like "social security numbers". It's probably harder with usernames (especially if the username is by chance a real word) > In our case, we don't as we're using an AD. I actually copied the > ClamAV tcp and local interface API so that any MTA which can plug in to > ClamAV is also able to plug into Kochi. That's one of the things the > framework provides. WOW! -- Ralf Hildebrandt Gesch?ftsbereich IT | Abteilung Netzwerk Charit? - Universit?tsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebrandt at charite.de | http://www.charite.de From tomislav.mihalicek at gmail.com Thu Sep 22 17:33:31 2011 From: tomislav.mihalicek at gmail.com (Tomislav Mihalicek) Date: Thu, 22 Sep 2011 07:33:31 -0700 (PDT) Subject: [Dovecot] Dovecot 1.2, problem with SQL quota and mail aliases In-Reply-To: <32503821.post@talk.nabble.com> References: <32503821.post@talk.nabble.com> Message-ID: <32503822.post@talk.nabble.com> SOLVED add mail=user in user_attrs user_attrs = mail=user,homeDirectory=home,mailQuotaSize=quota_rule=*:bytes=%$ Tomislav Mihalicek wrote: > > I have the same problem but with LDAP, how to fix this on LDAP backed? > > scope = subtree > deref = never > pass_attrs = userPassword=password > base = ou=accounts,dc=globalnet,dc=hr > user_filter = > (&(|(objectClass=qmailUser)(objectClass=mailUser))(accountService=mail)(accountService=%Ls%Lc)(|(mail=%u)(mailAlternateAddress=%u))) > pass_filter = > (&(|(objectClass=qmailUser)(objectClass=mailUser))(accountService=mail)(accountService=%Ls%Lc)(|(mail=%u)(mailAlternateAddress=%u))) > pass_attrs = userPassword=password > default_pass_scheme = MD5 > user_attrs = homeDirectory=home,mailQuotaSize=quota_rule=*:bytes=%$ > > > > Jacek Osiecki wrote: >> >> Hello, >> >> I have a small server running dovecot 1.2 (still not balsy enough to >> switch to 2.0 - virtual sql accounts, managesieve etc.). There are no >> local users - only ones defined in the SQL database, and everything else >> (including quota) is defined in SQL db too. Dovecot is used as IMAP >> daemon, and dovecot-lda is responsible for delivery (in order to make use >> of sieve and managesieve). I know that my configuration might be a bit >> ancient, but this is not referring to any bug (at least I think so) and >> rather to errors I've made in configuration. >> >> Several users have reported, that they are running out of quota even >> though their mailboxes are empty. I thought these were some single cases, >> but recently I discovered that this situation occurs when: >> - user john at domain.com has a mail alias, eg. john.smith at domain.com >> - he logs in to the imap account (using MUA or webmail) using his alias >> (john.smith at domain.com). >> >> In effect, all incoming emails for john at domain.com are increasing the >> counters (both "bytes" and "messages"), but since user logs in using >> john.smith at domain.com - anything he deletes from the mailbox decreases >> the records for john.smith at domain.com. Finally, John has two records: >> >> +---------------------------+-----------+----------+ >> | username | bytes | messages | >> +---------------------------+-----------+----------+ >> | john.smith at domain.com | -5488133 | -13 | >> | john at domain.com | 341411029 | 1111 | >> +---------------------------+-----------+----------+ >> >> The record for john at domain.com finaly reaches the quota limit - and even >> removing all emails does not help. >> >> My /etc/dovecot/dovecot-dict-quota.conf looks like this: >> >> map { >> pattern = priv/quota/storage >> table = quota >> username_field = username >> value_field = bytes >> } >> map { >> pattern = priv/quota/messages >> table = quota >> username_field = username >> value_field = messages >> } >> >> And my question is: what is used as "username"? Always the username given >> wher user logs in? Is there a way to provide some dictionary to translate >> all aliases to the real username? >> >> Best regards, >> -- >> Jacek Osiecki joshua at ceti.pl GG:3828944 >> I don't want something I need. I want something I want. >> >> > > -- View this message in context: http://old.nabble.com/Dovecot-1.2%2C-problem-with-SQL-quota-and-mail-aliases-tp30949509p32503822.html Sent from the Dovecot mailing list archive at Nabble.com. From rick at havokmon.com Thu Sep 22 17:34:17 2011 From: rick at havokmon.com (Rick Romero) Date: Thu, 22 Sep 2011 09:34:17 -0500 Subject: [Dovecot] 64.31.19.48 attempt to break into my computer In-Reply-To: <4E7B45CD.5060904@lists.grepular.com> References: <201109191705.p8JH5las016087@lin12.triumf.ca> <4E7B4148.2090902@Media-Brokers.com> <4E7B437B.9030600@lists.grepular.com> <20110922142152.GQ18064@charite.de> <4E7B45CD.5060904@lists.grepular.com> Message-ID: <20110922093417.Horde.p1v6IqPBW7JOe0dpQ45kRsA@beta.vfemail.net> Quoting Mike Cardwell : > On 22/09/11 15:21, Ralf Hildebrandt wrote: > > > Perhaps, if you have a list of the plain text passwords in advance you > could use ClamAV. In our case, we don't as we're using an AD. I actually > copied the ClamAV tcp and local interface API so that any MTA which can > plug in to ClamAV is also able to plug into Kochi. That's one of the > things the framework provides. There are additional 'non-official' ClamAV signatures that are meant to detect phishing attempts. They do work, but aren't perfect. I'm fortunate enough to be on the phishing list, so I wrote a quickie perl script that will grep the logs for all the recipients and then scan their INBOX for the phishing email and remove it before they read it. Rick From Ralf.Hildebrandt at charite.de Thu Sep 22 17:36:58 2011 From: Ralf.Hildebrandt at charite.de (Ralf Hildebrandt) Date: Thu, 22 Sep 2011 16:36:58 +0200 Subject: [Dovecot] 64.31.19.48 attempt to break into my computer In-Reply-To: <20110922093417.Horde.p1v6IqPBW7JOe0dpQ45kRsA@beta.vfemail.net> References: <201109191705.p8JH5las016087@lin12.triumf.ca> <4E7B4148.2090902@Media-Brokers.com> <4E7B437B.9030600@lists.grepular.com> <20110922142152.GQ18064@charite.de> <4E7B45CD.5060904@lists.grepular.com> <20110922093417.Horde.p1v6IqPBW7JOe0dpQ45kRsA@beta.vfemail.net> Message-ID: <20110922143658.GV18064@charite.de> * Rick Romero : > There are additional 'non-official' ClamAV signatures that are meant > to detect phishing attempts. > They do work, but aren't perfect. Got a link? Or are you thinking of the SaneSecurity Signatures? > I'm fortunate enough to be on the phishing list, so I wrote a quickie > perl script that will grep the logs for all the recipients and then > scan their INBOX for the phishing email and remove it before they > read it. I usually use doveadm for this. -- Ralf Hildebrandt Gesch?ftsbereich IT | Abteilung Netzwerk Charit? - Universit?tsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebrandt at charite.de | http://www.charite.de From rick at havokmon.com Thu Sep 22 17:39:08 2011 From: rick at havokmon.com (Rick Romero) Date: Thu, 22 Sep 2011 09:39:08 -0500 Subject: [Dovecot] 64.31.19.48 attempt to break into my computer In-Reply-To: <20110922143658.GV18064@charite.de> References: <201109191705.p8JH5las016087@lin12.triumf.ca> <4E7B4148.2090902@Media-Brokers.com> <4E7B437B.9030600@lists.grepular.com> <20110922142152.GQ18064@charite.de> <4E7B45CD.5060904@lists.grepular.com> <20110922093417.Horde.p1v6IqPBW7JOe0dpQ45kRsA@beta.vfemail.net> <20110922143658.GV18064@charite.de> Message-ID: <20110922093908.Horde.aS3PC22tkQ9Oe0iMKQXrmnA@beta.vfemail.net> Quoting Ralf Hildebrandt : > * Rick Romero : > >> There are additional 'non-official' ClamAV signatures that are meant >> to detect phishing attempts. >> They do work, but aren't perfect. > > Got a link? Or are you thinking of the SaneSecurity Signatures? Yep. The SaneSecurity Sigs. > >> I'm fortunate enough to be on the phishing list, so I wrote a quickie >> perl script that will grep the logs for all the recipients and then >> scan their INBOX for the phishing email and remove it before they >> read it. > > I usually use doveadm for this. I'm slow to adopting new technology :) I would definitely do it if I wasn't still running plain old Maildir. Rick From Ralf.Hildebrandt at charite.de Thu Sep 22 17:40:37 2011 From: Ralf.Hildebrandt at charite.de (Ralf Hildebrandt) Date: Thu, 22 Sep 2011 16:40:37 +0200 Subject: [Dovecot] 64.31.19.48 attempt to break into my computer In-Reply-To: <20110922093908.Horde.aS3PC22tkQ9Oe0iMKQXrmnA@beta.vfemail.net> References: <201109191705.p8JH5las016087@lin12.triumf.ca> <4E7B4148.2090902@Media-Brokers.com> <4E7B437B.9030600@lists.grepular.com> <20110922142152.GQ18064@charite.de> <4E7B45CD.5060904@lists.grepular.com> <20110922093417.Horde.p1v6IqPBW7JOe0dpQ45kRsA@beta.vfemail.net> <20110922143658.GV18064@charite.de> <20110922093908.Horde.aS3PC22tkQ9Oe0iMKQXrmnA@beta.vfemail.net> Message-ID: <20110922144037.GW18064@charite.de> * Rick Romero : > >I usually use doveadm for this. > > I'm slow to adopting new technology :) I would definitely do it if > I wasn't still running plain old Maildir. It's working on plain old Maildir :) -- Ralf Hildebrandt Gesch?ftsbereich IT | Abteilung Netzwerk Charit? - Universit?tsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebrandt at charite.de | http://www.charite.de From robert at schetterer.org Thu Sep 22 17:42:43 2011 From: robert at schetterer.org (Robert Schetterer) Date: Thu, 22 Sep 2011 16:42:43 +0200 Subject: [Dovecot] 64.31.19.48 attempt to break into my computer In-Reply-To: <20110922143658.GV18064@charite.de> References: <201109191705.p8JH5las016087@lin12.triumf.ca> <4E7B4148.2090902@Media-Brokers.com> <4E7B437B.9030600@lists.grepular.com> <20110922142152.GQ18064@charite.de> <4E7B45CD.5060904@lists.grepular.com> <20110922093417.Horde.p1v6IqPBW7JOe0dpQ45kRsA@beta.vfemail.net> <20110922143658.GV18064@charite.de> Message-ID: <4E7B4963.80207@schetterer.org> Am 22.09.2011 16:36, schrieb Ralf Hildebrandt: > * Rick Romero : > >> There are additional 'non-official' ClamAV signatures that are meant >> to detect phishing attempts. >> They do work, but aren't perfect. > > Got a link? Or are you thinking of the SaneSecurity Signatures? > >> I'm fortunate enough to be on the phishing list, so I wrote a quickie >> perl script that will grep the logs for all the recipients and then >> scan their INBOX for the phishing email and remove it before they >> read it. > > I usually use doveadm for this. > why not simply use clamav-milter with sanesecurity sigs ( works like charme here ) so the stuff dont pass ever in mailboxes, if you dont like reject , then hold for manual human admin interaction -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria From dovecot at lists.grepular.com Thu Sep 22 17:42:44 2011 From: dovecot at lists.grepular.com (dovecot at lists.grepular.com) Date: Thu, 22 Sep 2011 15:42:44 +0100 Subject: [Dovecot] 64.31.19.48 attempt to break into my computer In-Reply-To: <20110922093908.Horde.aS3PC22tkQ9Oe0iMKQXrmnA@beta.vfemail.net> References: <201109191705.p8JH5las016087@lin12.triumf.ca> <4E7B4148.2090902@Media-Brokers.com> <4E7B437B.9030600@lists.grepular.com> <20110922142152.GQ18064@charite.de> <4E7B45CD.5060904@lists.grepular.com> <20110922093417.Horde.p1v6IqPBW7JOe0dpQ45kRsA@beta.vfemail.net> <20110922143658.GV18064@charite.de> <20110922093908.Horde.aS3PC22tkQ9Oe0iMKQXrmnA@beta.vfemail.net> Message-ID: <4E7B4964.4030603@lists.grepular.com> On 22/09/11 15:39, Rick Romero wrote: >>> There are additional 'non-official' ClamAV signatures that are meant >>> to detect phishing attempts. >>> They do work, but aren't perfect. >> >> Got a link? Or are you thinking of the SaneSecurity Signatures? > > Yep. The SaneSecurity Sigs. We do use ClamAV+SaneSecurity on incoming email, but these are *very* targetted phishing attacks, and lots of them manage to get through. The Kochi application that I brought up sits on the *outgoing* mail routers and prevents people sending out their login details once they've been tricked. -- Mike Cardwell https://grepular.com/ https://twitter.com/mickeyc Professional http://cardwellit.com/ http://linkedin.com/in/mikecardwell PGP.mit.edu 0018461F/35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 455 bytes Desc: OpenPGP digital signature URL: From Lutz.Pressler at SerNet.DE Thu Sep 22 17:44:30 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Thu, 22 Sep 2011 16:44:30 +0200 Subject: [Dovecot] zlib_save per namespace/mailbox? Message-ID: Hi, the zlib_save question reminds me of a wish: I think it's not possible to set zlib_save parameter per namespace (or even mailbox). Per namespace would be something for the wish list to get rid of the cron job method to compress archival mailboxes. And maybe an option to add a "Z" flag to compressed maildir message files as recommended in the wiki regarding compress crob job. Lutz From robert at schetterer.org Thu Sep 22 17:51:07 2011 From: robert at schetterer.org (Robert Schetterer) Date: Thu, 22 Sep 2011 16:51:07 +0200 Subject: [Dovecot] 64.31.19.48 attempt to break into my computer In-Reply-To: <4E7B4964.4030603@lists.grepular.com> References: <201109191705.p8JH5las016087@lin12.triumf.ca> <4E7B4148.2090902@Media-Brokers.com> <4E7B437B.9030600@lists.grepular.com> <20110922142152.GQ18064@charite.de> <4E7B45CD.5060904@lists.grepular.com> <20110922093417.Horde.p1v6IqPBW7JOe0dpQ45kRsA@beta.vfemail.net> <20110922143658.GV18064@charite.de> <20110922093908.Horde.aS3PC22tkQ9Oe0iMKQXrmnA@beta.vfemail.net> <4E7B4964.4030603@lists.grepular.com> Message-ID: <4E7B4B5B.5050104@schetterer.org> Am 22.09.2011 16:42, schrieb dovecot at lists.grepular.com: > On 22/09/11 15:39, Rick Romero wrote: > >>>> There are additional 'non-official' ClamAV signatures that are meant >>>> to detect phishing attempts. >>>> They do work, but aren't perfect. >>> >>> Got a link? Or are you thinking of the SaneSecurity Signatures? >> >> Yep. The SaneSecurity Sigs. > > We do use ClamAV+SaneSecurity on incoming email, but these are *very* > targetted phishing attacks, and lots of them manage to get through. The > Kochi application that I brought up sits on the *outgoing* mail routers > and prevents people sending out their login details once they've been > tricked. > yes youre right, after all this isnt really dovecot related wasnt the orginal topic about brute force pop/imap attack ? -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria From jeetendra.p at directi.com Thu Sep 22 18:26:01 2011 From: jeetendra.p at directi.com (Jeetu) Date: Thu, 22 Sep 2011 20:56:01 +0530 Subject: [Dovecot] Missing man page for doveadm move Message-ID: <4E7B5389.7050907@directi.com> Hi, i cant see man pages for doveadm-move, though the command "doveadm move ..." works on new version of dovecot. http://hg.dovecot.org/dovecot-2.0/rev/d7a02077d91f -- -Jeetu From lee at standen.id.au Thu Sep 22 18:55:02 2011 From: lee at standen.id.au (Lee Standen) Date: Thu, 22 Sep 2011 23:55:02 +0800 Subject: [Dovecot] Dovecot 1.x vs 2.x Message-ID: <6F135AF5-22B0-4E3D-97F0-C0F520FB4B6D@standen.id.au> Hi All, I'm currently in the planning stages for a technology refresh for a very large mail installation, and looking at using Dovecot with LDA/Sieve/FTS_Solr and a number of other plugins to give our users some great features. Currently, our standard distribution is Ubuntu Lucid, which has Dovecot 1.x included with it in pre-built packages, and Dovecot 2.x is in the upcoming Oneiric beta coming out next month. My question is, are there any compelling reasons why we should gravitate towards running Dovecot 2.x beyond the fact it's the "latest and greatest" version? What features would we miss that we're likely to want or need on a very large installation (i'm talking dozens of VM's, over 1 million mailboxes). Thanks From tgoguen at ilap.com Thu Sep 22 20:01:16 2011 From: tgoguen at ilap.com (Tristan Goguen) Date: Thu, 22 Sep 2011 13:01:16 -0400 Subject: [Dovecot] Duplicates when switching from Qpopper to Dovecot pop3 Message-ID: Hi All, Our test users re-download the mail they've left on the server when they switch from Qpopper to Dovecot. Qpopper includes the X-UIDL header - X-UIDL: X8V"!E)<"!58?"!"9C"! - on read messages. Any suggestions are appreciated. I've included my dovecot configuration. Thank you, Tristan --- Tristan Tristan Goguen CEO, ILAP? T: 416-250-5600 ext. 205 F: 416-250-6755 tgoguen at ilap.com www.ilap.com --- # 2.0.14: /etc/dovecot.conf # OS: SunOS 5.10 sun4v auth_cache_size = 1048575 B auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.+-_@ auth_username_format = %Ln auth_verbose = yes base_dir = /usr/local/var/run/dovecot/ disable_plaintext_auth = no first_valid_uid = 100 log_path = /var/log/dovecot.log login_greeting = mail_access_groups = mail mail_fsync = never mail_location = mbox:~/mail:INBOX=/var/mail/%1u/%1.1u/%u mbox_dotlock_change_timeout = 1 mins mbox_min_index_size = 1 B mbox_read_locks = dotlock mbox_write_locks = dotlock mmap_disable = yes passdb { driver = shadow } protocols = pop3 service pop3-login { client_limit = 10 inet_listener pop3 { address = 216.223.136.7 port = 110 } process_limit = 128 process_min_avail = 5 service_count = 0 vsz_limit = 512 M } shutdown_clients = no ssl = no userdb { args = blocking=yes driver = passwd } protocol pop3 { pop3_client_workarounds = outlook-no-nuls oe-ns-eoh pop3_enable_last = yes pop3_lock_session = yes pop3_reuse_xuidl = yes pop3_save_uidl = yes } From other at ahhyes.net Fri Sep 23 01:28:07 2011 From: other at ahhyes.net (Alex) Date: Fri, 23 Sep 2011 08:28:07 +1000 Subject: [Dovecot] =?utf-8?q?64=2E31=2E19=2E48_attempt_to_break_into_my_co?= =?utf-8?q?mputer?= Message-ID: It is a great tool. Unfortunately dovecot allows infinate incorrect logins during a single session. When fail2ban has firewalled the ip its pointless as the rule only affects new sessions, not established ones. I am disappointed that the author of dovecot has no interest in adding a feature that closes the session after x auth failures. It would certainly make tools like fail2ban more effective. ----- Reply message ----- From: "John Alexander" Date: Fri, Sep 23, 2011 00:13 Subject: [Dovecot] 64.31.19.48 attempt to break into my computer To: Fail2Ban is an excellent tool to deal with this sort of thing. On Mon, 19 Sep 2011 10:05:47 -0700, Rick Baartman wrote > >From my secure log: > > Sep 19 01:16:44 lin12 dovecot-auth: pam_unix(dovecot:auth): check > pass; user unknown > Sep 19 01:16:44 lin12 dovecot-auth: pam_unix(dovecot:auth): > authentication failure; logname= uid=0 euid=0 tty=dovecot ruser= > rhost=::ffff:64.31.19.48 > Sep 19 01:16:44 lin12 dovecot-auth: pam_succeed_if(dovecot:auth): > error retrieving information about user aaron From rick at havokmon.com Fri Sep 23 02:39:09 2011 From: rick at havokmon.com (Rick Romero) Date: Thu, 22 Sep 2011 18:39:09 -0500 Subject: [Dovecot] 64.31.19.48 attempt to break into my computer In-Reply-To: References: Message-ID: <20110922183909.Horde.LWfYRaPBW7JOe8cdbPhxKc0@beta.vfemail.net> Quoting Alex : > It [fail2ban] is a great tool. Unfortunately dovecot allows infinate > incorrect logins during a single session. When fail2ban has > firewalled the ip its pointless as the rule only affects new > sessions, not established ones. I am disappointed that the author of > dovecot has no interest in adding a feature that closes the session > after x auth failures. It would certainly make tools like fail2ban > more effective. If that is a big issue for you, you could always have fail2ban add a dummy route: For example: route add $IP gw 127.0.0.1 Rick From h.e at gmx.at Fri Sep 23 13:03:17 2011 From: h.e at gmx.at (Hannes Erven) Date: Fri, 23 Sep 2011 12:03:17 +0200 Subject: [Dovecot] 64.31.19.48 attempt to break into my computer In-Reply-To: <20110922183909.Horde.LWfYRaPBW7JOe8cdbPhxKc0@beta.vfemail.net> References: <20110922183909.Horde.LWfYRaPBW7JOe8cdbPhxKc0@beta.vfemail.net> Message-ID: <4E7C5965.4020101@gmx.at> Am 2011-09-23 01:39, schrieb Rick Romero: > > Quoting Alex : > >> It [fail2ban] is a great tool. Unfortunately dovecot allows infinate >> incorrect logins during a single session. When fail2ban has firewalled >> the ip its pointless as the rule only affects new sessions > [...] > If that is a big issue for you, you could always have fail2ban add a > dummy route: > For example: route add $IP gw 127.0.0.1 ... or configure the fail2ban actions so they apply to any traffic from the offending IP. My iptables ruleset has this action: actionban = iptables -I fail2ban- 1 -s -j DROP Of course, if you have users that are proxied behind the same address, just one of them would instantly kill everybody's sessions. So I agree with Alex, it would be great to limit the number of failed login attempts per connection. -hannes From busseniu at in.tum.de Fri Sep 23 15:13:36 2011 From: busseniu at in.tum.de (Christoph Bussenius) Date: Fri, 23 Sep 2011 14:13:36 +0200 Subject: [Dovecot] Strange behavior from shared namespaces and INBOX, probably a bug Message-ID: <20110923121329.GA13235@informatik.tu-muenchen.de> Hi, we have experienced some erratic behavior from Dovecot 2.0.15 if a user's INBOX is shared. Some folders of user1, including the INBOX, have been shared using these IMAP commands: . login user1 XXXXXX . setacl INBOX user2 lrwstiekx . setacl box-a user2 lrwstiekx Now if we use telnet to log in as user2 and select "shared/user1", it will contain the same mails as "shared/user1/INBOX". The really strange thing is that "SELECT"-ing "shared/user1" succeeds only if it is the first command afted logging in. If it not the first command (if e. g. the "LIST" or "SELECT" command has already been used), then dovecot will report that the mailbox does not exist. As a result, user agents like Thunderbird will behave very erratically in this setup. They may show both mailboxes ("shared/user1" and "shared/user1/INBOX") with the same mails, but will not always succeed to download mails for "shared/user1". We were able to reproduce this behavior with a quite simple configuration (see further below), so I doubt that the problem is in the configuration. So, is this a bug in Dovecot? I am not quite sure how exactly it should behave, but it definitely does not seem right this way. Below are the results from telnet: Sending: . login user2 XXXXXX . select shared/user1 Receiving: * FLAGS (\Answered \Flagged \Deleted \Seen \Draft) * OK [PERMANENTFLAGS (\Answered \Flagged \Deleted \Seen \Draft \*)] Flags permitted. * 5 EXISTS * 0 RECENT * OK [UNSEEN 1] First unseen. * OK [UIDVALIDITY 1316698162] UIDs valid * OK [UIDNEXT 6] Predicted next UID * OK [HIGHESTMODSEQ 1] Highest . OK [READ-WRITE] Select completed. Sending: . fetch 1:2 (internaldate rfc822.size) Receiving: * 1 FETCH (INTERNALDATE "25-Apr-2006 23:09:07 +0200" RFC822.SIZE 5660) * 2 FETCH (INTERNALDATE "25-Apr-2006 23:11:01 +0200" RFC822.SIZE 6612) . OK Fetch completed. Sending: . select shared/user1/INBOX Receiving: * OK [CLOSED] Previous mailbox closed. * FLAGS (\Answered \Flagged \Deleted \Seen \Draft) * OK [PERMANENTFLAGS (\Answered \Flagged \Deleted \Seen \Draft \*)] Flags permitted. * 5 EXISTS * 0 RECENT * OK [UNSEEN 1] First unseen. * OK [UIDVALIDITY 1316698162] UIDs valid * OK [UIDNEXT 6] Predicted next UID * OK [HIGHESTMODSEQ 1] Highest . OK [READ-WRITE] Select completed. Sending: . fetch 1:2 (internaldate rfc822.size) Receiving: (Note that these mails are the same as those above) * 1 FETCH (INTERNALDATE "25-Apr-2006 23:09:07 +0200" RFC822.SIZE 5660) * 2 FETCH (INTERNALDATE "25-Apr-2006 23:11:01 +0200" RFC822.SIZE 6612) . OK Fetch completed. Now we select the first mailbox again: Sending: . select shared/user1 Receiving: . NO Mailbox doesn't exist: shared/user1 * OK [CLOSED] Previous mailbox closed. The same command did not fail earlier. Listing the mailboxes shows the following: Sending: . list "" * Receiving: * LIST (\HasNoChildren) "/" "INBOX" * LIST (\Noselect \HasChildren) "/" "shared/user1" * LIST (\HasNoChildren) "/" "shared/user1/box-a" * LIST (\HasNoChildren) "/" "shared/user1/INBOX" . OK List completed. I can reproduce this behavior using the following setup: Virtual users on an ext4 filesystem in /mail/users/{user1,user2} configured in a passwd file (/usr/local/dovecot/etc/dovecot/users): user1:{plain}XXXXXX:::user1:/mail/users/user1:: user2:{plain}XXXXXX:::user2:/mail/users/user2:: Output of doveconf -n: # 2.0.15: /usr/local/dovecot/etc/dovecot/dovecot.conf # OS: Linux 2.6.32-33-server x86_64 Ubuntu 10.04.3 LTS disable_plaintext_auth = no mail_gid = vmail mail_plugins = acl mail_uid = vmail namespace { inbox = yes location = maildir:~/Maildir prefix = separator = / } namespace { list = children location = maildir:%%h/Maildir prefix = shared/%%u/ separator = / subscriptions = no type = shared } passdb { args = scheme=CRYPT username_format=%u /usr/local/dovecot/etc/dovecot/users driver = passwd-file } plugin { acl = vfile acl_shared_dict = file:/mail/shared-mailboxes } protocols = imap service auth { unix_listener auth-userdb { group = vmail mode = 0660 } } ssl_cert = Raum 00.05.055 <> Boltzmannstr. 3 <> Garching From stan at hardwarefreak.com Fri Sep 23 16:13:46 2011 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Fri, 23 Sep 2011 08:13:46 -0500 Subject: [Dovecot] 64.31.19.48 attempt to break into my computer In-Reply-To: <4E7B4963.80207@schetterer.org> References: <201109191705.p8JH5las016087@lin12.triumf.ca> <4E7B4148.2090902@Media-Brokers.com> <4E7B437B.9030600@lists.grepular.com> <20110922142152.GQ18064@charite.de> <4E7B45CD.5060904@lists.grepular.com> <20110922093417.Horde.p1v6IqPBW7JOe0dpQ45kRsA@beta.vfemail.net> <20110922143658.GV18064@charite.de> <4E7B4963.80207@schetterer.org> Message-ID: <4E7C860A.2070908@hardwarefreak.com> On 9/22/2011 9:42 AM, Robert Schetterer wrote: > why not simply use clamav-milter with sanesecurity sigs > ( works like charme here ) > so the stuff dont pass ever in mailboxes, if you dont like reject , then > hold for manual human admin interaction Seems to me this could be done pretty easily with a PCRE/regexp body filter in Postfix, assuming the credentials follow a strict pattern. Apply it to the submission daemon stream and redirect the mail with a filter action to an admin mailbox. I've not written such a thing myself but it seems it would be pretty straightforward. -- Stan From robert at schetterer.org Fri Sep 23 16:45:01 2011 From: robert at schetterer.org (Robert Schetterer) Date: Fri, 23 Sep 2011 15:45:01 +0200 Subject: [Dovecot] 64.31.19.48 attempt to break into my computer In-Reply-To: <4E7C860A.2070908@hardwarefreak.com> References: <201109191705.p8JH5las016087@lin12.triumf.ca> <4E7B4148.2090902@Media-Brokers.com> <4E7B437B.9030600@lists.grepular.com> <20110922142152.GQ18064@charite.de> <4E7B45CD.5060904@lists.grepular.com> <20110922093417.Horde.p1v6IqPBW7JOe0dpQ45kRsA@beta.vfemail.net> <20110922143658.GV18064@charite.de> <4E7B4963.80207@schetterer.org> <4E7C860A.2070908@hardwarefreak.com> Message-ID: <4E7C8D5D.5030708@schetterer.org> Am 23.09.2011 15:13, schrieb Stan Hoeppner: > On 9/22/2011 9:42 AM, Robert Schetterer wrote: > >> why not simply use clamav-milter with sanesecurity sigs >> ( works like charme here ) >> so the stuff dont pass ever in mailboxes, if you dont like reject , then >> hold for manual human admin interaction > > Seems to me this could be done pretty easily with a PCRE/regexp body > filter in Postfix, assuming the credentials follow a strict pattern. > Apply it to the submission daemon stream and redirect the mail with a > filter action to an admin mailbox. I've not written such a thing myself > but it seems it would be pretty straightforward. > why that difficult clamav-milter is able to hold mail, simply configure some monitor script alarming admin when x number mail are in the hold queue so he may delete or unhold it after inspection, i do monitoring i.e. with bb-clone xymon anyway monitoring postfix queues is always nice to have from clamav-milter.conf ACTIONS The following group of options controls the delievery process under different circumstances. The following actions are available: - Accept: The message is accepted for delievery - Reject: Immediately refuse delievery (a 5xx error is returned to the peer) - Defer: Return a temporary failure message (4xx) to the peer - Blackhole (not available for OnFail): Like Accept but the message is sent to oblivion - Quarantine (not available for OnFail): Like Accept but message is quarantined instead of being delivered. NOTE: In Sendmail the quarantine queue can be examined via mailq -qQ. For Postfix this causes the message to be placed on hold. -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria From Lutz.Pressler at SerNet.DE Fri Sep 23 17:49:13 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Fri, 23 Sep 2011 16:49:13 +0200 Subject: [Dovecot] fts (lucene): indexing of virtual mailboxes? Message-ID: Hello, (recent 2.1alpha2 variant - my test setup known to Timo). No time to diagnose in depth at the moment, but I just noticed that SEARCHing in virtual mailboxes seems not to create lucene index content of its own but use those of referenced mailboxes? The problem is that no new indexing takes place. Example: with INBOX INBOX.in% all in dovecot-virtual, for a given query I only get matches from those mailboxes searched in previously. Regards, Lutz From tss at iki.fi Fri Sep 23 17:51:11 2011 From: tss at iki.fi (Timo Sirainen) Date: Fri, 23 Sep 2011 17:51:11 +0300 Subject: [Dovecot] fts (lucene): indexing of virtual mailboxes? In-Reply-To: References: Message-ID: <86A557F0-7062-49B3-A278-3C9418769C65@iki.fi> On 23.9.2011, at 17.49, Lutz Pre?ler wrote: > (recent 2.1alpha2 variant - my test setup known to Timo). > No time to diagnose in depth at the moment, but I just noticed > that SEARCHing in virtual mailboxes seems not to create lucene > index content of its own but use those of referenced mailboxes? Right. > The problem is that no new indexing takes place. It used to work previously.. I'll check later.. From tss at iki.fi Fri Sep 23 17:51:36 2011 From: tss at iki.fi (Timo Sirainen) Date: Fri, 23 Sep 2011 17:51:36 +0300 Subject: [Dovecot] (2.1 recent:) fts_decoder In-Reply-To: References: Message-ID: <072C43C9-38A9-4A22-91AC-78F43EDA74E4@iki.fi> On 22.9.2011, at 14.35, Lutz Pre?ler wrote: > test setup as in previous messages. > With fts = lucene, I enabled the adapted decode2text.sh (at least I tried...) > as suggested in the comment section. > On dovecot-start /var/run/dovecot/decode2text socket is created with sufficiant > permissions (rw for anybody), but decode2text.sh is not started (it's rx for > anybody). When creating lucene indexes, I cannot see it executed either > (and no attachment-only content is findable afterwards). Yeah, it was broken. Fixed today. From forumer at smartmobili.com Fri Sep 23 18:14:06 2011 From: forumer at smartmobili.com (forumer at smartmobili.com) Date: Fri, 23 Sep 2011 17:14:06 +0200 Subject: [Dovecot] How to port this dovecot-1.x configuration file to dovecot-2.x Message-ID: <6638d9f44ea260fbd224784d8a1e958c@smartmobili.com> Hi, I am trying to move from dovecot-1.x to dovecot 2.1 but I have this error : Sep 23 16:04:13 lda: Error: userdb lookup: connect(/var/run/dovecot/auth-master) failed: Permission denied (euid=5000(vmail) egid=5000(vmail) missing +r perm: /var/run/dovecot/auth-master, dir owned by 0:0 mode=0755) and I dont' manage to find information about how to translate this old configuration part: socket listen { master { # Master socket provides access to userdb information. It's typically # used to give Dovecot's local delivery agent access to userdb so it # can find mailbox locations. path = /var/run/dovecot/auth-master mode = 0600 # Default user/group is the one who started dovecot-auth (root) user = vmail #group = } client { # The client socket is generally safe to export to everyone. Typical use # is to export it to your SMTP server so it can do SMTP AUTH lookups # using it. path = /var/run/dovecot/auth-client mode = 0660 } Thanks From tss at iki.fi Fri Sep 23 18:23:05 2011 From: tss at iki.fi (Timo Sirainen) Date: Fri, 23 Sep 2011 18:23:05 +0300 Subject: [Dovecot] How to port this dovecot-1.x configuration file to dovecot-2.x In-Reply-To: <6638d9f44ea260fbd224784d8a1e958c@smartmobili.com> References: <6638d9f44ea260fbd224784d8a1e958c@smartmobili.com> Message-ID: <1C9BC876-89CC-4EB7-A2F7-71500032FA51@iki.fi> On 23.9.2011, at 18.14, forumer at smartmobili.com wrote: > I am trying to move from dovecot-1.x to dovecot 2.1 but I have this error : > > Sep 23 16:04:13 lda: Error: userdb lookup: connect(/var/run/dovecot/auth-master) failed: > Permission denied (euid=5000(vmail) egid=5000(vmail) missing +r perm: /var/run/dovecot/auth-master, dir owned by 0:0 mode=0755) Preferably you'd use auth-userdb now instead of auth-master. > and I dont' manage to find information about how to translate this old configuration part: > > socket listen { > master { > # Master socket provides access to userdb information. It's typically > # used to give Dovecot's local delivery agent access to userdb so it > # can find mailbox locations. > path = /var/run/dovecot/auth-master > mode = 0600 > # Default user/group is the one who started dovecot-auth (root) > user = vmail > #group = > } > client { > # The client socket is generally safe to export to everyone. Typical use > # is to export it to your SMTP server so it can do SMTP AUTH lookups > # using it. > path = /var/run/dovecot/auth-client > mode = 0660 > } doveconf converts that just fine: service auth { unix_listener /var/run/dovecot/auth-client { mode = 0660 } unix_listener /var/run/dovecot/auth-master { mode = 0600 user = vmail } } But again, auth-userdb instead of auth-master is safer. From asai at globalchangemusic.org Fri Sep 23 18:23:41 2011 From: asai at globalchangemusic.org (Asai) Date: Fri, 23 Sep 2011 08:23:41 -0700 Subject: [Dovecot] Using Dsync for Incremental Sync In-Reply-To: <4E7A4157.2080206@globalchangemusic.org> References: <4E7A4157.2080206@globalchangemusic.org> Message-ID: <4E7CA47D.6050904@globalchangemusic.org> So maybe a better question would be, "What can I use for incremental syncing of Dovecot maildirs?" On 9/21/2011 12:56 PM, Asai wrote: > Greetings, > > We have about 26 GB of email which we're trying to sync nightly to a > remote server, but what I just read from a post from Timo awhile back > is that it's not possible because dsync relies on message GUIDs which > aren't available in the IMAP protocol. It seems that this is still > the case, is there anything on the horizon for this to change? From tss at iki.fi Fri Sep 23 19:13:28 2011 From: tss at iki.fi (Timo Sirainen) Date: Fri, 23 Sep 2011 19:13:28 +0300 Subject: [Dovecot] Using Dsync for Incremental Sync In-Reply-To: <4E7A4157.2080206@globalchangemusic.org> References: <4E7A4157.2080206@globalchangemusic.org> Message-ID: <6E40B212-C3FE-4C26-A646-38897E05D34A@iki.fi> On 21.9.2011, at 22.56, Asai wrote: > We have about 26 GB of email which we're trying to sync nightly to a remote server, but what I just read from a post from Timo awhile back is that it's not possible because dsync relies on message GUIDs which aren't available in the IMAP protocol. It seems that this is still the case, is there anything on the horizon for this to change? You mean you want one way Dovecot -> some other IMAP server? Then GUIDs don't really matter and "dsync backup" should work fine. You'll need Dovecot v2.1 of course. From asai at globalchangemusic.org Fri Sep 23 19:27:04 2011 From: asai at globalchangemusic.org (Asai) Date: Fri, 23 Sep 2011 09:27:04 -0700 Subject: [Dovecot] Using Dsync for Incremental Sync In-Reply-To: <6E40B212-C3FE-4C26-A646-38897E05D34A@iki.fi> References: <4E7A4157.2080206@globalchangemusic.org> <6E40B212-C3FE-4C26-A646-38897E05D34A@iki.fi> Message-ID: <4E7CB358.1070205@globalchangemusic.org> Thanks, Timo. Maybe I misunderstood then that Dsync will only add or remove the changed email items on the remote server? Basically we're just trying to keep the mailboxes stored and backed up on the remote server, without having to transfer 26 GB every night. We're using version 2.0.14 right now. So we'd need 2.1 to do that? *Asai* Global Change Multi-Media Internet Application Development IT and Networking Services 520-398-2542 On 9/23/2011 9:13 AM, Timo Sirainen wrote: > On 21.9.2011, at 22.56, Asai wrote: > >> We have about 26 GB of email which we're trying to sync nightly to a remote server, but what I just read from a post from Timo awhile back is that it's not possible because dsync relies on message GUIDs which aren't available in the IMAP protocol. It seems that this is still the case, is there anything on the horizon for this to change? > You mean you want one way Dovecot -> some other IMAP server? Then GUIDs don't really matter and "dsync backup" should work fine. You'll need Dovecot v2.1 of course. > From moseleymark at gmail.com Sat Sep 24 01:35:14 2011 From: moseleymark at gmail.com (Mark Moseley) Date: Fri, 23 Sep 2011 15:35:14 -0700 Subject: [Dovecot] Glued-together private namespaces Message-ID: I've been goofing with this all day with 2.0.15 and I'm starting to realize that either a) I'm not that smart, b) it's been so long since I messed with namespaces that I'm going about it completely wrong, or c) it's just not possible. I haven't posted 'doveconf -n' and other details, because mainly I'm just looking for 'yes, this is possible' or 'no, you're smoking crack' before posting further details. At this point, it's all maildir and moving to mdbox, while highly desirable in the future, is not possible in the near- to medium-term. I'm trying to glue a namespace underneath INBOX: namespace INBOX { type = private separator = . prefix = INBOX. # Yes, this used to be on Courier inbox = yes list = yes hidden = no subscriptions = yes location = maildir:~/Maildir } namespace archive { type = private separator = . prefix = INBOX.Archives. inbox = no list = children subscriptions = yes location = maildir:~/Maildir-Archive } I've tried putting namespace archive's 'prefix' as just "Archives", but Tbird doesn't seem to see this namespace, regardless of how much I futz with the imap settings in tbird. With the above setup, it actually seems to work correctly (provided ~/Maildir-Archive exists), though I'm sure a big gotcha is waiting in the wings. I can move messages around, create subfolders, subscribe to folders in ~/Maildir-Archive). The only thing I can't seem to get working is quotas. With my password_query like: password_query = ... CONCAT( '*:bytes=', "1M" ) AS 'userdb_quota_rule', \ CONCAT( '*:messages=10' ) AS 'userdb_quota_rule2', \ CONCAT( 'INBOX.Archives:bytes=+4900M' ) AS 'userdb_quota_rule3', \ CONCAT( 'INBOX.Archives:messages=+3900' ) AS 'userdb_quota_rule4' ... only the default quota seems to be in place for any subfolder of INBOX.Archives and for INBOX.Archives itself, i.e. *:bytes still applies to INBOX.Archives. The debug log show that: Debug: Quota root: name=User quota backend=maildir args= Debug: Quota rule: root=User quota mailbox=* bytes=1048576 messages=0 Debug: Quota rule: root=User quota mailbox=* bytes=1048576 messages=10 Debug: Quota rule: root=User quota mailbox=INBOX.Archives bytes=+5138022400 messages=0 Debug: Quota rule: root=User quota mailbox=INBOX.Archives bytes=+5138022400 messages=+3900 These are wildly stupid quotas but they're just there to test. With INBOX already at capacity (byte-wise; only set to a meg), copying large messages inside INBOX.Archives fails (only copying a 800k message but the quota should be 5gig now). Again, before I post configs, I'm just curious if what I'm trying to do isn't remotely possible, or that I'm approaching this entirely wrongly. Thanks! From piotr-l at netexpert.pl Sat Sep 24 12:00:22 2011 From: piotr-l at netexpert.pl (Piotr NetExpert) Date: Sat, 24 Sep 2011 11:00:22 +0200 Subject: [Dovecot] dsync doubts Message-ID: <4E7D9C26.6030207@netexpert.pl> Hi everyone, I want to backup mailboxes to another server. A usage information for dsync says "... ". Does it mean I need dsync installed on the other server too? Now when I try to run dsync I receive: # dsync -v -D -u abc backup ssh user at other.server dsync(username): Debug: Effective uid=123, gid=123, home=/path/abc dsync(username): Debug: maildir++: root=/path/abc, index=, control=, inbox=/path/abc dsync-local(abc): Debug: Namespace : Using permissions from /path/abc: mode=0700 gid=-1 Password: server: not found dsync-local(abc): Error: read() from worker server failed: EOF What could be wrong? How can I check what it wants to do and cannot? I cannot find more information I need in a wiki page of dsync. -- pozdrawiam Piotr Szafarczyk http://www.netexpert.pl From lennon at orcon.net.nz Sat Sep 24 12:13:10 2011 From: lennon at orcon.net.nz (Craig Whitmore) Date: Sat, 24 Sep 2011 21:13:10 +1200 Subject: [Dovecot] dsync doubts In-Reply-To: <4E7D9C26.6030207@netexpert.pl> Message-ID: http://wiki2.dovecot.org/Tools/Dsync On 24/09/11 8:00 PM, "Piotr NetExpert" wrote: >Hi everyone, > >I want to backup mailboxes to another server. A usage information for >dsync says "... ". Does it mean I need dsync >installed on the other server too? > >Now when I try to run dsync I receive: ># dsync -v -D -u abc backup ssh user at other.server >dsync(username): Debug: Effective uid=123, gid=123, home=/path/abc >dsync(username): Debug: maildir++: root=/path/abc, index=, control=, >inbox=/path/abc >dsync-local(abc): Debug: Namespace : Using permissions from /path/abc: >mode=0700 gid=-1 >Password: >server: not found >dsync-local(abc): Error: read() from worker server failed: EOF > >What could be wrong? How can I check what it wants to do and cannot? I >cannot find more information I need in a wiki page of dsync. >-- >pozdrawiam >Piotr Szafarczyk > >http://www.netexpert.pl From piotr-l at netexpert.pl Sat Sep 24 12:55:26 2011 From: piotr-l at netexpert.pl (Piotr NetExpert) Date: Sat, 24 Sep 2011 11:55:26 +0200 Subject: [Dovecot] dsync doubts In-Reply-To: References: Message-ID: <4E7DA90E.6050800@netexpert.pl> ??? I know the page. Do you mean I missed something there? What exactly? > http://wiki2.dovecot.org/Tools/Dsync > > > On 24/09/11 8:00 PM, "Piotr NetExpert" wrote: > >> Hi everyone, >> >> I want to backup mailboxes to another server. A usage information for >> dsync says "...". Does it mean I need dsync >> installed on the other server too? >> >> Now when I try to run dsync I receive: >> # dsync -v -D -u abc backup ssh user at other.server >> dsync(username): Debug: Effective uid=123, gid=123, home=/path/abc >> dsync(username): Debug: maildir++: root=/path/abc, index=, control=, >> inbox=/path/abc >> dsync-local(abc): Debug: Namespace : Using permissions from /path/abc: >> mode=0700 gid=-1 >> Password: >> server: not found >> dsync-local(abc): Error: read() from worker server failed: EOF >> >> What could be wrong? How can I check what it wants to do and cannot? I >> cannot find more information I need in a wiki page of dsync. >> -- pozdrawiam Piotr Szafarczyk http://www.netexpert.pl From dvrsn at diphi.com Fri Sep 23 23:20:58 2011 From: dvrsn at diphi.com (Jeff Rogers) Date: Fri, 23 Sep 2011 13:20:58 -0700 Subject: [Dovecot] tiny doc bug report Message-ID: <4E7CEA2A.8080100@diphi.com> First timer, I'm installing dovecot-2.0.15. I ran configure; make; sudo make install The INSTALL file then says: --- Rename configuration file: mv /usr/local/etc/dovecot-example.conf /usr/local/etc/dovecot.conf Read through, and make needed modifications. --- The example configuration file is not installed in that location. Presumably it is now installed as /usr/local/share/doc/dovecot/example-config/dovecot.conf Unless this path difference is a quirk of my local system, the INSTALL directions should be fixed to avoid confusion. Thanks, -J From dick at fouter.net Sat Sep 24 21:02:36 2011 From: dick at fouter.net (Dick Middleton) Date: Sat, 24 Sep 2011 19:02:36 +0100 Subject: [Dovecot] dsync doubts In-Reply-To: <4E7D9C26.6030207@netexpert.pl> References: <4E7D9C26.6030207@netexpert.pl> Message-ID: <4E7E1B3C.9010809@fouter.net> On 09/24/11 10:00, Piotr NetExpert wrote: > Hi everyone, > > I want to backup mailboxes to another server. A usage information for dsync > says "... ". Does it mean I need dsync installed on the > other server too? Yes Dick From dovecot-user at spambox.dk Sun Sep 25 01:23:49 2011 From: dovecot-user at spambox.dk (Henrik Larsson) Date: Sun, 25 Sep 2011 00:23:49 +0200 Subject: [Dovecot] "doveadm log reopen" don't reopen seperate lmtp log Message-ID: <4E7E5875.60508@spambox.dk> Dear all I have setup separate pop3/imap log "/var/log/dovecot" and lmtp delivery log "/var/log/dovecot-deliver". After rotating logfiles, i run "doveadm log reopen". I see that my pop3/imap log "/var/log/dovecot" is used straight away, but my lmpt log "/var/log/dovecot-deliver" isn't used at first. After some time, usually a few minutes, logs are being written to this file anyway. But if I compare this to my maillog, it misses some deliveries just after the log rotation. Is there any problems with this configuration that should be corrected? --cut-- # doveconf -n # 2.0.15: /usr/local/etc/dovecot/dovecot.conf # OS: FreeBSD 8.2-STABLE amd64 auth_mechanisms = plain login digest-md5 cram-md5 first_valid_uid = 125 hostname = mail.larsson.it listen = * log_path = /var/log/dovecot mail_plugins = fts fts_squat zlib mail_privileged_group = postfix mail_temp_dir = /var/db/dovecot managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date namespace { inbox = yes location = prefix = separator = . type = private } namespace { hidden = yes inbox = no list = no location = prefix = INBOX. separator = . type = private } passdb { args = /usr/local/etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { fts = squat fts_squat = partial=4 full=10 sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = imap pop3 lmtp sieve service auth-worker { user = $default_internal_user } service auth { unix_listener /home/mail/postfix/private/auth { group = postfix mode = 0666 user = postfix } } service lmtp { executable = lmtp -L unix_listener /home/mail/postfix/private/dovecot-lmtp { group = postfix mode = 0660 user = postfix } } ssl_cert = I'm attempting to create a virtual inbox that contains all unread messages from the user's Maildir. I created a conf file called 80-virtual.conf containing: mail_plugins = $mail_plugins virtual namespace { prefix = virtual/ separator = / location = virtual:~/Maildir/virtual } And created the /home/username/Maildir/virtual/unseen/dovecot-virtual file which contains: # ~/Maildir/virtual/unseen/dovecot-virtual * unseen However it doesn't work and the maillog file contains: dovecot: imap(username): Error: user username: Initialization failed: namespace configuration error: inbox=yes namespace missing This is with dovecot 2.0.beta6 (3156315704ef) Does anybody have any suggestions? Thanks! Terry From Lutz.Pressler at SerNet.DE Mon Sep 26 14:11:23 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Mon, 26 Sep 2011 13:11:23 +0200 Subject: [Dovecot] Virtual Folder configuration problem. In-Reply-To: <20110924213056.Horde.qHIQRFeGiNBOfoRQjGNhvJA@www.cnysupport.com> References: <20110924213056.Horde.qHIQRFeGiNBOfoRQjGNhvJA@www.cnysupport.com> Message-ID: On Sa, 24 Sep 2011, Terry Carmen wrote: > I'm attempting to create a virtual inbox that contains all unread > messages from the user's Maildir. > > I created a conf file called 80-virtual.conf containing: [...] > However it doesn't work and the maillog file contains: > > dovecot: imap(username): Error: user username: Initialization failed: > namespace configuration error: inbox=yes namespace missing > Probably you forgot to follow this advise from 10-mail.conf: # REMEMBER: If you add any namespaces, the default namespace must be added # explicitly, ie. mail_location does nothing unless you have a namespace # without a location setting. Default namespace is simply done by having a # namespace with empty prefix. Lutz From udo.lembke at albertbauer.com Mon Sep 26 14:24:09 2011 From: udo.lembke at albertbauer.com (Udo Lembke) Date: Mon, 26 Sep 2011 13:24:09 +0200 Subject: [Dovecot] how to disable quota for second namespace? In-Reply-To: <4E78B30F.7020000@albertbauer.com> References: <4E78B30F.7020000@albertbauer.com> Message-ID: <4E8060D9.2010603@albertbauer.com> Am 20.09.2011 17:36, schrieb Udo Lembke: > > > Hi all, > I have a second namespace as archive, where no quota should be active > (work with type = shared). > But if I change the type to private the quota will allways count. Hi, for reference only (if someone find this post) with help in the irc-channel I got the right configuration: plugin { quota = maildir:User quota:ns= quota2 = maildir:Archiv quota:ns=archiv/%u/ } plugin { quota_rule = *:storage=500M quota_rule2 = Trash:storage=+100M quota_rule3 = Sent:storage=+50M quota_rule4 = ns=archiv/%u/:ignore } The ":ns=" do the right trick! Here the result: doveadm quota get -u test at example.com Quota name Type Value Limit % User quota STORAGE 95132 204800 46 User quota MESSAGE 6423 - 0 Archiv quota STORAGE 3290972 - 0 Archiv quota MESSAGE 136950 - 0 Udo From carloswill at gmail.com Mon Sep 26 15:43:56 2011 From: carloswill at gmail.com (Carlos Mennens) Date: Mon, 26 Sep 2011 08:43:56 -0400 Subject: [Dovecot] Subscription File Message-ID: I had a use lose 20 folders on their mail account. I was able to pull them back from a restore and dumped them all back on the server in her Maildir. The problem is she doesn't see them on her Thunderbird or Outlook client. I checked to make sure I put them back into the correct directory and I did as well as verify permissions aren't weird. I then noticed a file called 'subscriptions' in her Maildir directory. She appears to only be seeing folders that are listed in this 'subscriptions' file. My question is how do I update this file? If I delete it, will Dovecot re-generate the file with the correct subscription entries? I don't understand what to do but I'm hoping I don't have to edit the file by hand...that seems way too cumbersome. From Ralf.Hildebrandt at charite.de Mon Sep 26 15:45:44 2011 From: Ralf.Hildebrandt at charite.de (Ralf Hildebrandt) Date: Mon, 26 Sep 2011 14:45:44 +0200 Subject: [Dovecot] Subscription File In-Reply-To: References: Message-ID: <20110926124544.GN21539@charite.de> * Carlos Mennens : > I had a use lose 20 folders on their mail account. I was able to pull > them back from a restore and dumped them all back on the server in her > Maildir. The problem is she doesn't see them on her Thunderbird or > Outlook client. I checked to make sure I put them back into the > correct directory and I did as well as verify permissions aren't > weird. I then noticed a file called 'subscriptions' in her Maildir > directory. She appears to only be seeing folders that are listed in > this 'subscriptions' file. My question is how do I update this file? > If I delete it, will Dovecot re-generate the file with the correct > subscription entries? I don't understand what to do but I'm hoping I > don't have to edit the file by hand...that seems way too cumbersome. The client handles the subscriptions (and dovecot does in turn update the file) -- Ralf Hildebrandt Gesch?ftsbereich IT | Abteilung Netzwerk Charit? - Universit?tsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebrandt at charite.de | http://www.charite.de From CMarcus at Media-Brokers.com Mon Sep 26 16:38:44 2011 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Mon, 26 Sep 2011 09:38:44 -0400 Subject: [Dovecot] Virtual Folder configuration problem. In-Reply-To: <20110924213056.Horde.qHIQRFeGiNBOfoRQjGNhvJA@www.cnysupport.com> References: <20110924213056.Horde.qHIQRFeGiNBOfoRQjGNhvJA@www.cnysupport.com> Message-ID: <4E808064.9050005@Media-Brokers.com> On 2011-09-24 9:30 PM, Terry Carmen wrote: > This is with dovecot 2.0.beta6 (3156315704ef) > > Does anybody have any suggestions? Upgrade - which probably won't fix your problem, but because the version you're using is so old should be considered a requirement before asking for further help. -- Best regards, Charles From carloswill at gmail.com Mon Sep 26 17:07:35 2011 From: carloswill at gmail.com (Carlos Mennens) Date: Mon, 26 Sep 2011 10:07:35 -0400 Subject: [Dovecot] Subscription File In-Reply-To: <20110926124544.GN21539@charite.de> References: <20110926124544.GN21539@charite.de> Message-ID: On Mon, Sep 26, 2011 at 8:45 AM, Ralf Hildebrandt wrote: > The client handles the subscriptions (and dovecot does in turn update > the file) So I added some folders back to the users Maildir directory and made sure ownership on the Linux side was correct. I just can't see where in Thunderbird, the user is able to see folders in her Maildir that she's unsubscribed to and how we enable the subscription. From CMarcus at Media-Brokers.com Mon Sep 26 17:11:46 2011 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Mon, 26 Sep 2011 10:11:46 -0400 Subject: [Dovecot] Subscription File In-Reply-To: References: <20110926124544.GN21539@charite.de> Message-ID: <4E808822.4030406@Media-Brokers.com> On 2011-09-26 10:07 AM, Carlos Mennens wrote: > So I added some folders back to the users Maildir directory and made > sure ownership on the Linux side was correct. I just can't see where > in Thunderbird, the user is able to see folders in her Maildir that > she's unsubscribed to and how we enable the subscription. Right-click on any folder under the account, then click 'Subscribe'... -- Best regards, Charles From terry at cnysupport.com Mon Sep 26 17:14:28 2011 From: terry at cnysupport.com (Terry Carmen) Date: Mon, 26 Sep 2011 10:14:28 -0400 Subject: [Dovecot] Virtual Folder configuration problem. In-Reply-To: <4E808064.9050005@Media-Brokers.com> References: <20110924213056.Horde.qHIQRFeGiNBOfoRQjGNhvJA@www.cnysupport.com> <4E808064.9050005@Media-Brokers.com> Message-ID: <20110926101428.Horde.qUH2U1eGiNBOgIjErxtgghA@www.cnysupport.com> ----- Message from Charles Marcus --------- Date: Mon, 26 Sep 2011 09:38:44 -0400 From: Charles Marcus Reply-To: Dovecot Mailing List Subject: Re: [Dovecot] Virtual Folder configuration problem. To: dovecot at dovecot.org > On 2011-09-24 9:30 PM, Terry Carmen wrote: >> This is with dovecot 2.0.beta6 (3156315704ef) >> >> Does anybody have any suggestions? > > Upgrade - which probably won't fix your problem, but because the > version you're using is so old should be considered a requirement > before asking for further help. It's the version that came with Centos 6. I was keeping it to maintain compatibility with the Cendos distribution. In any case, I'll probably try an upgrade later today, because even after adding the default namespace config, the virtual folders still don't work and it suddenly began complaining about not supporting TLS. Terry From carloswill at gmail.com Mon Sep 26 17:16:34 2011 From: carloswill at gmail.com (Carlos Mennens) Date: Mon, 26 Sep 2011 10:16:34 -0400 Subject: [Dovecot] Subscription File In-Reply-To: <4E808822.4030406@Media-Brokers.com> References: <20110926124544.GN21539@charite.de> <4E808822.4030406@Media-Brokers.com> Message-ID: On Mon, Sep 26, 2011 at 10:11 AM, Charles Marcus wrote: > Right-click on any folder under the account, then click 'Subscribe'... I don't think we're on the same page here. I restored the folders off tape and moved them back into her 'Maildir' directory on the server. She doesn't see them in Webmail or Thunderbird clients because they are not listed in this 'subscribe' text file Dovecot uses to display the folders to the user. She can't right click what she can't see. The folders are sitting in her Maildir and I can see them on the server...I'm just missing how we can see or present these folders to the user so she can see / subscribe the folders. Sorry if I'm missing something here... From CMarcus at Media-Brokers.com Mon Sep 26 17:27:01 2011 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Mon, 26 Sep 2011 10:27:01 -0400 Subject: [Dovecot] Subscription File In-Reply-To: References: <20110926124544.GN21539@charite.de> <4E808822.4030406@Media-Brokers.com> Message-ID: <4E808BB5.9050902@Media-Brokers.com> On 2011-09-26 10:16 AM, Carlos Mennens wrote: > On Mon, Sep 26, 2011 at 10:11 AM, Charles Marcus > wrote: >> Right-click on any folder under the account, then click 'Subscribe'... > > I don't think we're on the same page here. I restored the folders off > tape and moved them back into her 'Maildir' directory on the server. > She doesn't see them in Webmail or Thunderbird clients because they > are not listed in this 'subscribe' text file Dovecot uses to display > the folders to the user. She can't right click what she can't see. The > folders are sitting in her Maildir and I can see them on the > server...I'm just missing how we can see or present these folders to > the user so she can see / subscribe the folders. > > Sorry if I'm missing something here... You are... as has already been told to you, the subscriptions file is accessed/manipulated by IMAP *clients - ie, Thunderbird. Do as I suggested - in Thunderbird, right-click on ANY folder that IS being displayed, click 'Subscriptions', then ENABLE the missing folders in the subscriptions list (click the little checkbox). If you don't see them there, then that would most likely be a permissions problem. -- Best regards, Charles From carloswill at gmail.com Mon Sep 26 18:00:01 2011 From: carloswill at gmail.com (Carlos Mennens) Date: Mon, 26 Sep 2011 11:00:01 -0400 Subject: [Dovecot] Subscription File In-Reply-To: <4E808BB5.9050902@Media-Brokers.com> References: <20110926124544.GN21539@charite.de> <4E808822.4030406@Media-Brokers.com> <4E808BB5.9050902@Media-Brokers.com> Message-ID: On Mon, Sep 26, 2011 at 10:27 AM, Charles Marcus wrote: > You are... as has already been told to you, the subscriptions file is > accessed/manipulated by IMAP *clients - ie, Thunderbird. > > Do as I suggested - in Thunderbird, right-click on ANY folder that IS being > displayed, click 'Subscriptions', then ENABLE the missing folders in the > subscriptions list (click the little checkbox). > > If you don't see them there, then that would most likely be a permissions > problem. Sorry Monday's are a bit slow for me. Understood and thanks! From busseniu at in.tum.de Mon Sep 26 19:56:51 2011 From: busseniu at in.tum.de (Christoph Bussenius) Date: Mon, 26 Sep 2011 18:56:51 +0200 Subject: [Dovecot] [PATCH] Bad boundary check in client_find_namespace Message-ID: <20110926165651.GA20769@informatik.tu-muenchen.de> Hi, while trying to investigate the bug I reported last week, I found that there is a broken boundary check in client_find_namespace in src/imap/imap-commands-util.c. The code is: /* make sure two hierarchy separators aren't next to each others */ for (p = storage_name+1; *p != '\0'; p++) { if (p[0] == ns->real_sep && p[-1] == ns->real_sep) { client_send_tagline(cmd, "NO Invalid mailbox name."); return NULL; } } The loop iterates over the string storage_name starting from its second byte. However, the string may be "". This is the case if you select the root of a namespace, like in "SELECT shared" or "SELECT shared/user1". In that case, the code will read past the end of the buffer from random memory until it finds a zero byte or a duplicate separator. This would fix it: diff -ru dovecot-2.0.15.orig/src/imap/imap-commands-util.c dovecot-2.0.15/src/imap/imap-commands-util.c --- dovecot-2.0.15.orig/src/imap/imap-commands-util.c 2011-08-02 12:29:37.000000000 +0200 +++ dovecot-2.0.15/src/imap/imap-commands-util.c 2011-09-26 18:33:16.121917759 +0200 @@ -81,7 +81,9 @@ } /* make sure two hierarchy separators aren't next to each others */ - for (p = storage_name+1; *p != '\0'; p++) { + for (p = storage_name; *p != '\0'; p++) { + if (p == storage_name) + continue; if (p[0] == ns->real_sep && p[-1] == ns->real_sep) { client_send_tagline(cmd, "NO Invalid mailbox name."); return NULL; Cheers, Christoph Bu?enius -- Christoph Bu?enius Rechnerbetriebsgruppe der Fakult?ten Informatik und Mathematik TU M?nchen +49 89-289-18519 <> Raum 00.05.055 <> Boltzmannstr. 3 <> Garching From moseleymark at gmail.com Mon Sep 26 20:11:45 2011 From: moseleymark at gmail.com (Mark Moseley) Date: Mon, 26 Sep 2011 10:11:45 -0700 Subject: [Dovecot] Glued-together private namespaces In-Reply-To: References: Message-ID: On Fri, Sep 23, 2011 at 3:35 PM, Mark Moseley wrote: > I've been goofing with this all day with 2.0.15 and I'm starting to > realize that either a) I'm not that smart, b) it's been so long since > I messed with namespaces that I'm going about it completely wrong, or > c) it's just not possible. I haven't posted 'doveconf -n' and other > details, because mainly I'm just looking for 'yes, this is possible' > or 'no, you're smoking crack' before posting further details. At this > point, it's all maildir and moving to mdbox, while highly desirable in > the future, is not possible in the near- to medium-term. > > I'm trying to glue a namespace underneath INBOX: > > namespace INBOX { > ? ? ? ?type = private > ? ? ? ?separator = . > ? ? ? ?prefix = INBOX. ? ?# Yes, this used to be on Courier > ? ? ? ?inbox = yes > ? ? ? ?list = yes > ? ? ? ?hidden = no > ? ? ? ?subscriptions = yes > ? ? ? ?location = maildir:~/Maildir > } > namespace archive { > ? ? ? ?type = private > ? ? ? ?separator = . > ? ? ? ?prefix = INBOX.Archives. > ? ? ? ?inbox = no > ? ? ? ?list = children > ? ? ? ?subscriptions = yes > ? ? ? ?location = maildir:~/Maildir-Archive > } > > > I've tried putting namespace archive's 'prefix' as just "Archives", > but Tbird doesn't seem to see this namespace, regardless of how much I > futz with the imap settings in tbird. > > With the above setup, it actually seems to work correctly (provided > ~/Maildir-Archive exists), though I'm sure a big gotcha is waiting in > the wings. I can move messages around, create subfolders, subscribe to > folders in ~/Maildir-Archive). The only thing I can't seem to get > working is quotas. With my password_query like: > > password_query = ... > CONCAT( '*:bytes=', "1M" ) AS 'userdb_quota_rule', \ > CONCAT( '*:messages=10' ) AS 'userdb_quota_rule2', \ > CONCAT( 'INBOX.Archives:bytes=+4900M' ) AS 'userdb_quota_rule3', \ > CONCAT( 'INBOX.Archives:messages=+3900' ) AS 'userdb_quota_rule4' > ... > > only the default quota seems to be in place for any subfolder of > INBOX.Archives and for INBOX.Archives itself, i.e. *:bytes still > applies to INBOX.Archives. The debug log show that: > > Debug: Quota root: name=User quota backend=maildir args= > Debug: Quota rule: root=User quota mailbox=* bytes=1048576 messages=0 > Debug: Quota rule: root=User quota mailbox=* bytes=1048576 messages=10 > Debug: Quota rule: root=User quota mailbox=INBOX.Archives > bytes=+5138022400 messages=0 > Debug: Quota rule: root=User quota mailbox=INBOX.Archives > bytes=+5138022400 messages=+3900 > > These are wildly stupid quotas but they're just there to test. With > INBOX already at capacity (byte-wise; only set to a meg), copying > large messages inside INBOX.Archives fails (only copying a 800k > message but the quota should be 5gig now). > > Again, before I post configs, I'm just curious if what I'm trying to > do isn't remotely possible, or that I'm approaching this entirely > wrongly. Thanks! > Thanks to a fortuitously unrelated thread ("how to disable quota for second namespace"), I got the quota part figured out and that seems to be working: Add a second entry to plugin {}, e.g. "quota2 = maildir:Archive quota:ns=INBOX.Archives." and add rules for userdb_quota2_rule, userdb_quota2_rule2, etc. My real question now is: Are there any fatal gotchas in this that I'm just not thinking of? From nerijus.kislauskas at ktu.lt Tue Sep 27 15:56:10 2011 From: nerijus.kislauskas at ktu.lt (Nerijus Kislauskas) Date: Tue, 27 Sep 2011 15:56:10 +0300 Subject: [Dovecot] deliver agent and index/control files Message-ID: <4E81C7EA.6040502@ktu.lt> Hi Timo and others, We use Dovecot in Kaunas University of Technology in Lithuania. For now our LDA is Postfix and POP/IMAP server is Dovecot. We would like to implement dovecot deliver as LDA. Everything is ok exept one small thing: deliver is creating dovecot.index.log in wrong place In dovecot config files we have: ... mail_location = maildir:/var/mail/%Ln:INDEX=/var/indexes/%Ln:CONTROL=/var/indexes/%Ln ... As you can see, mail and index/control files are in different partitions. and deliver log: deliver(nerijus.kislauskas at ktu.lt): maildir: data=/var/mail/nerkisl deliver(nerijus.kislauskas at ktu.lt): maildir++: root=/var/mail/nerkisl, index=, control=, inbox=/var/mail/nerkisl That is why dovecot.index.log is created in /var/mail/nerkisl, and not in /var/indexes/nerkisl. How can we fix this? -- Sincerely, Nerijus Kislauskas KTU ITPI, LitNET NOC Studentu g. 48a - 101, Kaunas tel.: (8~37) 30 06 45 mob. tel.: 8-614-93889 e-mail.: nerijus.kislauskas at ktu.lt From nerijus.kislauskas at ktu.lt Tue Sep 27 16:11:04 2011 From: nerijus.kislauskas at ktu.lt (Nerijus Kislauskas) Date: Tue, 27 Sep 2011 16:11:04 +0300 Subject: [Dovecot] deliver agent and index/control files In-Reply-To: <4E81C7EA.6040502@ktu.lt> References: <4E81C7EA.6040502@ktu.lt> Message-ID: <4E81CB68.4040606@ktu.lt> On 09/27/2011 03:56 PM, Nerijus Kislauskas wrote: > How can we fix this? Sorry for your disturbance. LDAP replication issue. Everything is working fine. Thanks for your great job. -- Pagarbiai, Nerijus Kislauskas KTU ITPI, Litnet valdymo centras Studentu g. 48a - 101, Kaunas tel.: (8~37) 30 06 45 mob. tel.: 8-614-93889 e-mail.: nerijus.kislauskas at ktu.lt From andreas at kado-web.de Tue Sep 27 17:32:20 2011 From: andreas at kado-web.de (Andreas Cieslak) Date: Tue, 27 Sep 2011 16:32:20 +0200 Subject: [Dovecot] Create userdir on dovecot login --- solved Message-ID: <0MGXWy-1RLm6d3cJM-00DXml@mrelayeu.kundenserver.de> Sorted out the problem, which was already solved in an older forum post of dovecot. In the file /usr/local/etc/dovecot/conf.d/auth-system.conf.ext I set Passdb { Driver = pam args = session=yes dovecot } Unfortunately this didn?t work because when I log in with a user xy, the user dovecot became the owner of the userdir. When I modified the file /usr/local/etc/dovecot/conf.d/auth-system.conf.ext like this: Passdb { Driver = pam # args = session=yes dovecot } And gave anyone (for testing) the permission to write to home. That worked! At least put the ldap-users in a group and gave that group writing permissions to home. Finished! -----Urspr?ngliche Nachricht----- Von: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] Im Auftrag von Andreas Cieslak Gesendet: Donnerstag, 22. September 2011 15:41 An: dovecot at dovecot.org Betreff: [Dovecot] Create userdir on dovecot login Hi List, I am trying to set up automated userdir-creation on login via squirrelmail or email-client with a dovecot backend. The users are first imported on an openldap directory on the same server as the dovecot runs on. Authentication on the dovecot mail system via pam_ldap works properly. Tried already to integrate some advices from the dovecot wiki like Passdb { Driver = pam args = session=yes dovecot } But the homedir creation works only when the user logs onto the machine. When I try to log in via Squirrel on the dovecot no homedir is created and there is following message in the logs: auth: Error: pam(cieslak,193.175.157.121): pam_open_session() failed: Permission denied I think its something about the user rights, but dont really know where to search for the needle Here is the config of my environment root at server:/home# dovecot -n # 2.0.13: /usr/local/etc/dovecot/dovecot.conf # OS: Linux 2.6.32-5-686 i686 Debian 6.0.2 auth_debug = yes auth_mechanisms = login plain auth_verbose = yes first_valid_uid = 1000 hostname = server info_log_path = /var/log/dovecot-info last_valid_uid = 10000 listen = * log_path = /var/log/dovecot mail_access_groups = mail mail_debug = yes mail_full_filesystem_access = yes mail_location = maildir:~/Maildir mbox_write_locks = fcntl passdb { args = session=yes dovecot driver = pam } postmaster_address = mailaddress service auth-worker { group = shadow user = $default_internal_user } service auth { user = $default_internal_user } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } process_min_avail = 0 service_count = 0 vsz_limit = 256 M } service lmtp { unix_listener lmtp { mode = 0666 } } service pop3-login { inet_listener pop3s { port = 995 ssl = yes } } ssl_ca = Hello, I'm moving my mail server from Exchange to an opensource one. After a bunch of reading, I decided on building a Dovecot2 + Postfix server in a VirtualUsers-only + Multiple-domains configuration. Since my messages will be stored by Dovecot, and the documentation is really good, I figured that it's smartest to configure Dovecot, then make Postfix 'fit' to it, sharing the data files that way. I read through lots of the Dovecot wiki for v2. There are many ways for storing the database data. My goal is to only have data in one instances, used by both Postfix & Dovecot. I'm a little confused about: to do that sharing-in-one-place, do I have to use SQL or can I use the flatfiles like passwd-db? I think for sure someone already decided the best approach for this, and maybe I'm not understanding the logic to it. The data I think I need to share are: users (user at domain.com) passwords user aliases (mapping user2 at domain.com -> user1 at domain.com) domains domain aliases (domain.com also receives email for domain2.com) And I think all of this can be in passwd-db in Dovecot. But I also want to make sure that Postfix ONLY accepts email for users/domains that exist, so it has to read that data too. Can I do this that way with the flatfiles? Or do I have to use the SQL approach? TJ From tom at whyscream.net Tue Sep 27 20:29:25 2011 From: tom at whyscream.net (Tom Hendrikx) Date: Tue, 27 Sep 2011 19:29:25 +0200 Subject: [Dovecot] What best decision to make for flatfiles or SQL when I use Dovecot2 + Postfix together? In-Reply-To: <1317138678.29156.140258148311993@webmail.messagingengine.com> References: <1317138678.29156.140258148311993@webmail.messagingengine.com> Message-ID: <4E8207F5.2070105@whyscream.net> On 27/09/11 17:51, terryjames9461 at mm.st wrote: > Hello, > > I'm moving my mail server from Exchange to an opensource one. > > After a bunch of reading, I decided on building a Dovecot2 + Postfix > server in a VirtualUsers-only + Multiple-domains configuration. > > Since my messages will be stored by Dovecot, and the documentation is > really good, I figured that it's smartest to configure Dovecot, then > make Postfix 'fit' to it, sharing the data files that way. > > I read through lots of the Dovecot wiki for v2. > > There are many ways for storing the database data. My goal is to only > have data in one instances, used by both Postfix & Dovecot. > > I'm a little confused about: to do that sharing-in-one-place, do I have > to use SQL or can I use the flatfiles like passwd-db? I think for sure > someone already decided the best approach for this, and maybe I'm not > understanding the logic to it. > > The data I think I need to share are: > > users (user at domain.com) > passwords > user aliases (mapping user2 at domain.com -> user1 at domain.com) > domains > domain aliases (domain.com also receives email for domain2.com) > > And I think all of this can be in passwd-db in Dovecot. But I also want > to make sure that Postfix ONLY accepts email for users/domains that > exist, so it has to read that data too. > > Can I do this that way with the flatfiles? Or do I have to use the SQL > approach? > The problem with passwd(like) files is that they are almost never in the correct format to fit both daemons. The easiest way to use a database. You could check out postfixadmin: it contains the database format you need, the documentation to hook postfix and dovecot into it, and a nice web gui for administrating the list of domains, aliases, mailboxes, passwords, etc etc. -- Tom From lists at wildgooses.com Tue Sep 27 21:06:22 2011 From: lists at wildgooses.com (Ed W) Date: Tue, 27 Sep 2011 19:06:22 +0100 Subject: [Dovecot] outlook 2007 very slow. In-Reply-To: References: <4E77CA5A.6010506@tlinx.org> Message-ID: <4E82109E.2000600@wildgooses.com> On 20/09/2011 03:10, Kui Zhang wrote: > thunderbird does not really work for us, due to amount of emails per > mailbox. It was hogging all the memory + cpu. I think if you disable the new local indexing features in TB then it should start running fairly decently? I don't have mega large inboxes, but basically no real concerns with my normal inboxes which are around the 44K level at the largest and the remainder around 10K-15K Obviously it's a whole new problem to push out company wide configuration with the local indexing/download stuff disabled, but I think there is some ability to do this in newer versions? Good luck Ed W From CMarcus at Media-Brokers.com Tue Sep 27 21:21:06 2011 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Tue, 27 Sep 2011 14:21:06 -0400 Subject: [Dovecot] outlook 2007 very slow. In-Reply-To: <4E82109E.2000600@wildgooses.com> References: <4E77CA5A.6010506@tlinx.org> <4E82109E.2000600@wildgooses.com> Message-ID: <4E821412.2040801@Media-Brokers.com> On 2011-09-27 2:06 PM, Ed W wrote: > On 20/09/2011 03:10, Kui Zhang wrote: >> thunderbird does not really work for us, due to amount of emails per >> mailbox. It was hogging all the memory + cpu. > I think if you disable the new local indexing features in TB then it > should start running fairly decently? Also - Outlook is by far much slower than Thunderbird in my experience... -- Best regards, Charles From user+dovecot at localhost.localdomain.org Tue Sep 27 22:46:02 2011 From: user+dovecot at localhost.localdomain.org (Pascal Volk) Date: Tue, 27 Sep 2011 21:46:02 +0200 Subject: [Dovecot] Missing man page for doveadm move In-Reply-To: <4E7B5389.7050907@directi.com> References: <4E7B5389.7050907@directi.com> Message-ID: <4E8227FA.8030608@localhost.localdomain.org> On 09/22/2011 05:26 PM Jeetu wrote: > Hi, > > i cant see man pages for doveadm-move, though the command "doveadm move > ..." works on new version of dovecot. There is the manual page: http://hg.dovecot.org/dovecot-2.0/rev/c194c76b98ff also available in the wiki: http://wiki2.dovecot.org/Tools/Doveadm/Move Regards, Pascal -- The trapper recommends today: c01dcafe.1127021 at localdomain.org From nick+dovecot at bunbun.be Tue Sep 27 22:47:29 2011 From: nick+dovecot at bunbun.be (Nick Rosier) Date: Tue, 27 Sep 2011 21:47:29 +0200 Subject: [Dovecot] What best decision to make for flatfiles or SQL when I use Dovecot2 + Postfix together? In-Reply-To: <4E8207F5.2070105@whyscream.net> References: <1317138678.29156.140258148311993@webmail.messagingengine.com> <4E8207F5.2070105@whyscream.net> Message-ID: <4E822851.1030000@bunbun.be> Tom Hendrikx wrote: > On 27/09/11 17:51, terryjames9461 at mm.st wrote: >> Hello, >> >> I'm moving my mail server from Exchange to an opensource one. >> >> After a bunch of reading, I decided on building a Dovecot2 + Postfix >> server in a VirtualUsers-only + Multiple-domains configuration. >> >> Since my messages will be stored by Dovecot, and the documentation is >> really good, I figured that it's smartest to configure Dovecot, then >> make Postfix 'fit' to it, sharing the data files that way. >> >> I read through lots of the Dovecot wiki for v2. >> >> There are many ways for storing the database data. My goal is to only >> have data in one instances, used by both Postfix& Dovecot. >> >> I'm a little confused about: to do that sharing-in-one-place, do I have >> to use SQL or can I use the flatfiles like passwd-db? I think for sure >> someone already decided the best approach for this, and maybe I'm not >> understanding the logic to it. >> >> The data I think I need to share are: >> >> users (user at domain.com) >> passwords >> user aliases (mapping user2 at domain.com -> user1 at domain.com) >> domains >> domain aliases (domain.com also receives email for domain2.com) >> >> And I think all of this can be in passwd-db in Dovecot. But I also want >> to make sure that Postfix ONLY accepts email for users/domains that >> exist, so it has to read that data too. >> >> Can I do this that way with the flatfiles? Or do I have to use the SQL >> approach? >> > > The problem with passwd(like) files is that they are almost never in the > correct format to fit both daemons. The easiest way to use a database. > > You could check out postfixadmin: it contains the database format you > need, the documentation to hook postfix and dovecot into it, and a nice > web gui for administrating the list of domains, aliases, mailboxes, > passwords, etc etc. +1 one on PostfixAdmin. Wouldn't want to live without it. The main advantage of using a DB is that all information is stored in 1 location and available in the right format through SQL-queries. My 1st config used flat-files and the biggest issue was keeping the different files in sync (i.e. when creating/deleting users making sure to update all the necessary files). My main concern was losing mails if the DB is unavailable but this isn't a problem; if the DB is unavailable Postfix will return a temporarily unavailable and the MTA should retry. Rgds, N. From voytek at sbt.net.au Tue Sep 27 23:27:06 2011 From: voytek at sbt.net.au (Voytek) Date: Wed, 28 Sep 2011 07:27:06 +1100 Subject: [Dovecot] What best decision to make for flatfiles or SQL when I use Dovecot2 + Postfix together? In-Reply-To: <1317138678.29156.140258148311993@webmail.messagingengine.com> References: <1317138678.29156.140258148311993@webmail.messagingengine.com> Message-ID: On Wed, September 28, 2011 2:51 am, terryjames9461 at mm.st wrote: > I'm a little confused about: to do that sharing-in-one-place, do I have > to use SQL or can I use the flatfiles like passwd-db? I think for sure > someone already decided the best approach for this, and maybe I'm not > understanding the logic to it. personally, I'd suggest SQL, that's what I use, used it with CourierIMAP/Postfix, now, with Dovecot/Postfix, it works well, I also use Postfix.admin, for, well, admin Voytek From voytek at sbt.net.au Tue Sep 27 23:32:31 2011 From: voytek at sbt.net.au (Voytek) Date: Wed, 28 Sep 2011 07:32:31 +1100 Subject: [Dovecot] What best decision to make for flatfiles or SQL when I use Dovecot2 + Postfix together? In-Reply-To: <4E822851.1030000@bunbun.be> References: <1317138678.29156.140258148311993@webmail.messagingengine.com> <4E8207F5.2070105@whyscream.net> <4E822851.1030000@bunbun.be> Message-ID: On Wed, September 28, 2011 6:47 am, Nick Rosier wrote: > My main concern was losing mails if the DB is unavailable but this isn't > a problem; if the DB is unavailable Postfix will return a temporarily > unavailable and the MTA should retry. yes, that was also my biggest concern when I 1st looked at the issue, after several years of usage, it still remain my biggest concern luckily, it's just a concern, never caused a problem, and, mail will queue up if there are issues From kuizhang at gmail.com Wed Sep 28 00:50:39 2011 From: kuizhang at gmail.com (Kui Zhang) Date: Tue, 27 Sep 2011 14:50:39 -0700 Subject: [Dovecot] outlook 2007 very slow. In-Reply-To: <4E821412.2040801@Media-Brokers.com> References: <4E77CA5A.6010506@tlinx.org> <4E82109E.2000600@wildgooses.com> <4E821412.2040801@Media-Brokers.com> Message-ID: > I think if you disable the new local indexing features in TB then it > should start running fairly decently? I had indexing disabled... that did not help much. TB work better after I have these settings... mail.imap.expunge_after_delete true mail.imap.expunge_option 2 mail.server.default.autosync_offline_stores false mail.server.default.offline_download false mail.server.default.autosync_max_age_days 14 I think mail.imap.expunge_after_delete might have caused mdbox limit problem I had before... but not confirmed. > > Also - Outlook is by far much slower than Thunderbird in my experience... > Multiple people in the office report outlook is faster (when it works). KuiZ On Tue, Sep 27, 2011 at 11:21 AM, Charles Marcus wrote: > On 2011-09-27 2:06 PM, Ed W wrote: >> >> On 20/09/2011 03:10, Kui Zhang wrote: >>> >>> thunderbird does not really work for us, due to amount of emails per >>> mailbox. It was hogging all the memory + cpu. > >> I think if you disable the new local indexing features in TB then it >> should start running fairly decently? > > Also - Outlook is by far much slower than Thunderbird in my experience... > > -- > > Best regards, > > Charles > From terryjames9461 at mm.st Wed Sep 28 01:00:29 2011 From: terryjames9461 at mm.st (terryjames9461 at mm.st) Date: Tue, 27 Sep 2011 15:00:29 -0700 Subject: [Dovecot] What best decision to make for flatfiles or SQL when I use Dovecot2 + Postfix together? In-Reply-To: <4E8207F5.2070105@whyscream.net> References: <1317138678.29156.140258148311993@webmail.messagingengine.com> <4E8207F5.2070105@whyscream.net> Message-ID: <1317160829.10644.140258148445373@webmail.messagingengine.com> Hello Tom, On Tuesday, September 27, 2011 7:29 PM, "Tom Hendrikx" wrote: > The problem with passwd(like) files is that they are almost never in the > correct format to fit both daemons. The easiest way to use a database. I don't yet see using a database easier than flatfiles. I understand that the one-instance data is done well in a database. But also I found this page at the Dovecot wiki, http://wiki2.dovecot.org/HowTo/VirtualUserFlatFilesPostfix. I keep rereading it and I think that it tells me that I can do this with flatfiles only. I think its this section, http://wiki2.dovecot.org/HowTo/VirtualUserFlatFilesPostfix#Master_Configuration, that tells how to share data with Postfix. Except there's also LMTP which I haven't figured out how to do it yet. For only 3 domains and 30 users its silly to have to run a mysql database. But who knows yet if I an reading this right, and if sharing flatfiles are possible? Its confusing to read and understand. TJ From patrickdk at patrickdk.com Wed Sep 28 01:02:13 2011 From: patrickdk at patrickdk.com (Patrick Domack) Date: Tue, 27 Sep 2011 18:02:13 -0400 Subject: [Dovecot] What best decision to make for flatfiles or SQL when I use Dovecot2 + Postfix together? In-Reply-To: References: <1317138678.29156.140258148311993@webmail.messagingengine.com> <4E8207F5.2070105@whyscream.net> <4E822851.1030000@bunbun.be> Message-ID: <20110927180213.Horde.ayLBaZLnE6FOgkflBICBR6A@kishi.patrickdk.com> For my personal email, I have a habit of having the sql server down for one reason or another. I just dump the sql tables to flatfiles on the email server, and a script runs every 15min and checks for updates if any exist. Works well. Another method would be to just keep it sql, but dump the mysql tables into sqlite tables that postfix/dovecot use. Quoting Voytek : > On Wed, September 28, 2011 6:47 am, Nick Rosier wrote: > >> My main concern was losing mails if the DB is unavailable but this isn't >> a problem; if the DB is unavailable Postfix will return a temporarily >> unavailable and the MTA should retry. > > yes, that was also my biggest concern when I 1st looked at the issue, > after several years of usage, it still remain my biggest concern > > luckily, it's just a concern, never caused a problem, and, mail will queue > up if there are issues From patrickdk at patrickdk.com Wed Sep 28 01:06:32 2011 From: patrickdk at patrickdk.com (Patrick Domack) Date: Tue, 27 Sep 2011 18:06:32 -0400 Subject: [Dovecot] What best decision to make for flatfiles or SQL when I use Dovecot2 + Postfix together? In-Reply-To: <1317160829.10644.140258148445373@webmail.messagingengine.com> References: <1317138678.29156.140258148311993@webmail.messagingengine.com> <4E8207F5.2070105@whyscream.net> <1317160829.10644.140258148445373@webmail.messagingengine.com> Message-ID: <20110927180632.Horde.jPUpZZLnE6FOgkjoSa5RRHA@kishi.patrickdk.com> Well, the info dovecot needs, it mailbox name/location, username, password, and quota, misc info. postfix will need email address to mailbox name mapping info. That is the very basic things you need. Using dovecot lda/lmtp you remove all postfix needs to know mailbox name to directory mapping, that would be duplicated. Quoting terryjames9461 at mm.st: > Hello Tom, > > On Tuesday, September 27, 2011 7:29 PM, "Tom Hendrikx" > wrote: >> The problem with passwd(like) files is that they are almost never in the >> correct format to fit both daemons. The easiest way to use a database. > > I don't yet see using a database easier than flatfiles. I understand > that the one-instance data is done well in a database. > > But also I found this page at the Dovecot wiki, > http://wiki2.dovecot.org/HowTo/VirtualUserFlatFilesPostfix. I keep > rereading it and I think that it tells me that I can do this with > flatfiles only. > > I think its this section, > http://wiki2.dovecot.org/HowTo/VirtualUserFlatFilesPostfix#Master_Configuration, > that tells how to share data with Postfix. Except there's also LMTP > which I haven't figured out how to do it yet. > > For only 3 domains and 30 users its silly to have to run a mysql > database. But who knows yet if I an reading this right, and if sharing > flatfiles are possible? Its confusing to read and understand. > > TJ From terryjames9461 at mm.st Wed Sep 28 01:08:14 2011 From: terryjames9461 at mm.st (terryjames9461 at mm.st) Date: Tue, 27 Sep 2011 15:08:14 -0700 Subject: [Dovecot] What best decision to make for flatfiles or SQL when I use Dovecot2 + Postfix together? In-Reply-To: <4E822851.1030000@bunbun.be> References: <1317138678.29156.140258148311993@webmail.messagingengine.com><4E8207F5.2070105@whyscream.net> <4E822851.1030000@bunbun.be> Message-ID: <1317161294.12320.140258148448633@webmail.messagingengine.com> Hello Nick, On Tuesday, September 27, 2011 9:47 PM, "Nick Rosier" wrote: > +1 one on PostfixAdmin. Wouldn't want to live without it. The main > advantage of using a DB is that all information is stored in 1 location > and available in the right format through SQL-queries. My 1st config > used flat-files and the biggest issue was keeping the different files in > sync (i.e. when creating/deleting users making sure to update all the > necessary files). Did you try that system with flatfiles in Dovecot v2 or v1? I think that this instructed possibility, http://wiki2.dovecot.org/HowTo/VirtualUserFlatFilesPostfix, is only for v2? Its that sync of the different files that I hope to avoid. If I can with flatfiles, all the better. If not then maybe I will have to use SQL. And then the Postfix Admin looks interesting. TJ From terryjames9461 at mm.st Wed Sep 28 01:14:12 2011 From: terryjames9461 at mm.st (terryjames9461 at mm.st) Date: Tue, 27 Sep 2011 15:14:12 -0700 Subject: [Dovecot] What best decision to make for flatfiles or SQL when I use Dovecot2 + Postfix together? In-Reply-To: <20110927180632.Horde.jPUpZZLnE6FOgkjoSa5RRHA@kishi.patrickdk.com> References: <1317138678.29156.140258148311993@webmail.messagingengine.com><4E8207F5.2070105@whyscream.net><1317160829.10644.140258148445373@webmail.messagingengine.com> <20110927180632.Horde.jPUpZZLnE6FOgkjoSa5RRHA@kishi.patrickdk.com> Message-ID: <1317161652.13631.140258148451673@webmail.messagingengine.com> Hello Patrick, On Tuesday, September 27, 2011 6:06 PM, "Patrick Domack" wrote: > Using dovecot lda/lmtp you remove all postfix needs to know mailbox > name to directory mapping, that would be duplicated. With using the Dovecot lmtp option, where does Postfix know to refuse email for a non-existing user or domain? That also has to be shared? I am trying to draw a picture in my head of all the data pieces. Are you saying that when using lmtp the data for Postfix and the data for Dovecot/LMTP do not overlap anymore? Each can have its own flatfiles? TJ From tgoguen at ilap.com Wed Sep 28 01:18:45 2011 From: tgoguen at ilap.com (Tristan Goguen) Date: Tue, 27 Sep 2011 18:18:45 -0400 Subject: [Dovecot] Duplicates when switching from Qpopper to Dovecot pop3 In-Reply-To: References: Message-ID: <2106AB5E-F6ED-431B-8E7B-97D82EC47131@ilap.com> Hi All, Problems can sometimes be solved by _carefully_ reading the documentation: Some clients re-download all mails if you change the hostname in the client configuration. Be aware of this when testing. We converted without a hitch this morning. Thank you for great software. Tristan Tristan Goguen CEO, ILAP? T: 416-250-5600 ext. 205 F: 416-250-6755 tgoguen at ilap.com www.ilap.com On Sep 22, 2011, at 1:01 PM, Tristan Goguen wrote: > > Hi All, > Our test users re-download the mail they've left on the server when they switch from Qpopper to Dovecot. Qpopper includes the X-UIDL header - X-UIDL: X8V"!E)<"!58?"!"9C"! - on read messages. Any suggestions are appreciated. I've included my dovecot configuration. > > Thank you, > Tristan > > --- > Tristan > > Tristan Goguen > CEO, ILAP? > T: 416-250-5600 ext. 205 > F: 416-250-6755 > tgoguen at ilap.com > www.ilap.com > > --- > > # 2.0.14: /etc/dovecot.conf > # OS: SunOS 5.10 sun4v > auth_cache_size = 1048575 B > auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.+-_@ > auth_username_format = %Ln > auth_verbose = yes > base_dir = /usr/local/var/run/dovecot/ > disable_plaintext_auth = no > first_valid_uid = 100 > log_path = /var/log/dovecot.log > login_greeting = > mail_access_groups = mail > mail_fsync = never > mail_location = mbox:~/mail:INBOX=/var/mail/%1u/%1.1u/%u > mbox_dotlock_change_timeout = 1 mins > mbox_min_index_size = 1 B > mbox_read_locks = dotlock > mbox_write_locks = dotlock > mmap_disable = yes > passdb { > driver = shadow > } > protocols = pop3 > service pop3-login { > client_limit = 10 > inet_listener pop3 { > address = 216.223.136.7 > port = 110 > } > process_limit = 128 > process_min_avail = 5 > service_count = 0 > vsz_limit = 512 M > } > shutdown_clients = no > ssl = no > userdb { > args = blocking=yes > driver = passwd > } > protocol pop3 { > pop3_client_workarounds = outlook-no-nuls oe-ns-eoh > pop3_enable_last = yes > pop3_lock_session = yes > pop3_reuse_xuidl = yes > pop3_save_uidl = yes > } > > From dovecot.user at seibercom.net Wed Sep 28 01:42:09 2011 From: dovecot.user at seibercom.net (Jerry) Date: Tue, 27 Sep 2011 18:42:09 -0400 Subject: [Dovecot] outlook 2007 very slow. In-Reply-To: References: <4E77CA5A.6010506@tlinx.org> <4E82109E.2000600@wildgooses.com> <4E821412.2040801@Media-Brokers.com> Message-ID: <20110927184209.504e9c90@scorpio> On Tue, 27 Sep 2011 14:50:39 -0700 Kui Zhang articulated: > On Tue, Sep 27, 2011 at 11:21 AM, Charles Marcus > wrote: > > On 2011-09-27 2:06 PM, Ed W wrote: > >> > >> On 20/09/2011 03:10, Kui Zhang wrote: > >>> > >>> thunderbird does not really work for us, due to amount of emails > >>> per mailbox. It was hogging all the memory + cpu. > > > >> I think if you disable the new local indexing features in TB then > >> it should start running fairly decently? > > > > Also - Outlook is by far much slower than Thunderbird in my > > experience... > > > > I think if you disable the new local indexing features in TB then it > > should start running fairly decently? > > I had indexing disabled... that did not help much. > > TB work better after I have these settings... > > mail.imap.expunge_after_delete true > mail.imap.expunge_option 2 > mail.server.default.autosync_offline_stores false > mail.server.default.offline_download false > mail.server.default.autosync_max_age_days 14 > > I think mail.imap.expunge_after_delete might have caused mdbox limit > problem I had before... but not confirmed. > > > > > > Also - Outlook is by far much slower than Thunderbird in my > > experience... > > > > Multiple people in the office report outlook is faster (when it > works). I have always found Outlook to be much faster than TB. In any case, Outlook 2007 is an old version. I am using the 2010 version at work and it is a much more polished application than the 2010 version and far superior to TB. -- Jerry ? Dovecot.user at seibercom.net Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __________________________________________________________________ From patrickdk at patrickdk.com Wed Sep 28 04:41:37 2011 From: patrickdk at patrickdk.com (Patrick Domack) Date: Tue, 27 Sep 2011 21:41:37 -0400 Subject: [Dovecot] What best decision to make for flatfiles or SQL when I use Dovecot2 + Postfix together? In-Reply-To: <1317161652.13631.140258148451673@webmail.messagingengine.com> References: <1317138678.29156.140258148311993@webmail.messagingengine.com><4E8207F5.2070105@whyscream.net><1317160829.10644.140258148445373@webmail.messagingengine.com> <20110927180632.Horde.jPUpZZLnE6FOgkjoSa5RRHA@kishi.patrickdk.com> <1317161652.13631.140258148451673@webmail.messagingengine.com> Message-ID: <20110927214137.Horde.Bx9rKpLnE6FOgntRdGVQihA@kishi.patrickdk.com> Depends on how you think about it. If you forget about email addresses. Dovecot works on mailbox's, and it maps a mailbox to a path, username, and password. In postfix, it only cares about email addresses (if you use dovecot for delivery, if not then postfix also has to care about the mailbox location). In this case you just tell postfix the email addresses that are valid, and what mailbox they go to. So normally most users would just have a 1 to 1 mapping in postfix, email -> email, as their email address will be the same as their mailbox. But then you might have extra, like, sales at x -> user at x All depends on how flexable or simple you want it later. You could just manage two flatfiles. Or you could have it create the 1 to 1 mapping automatically with a script, and just do the extra mappings seperate. Or do the whole thing in sql, and use like postfixadmin to manage it all. Or even use postfixadmin, and have a script pull the results into flatfiles that it uses. It all depends on how much time and energy you want to spend in setting it up, vs the flexibility you in vision you need later. I do it 3 different ways, on different systems, one is just sql fully, nothing interesting. My personal email is sql, but dumped to local flatfiles. And another system I pull the info from windows AD. Quoting terryjames9461 at mm.st: > Hello Patrick, > > On Tuesday, September 27, 2011 6:06 PM, "Patrick Domack" > wrote: >> Using dovecot lda/lmtp you remove all postfix needs to know mailbox >> name to directory mapping, that would be duplicated. > > With using the Dovecot lmtp option, where does Postfix know to refuse > email for a non-existing user or domain? That also has to be shared? > > I am trying to draw a picture in my head of all the data pieces. Are > you saying that when using lmtp the data for Postfix and the data for > Dovecot/LMTP do not overlap anymore? Each can have its own flatfiles? > > > TJ From terry at cnysupport.com Wed Sep 28 06:41:31 2011 From: terry at cnysupport.com (Terry Carmen) Date: Tue, 27 Sep 2011 23:41:31 -0400 Subject: [Dovecot] Virtual Folder configuration problem. In-Reply-To: <4E808064.9050005@Media-Brokers.com> References: <20110924213056.Horde.qHIQRFeGiNBOfoRQjGNhvJA@www.cnysupport.com> <4E808064.9050005@Media-Brokers.com> Message-ID: <20110927234131.Horde.q0raU1eGiNBOgpdraHYkUUA@www.cnysupport.com> >> Does anybody have any suggestions? > > Upgrade - which probably won't fix your problem, but because the > version you're using is so old should be considered a requirement > before asking for further help. OK, I upgraded to the current version of Dovecot, which didn't actually fix anything. However I spent pretty much an entire day experimenting and reading docs from all over the net, I came up with something that more-or-less works, although it still behaves a touch strangely. I added the following code: dovecot.conf: mail_plugins = $mail_plugins virtual namespace { list = yes type = private prefix = virtual-folders. separator = . location = virtual:~/Maildir/virtual-folders } 10-mail.conf: namespace { separator = . prefix = inbox = yes } 10-lda.conf mail_plugins = $mail_plugins sieve virtual 20-imap.conf mail_plugins = $mail_plugins virtual The directory virtual-folders appears inside the ~/Maildir folder and contains the file dovecot-virtual, which contains: # ~/Maildir/dovecot-virtual INBOX INBOX.Folder1 INBOX.Folder1.* INBOX.Folder2 INBOX.Folder2.* unseen This actually works, although the subscription to the virtual folder vanishes with each logout, and need to be re-subscribed with each login. Also, the virtual folder appears as "virtual-folder" in the client, at the same level as INBOX. I'd like to make move it under INBOX and place other virtual folders inside it, but haven't been able to find the right configuration. I would appreciate any hints on where to look to make the subscription permanent and to make a folder structure containing virtual-folder sub-nodes for various search criteria. Any assistance is appreciated. Thanks! Terry From stan at hardwarefreak.com Wed Sep 28 08:42:15 2011 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Wed, 28 Sep 2011 00:42:15 -0500 Subject: [Dovecot] outlook 2007 very slow. In-Reply-To: References: <4E77CA5A.6010506@tlinx.org> <4E82109E.2000600@wildgooses.com> <4E821412.2040801@Media-Brokers.com> Message-ID: <4E82B3B7.2020301@hardwarefreak.com> On 9/27/2011 4:50 PM, Kui Zhang wrote: >> I think if you disable the new local indexing features in TB then it >> should start running fairly decently? > > I had indexing disabled... that did not help much. > > TB work better after I have these settings... > > mail.imap.expunge_after_delete true > mail.imap.expunge_option 2 > mail.server.default.autosync_offline_stores false > mail.server.default.offline_download false > mail.server.default.autosync_max_age_days 14 > > I think mail.imap.expunge_after_delete might have caused mdbox limit > problem I had before... but not confirmed. What, exactly, was the nature of the performance problem you originally mentioned to start this thread, the mailbox with the thousands of sub folders? With GLODA and local synchronization disabled, using 1 IMAP connection instead of the default 5, disabling IDLE and using check interval seconds, and using the default: mail.server.default.check_all_folders_for_new FALSE then you should have excellent performance with TB regardless of the number of folders in a mailbox. Unless maybe the hardware or net pipe are lacking. What are the specs of the client machine in question? What CPU/freq. Maybe more importantly, what is the link speed of the network between this PC and the Dovecot server? LAN or WAN? -- Stan From terryjames9461 at mm.st Wed Sep 28 09:08:03 2011 From: terryjames9461 at mm.st (terryjames9461 at mm.st) Date: Tue, 27 Sep 2011 23:08:03 -0700 Subject: [Dovecot] What best decision to make for flatfiles or SQL when I use Dovecot2 + Postfix together? In-Reply-To: <20110927214137.Horde.Bx9rKpLnE6FOgntRdGVQihA@kishi.patrickdk.com> References: <1317138678.29156.140258148311993@webmail.messagingengine.com><4E8207F5.2070105@whyscream.net><1317160829.10644.140258148445373@webmail.messagingengine.com><20110927180632.Horde.jPUpZZLnE6FOgkjoSa5RRHA@kishi.patrickdk.com><1317161652.13631.140258148451673@webmail.messagingengine.com> <20110927214137.Horde.Bx9rKpLnE6FOgntRdGVQihA@kishi.patrickdk.com> Message-ID: <1317190083.25639.140258148566589@webmail.messagingengine.com> Hello Patrick, On Tuesday, September 27, 2011 9:41 PM, "Patrick Domack" wrote: > It all depends on how much time and energy you want to spend in > setting it up, vs the flexibility you in vision you need later. This is the intersection of the decision. I still am no sure if that simple flatfile dream of one-instance data can be done. I think I am going to have to try it a number of times becuase I dont see a certain answer, yes or no. Can you may be explain more what you do with your case that you dump SQL to flatfile? I don't see why that would ever be a benefit and am interested in understanding that. I think I am worried about using SQL a bit because it is not something that I think I can edit so quickly as I do text files. And also like you others, losing data when things are corrupted. TJ From dlie76 at yahoo.com.au Wed Sep 28 09:37:32 2011 From: dlie76 at yahoo.com.au (Daminto Lie) Date: Tue, 27 Sep 2011 23:37:32 -0700 (PDT) Subject: [Dovecot] deliver LDA issue with setuid-root Message-ID: <1317191852.67316.YahooMailNeo@web113415.mail.gq1.yahoo.com> Hi, I am getting the following error message when trying to implement LDA Dovecot 1.2.9 with virtual users: Sep 28 15:59:33 server1 postfix/pipe[3041]: 28BEC2400A1: to=, relay=dovecot, delay=2361, delays=2361/0.01/0/0.03, dsn=4.3.0, status=deferred (temporary failure. Command output: /usr/lib/dovecot/deliver must not be both world-executable and setuid-root. This allows root exploits. See http://wiki.dovecot.org/LDA#multipleuids ) I do not know if I need to change the group to secmail. Currently, I have as follows -rwsr-xr-x?? 1 root root 933796 2011-06-10 05:36 deliver Can I change it to any other group apart from secmail? and what does it mean by world-executable? Sorry if I ask a silly question here but keen to learn more about linux. Here is my dovecot.conf log_timestamp: %Y-%m-%d %H:%M:%S protocols: imap listen: *:143 ssl: no disable_plaintext_auth: no login_dir: /var/run/dovecot/login login_executable: /usr/lib/dovecot/imap-login verbose_proctitle: yes first_valid_uid: 106 last_valid_uid: 200 mail_privileged_group: mail mail_location: maildir:/home/vmail/%u/Maildir mbox_write_locks: fcntl dotlock mail_plugins: quota imap_quota imap_client_workarounds: outlook-idle delay-newmail netscape-eoh tb-extra-mailbox-sep lda: ? postmaster_address: postmaster at example.com ? mail_plugins: quota ? sendmail_path: /usr/lib/sendmail ? rejection_reason: Your message to <%t> was automatically rejected:%n%r auth default: ? mechanisms: plain login ? username_format: %Lu ? verbose: yes ? debug: yes ? debug_passwords: yes ? passdb: ??? driver: pam ? passdb: ??? driver: ldap ??? args: /etc/dovecot/dovecot-ldap.conf ? userdb: ??? driver: prefetch ? userdb: ??? driver: passwd ? userdb: ??? driver: static ??? args: uid=106 gid=1010 home=/home/vmail/%u ? socket: ??? type: listen ??? client: ????? path: /var/spool/postfix/private/auth ????? mode: 432 ????? user: postfix ????? group: mail ??? master: ????? path: /var/run/dovecot-auth-master ????? mode: 432 ????? user: vmail ????? group: vmail plugin: ? quota: maildir ? quota_rule: *:storage=3GB ? quota_rule2: Trash:storage=20%% ? quota_rule3: Spam:storage=10%% ? quota_warning: storage=95%% /usr/local/bin/quota-warning.sh 95 ? quota_warning2: storage=80%% /usr/local/bin/quota-warning.sh 80 Here is my master.cf # delivery through dovecot dovecot?? unix? -?????? n?????? n?????? -?????? -?????? pipe ? flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${recipient} Any help would be greatly appreciated. Thank you From janfrode at tanso.net Wed Sep 28 09:44:24 2011 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Wed, 28 Sep 2011 08:44:24 +0200 Subject: [Dovecot] What best decision to make for flatfiles or SQL when I use Dovecot2 + Postfix together? In-Reply-To: <1317138678.29156.140258148311993@webmail.messagingengine.com> References: <1317138678.29156.140258148311993@webmail.messagingengine.com> Message-ID: <20110928064424.GA31755@oc1046828364.ibm.com> On Tue, Sep 27, 2011 at 08:51:18AM -0700, terryjames9461 at mm.st wrote: > > I'm a little confused about: to do that sharing-in-one-place, do I have > to use SQL or can I use the flatfiles like passwd-db? I think for sure > someone already decided the best approach for this, and maybe I'm not > understanding the logic to it. Best approach is probably to store this in an ldap-directory. Then you can easily have multi-master replication, and avoid any single point of failure for your database. Both postfix and dovecot will be able to lookup the data using ldap. -jf From dovecot.user at seibercom.net Wed Sep 28 15:02:05 2011 From: dovecot.user at seibercom.net (Jerry) Date: Wed, 28 Sep 2011 08:02:05 -0400 Subject: [Dovecot] What best decision to make for flatfiles or SQL when I use Dovecot2 + Postfix together? In-Reply-To: <20110928064424.GA31755@oc1046828364.ibm.com> References: <1317138678.29156.140258148311993@webmail.messagingengine.com> <20110928064424.GA31755@oc1046828364.ibm.com> Message-ID: <20110928080205.5d621f20@scorpio> On Wed, 28 Sep 2011 08:44:24 +0200 Jan-Frode Myklebust articulated: > On Tue, Sep 27, 2011 at 08:51:18AM -0700, terryjames9461 at mm.st wrote: > > > > I'm a little confused about: to do that sharing-in-one-place, do I > > have to use SQL or can I use the flatfiles like passwd-db? I > > think for sure someone already decided the best approach for this, > > and maybe I'm not understanding the logic to it. > > Best approach is probably to store this in an ldap-directory. Then you > can easily have multi-master replication, and avoid any single point > of failure for your database. Both postfix and dovecot will be able to > lookup the data using ldap. While "ldap" may be fine for some users; personally, I have had nothing but catastrophic results when attempting to use it. I am fully aware that the main problem is that I am not truly "ldap" proficient. For the end user who needs an easy to maintain database I would unequivocally recommend MySQL. It has the added bonus of not requiring that Postfix (and I am not sure about Dovecot) be restarted if the database is changed. In Postfix, this also eliminates the requirement that "postmap" be run on the edited files prior to restarting Postfix. Just my unsolicited 2?. -- Jerry ? Dovecot.user at seibercom.net Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __________________________________________________________________ From ra at rz.uni-frankfurt.de Wed Sep 28 15:33:33 2011 From: ra at rz.uni-frankfurt.de (ra at rz.uni-frankfurt.de) Date: Wed, 28 Sep 2011 14:33:33 +0200 Subject: [Dovecot] Problems running Dovecot 1.2.17 on AIX Message-ID: <4E83141D.90306@rz.uni-frankfurt.de> Hello, we have a problem getting Dovecot 1.2.17 to work on one of our AIX-Machines (AIX 5.3). Dovecot compiles fine, but if we try to run it we get strange library dependency problems such as the following: [root at localhost dovecot-test]# /local/dovecot-test/sbin/dovecot -F -c /local/dovecot-test/etc/dovecot.clients.conf Edlopen(/local/dovecot-test/lib/dovecot/imap/lib01_acl_plugin.so) failed: rtld: 0712-001 Symbol bsearch_strcmp was referenced from module /local/dovecot-test/lib/dovecot/imap/lib01_acl_plugin.so(), but a runtime definition of the symbol was not found. rtld: 0712-001 Symbol safe_mkstemp_group was referenced from module /local/dovecot-test/lib/dovecot/imap/lib01_acl_plugin.so(), but a runtime definition of the symbol was not found. rtld: 0712-001 Symbol mail_user_module_register was referenced from module /local/dovecot-test/lib/dovecot/imap/lib01_acl_plugin.so(), but a runtime definition of the symbol was not found. rtld: 0712-001 Symbol dict_iterate_init was referenced from module /local/dovecot-test/lib/dovecot/imap/lib01_acl_plugin.so(), but a runtime definition of the symbol was not found. rtld: 0712-001 Symbol dict_iterate was referenced from module /local/dovecot-test/lib/dovecot/imap/lib01_acl_plugin.so(), but a runtime definition of the symbol was not found. rtld: 0712-001 Symbol dict_iterate_deinit was referenced from module /local/dovecot-test/lib/dovecot/imap/lib01_acl_plugin.so(), but a runtime definition of the symbol was not found. rtld: 0712-001 Symbol i_strcmp_p was referenced from module /local/dovecot-test/lib/dovecot/imap/lib01_acl_plugin.so(), but a runtime definition of the symbol was not found. Additional errors occurred but are not reported. FCouldn't load required plugins We tried to use the compiler-script as described on the wiki (http://wiki1.dovecot.org/AixPluginsSupport) and we tried to compile dovecot with gcc instead of xlc. We even tried it on another host running AIX 5.3 but dovecot still fails with the runtime linker complaining about missing runtime definitions. Any hint/help would be appreciated. Thanks in advance Manuel From robert at schetterer.org Wed Sep 28 16:02:51 2011 From: robert at schetterer.org (Robert Schetterer) Date: Wed, 28 Sep 2011 15:02:51 +0200 Subject: [Dovecot] What best decision to make for flatfiles or SQL when I use Dovecot2 + Postfix together? In-Reply-To: <1317138678.29156.140258148311993@webmail.messagingengine.com> References: <1317138678.29156.140258148311993@webmail.messagingengine.com> Message-ID: <4E831AFB.9000603@schetterer.org> Am 27.09.2011 17:51, schrieb terryjames9461 at mm.st: > Hello, > > I'm moving my mail server from Exchange to an opensource one. > > After a bunch of reading, I decided on building a Dovecot2 + Postfix > server in a VirtualUsers-only + Multiple-domains configuration. > > Since my messages will be stored by Dovecot, and the documentation is > really good, I figured that it's smartest to configure Dovecot, then > make Postfix 'fit' to it, sharing the data files that way. > > I read through lots of the Dovecot wiki for v2. > > There are many ways for storing the database data. My goal is to only > have data in one instances, used by both Postfix & Dovecot. > > I'm a little confused about: to do that sharing-in-one-place, do I have > to use SQL or can I use the flatfiles like passwd-db? I think for sure > someone already decided the best approach for this, and maybe I'm not > understanding the logic to it. > > The data I think I need to share are: > > users (user at domain.com) > passwords > user aliases (mapping user2 at domain.com -> user1 at domain.com) > domains > domain aliases (domain.com also receives email for domain2.com) > > And I think all of this can be in passwd-db in Dovecot. But I also want > to make sure that Postfix ONLY accepts email for users/domains that > exist, so it has to read that data too. > > Can I do this that way with the flatfiles? Or do I have to use the SQL > approach? > > > TJ i do it all with postfixadmin and mysql, in my eyes you could use plain flat files , if your the only on who admins i.e over ssh etc but if you want a customer friendly mailserver, with parted superadmin/domainadmin/user administration over some i.e. http gui you should better use sql and/or ldap stuff -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria From CMarcus at Media-Brokers.com Wed Sep 28 16:03:18 2011 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Wed, 28 Sep 2011 09:03:18 -0400 Subject: [Dovecot] outlook 2007 very slow. In-Reply-To: <20110927184209.504e9c90@scorpio> References: <4E77CA5A.6010506@tlinx.org> <4E82109E.2000600@wildgooses.com> <4E821412.2040801@Media-Brokers.com> <20110927184209.504e9c90@scorpio> Message-ID: <4E831B16.4050607@Media-Brokers.com> On 2011-09-27 6:42 PM, Jerry wrote: > I have always found Outlook to be much faster than TB. In any case, > Outlook 2007 is an old version. I am using the 2010 version at work and > it is a much more polished application than the 2010 version and far > superior to TB. That's funny - I find Outlooks email UI to be horrible. And HTML support relies on Word's HTML rendering engine? Give me a break... Outlook's calendar is definitely superior, but as an email client it is only useful when it is used in a full blown Exchange environment. As an IMAP client, it blows chunks. -- Best regards, Charles From nick+dovecot at bunbun.be Wed Sep 28 16:04:17 2011 From: nick+dovecot at bunbun.be (Nick Rosier) Date: Wed, 28 Sep 2011 15:04:17 +0200 Subject: [Dovecot] What best decision to make for flatfiles or SQL when I use Dovecot2 + Postfix together? In-Reply-To: <1317161294.12320.140258148448633@webmail.messagingengine.com> References: <1317138678.29156.140258148311993@webmail.messagingengine.com><4E8207F5.2070105@whyscream.net> <4E822851.1030000@bunbun.be> <1317161294.12320.140258148448633@webmail.messagingengine.com> Message-ID: <4E831B51.9040308@bunbun.be> terryjames9461 at mm.st wrote: > Hello Nick, > > On Tuesday, September 27, 2011 9:47 PM, "Nick Rosier" > wrote: > >> +1 one on PostfixAdmin. Wouldn't want to live without it. The main >> advantage of using a DB is that all information is stored in 1 location >> and available in the right format through SQL-queries. My 1st config >> used flat-files and the biggest issue was keeping the different files in >> sync (i.e. when creating/deleting users making sure to update all the >> necessary files). > > Did you try that system with flatfiles in Dovecot v2 or v1? I think that > this instructed possibility, > http://wiki2.dovecot.org/HowTo/VirtualUserFlatFilesPostfix, is only for > v2? This was back with v1. It was working with a little script I wrote. A problem was delegating management of all the domains. My servers hosts a number of domains which are owned by different people (family+friends). With PostfixAdmin you can define which user administers which domains (another perk). > > Its that sync of the different files that I hope to avoid. If I can > with flatfiles, all the better. If not then maybe I will have to use > SQL. And then the Postfix Admin looks interesting. An additional advantage I found with PostfixAdmin is the possibility to run post-creation/editing/deleting scripts on mailboxes and domains. I'm using Amavisd-new and have the post-creation script create users in the Amavis-DB with e.g. the default policies for a user and populating some tables used by other tools (quarReminder etc...). Rgds, N. PS: my mailserver only hosts a couple of domains and less than 100 mailboxes. I could have done this with flat-files but the possibility to delegate mailbox creation/deletion to the domain owners was worth the "trouble" using a DB which I was using anyway for other services. From simon.brereton at buongiorno.com Wed Sep 28 16:49:49 2011 From: simon.brereton at buongiorno.com (Simon Brereton) Date: Wed, 28 Sep 2011 09:49:49 -0400 Subject: [Dovecot] What best decision to make for flatfiles or SQL when I use Dovecot2 + Postfix together? In-Reply-To: <1317190083.25639.140258148566589@webmail.messagingengine.com> References: <1317138678.29156.140258148311993@webmail.messagingengine.com><4E8207F5.2070105@whyscream.net><1317160829.10644.140258148445373@webmail.messagingengine.com><20110927180632.Horde.jPUpZZLnE6FOgkjoSa5RRHA@kishi.patrickdk.com><1317161652.13631.140258148451673@webmail.messagingengine.com> <20110927214137.Horde.Bx9rKpLnE6FOgntRdGVQihA@kishi.patrickdk.com> <1317190083.25639.140258148566589@webmail.messagingengine.com> Message-ID: <044601cc7de5$7eb585b0$7c209110$@brereton@buongiorno.com> > -----Original Message----- > From: dovecot-bounces at dovecot.org [mailto:dovecot- > bounces at dovecot.org] On Behalf Of terryjames9461 at mm.st > Hello Patrick, > > On Tuesday, September 27, 2011 9:41 PM, "Patrick Domack" > wrote: > > It all depends on how much time and energy you want to spend in > > setting it up, vs the flexibility you in vision you need later. > > This is the intersection of the decision. I still am no sure if that > simple flatfile dream of one-instance data can be done. I think I am > going to have to try it a number of times becuase I dont see a > certain answer, yes or no. > > Can you may be explain more what you do with your case that you dump > SQL to flatfile? I don't see why that would ever be a benefit and am > interested in understanding that. > > I think I am worried about using SQL a bit because it is not > something that I think I can edit so quickly as I do text files. And > also like you others, losing data when things are corrupted. I have reasonable evidence that I'm by no means a sys-admin or even a linux Guru. But for the past 5 years, I've managed a system like you're trying to build - Postfix/Amavis/SpamAssassin/Dovecot (until recently I was running Courier for the MDA) with an SQL backend. It's never let me down, gives me a web interface (with PHPMyAdmin) to make changes, has 7 domains and about 300 user accounts. Once the set-up is done, you can save a file with a few queries or even build a php page to make common changes (adding domains/users, etc). Backup is easy. For the record, I've never used Postfixadmin - although I hear great things about it. Like the others, I'd recommend going the SQL route - it's easier to maintain and upgrade and it scales. If you don't need it to scale you've lost nothing because it uses virtually no resources, and if you do, you have it. Simon From dovecot.user at seibercom.net Wed Sep 28 17:04:47 2011 From: dovecot.user at seibercom.net (Jerry) Date: Wed, 28 Sep 2011 10:04:47 -0400 Subject: [Dovecot] outlook 2007 very slow. In-Reply-To: <4E831B16.4050607@Media-Brokers.com> References: <4E77CA5A.6010506@tlinx.org> <4E82109E.2000600@wildgooses.com> <4E821412.2040801@Media-Brokers.com> <20110927184209.504e9c90@scorpio> <4E831B16.4050607@Media-Brokers.com> Message-ID: <20110928100447.05f8beee@scorpio> On Wed, 28 Sep 2011 09:03:18 -0400 Charles Marcus articulated: > On 2011-09-27 6:42 PM, Jerry wrote: > > I have always found Outlook to be much faster than TB. In any case, > > Outlook 2007 is an old version. I am using the 2010 version at work > > and it is a much more polished application than the 2010 version > > and far superior to TB. > > That's funny - I find Outlooks email UI to be horrible. And HTML > support relies on Word's HTML rendering engine? Give me a break... > > Outlook's calendar is definitely superior, but as an email client it > is only useful when it is used in a full blown Exchange environment. > As an IMAP client, it blows chunks. Like all things, the usefulness of any application can only be truly measured in the context of the end user's environment. I virtually never use HTML e-mail myself. There are a few publications that I subscribe to that supply their material in HTML format; however, they all also list a URL to view the material. I prefer to use that method instead. E-mail, in my opinion, is a poor environment for HTML. MS Outlook's calender is the best available. I find Outlook's interface easy to use. Then again, I am quite familiar with it so that would only be natural. You fail to mention what version of Outlook you are referring to so there is no way I can gather any useful data from your analysis other to state that I have never used any version of TB that I found as useful as a comparative version of Outlook. If it is Outlook 2007, then perhaps this comparison of products should be restricted to a four year old version of TB also. I think I can safely say without fear of contradiction that, that is not something anyone would readily want to do. In any case, the idiom, "better the devil you know than the devil you don't" is apropos to this thread. -- Jerry ? Dovecot.user at seibercom.net Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __________________________________________________________________ From tompru at jla.rutgers.edu Wed Sep 28 17:09:17 2011 From: tompru at jla.rutgers.edu (Tom Pawlowski) Date: Wed, 28 Sep 2011 10:09:17 -0400 Subject: [Dovecot] 2.0.14 IPC client_limit reached error Message-ID: <20110928140917.GC16725@hawkeye.rutgers.edu> Hi Timo, Upgraded to 2.0.14 last night for the director-related features and I noticed an oddity in the logs: Sep 28 09:53:21 director2 dovecot: master: Warning: service(ipc): client_limit reached, client connections are being dropped Sep 28 09:53:56 director1 dovecot: master: Warning: service(ipc): client_limit reached, client connections are being dropped Sep 28 09:54:23 director2 dovecot: master: Warning: service(ipc): client_limit reached, client connections are being dropped Sep 28 09:55:07 director1 dovecot: master: Warning: service(ipc): client_limit reached, client connections are being dropped Sep 28 09:55:24 director2 dovecot: master: Warning: service(ipc): client_limit reached, client connections are being dropped Sep 28 09:56:08 director1 dovecot: master: Warning: service(ipc): client_limit reached, client connections are being dropped Sep 28 09:56:25 director2 dovecot: master: Warning: service(ipc): client_limit reached, client connections are being dropped Sep 28 09:57:10 director1 dovecot: master: Warning: service(ipc): client_limit reached, client connections are being dropped Sep 28 09:57:26 director2 dovecot: master: Warning: service(ipc): client_limit reached, client connections are being dropped These warnings are only being printed out by the directors. Both the directors and imap/pop3 servers have init scripts with the following ulimits set in the start sections: ulimit -s unlimited ulimit -n 30000 ulimit -u 30000 (We'd get alerts long before resource consumption became an issue) I've been watching the established imap/pop3 connection count on both directors for the past hour and a half and despite these warnings, those counts have grown continuously. The other weird thing is, according the configuration (attached), the ipc service has a client_limit of 0 by default, so we shouldn't be hitting a ceiling anyway, correct? So are these false warnings or something to be concerned about? -- Tom Pawlowski OIT-CSS System Administrator office: Hill 147 email: tompru at jla.rutgers.edu phone: (732) 445-2634 -------------- next part -------------- # 2.0.14: /etc/dovecot/dovecot.conf # OS: Linux 2.6.18-194.32.1.el5 x86_64 CentOS release 5.5 (Final) auth_anonymous_username = anonymous auth_cache_negative_ttl = 1 hours auth_cache_size = 0 auth_cache_ttl = 1 hours auth_debug = no auth_debug_passwords = no auth_default_realm = auth_failure_delay = 2 secs auth_first_valid_uid = 500 auth_gssapi_hostname = auth_krb5_keytab = auth_last_valid_uid = 0 auth_master_user_separator = auth_mechanisms = plain auth_realms = auth_socket_path = auth-userdb auth_ssl_require_client_cert = no auth_ssl_username_from_cert = no auth_use_winbind = no auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@ auth_username_format = auth_username_translation = auth_verbose = no auth_verbose_passwords = no auth_winbind_helper_path = /usr/bin/ntlm_auth auth_worker_max_count = 30 base_dir = /var/run/dovecot config_cache_size = 1 M debug_log_path = default_client_limit = 1000 default_idle_kill = 60 default_internal_user = dovecot default_login_user = dovenull default_process_limit = 100 default_vsz_limit = 256 M deliver_log_format = msgid=%m: %$ dict_db_config = director_doveadm_port = 9091 director_mail_servers = 192.168.160.74 192.168.160.75 192.168.160.76 192.168.160.77 192.168.160.78 192.168.160.79 director_servers = 192.168.160.80 192.168.160.81 director_user_expire = 15 mins disable_plaintext_auth = yes dotlock_use_excl = yes doveadm_allowed_commands = doveadm_password = doveadm_proxy_port = 0 doveadm_socket_path = doveadm-server doveadm_worker_count = 0 first_valid_gid = 1 first_valid_uid = 500 hostname = imap_capability = imap_client_workarounds = imap_id_log = imap_id_send = imap_idle_notify_interval = 2 mins imap_logout_format = bytes=%i/%o imap_max_line_length = 64 k import_environment = TZ LISTEN_PID LISTEN_FDS info_log_path = last_valid_gid = 0 last_valid_uid = 0 lda_mailbox_autocreate = no lda_mailbox_autosubscribe = no lda_original_recipient_header = libexec_dir = /usr/libexec/dovecot listen = * lmtp_proxy = no lmtp_save_to_detail_mailbox = no lock_method = fcntl log_path = syslog log_timestamp = "%b %d %H:%M:%S " login_access_sockets = login_greeting = Dovecot ready. login_log_format = %$: %s login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c login_trusted_networks = mail_access_groups = mail_attachment_dir = mail_attachment_fs = sis posix mail_attachment_hash = %{sha1} mail_attachment_min_size = 128 k mail_cache_fields = flags mail_cache_min_mail_count = 0 mail_chroot = mail_debug = no mail_fsync = optimized mail_full_filesystem_access = no mail_gid = mail_home = mail_location = mail_log_prefix = "%s(%u): " mail_max_keyword_length = 50 mail_max_lock_timeout = 0 mail_max_userip_connections = 10 mail_never_cache_fields = imap.envelope mail_nfs_index = no mail_nfs_storage = no mail_plugin_dir = /usr/lib64/dovecot mail_plugins = mail_privileged_group = mail_save_crlf = no mail_temp_dir = /tmp mail_uid = mailbox_idle_check_interval = 30 secs mailbox_list_index_disable = no maildir_copy_with_hardlinks = yes maildir_stat_dirs = no maildir_very_dirty_syncs = no master_user_separator = mbox_dirty_syncs = yes mbox_dotlock_change_timeout = 2 mins mbox_lazy_writes = yes mbox_lock_timeout = 5 mins mbox_min_index_size = 0 mbox_read_locks = fcntl mbox_very_dirty_syncs = no mbox_write_locks = dotlock fcntl mdbox_preallocate_space = no mdbox_rotate_interval = 0 mdbox_rotate_size = 2 M mmap_disable = no passdb { args = proxy=y nopassword=y deny = no driver = static master = no pass = no } pop3_client_workarounds = pop3_enable_last = no pop3_fast_size_lookups = no pop3_lock_session = no pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s pop3_no_flag_updates = no pop3_reuse_xuidl = no pop3_save_uidl = no pop3_uidl_format = %08Xu%08Xv postmaster_address = protocols = imap pop3 lmtp quota_full_tempfail = no recipient_delimiter = + rejection_reason = Your message to <%t> was automatically rejected:%n%r rejection_subject = Rejected: %s sendmail_path = /usr/sbin/sendmail service anvil { chroot = empty client_limit = 16321 drop_priv_before_exec = no executable = anvil extra_groups = group = idle_kill = 4294967295 secs privileged_group = process_limit = 1 process_min_avail = 1 protocol = service_count = 0 type = anvil unix_listener anvil-auth-penalty { group = mode = 0600 user = } unix_listener anvil { group = mode = 0600 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service auth-worker { chroot = client_limit = 1 drop_priv_before_exec = no executable = auth -w extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 1 type = unix_listener auth-worker { group = mode = 0600 user = $default_internal_user } user = vsz_limit = 18446744073709551615 B } service auth { chroot = client_limit = 18466 drop_priv_before_exec = no executable = auth extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener auth-client { group = mode = 0600 user = } unix_listener auth-login { group = mode = 0600 user = $default_internal_user } unix_listener auth-master { group = mode = 0600 user = } unix_listener auth-userdb { group = mode = 0600 user = } unix_listener login/login { group = mode = 0666 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service config { chroot = client_limit = 0 drop_priv_before_exec = no executable = config extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = config unix_listener config { group = mode = 0600 user = } user = vsz_limit = 18446744073709551615 B } service dict { chroot = client_limit = 1 drop_priv_before_exec = no executable = dict extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = unix_listener dict { group = mode = 0600 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service director { chroot = client_limit = 0 drop_priv_before_exec = no executable = director extra_groups = fifo_listener login/proxy-notify { group = mode = 0666 user = } group = idle_kill = 4294967295 secs inet_listener { address = port = 9090 ssl = no } privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener director-admin { group = mode = 0600 user = } unix_listener director-userdb { group = mode = 0600 user = } unix_listener login/director { group = mode = 0666 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service dns_client { chroot = client_limit = 1 drop_priv_before_exec = no executable = dns-client extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = unix_listener dns-client { group = mode = 0666 user = } unix_listener login/dns-client { group = mode = 0666 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service doveadm { chroot = client_limit = 1 drop_priv_before_exec = no executable = doveadm-server extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 1 type = unix_listener doveadm-server { group = mode = 0600 user = } user = vsz_limit = 18446744073709551615 B } service imap-login { chroot = login client_limit = 0 drop_priv_before_exec = no executable = imap-login director extra_groups = group = idle_kill = 0 inet_listener imap { address = port = 143 ssl = no } inet_listener imaps { address = port = 993 ssl = yes } privileged_group = process_limit = 12222 process_min_avail = 10 protocol = imap service_count = 1 type = login user = $default_login_user vsz_limit = 2 G } service imap { chroot = client_limit = 1 drop_priv_before_exec = no executable = imap extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1024 process_min_avail = 0 protocol = imap service_count = 1 type = unix_listener login/imap { group = mode = 0666 user = } user = vsz_limit = 18446744073709551615 B } service ipc { chroot = empty client_limit = 0 drop_priv_before_exec = no executable = ipc extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener ipc { group = mode = 0600 user = } unix_listener login/ipc-proxy { group = mode = 0600 user = $default_login_user } user = $default_internal_user vsz_limit = 18446744073709551615 B } service lmtp { chroot = client_limit = 0 drop_priv_before_exec = no executable = lmtp extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = lmtp service_count = 0 type = unix_listener lmtp { group = mode = 0666 user = } user = vsz_limit = 0 } service log { chroot = client_limit = 0 drop_priv_before_exec = no executable = log extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = log user = vsz_limit = 18446744073709551615 B } service pop3-login { chroot = login client_limit = 0 drop_priv_before_exec = no executable = pop3-login director extra_groups = group = idle_kill = 0 inet_listener pop3 { address = port = 110 ssl = no } inet_listener pop3s { address = port = 995 ssl = yes } privileged_group = process_limit = 4096 process_min_avail = 0 protocol = pop3 service_count = 1 type = login user = $default_login_user vsz_limit = 64 M } service pop3 { chroot = client_limit = 1 drop_priv_before_exec = no executable = pop3 extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1024 process_min_avail = 0 protocol = pop3 service_count = 1 type = unix_listener login/pop3 { group = mode = 0666 user = } user = vsz_limit = 18446744073709551615 B } service ssl-params { chroot = client_limit = 0 drop_priv_before_exec = no executable = ssl-params extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = startup unix_listener login/ssl-params { group = mode = 0666 user = } user = vsz_limit = 18446744073709551615 B } shutdown_clients = yes ssl = required ssl_ca = Hello We are going to split our mailhub in two :-) one for students and one for the others Does Dovecot 2 provide some mechanisms to filter users's' login ? a flat file would be enough for my usage ( I use pam_ldap nss_ldap with nsswitch ) thanks From asai at globalchangemusic.org Wed Sep 28 20:30:07 2011 From: asai at globalchangemusic.org (Asai) Date: Wed, 28 Sep 2011 10:30:07 -0700 Subject: [Dovecot] Dsync Removing Subscriptions Entries Message-ID: <4E83599F.8030603@globalchangemusic.org> Greetings, In learning to get Dsync to work, I see a lot of this type of warning in the logs: dsync-remote(user at domain.org): Warning: Subscriptions file /vmail/domain/user/subscriptions: Removing invalid entry: INBOX/SOME folder When I ran a test this morning on the backed up emails on the remote server with Thunderbird, I did indeed see that many of the subscribed folders were not present in TB, although the directories and data were indeed present on the remote server. The subscriptions file on the remote server had the omissions which Dsync warned about. These maildir folders seem to work fine on the main server. Can someone help me to understand how to make the sync without omissions in the subscriptions file? -- *Asai* Global Change Multi-Media Internet Application Development IT and Networking Services 520-398-2542 From user+dovecot at localhost.localdomain.org Wed Sep 28 21:33:27 2011 From: user+dovecot at localhost.localdomain.org (Pascal Volk) Date: Wed, 28 Sep 2011 20:33:27 +0200 Subject: [Dovecot] deliver LDA issue with setuid-root In-Reply-To: <1317191852.67316.YahooMailNeo@web113415.mail.gq1.yahoo.com> References: <1317191852.67316.YahooMailNeo@web113415.mail.gq1.yahoo.com> Message-ID: <4E836877.4070105@localhost.localdomain.org> On 09/28/2011 08:37 AM Daminto Lie wrote: > Hi, > > I am getting the following error message when trying to implement LDA Dovecot 1.2.9 with virtual users: > > > Sep 28 15:59:33 server1 postfix/pipe[3041]: 28BEC2400A1: to=, relay=dovecot, delay=2361, delays=2361/0.01/0/0.03, dsn=4.3.0, status=deferred (temporary failure. Command output: /usr/lib/dovecot/deliver must not be both world-executable and setuid-root. This allows root exploits. See http://wiki.dovecot.org/LDA#multipleuids ) > > I do not know if I need to change the group to secmail. Currently, I have as follows > > -rwsr-xr-x 1 root root 933796 2011-06-10 05:36 deliver > > > Can I change it to any other group apart from secmail? and what does it mean by world-executable? Sorry if I ask a silly question here but keen to learn more about linux. RTFM chmod(1) > ? > Here is my master.cf > # delivery through dovecot > dovecot unix - n n - - pipe > flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${recipient} > > Any help would be greatly appreciated. > > Thank you chgrp vmail /usr/lib/dovecot/deliver chmod o-rx !$ Regards, Pascal -- The trapper recommends today: cafefeed.1127120 at localdomain.org From kuizhang at gmail.com Wed Sep 28 23:00:27 2011 From: kuizhang at gmail.com (Kui Zhang) Date: Wed, 28 Sep 2011 13:00:27 -0700 Subject: [Dovecot] outlook 2007 very slow. In-Reply-To: <4E82B3B7.2020301@hardwarefreak.com> References: <4E77CA5A.6010506@tlinx.org> <4E82109E.2000600@wildgooses.com> <4E821412.2040801@Media-Brokers.com> <4E82B3B7.2020301@hardwarefreak.com> Message-ID: On Tue, Sep 27, 2011 at 10:42 PM, Stan Hoeppner wrote: > On 9/27/2011 4:50 PM, Kui Zhang wrote: >>> >>> I think if you disable the new local indexing features in TB then it >>> should start running fairly decently? >> >> I had indexing disabled... that did not help much. >> >> TB work better after I have these settings... >> >> mail.imap.expunge_after_delete true >> mail.imap.expunge_option 2 >> mail.server.default.autosync_offline_stores false >> mail.server.default.offline_download false >> mail.server.default.autosync_max_age_days 14 >> >> I think mail.imap.expunge_after_delete might have caused mdbox limit >> problem I had before... but not confirmed. > > What, exactly, was the nature of the performance problem you originally > mentioned to start this thread, the mailbox with the thousands of sub > folders? This thread might be getting little off topic. It was for inotify loop on server side during idle (outlook 2k7), with approximate 2.1k folders. > > With GLODA and local synchronization disabled, using 1 IMAP connection > instead of the default 5, disabling IDLE and using check interval seconds, > and using the default: I have not notice looping on idle when client using Thunderbird. So it might be outlook specific. > > mail.server.default.check_all_folders_for_new ? FALSE > Not feasible. Few folders need to be checked periodically... > then you should have excellent performance with TB regardless of the number > of folders in a mailbox. ?Unless maybe the hardware or net pipe are lacking. > Ya, but TB would be doing less work. > What are the specs of the client machine in question? ?What CPU/freq. Maybe > more importantly, what is the link speed of the network between this PC and > the Dovecot server? ?LAN or WAN? avg ttl = 0.5ms Sustain 10-12MB/s, concurrent connections, from 5+ workstations. No load issues recorded on the server side. The clients have 8GB of ram, athlon II X4 640 quad core. they should have enough juice... On an athlon 3200, 2G Ram, I did some tests on an account, with 3GB on disk, approximate 100k emails, and 30 folders. on the client side, when no mail client running. 450-500MB ram used. CPU at 1-2% TB hangs on start up, for extent period of time. cpu at 100%, ram at 1 - 1.2 GB used. CPU usage almost always at 100%. And it hangs from time to time. The client side disk usage for TB is around 200MB? why would it need 500MB of ram? This is something I will bring up with the thunderbird people. With claws-mail, cpu goes up depending on amount of email in the folder. And cpu usage drop almost immediately after folder switch. around 480 ? 520 MB ram used. So the client box is not too slow. KuiZ > > -- > Stan > > From pavel.obr at gmail.com Wed Sep 28 23:40:45 2011 From: pavel.obr at gmail.com (Pavel Obr) Date: Wed, 28 Sep 2011 22:40:45 +0200 Subject: [Dovecot] Dovecot and NTLM problem Message-ID: Hallo, i am trying setup dovecot 2.0.9 with NTLM. I tested succesfully winbind with winbind -k, ntlm-auth with ntlm_auth --username=pavel. But I cannot authenticate in Dovecot. My log show these lines: Sep 28 22:16:25 srv-pat dovecot: auth: Debug: auth client connected (pid=6002) Sep 28 22:16:25 srv-pat dovecot: auth: Debug: client in: AUTH#0111#011NTLM#011service=imap#011lip=192.168.7.67#011rip=192.168.100.141#011lport=143#011rport=5109 Sep 28 22:16:25 srv-pat dovecot: auth: Debug: client out: CONT#0111#011 Sep 28 22:16:25 srv-pat dovecot: auth: Fatal: execv(/usr/bin/ntlm_auth) failed: Permission denied Sep 28 22:16:25 srv-pat dovecot: auth: Error: winbind: ntlm_auth exited with exit code 84 Sep 28 22:16:25 srv-pat dovecot: auth: Debug: client in: CONT#0111#011TlRMTVNTUAABAAAAB4IIAAAAAAAAAAAAAAAAAAAAAAA= Sep 28 22:16:25 srv-pat dovecot: auth: Error: winbind(?,192.168.100.141): write(out_pipe) failed: Broken pipe Sep 28 22:16:27 srv-pat dovecot: auth: Debug: client out: FAIL#0111 Do you know what that is mean "Fatal: execv(/usr/bin/ntlm_auth) failed: Permission denied" ? What is exit code 84 - "Error: winbind: ntlm_auth exited with exit code 84"? My dovecot -n: # 2.0.9: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-131.12.1.el6.x86_64 x86_64 Scientific Linux release 6.1 (Carbon) auth_debug = yes auth_debug_passwords = yes auth_mechanisms = plain ntlm login auth_use_winbind = yes auth_username_format = %n mail_home = /data/vmail/%d/%n mail_location = mdbox:~/mail mbox_write_locks = fcntl passdb { driver = pam } protocols = pop3 imap lmtp ssl_cert = >> New subscriber here. I noticed that the FTS index is not used in compound searches. >> Is this expected? Tested in 2.0.0 and 2.0.8: > >Yep. It's been in TODO for a while. I know this thread is quite old, but we have the same issue with v2.0.14 and squat. Would this issue also affect the Solr FTS backend? Thanks, Nikolai. From tlx at leuxner.net Thu Sep 29 10:57:53 2011 From: tlx at leuxner.net (Thomas Leuxner) Date: Thu, 29 Sep 2011 09:57:53 +0200 Subject: [Dovecot] What best decision to make for flatfiles or SQL when I use Dovecot2 + Postfix together? In-Reply-To: <1317161652.13631.140258148451673@webmail.messagingengine.com> References: <1317138678.29156.140258148311993@webmail.messagingengine.com> <4E8207F5.2070105@whyscream.net> <1317160829.10644.140258148445373@webmail.messagingengine.com> <20110927180632.Horde.jPUpZZLnE6FOgkjoSa5RRHA@kishi.patrickdk.com> <1317161652.13631.140258148451673@webmail.messagingengine.com> Message-ID: <20110929075753.GA10332@nihlus.leuxner.net> On Tue, Sep 27, 2011 at 03:14:12PM -0700, terryjames9461 at mm.st wrote: > With using the Dovecot lmtp option, where does Postfix know to refuse > email for a non-existing user or domain? That also has to be shared? Sticking to the Flatfile recipe on the Wiki, Postfix would query the Auth Backend of Dovecot. The actual user records would sit on the Dovecot side, where Postfix would only worry about valid domains etc. Fancy stuff like Aliasing would be better done on the Postfix side in this scenario although it would also be possible to have bogus User records in Dovecot to address that. Thomas -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: Digital signature URL: From per at computer.org Thu Sep 29 11:15:52 2011 From: per at computer.org (Per Jessen) Date: Thu, 29 Sep 2011 10:15:52 +0200 Subject: [Dovecot] What best decision to make for flatfiles or SQL when I use Dovecot2 + Postfix together? References: <1317138678.29156.140258148311993@webmail.messagingengine.com> <20110928064424.GA31755@oc1046828364.ibm.com> <20110928080205.5d621f20@scorpio> Message-ID: Jerry wrote: > On Wed, 28 Sep 2011 08:44:24 +0200 > Jan-Frode Myklebust articulated: > >> On Tue, Sep 27, 2011 at 08:51:18AM -0700, terryjames9461 at mm.st wrote: >> > >> > I'm a little confused about: to do that sharing-in-one-place, do I >> > have to use SQL or can I use the flatfiles like passwd-db? I >> > think for sure someone already decided the best approach for this, >> > and maybe I'm not understanding the logic to it. >> >> Best approach is probably to store this in an ldap-directory. Then >> you can easily have multi-master replication, and avoid any single >> point of failure for your database. Both postfix and dovecot will be >> able to lookup the data using ldap. > > While "ldap" may be fine for some users; personally, I have had > nothing but catastrophic results when attempting to use it. I am fully > aware that the main problem is that I am not truly "ldap" proficient. > For the end user who needs an easy to maintain database I would > unequivocally recommend MySQL. +1 on the mysql. /Per Jessen, Z?rich From rainer.frey at inxmail.de Thu Sep 29 12:24:29 2011 From: rainer.frey at inxmail.de (Rainer Frey) Date: Thu, 29 Sep 2011 11:24:29 +0200 Subject: [Dovecot] What best decision to make for flatfiles or SQL when I use Dovecot2 + Postfix together? In-Reply-To: <1317161652.13631.140258148451673@webmail.messagingengine.com> References: <1317138678.29156.140258148311993@webmail.messagingengine.com><4E8207F5.2070105@whyscream.net><1317160829.10644.140258148445373@webmail.messagingengine.com> <20110927180632.Horde.jPUpZZLnE6FOgkjoSa5RRHA@kishi.patrickdk.com> <1317161652.13631.140258148451673@webmail.messagingengine.com> Message-ID: On 28.09.2011, at 00:14, terryjames9461 at mm.st wrote: > Hello Patrick, > > On Tuesday, September 27, 2011 6:06 PM, "Patrick Domack" > wrote: >> Using dovecot lda/lmtp you remove all postfix needs to know mailbox >> name to directory mapping, that would be duplicated. > > With using the Dovecot lmtp option, where does Postfix know to refuse > email for a non-existing user or domain? That also has to be shared? I wondered that as well, and unfortunately the Howto doesn't explain the concept it builds upon. But I found it: it uses LMTP and recipient verification (see reject_unverified_recipient in smtpd_recipient_restictions). See http://www.postfix.org/ADDRESS_VERIFICATION_README.html for details. Rainer From venom00 at setsun.org Thu Sep 29 15:22:49 2011 From: venom00 at setsun.org (venom00) Date: Thu, 29 Sep 2011 14:22:49 +0200 Subject: [Dovecot] Messages not deleted from mbox Message-ID: Hello, I've two accounts on my mail server, and from my client (Evolution) I've set up two configurations. If I dowload mail one account at a time everything works fine, but if I download both of them at the same time I'm not able to delete downloaded messages, so I download them twice, three times and counting to infinity. On th client side everything looks good: ----------------------------------------------------- LIST +OK 1 messages: 1 485 . UIDL +OK 1 000000704e57eebd . RETR 1 +OK 485 octets Message here... . DELE 1 +OK Marked to be deleted. QUIT +OK Logging out, messages deleted. ----------------------------------------------------- On the server side I've enabled debug logging but nothing relevant comes up, except sometimes an error: Panic: Message unexpectedly expunged from index Full log: http://pastebin.com/raw.php?i=bBizx9tm But most of the times there are no errors and simply the message is not deleted. I'm using mbox format in /var/spool/mail/%u. The dovecot user has read-write access to the folder (even because, as I said, if download an account at once everything works fine). I think it's about locking, I've tried several lock methods but always the same result and I can't see dead locks from lsof, fuser or ls (for dotlocks). Thanks in advance, venom00 From lists at wildgooses.com Thu Sep 29 15:27:11 2011 From: lists at wildgooses.com (Ed W) Date: Thu, 29 Sep 2011 13:27:11 +0100 Subject: [Dovecot] outlook 2007 very slow. In-Reply-To: References: <4E77CA5A.6010506@tlinx.org> <4E82109E.2000600@wildgooses.com> <4E821412.2040801@Media-Brokers.com> <4E82B3B7.2020301@hardwarefreak.com> Message-ID: <4E84641F.8080001@wildgooses.com> On 28/09/2011 21:00, Kui Zhang wrote: > TB hangs on start up, for extent period of time. cpu at 100%, ram at 1 > - 1.2 GB used. CPU usage almost always at 100%. And it hangs from time > to time. The client side disk usage for TB is around 200MB? why would > it need 500MB of ram? This is something I will bring up with the > thunderbird people. > If you care to debug in more detail, you may learn a lot by watching the network traffic at this point? You can setup debugging on the server side, but personally I find this a touch hard to setup for one off sessions (and shared IPs/mailboxes, etc). Also consider wireshark and just tracing a single machine. The point being to see if it's locked up because it's thrashing the mail server for some reason, or if it's doing something silly client side? Random untested ideas: - I believe it pulls the folder list down at startup. With thousands of folders in your case (did I understand that?) you might find it's doing some silly select on each folder and hence spending ages being bound by the ping speed to the server (something like 100-200 round trips per sec max I think you said?), or perhaps it's even worse than that if it causes some disk seek for each folder? - Quantity of headers could be large under certain circumstances - check if you are network bandwidth bound? - TB might be doing something silly locally and you are bound by disk seek time on your local machine as it does whatever it does to several thousand mbox files? Move the TB local folder to some slower/faster disk and observe if the startup speed gets proportionally slower/faster..? Eg I slapped in some large flash drive to my Mac and now I keep forgetting that others still have seek time limitations starting apps... Good luck - interested to hear if you can trace this to something? Ed W P.S. I will try and post some tips in a new thread, but I found that TB and other clever clients can benefit enormously if you turn on the appropriate zlib stuff that means the COMPRESS extension is supported (not on by default). Outlook hasn't historically supported this, so I doubt it will help above, but it's one feature that can give TB the edge over Outlook. From lists at wildgooses.com Thu Sep 29 15:30:59 2011 From: lists at wildgooses.com (Ed W) Date: Thu, 29 Sep 2011 13:30:59 +0100 Subject: [Dovecot] outlook 2007 very slow. In-Reply-To: <20110928100447.05f8beee@scorpio> References: <4E77CA5A.6010506@tlinx.org> <4E82109E.2000600@wildgooses.com> <4E821412.2040801@Media-Brokers.com> <20110927184209.504e9c90@scorpio> <4E831B16.4050607@Media-Brokers.com> <20110928100447.05f8beee@scorpio> Message-ID: <4E846503.9020900@wildgooses.com> On 28/09/2011 15:04, Jerry wrote: > MS Outlook's calender is the best available. I find Outlook's interface > easy to use. Then again, I am quite familiar with it so that would only > be natural. I have been waiting for what is likely to be TB 8 + the subsequent release of SoGo. I have some hope that the sogo plugins, which should then have all the patches they need natively in TB, will go a long way to level the playing field on the calendering vs Outlook... Watch this space and all that... Just chewing the cud and all that, but one of the features which does very much annoy me about Outlook is the apparent failure to do simple nested indents on replied emails, ie like this one where you get each person's reply indented one level all the way down the exchange. I get so many emails where the user starts writing in various coloured writing to try and and make up for the completely flat reply... I *believe* this is entirely down to the settings you pick in Outlook, but it's clearly a common setup to have replies non indented? (Plenty of things tick me off about TB, but this margin too small to accomodate them....) Cheers Ed W From danilo.abbasciano at gmail.com Thu Sep 29 16:05:53 2011 From: danilo.abbasciano at gmail.com (Danilo) Date: Thu, 29 Sep 2011 15:05:53 +0200 Subject: [Dovecot] Timeout leak in get quota Message-ID: <4E846D31.6010900@gmail.com> Hello! I wrote perl script for read current quota usage, it works but when I run the program I receive a warning in Dovecot log: 2011-09-29 14:45:30 doveadm(guest at testmail.com): Warning: Timeout leak: 0x7f14800ad970 This is the script: =============================== #!/usr/bin/perl use strict; use Socket; use IO::Handle; socket(TSOCK, PF_UNIX, SOCK_STREAM,0); connect(TSOCK, sockaddr_un("/var/run/dovecot/doveadm-server")) or print("ERROR!"); print "VERSION\tdoveadm-server\t1\t0\n"; print "\tguest\@testmail.com\tquota get\n"; print "=" x 20 . "\n"; if (defined(my $messg = )) { print $messg; print TSOCK "VERSION\tdoveadm-server\t1\t0\n"; TSOCK->flush; print TSOCK "\tguest\@testmail.com\tquota get\n"; TSOCK->flush; $messg = ; print $messg; $messg = ; print $messg; close TSOCK; } ============================= I hope someone could help me to fix the warning. Thanks in advance, Dany From ibrahim.harrani at gmail.com Thu Sep 29 16:08:55 2011 From: ibrahim.harrani at gmail.com (Ibrahim Harrani) Date: Thu, 29 Sep 2011 16:08:55 +0300 Subject: [Dovecot] "Waiting for authentication process to respond" for invalid users with auth_dovecot In-Reply-To: <1316178672.12936.99.camel@hurina> References: <1316178672.12936.99.camel@hurina> Message-ID: Hi Timo, I switched to auth_pop wrapper to solve the problem. I agree that there is something wrong with auth_dovecot. Thanks. On Fri, Sep 16, 2011 at 4:11 PM, Timo Sirainen wrote: > On Tue, 2011-09-13 at 13:53 +0300, Ibrahim Harrani wrote: > >> I am testing dovecot 2.0.13 and 2.0.14 with qmail-ldap and >> auth_dovecot patch. If i login to dovecot (pop3/imap) with correct >> user and password. >> no problem, I can login immediately. but if I try with nonexistant >> user, dovecot does not immediate answer, wait for a while and says >> "Waiting for authentication process to respond." >> auth_dovecot process remains working in the background. >> How can I avoid this situation? > > If auth_dovecot process keeps running, the bug is in auth_dovecot. I've > never looked at it (or probably even heard of it). > > > From listas.correo at yahoo.es Thu Sep 29 18:09:02 2011 From: listas.correo at yahoo.es (mailing lists) Date: Thu, 29 Sep 2011 16:09:02 +0100 (BST) Subject: [Dovecot] Panic: file lmtp-proxy.c: line 370 (lmtp_proxy_output_timeout): assertion failed: (proxy->data_input->eof) Message-ID: <1317308942.24498.YahooMailNeo@web29115.mail.ird.yahoo.com> Hello all, today I got this crash from dovecot (2.0.14) Sep 29 14:09:32 imap1 dovecot: lmtp(17693): Panic: file lmtp-proxy.c: line 370 (lmtp_proxy_output_timeout): assertion failed: (proxy->data_input->eof) Sep 29 14:09:32 imap1 dovecot: lmtp(17693): Error: Raw backtrace: /usr/lib64/dovecot/libdovecot.so.0(+0x3f9aa)? [0x7f18f10299aa] -> /usr/lib64/dovecot/libdovecot.so.0(+0x3f9f6) [0x7f18f10299f6] -> /usr/lib64/dovecot/libdovecot.so.0(i_fatal+0) [0x7f18f1003211] -> dovecot/lmtp(+0x7a4f) [0x7f18f1982a4f] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_handle_timeouts+0xcb) [0x7f18f103590b] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_handler_run+0x5b) [0x7f18f103680b] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_run+0x28) [0x7f18f1035768] -> /usr/lib64/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7f18f1023423] -> dovecot/lmtp(main+0x183) [0x7f18f197fa93] -> /lib64/libc.so.6(__libc_start_main+0xfd) [0x7f18f0ca8b7d] -> dovecot/lmtp(+0x4819) [0x7f18f197f819] Sep 29 14:09:32 imap1 dovecot: master: Error: service(lmtp): child 17693 killed with signal 6 (core dumps disabled) ?? /-----------------/ # dovecot -n -c /etc/dovecot-director/dovecot.conf # 2.0.14: /etc/dovecot-director/dovecot.conf # OS: Linux 2.6.34.7-0.7-xen x86_64 openSUSE 11.3 (x86_64) auth_debug = yes auth_verbose = yes base_dir = /var/run/dovecot-director/ director_mail_servers = 100.1.245.101 100.1.245.105 director_servers = 100.1.245.101:9091 100.1.245.105:9091 100.1.241.204:9091 disable_plaintext_auth = no doveadm_proxy_port = 24245 lmtp_proxy = yes mail_debug = yes mail_fsync = always mail_gid = 5000 mail_nfs_index = yes mail_nfs_storage = yes mail_plugins = acl mail_uid = 5000 managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date mmap_disable = yes passdb { ? args = proxy=y nopassword=y ? driver = static } plugin { ? acl = vfile ? sieve = ~/.dovecot.sieve ? sieve_dir = ~/sieve } protocols = imap lmtp pop3 service auth { ? unix_listener auth-userdb { ??? group = vmail ??? mode = 0666 ??? user = vmail ? } } service director { ? fifo_listener login/proxy-notify { ??? mode = 0666 ? } ? inet_listener { ??? port = 9091 ? } ? unix_listener director-userdb { ??? mode = 0666 ? } ? unix_listener login/director { ??? mode = 0666 ? } } service doveadm { ? inet_listener { ??? port = 24245 ? } } service imap-login { ? executable = imap-login director ? inet_listener imap { ??? port = 10143 ? } } service lmtp { ? inet_listener lmtp { ??? port = 1024 ? } } service pop3-login { ? executable = pop3-login director ? inet_listener pop3 { ??? port = 10110 ? } } ssl = no verbose_proctitle = yes protocol lmtp { ? auth_socket_path = director-userdb ? passdb { ??? args = proxy=y nopassword=y port=24 ??? driver = static ? } } protocol imap { ? mail_max_userip_connections = 100 } local 100.1.245.101/28/28 { ? doveadm_password = secret } From dovecot at knutejohnson.com Thu Sep 29 19:56:22 2011 From: dovecot at knutejohnson.com (Knute Johnson) Date: Thu, 29 Sep 2011 09:56:22 -0700 Subject: [Dovecot] Error message Message-ID: <4E84A336.1060002@knutejohnson.com> I'm getting the following message in my log; dovecot: IMAP(knute): fchown(/home/knute/mail/.imap/INBOX/dovecot.index.cache.lock, -1, 8(mail)) failed: Operation not permitted (egid=1000(knute), group based on /var/mail/knute): 1 Time(s) dovecot: IMAP(knute): fchown(/home/knute/mail/.imap/INBOX/dovecot.index.log.newlock, -1, 8(mail)) failed: Operation not permitted (egid=1000(knute), group based on /var/mail/knute): 2 Time(s) dovecot: IMAP(knute): fchown(/home/knute/mail/.imap/INBOX/dovecot.index.tmp, -1, 8(mail)) failed: Operation not permitted (egid=1000(knute), group based on /var/mail/knute): 4 Time(s) I got these once before on the /var/mail/user files and changed the permissions to 600. /home/knute/mail/.imap/INBOX is 770 and the index files are 600. Is this a problem with the directory privilege? Thanks, -- Knute Johnson From terry at cnysupport.com Thu Sep 29 20:15:13 2011 From: terry at cnysupport.com (Terry Carmen) Date: Thu, 29 Sep 2011 13:15:13 -0400 Subject: [Dovecot] Virtual Folder configuration problem. [FIXED] Message-ID: <20110929131513.Horde.o8eCXFeGiNBOhKehtHSilmA@www.cnysupport.com> Well, it took a ton of time and research, but I finally have a working Unread virtual mailbox on Dovecot 2.x on Centos 6.0. I have no idea if it's optimal or correct, but it works perfectly and doesn't raise any errors or warnings. Here's what I ended up with: dovecot.conf: Add the following: mail_plugins = $mail_plugins virtual namespace { type = private prefix = virtual. separator = . location = virtual:~/Maildir/virtual } 10-mail.conf: Add the following: # default namespace namespace { separator = . prefix = inbox = yes } 20-imap.conf: Add the following: protocol imap { mail_plugins = $mail_plugins virtual } 15-lda.conf: Add the following: protocol lda { mail_plugins = $mail_plugins virtual } Restart dovecot. Reload your mail client. Dovecot will create ~/Maildir/virtual cd ~/Maildir/virtual mkdir Unread Use your favorite editor and create a file named "dovecot-virtual" contaiing: # ~/Maildir/virtual/unseen/dovecot-virtual INBOX INBOX.* -INBOX.Trash unseen Save the file and restart your mail client. Go to "Subscriptions" in your mail client and subscribe to the Unseen folder. You should now have a virtual folder that contains all your unread mail, except for the contents of the Trash folder. Enjoy! -- Terry Carmen CNY Support, LLC https://www.cnysupport.com From tompru at jla.rutgers.edu Thu Sep 29 20:21:34 2011 From: tompru at jla.rutgers.edu (Tom Pawlowski) Date: Thu, 29 Sep 2011 13:21:34 -0400 Subject: [Dovecot] 2.0.14 doveadm proxy list segfault Message-ID: <20110929172134.GA25237@hawkeye.rutgers.edu> Hi Timo, Periodic segfaults with doveadm proxy list: root at director1:~) doveadm proxy list doveadm(root): Error: LIST failed: Disconnected Segmentation fault (core dumped) Sometimes it's just the 'LIST failed' error, other times it's the error with the segfault. Usually the first attempt to call it works, subsequent attempts fail. I've attached a strace log of it in action. -- Tom Pawlowski OIT-CSS System Administrator office: Hill 147 email: tompru at jla.rutgers.edu phone: (732) 445-2634 -------------- next part -------------- execve("/usr/bin/doveadm", ["doveadm", "proxy", "list"], [/* 26 vars */]) = 0 brk(0) = 0x1bb97000 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2b99123e5000 uname({sys="Linux", node="director1", ...}) = 0 access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory) open("/usr/lib64/dovecot/tls/x86_64/libdovecot-storage.so.0", O_RDONLY) = -1 ENOENT (No such file or directory) stat("/usr/lib64/dovecot/tls/x86_64", 0x7fffbbe8e710) = -1 ENOENT (No such file or directory) open("/usr/lib64/dovecot/tls/libdovecot-storage.so.0", O_RDONLY) = -1 ENOENT (No such file or directory) stat("/usr/lib64/dovecot/tls", 0x7fffbbe8e710) = -1 ENOENT (No such file or directory) open("/usr/lib64/dovecot/x86_64/libdovecot-storage.so.0", O_RDONLY) = -1 ENOENT (No such file or directory) stat("/usr/lib64/dovecot/x86_64", 0x7fffbbe8e710) = -1 ENOENT (No such file or directory) open("/usr/lib64/dovecot/libdovecot-storage.so.0", O_RDONLY) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\0\242\242\3071\0\0\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=862264, ...}) = 0 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2b99123e6000 mmap(0x31c7a00000, 2955496, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x31c7a00000 mprotect(0x31c7acb000, 2093056, PROT_NONE) = 0 mmap(0x31c7cca000, 32768, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xca000) = 0x31c7cca000 close(3) = 0 open("/usr/lib64/dovecot/libdovecot.so.0", O_RDONLY) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\220ma\3071\0\0\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=508488, ...}) = 0 mmap(0x31c7600000, 2611840, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x31c7600000 mprotect(0x31c7679000, 2093056, PROT_NONE) = 0 mmap(0x31c7878000, 16384, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x78000) = 0x31c7878000 mmap(0x31c787c000, 6784, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x31c787c000 close(3) = 0 open("/usr/lib64/dovecot/libcrypt.so.1", O_RDONLY) = -1 ENOENT (No such file or directory) open("/etc/ld.so.cache", O_RDONLY) = 3 fstat(3, {st_mode=S_IFREG|0644, st_size=26844, ...}) = 0 mmap(NULL, 26844, PROT_READ, MAP_PRIVATE, 3, 0) = 0x2b99123e7000 close(3) = 0 open("/lib64/libcrypt.so.1", O_RDONLY) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\360\t\240\257>\0\0\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=48600, ...}) = 0 mmap(0x3eafa00000, 2322880, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x3eafa00000 mprotect(0x3eafa09000, 2093056, PROT_NONE) = 0 mmap(0x3eafc08000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x8000) = 0x3eafc08000 mmap(0x3eafc0a000, 184768, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x3eafc0a000 close(3) = 0 open("/usr/lib64/dovecot/libpam.so.0", O_RDONLY) = -1 ENOENT (No such file or directory) open("/lib64/libpam.so.0", O_RDONLY) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\220\"`N6\0\0\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=50904, ...}) = 0 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2b99123ee000 mmap(0x364e600000, 2143696, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x364e600000 mprotect(0x364e60b000, 2097152, PROT_NONE) = 0 mmap(0x364e80b000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xb000) = 0x364e80b000 close(3) = 0 open("/usr/lib64/dovecot/libdl.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) open("/lib64/libdl.so.2", O_RDONLY) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\20\16\340\255>\0\0\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=23360, ...}) = 0 mmap(0x3eade00000, 2109696, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x3eade00000 mprotect(0x3eade02000, 2097152, PROT_NONE) = 0 mmap(0x3eae002000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x3eae002000 close(3) = 0 open("/usr/lib64/dovecot/librt.so.1", O_RDONLY) = -1 ENOENT (No such file or directory) open("/lib64/librt.so.1", O_RDONLY) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0 \"`\257>\0\0\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=53448, ...}) = 0 mmap(0x3eaf600000, 2132936, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x3eaf600000 mprotect(0x3eaf607000, 2097152, PROT_NONE) = 0 mmap(0x3eaf807000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x7000) = 0x3eaf807000 close(3) = 0 open("/usr/lib64/dovecot/libc.so.6", O_RDONLY) = -1 ENOENT (No such file or directory) open("/lib64/libc.so.6", O_RDONLY) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\220\332\241\255>\0\0\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=1718120, ...}) = 0 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2b99123ef000 mmap(0x3eada00000, 3498328, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x3eada00000 mprotect(0x3eadb4e000, 2093056, PROT_NONE) = 0 mmap(0x3eadd4d000, 20480, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x14d000) = 0x3eadd4d000 mmap(0x3eadd52000, 16728, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x3eadd52000 close(3) = 0 open("/usr/lib64/dovecot/libaudit.so.0", O_RDONLY) = -1 ENOENT (No such file or directory) open("/lib64/libaudit.so.0", O_RDONLY) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\340&`&8\0\0\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=98920, ...}) = 0 mmap(0x3826600000, 2191888, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x3826600000 mprotect(0x3826617000, 2093056, PROT_NONE) = 0 mmap(0x3826816000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x16000) = 0x3826816000 close(3) = 0 open("/usr/lib64/dovecot/libpthread.so.0", O_RDONLY) = -1 ENOENT (No such file or directory) open("/lib64/libpthread.so.0", O_RDONLY) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\240W \256>\0\0\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=145824, ...}) = 0 mmap(0x3eae200000, 2204528, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x3eae200000 mprotect(0x3eae216000, 2093056, PROT_NONE) = 0 mmap(0x3eae415000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x15000) = 0x3eae415000 mmap(0x3eae417000, 13168, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x3eae417000 close(3) = 0 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2b99123f0000 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2b99123f1000 arch_prctl(ARCH_SET_FS, 0x2b99123f13a0) = 0 mprotect(0x3eafc08000, 4096, PROT_READ) = 0 mprotect(0x3eae002000, 4096, PROT_READ) = 0 mprotect(0x3eaf807000, 4096, PROT_READ) = 0 mprotect(0x3eadd4d000, 16384, PROT_READ) = 0 mprotect(0x3ead81b000, 4096, PROT_READ) = 0 mprotect(0x3eae415000, 4096, PROT_READ) = 0 munmap(0x2b99123e7000, 26844) = 0 set_tid_address(0x2b99123f1430) = 29539 set_robust_list(0x2b99123f1440, 0x18) = 0 futex(0x7fffbbe8f23c, FUTEX_WAKE_PRIVATE, 1) = 0 rt_sigaction(SIGRTMIN, {0x3eae205380, [], SA_RESTORER|SA_SIGINFO, 0x3eae20eb10}, NULL, 8) = 0 rt_sigaction(SIGRT_1, {0x3eae2052b0, [], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x3eae20eb10}, NULL, 8) = 0 rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 getrlimit(RLIMIT_STACK, {rlim_cur=10240*1024, rlim_max=RLIM_INFINITY}) = 0 brk(0) = 0x1bb97000 brk(0x1bbc0000) = 0x1bbc0000 uname({sys="Linux", node="director1", ...}) = 0 rt_sigaction(SIGPIPE, {0x1, [], SA_RESTORER|SA_RESTART, 0x3eada302d0}, NULL, 8) = 0 rt_sigaction(SIGALRM, {0x31c7648b40, [], SA_RESTORER|SA_SIGINFO, 0x3eada302d0}, NULL, 8) = 0 socket(PF_FILE, SOCK_STREAM, 0) = 3 fcntl(3, F_GETFL) = 0x2 (flags O_RDWR) fcntl(3, F_SETFL, O_RDWR|O_NONBLOCK) = 0 connect(3, {sa_family=AF_FILE, path="/var/run/dovecot/config"...}, 110) = 0 fcntl(3, F_GETFL) = 0x802 (flags O_RDWR|O_NONBLOCK) fcntl(3, F_SETFL, O_RDWR) = 0 write(3, "VERSION\tconfig\t2\t0\nREQ\tmodule=do"..., 38) = 38 fstat(3, {st_mode=S_IFSOCK|0777, st_size=0, ...}) = 0 alarm(10) = 0 read(3, "\n\n", 8192) = 2 alarm(0) = 10 open("/usr/lib64/dovecot/doveadm", O_RDONLY|O_NONBLOCK|O_DIRECTORY) = 4 fcntl(4, F_SETFD, FD_CLOEXEC) = 0 getdents(4, /* 10 entries */, 32768) = 464 getdents(4, /* 0 entries */, 32768) = 0 close(4) = 0 futex(0x3eae0030ec, FUTEX_WAKE_PRIVATE, 2147483647) = 0 open("/usr/lib64/dovecot/doveadm/lib10_doveadm_acl_plugin.so", O_RDONLY) = 4 read(4, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\220\33\0\0\0\0\0\0"..., 832) = 832 fstat(4, {st_mode=S_IFREG|0755, st_size=16696, ...}) = 0 mmap(NULL, 2112392, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 4, 0) = 0x2b99123f2000 mprotect(0x2b99123f6000, 2093056, PROT_NONE) = 0 mmap(0x2b99125f5000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 4, 0x3000) = 0x2b99125f5000 close(4) = 0 munmap(0x2b99123f2000, 2112392) = 0 open("/usr/lib64/dovecot/doveadm/lib10_doveadm_expire_plugin.so", O_RDONLY) = 4 read(4, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\300\24\0\0\0\0\0\0"..., 832) = 832 fstat(4, {st_mode=S_IFREG|0755, st_size=12208, ...}) = 0 mmap(NULL, 2107912, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 4, 0) = 0x2b99123f2000 mprotect(0x2b99123f5000, 2093056, PROT_NONE) = 0 mmap(0x2b99125f4000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 4, 0x2000) = 0x2b99125f4000 close(4) = 0 munmap(0x2b99123f2000, 2107912) = 0 open("/usr/lib64/dovecot/doveadm/lib10_doveadm_quota_plugin.so", O_RDONLY) = 4 read(4, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\320\v\0\0\0\0\0\0"..., 832) = 832 fstat(4, {st_mode=S_IFREG|0755, st_size=7248, ...}) = 0 mmap(NULL, 2102936, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 4, 0) = 0x2b99123f2000 mprotect(0x2b99123f4000, 2093056, PROT_NONE) = 0 mmap(0x2b99125f3000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 4, 0x1000) = 0x2b99125f3000 close(4) = 0 munmap(0x2b99123f2000, 2102936) = 0 open("/usr/lib64/dovecot/doveadm/lib10_doveadm_zlib_plugin.so", O_RDONLY) = 4 read(4, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\260\22\0\0\0\0\0\0"..., 832) = 832 fstat(4, {st_mode=S_IFREG|0755, st_size=11048, ...}) = 0 mmap(NULL, 2106296, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 4, 0) = 0x2b99123f2000 mprotect(0x2b99123f4000, 2097152, PROT_NONE) = 0 mmap(0x2b99125f4000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 4, 0x2000) = 0x2b99125f4000 close(4) = 0 munmap(0x2b99123f2000, 2106296) = 0 rt_sigaction(SIGINT, {0x31c7648d70, [], SA_RESTORER|SA_SIGINFO, 0x3eada302d0}, NULL, 8) = 0 pipe([4, 5]) = 0 fcntl(4, F_GETFL) = 0 (flags O_RDONLY) fcntl(4, F_SETFL, O_RDONLY|O_NONBLOCK) = 0 fcntl(5, F_GETFL) = 0x1 (flags O_WRONLY) fcntl(5, F_SETFL, O_WRONLY|O_NONBLOCK) = 0 fcntl(4, F_GETFD) = 0 fcntl(4, F_SETFD, FD_CLOEXEC) = 0 fcntl(5, F_GETFD) = 0 fcntl(5, F_SETFD, FD_CLOEXEC) = 0 epoll_create(128) = 6 fcntl(6, F_GETFD) = 0 fcntl(6, F_SETFD, FD_CLOEXEC) = 0 epoll_ctl(6, EPOLL_CTL_ADD, 4, {EPOLLIN|EPOLLPRI|EPOLLERR|EPOLLHUP, {u32=465205840, u64=465205840}}) = 0 rt_sigaction(SIGTERM, {0x31c7648d70, [], SA_RESTORER|SA_SIGINFO, 0x3eada302d0}, NULL, 8) = 0 open("/dev/null", O_WRONLY|O_CREAT|O_APPEND, 0600) = 7 fcntl(7, F_GETFD) = 0 fcntl(7, F_SETFD, FD_CLOEXEC) = 0 ioctl(1, TIOCGWINSZ, {ws_row=68, ws_col=155, ws_xpixel=0, ws_ypixel=0}) = 0 socket(PF_FILE, SOCK_STREAM, 0) = 8 fcntl(8, F_GETFL) = 0x2 (flags O_RDWR) fcntl(8, F_SETFL, O_RDWR|O_NONBLOCK) = 0 connect(8, {sa_family=AF_FILE, path="/var/run/dovecot/ipc"...}, 110) = 0 epoll_ctl(6, EPOLL_CTL_ADD, 8, {EPOLLIN|EPOLLPRI|EPOLLERR|EPOLLHUP, {u32=465209040, u64=465209040}}) = 0 fstat(8, {st_mode=S_IFSOCK|0777, st_size=0, ...}) = 0 lseek(8, 0, SEEK_CUR) = -1 ESPIPE (Illegal seek) getsockname(8, {sa_family=AF_FILE, path="\377\377\377\377\377\377\200\363\271\33"...}, [18446462603027808258]) = 0 writev(8, [{"proxy\t*\tLIST", 12}, {"\n", 1}], 2) = -1 EPIPE (Broken pipe) --- SIGPIPE (Broken pipe) @ 0 (0) --- epoll_wait(6, {{EPOLLIN|EPOLLHUP, {u32=465209040, u64=465209040}}}, 2, 4294967295) = 1 read(8, "", 8192) = 0 write(2, "doveadm(root): Error: LIST faile"..., 48) = 48 epoll_ctl(6, EPOLL_CTL_DEL, 8, {0, {u32=465209040, u64=465209040}}) = 0 close(8) = 0 --- SIGSEGV (Segmentation fault) @ 0 (0) --- +++ killed by SIGSEGV (core dumped) +++ From ar-dovecotlist at acrconsulting.co.uk Fri Sep 30 01:38:23 2011 From: ar-dovecotlist at acrconsulting.co.uk (Andrew Richards) Date: 29 Sep 2011 23:38:23 +0100 Subject: [Dovecot] Dovecot failing to parse some UTF-8 encoded attachment filenames, returning empty string instead [SOLVED] In-Reply-To: <201109221231.40494.ar-dovecotlist@acrconsulting.co.uk> References: <201109221231.40494.ar-dovecotlist@acrconsulting.co.uk> Message-ID: <201109292338.23297.ar-dovecotlist@acrconsulting.co.uk> On Thursday 22 September 2011 12:31:40 Andrew Richards wrote: > On Thursday 22 September 2011 00:45:32 Timo Sirainen wrote: > > On 22.9.2011, at 1.59, Andrew Richards wrote: > > > I'm seeing a strange problem with some attachment filenames that are > > > UTF-8 encoded. The problem seems to be related to spaces and/or > > > unusual characters in filenames, like accented characters (or perhaps > > > just to filenames if UTF-8 encoded; I've not explored that fully). > > > > The problem is that the client sends it wrong: > > > Content-Type: application/octet-stream; > > > name==?UTF-8?B?dGhpc19mYWlscy50eHQ=?= > > > Content-Disposition: attachment; > > > filename==?UTF-8?B?dGhpc19mYWlscy50eHQ=?= > > > > These are both wrong. First of all they are illegal because they have = > > and > > ? characters, from RFC 2045: > > ...snip... > > > > Also from RFC 2047 (encoded-word is the =?UTF-8?...?= thing): > > > + An 'encoded-word' MUST NOT be used in parameter of a MIME > > > Content-Type or Content-Disposition field, or in any structured > > > field body except within a 'comment' or 'phrase'. > > > > ...snip... > > Anyway .. I'll check tomorrow if I can easily add code to workaround your > > problem. If it's just a minor change I'll do it. > > Wow - a very thorough response only 45 minutes after I'd posted the > question, and in your follow up message you've already provided a > suggested fix - a huge thank you! > > So in summary it's a "Garbage in -> Garbage out" issue... This also > explains why I'm only getting this issue with one client after a > Courier->Dovecot migration. I'll research which mail client program(s) are > generating the faulty messages for completeness for this thread. > > I expect to test the fix later today or tomorrow, I'll update the thread > accordingly when I've done so. Firstly, my apologies - it's been a week before I've got back to this - I was making sense of another MIME issue which I thought might be related (it isn't), but I'll start a new thread for that. The fix works just fine. However... ...regarding the broken MIME fields: These look to occur in the form I noted for a single client program only, which on further investigation turns out to be an in-house[-written] mail program of my client, and therefore this problem is unlikely to bite other people: I've had permission to search the client's mailboxes for similar non-conforming emails and they only occur for this one in-house mail program. Summary: False alarm. However once again a huge thank-you to Timo for the patch to workaround this broken data. Best regards, Andrew. From ar-dovecotlist at acrconsulting.co.uk Fri Sep 30 01:38:44 2011 From: ar-dovecotlist at acrconsulting.co.uk (Andrew Richards) Date: 29 Sep 2011 23:38:44 +0100 Subject: [Dovecot] Broken mail clients? [MIME] Long attachment encoded filenames (for non-ASCII characters etc) Message-ID: <201109292338.44590.ar-dovecotlist@acrconsulting.co.uk> Hi, I've noticed a possible minor issue with long encoded filenames for attachments where these filenames are split across multiple lines. My understanding of character encoding and MIME is not as good as it should be, so I may easily have got this all mixed up, in which case sorry for the noise... Although I understand the preferred method for handling filenames split across multiple lines (because they're too long to fit on one line in the message) is that suggested in RFC2184/2231, so for example, filename*0*=iso-8859-1''accented_characters_here_%EA%CA%E6 filename*1=etc%2Epdf I find that some mail clients do this instead, filename="=?ISO-8859-1?Q?accented_characters_here_=EA=CA=E6?= =?ISO-8859-1?Q?etc=2Epdf?=" In Dovecot this results in, 0 fetch 25 body * 25 FETCH (BODY (("text" "plain" ("charset" "ISO-8859-1") NIL NIL "7bit" 239 8)("application" "pdf" ("name" "=?ISO-8859-1?Q?accented_characters_here_=EA=CA=E6?= =?ISO-8859-1?Q?etc=2Epdf?=") NIL NIL "base64" 219130) "mixed")) esp. note the unwanted space - or in fact the sequence ?= =? between the two sections of the filename. I think a possible tweak for Dovecot would be to combine the filename parts in this situation to remove the ?= =?. I'm not sure if an IMAP client should know to combine the parts in their current format. FWIW I see that Courier does the same as Dovecot in this situation. I think the 'alternative' method of splitting filenames I'm raising breaks RFC2047 (details below), but unfortunately this method is used by some large email generators like gmail - also details below. Key bits from RFC2047 section 5 part (3) re. only a single encoded-word ('phrase') being allowed for a MIME Content-Type / Content-Disposition: phrase = 1*( encoded-word / word ) An 'encoded-word' MUST NOT be used in parameter of a MIME Content-Type or Content-Disposition field, or in any structured field body except within a 'comment' or 'phrase'. Here are the mail clients I noted this issue with (original filenames destroyed because I've been examining my client's emails for this issue - with their permission), (AOL) X-Mailer: Webmail 33953-STANDARD Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="=?utf-8?Q?abcde?= =?utf-8?Q?abcde=C3=A9abcde.jpg?=" Content-Type: image/jpeg; name="=?utf-8?Q?abcde?= =?utf-8?Q?abcde=C3=A9abcde.jpg?=" Gmail: Content-Type: application/pdf; name="=?ISO-8859-1?Q?with_a_=EA=CA=E6_super=2Dlong_name_that=27s_bound?= =?ISO-8859-1?Q?_to_overflow_a_line_boundary_to_test_gmail=2Epdf?=" Content-Disposition: attachment; filename="=?ISO-8859-1?Q?with_a_=EA=CA=E6_super=2Dlong_name_that=27s_bound?= =?ISO-8859-1?Q?_to_overflow_a_line_boundary_to_test_gmail=2Epdf?=" X-Mailer: YahooMailWebService/0.8.113.313619 Content-Type: application/vnd.openxmlformats- officedocument.wordprocessingml.document; name="=?utf-8?B?base64encodedstring?= =?utf-8?B?base64encodedstring?=" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="=?utf-8?B?base64encodedstring?= =?utf-8?B?base64encodedstring?=" X-Mailer: Lotus Notes Release 6.5.5 November 30, 2005: Content-type: application/pdf; name="=?ISO-8859-1?Q?abcde=E9abcde=E9abcde=E9?= =?ISO-8859-1?Q?abcde=2Cl=2Epdf?=" Content-Disposition: attachment; filename="=?ISO-8859-1?Q?abcde=E9abcde=E9_abcde=E9?= =?ISO-8859-1?Q?abcde=2Cl=2Epdf?=" Content-ID: <20__=snip> Content-transfer-encoding: base64 X-Mailer: Lotus Domino Web Server Release 6.5.5FP1 HF551 November 27, 2007: Content-type: application/pdf; name="=?windows-1252?Q?abcde_=28=E9?= =?windows-1252?Q?=29=2Epdf?=" Content-Disposition: attachment; filename="=?windows-1252?Q?abcde_=28=E9?= =?windows-1252?Q?=29=2Epdf?=" Content-transfer-encoding: base64 Timo also noted the same style of filename encoding in Apple Mail in the previous thread I started, it would be interesting to try Apple Mail with a very long filename to cause it to split across multiple lines and see how it encodes the filename then, > Looks like Apple Mail also sends: > > Content-Type: application/octet-stream; > > name="=?iso-8859-1?Q?p=E4=E4?=" Best regards, Andrew. From ar-dovecotlist at acrconsulting.co.uk Fri Sep 30 01:48:21 2011 From: ar-dovecotlist at acrconsulting.co.uk (Andrew Richards) Date: 29 Sep 2011 23:48:21 +0100 Subject: [Dovecot] Long attachment encoded filenames (for non-ASCII characters etc) in MIME headers & corresponding Dovecot behaviour Message-ID: <201109292348.21999.ar-dovecotlist@acrconsulting.co.uk> (Correction: Subject was confused) Hi, I've noticed a possible minor issue with long encoded filenames for attachments where these filenames are split across multiple lines. My understanding of character encoding and MIME is not as good as it should be, so I may easily have got this all mixed up, in which case sorry for the noise... Although I understand the preferred method for handling filenames split across multiple lines (because they're too long to fit on one line in the message) is that suggested in RFC2184/2231, so for example, filename*0*=iso-8859-1''accented_characters_here_%EA%CA%E6 filename*1=etc%2Epdf I find that some mail clients do this instead, filename="=?ISO-8859-1?Q?accented_characters_here_=EA=CA=E6?= =?ISO-8859-1?Q?etc=2Epdf?=" In Dovecot this results in, 0 fetch 25 body * 25 FETCH (BODY (("text" "plain" ("charset" "ISO-8859-1") NIL NIL "7bit" 239 8)("application" "pdf" ("name" "=?ISO-8859-1?Q?accented_characters_here_=EA=CA=E6?= =?ISO-8859-1?Q?etc=2Epdf?=") NIL NIL "base64" 219130) "mixed")) esp. note the unwanted space - or in fact the sequence ?= =? between the two sections of the filename. I think a possible tweak for Dovecot would be to combine the filename parts in this situation to remove the ?= =?. I'm not sure if an IMAP client should know to combine the parts in their current format. FWIW I see that Courier does the same as Dovecot in this situation. I think the 'alternative' method of splitting filenames I'm raising breaks RFC2047 (details below), but unfortunately this method is used by some large email generators like gmail - also details below. Key bits from RFC2047 section 5 part (3) re. only a single encoded-word ('phrase') being allowed for a MIME Content-Type / Content-Disposition: phrase = 1*( encoded-word / word ) An 'encoded-word' MUST NOT be used in parameter of a MIME Content-Type or Content-Disposition field, or in any structured field body except within a 'comment' or 'phrase'. Here are the mail clients I noted this issue with (original filenames destroyed because I've been examining my client's emails for this issue - with their permission), (AOL) X-Mailer: Webmail 33953-STANDARD Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="=?utf-8?Q?abcde?= =?utf-8?Q?abcde=C3=A9abcde.jpg?=" Content-Type: image/jpeg; name="=?utf-8?Q?abcde?= =?utf-8?Q?abcde=C3=A9abcde.jpg?=" Gmail: Content-Type: application/pdf; name="=?ISO-8859-1?Q?with_a_=EA=CA=E6_super=2Dlong_name_that=27s_bound?= =?ISO-8859-1?Q?_to_overflow_a_line_boundary_to_test_gmail=2Epdf?=" Content-Disposition: attachment; filename="=?ISO-8859-1?Q?with_a_=EA=CA=E6_super=2Dlong_name_that=27s_bound?= =?ISO-8859-1?Q?_to_overflow_a_line_boundary_to_test_gmail=2Epdf?=" X-Mailer: YahooMailWebService/0.8.113.313619 Content-Type: application/vnd.openxmlformats- officedocument.wordprocessingml.document; name="=?utf-8?B?base64encodedstring?= =?utf-8?B?base64encodedstring?=" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="=?utf-8?B?base64encodedstring?= =?utf-8?B?base64encodedstring?=" X-Mailer: Lotus Notes Release 6.5.5 November 30, 2005: Content-type: application/pdf; name="=?ISO-8859-1?Q?abcde=E9abcde=E9abcde=E9?= =?ISO-8859-1?Q?abcde=2Cl=2Epdf?=" Content-Disposition: attachment; filename="=?ISO-8859-1?Q?abcde=E9abcde=E9_abcde=E9?= =?ISO-8859-1?Q?abcde=2Cl=2Epdf?=" Content-ID: <20__=snip> Content-transfer-encoding: base64 X-Mailer: Lotus Domino Web Server Release 6.5.5FP1 HF551 November 27, 2007: Content-type: application/pdf; name="=?windows-1252?Q?abcde_=28=E9?= =?windows-1252?Q?=29=2Epdf?=" Content-Disposition: attachment; filename="=?windows-1252?Q?abcde_=28=E9?= =?windows-1252?Q?=29=2Epdf?=" Content-transfer-encoding: base64 Timo also noted the same style of filename encoding in Apple Mail in the previous thread I started, it would be interesting to try Apple Mail with a very long filename to cause it to split across multiple lines and see how it encodes the filename then, > Looks like Apple Mail also sends: > > Content-Type: application/octet-stream; > > name="=?iso-8859-1?Q?p=E4=E4?=" Best regards, Andrew. From slusarz at curecanti.org Fri Sep 30 02:07:08 2011 From: slusarz at curecanti.org (Michael M Slusarz) Date: Thu, 29 Sep 2011 17:07:08 -0600 Subject: [Dovecot] Broken mail clients? [MIME] Long attachment encoded filenames (for non-ASCII characters etc) In-Reply-To: <201109292338.44590.ar-dovecotlist@acrconsulting.co.uk> References: <201109292338.44590.ar-dovecotlist@acrconsulting.co.uk> Message-ID: <20110929170708.Horde.C90fP4F5lbhOhPocU46wxcA@bigworm.curecanti.org> Quoting Andrew Richards : > Hi, > > I've noticed a possible minor issue with long encoded filenames for > attachments > where these filenames are split across multiple lines. My understanding of > character encoding and MIME is not as good as it should be, so I may easily > have got this all mixed up, in which case sorry for the noise... > > Although I understand the preferred method for handling filenames > split across > multiple lines (because they're too long to fit on one line in the > message) is > that suggested in RFC2184/2231, so for example, > filename*0*=iso-8859-1''accented_characters_here_%EA%CA%E6 > filename*1=etc%2Epdf > > I find that some mail clients do this instead, > filename="=?ISO-8859-1?Q?accented_characters_here_=EA=CA=E6?= > =?ISO-8859-1?Q?etc=2Epdf?=" > > In Dovecot this results in, > 0 fetch 25 body > * 25 FETCH (BODY (("text" "plain" ("charset" "ISO-8859-1") NIL NIL "7bit" 239 > 8)("application" "pdf" ("name" > "=?ISO-8859-1?Q?accented_characters_here_=EA=CA=E6?= > =?ISO-8859-1?Q?etc=2Epdf?=") NIL NIL "base64" 219130) "mixed")) > > esp. note the unwanted space - or in fact the sequence ?= =? between the two > sections of the filename. I think a possible tweak for Dovecot would be to > combine the filename parts in this situation to remove the ?= =?. > I'm not sure > if an IMAP client should know to combine the parts in their current format. > FWIW I see that Courier does the same as Dovecot in this situation. Dovecot's behavior is correct. There's nothing "special" about that name parameter - it's not RFC 2231 encoded - so the IMAP server should output the exact header text as-is. Those two parts were separated by space in the original header - they should be separated by space when grabbing the fetch data. If the *client* wants to workaround these broken messages, it can do whatever munging is wants to translate the contents of the "name" parameter. But that should be up to the client. An IMAP server should not be making wild assumptions about what the original sender wanted to do with the message vs. what it actually sent. FYI: A workaround is to do something like this when sending a message: Content-Dispostion: attachment; filename="=?ISO-8859-1?Q?accented_characters_here_=EA=CA=E6?= =?ISO-8859-1?Q?etc=2Epdf?="; filename*0*=iso-8859-1''accented_characters_here_%EA%CA%E6; filename*1=etc%2Epdf When parsing, MIME parsers *generally* perform in a FIFO manner (although see note below). So what will happen here is an IMAP server will overwrite the initial broken filename parameter with the correct, unencoded RFC 2231 parameter. (Note: RFC 2045 [5] states that parameter order is not significant, so you can't depend on this 100%. But any decent RFC 2231 MIME parser will do sanity checking no matter the order of the parameters and should never replace an parameter value generated via RFC 2231 encoding with a parameter value that is non-encoded). Conversely, a broken (or at least non-RFC2231 MIME parser) that sees the above header will instead report three different parameters - filename, filename*0*, and filename*1. Non 2231 agents will most likely try to do RFC 2046 unencoding on the 'filename' parameter, which will succeed. 2231 agents will recognize that 2231 data exists and will do the necessary concatenation/unencoding itself on the 'filename*0*' and 'filename*1' parameters, and will completely ignore the 'filename' parameter. michael From ar-dovecotlist at acrconsulting.co.uk Fri Sep 30 02:30:55 2011 From: ar-dovecotlist at acrconsulting.co.uk (Andrew Richards) Date: 30 Sep 2011 00:30:55 +0100 Subject: [Dovecot] Long attachment encoded filenames (for non-ASCII characters etc) in MIME headers & corresponding Dovecot behaviour In-Reply-To: <20110929170708.Horde.C90fP4F5lbhOhPocU46wxcA@bigworm.curecanti.org> References: <201109292338.44590.ar-dovecotlist@acrconsulting.co.uk> <20110929170708.Horde.C90fP4F5lbhOhPocU46wxcA@bigworm.curecanti.org> Message-ID: <201109300030.55645.ar-dovecotlist@acrconsulting.co.uk> (Subject line altered - original was confused) On Friday 30 September 2011 00:07:08 Michael M Slusarz wrote: > Quoting Andrew Richards : > > Hi, > > > > I've noticed a possible minor issue with long encoded filenames for > > attachments > > where these filenames are split across multiple lines. My understanding > > of character encoding and MIME is not as good as it should be, so I may > > easily have got this all mixed up, in which case sorry for the noise... > > > > Although I understand the preferred method for handling filenames > > split across multiple lines (because they're too long to fit on one line > > in the message) is that suggested in RFC2184/2231, so for example, > > filename*0*=iso-8859-1''accented_characters_here_%EA%CA%E6 > > filename*1=etc%2Epdf > > > > I find that some mail clients do this instead, > > filename="=?ISO-8859-1?Q?accented_characters_here_=EA=CA=E6?= > > =?ISO-8859-1?Q?etc=2Epdf?=" > > > > In Dovecot this results in, > > 0 fetch 25 body > > * 25 FETCH (BODY (("text" "plain" ("charset" "ISO-8859-1") NIL NIL "7bit" > > 239 8)("application" "pdf" ("name" > > "=?ISO-8859-1?Q?accented_characters_here_=EA=CA=E6?= > > =?ISO-8859-1?Q?etc=2Epdf?=") NIL NIL "base64" 219130) "mixed")) > > > > esp. note the unwanted space - or in fact the sequence ?= =? between the > > two sections of the filename. I think a possible tweak for Dovecot would > > be to combine the filename parts in this situation to remove the ?= =?. Correcting myself: ...remove the ?= =?ISO-8859-1?Q? (not just ?= =?) to generate the string in this example, "=?ISO-8859-1?Q?accented_characters_here_=EA=CA=E6etc=2Epdf?=" > > I'm not sure > > if an IMAP client should know to combine the parts in their current > > format. FWIW I see that Courier does the same as Dovecot in this > > situation. > > Dovecot's behavior is correct. There's nothing "special" about that > name parameter - it's not RFC 2231 encoded - so the IMAP server should > output the exact header text as-is. Those two parts were separated by > space in the original header - they should be separated by space when > grabbing the fetch data. I can accept that Dovecot's behaviour is technically correct, but my point is that (if I've understood correctly) with some large mailers like Gmail acting in a non-RFC2231 manner, is it worth adapting Dovecot to play nicely with them. Possibly I'm conflating 2 separate issues: Munging together non-RFC2231 attachment filename parts, large mailers not using RFC2231 to handle long non- ASCII filenames. > If the *client* wants to workaround these broken messages, it can do > whatever munging is wants to translate the contents of the "name" > parameter. But that should be up to the client. An IMAP server > should not be making wild assumptions about what the original sender > wanted to do with the message vs. what it actually sent. > > FYI: A workaround is to do something like this when sending a message: > > Content-Dispostion: attachment; > filename="=?ISO-8859-1?Q?accented_characters_here_=EA=CA=E6?= > =?ISO-8859-1?Q?etc=2Epdf?="; > filename*0*=iso-8859-1''accented_characters_here_%EA%CA%E6; > filename*1=etc%2Epdf Sure: I accept that that's the preferred way to handle long filenames that need to be encoded - but I'm noting that there are badly-behaved large mailers that don't do so, so I wonder if it's worth Dovecot mitigating the effects. Best regards, Andrew. From knute2011 at knutejohnson.com Fri Sep 30 06:56:34 2011 From: knute2011 at knutejohnson.com (Knute Johnson) Date: Thu, 29 Sep 2011 20:56:34 -0700 Subject: [Dovecot] Error message in log Message-ID: <4E853DF2.7070105@knutejohnson.com> I'm getting the following message in my log; dovecot: IMAP(knute): fchown(/home/knute/mail/.imap/INBOX/dovecot.index.cache.lock, -1, 8(mail)) failed: Operation not permitted (egid=1000(knute), group based on /var/mail/knute): 1 Time(s) dovecot: IMAP(knute): fchown(/home/knute/mail/.imap/INBOX/dovecot.index.log.newlock, -1, 8(mail)) failed: Operation not permitted (egid=1000(knute), group based on /var/mail/knute): 2 Time(s) dovecot: IMAP(knute): fchown(/home/knute/mail/.imap/INBOX/dovecot.index.tmp, -1, 8(mail)) failed: Operation not permitted (egid=1000(knute), group based on /var/mail/knute): 4 Time(s) I got these once before on the /var/mail/user files and changed the permissions to 600. /home/knute/mail/.imap/INBOX is 770 and the index files are 600. Is this a problem with the directory privilege? Thanks, -- Knute Johnson knute2011 at knutejohnson.com From janfrode at tanso.net Fri Sep 30 13:42:17 2011 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Fri, 30 Sep 2011 12:42:17 +0200 Subject: [Dovecot] Panic: file lmtp-proxy.c: line 370 (lmtp_proxy_output_timeout): assertion failed: (proxy->data_input->eof) In-Reply-To: <1317308942.24498.YahooMailNeo@web29115.mail.ird.yahoo.com> References: <1317308942.24498.YahooMailNeo@web29115.mail.ird.yahoo.com> Message-ID: <20110930104217.GA21864@oc1046828364.ibm.com> On Thu, Sep 29, 2011 at 04:09:02PM +0100, mailing lists wrote: > Hello all, > > today I got this crash from dovecot (2.0.14) FYI: You're not alone.. http://dovecot.org/list/dovecot/2011-September/060830.html I seem to remember thinking this probably was caused by too short LMTP_PROXY_DATA_INPUT_TIMEOUT_MSECS in lmtp-proxy.c, but I've given up on lmtp-proxying for now.. Will have to revisit at some later point. -jf From ejs at shubes.net Fri Sep 30 19:07:41 2011 From: ejs at shubes.net (Eric Shubert) Date: Fri, 30 Sep 2011 09:07:41 -0700 Subject: [Dovecot] Intermittent authentication failures Message-ID: I'm running dovecot with vpopmail. Here's the configuration: [root at wong log]# dovecot -n # 2.0.11: /etc/dovecot/dovecot.conf # OS: Linux 2.6.18-238.9.1.el5 i686 CentOS release 5.6 (Final) auth_cache_size = 32 M auth_mechanisms = plain login digest-md5 cram-md5 auth_username_format = %Lu first_valid_uid = 89 log_path = /var/log/dovecot.log login_greeting = Dovecot toaster ready. mail_fsync = always mail_nfs_index = yes mail_nfs_storage = yes mmap_disable = yes namespace { inbox = yes location = prefix = separator = . type = private } passdb { args = cache_key=%u webmail=127.0.0.1 driver = vpopmail } plugin/quota = maildir protocols = imap ssl_cert = , method=CRAM-MD5, rip=192.168.252.8, lip=192.168.252.14, mpid=20301 but (seemingly more frequently) the authentication fails: Sep 30 08:16:41 imap-login: Info: Aborted login (auth failed, 1 attempts): user=, method=CRAM-MD5, rip=192.168.252.8, lip=192.168.252.14 I restarted dovecot, and that apparently cleared the problem for one user, but not others. Is this perhaps a bug in dovecot, or would the problem lie with vpopmail? TIA for any pointers. -- -Eric 'shubes' From simon.brereton at buongiorno.com Fri Sep 30 19:33:02 2011 From: simon.brereton at buongiorno.com (Simon Brereton) Date: Fri, 30 Sep 2011 12:33:02 -0400 Subject: [Dovecot] SSL only for external connections Message-ID: <01ca01cc7f8e$a04dab30$e0e90190$@brereton@buongiorno.com> Hi I'm running dovecot 1:1.2.15-7 and php webmail application is throwing errors when connecting to IMAP with TLS. Is there away to disable SSL/TLS for localhost connections? I googled, but didn't see anything specific. Can I assume that it's as simple as setting ssl_listen = to the external IP address(es) and leaving listen = * as it is? Thanks. Simon From terry at cnysupport.com Fri Sep 30 20:15:50 2011 From: terry at cnysupport.com (Terry Carmen) Date: Fri, 30 Sep 2011 13:15:50 -0400 Subject: [Dovecot] SSL only for external connections Message-ID: <20110930131550.Horde.s20OVVeGiNBOhflGDHUDDtA@www.cnysupport.com> An embedded and charset-unspecified text was scrubbed... Name: not available URL: From simon.brereton at buongiorno.com Fri Sep 30 20:34:56 2011 From: simon.brereton at buongiorno.com (Simon Brereton) Date: Fri, 30 Sep 2011 13:34:56 -0400 Subject: [Dovecot] SSL only for external connections In-Reply-To: <20110930131550.Horde.s20OVVeGiNBOhflGDHUDDtA@www.cnysupport.com> References: <20110930131550.Horde.s20OVVeGiNBOhflGDHUDDtA@www.cnysupport.com> Message-ID: <01ea01cc7f97$45fa69d0$d1ef3d70$@brereton@buongiorno.com> > -----Original Message----- > From: dovecot-bounces at dovecot.org [mailto:dovecot- > bounces at dovecot.org] On Behalf Of Terry Carmen > > If SSL/TLS works from the outside, but not the inside, you should > probably find out why and fix that instead. You'd think so - but since I don't actually need TLS from the inside, and given my skill level - disabling it seems easier :) > What is the actual error text? 2011-09-29T15:33:14-04:00 WARN: HORDE4 [imp] PHP ERROR: fwrite(): SSL: Broken pipe [pid 23503 on line 3716 of "/usr/share/php/Horde/Imap/Client/Socket.php"] 2011-09-29T15:33:14-04:00 WARN: HORDE4 [imp] PHP ERROR: fwrite() expects parameter 1 to be resource, null given [pid 23503 on line 3714 of "/usr/share/php/Horde/Imap/Client/Socket.php"] 2011-09-29T15:33:14-04:00 WARN: HORDE4 [imp] PHP ERROR: fwrite() expects parameter 1 to be resource, null given [pid 23503 on line 3716 of "/usr/share/php/Horde/Imap/Client/Socket.php"] 2011-09-29T15:33:14-04:00 WARN: HORDE4 [imp] PHP ERROR: feof() expects parameter 1 to be resource, null given [pid 23503 on line 3909 of "/usr/share/php/Horde/Imap/Client/Socket.php"] 2011-09-29T15:33:14-04:00 WARN: HORDE4 [imp] PHP ERROR: fgets() expects parameter 1 to be resource, null given [pid 23503 on line 3925 of "/usr/share/php/Horde/Imap/Client/Socket.php"] 2011-09-29T15:33:14-04:00 ERR: HORDE4 [imp] IMAP server denied authentication. [pid 23503 on line 340 of "/usr/share/horde4/imp/lib/Imap.php"] 2011-09-29T15:38:05-04:00 ERR: HORDE4 [imp] Server does not support TLS connections. [pid 23596 on line 340 of "/usr/share/horde4/imp/lib/Imap.php"] The mail log (to which Dovecot logs) shows nothing for either of those time periods - and a single (successful) login with TLS at 15:33:15 - The consensus from the excellent Horde mailing list is that it's either an IMAP issue or a PHP one. Since the dovecot log isn't showing any errors I'm inclined to believe it's PHP. And since I have neither the skills nor the time to engage with those folks on the intricacies of fwrite, fget and feof, I'd rather just not have the TLS overhead on localhost connections (which probably makes sense even if I did have the inclination). So, would setting ssl_listen to the external IP remove the TLS offer from localhost connections? Simon From stan at hardwarefreak.com Fri Sep 30 20:46:10 2011 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Fri, 30 Sep 2011 12:46:10 -0500 Subject: [Dovecot] SSL only for external connections In-Reply-To: <01ea01cc7f97$45fa69d0$d1ef3d70$@brereton@buongiorno.com> References: <20110930131550.Horde.s20OVVeGiNBOhflGDHUDDtA@www.cnysupport.com> <01ea01cc7f97$45fa69d0$d1ef3d70$@brereton@buongiorno.com> Message-ID: <4E860062.40902@hardwarefreak.com> On 9/30/2011 12:34 PM, Simon Brereton wrote: >> -----Original Message----- >> From: dovecot-bounces at dovecot.org [mailto:dovecot- >> bounces at dovecot.org] On Behalf Of Terry Carmen > >> >> If SSL/TLS works from the outside, but not the inside, you should >> probably find out why and fix that instead. > > You'd think so - but since I don't actually need TLS from the inside, and given my skill level - disabling it seems easier :) You don't need TLS/SSL from the outside either, if this is strictly a webmail box. In this case, configure Apache/lighttpd+Horde to only accept HTTPS connections from the outside, and configure Horde to connect via the Dovecot localhost:143 listener. This is how I've been doing it with Roundcube for years. Works like a champ. With encrypted sessions between browser and web server, and both Horde and Dovecot running on the same host, you don't need to, nor want to, use IMAPS. -- Stan From simon.brereton at buongiorno.com Fri Sep 30 21:04:01 2011 From: simon.brereton at buongiorno.com (Simon Brereton) Date: Fri, 30 Sep 2011 14:04:01 -0400 Subject: [Dovecot] SSL only for external connections In-Reply-To: <4E860062.40902@hardwarefreak.com> References: <20110930131550.Horde.s20OVVeGiNBOhflGDHUDDtA@www.cnysupport.com> <01ea01cc7f97$45fa69d0$d1ef3d70$@brereton@buongiorno.com> <4E860062.40902@hardwarefreak.com> Message-ID: <01f001cc7f9b$560ca730$0225f590$@brereton@buongiorno.com> > -----Original Message----- > From: dovecot-bounces at dovecot.org [mailto:dovecot- > bounces at dovecot.org] On Behalf Of Stan Hoeppner > On 9/30/2011 12:34 PM, Simon Brereton wrote: > >> -----Original Message----- > >> From: dovecot-bounces at dovecot.org [mailto:dovecot- > >> bounces at dovecot.org] On Behalf Of Terry Carmen > > > >> > >> If SSL/TLS works from the outside, but not the inside, you should > >> probably find out why and fix that instead. > > > > You'd think so - but since I don't actually need TLS from the > inside, > > and given my skill level - disabling it seems easier :) > > You don't need TLS/SSL from the outside either, if this is strictly a > webmail box. In this case, configure Apache/lighttpd+Horde to only > accept HTTPS connections from the outside, and configure Horde to > connect via the Dovecot localhost:143 listener. This is how I've > been doing it with Roundcube for years. Works like a champ. It's not strictly a webmail box though. IMAP clients (fixed and mobile) connect to it. So what I'd like is IMAP, IMAPS, POP3 and POP3S on the outside and IMAP only on the local host (there's no actual reason to offer POP to the localhost either... > With encrypted sessions between browser and web server, and both > Horde and Dovecot running on the same host, you don't need to, nor > want to, use IMAPS. Makes sense. Simon From slusarz at curecanti.org Fri Sep 30 21:17:18 2011 From: slusarz at curecanti.org (Michael M Slusarz) Date: Fri, 30 Sep 2011 12:17:18 -0600 Subject: [Dovecot] SSL only for external connections In-Reply-To: <01f001cc7f9b$560ca730$0225f590$@brereton@buongiorno.com> References: <20110930131550.Horde.s20OVVeGiNBOhflGDHUDDtA@www.cnysupport.com> <01ea01cc7f97$45fa69d0$d1ef3d70$@brereton@buongiorno.com> <4E860062.40902@hardwarefreak.com> <01f001cc7f9b$560ca730$0225f590$@brereton@buongiorno.com> Message-ID: <20110930121718.Horde.3eYlX4F5lbhOhgeuZgDH09A@bigworm.curecanti.org> Quoting Simon Brereton : >> -----Original Message----- >> From: dovecot-bounces at dovecot.org [mailto:dovecot- >> bounces at dovecot.org] On Behalf Of Stan Hoeppner >> On 9/30/2011 12:34 PM, Simon Brereton wrote: >> >> -----Original Message----- >> >> From: dovecot-bounces at dovecot.org [mailto:dovecot- >> >> bounces at dovecot.org] On Behalf Of Terry Carmen >> > >> >> >> >> If SSL/TLS works from the outside, but not the inside, you should >> >> probably find out why and fix that instead. >> > >> > You'd think so - but since I don't actually need TLS from the >> inside, >> > and given my skill level - disabling it seems easier :) >> >> You don't need TLS/SSL from the outside either, if this is strictly a >> webmail box. In this case, configure Apache/lighttpd+Horde to only >> accept HTTPS connections from the outside, and configure Horde to >> connect via the Dovecot localhost:143 listener. This is how I've >> been doing it with Roundcube for years. Works like a champ. > > It's not strictly a webmail box though. IMAP clients (fixed and > mobile) connect to it. So what I'd like is IMAP, IMAPS, POP3 and > POP3S on the outside and IMAP only on the local host (there's no > actual reason to offer POP to the localhost either... You can also configure the MUA (e.g. Horde) to not use a secure connection, as opposed to turning off features on the server level. michael From dick at fouter.net Fri Sep 30 21:28:51 2011 From: dick at fouter.net (Dick Middleton) Date: Fri, 30 Sep 2011 19:28:51 +0100 Subject: [Dovecot] SSL only for external connections In-Reply-To: <20110930131550.Horde.s20OVVeGiNBOhflGDHUDDtA@www.cnysupport.com> References: <20110930131550.Horde.s20OVVeGiNBOhflGDHUDDtA@www.cnysupport.com> Message-ID: <4E860A63.4040604@fouter.net> On 09/30/11 18:15, Terry Carmen wrote: > > If SSL/TLS works from the outside, but not the inside, you should probably > find out why and fix that instead. > > What is the actual error text? In my limited experience there are two main reasons why it can work from outside but not inside. One is a routing problem. The common problem is trying to connect from inside using the outside IP address where the replies try to take a different route back. The second reason is to do with the SSL certificate which will have a CN indicating the server name. If you try to connect from the inside the server name will not match and you'll get a certificate error. A third possibility is you're trying to use TLS on an SSL connection. You need to use port 143 for TLS and 993 for SSL. However your error messages show an authentication error and I suspect you are using an encrypted password on a connection that doesn't support it. It's fairly common if TLS is demanded that PLAIN auth is the only method accepted. Without more detail one can only guess. Dick From simon.brereton at buongiorno.com Fri Sep 30 22:25:01 2011 From: simon.brereton at buongiorno.com (Simon Brereton) Date: Fri, 30 Sep 2011 15:25:01 -0400 Subject: [Dovecot] SSL only for external connections In-Reply-To: <4E860A63.4040604@fouter.net> References: <20110930131550.Horde.s20OVVeGiNBOhflGDHUDDtA@www.cnysupport.com> <4E860A63.4040604@fouter.net> Message-ID: <01f601cc7fa6$a6f27cf0$f4d776d0$@brereton@buongiorno.com> > -----Original Message----- > From: dovecot-bounces at dovecot.org [mailto:dovecot- > bounces at dovecot.org] On Behalf Of Dick Middleton > On 09/30/11 18:15, Terry Carmen wrote: > > > > If SSL/TLS works from the outside, but not the inside, you should > > probably find out why and fix that instead. > > > > What is the actual error text? > > In my limited experience there are two main reasons why it can work > from outside but not inside. One is a routing problem. The common > problem is trying to connect from inside using the outside IP address > where the replies try to take a different route back. > > The second reason is to do with the SSL certificate which will have a > CN indicating the server name. If you try to connect from the inside > the server name will not match and you'll get a certificate error. > > A third possibility is you're trying to use TLS on an SSL connection. > You need to use port 143 for TLS and 993 for SSL. > > However your error messages show an authentication error and I > suspect you are using an encrypted password on a connection that > doesn't support it. It's fairly common if TLS is demanded that PLAIN > auth is the only method accepted. > > Without more detail one can only guess. 1) No. 2) Yes. 3) No. Your postulation about the certificate is a good one. The weird thing is that the error is not consistent, which is why I hadn't caught it before I was idly trawling through the logs. As Michael says - I can (and probably should) turn this off in the horde config. But the question remains - if only because it's now there - how does one limit services effectively in Dovecot. In Courier it was fairly easy and well documented. There's no reason for me to offer IMAPS or POP3S to localhost (because of the certificate issue) and there's also no reason for me to offer POP3 to localhost either. For posterity and for my own edification it would be nice to know how to do that. Thanks for the help and input. Simon From slusarz at curecanti.org Fri Sep 30 22:39:40 2011 From: slusarz at curecanti.org (Michael M Slusarz) Date: Fri, 30 Sep 2011 13:39:40 -0600 Subject: [Dovecot] SSL only for external connections In-Reply-To: <01f601cc7fa6$a6f27cf0$f4d776d0$@brereton@buongiorno.com> References: <20110930131550.Horde.s20OVVeGiNBOhflGDHUDDtA@www.cnysupport.com> <4E860A63.4040604@fouter.net> <01f601cc7fa6$a6f27cf0$f4d776d0$@brereton@buongiorno.com> Message-ID: <20110930133940.Horde.Eyq2RoF5lbhOhhr8YnmH1IA@bigworm.curecanti.org> Quoting Simon Brereton : > But the question remains - if only because it's now there - how does > one limit services effectively in Dovecot. In Courier it was fairly > easy and well documented. There's no reason for me to offer IMAPS > or POP3S to localhost (because of the certificate issue) and there's > also no reason for me to offer POP3 to localhost either. > > For posterity and for my own edification it would be nice to know > how to do that. At a minimum, you can't disable TLS. If you disable TLS support in dovecot, the server is no longer IMAP 4rev1 compliant (see RFC 3501 [6.1.1] - STARTTLS MUST be supported by server). michael From dick at fouter.net Fri Sep 30 22:47:29 2011 From: dick at fouter.net (Dick Middleton) Date: Fri, 30 Sep 2011 20:47:29 +0100 Subject: [Dovecot] SSL only for external connections In-Reply-To: <01f601cc7fa6$a6f27cf0$f4d776d0$@brereton@buongiorno.com> References: <20110930131550.Horde.s20OVVeGiNBOhflGDHUDDtA@www.cnysupport.com> <4E860A63.4040604@fouter.net> <01f601cc7fa6$a6f27cf0$f4d776d0$@brereton@buongiorno.com> Message-ID: <4E861CD1.8000301@fouter.net> On 09/30/11 20:25, Simon Brereton wrote: > But the question remains - if only because it's now there - how does one limit services effectively in Dovecot. In Courier it was fairly easy and well documented. There's no reason for me to offer IMAPS or POP3S to localhost (because of the certificate issue) and there's also no reason for me to offer POP3 to localhost either. > > For posterity and for my own edification it would be nice to know how to do that. I don't think you can do that. However if you don't want to use tls/ssl just connect to port 143 plain. I don't know about horde but Roundcube you use tls://localhost, ssl://locahost or just localhost. i.e the choice is with the client not the server. Dick From ejs at shubes.net Fri Sep 30 22:55:32 2011 From: ejs at shubes.net (Eric Shubert) Date: Fri, 30 Sep 2011 12:55:32 -0700 Subject: [Dovecot] SSL only for external connections In-Reply-To: <20110930121718.Horde.3eYlX4F5lbhOhgeuZgDH09A@bigworm.curecanti.org> References: <20110930131550.Horde.s20OVVeGiNBOhflGDHUDDtA@www.cnysupport.com> <01ea01cc7f97$45fa69d0$d1ef3d70$@brereton@buongiorno.com> <4E860062.40902@hardwarefreak.com> <01f001cc7f9b$560ca730$0225f590$@brereton@buongiorno.com> <20110930121718.Horde.3eYlX4F5lbhOhgeuZgDH09A@bigworm.curecanti.org> Message-ID: On 09/30/2011 11:17 AM, Michael M Slusarz wrote: > Quoting Simon Brereton : > >>> -----Original Message----- >>> From: dovecot-bounces at dovecot.org [mailto:dovecot- >>> bounces at dovecot.org] On Behalf Of Stan Hoeppner >>> On 9/30/2011 12:34 PM, Simon Brereton wrote: >>> >> -----Original Message----- >>> >> From: dovecot-bounces at dovecot.org [mailto:dovecot- >>> >> bounces at dovecot.org] On Behalf Of Terry Carmen >>> > >>> >> >>> >> If SSL/TLS works from the outside, but not the inside, you should >>> >> probably find out why and fix that instead. >>> > >>> > You'd think so - but since I don't actually need TLS from the >>> inside, >>> > and given my skill level - disabling it seems easier :) >>> >>> You don't need TLS/SSL from the outside either, if this is strictly a >>> webmail box. In this case, configure Apache/lighttpd+Horde to only >>> accept HTTPS connections from the outside, and configure Horde to >>> connect via the Dovecot localhost:143 listener. This is how I've >>> been doing it with Roundcube for years. Works like a champ. >> >> It's not strictly a webmail box though. IMAP clients (fixed and >> mobile) connect to it. So what I'd like is IMAP, IMAPS, POP3 and POP3S >> on the outside and IMAP only on the local host (there's no actual >> reason to offer POP to the localhost either... > > You can also configure the MUA (e.g. Horde) to not use a secure > connection, as opposed to turning off features on the server level. > > michael > > This makes the most sense to me. The client should decide what to use. FWIW. -- -Eric 'shubes' From terry at cnysupport.com Fri Sep 30 22:59:29 2011 From: terry at cnysupport.com (Terry Carmen) Date: Fri, 30 Sep 2011 15:59:29 -0400 Subject: [Dovecot] SSL only for external connections In-Reply-To: <4E861CD1.8000301@fouter.net> References: <20110930131550.Horde.s20OVVeGiNBOhflGDHUDDtA@www.cnysupport.com> <4E860A63.4040604@fouter.net> <01f601cc7fa6$a6f27cf0$f4d776d0$@brereton@buongiorno.com> <4E861CD1.8000301@fouter.net> Message-ID: <20110930155929.Horde.5sE8eFeGiNBOhh_hd8OmjeA@www.cnysupport.com> > On 09/30/11 20:25, Simon Brereton wrote: > >> But the question remains - if only because it's now there - how >> does one limit services effectively in Dovecot. In Courier it was >> fairly easy and well documented. There's no reason for me to offer >> IMAPS or POP3S to localhost (because of the certificate issue) and >> there's also no reason for me to offer POP3 to localhost either. >> >> For posterity and for my own edification it would be nice to know >> how to do that. You can specify what ports and interfaces the various services listen on with the inet_listener configuration block and the "address" and "port" configuration items in the 10-master.conf configuration file. Terry From ejs at shubes.net Fri Sep 30 22:59:56 2011 From: ejs at shubes.net (Eric Shubert) Date: Fri, 30 Sep 2011 12:59:56 -0700 Subject: [Dovecot] Intermittent authentication failures In-Reply-To: References: Message-ID: On 09/30/2011 09:07 AM, Eric Shubert wrote: > > CRAM-MD5 works sometimes: > Sep 30 08:15:43 imap-login: Info: Login: user=, > method=CRAM-MD5, rip=192.168.252.8, lip=192.168.252.14, mpid=20301 > > but (seemingly more frequently) the authentication fails: > Sep 30 08:16:41 imap-login: Info: Aborted login (auth failed, 1 > attempts): user=, method=CRAM-MD5, rip=192.168.252.8, > lip=192.168.252.14 > > I restarted dovecot, and that apparently cleared the problem for one > user, but not others. > > Is this perhaps a bug in dovecot, or would the problem lie with vpopmail? > > TIA for any pointers. > FWIW, I tried digest-md5, and experience the same problem. Is it possible that passwords are being cached in such a way that different login mechanisms cannot be used by different client programs with the same user account? -- -Eric 'shubes' From simon.brereton at buongiorno.com Fri Sep 30 23:49:21 2011 From: simon.brereton at buongiorno.com (Simon Brereton) Date: Fri, 30 Sep 2011 16:49:21 -0400 Subject: [Dovecot] SSL only for external connections In-Reply-To: <20110930155929.Horde.5sE8eFeGiNBOhh_hd8OmjeA@www.cnysupport.com> References: <20110930131550.Horde.s20OVVeGiNBOhflGDHUDDtA@www.cnysupport.com> <4E860A63.4040604@fouter.net> <01f601cc7fa6$a6f27cf0$f4d776d0$@brereton@buongiorno.com> <4E861CD1.8000301@fouter.net> <20110930155929.Horde.5sE8eFeGiNBOhh_hd8OmjeA@www.cnysupport.com> Message-ID: <01ff01cc7fb2$6ef8ff20$4ceafd60$@brereton@buongiorno.com> > -----Original Message----- > From: dovecot-bounces at dovecot.org [mailto:dovecot- > bounces at dovecot.org] On Behalf Of Terry Carmen > > On 09/30/11 20:25, Simon Brereton wrote: > > > >> But the question remains - if only because it's now there - how > does > >> one limit services effectively in Dovecot. In Courier it was > fairly > >> easy and well documented. There's no reason for me to offer IMAPS > or > >> POP3S to localhost (because of the certificate issue) and there's > >> also no reason for me to offer POP3 to localhost either. > >> > >> For posterity and for my own edification it would be nice to know > how > >> to do that. > > You can specify what ports and interfaces the various services listen > on with the inet_listener configuration block and the "address" and > "port" > configuration items in the 10-master.conf configuration file. I don't have that file. Part of the problem is that I'm confused between protocols and wrappers and interfaces :) Dick and Michael have persuaded me that it's just easier to for Horde not to ask for TLS on port 143 - because that's in fact what I was doing - and it's pointless. Nonetheless, I think it would be nice to tell Dovecot listen on the local interface for IMAP. Listen on the external interface for IMAP, IMAPS, POP and POP3S. But if there's not simple way to do that I don't have a valid use-case for doing it right now. Thanks for all the input everyone! Happy Weekend. Simon From spack.world at gmail.com Thu Sep 1 01:17:47 2011 From: spack.world at gmail.com (Spack) Date: Thu, 1 Sep 2011 00:17:47 +0200 Subject: [Dovecot] [PATCH] Allow verification of user's hash in doveadm-pw Message-ID: Hi, It may be useful for testing purpose to know if a generated password hash correspond to a given clear password. This can be useful to check if a hash generated by another program can be verified by Dovecot without any errors. This patch adds the ability the verify a password hash using `doveadm pw` via the `-V` option. ??? $ doveadm pw -s SSHA.hex ??? Enter new password: ??? Retype new password: ??? {SSHA.HEX}58b910d947c60b35be3e12b0d9897c1f87dfa450e6d5a75c ??? $ doveadm pw -s SSHA.hex -V{SSHA.HEX}58b910d947c60b35be3e12b0d9897c1f87dfa450e6d5a75c ??? Enter new password: ??? Retype new password: ??? {SSHA.HEX}4fdf801f57870fb624bee60895c2308187837dfb3987ca06 (verified) When the user specify a hash, it is checked in place of the usual verification process. This works with all schemes. Just be sure to escape special characters or use simple quotes. $ doveadm pw -s MD5-CRYPT -V'{MD5-CRYPT}$1$R7thDyN.$E0G0czPE/h4S0Hn/b5oVW1' Enter new password: Retype new password: {MD5-CRYPT}$1$rp8nVSqq$gDAPM5iqv1yhBoDZIWsQ4/ (verified) Lets print a failed check: doveadm pw -s CRYPT -V{CRYPT}/uuE/AAAAAAAA Enter new password: Retype new password: reverse password verification check failed FYI the word used for those test cases was "password". Regards, ___ Jimmy Thrasibule -------------- next part -------------- A non-text attachment was scrubbed... Name: user_hash-doveadm-pw.diff Type: text/x-patch Size: 1708 bytes Desc: not available URL: From stephan at rename-it.nl Thu Sep 1 02:15:39 2011 From: stephan at rename-it.nl (Stephan Bosch) Date: Thu, 01 Sep 2011 01:15:39 +0200 Subject: [Dovecot] thunderbird and subscriptions with sieve In-Reply-To: <4E5E9E36.8020904@teradactyl.com> References: <4E5E9E36.8020904@teradactyl.com> Message-ID: <4E5EC09B.6010709@rename-it.nl> On 8/31/2011 10:48 PM, Kristen J. Webb wrote: > Hi All, > I'm a newbie trying to move mail out of my ISP onto a ubuntu (lucid) > dovecot 1.2.9 server. > > Is there any way to automatically add folders created by sieve > (GNU Mailutils 2.1) to the subscriptions file for a user? > > I'm currently testing spam, and if sieve created the folder with the > first > message, the thunderbird user does not see the new folder. > Even more interesting, if the user then tries to create the Spam > directory > it thunderbird seems to quietly ignore the request and the user still > cannot see the folder, but I digress... > > I can manually subscribe with thunderbird, but this won't scale for more > complex sieve later by making the user responsible for finding > everything. > > I can turn off subscription view in advanced settings on thunderbird, > but we are trying to wean ourselves of of individual mail clients > and I don't want to have to test this everywhere. > > Many thanks in advance! If you set lda_mailbox_autosubscribe to yes, it will subscribe folders created by Sieve automatically. However, afaik Thunderbird will not notice the subscription at first. You need to reconnect for that to be noticed. Regards, Stephan. From thomas-lists at nybeta.com Thu Sep 1 03:30:11 2011 From: thomas-lists at nybeta.com (Thomas Harold) Date: Wed, 31 Aug 2011 20:30:11 -0400 Subject: [Dovecot] thunderbird and subscriptions with sieve In-Reply-To: <4E5EC09B.6010709@rename-it.nl> References: <4E5E9E36.8020904@teradactyl.com> <4E5EC09B.6010709@rename-it.nl> Message-ID: <4E5ED213.809@nybeta.com> On 8/31/2011 7:15 PM, Stephan Bosch wrote: > > If you set lda_mailbox_autosubscribe to yes, it will subscribe folders > created by Sieve automatically. > > However, afaik Thunderbird will not notice the subscription at first. > You need to reconnect for that to be noticed. > That's been my experience. Sometimes a refresh will pick it up, but Thunderbird tends to be very slow about picking up new folders until you restart Thunderbird. Note that in Dovecot v1, there's a flag that you set on the dovecot LDA to enable this behavior (lda_mailbox_autosubscribe was added in Dovecot v2): http://wiki.dovecot.org/LDA Note the "-n" and "-s" parameters. (Which get configured in master.cf if you're using Postfix. Not sure how that gets configured on other MTAs.) From thomas-lists at nybeta.com Thu Sep 1 03:40:09 2011 From: thomas-lists at nybeta.com (Thomas Harold) Date: Wed, 31 Aug 2011 20:40:09 -0400 Subject: [Dovecot] Multiple domains to one inbox and temporary redirects... In-Reply-To: <4E5E6446.1070406@bunbun.be> References: <007f01cc67f6$5622d1c0$02687540$@brereton@buongiorno.com> <4E5E6446.1070406@bunbun.be> Message-ID: <4E5ED469.5070202@nybeta.com> On 8/31/2011 12:41 PM, Nick Rosier wrote: > I'm using Postfixadmin to manage users and have server alias-domains. > All mail sent to an alias-domain is delivered to the other domain. Quite > easy if you've got postfixadmin already setup. > > Otherwise I think you could configure virtual_alias_maps in postfix to > something like hash:virtual_domains > > virtual_domains: > @example.net @example.com > It's been a while since I played with virtual_alias_maps, but does that allow Postfix to say "that account doesn't exist" during the initial SMTP transaction? We try to reject as much as possible during the SMTP session to avoid any later bounces. I remember that one of the ways of doing it was bad as Postfix would accept, then a later step (maybe the LDA) would say "whoops! can't deliver this". So we do it one by one by creating a virtual mailbox under the primary domain (user1 at example.com) and then doing a virtual alias under the secondary domain (user1 at example.net -> user1 at example.com). From micah at riseup.net Thu Sep 1 00:58:31 2011 From: micah at riseup.net (Micah Anderson) Date: Wed, 31 Aug 2011 17:58:31 -0400 Subject: [Dovecot] sorting order changed during migration from courier Message-ID: <87bov5dz08.fsf@algae.riseup.net> Hello, I've been working to migrate to dovecot (debian stable: 1:1.2.15-7) from courier (debian old-stable: 4.4.0-2). I've setup everything and migrated a test user over to the new system, and ran the courier-dovecot-migrate.pl script. The user is using alpine (the free version of pine) and their sort order changed on move to dovecot. Originally it was the default in alpine, which is to sort based on arrival. If he changes the sort order in alpine to sort based on date, then things are back to how he expects it. I noticed that there are no known issues with pine (http://wiki.dovecot.org/Clients#Pine). Ideally, I would prefer if all the users who are migrated aren't presented with a different sort order than they were used to, as the support burden will be quite high. What is it about this migration that could have caused that, and more importantly, how can I fix it? I moved the mail from the original system to this system via rsync -a. The old system was an i686 machine and ext3, this new one is amd64 and ext4. thanks for any ideas! micah # dovecot -n # 1.2.15: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.2 protocols: imap imaps pop3 pop3s disable_plaintext_auth: no verbose_ssl: yes login_dir: /var/run/dovecot/login login_executable(default): /usr/lib/dovecot/imap-login login_executable(imap): /usr/lib/dovecot/imap-login login_executable(pop3): /usr/lib/dovecot/pop3-login login_greeting: howdy, ready. login_processes_count: 10 login_max_processes_count: 256 first_valid_uid: 8 last_valid_uid: 8 first_valid_gid: 8 last_valid_gid: 8 mail_uid: 8 mail_gid: 8 mail_location: maildir:~/ maildir_copy_preserve_filename: yes maildir_very_dirty_syncs: yes mbox_write_locks: fcntl dotlock mail_executable(default): /maildir/postlogin_imap mail_executable(imap): /maildir/postlogin_imap mail_executable(pop3): /maildir/postlogin_pop mail_process_size: 512 mail_plugins(default): expire quota imap_quota mail_plugins(imap): expire quota imap_quota mail_plugins(pop3): expire quota mail_plugin_dir(default): /usr/lib/dovecot/modules/imap mail_plugin_dir(imap): /usr/lib/dovecot/modules/imap mail_plugin_dir(pop3): /usr/lib/dovecot/modules/pop3 imap_client_workarounds(default): tb-extra-mailbox-sep delay-newmail imap_client_workarounds(imap): tb-extra-mailbox-sep delay-newmail imap_client_workarounds(pop3): pop3_client_workarounds(default): pop3_client_workarounds(imap): pop3_client_workarounds(pop3): outlook-no-nuls oe-ns-eoh namespace: type: private separator: . prefix: INBOX. inbox: yes list: yes subscriptions: yes lda: postmaster_address: postmaster at riseup.net auth default: default_realm: riseup.net verbose: yes passdb: driver: sql args: /etc/dovecot/dovecot-sql.conf userdb: driver: prefetch dict: expire: mysql:/etc/dovecot/dovecot-dict-expire.conf -- -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 835 bytes Desc: not available URL: From tss at iki.fi Thu Sep 1 04:32:34 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 1 Sep 2011 04:32:34 +0300 Subject: [Dovecot] thunderbird and subscriptions with sieve In-Reply-To: <4E5E9E36.8020904@teradactyl.com> References: <4E5E9E36.8020904@teradactyl.com> Message-ID: On 31.8.2011, at 23.48, Kristen J. Webb wrote: > Is there any way to automatically add folders created by sieve > (GNU Mailutils 2.1) to the subscriptions file for a user? You mean you're using Mailutils Sieve, not Dovecot Sieve? The only reasonable solution I can think of is: Mailutils Sieve would have to subscribe to newly created folders itself, maybe by patching it or if it supports running some script then doing it that way. With Dovecot v2.0 it could run "doveadm mailbox subscribe $folder", but with v1.2 you'd have to write your own script. Any other solution would basically require always subscribing to all folders, which kind of defeats their whole purpose. From tss at iki.fi Thu Sep 1 04:34:48 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 1 Sep 2011 04:34:48 +0300 Subject: [Dovecot] Proprietary mail storage. In-Reply-To: References: <6E503447-8B67-454D-9B3E-EE34C3675405@iki.fi> Message-ID: Should work fine. On 31.8.2011, at 22.19, Alex Cherniak wrote: > Thanks, Timo. > Technically, it's not a Maildir, but my plan is to re-create one with > folders containing hard or symbolic links pointing to the real > storage. Is it going to be a problem? > > On Wed, Aug 31, 2011 at 10:52 AM, Timo Sirainen wrote: >> On 31.8.2011, at 17.24, Alex Cherniak wrote: >> >>> I have a large existing read-only collection of mails packaged in >>> individual zip files as +. Is it >>> possible (and how difficult) to create a proprietary plugin (like >>> gzip) which will open a zip file, extract mail and pass it back to >>> Dovecot? Where do I start? If plugin is not the right approach, what >>> is? >> >> Is it otherwise a Maildir? If yes, you could base your code on the zlib plugin, or perhaps more easily you could use mail-filter plugin: http://dovecot.org/patches/2.0/mail-filter.tar.gz >> >> With mail-filter you can basically just put the messages through whatever program/script you want which gets the mail as input and outputs the wanted message body. I think the v2.0 mail-filter had some (potential?) bug, v2.1 mail-filter is anyway redesigned and should work perfectly. >> >>> Another question is how will this affect Dovecot performance and how >>> to avoid any significant degradation. >> >> I doubt it's going to be a problem. >> >> > From dlie76 at yahoo.com.au Thu Sep 1 09:07:57 2011 From: dlie76 at yahoo.com.au (Daminto Lie) Date: Wed, 31 Aug 2011 23:07:57 -0700 (PDT) Subject: [Dovecot] dovecot imap permission denied In-Reply-To: <69D3650A-1B43-42C7-8FBD-C921F80C5D5F@iki.fi> References: <1314763772.49414.YahooMailNeo@web113404.mail.gq1.yahoo.com> <1314766974.8787.26.camel@hurina> <1314773266.74037.YahooMailNeo@web113409.mail.gq1.yahoo.com> <69D3650A-1B43-42C7-8FBD-C921F80C5D5F@iki.fi> Message-ID: <1314857277.11811.YahooMailNeo@web113409.mail.gq1.yahoo.com> Thanks Timo for your reply. It now works fine with Passdb LDAP with password lookups. Users can now login with no problem.? However, when trying to do LDAP authentication with Authentication binds, I received the following errors from mail.log Sep? 1 15:34:22 server1 dovecot: auth(default): client in: AUTH#0111#011PLAIN#011service=imap#011secured#011lip=127.0.0.1#011rip=127.0.0.1#011lport=143#011rport=34719#011resp=AG1pa2VfbGVlAGRsaWUzMjA1 Sep? 1 15:34:22 server1 dovecot: auth-worker(default): pam(mike_lee,127.0.0.1): lookup service=dovecot Sep? 1 15:34:22 server1 dovecot: auth-worker(default): pam(mike_lee,127.0.0.1): #1/1 style=1 msg=Password: Sep? 1 15:34:22 server1 dovecot: auth(default): new auth connection: pid=1947 Sep? 1 15:34:24 server1 dovecot: auth-worker(default): pam(mike_lee,127.0.0.1): pam_authenticate() failed: Authentication failure (password mismatch?) (given password: secrets) Sep? 1 15:34:24 server1 dovecot: auth(default): passwd(mike_lee,127.0.0.1): lookup Sep? 1 15:34:24 server1 dovecot: auth(default): passwd(mike_lee,127.0.0.1): unknown user Sep? 1 15:34:24 server1 dovecot: auth(default): ldap(mike_lee,127.0.0.1): invalid credentials (given password: secrets) Sep? 1 15:34:26 server1 dovecot: auth(default): client out: FAIL#0111#011user=mike_lee Sep? 1 15:34:31 server1 dovecot: imap-login: Aborted login (auth failed, 1 attempts): user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured I do not understand why I am getting pam() authentication issue when I deliberately chose not to use it. The following is the setting I have in dovecot-ldap.conf hosts = localhost #uris = dn = uid=dovecot,ou=accounts,dc=companyexample,dc=com,dc=au dnpass = helloworld #sasl_bind = no #sasl_mech = #sasl_realm = #sasl_authz_id = #tls = no #tls_ca_cert_file = #tls_ca_cert_dir = #tls_cert_file = #tls_key_file = #tls_cipher_suite = #tls_require_cert = #ldaprc_path = #debug_level = 0 auth_bind = yes auth_bind_userdn = cn=%u,ou=accounts,dc=companyexample,dc=com,dc=au ldap_version = 3 base = ou=accounts,dc=companyexample,dc=com,dc=au deref = never scope = subtree user_attrs = homeDirectory=home user_filter = (&(objectClass=posixAccount)(uid=%u)) #pass_attrs = uid=user,userPassword=password pass_filter = (&(objectClass=posixAccount)(uid=%u)) default_pass_scheme = PLAIN This is what I have in dovecot.conf base_dir = /var/run/dovecot protocols = imap ?? protocol imap { ???? listen = *:143 ?? } #?? protocol pop3 { #???? listen = *:10100 #???? .. #?? } #?? protocol managesieve { #???? listen = *:12000 #???? .. #?? } #listen = * disable_plaintext_auth = no log_timestamp = "%Y-%m-%d %H:%M:%S " #ssl_listen = ssl = no #ssl_cert_file = /etc/ssl/certs/dovecot.pem #ssl_key_file = /etc/ssl/private/dovecot.pem #ssl_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem #ssl_key_file = /etc/ssl/private/ssl-cert-snakeoil.key #ssl_key_password = #ssl_ca_file = #ssl_verify_client_cert = no #ssl_cert_username_field = commonName #ssl_parameters_regenerate = 168 #ssl_cipher_list = ALL:!LOW:!SSLv2 #verbose_ssl = no login_dir = /var/run/dovecot/login login_chroot = yes login_user = dovecot #login_process_size = 64 #login_process_per_connection = yes #login_processes_count = 3 #login_max_processes_count = 128 #login_max_connections = 256 #login_greeting = Dovecot ready. #login_trusted_networks = #login_log_format_elements = user=<%u> method=%m rip=%r lip=%l %c #login_log_format = %$: %s mail_location = maildir:/home/%u/Maildir mail_uid = 3000 mail_gid = 8 mail_privileged_group = mail #mail_access_groups = #mail_full_filesystem_access = no #mail_debug = no #mail_log_max_lines_per_sec = 10 #mmap_disable = no #dotlock_use_excl = yes #fsync_disable = no #mail_nfs_index = no #lock_method = fcntl #mail_drop_priv_before_exec = no verbose_proctitle = yes first_valid_uid = 3000 last_valid_uid = 3000 first_valid_gid = 8 last_valid_gid = 8 #max_mail_processes = 512 #mail_process_size = 256 #mail_max_keyword_length = 50 #valid_chroot_dirs = #mail_chroot = #mail_cache_min_mail_count = 0 #mailbox_idle_check_interval = 30 mail_save_crlf = no #maildir_stat_dirs = no maildir_copy_with_hardlinks = yes #maildir_copy_preserve_filename = no #maildir_very_dirty_syncs = no protocol imap { ? #login_executable = /usr/lib/dovecot/imap-login ? #mail_executable = /usr/lib/dovecot/imap ? #imap_max_line_length = 65536 ? #mail_max_userip_connections = 10 ? #mail_plugin_dir = /usr/lib/dovecot/modules/imap ? #imap_logout_format = bytes=%i/%o ? #imap_capability = ? #imap_idle_notify_interval = 120 ? #imap_id_send = ? #imap_id_log = ? imap_client_workarounds = outlook-idle delay-newmail netscape-eoh tb-extra-mailbox-sep oe6-fetch-no-newmail } protocol pop3 { ? pop3_uidl_format = %08Xu%08Xv } protocol managesieve { } #auth_executable = /usr/lib/dovecot/dovecot-auth #auth_process_size = 256 #auth_cache_size = 0 #auth_cache_ttl = 3600 #auth_cache_negative_ttl = 3600 #auth_realms = #auth_default_realm = #auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@ #auth_username_translation = #auth_username_format = #auth_master_user_separator = #auth_anonymous_username = anonymous auth_verbose = yes auth_debug = yes auth_debug_passwords = yes #auth_worker_max_count = 30 #auth_gssapi_hostname = #auth_krb5_keytab = #auth_use_winbind = no #auth_winbind_helper_path = /usr/bin/ntlm_auth #auth_failure_delay = 2 auth default { ? mechanisms = plain ? passdb pam { ? } ? passdb passwd { ? } ? passdb ldap { ??? args = /etc/dovecot/dovecot-ldap.conf ? } ? userdb passwd { ??? args = /etc/dovecot/dovecot-ldap-userdb.conf ? } ? userdb ldap { ??? args = /etc/dovecot/dovecot-ldap.conf ? } ? user = root ? #user = dovecot-auth??? ? #chroot = ? #count = 1 ? #ssl_require_client_cert = no ? #ssl_username_from_cert = no ? socket listen { ??? client { ????? path = /var/spool/postfix/private/auth ????? mode = 0660 ????? user = postfix ????? group = postfix ??? } ? } ? !include_try /etc/dovecot/auth.d/*.auth } plugin { } # Config files can also be included. deliver doesn't support them currently. #!include /etc/dovecot/conf.d/*.conf # Optional configurations, don't give an error if it's not found: !include_try /etc/dovecot/conf.d/*.conf #!include_try /etc/dovecot/extra.conf I wonder where I did it wrong. I did not set pam authentication. Any help would be appreciated. Thank you ________________________________ From: Timo Sirainen To: Daminto Lie Cc: "dovecot at dovecot.org" Sent: Wednesday, 31 August 2011 4:52 PM Subject: Re: [Dovecot] dovecot imap permission denied On 31.8.2011, at 9.47, Daminto Lie wrote: > Thanks a lot Timo, > > Creating directories for new users is not an issue. It's the permission that makes me headache. The error message you showed said that the user's home directory didn't exist, and the permission problem came only because it didn't exist and Dovecot tried to create it. > I tried the following > > sudo chmod o-r /home/$USER > sudo chmod g+rw /home/$USER > > It did not work until I did chmod 777 /home. Right, because only then did it have enough permissions to create the home dir. > Is it safe to make home directory with permission 777? No. From janfrode at tanso.net Thu Sep 1 10:17:43 2011 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Thu, 1 Sep 2011 09:17:43 +0200 Subject: [Dovecot] lmtp bouncing -- Invalid parameters (in reply to MAIL FROM command) In-Reply-To: <1314790730.1197.10.camel@hurina> References: <20110831110307.GA25350@oc1046828364.ibm.com> <20110831112131.GB25350@oc1046828364.ibm.com> <1314790730.1197.10.camel@hurina> Message-ID: <20110901071743.GA30405@oc1046828364.ibm.com> On Wed, Aug 31, 2011 at 02:38:50PM +0300, Timo Sirainen wrote: > On Wed, 2011-08-31 at 13:21 +0200, Jan-Frode Myklebust wrote: > > mail from:<"a b"@no.no> > > 501 5.5.4 Invalid parameters > > This is fixed in v2.0.14. Wow, you're quick :-) Thanks! -jf From janfrode at tanso.net Thu Sep 1 10:26:39 2011 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Thu, 1 Sep 2011 09:26:39 +0200 Subject: [Dovecot] Crash in director/lmtp-proxy (lmtp_proxy_output_timeout) Message-ID: <20110901072639.GB30405@oc1046828364.ibm.com> FYI, we saw one panic on our director/lmtp-proxy yesterday. It's running dovecot v2.0.13, so it very well might have been fixed already.., but here it is anyway: Aug 31 11:33:31 loadbalancer1 dovecot:: lmtp(4119): Panic: file lmtp-proxy.c: line 370 (lmtp_proxy_output_timeout): assertion failed: (proxy->data_input->eof) Aug 31 11:33:31 loadbalancer1 dovecot:: lmtp(4119): Error: Raw backtrace: /usr/lib64/dovecot/libdovecot.so.0 [0x3aabc3bb70] -> /usr/lib64/dovecot/libdovecot.so.0 [0x3aabc3bbc6] -> /usr/lib64/dovecot/libdovecot.so.0 [0x3aabc3b083] -> dovecot/lmtp [0x406c90] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_handle_timeouts+0xcd) [0x3aabc46a8d] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_handler_run+0x68) [0x3aabc47a48] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_run+0x2d) [0x3aabc466fd] -> /usr/lib64/dovecot/libdovecot.so.0(master_service_run+0x13) [0x3aabc34fe3] -> dovecot/lmtp(main+0x144) [0x404034] -> /lib64/libc.so.6(__libc_start_main+0xf4) [0x32ae81d994] -> dovecot/lmtp [0x403e39] Aug 31 11:33:31 loadbalancer1 dovecot:: master: Error: service(lmtp): child 4119 killed with signal 6 (core dumps disabled) On postfix side at the same time, we saw a few different messages about: postfix/lmtp[5178]:: 849FD1C024: lost connection with loadbalancers.example.com[192.168.42.15] while sending end of data -- message may be sent more than once so I suspect this crash took down all active lmtp-proxyed connections. -jf From r.vicinus at metaways.de Thu Sep 1 11:26:20 2011 From: r.vicinus at metaways.de (Reinhard Vicinus) Date: Thu, 01 Sep 2011 10:26:20 +0200 Subject: [Dovecot] Segmentation fault in dovecot director lmtp service In-Reply-To: <1314121487.10421.1312.camel@hurina> References: <20110817114228.2705AA0D2@mx04.metaways.net> <1314121487.10421.1312.camel@hurina> Message-ID: <4E5F41AC.7070009@metaways.de> Hi, sorry for my late reply. I have run dovecot with your patch for a week and i wasn't able to reproduce the segmentation fault and it also hasn't occurred during normal operation since then. Thanks Reinhard On 23/08/11 19:44, Timo Sirainen wrote: > On Wed, 2011-08-17 at 11:42 +0000, Reinhard Vicinus wrote: >> Hi, >> >> >> the lmtp service of our dovecot director installation quits with a >> segmentation fault if a lot of mails are simultaneously delivered. >> For example if the postfix mailqueue is filled (for whatever reason) >> and postqueue -f is run the lmtp service quits with a segmentation >> fault: > It probably means that the remote LMTP server disconnected the client > for whatever reason. http://hg.dovecot.org/dovecot-2.0/rev/2f988e370a41 > should help. > > -- Reinhard Vicinus Metaways Infosystems GmbH Pickhuben 2, D-20457 Hamburg E-Mail: r.vicinus at metaways.de Web: http://www.metaways.de Tel: +49 (0)40 317031-524 Fax: +49 (0)40 317031-10 Metaways Infosystems GmbH - Sitz: D-22967 Tremsb?ttel Handelsregister: Amtsgericht L?beck HRB 4508 AH Gesch?ftsf?hrung: Hermann Thaele, L?der-H. Thaele From tss at iki.fi Thu Sep 1 12:27:32 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 01 Sep 2011 12:27:32 +0300 Subject: [Dovecot] v2.1.alpha1 released Message-ID: <1314869252.27581.9.camel@hurina> http://dovecot.org/releases/2.1/alpha/dovecot-2.1.alpha1.tar.gz http://dovecot.org/releases/2.1/alpha/dovecot-2.1.alpha1.tar.gz.sig So it's time for the first alpha version of Dovecot v2.1. There are no huge intrusive changes, so I expect v2.1.0 to be released this year (maybe even in a few months?) The biggest changes are related to full text search handling. I'll probably still make some changes to it and its configuration. Also it wouldn't be difficult to add more backends, does anyone want to add Xapian support for Dovecot? :) Mailbox list indexes are intended to improve performance of IMAP STATUS command lookups, since they could be simply looked up from the index without even opening the mailbox. TODO related to this: 1) optimize virtual mailbox handling so that it doesn't need to actually open all of the mailboxes' index files, it can simply look at the mailbox list index for changes. 2) Implement IMAP NOTIFY extension using this. Statistics tracking can be used to look at what's happening currently in your system and also its history. You can look at what's happening in command/session/user/domain/ip level. "doveadm stats top" gives a list of currently running sessions and sorts them by whichever is using the most disk io/cpu/whatever. "doveadm stats dump" followed by one of the levels shows you a raw dump of everything stored in that level. It would be nice if someone wrote a pretty Ajaxy HTML stats browser where you could zoom in/out of levels. I'd also like to hear if anyone has suggestions on how to improve what stats are gathered or how they could be exported. (I've thought about SNMP, but I'm not entirely sure how to export the data nicely using it.) Finally here's the NEWS file: * Plugins now use UTF-8 mailbox names rather than mUTF-7: acl, autocreate, expire, trash, virtual * auth_username_format default changed to %Lu. If you really want case sensitive usernames, set it back to empty. * Solr full text search backend changed to use mailbox GUIDs instead of mailbox names, requiring reindexing everything. solr_old backend can be used with old indexes to avoid reindexing, but it doesn't support some newer features. + imapc (= IMAP client) storage allows using a remote IMAP server to be used as storage. This allows using Dovecot as a smart (caching) proxy or using dsync to do migration from remote IMAP server. + Mailbox indexing via queuing indexer service (required for Lucene) + Lucene full text search (FTS) backend rewritten with support for different languages + FTS finally supports "OR" search operation + FTS supports indexing attachments via external programs + IMAP FUZZY extension, supported by Lucene and Solr FTS backends + Mailbox list indexes + Statistics tracking via stats service. Exported via doveadm stats. + Autocreate plugin creates/subscribes mailboxes physically only when the mailbox is opened for the first time. Mailbox listing shows the autocreated mailboxes even if they don't physically exist. + Password and user databases now support default_fields and override_fields settings to specify template defaults/overrides. - listescape plugin works perfectly now From arne at drlinux.no Thu Sep 1 13:56:12 2011 From: arne at drlinux.no (Arne K. Haaje) Date: Thu, 01 Sep 2011 12:56:12 +0200 Subject: [Dovecot] Password query returned multiple matches Message-ID: <1433050.adJ7uCDQRR@trillian> Wednesday 31. August 2011 11.44.03 skrev Simon Brereton : > > -----Original Message----- > > From: Timo Sirainen [mailto:tss at iki.fi] > > > > On 31.8.2011, at 18.19, Simon Brereton wrote: > > > Aug 30 22:41:45 mail dovecot: auth-worker(default): > > sql(sbrereton at domain.co.uk,64.88.168.84): Password query returned > > multiple matches > > .. > > > > > password_query = SELECT EmailAdd AS user, Password AS password, > > > > concat('/var/spool/mail/virtual/',MailDirLoc) as userdb_home, 999 as > > userdb_uid, 115 as userdb_gid FROM MailAccounts WHERE Username='%u' > > AND active = '1'; > > > > > Since the EmailAdd is unique I don't see how it can return multiple > > > > matches. > > > > You're querying with Username, not with EmailAdd, and apparently > > there are multiple rows where Username='sbrereton at domain.co.uk'. > > Well, what do you know - there are two Usernames that at the same! I have > no idea how that happened. You could change or add the index for Username column to UNIQUE. That will ensure it does not happen again :) Arne -- Arne K. Haaje - Dr Linux http://www.drlinux.no/ ::: arne at drlinux.no LinkedIn: http://no.linkedin.com/pub/arne-haaje/27/189/bb From warden at geneseo.edu Thu Sep 1 14:50:33 2011 From: warden at geneseo.edu (David Warden) Date: Thu, 1 Sep 2011 07:50:33 -0400 Subject: [Dovecot] Kerberos GSSAPI - proper item name in keytab In-Reply-To: <20110831203956.GC30654@obsidianresearch.com> References: <4E5B9682.1040408@yandex.ru> <4E5BE3AE.7080303@inblock.ru> <4E5C7403.6020008@yandex.ru> <4E5E28CA.6020602@yandex.ru> <2332E510-FF66-4DFC-BE29-C85453561FFD@geneseo.edu> <4E5E38B8.7060404@yandex.ru> <4E5E5332.3060006@gmail.com> <20110831203956.GC30654@obsidianresearch.com> Message-ID: <68FC786C-9DF0-46CE-A943-F4B6D0B422FF@geneseo.edu> On Aug 31, 2011, at 4:39 PM, Jason Gunthorpe wrote: > On Wed, Aug 31, 2011 at 09:28:50AM -0600, Trever L. Adams wrote: > >> I have only followed part of this. It the original poster's problem is >> that the LDAP database is not being able to be accessed with an SPN >> ticket, this is because SPNs are not allowed to log in in AD. You need >> to use a user account (including MACHINE$ accounts). It took me forever >> to figure this out. To use this, you need a cron job that creates/renews >> tickets from time to time for the user/machine account. Then you use >> Dovecot's environment setup configuration to set the KRB5_CC (or >> whatever it is called, my head is elsewhere) env variable to that >> Kerberos ticket cache that was created in the cronjob. This cache needs >> to be readable by dovecot and should be owned by its user. > > This all works a 1000% better if you use Samba to join the domain and > create your keytab with the right SPNs. See my prior posts to this > list for a formula. Using the MS kerberos compatability tools is > painful, complicated and tends to make a mess. > > Samba will create a machine UPN and populate the system keytab > appropriately. From a cron job you can use 'kinit -k' to maintain an > active ticket for the machine UPN which dovecot can use for LDAP > operations. > I would agree with that is easier unless/until you are load balancing connections on a single hostname to multiple physical machines. In that scenario you can't add SPNs for the shared hostname to the machine accounts (since SPNs must be unique) and you're still looking at futzing with ktpass. > Jason From stephan at rename-it.nl Thu Sep 1 15:55:14 2011 From: stephan at rename-it.nl (Stephan Bosch) Date: Thu, 01 Sep 2011 14:55:14 +0200 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <1314869252.27581.9.camel@hurina> References: <1314869252.27581.9.camel@hurina> Message-ID: <4E5F80B2.4080105@rename-it.nl> Op 1-9-2011 11:27, Timo Sirainen wrote: > http://dovecot.org/releases/2.1/alpha/dovecot-2.1.alpha1.tar.gz > http://dovecot.org/releases/2.1/alpha/dovecot-2.1.alpha1.tar.gz.sig > > So it's time for the first alpha version of Dovecot v2.1. There are no > huge intrusive changes, so I expect v2.1.0 to be released this year > (maybe even in a few months?) There is no specific Pigeonhole repository for v2.1 yet. However, we did port it to v2.1 and there is a patch available to port Pigeonhole v0.2 to Dovecot v2.1. It is kept up-to-date in its own mq repository: http://hg.rename-it.nl/pigeonhole-0.2-dovecot-2.1-patches/file/tip/pigeonhole-0.2-dovecot-2.1.patch Just apply it to a recent dovecot-2.0-pigeonhole tree and compile it against dovecot-2.1. Regards, Stephan. From klinkov at yandex.ru Thu Sep 1 16:53:36 2011 From: klinkov at yandex.ru (Stanislav Klinkov) Date: Thu, 01 Sep 2011 17:53:36 +0400 Subject: [Dovecot] [Solved] Kerberos GSSAPI - proper item name in keytab In-Reply-To: <4E5B9682.1040408@yandex.ru> References: <4E5B9682.1040408@yandex.ru> Message-ID: <4E5F8E60.9040701@yandex.ru> OK, gentlemen. I have found the source of problem. It appears to be very unexpectedly. My testing stand was deployed on a OpenVZ-bazed virtual machine with Venet interface on board. Here are references to OpenVZ documentation: http://wiki.openvz.org/Virtual_network_device http://wiki.openvz.org/Differences_between_venet_and_veth By design venet interface coressponds to a loopback interface with one or more aliases and very foxy routing rules. For example, in Debian it looks like this: ************** ifconfig output **************** lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:956 errors:0 dropped:0 overruns:0 frame:0 TX packets:956 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:134666 (131.5 KiB) TX bytes:134666 (131.5 KiB) venet0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 UP BROADCAST POINTOPOINT RUNNING NOARP MTU:1500 Metric:1 RX packets:160164 errors:0 dropped:0 overruns:0 frame:0 TX packets:106318 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:155480098 (148.2 MiB) TX bytes:17449831 (16.6 MiB) venet0:0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 inet addr:192.168.9.36 P-t-P:192.168.9.36 Bcast:0.0.0.0 Mask:255.255.255.255 UP BROADCAST POINTOPOINT RUNNING NOARP MTU:1500 Metric:1 ************************************************ In config file it looks like this: *********** /etc/network/interfaces ********* # Auto generated lo interface auto lo iface lo inet loopback # Auto generated venet0 interface auto venet0 iface venet0 inet manual up ifconfig venet0 up up ifconfig venet0 0 up route add default dev venet0 down route del default dev venet0 down ifconfig venet0 down iface venet0 inet6 manual auto venet0:0 iface venet0:0 inet static address 192.168.9.36 netmask 255.255.255.255 ********************************************* For most cases such type of emulation works fine. But this time either krb5 libs, or dovecot, or someone else could not correctly define hostname. So, someone of them (I beleive than krb5 libs) was unable to compare proper IP with the proper stanza in keytab. And neither explicit "listen" nor "auth_gssapi_hostname" directives became helpful. So, I changed equipped emulated interface from "Venet" to more "brute" Veth, and everything flies up. Thank you all very much for such an interesting discussion. I shall describe this situation in my howto's and known issues archive, for others. In other words, my trouble is totally OpenVZ-specific. So, I may pretend to be the first who bumped into it. And then, there is a second question. Can there be a way to continue using this crafty venet interface, but force krb5 libs to look up for desired IP ? Respectfully, Stanislav Klinkov. From frank at moltke28.B.Shuttle.DE Thu Sep 1 16:57:19 2011 From: frank at moltke28.B.Shuttle.DE (Frank Elsner) Date: Thu, 1 Sep 2011 15:57:19 +0200 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <1314869252.27581.9.camel@hurina> References: <1314869252.27581.9.camel@hurina> Message-ID: (auto-added) On Thu, 01 Sep 2011 12:27:32 +0300 Timo Sirainen wrote: > http://dovecot.org/releases/2.1/alpha/dovecot-2.1.alpha1.tar.gz > http://dovecot.org/releases/2.1/alpha/dovecot-2.1.alpha1.tar.gz.sig [ ... ] > + Statistics tracking via stats service. Exported via doveadm stats. My 2.0.13 configuration works perfect with dovecot-2.1.alpha1. What must I add to my configuration to enable the stats service? --Frank Elsner From tss at iki.fi Thu Sep 1 17:05:56 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 1 Sep 2011 17:05:56 +0300 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: (auto-added) References: <1314869252.27581.9.camel@hurina> (auto-added) Message-ID: <2AAA5E22-01A2-4405-922F-CA904F92EB12@iki.fi> On 1.9.2011, at 16.57, Frank Elsner wrote: >> + Statistics tracking via stats service. Exported via doveadm stats. > > My 2.0.13 configuration works perfect with dovecot-2.1.alpha1. > What must I add to my configuration to enable the stats service? mail_plugins = $mail_plugins stats protocol imap { mail_plugins = $mail_plugins imap_stats } plugin { stats_refresh = 10s stats_track_cmds = yes } Then you can use doveadm stats top/dump. From lists at luigirosa.com Thu Sep 1 17:29:07 2011 From: lists at luigirosa.com (Luigi Rosa) Date: Thu, 01 Sep 2011 16:29:07 +0200 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <2AAA5E22-01A2-4405-922F-CA904F92EB12@iki.fi> References: <1314869252.27581.9.camel@hurina> (auto-added) <2AAA5E22-01A2-4405-922F-CA904F92EB12@iki.fi> Message-ID: <4E5F96B3.8090709@luigirosa.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Timo Sirainen said the following on 01/09/11 16:05: > Then you can use doveadm stats top/dump. did what you said, restarted dovecot, run (as root) doveadm stats top and got this in dovecot log: Error: stats: open(/var/run/dovecot//stats-mail) failed: Permission denied And the output of doveadm was simply USER SERVICE %CPU %SYS DISKIN DISKOUT # ls -al /var/run/dovecot/ total 24 drwxr-xr-x 4 root root 4096 Sep 1 16:25 . drwxr-xr-x 22 root root 4096 Sep 1 15:01 .. srw------- 1 root root 0 Sep 1 16:25 anvil srw------- 1 root root 0 Sep 1 16:25 anvil-auth-penalty srw------- 1 root root 0 Sep 1 16:25 auth-client srw------- 1 dovecot root 0 Sep 1 16:25 auth-login srw------- 1 root root 0 Sep 1 16:25 auth-master srw-rw-rw- 1 root root 0 Sep 1 16:25 auth-userdb srw------- 1 dovecot root 0 Sep 1 16:25 auth-worker srw------- 1 root root 0 Sep 1 16:25 config srw------- 1 root root 0 Sep 1 16:25 dict srw------- 1 root root 0 Sep 1 16:25 director-admin srw------- 1 root root 0 Sep 1 16:25 director-userdb srw-rw-rw- 1 root root 0 Sep 1 16:25 dns-client srw------- 1 root root 0 Sep 1 16:25 doveadm-server lrwxrwxrwx 1 root root 25 Sep 1 16:25 dovecot.conf -> /etc/dovecot/dovecot.conf drwxr-xr-x 2 root root 4096 Dec 14 2009 empty srw-rw-rw- 1 root root 0 Sep 1 16:25 indexer srw-rw-rw- 1 root root 0 Sep 1 16:25 indexer-worker srw------- 1 root root 0 Sep 1 16:25 ipc srw-rw-rw- 1 root root 0 Sep 1 16:25 lmtp drwxr-x--- 2 root dovenull 4096 Sep 1 16:25 login - -rw------- 1 root root 6 Sep 1 16:25 master.pid srw------- 1 root root 0 Sep 1 16:25 stats prw------- 1 dovecot dovecot 0 Sep 1 16:25 stats-mail Ciao, luigi - -- / +--[Luigi Rosa]-- \ Zipple grelbnot horbnofg asirvnig fzouple! Or something like that. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk5flq8ACgkQ3kWu7Tfl6ZRQcQCeNbR0bBBf8Ux2pT4doiw912jO a3AAn3UPZu+xTqHXQ9XbCuxDPrrrd2vk =W99h -----END PGP SIGNATURE----- From tss at iki.fi Thu Sep 1 17:33:19 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 1 Sep 2011 17:33:19 +0300 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <4E5F96B3.8090709@luigirosa.com> References: <1314869252.27581.9.camel@hurina> (auto-added) <2AAA5E22-01A2-4405-922F-CA904F92EB12@iki.fi> <4E5F96B3.8090709@luigirosa.com> Message-ID: <5EDA8C12-D80B-48CD-B69A-A9969609617E@iki.fi> On 1.9.2011, at 17.29, Luigi Rosa wrote: >> Then you can use doveadm stats top/dump. > > did what you said, restarted dovecot, run (as root) doveadm stats top and got > this in dovecot log: > > Error: stats: open(/var/run/dovecot//stats-mail) failed: Permission denied Right, you'll also need to figure out proper permissions for this (or simply set mode to 0666): service stats { fifo_listener stats-mail { user = something mode = 0600 } } From stephan at rename-it.nl Thu Sep 1 17:34:09 2011 From: stephan at rename-it.nl (Stephan Bosch) Date: Thu, 01 Sep 2011 16:34:09 +0200 Subject: [Dovecot] v2.1.alpha1 released; automatic Debian repository for Dovecot v2.1 now available In-Reply-To: <1314869252.27581.9.camel@hurina> References: <1314869252.27581.9.camel@hurina> Message-ID: <4E5F97E1.5070308@rename-it.nl> Op 1-9-2011 11:27, Timo Sirainen schreef: > http://dovecot.org/releases/2.1/alpha/dovecot-2.1.alpha1.tar.gz > http://dovecot.org/releases/2.1/alpha/dovecot-2.1.alpha1.tar.gz.sig > > So it's time for the first alpha version of Dovecot v2.1. There are no > huge intrusive changes, so I expect v2.1.0 to be released this year > (maybe even in a few months?) I've started an automatic Debian package builder for Dovecot v2.1. It is now also documented in the wiki: http://wiki2.dovecot.org/PrebuiltBinaries#Automatically_Built_Packages Regards, Stephan. From lists at luigirosa.com Thu Sep 1 17:41:20 2011 From: lists at luigirosa.com (Luigi Rosa) Date: Thu, 01 Sep 2011 16:41:20 +0200 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <5EDA8C12-D80B-48CD-B69A-A9969609617E@iki.fi> References: <1314869252.27581.9.camel@hurina> (auto-added) <2AAA5E22-01A2-4405-922F-CA904F92EB12@iki.fi> <4E5F96B3.8090709@luigirosa.com> <5EDA8C12-D80B-48CD-B69A-A9969609617E@iki.fi> Message-ID: <4E5F9990.6060806@luigirosa.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Timo Sirainen said the following on 01/09/11 16:33: > Right, you'll also need to figure out proper permissions for this (or simply set mode to 0666): > > service stats { > fifo_listener stats-mail { > user = something > mode = 0600 > } > } > Works, thanks! For initial tests, I put 0666 But I got this: Sep 1 16:39:43 mail dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank Sep 1 16:39:51 mail dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank Sep 1 16:40:01 mail dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank Ciao, luigi - -- / +--[Luigi Rosa]-- \ A species that enslaves other beings is hardly superior, mentally or otherwise. --James Kirk, "The Gamesters of Triskelion" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk5fmY0ACgkQ3kWu7Tfl6ZSHwQCeM50dTX6RdKBKUkfCrPJcOdRz Aa8An07wqRjwYdgYsFqL04B1ZcMKWem2 =C3vb -----END PGP SIGNATURE----- From tss at iki.fi Thu Sep 1 17:53:26 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 1 Sep 2011 17:53:26 +0300 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <4E5F9990.6060806@luigirosa.com> References: <1314869252.27581.9.camel@hurina> (auto-added) <2AAA5E22-01A2-4405-922F-CA904F92EB12@iki.fi> <4E5F96B3.8090709@luigirosa.com> <5EDA8C12-D80B-48CD-B69A-A9969609617E@iki.fi> <4E5F9990.6060806@luigirosa.com> Message-ID: <32D56AC3-9213-4459-A231-3C41C1C2C18D@iki.fi> On 1.9.2011, at 17.41, Luigi Rosa wrote: > Sep 1 16:39:43 mail dovecot: stats: Error: Mail server input error: > UPDATE-SESSION: stats shrank Oh.. What OS is this? See what it logs with http://hg.dovecot.org/dovecot-2.1/rev/1c2d8da38a06 From lists at luigirosa.com Thu Sep 1 17:55:34 2011 From: lists at luigirosa.com (Luigi Rosa) Date: Thu, 01 Sep 2011 16:55:34 +0200 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <32D56AC3-9213-4459-A231-3C41C1C2C18D@iki.fi> References: <1314869252.27581.9.camel@hurina> (auto-added) <2AAA5E22-01A2-4405-922F-CA904F92EB12@iki.fi> <4E5F96B3.8090709@luigirosa.com> <5EDA8C12-D80B-48CD-B69A-A9969609617E@iki.fi> <4E5F9990.6060806@luigirosa.com> <32D56AC3-9213-4459-A231-3C41C1C2C18D@iki.fi> Message-ID: <4E5F9CE6.3020805@luigirosa.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Timo Sirainen said the following on 01/09/11 16:53: >> Sep 1 16:39:43 mail dovecot: stats: Error: Mail server input error: >> UPDATE-SESSION: stats shrank > > Oh.. What OS is this? See what it logs with http://hg.dovecot.org/dovecot-2.1/rev/1c2d8da38a06 > Linux mail.hypertrek.info 2.6.18-238.19.1.el5.centos.plus #1 SMP Mon Jul 18 10:05:09 EDT 2011 x86_64 x86_64 x86_64 GNU/Linux Compiled with ./configure --with-mysql --with-ssl=openssl --sysconfdir=/etc --localstatedir=/var I'm leaving and I'll be back this evening. Will do further checks later Ciao, luigi - -- / +--[Luigi Rosa]-- \ You know you've landed gear-up when it takes full power to taxi. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk5fnOIACgkQ3kWu7Tfl6ZQIAwCgt411k13mnhYsMS64P+1YOUmQ hEoAoJA16LYtzlbRn5MOu61f02X9/SuX =CVfU -----END PGP SIGNATURE----- From shopik at inblock.ru Thu Sep 1 18:40:01 2011 From: shopik at inblock.ru (Nikolay Shopik) Date: Thu, 01 Sep 2011 19:40:01 +0400 Subject: [Dovecot] [Solved] Kerberos GSSAPI - proper item name in keytab In-Reply-To: <4E5F8E60.9040701@yandex.ru> References: <4E5B9682.1040408@yandex.ru> <4E5F8E60.9040701@yandex.ru> Message-ID: On 01.09.2011 17:53, Stanislav Klinkov wrote: > Can there be a way to continue using this crafty venet interface, but > force krb5 libs to look up for desired IP ? Thanks for sharing solved problem. But I think this question better to forward to Kerberos mailing list. You probably find more explicit answer there, maybe this is even some kind of bug in krb5 libs :) From dmiller at amfes.com Thu Sep 1 19:48:05 2011 From: dmiller at amfes.com (Daniel L. Miller) Date: Thu, 01 Sep 2011 09:48:05 -0700 Subject: [Dovecot] OT - small hd recommendation In-Reply-To: <4E5E8E5F.4050204@nybeta.com> References: <4E5D5985.6040103@amfes.com> <4E5E8E5F.4050204@nybeta.com> Message-ID: On 8/31/2011 12:41 PM, Thomas Harold wrote: > On 8/30/2011 5:43 PM, Daniel L. Miller wrote: >> A little OT - but I've seen a few opinions voiced here by various admins >> and I'd like to benefit. > > RAID-10 is fine (note that the default mdadm RAID10 isn't actually > RAID10, but it works well enough). RAID-6 won't be faster (and will > probably be worse) although RAID-6 does do a bit better in a > double-drive failure over RAID-10. The only way to get more > performance out of (4) drives is to switch to 10k or 15k SAS (or SSDs). > > [...] > > (Take a look at /dev/disk/by-id, /dev/disk/by-uuid, etc. Export a copy > of that information on a daily/weekly basis off of the machine. In a > software RAID environment, it gives you better information about which > drive serial # failed rather then relying on lights.) > > Our mail server is 3-way RAID1 (triple mirror) for the OS and mail > queue with a 5-disk RAID-10 (4+spare) for mail storage. Given my extensive requirements - I haven't yet filled my existing 320GB - size isn't a big deal. Am I actually deriving much benefit from 4-disk RAID10 using 160GB discs - vs a 2-4 disc 1TB RAID1 array? -- Daniel From lampacz at gmail.com Thu Sep 1 21:34:40 2011 From: lampacz at gmail.com (Lampa) Date: Thu, 1 Sep 2011 20:34:40 +0200 Subject: [Dovecot] sieve vacation problem (discarding) Message-ID: Hello, i'm using 1.2.15 version on debian. I'm getting "discarding vacation response for message implicitly delivered to " I have domain domain.com which has alias do-main.com. When sending email to main domain (domain.com) seems to be ok, but for aliased domain getting discard ;( I tried "scary things" from http://www.dovecot.org/list/dovecot/2009-August/042360.html require ["vacation", "variables", "envelope"]; if envelope :matches "to" "*" { set "envto" "${1}"; vacation :days 1 :addresses ["${envto}"] :subject "Out of order..." "Body message"; } Is implemented :addresses ["*"] in later 1.2 version ? Where is problem? What i must to do to get this thing working ? Upgrading to version 2.x isn't solution for me now. Thank you for advices and help. -- Lampa From frank at moltke28.B.Shuttle.DE Thu Sep 1 22:09:55 2011 From: frank at moltke28.B.Shuttle.DE (Frank Elsner) Date: Thu, 1 Sep 2011 21:09:55 +0200 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <2AAA5E22-01A2-4405-922F-CA904F92EB12@iki.fi> References: <1314869252.27581.9.camel@hurina> <2AAA5E22-01A2-4405-922F-CA904F92EB12@iki.fi> Message-ID: On Thu, 1 Sep 2011 17:05:56 +0300 Timo Sirainen wrote: > On 1.9.2011, at 16.57, Frank Elsner wrote: > > >> + Statistics tracking via stats service. Exported via doveadm stats. > > > > My 2.0.13 configuration works perfect with dovecot-2.1.alpha1. > > What must I add to my configuration to enable the stats service? > > mail_plugins = $mail_plugins stats > protocol imap { > mail_plugins = $mail_plugins imap_stats > } > plugin { > stats_refresh = 10s > stats_track_cmds = yes > } > > Then you can use doveadm stats top/dump. Ok, works. But when I stop dovecot I get Sep 1 17:08:17 seymour dovecot: master: Warning: Killed with signal 15 (by pid=7896 uid=0 code=kill) Sep 1 17:08:17 seymour dovecot: anvil: Panic: file master-service.c: line 584 (master_service_client_connection_de stroyed): assertion failed: (service->total_available_count > 0) Sep 1 17:08:17 seymour dovecot: auth: Error: read(anvil-auth-penalty) failed: EOF Sep 1 17:08:17 seymour dovecot: auth: Error: net_connect_unix(anvil-auth-penalty) failed: Permission denied --Frank Elsner From kwebb at teradactyl.com Thu Sep 1 22:22:28 2011 From: kwebb at teradactyl.com (Kristen J. Webb) Date: Thu, 01 Sep 2011 13:22:28 -0600 Subject: [Dovecot] thunderbird and subscriptions with sieve In-Reply-To: References: <4E5E9E36.8020904@teradactyl.com> Message-ID: <4E5FDB74.3020002@teradactyl.com> Hi All, Thanks for all the responses! While I like the idea of moving to dovecot 2.x for new features, it is not part of the ubuntu packages, so I'm going to wait. In the end, I found deliver -s in postfix master.cf did the trick. Still the problem with thunderbird not seeing the new folder until restart, but hey, mail client independence is what I'm after anyway ;) Kris On 8/31/11 7:32 PM, Timo Sirainen wrote: > On 31.8.2011, at 23.48, Kristen J. Webb wrote: > >> Is there any way to automatically add folders created by sieve >> (GNU Mailutils 2.1) to the subscriptions file for a user? > > You mean you're using Mailutils Sieve, not Dovecot Sieve? The only reasonable solution I can think of is: > > Mailutils Sieve would have to subscribe to newly created folders itself, maybe by patching it or if it supports running some script then doing it that way. With Dovecot v2.0 it could run "doveadm mailbox subscribe $folder", but with v1.2 you'd have to write your own script. > > Any other solution would basically require always subscribing to all folders, which kind of defeats their whole purpose. > > -- Mr. Kristen J. Webb Teradactyl LLC. PHONE: 1-505-242-1091 EMAIL: kwebb at teradactyl.com VISIT: http://www.teradactyl.com Home of the True incremental Backup System From gfinch at ldmltd.ca Thu Sep 1 23:33:57 2011 From: gfinch at ldmltd.ca (Gregory Finch) Date: Thu, 01 Sep 2011 13:33:57 -0700 Subject: [Dovecot] thunderbird and subscriptions with sieve In-Reply-To: <4E5FDB74.3020002@teradactyl.com> References: <4E5E9E36.8020904@teradactyl.com> <4E5FDB74.3020002@teradactyl.com> Message-ID: <4E5FEC35.9080805@ldmltd.ca> The only time I've seen thunderbird issue a LIST or LSUB command is on startup, or when you open the "Subscribe..." dialog. I believe with the IMAP protocol that is only way to find out about new and newly subscribed folders (I'm not an IMAP guru though...), so with thunderbird, that is by design. -Greg On 2011-09-01 12:22 PM, Kristen J. Webb wrote: > Hi All, > > Thanks for all the responses! While I like the idea > of moving to dovecot 2.x for new features, it is > not part of the ubuntu packages, so I'm going to > wait. In the end, I found deliver -s in postfix master.cf > did the trick. Still the problem with thunderbird not seeing > the new folder until restart, but hey, mail client independence > is what I'm after anyway ;) > > Kris > > On 8/31/11 7:32 PM, Timo Sirainen wrote: >> On 31.8.2011, at 23.48, Kristen J. Webb wrote: >> >>> Is there any way to automatically add folders created by sieve >>> (GNU Mailutils 2.1) to the subscriptions file for a user? >> >> You mean you're using Mailutils Sieve, not Dovecot Sieve? The only >> reasonable solution I can think of is: >> >> Mailutils Sieve would have to subscribe to newly created folders >> itself, maybe by patching it or if it supports running some script >> then doing it that way. With Dovecot v2.0 it could run "doveadm >> mailbox subscribe $folder", but with v1.2 you'd have to write your >> own script. >> >> Any other solution would basically require always subscribing to all >> folders, which kind of defeats their whole purpose. >> >> > -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 260 bytes Desc: OpenPGP digital signature URL: From thomas-lists at nybeta.com Fri Sep 2 03:23:45 2011 From: thomas-lists at nybeta.com (Thomas Harold) Date: Thu, 01 Sep 2011 20:23:45 -0400 Subject: [Dovecot] OT - small hd recommendation In-Reply-To: References: <4E5D5985.6040103@amfes.com> <4E5E8E5F.4050204@nybeta.com> Message-ID: <4E602211.2010800@nybeta.com> On 9/1/2011 12:48 PM, Daniel L. Miller wrote: > > Given my extensive requirements - I haven't yet filled my existing 320GB > - size isn't a big deal. Am I actually deriving much benefit from 4-disk > RAID10 using 160GB discs - vs a 2-4 disc 1TB RAID1 array? > A pair of RAID-1 mirrors: - easy to deal with - you can attempt to manually balance load between the two arrays (storage on one pair, indexes and mail queue on other pair) - disks can be pulled and taken to another machine and read one by one - slightly harder to screw up (but both setups die if the wrong 2 disks fail) RAID-10 over 4 disks: - generally faster seeks - generally faster read/write speeds due to striping - generally the better choice for performance - a bit harder to bury the disks vs a pair of mirrors - lets you have a bigger partition - all the eggs in a single array If you're having performance problems on the existing RAID-10, your only real choices are to throw more spindles at it (move to a 6 or 8 disk RAID-10 w/ a hot-spare disk), throw faster spindles at it (10k/15k SAS), or move to SSD. So, if you think you can manually balance the needs of the system, you could try a pair of independent mirrors. But if you want less hassle, stick with the RAID-10. (And look into a tool like "atop" which can be run in the terminal and does a decent job of showing you whether the CPU/DISK is overly busy.) From thomas-lists at nybeta.com Fri Sep 2 03:30:14 2011 From: thomas-lists at nybeta.com (Thomas Harold) Date: Thu, 01 Sep 2011 20:30:14 -0400 Subject: [Dovecot] sieve vacation problem (discarding) In-Reply-To: References: Message-ID: <4E602396.6080508@nybeta.com> On 9/1/2011 2:34 PM, Lampa wrote: > Hello, > > i'm using 1.2.15 version on debian. > > I'm getting "discarding vacation response for message implicitly > delivered to" > > I have domain domain.com which has alias do-main.com. > > When sending email to main domain (domain.com) seems to be ok, but for > aliased domain getting discard ;( > On our older Dovecot v1 installation, we use the :addresses tag and just put the addresses in (with all the variations). Which may not be as clever as you wanted due to manually listing the recipient addresses, but seems to work for us. require ["vacation"]; vacation :days 1 :subject "Out of office reply" :addresses ["user at example.com", "user at example.net", "user at example.org"] " Body text "; From dyd281 at gmail.com Fri Sep 2 05:34:29 2011 From: dyd281 at gmail.com (Dong Ding) Date: Fri, 2 Sep 2011 10:34:29 +0800 Subject: [Dovecot] Can't got mail by OUTLOOK for a half million mails account Message-ID: Hi, I used postfix always_bcc to backup mail. And up to now the backup account has half million mails in cur/, when I first time tried to receive the mail by outlook, it failed , no responds. Does any one has some good idea to deal with this problem? Thanks From dlie76 at yahoo.com.au Fri Sep 2 07:54:13 2011 From: dlie76 at yahoo.com.au (Daminto Lie) Date: Thu, 1 Sep 2011 21:54:13 -0700 (PDT) Subject: [Dovecot] dovecot imap permission denied In-Reply-To: <1314857277.11811.YahooMailNeo@web113409.mail.gq1.yahoo.com> References: <1314763772.49414.YahooMailNeo@web113404.mail.gq1.yahoo.com> <1314766974.8787.26.camel@hurina> <1314773266.74037.YahooMailNeo@web113409.mail.gq1.yahoo.com> <69D3650A-1B43-42C7-8FBD-C921F80C5D5F@iki.fi> <1314857277.11811.YahooMailNeo@web113409.mail.gq1.yahoo.com> Message-ID: <1314939253.9918.YahooMailNeo@web113413.mail.gq1.yahoo.com> Hi again, I tried it again. This time, I could manage to get rid of the pam_authentication issue (see below). But I still get the invalid credential. I do not understand because based on the article I found at http:// wiki.dovecot.org/AuthDatabase/LDAP/AuthBinds, it does not authenticate by the use of password, unless I miss out on something. It's really frustrating because I feel like I'm that close but not quite there yet. Sep? 2 14:32:01 server1 dovecot: auth(default): client in: AUTH#0111#011PLAIN#011service=imap#011secured#011lip=127.0.0.1#011rip=127.0.0.1#011lport=143#011rport=54128#011resp=AG1pa2VfbGVlAGRsaWUzMjA1 Sep? 2 14:32:01 server1 dovecot: auth(default): ldap(mike_lee,127.0.0.1): invalid credentials (given password: secrets) Sep? 2 14:32:01 server1 dovecot: auth(default): new auth connection: pid=4380 Sep? 2 14:32:03 server1 dovecot: auth(default): client out: FAIL#0111#011user=mike_lee Sep? 2 14:32:08 server1 dovecot: imap-login: Aborted login (auth failed, 1 attempts): user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured Any help is greatly appreciated. Thanks ________________________________ From: Daminto Lie To: Timo Sirainen Cc: "dovecot at dovecot.org" Sent: Thursday, 1 September 2011 4:07 PM Subject: Re: [Dovecot] dovecot imap permission denied Thanks Timo for your reply. It now works fine with Passdb LDAP with password lookups. Users can now login with no problem.? However, when trying to do LDAP authentication with Authentication binds, I received the following errors from mail.log Sep? 1 15:34:22 server1 dovecot: auth(default): client in: AUTH#0111#011PLAIN#011service=imap#011secured#011lip=127.0.0.1#011rip=127.0.0.1#011lport=143#011rport=34719#011resp=AG1pa2VfbGVlAGRsaWUzMjA1 Sep? 1 15:34:22 server1 dovecot: auth-worker(default): pam(mike_lee,127.0.0.1): lookup service=dovecot Sep? 1 15:34:22 server1 dovecot: auth-worker(default): pam(mike_lee,127.0.0.1): #1/1 style=1 msg=Password: Sep? 1 15:34:22 server1 dovecot: auth(default): new auth connection: pid=1947 Sep? 1 15:34:24 server1 dovecot: auth-worker(default): pam(mike_lee,127.0.0.1): pam_authenticate() failed: Authentication failure (password mismatch?) (given password: secrets) Sep? 1 15:34:24 server1 dovecot: auth(default): passwd(mike_lee,127.0.0.1): lookup Sep? 1 15:34:24 server1 dovecot: auth(default): passwd(mike_lee,127.0.0.1): unknown user Sep? 1 15:34:24 server1 dovecot: auth(default): ldap(mike_lee,127.0.0.1): invalid credentials (given password: secrets) Sep? 1 15:34:26 server1 dovecot: auth(default): client out: FAIL#0111#011user=mike_lee Sep? 1 15:34:31 server1 dovecot: imap-login: Aborted login (auth failed, 1 attempts): user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured I do not understand why I am getting pam() authentication issue when I deliberately chose not to use it. The following is the setting I have in dovecot-ldap.conf hosts = localhost #uris = dn = uid=dovecot,ou=accounts,dc=companyexample,dc=com,dc=au dnpass = helloworld #sasl_bind = no #sasl_mech = #sasl_realm = #sasl_authz_id = #tls = no #tls_ca_cert_file = #tls_ca_cert_dir = #tls_cert_file = #tls_key_file = #tls_cipher_suite = #tls_require_cert = #ldaprc_path = #debug_level = 0 auth_bind = yes auth_bind_userdn = cn=%u,ou=accounts,dc=companyexample,dc=com,dc=au ldap_version = 3 base = ou=accounts,dc=companyexample,dc=com,dc=au deref = never scope = subtree user_attrs = homeDirectory=home user_filter = (&(objectClass=posixAccount)(uid=%u)) #pass_attrs = uid=user,userPassword=password pass_filter = (&(objectClass=posixAccount)(uid=%u)) default_pass_scheme = PLAIN This is what I have in dovecot.conf base_dir = /var/run/dovecot protocols = imap ?? protocol imap { ???? listen = *:143 ?? } #?? protocol pop3 { #???? listen = *:10100 #???? .. #?? } #?? protocol managesieve { #???? listen = *:12000 #???? .. #?? } #listen = * disable_plaintext_auth = no log_timestamp = "%Y-%m-%d %H:%M:%S " #ssl_listen = ssl = no #ssl_cert_file = /etc/ssl/certs/dovecot.pem #ssl_key_file = /etc/ssl/private/dovecot.pem #ssl_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem #ssl_key_file = /etc/ssl/private/ssl-cert-snakeoil.key #ssl_key_password = #ssl_ca_file = #ssl_verify_client_cert = no #ssl_cert_username_field = commonName #ssl_parameters_regenerate = 168 #ssl_cipher_list = ALL:!LOW:!SSLv2 #verbose_ssl = no login_dir = /var/run/dovecot/login login_chroot = yes login_user = dovecot #login_process_size = 64 #login_process_per_connection = yes #login_processes_count = 3 #login_max_processes_count = 128 #login_max_connections = 256 #login_greeting = Dovecot ready. #login_trusted_networks = #login_log_format_elements = user=<%u> method=%m rip=%r lip=%l %c #login_log_format = %$: %s mail_location = maildir:/home/%u/Maildir mail_uid = 3000 mail_gid = 8 mail_privileged_group = mail #mail_access_groups = #mail_full_filesystem_access = no #mail_debug = no #mail_log_max_lines_per_sec = 10 #mmap_disable = no #dotlock_use_excl = yes #fsync_disable = no #mail_nfs_index = no #lock_method = fcntl #mail_drop_priv_before_exec = no verbose_proctitle = yes first_valid_uid = 3000 last_valid_uid = 3000 first_valid_gid = 8 last_valid_gid = 8 #max_mail_processes = 512 #mail_process_size = 256 #mail_max_keyword_length = 50 #valid_chroot_dirs = #mail_chroot = #mail_cache_min_mail_count = 0 #mailbox_idle_check_interval = 30 mail_save_crlf = no #maildir_stat_dirs = no maildir_copy_with_hardlinks = yes #maildir_copy_preserve_filename = no #maildir_very_dirty_syncs = no protocol imap { ? #login_executable = /usr/lib/dovecot/imap-login ? #mail_executable = /usr/lib/dovecot/imap ? #imap_max_line_length = 65536 ? #mail_max_userip_connections = 10 ? #mail_plugin_dir = /usr/lib/dovecot/modules/imap ? #imap_logout_format = bytes=%i/%o ? #imap_capability = ? #imap_idle_notify_interval = 120 ? #imap_id_send = ? #imap_id_log = ? imap_client_workarounds = outlook-idle delay-newmail netscape-eoh tb-extra-mailbox-sep oe6-fetch-no-newmail } protocol pop3 { ? pop3_uidl_format = %08Xu%08Xv } protocol managesieve { } #auth_executable = /usr/lib/dovecot/dovecot-auth #auth_process_size = 256 #auth_cache_size = 0 #auth_cache_ttl = 3600 #auth_cache_negative_ttl = 3600 #auth_realms = #auth_default_realm = #auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@ #auth_username_translation = #auth_username_format = #auth_master_user_separator = #auth_anonymous_username = anonymous auth_verbose = yes auth_debug = yes auth_debug_passwords = yes #auth_worker_max_count = 30 #auth_gssapi_hostname = #auth_krb5_keytab = #auth_use_winbind = no #auth_winbind_helper_path = /usr/bin/ntlm_auth #auth_failure_delay = 2 auth default { ? mechanisms = plain ? passdb pam { ? } ? passdb passwd { ? } ? passdb ldap { ??? args = /etc/dovecot/dovecot-ldap.conf ? } ? userdb passwd { ??? args = /etc/dovecot/dovecot-ldap-userdb.conf ? } ? userdb ldap { ??? args = /etc/dovecot/dovecot-ldap.conf ? } ? user = root ? #user = dovecot-auth??? ? #chroot = ? #count = 1 ? #ssl_require_client_cert = no ? #ssl_username_from_cert = no ? socket listen { ??? client { ????? path = /var/spool/postfix/private/auth ????? mode = 0660 ????? user = postfix ????? group = postfix ??? } ? } ? !include_try /etc/dovecot/auth.d/*.auth } plugin { } # Config files can also be included. deliver doesn't support them currently. #!include /etc/dovecot/conf.d/*.conf # Optional configurations, don't give an error if it's not found: !include_try /etc/dovecot/conf.d/*.conf #!include_try /etc/dovecot/extra.conf I wonder where I did it wrong. I did not set pam authentication. Any help would be appreciated. Thank you ________________________________ From: Timo Sirainen To: Daminto Lie Cc: "dovecot at dovecot.org" Sent: Wednesday, 31 August 2011 4:52 PM Subject: Re: [Dovecot] dovecot imap permission denied On 31.8.2011, at 9.47, Daminto Lie wrote: > Thanks a lot Timo, > > Creating directories for new users is not an issue. It's the permission that makes me headache. The error message you showed said that the user's home directory didn't exist, and the permission problem came only because it didn't exist and Dovecot tried to create it. > I tried the following > > sudo chmod o-r /home/$USER > sudo chmod g+rw /home/$USER > > It did not work until I did chmod 777 /home. Right, because only then did it have enough permissions to create the home dir. > Is it safe to make home directory with permission 777? No. From stsiol at yahoo.co.uk Fri Sep 2 08:55:26 2011 From: stsiol at yahoo.co.uk (Spyros Tsiolis) Date: Fri, 2 Sep 2011 06:55:26 +0100 (BST) Subject: [Dovecot] OT - small hd recommendation In-Reply-To: <4E602211.2010800@nybeta.com> References: <4E5D5985.6040103@amfes.com> <4E5E8E5F.4050204@nybeta.com> <4E602211.2010800@nybeta.com> Message-ID: <1314942926.69208.YahooMailNeo@web27208.mail.ukl.yahoo.com> Ditto, Don't know anything on RAID 10 with four disks, but I agree with the two-disk scenario. s. ? ---- "I merely function as a channel that filters music through the chaos of noise" - Vangelis ________________________________ From: Thomas Harold To: dovecot at dovecot.org Sent: Friday, 2 September 2011, 3:23 Subject: Re: [Dovecot] OT - small hd recommendation On 9/1/2011 12:48 PM, Daniel L. Miller wrote: > > Given my extensive requirements - I haven't yet filled my existing 320GB > - size isn't a big deal. Am I actually deriving much benefit from 4-disk > RAID10 using 160GB discs - vs a 2-4 disc 1TB RAID1 array? > A pair of RAID-1 mirrors: - easy to deal with - you can attempt to manually balance load between the two arrays (storage on one pair, indexes and mail queue on other pair) - disks can be pulled and taken to another machine and read one by one - slightly harder to screw up (but both setups die if the wrong 2 disks fail) RAID-10 over 4 disks: - generally faster seeks - generally faster read/write speeds due to striping - generally the better choice for performance - a bit harder to bury the disks vs a pair of mirrors - lets you have a bigger partition - all the eggs in a single array If you're having performance problems on the existing RAID-10, your only real choices are to throw more spindles at it (move to a 6 or 8 disk RAID-10 w/ a hot-spare disk), throw faster spindles at it (10k/15k SAS), or move to SSD. So, if you think you can manually balance the needs of the system, you could try a pair of independent mirrors.? But if you want less hassle, stick with the RAID-10. (And look into a tool like "atop" which can be run in the terminal and does a decent job of showing you whether the CPU/DISK is overly busy.) From robert at schetterer.org Fri Sep 2 10:04:07 2011 From: robert at schetterer.org (Robert Schetterer) Date: Fri, 02 Sep 2011 09:04:07 +0200 Subject: [Dovecot] thunderbird and subscriptions with sieve In-Reply-To: <4E5FDB74.3020002@teradactyl.com> References: <4E5E9E36.8020904@teradactyl.com> <4E5FDB74.3020002@teradactyl.com> Message-ID: <4E607FE7.8030103@schetterer.org> Am 01.09.2011 21:22, schrieb Kristen J. Webb: > Hi All, > > Thanks for all the responses! While I like the idea > of moving to dovecot 2.x for new features, it is > not part of the ubuntu packages, search list archive, there are ubuntu packs dove 2.x out there in some repositories i i.e recompile stuff from here http://xi.rename-it.nl/debian/ on lucid works like charme so I'm going to > wait. In the end, I found deliver -s in postfix master.cf > did the trick. Still the problem with thunderbird not seeing > the new folder until restart, but hey, mail client independence > is what I'm after anyway ;) > > Kris > > On 8/31/11 7:32 PM, Timo Sirainen wrote: >> On 31.8.2011, at 23.48, Kristen J. Webb wrote: >> >>> Is there any way to automatically add folders created by sieve >>> (GNU Mailutils 2.1) to the subscriptions file for a user? >> >> You mean you're using Mailutils Sieve, not Dovecot Sieve? The only >> reasonable solution I can think of is: >> >> Mailutils Sieve would have to subscribe to newly created folders >> itself, maybe by patching it or if it supports running some script >> then doing it that way. With Dovecot v2.0 it could run "doveadm >> mailbox subscribe $folder", but with v1.2 you'd have to write your own >> script. >> >> Any other solution would basically require always subscribing to all >> folders, which kind of defeats their whole purpose. >> >> > -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria From kerem.erciyes at gmail.com Fri Sep 2 10:17:29 2011 From: kerem.erciyes at gmail.com (Kerem Erciyes) Date: Fri, 2 Sep 2011 10:17:29 +0300 Subject: [Dovecot] OT - small hd recommendation In-Reply-To: <1314942926.69208.YahooMailNeo@web27208.mail.ukl.yahoo.com> References: <4E5D5985.6040103@amfes.com> <4E5E8E5F.4050204@nybeta.com> <4E602211.2010800@nybeta.com> <1314942926.69208.YahooMailNeo@web27208.mail.ukl.yahoo.com> Message-ID: Hi, At least, rather than Seagate AS series or some "green" series try using Seagate ST.SV series SATA HDDs, the 10$ difference is woth it. They are certified for 7/24 operation and will not fail on you as quickly. And they perform a little bit faster. Regards, Kerem On Fri, Sep 2, 2011 at 8:55 AM, Spyros Tsiolis wrote: > Ditto, > > Don't know anything on RAID 10 with four disks, but I agree with the two-disk scenario. > > s. > > > > ---- > "I merely function as a channel that filters > music through the chaos of noise" > - Vangelis > > > ________________________________ > From: Thomas Harold > To: dovecot at dovecot.org > Sent: Friday, 2 September 2011, 3:23 > Subject: Re: [Dovecot] OT - small hd recommendation > > On 9/1/2011 12:48 PM, Daniel L. Miller wrote: >> >> Given my extensive requirements - I haven't yet filled my existing 320GB >> - size isn't a big deal. Am I actually deriving much benefit from 4-disk >> RAID10 using 160GB discs - vs a 2-4 disc 1TB RAID1 array? >> > > A pair of RAID-1 mirrors: > > - easy to deal with > - you can attempt to manually balance load between the two arrays (storage on one pair, indexes and mail queue on other pair) > - disks can be pulled and taken to another machine and read one by one > - slightly harder to screw up (but both setups die if the wrong 2 disks fail) > > RAID-10 over 4 disks: > > - generally faster seeks > - generally faster read/write speeds due to striping > - generally the better choice for performance > - a bit harder to bury the disks vs a pair of mirrors > - lets you have a bigger partition > - all the eggs in a single array > > If you're having performance problems on the existing RAID-10, your only real choices are to throw more spindles at it (move to a 6 or 8 disk RAID-10 w/ a hot-spare disk), throw faster spindles at it (10k/15k SAS), or move to SSD. > > So, if you think you can manually balance the needs of the system, you could try a pair of independent mirrors.? But if you want less hassle, stick with the RAID-10. > > (And look into a tool like "atop" which can be run in the terminal and does a decent job of showing you whether the CPU/DISK is overly busy.) -- Kerem Erciyes - Sistem Danismani http://keremerciyes.com From centos.admin at gmail.com Fri Sep 2 11:55:16 2011 From: centos.admin at gmail.com (Emmanuel Noobadmin) Date: Fri, 2 Sep 2011 16:55:16 +0800 Subject: [Dovecot] OT - small hd recommendation In-Reply-To: References: Message-ID: On 8/31/11, Daniel L. Miller wrote: > I'm seeing some warnings & errors in my logs & dmesg - and Google tells > me this can the result of several factors, including the hard drives. I > haven't seen any SMART warnings as yet - but I am getting a little > nervous and thinking about upgrading the storage. Possible to post some of those error messages? > As part of the potential upgrade, I'm considering changing to RAID6 - > seems a bit more efficient use of space. I see no reason for SSD - I It might be more efficient but you'll take a 3x IOPS penalty for writes vs RAID 1/10. Depending on your exact workload, it is most likely going to be a bad idea since you mention that you don't actually need more space. > think a set of reasonable 7200rpm drives should be just fine. What I > don't know is, compared to my current 4 drive RAID10 with SATA 1.5, > would even a single SATA 3 drive be comparable in terms of seek > performance? Should I stick with the RAID-10? Seek performance is largely a matter of I/O latency, SATA 3 only gives you more bandwidth to play with. A SATA 3 4200RPM HDD will seek slower than a SATA 1 7200RPM HDD. For random I/O, more spindles/drives are usually the way to deal with it, like others suggested, splitting your drives into RAID 1 nodes and balancing different workloads on each node is probably your best bet if you don't mind doing it manually. From lists at luigirosa.com Fri Sep 2 12:05:10 2011 From: lists at luigirosa.com (Luigi Rosa) Date: Fri, 02 Sep 2011 11:05:10 +0200 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <32D56AC3-9213-4459-A231-3C41C1C2C18D@iki.fi> References: <1314869252.27581.9.camel@hurina> (auto-added) <2AAA5E22-01A2-4405-922F-CA904F92EB12@iki.fi> <4E5F96B3.8090709@luigirosa.com> <5EDA8C12-D80B-48CD-B69A-A9969609617E@iki.fi> <4E5F9990.6060806@luigirosa.com> <32D56AC3-9213-4459-A231-3C41C1C2C18D@iki.fi> Message-ID: <4E609C46.9010306@luigirosa.com> Timo Sirainen said the following on 01/09/11 16:53: >> Sep 1 16:39:43 mail dovecot: stats: Error: Mail server input error: >> UPDATE-SESSION: stats shrank > Oh.. What OS is this? See what it logs with http://hg.dovecot.org/dovecot-2.1/rev/1c2d8da38a06 Sorry for the delay... Sep 2 11:03:11 mail dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: ucpu 0.5999 < 0.9000 Sep 2 11:03:21 mail dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: ucpu 0.5999 < 0.9000 Sep 2 11:03:42 mail dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: ucpu 0.9998 < 0.15997 Sep 2 11:03:42 mail dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: ucpu 0.3999 < 0.8997 Sep 2 11:03:43 mail dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: ucpu 0.1999 < 0.3999 Sep 2 11:03:45 mail dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: ucpu 0.6998 < 0.6999 Sep 2 11:03:52 mail dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: ucpu 0.3999 < 0.8997 Sep 2 11:03:54 mail dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: ucpu 0.10998 < 0.18997 Sep 2 11:03:54 mail dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: ucpu 0.5999 < 0.10000 Sep 2 11:03:55 mail dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: ucpu 0.6998 < 0.6999 Ciao, luigi -- / +--[Luigi Rosa]-- \ I don't think we have the right or the wisdom to interfere, however a planet is evolving. --James Kirk, "The Omega Glory" From lists at luigirosa.com Fri Sep 2 12:46:25 2011 From: lists at luigirosa.com (Luigi Rosa) Date: Fri, 02 Sep 2011 11:46:25 +0200 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <32D56AC3-9213-4459-A231-3C41C1C2C18D@iki.fi> References: <1314869252.27581.9.camel@hurina> (auto-added) <2AAA5E22-01A2-4405-922F-CA904F92EB12@iki.fi> <4E5F96B3.8090709@luigirosa.com> <5EDA8C12-D80B-48CD-B69A-A9969609617E@iki.fi> <4E5F9990.6060806@luigirosa.com> <32D56AC3-9213-4459-A231-3C41C1C2C18D@iki.fi> Message-ID: <4E60A5F1.8000401@luigirosa.com> Timo Sirainen said the following on 01/09/11 16:53: > Oh.. What OS is this? See what it logs with http://hg.dovecot.org/dovecot-2.1/rev/1c2d8da38a06 Between a lot of ucpu events logged there are some like: Sep 2 11:41:52 mail dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: minflt 787 < 790 Sep 2 11:42:02 mail dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: minflt 787 < 790 Sep 2 11:43:42 mail dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: diskout 140735698723992 < 167507184 Sep 2 11:43:52 mail dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: diskout 140735698723992 < 167507184 Ciao, luigi -- / +--[Luigi Rosa]-- \ A beer delayed is a beer denied. From tlx at leuxner.net Fri Sep 2 13:21:33 2011 From: tlx at leuxner.net (Thomas Leuxner) Date: Fri, 2 Sep 2011 12:21:33 +0200 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <1314869252.27581.9.camel@hurina> References: <1314869252.27581.9.camel@hurina> Message-ID: <20110902102133.GA6623@nihlus.leuxner.net> Hi, any idea why STARTTLS would not work after replacing 2.0.14 with the alpha? When STARTTLS is not requested by the client it can connect. Config is unaltered working 2.0.14 one. Regards Thomas -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: Digital signature URL: From dovecot.user at seibercom.net Fri Sep 2 13:43:33 2011 From: dovecot.user at seibercom.net (Jerry) Date: Fri, 2 Sep 2011 06:43:33 -0400 Subject: [Dovecot] Can't got mail by OUTLOOK for a half million mails account In-Reply-To: References: Message-ID: <20110902064333.728fb20e@scorpio> On Fri, 2 Sep 2011 10:34:29 +0800 Dong Ding articulated: > Hi, > > I used postfix always_bcc to backup mail. And up to now the backup > account has half million mails in cur/, when I first time tried to > receive the mail by outlook, it failed , no responds. > > Does any one has some good idea to deal with this problem? You have got to supply some info. The output of "dovecot -n", "postfix -n" and any log files created would be a good start. In addition, the output from "Outlook" would be invaluable. Specifying the versions of all the applications involved would be a plus also. No one here has a crystal ball, or at least I don't. -- Jerry ? Dovecot.user at seibercom.net Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __________________________________________________________________ According to all the latest reports, there was no truth in any of the earlier reports. From klinkov at yandex.ru Fri Sep 2 14:26:10 2011 From: klinkov at yandex.ru (Stanislav Klinkov) Date: Fri, 02 Sep 2011 15:26:10 +0400 Subject: [Dovecot] [Solved] Kerberos GSSAPI - proper item name in keytab In-Reply-To: References: <4E5B9682.1040408@yandex.ru> <4E5F8E60.9040701@yandex.ru> Message-ID: <4E60BD52.7090706@yandex.ru> > Thanks for sharing solved problem. Thanks for participation too. > But I think this question better to forward to Kerberos mailing list. Unfortunately, I have difficulties with making a competent wording of my question. Source codes of KRB5 libs explode my brain. I cant understand them deeply and find the exact function that is directly dependent on network configuration. So, if someone would give me a hint, I'll try to continue my "investigation" to get to the truth. :) From gfinch at ldmltd.ca Fri Sep 2 18:01:25 2011 From: gfinch at ldmltd.ca (Gregory Finch) Date: Fri, 02 Sep 2011 08:01:25 -0700 Subject: [Dovecot] Can't got mail by OUTLOOK for a half million mails account In-Reply-To: References: Message-ID: <4E60EFC5.7050103@ldmltd.ca> Depending on Outlook pst format, I know the old (outlook 2000) format can't have more than 16383 or 32767 (can't remember which) messages in a single folder. Ran into this problem at our office once. Best solution was to use sieve to split the mail archive into folders by year and by month. This makes it easier to copy the archive offline as well. -Greg On 2011-09-01 7:34 PM, Dong Ding wrote: > Hi, > > I used postfix always_bcc to backup mail. And up to now the backup account > has half million mails in cur/, when I first time tried to receive the mail > by outlook, it failed , no responds. > > Does any one has some good idea to deal with this problem? > > > Thanks > -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 260 bytes Desc: OpenPGP digital signature URL: From stephan at rename-it.nl Fri Sep 2 20:25:18 2011 From: stephan at rename-it.nl (Stephan Bosch) Date: Fri, 02 Sep 2011 19:25:18 +0200 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <20110902102133.GA6623@nihlus.leuxner.net> References: <1314869252.27581.9.camel@hurina> <20110902102133.GA6623@nihlus.leuxner.net> Message-ID: <4E61117E.1030902@rename-it.nl> On 9/2/2011 12:21 PM, Thomas Leuxner wrote: > Hi, > > any idea why STARTTLS would not work after replacing 2.0.14 with the > alpha? When STARTTLS is not requested by the client it can connect. Config > is unaltered working 2.0.14 one. Are you perhaps using the automated Debian packages? Regards, Stephan. From tlx at leuxner.net Fri Sep 2 20:48:30 2011 From: tlx at leuxner.net (Thomas Leuxner) Date: Fri, 2 Sep 2011 19:48:30 +0200 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <4E61117E.1030902@rename-it.nl> References: <1314869252.27581.9.camel@hurina> <20110902102133.GA6623@nihlus.leuxner.net> <4E61117E.1030902@rename-it.nl> Message-ID: Am 02.09.2011 um 19:25 schrieb Stephan Bosch: > Are you perhaps using the automated Debian packages? > > Regards, > > Stephan. Indeed I am. Guilty... From thomas-lists at nybeta.com Fri Sep 2 21:29:47 2011 From: thomas-lists at nybeta.com (Thomas Harold) Date: Fri, 02 Sep 2011 14:29:47 -0400 Subject: [Dovecot] Can't got mail by OUTLOOK for a half million mails account In-Reply-To: References: Message-ID: <4E61209B.5090305@nybeta.com> On 9/1/2011 10:34 PM, Dong Ding wrote: > > I used postfix always_bcc to backup mail. And up to now the backup account > has half million mails in cur/, when I first time tried to receive the mail > by outlook, it failed , no responds. > > Does any one has some good idea to deal with this problem? > If it's IMAP, you may have to try Thunderbird or some other IMAP client. But most are going to horribly die past 100k messages in a single folder (and some will die much sooner). There's also the brute force method of moving 90% of the messages to some other temporary folder on the file system, grabbing the 50k that are left. Then moving messages back into the new/ folder in batches of 50k or so. I'll echo Gregory's comment that you really need to setup some sort of Sieve rules to split out messages to sub-folders on-the-fly going forward. From stephan at rename-it.nl Fri Sep 2 21:35:25 2011 From: stephan at rename-it.nl (Stephan Bosch) Date: Fri, 02 Sep 2011 20:35:25 +0200 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: References: <1314869252.27581.9.camel@hurina> <20110902102133.GA6623@nihlus.leuxner.net> <4E61117E.1030902@rename-it.nl> Message-ID: <4E6121ED.5020204@rename-it.nl> On 9/2/2011 7:48 PM, Thomas Leuxner wrote: > Am 02.09.2011 um 19:25 schrieb Stephan Bosch: > >> Are you perhaps using the automated Debian packages? >> >> Regards, >> >> Stephan. > Indeed I am. Guilty... Then, it actually is my fault. The v2.1 packages also involve a login patch of mine, which apparently broke STARTTLS. I've fixed it and a new set of packages is available within the hour. Regards, Stephan. From tlx at leuxner.net Fri Sep 2 21:38:05 2011 From: tlx at leuxner.net (Thomas Leuxner) Date: Fri, 2 Sep 2011 20:38:05 +0200 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <4E6121ED.5020204@rename-it.nl> References: <1314869252.27581.9.camel@hurina> <20110902102133.GA6623@nihlus.leuxner.net> <4E61117E.1030902@rename-it.nl> <4E6121ED.5020204@rename-it.nl> Message-ID: <3C903640-F45B-4BEE-ADEF-077D4592B796@leuxner.net> Am 02.09.2011 um 20:35 schrieb Stephan Bosch: > > Then, it actually is my fault. The v2.1 packages also involve a login patch of mine, which apparently broke STARTTLS. I've fixed it and a new set of packages is available within the hour. > > Regards, > > Stephan. I shall then rebuild as suggested. Thanks Stephan and guilty you :) From stephan at rename-it.nl Sat Sep 3 00:15:27 2011 From: stephan at rename-it.nl (Stephan Bosch) Date: Fri, 02 Sep 2011 23:15:27 +0200 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <3C903640-F45B-4BEE-ADEF-077D4592B796@leuxner.net> References: <1314869252.27581.9.camel@hurina> <20110902102133.GA6623@nihlus.leuxner.net> <4E61117E.1030902@rename-it.nl> <4E6121ED.5020204@rename-it.nl> <3C903640-F45B-4BEE-ADEF-077D4592B796@leuxner.net> Message-ID: <4E61476F.9090601@rename-it.nl> On 9/2/2011 8:38 PM, Thomas Leuxner wrote: > Am 02.09.2011 um 20:35 schrieb Stephan Bosch: >> Then, it actually is my fault. The v2.1 packages also involve a login patch of mine, which apparently broke STARTTLS. I've fixed it and a new set of packages is available within the hour. >> >> Regards, >> >> Stephan. > I shall then rebuild as suggested. Thanks Stephan and guilty you :) D'oh, builder did not update from patch repositories. Starting build now... Regards, Stephan. From kwebb at teradactyl.com Sat Sep 3 01:46:56 2011 From: kwebb at teradactyl.com (Kristen J. Webb) Date: Fri, 02 Sep 2011 16:46:56 -0600 Subject: [Dovecot] Control of \Seen flags dovecot 1.2.9 Message-ID: <4E615CE0.6080209@teradactyl.com> Hi All, I have public mailboxes working with ACL's now, and I'm testing the ACL behavior. I've added lrws to two users so they can check off the messages they have read. I'm using CONTROL and INDEX in the location parameter for the namespace. It appears that if one user marks a message as read, all users see that message read. Is there any way to configure dovecot, so that each user maintains their own view of read messages? Relevant config (i think): namespace private { separator = / prefix = location = maildir:/home/vmail/%d/%n/Maildir:LAYOUT=fs inbox = yes } namespace public { separator = / prefix = Public/ location = maildir:/home/vmail/Public:LAYOUT=fs:CONTROL=/home/vmail/%d/%n/Maildir/Public:INDEX=/home/vmail/%d/%n/Maildir/Public subscriptions = no } -- Mr. Kristen J. Webb Teradactyl LLC. PHONE: 1-505-242-1091 EMAIL: kwebb at teradactyl.com VISIT: http://www.teradactyl.com Home of the True incremental Backup System From kwebb at teradactyl.com Sat Sep 3 03:38:19 2011 From: kwebb at teradactyl.com (Kristen J. Webb) Date: Fri, 02 Sep 2011 18:38:19 -0600 Subject: [Dovecot] Control of \Seen flags dovecot 1.2.9 In-Reply-To: <4E615CE0.6080209@teradactyl.com> References: <4E615CE0.6080209@teradactyl.com> Message-ID: <4E6176FB.4090001@teradactyl.com> Sorry, I cleaned out all of my Maildirs and public folders and started over. Also changed ACL to lrs, and so far, everything is working as expected. Kris On 9/2/11 4:46 PM, Kristen J. Webb wrote: > Hi All, > > I have public mailboxes working with ACL's now, and I'm testing the ACL > behavior. I've added lrws to two users so they can check off the messages > they have read. I'm using CONTROL and INDEX in the location parameter for > the namespace. It appears that if one user marks a message as read, > all users see that message read. > > Is there any way to configure dovecot, so that each user maintains their > own view of read messages? > > > Relevant config (i think): > > namespace private { > separator = / > prefix = > location = maildir:/home/vmail/%d/%n/Maildir:LAYOUT=fs > inbox = yes > } > > namespace public { > separator = / > prefix = Public/ > location = > maildir:/home/vmail/Public:LAYOUT=fs:CONTROL=/home/vmail/%d/%n/Maildir/Public:INDEX=/home/vmail/%d/%n/Maildir/Public > > subscriptions = no > } > -- Mr. Kristen J. Webb Teradactyl LLC. PHONE: 1-505-242-1091 EMAIL: kwebb at teradactyl.com VISIT: http://www.teradactyl.com Home of the True incremental Backup System From kuizhang at gmail.com Sat Sep 3 06:06:18 2011 From: kuizhang at gmail.com (Kui Zhang) Date: Fri, 2 Sep 2011 20:06:18 -0700 Subject: [Dovecot] Possible signed/unsigned bug in libdovecot-storage (2:2.0.14 ) Message-ID: Hello We are getting following errors when moving mail from inbox to any folder. "Message has been copied too many times (32767+1)" lazy_expunge is enabled. Error messages seems to be from libdovecot-storage. Any one can confirm the bug? or knows of a work around? Thanks K.Z From tlx at leuxner.net Sat Sep 3 08:07:17 2011 From: tlx at leuxner.net (Thomas Leuxner) Date: Sat, 3 Sep 2011 07:07:17 +0200 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <4E61476F.9090601@rename-it.nl> References: <1314869252.27581.9.camel@hurina> <20110902102133.GA6623@nihlus.leuxner.net> <4E61117E.1030902@rename-it.nl> <4E6121ED.5020204@rename-it.nl> <3C903640-F45B-4BEE-ADEF-077D4592B796@leuxner.net> <4E61476F.9090601@rename-it.nl> Message-ID: Am 02.09.2011 um 23:15 schrieb Stephan Bosch: > D'oh, builder did not update from patch repositories. Starting build now... > > Regards, > > Stephan. Working now :) Minor glitch I noticed for the build: Appears 'libpq5' is required by 'dovecot-common' even if no SQL package is installed? Wonder if that works as designed. dpkg: dependency problems prevent configuration of dovecot-common: dovecot-common depends on libpq5 (>= 8.4~0cvs20090328); however: Package libpq5 is not installed. dpkg: error processing dovecot-common (--install): dependency problems - leaving unconfigured From tss at iki.fi Sat Sep 3 08:36:09 2011 From: tss at iki.fi (Timo Sirainen) Date: Sat, 3 Sep 2011 08:36:09 +0300 Subject: [Dovecot] Possible signed/unsigned bug in libdovecot-storage (2:2.0.14 ) In-Reply-To: References: Message-ID: <08CD5CF9-B82B-4F16-9729-C522C12BEE34@iki.fi> On 3.9.2011, at 6.06, Kui Zhang wrote: > We are getting following errors when moving mail from inbox to any folder. > > "Message has been copied too many times (32767+1)" mdbox? Is it actually copied that many times? From dovecot-ml at makomi.de Sat Sep 3 09:33:43 2011 From: dovecot-ml at makomi.de (=?iso-8859-1?Q?Michael_K=F6hler?=) Date: Sat, 3 Sep 2011 08:33:43 +0200 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <4E61117E.1030902@rename-it.nl> References: <1314869252.27581.9.camel@hurina> <20110902102133.GA6623@nihlus.leuxner.net> <4E61117E.1030902@rename-it.nl> Message-ID: <6B523955-CA60-4F3E-A89A-8EF12E7F280C@makomi.de> Hello Stephan, Am 02.09.2011 um 19:25 schrieb Stephan Bosch: > Are you perhaps using the automated Debian packages? I?m also upgraded to latest Debian version and I?ve got the following errors: Preparing to replace dovecot-managesieved 2:2.0.13-0~auto+71 (using .../dovecot-managesieved_2%3a2.0.14-0~auto+4_amd64.deb) ... Stopping IMAP/POP3 mail server: dovecot. Unpacking replacement dovecot-managesieved ... doveconf: Error: Module is for different version 2.0.14: /usr/lib/dovecot/modules/settings/libmanagesieve_login_settings.so doveconf: Error: Module is for different version 2.0.14: /usr/lib/dovecot/modules/settings/libmanagesieve_settings.so doveconf: Error: service(managesieve-login): executable is empty doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf: service(managesieve-login): executable is empty Starting IMAP/POP3 mail server: dovecotdoveconf: Error: Module is for different version 2.0.14: /usr/lib/dovecot/modules/settings/libmanagesieve_login_settings.so doveconf: Error: Module is for different version 2.0.14: /usr/lib/dovecot/modules/settings/libmanagesieve_settings.so doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf: service(managesieve-login): executable is empty Preparing to replace dovecot-sieve 2:2.0.13-0~auto+71 (using .../dovecot-sieve_2%3a2.0.14-0~auto+4_amd64.deb) ... Unpacking replacement dovecot-sieve ... doveconf: Error: Module is for different version 2.0.14: /usr/lib/dovecot/modules/settings/libmanagesieve_login_settings.so doveconf: Error: Module is for different version 2.0.14: /usr/lib/dovecot/modules/settings/libmanagesieve_settings.so doveconf: Error: service(managesieve-login): executable is empty doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf: service(managesieve-login): executable is empty Starting IMAP/POP3 mail server: dovecotdoveconf: Error: Module is for different version 2.0.14: /usr/lib/dovecot/modules/settings/libmanagesieve_login_settings.so doveconf: Error: Module is for different version 2.0.14: /usr/lib/dovecot/modules/settings/libmanagesieve_settings.so doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf: service(managesieve-login): executable is empty Preparing to replace dovecot-lmtpd 2:2.0.13-0~auto+71 (using .../dovecot-lmtpd_2%3a2.0.14-0~auto+4_amd64.deb) ... doveconf: Error: Module is for different version 2.0.14: /usr/lib/dovecot/modules/settings/libmanagesieve_login_settings.so doveconf: Error: Module is for different version 2.0.14: /usr/lib/dovecot/modules/settings/libmanagesieve_settings.so doveconf: Error: service(managesieve-login): executable is empty doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf: service(managesieve-login): executable is empty Stopping IMAP/POP3 mail server: dovecot. Unpacking replacement dovecot-lmtpd ... doveconf: Error: Module is for different version 2.0.14: /usr/lib/dovecot/modules/settings/libmanagesieve_login_settings.so doveconf: Error: Module is for different version 2.0.14: /usr/lib/dovecot/modules/settings/libmanagesieve_settings.so doveconf: Error: service(managesieve-login): executable is empty doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf: service(managesieve-login): executable is empty Starting IMAP/POP3 mail server: dovecotdoveconf: Error: Module is for different version 2.0.14: /usr/lib/dovecot/modules/settings/libmanagesieve_login_settings.so doveconf: Error: Module is for different version 2.0.14: /usr/lib/dovecot/modules/settings/libmanagesieve_settings.so doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf: service(managesieve-login): executable is empty Preparing to replace dovecot-common 2:2.0.13-0~auto+71 (using .../dovecot-common_2%3a2.0.14-0~auto+4_amd64.deb) ... doveconf: Error: Module is for different version 2.0.14: /usr/lib/dovecot/modules/settings/libmanagesieve_login_settings.so doveconf: Error: Module is for different version 2.0.14: /usr/lib/dovecot/modules/settings/libmanagesieve_settings.so doveconf: Error: service(managesieve-login): executable is empty doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf: service(managesieve-login): executable is empty Stopping IMAP/POP3 mail server: dovecot. Or isn?t it a problem? At this time I don?t use sieve. Greetings, Michael From stephan at rename-it.nl Sat Sep 3 11:04:00 2011 From: stephan at rename-it.nl (Stephan Bosch) Date: Sat, 03 Sep 2011 10:04:00 +0200 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <6B523955-CA60-4F3E-A89A-8EF12E7F280C@makomi.de> References: <1314869252.27581.9.camel@hurina> <20110902102133.GA6623@nihlus.leuxner.net> <4E61117E.1030902@rename-it.nl> <6B523955-CA60-4F3E-A89A-8EF12E7F280C@makomi.de> Message-ID: <4E61DF70.5090309@rename-it.nl> On 9/3/2011 8:33 AM, Michael K?hler wrote: > Hello Stephan, > > Am 02.09.2011 um 19:25 schrieb Stephan Bosch: >> Are you perhaps using the automated Debian packages? > I?m also upgraded to latest Debian version and I?ve got the following errors: > > Preparing to replace dovecot-managesieved 2:2.0.13-0~auto+71 (using .../dovecot-managesieved_2%3a2.0.14-0~auto+4_amd64.deb) ... > Stopping IMAP/POP3 mail server: dovecot. > Unpacking replacement dovecot-managesieved ... > doveconf: Error: Module is for different version 2.0.14: /usr/lib/dovecot/modules/settings/libmanagesieve_login_settings.so > doveconf: Error: Module is for different version 2.0.14: /usr/lib/dovecot/modules/settings/libmanagesieve_settings.so > doveconf: Error: service(managesieve-login): executable is empty > doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf: service(managesieve-login): executable is empty > [...] > > Or isn?t it a problem? At this time I don?t use sieve. I've seen this the first time too and it disappeared on the second update. Not sure why this happens like this, but I have a feeling it will return at the upgrade to alpha2. Regards, Stephan. From stephan at rename-it.nl Sat Sep 3 11:56:58 2011 From: stephan at rename-it.nl (Stephan Bosch) Date: Sat, 03 Sep 2011 10:56:58 +0200 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: References: <1314869252.27581.9.camel@hurina> <20110902102133.GA6623@nihlus.leuxner.net> <4E61117E.1030902@rename-it.nl> <4E6121ED.5020204@rename-it.nl> <3C903640-F45B-4BEE-ADEF-077D4592B796@leuxner.net> <4E61476F.9090601@rename-it.nl> Message-ID: <4E61EBDA.20906@rename-it.nl> On 9/3/2011 7:07 AM, Thomas Leuxner wrote: > Am 02.09.2011 um 23:15 schrieb Stephan Bosch: > >> D'oh, builder did not update from patch repositories. Starting build now... >> >> Regards, >> >> Stephan. > Working now :) Minor glitch I noticed for the build: Appears 'libpq5' is required by 'dovecot-common' even if no SQL package is installed? Wonder if that works as designed. > > dpkg: dependency problems prevent configuration of dovecot-common: > dovecot-common depends on libpq5 (>= 8.4~0cvs20090328); however: > Package libpq5 is not installed. > dpkg: error processing dovecot-common (--install): > dependency problems - leaving unconfigured Those dependencies are added automatically and are probably caused by the following: For dovecot-2.0: $ ldd .libs/libdovecot-sql.so linux-vdso.so.1 => (0x00007fff03dc3000) libdl.so.2 => /lib/libdl.so.2 (0x00007f981d3a9000) librt.so.1 => /lib/librt.so.1 (0x00007f981d1a1000) libc.so.6 => /lib/libc.so.6 (0x00007f981ce3f000) /lib64/ld-linux-x86-64.so.2 (0x00007f981d7bf000) libpthread.so.0 => /lib/libpthread.so.0 (0x00007f981cc23000) For dovecot-2.1: $ ldd .libs/libdovecot-sql.so linux-vdso.so.1 => (0x00007fffc5549000) libdovecot.so.0 => dovecot-2.1/src/lib-dovecot/.libs/libdovecot.so.0 (0x00007f0372414000) libmysqlclient.so.16 => /usr/lib/libmysqlclient.so.16 (0x00007f0371fe9000) libpq.so.5 => /usr/lib/libpq.so.5 (0x00007f0371dc0000) libsqlite3.so.0 => /usr/lib/libsqlite3.so.0 (0x00007f0371b29000) [lots more ...] As you can see, libdovecot-sql.so now has dependencies on mysql, pgsql and sqlite. I am not sure why. The following change seems to be the cause: --- dovecot-2.0/src/lib-sql/Makefile.am 2011-04-16 22:02:06.000000000 +0200 +++ dovecot-2.1/src/lib-sql/Makefile.am 2011-08-25 23:16:57.000000000 +0200 @@ -66,7 +72,11 @@ pkglib_LTLIBRARIES = libdovecot-sql.la libdovecot_sql_la_SOURCES = -libdovecot_sql_la_LIBADD = libsql.la $(MODULE_LIBS) +libdovecot_sql_la_LIBADD = libsql.la $(deplibs) \ + $(MYSQL_LIBS) \ + $(PGSQL_LIBS) \ + $(SQLITE_LIBS) \ + $(MODULE_LIBS) libdovecot_sql_la_DEPENDENCIES = libsql.la libdovecot_sql_la_LDFLAGS = -export-dynamic Timo, any ideas? Regards, Stephan. From tss at iki.fi Sat Sep 3 12:05:31 2011 From: tss at iki.fi (Timo Sirainen) Date: Sat, 3 Sep 2011 12:05:31 +0300 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <4E61EBDA.20906@rename-it.nl> References: <1314869252.27581.9.camel@hurina> <20110902102133.GA6623@nihlus.leuxner.net> <4E61117E.1030902@rename-it.nl> <4E6121ED.5020204@rename-it.nl> <3C903640-F45B-4BEE-ADEF-077D4592B796@leuxner.net> <4E61476F.9090601@rename-it.nl> <4E61EBDA.20906@rename-it.nl> Message-ID: <7F458A22-E5FD-4E53-8039-3FC5F035AD60@iki.fi> On 3.9.2011, at 11.56, Stephan Bosch wrote: > As you can see, libdovecot-sql.so now has dependencies on mysql, pgsql and sqlite. I am not sure why. The following change seems to be the cause: > > --- dovecot-2.0/src/lib-sql/Makefile.am 2011-04-16 22:02:06.000000000 +0200 > +++ dovecot-2.1/src/lib-sql/Makefile.am 2011-08-25 23:16:57.000000000 +0200 > @@ -66,7 +72,11 @@ > > pkglib_LTLIBRARIES = libdovecot-sql.la > libdovecot_sql_la_SOURCES = > -libdovecot_sql_la_LIBADD = libsql.la $(MODULE_LIBS) > +libdovecot_sql_la_LIBADD = libsql.la $(deplibs) \ > + $(MYSQL_LIBS) \ > + $(PGSQL_LIBS) \ > + $(SQLITE_LIBS) \ > + $(MODULE_LIBS) > libdovecot_sql_la_DEPENDENCIES = libsql.la > libdovecot_sql_la_LDFLAGS = -export-dynamic > > Timo, any ideas? http://hg.dovecot.org/dovecot-2.1/rev/d2b27eae9221 probably helps? From kuizhang at gmail.com Sat Sep 3 12:29:07 2011 From: kuizhang at gmail.com (Kui Zhang) Date: Sat, 3 Sep 2011 02:29:07 -0700 Subject: [Dovecot] Possible signed/unsigned bug in libdovecot-storage (2:2.0.14 ) In-Reply-To: <08CD5CF9-B82B-4F16-9729-C522C12BEE34@iki.fi> References: <08CD5CF9-B82B-4F16-9729-C522C12BEE34@iki.fi> Message-ID: it is mdbox, file size 10M I dont know if the message was ever copy that many times. I dont know any way to tell. I was able to trigger the error message with following. a uid copy 726974 inbox_2 epoll_wait(5, {{EPOLLIN, {u32=39151008, u64=39151008}}}, 3, 18653) = 1 read(0, "a uid copy 726974 Inbox_2\n", 7545) = 26 stat("/home/user_name/mdbox/mailboxes/Inbox_2/dbox-Mails", {st_dev=makedev(9, 3), st_ino=44696357, st_mode=S_IFDIR|0700, st_nlink=2, st_uid=1000, st_gid=1000, st_blksize=4096, st_blocks=8, st_size=4096, st_atime=2011/09/02-19:27:08, st_mtime=2011/09/03-00:05:26, st_ctime=2011/09/03-00:05:26}) = 0 stat("/home/user_name/mdbox/mailboxes/Inbox_2/dbox-Mails", {st_dev=makedev(9, 3), st_ino=44696357, st_mode=S_IFDIR|0700, st_nlink=2, st_uid=1000, st_gid=1000, st_blksize=4096, st_blocks=8, st_size=4096, st_atime=2011/09/02-19:27:08, st_mtime=2011/09/03-00:05:26, st_ctime=2011/09/03-00:05:26}) = 0 stat("/home/user_name/mdbox/mailboxes/Inbox_2", {st_dev=makedev(9, 3), st_ino=44696356, st_mode=S_IFDIR|0700, st_nlink=3, st_uid=1000, st_gid=1000, st_blksize=4096, st_blocks=8, st_size=4096, st_atime=2011/09/02-19:27:08, st_mtime=2011/09/02-19:27:08, st_ctime=2011/09/02-19:27:08}) = 0 stat("/home/user_name/mdbox/mailboxes/Inbox_2", {st_dev=makedev(9, 3), st_ino=44696356, st_mode=S_IFDIR|0700, st_nlink=3, st_uid=1000, st_gid=1000, st_blksize=4096, st_blocks=8, st_size=4096, st_atime=2011/09/02-19:27:08, st_mtime=2011/09/02-19:27:08, st_ctime=2011/09/02-19:27:08}) = 0 stat("/home/user_name/mdbox/mailboxes/Inbox_2/dbox-Mails", {st_dev=makedev(9, 3), st_ino=44696357, st_mode=S_IFDIR|0700, st_nlink=2, st_uid=1000, st_gid=1000, st_blksize=4096, st_blocks=8, st_size=4096, st_atime=2011/09/02-19:27:08, st_mtime=2011/09/03-00:05:26, st_ctime=2011/09/03-00:05:26}) = 0 open("/home/user_name/mdbox/mailboxes/Inbox_2/dbox-Mails/dovecot.index.log", O_RDWR) = 11 fstat(11, {st_dev=makedev(9, 3), st_ino=44696360, st_mode=S_IFREG|0600, st_nlink=1, st_uid=1000, st_gid=1000, st_blksize=4096, st_blocks=40, st_size=16404, st_atime=2011/09/02-19:32:11, st_mtime=2011/09/03-00:05:26, st_ctime=2011/09/03-00:05:26}) = 0 pread(11, "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx") open("/home/user_name/mdbox/mailboxes/Inbox_2/dbox-Mails/dovecot.index", O_RDWR) = 12 alarm(120) = 0 fcntl(12, F_SETLKW, {type=F_RDLCK, whence=SEEK_SET, start=0, len=0}) = 0 alarm(0) = 120 fstat(12, {st_dev=makedev(9, 3), st_ino=44696353, st_mode=S_IFREG|0600, st_nlink=1, st_uid=1000, st_gid=1000, st_blksize=4096, st_blocks=72, st_size=33504, st_atime=2011/09/03-00:05:26, st_mtime=2011/09/03-00:05:26, st_ctime=2011/09/03-00:05:26}) = 0 pread(12, "xxxxxxxxxxxxxxxxxxxxxxxxxx") pread(12, "xxxxxxxxxxxxxxxxxxxxxxxxxx") fcntl(12, F_SETLK, {type=F_UNLCK, whence=SEEK_SET, start=0, len=0}) = 0 fstat(11, {st_dev=makedev(9, 3), st_ino=44696360, st_mode=S_IFREG|0600, st_nlink=1, st_uid=1000, st_gid=1000, st_blksize=4096, st_blocks=40, st_size=16404, st_atime=2011/09/02-19:32:11, st_mtime=2011/09/03-00:05:26, st_ctime=2011/09/03-00:05:26}) = 0 pread(11, "", 8192, 16404) = 0 stat("/home/user_name/mdbox/storage/dovecot.map.index.log", {st_dev=makedev(9, 3), st_ino=42730409, st_mode=S_IFREG|0600, st_nlink=1, st_uid=1000, st_gid=1000, st_blksize=4096, st_blocks=56, st_size=22356, st_atime=2011/09/02-19:31:53, st_mtime=2011/09/03-01:48:40, st_ctime=2011/09/03-01:48:40}) = 0 fstat(9, {st_dev=makedev(9, 3), st_ino=42730409, st_mode=S_IFREG|0600, st_nlink=1, st_uid=1000, st_gid=1000, st_blksize=4096, st_blocks=56, st_size=22356, st_atime=2011/09/02-19:31:53, st_mtime=2011/09/03-01:48:40, st_ctime=2011/09/03-01:48:40}) = 0 fstat(9, {st_dev=makedev(9, 3), st_ino=42730409, st_mode=S_IFREG|0600, st_nlink=1, st_uid=1000, st_gid=1000, st_blksize=4096, st_blocks=56, st_size=22356, st_atime=2011/09/02-19:31:53, st_mtime=2011/09/03-01:48:40, st_ctime=2011/09/03-01:48:40}) = 0 open("/home/user_name/mdbox/mailboxes/Inbox_2/dbox-Mails/dovecot.index.cache", O_RDWR) = 13 fstat(13, {st_dev=makedev(9, 3), st_ino=44696366, st_mode=S_IFREG|0600, st_nlink=1, st_uid=1000, st_gid=1000, st_blksize=4096, st_blocks=1608, st_size=818176, st_atime=2011/09/02-19:28:48, st_mtime=2011/09/02-20:11:59, st_ctime=2011/09/02-20:11:59}) = 0 mmap(NULL, 818176, PROT_READ, MAP_SHARED, 13, 0) = 0x7f8d081f2000 pread(14, "xxxxxxxxxxxxxxxxxxxxxxxxx") pread(14, "xxxxxxxxxxxxxxxxxxxxxxxxx") fstat(14, {st_dev=makedev(9, 3), st_ino=42731774, st_mode=S_IFREG|0600, st_nlink=1, st_uid=1000, st_gid=1000, st_blksize=4096, st_blocks=20480, st_size=10484876, st_atime=2011/09/02-19:26:41, st_mtime=2011/09/02-19:26:43, st_ctime=2011/09/02-19:26:43}) = 0 stat("/home/user_name/mdbox", {st_dev=makedev(9, 3), st_ino=42729592, st_mode=S_IFDIR|0700, st_nlink=5, st_uid=1000, st_gid=1000, st_blksize=4096, st_blocks=8, st_size=4096, st_atime=2011/04/07-09:30:08, st_mtime=2011/09/03-01:57:47, st_ctime=2011/09/03-01:58:08}) = 0 chown("/home/user_name/mdbox", 1000, 4294967295) = 0 stat("/home/user_name/mdbox/dovecot-quota", {st_dev=makedev(9, 3), st_ino=42730175, st_mode=S_IFREG|0600, st_nlink=1, st_uid=1000, st_gid=1000, st_blksize=4096, st_blocks=8, st_size=59, st_atime=2011/09/03-01:48:40, st_mtime=2011/09/03-01:48:40, st_ctime=2011/09/03-01:48:40}) = 0 fstat(15, {st_dev=makedev(9, 3), st_ino=42730175, st_mode=S_IFREG|0600, st_nlink=1, st_uid=1000, st_gid=1000, st_blksize=4096, st_blocks=8, st_size=59, st_atime=2011/09/03-01:48:40, st_mtime=2011/09/03-01:48:40, st_ctime=2011/09/03-01:48:40}) = 0 alarm(180) = 0 fcntl(9, F_SETLKW, {type=F_WRLCK, whence=SEEK_SET, start=0, len=0}) = 0 alarm(0) = 180 stat("/home/user_name/mdbox/storage/dovecot.map.index.log", {st_dev=makedev(9, 3), st_ino=42730409, st_mode=S_IFREG|0600, st_nlink=1, st_uid=1000, st_gid=1000, st_blksize=4096, st_blocks=56, st_size=22356, st_atime=2011/09/02-19:31:53, st_mtime=2011/09/03-01:48:40, st_ctime=2011/09/03-01:48:40}) = 0 fstat(9, {st_dev=makedev(9, 3), st_ino=42730409, st_mode=S_IFREG|0600, st_nlink=1, st_uid=1000, st_gid=1000, st_blksize=4096, st_blocks=56, st_size=22356, st_atime=2011/09/02-19:31:53, st_mtime=2011/09/03-01:48:40, st_ctime=2011/09/03-01:48:40}) = 0 stat("/home/user_name/mdbox/mailboxes/Inbox_2/dbox-Mails/dovecot.index.log.2", {st_dev=makedev(9, 3), st_ino=44696358, st_mode=S_IFREG|0600, st_nlink=1, st_uid=1000, st_gid=1000, st_blksize=4096, st_blocks=144, st_size=66812, st_atime=2011/09/02-19:27:08, st_mtime=2011/09/02-19:32:11, st_ctime=2011/09/02-19:32:11}) = 0 alarm(180) = 0 fcntl(11, F_SETLKW, {type=F_WRLCK, whence=SEEK_SET, start=0, len=0}) = 0 alarm(0) = 180 stat("/home/user_name/mdbox/mailboxes/Inbox_2/dbox-Mails/dovecot.index.log", {st_dev=makedev(9, 3), st_ino=44696360, st_mode=S_IFREG|0600, st_nlink=1, st_uid=1000, st_gid=1000, st_blksize=4096, st_blocks=40, st_size=16404, st_atime=2011/09/02-19:32:11, st_mtime=2011/09/03-00:05:26, st_ctime=2011/09/03-00:05:26}) = 0 fstat(11, {st_dev=makedev(9, 3), st_ino=44696360, st_mode=S_IFREG|0600, st_nlink=1, st_uid=1000, st_gid=1000, st_blksize=4096, st_blocks=40, st_size=16404, st_atime=2011/09/02-19:32:11, st_mtime=2011/09/03-00:05:26, st_ctime=2011/09/03-00:05:26}) = 0 fcntl(9, F_SETLK, {type=F_UNLCK, whence=SEEK_SET, start=0, len=0}) = 0 fcntl(11, F_SETLK, {type=F_UNLCK, whence=SEEK_SET, start=0, len=0}) = 0 write(1, "a NO [CANNOT] Message has been copied too many times (32767 + 1)\r\n", 66) = 66 epoll_wait(5, {}, 3, 5000) = 0 epoll_wait(5, {}, 3, 4) = 0 15642 timeout_reset(0x25565c0, 0x254632a, 3, 32704, 0x203a2961632e79) = 1 15642 i_stream_read(0x2556300, 0x2999108, 0, 0x25565c0, 8) = 26 15642 o_stream_ref(0x25564b8, 0x2559e0d, 0, 26, 8) = 26 15642 o_stream_cork(0x25564b8, 0x2559e0d, 0, 26, 8) = 1 15642 t_push(0x2555ed0, 1, 0x2556440, 26, 8) = 3 15642 i_stream_get_data(0x2556300, 0x7fffb16662c0, 4, 32704, 8) = 0x2559e0d 15642 buffer_create_dynamic(0x2556620, 40, 0x2556600, 1856, 8) = 0x25566c0 15642 imap_parser_read_word(0x25557a0, 0x2555ef8, 0x2556600, 1760, 8) = 0x255bd08 15642 p_strdup(0x2556620, 0x255bd08, 0, 97, 8) = 0x2556720 15642 imap_parser_read_word(0x25557a0, 0x255bd0a, 0, 97, 0x255bd08) = 0x255bd10 15642 p_strdup(0x2556620, 0x255bd10, 0, 25705, 0x255bd08) = 0x2556728 15642 t_str_new(128, 0x255bd14, 0, 0x646975, 0x255bd10) = 0x2523088 15642 str_append_c(0x2523088, 91, 0, 98, 128) = 0x25230c0 15642 str_append(0x2523088, 0x254c420, 1, 91, 128) = 0x25230c1 15642 str_len(0x2523088, 0x254c431, 0, 0x6f6840736e6f726f, 0x61632e7961777473) = 18 15642 str_append_c(0x2523088, 32, 0, 0x6f6840736e6f726f, 0x61632e7961777473) = 0x25230d2 15642 str_append(0x2523088, 0x2556728, 0, 32, 0x61632e7961777473) = 0x25230d3 15642 str_append_c(0x2523088, 93, 0, 25705, 0x2556728) = 0x25230d6 15642 str_c(0x2523088, 0x7fffb166624d, 0, 93, 0x2556728) = 0x25230c0 15642 process_title_set(0x25230c0, 0x7fffb166624d, 0, 93, 0x2556728) = 0x7fffb1666bc0 15642 array_bsearch_i(0x61feb0, 0x2556728, 0x411510, 0x5d6469752061632e, 0x746f6365766f642f 15642 strcasecmp("uid", "NOOP") = 7 15642 strcasecmp("uid", "UID COPY") = -32 15642 strcasecmp("uid", "STATUS") = 2 15642 strcasecmp("uid", "THREAD") = 1 15642 strcasecmp("uid", "UID") = 0 15642 <... array_bsearch_i resumed> ) = 0x252ca98 15642 imap_parser_read_word(0x25557a0, 0x41bd4e, 0, 0, 0) = 0x255bd18 15642 t_strconcat(0x41b57d, 0x255bd18, 0, 0x79706f63, 0) = 0x2523170 15642 array_bsearch_i(0x61feb0, 0x2523170, 0x411510, 32432, 0x255bd18 15642 strcasecmp("UID copy", "NOOP") = 7 15642 strcasecmp("UID copy", "UID COPY") = 0 15642 <... array_bsearch_i resumed> ) = 0x252cab0 15642 p_strconcat(0x2556620, 0x41b57d, 0x255bd18, 0, 0) = 0x2556730 15642 imap_parser_read_args(0x25557a0, 2, 0, 0x7fffb16660d8, 0x255bd18) = 2 15642 t_str_new(256, 0, 0, 146, 32) = 0x2523198 15642 imap_write_args(0x2523198, 0x255bc28, 0, 0, 0) = 0x25231d7 15642 str_c(0x2523198, 0x255bd2f, 0, 0x325f786f, 0x255bd28) = 0x25231d0 15642 p_strdup(0x2556620, 0x25231d0, 0, 0x325f786f, 0x255bd28) = 0x2556740 15642 imap_arg_get_astring(0x255bc28, 0x7fffb16660d0, 24, 0x325f786f626e49, 0x25231d0) = 1 15642 imap_arg_get_astring(0x255bc48, 0x7fffb16660d0, 32, 0x325f786f626e49, 0x25231d0) = 1 15642 mail_search_build_init(0x2556640, 0x255bd20, 1, 0x7fffb16661f0, 0x25231d0) = 0x2568920 15642 buffer_create_dynamic(0x2568900, 128, 0x25688e0, 3840, 8) = 0x25689e0 15642 imap_seq_set_parse(0x255bd20, 0x2568968, 0x25688e0, 3656, 8) = 0 15642 mail_search_args_init(0x2568920, 0x2556e50, 1, 0x2555fb0, 0x7fffb1666068) = 4 15642 mail_namespace_find(0x2550340, 0x7fffb1666108, 0x7fffb16661d8, 0x7fffb166620c, 8) = 0x2550340 15642 strlen("Inbox_2") = 7 15642 strlen("Inbox_2") = 7 15642 mailbox_list_get_mailbox_name_status(0x2552930, 0x255bd28, 0x7fffb166620c, 47, 0x255bd28) = 0 15642 mailbox_get_namespace(0x2556e50, 0x2550340, 0x255bd28, 0, 0) = 0x2550340 15642 mailbox_get_name(0x2556e50, 0x2550340, 0x2550340, 0, 0) = 0x25570c0 15642 strcmp("INBOX", "Inbox_2") = -32 15642 strcasecmp("INBOX", "INBOX") = 0 15642 strcasecmp("Inbox_2", "INBOX") = 95 15642 mailbox_alloc(0x2552930, 0x255bd28, 10, 0, 95) = 0x2569930 15642 mailbox_open(0x2569930, 0, 2, 32024, 104) = 0 15642 mailbox_transaction_begin(0x2569930, 6, 0x7f8d0e5aa560, 32024, 0) = 0x299cb20 15642 t_str_new(256, 0x7fffb1666120, 0, 0x299cc00, 0x7f8d0df1aeb8) = 0x25235f8 15642 mailbox_transaction_begin(0x2556e50, 0, 0, 0, 0) = 0x256c590 15642 mailbox_search_init(0x256c590, 0x2568920, 0, 0x256dc20, 0x7f8d0df1aeb8) = 0x256dc50 15642 mail_alloc(0x256c590, 0, 0, 3, 32) = 0x256e440 15642 mailbox_search_next(0x256dc50, 0x256e440, 0x7f8d0e5aa560, 30976, 88) = 1 15642 mailbox_save_alloc(0x299cb20, 726974, 0, 0x256dd30, 0) = 0x256dee0 15642 mailbox_save_copy_flags(0x256dee0, 0x256e440, -1, 0, 0) = 12 15642 mailbox_copy(0x7fffb16661c0, 0x256e440, 44, 0x2902410, 726974) = 0 15642 mailbox_search_next(0x256dc50, 0x256e440, 0, 0xffffffff, 0x7f8d0df19580) = 0 15642 mail_free(0x7fffb16661b8, 40, 0, 0x7fffb1666080, 0x7f8d0df19580) = 2065 15642 str_printfa(0x25235f8, 0x41bd53, 726974, 726974, 48) = 130 15642 mailbox_search_deinit(0x7fffb16661d0, 6, 0x2523636, 0x41bd55, 0) = 0 15642 mailbox_transaction_commit(0x7fffb16661c8, 2, 0x256de00, 132976, 0) = 0 15642 str_c(0x25235f8, 0, 0x256d3b0, 132976, 56) = 0x2523630 15642 mail_search_args_unref(0x7fffb16661f0, 0, 0x256d3b0, 132976, 56) = 4113 15642 t_str_new(256, 0, 0x2996cb0, 132976, 120) = 0x2523758 15642 mailbox_transaction_commit_get_changes(0x7fffb16661f8, 0x7fffb1666170, 0, 0, 0) = 0xffffffff 15642 mailbox_get_storage(0x2569930, 0, 0x7f8d0e5aa560, 30624, 48) = 0x2553140 15642 mailbox_free(0x7fffb1666200, 0, 0x7f8d0e5aa560, 0x2569930, 48) = 7201 15642 mailbox_is_inconsistent(0x2556e50, 0x2553140, 0x299cc80, 132976, 8) = 0 15642 mail_storage_get_last_error(0x2553140, 0x7fffb166612c, 0x4d9de690, 132976, 8) = 0x2573bf0 15642 t_strdup_printf(0x41b1d7, 0x41b19d, 0x2573bf0, 132976, 8) = 0x2523890 15642 o_stream_send_str(0x25564b8, 0x2556720, 0x2523010, 30560, 0) = 1 15642 o_stream_send(0x25564b8, 0x419dd1, 1, 97, 0x2556720) = 1 15642 o_stream_send_str(0x25564b8, 0x2523890, 0, 32, 0x2556720) = 62 15642 o_stream_send(0x25564b8, 0x41b5cf, 2, 0x3233282073656d69, 0x2931202b20373637) = 2 15642 timeout_reset(0x25565c0, 0x41b5d1, 0, 2573, 0x2931202b20373637) = 2 15642 imap_parser_reset(0x25557a0, 0x29999d8, 0, 0x25565c0, 8) = 0x25557d0 15642 t_str_new(128, 0, 0, -5, 16) = 0x25238e8 15642 str_append_c(0x25238e8, 91, 0, 98, 128) = 0x2523920 15642 str_append(0x25238e8, 0x254c420, 1, 91, 128) = 0x2523921 15642 str_append_c(0x25238e8, 93, 0, 0x6f6840736e6f726f, 0x61632e7961777473) = 0x2523932 15642 str_c(0x25238e8, 0x7fffb166621d, 0, 93, 0x61632e7961777473) = 0x2523920 15642 process_title_set(0x2523920, 0x7fffb166621d, 0, 93, 0x61632e7961777473) = 0x7fffb1666beb 15642 t_pop_check(0x7fffb16662cc, 171, 0xabababababababab, 414, 4) = 3 15642 t_push(0x7fffb16662cc, 171, 0x7f8d0e5aa560, 32704, 4) = 3 15642 i_stream_get_data(0x2556300, 0x7fffb16662b8, 4, 32704, 4) = 0x2559e26 15642 i_stream_skip(0x2556300, 1, 1, 1, 4) = 1 15642 i_stream_get_data(0x2556300, 0x7fffb16662c0, 647, 0x25562a0, 4) = 0 15642 t_pop_check(0x7fffb16662cc, 0x7fffb16662c0, 0x25562a0, 647, 4) = 3 15642 mailbox_transaction_get_count(0x2556e50, 0x7fffb16662c0, 0x7f8d0e5aa560, 32704, 4) = 0 15642 o_stream_uncork(0x25564b8, 0, 0x7f8d0e5aa560, 32704, 4) = 0 15642 o_stream_unref(0x7fffb1666310, 0, 66, 0, 4) = 1 15642 i_stream_get_data(0x2556300, 0x7fffb16662e8, 66, 0, 4) = 0 Thanks for checking KuiZ On Fri, Sep 2, 2011 at 10:36 PM, Timo Sirainen wrote: > On 3.9.2011, at 6.06, Kui Zhang wrote: > >> We are getting following errors when moving mail from inbox to any folder. >> >> "Message has been copied too many times (32767+1)" > > mdbox? Is it actually copied that many times? > > From tlx at leuxner.net Sat Sep 3 14:02:25 2011 From: tlx at leuxner.net (Thomas Leuxner) Date: Sat, 3 Sep 2011 13:02:25 +0200 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <7F458A22-E5FD-4E53-8039-3FC5F035AD60@iki.fi> References: <1314869252.27581.9.camel@hurina> <20110902102133.GA6623@nihlus.leuxner.net> <4E61117E.1030902@rename-it.nl> <4E6121ED.5020204@rename-it.nl> <3C903640-F45B-4BEE-ADEF-077D4592B796@leuxner.net> <4E61476F.9090601@rename-it.nl> <4E61EBDA.20906@rename-it.nl> <7F458A22-E5FD-4E53-8039-3FC5F035AD60@iki.fi> Message-ID: <2FF2E9E9-EDC0-4961-8392-E9A8DE9C4422@leuxner.net> Am 03.09.2011 um 11:05 schrieb Timo Sirainen: > On 3.9.2011, at 11.56, Stephan Bosch wrote: > >> As you can see, libdovecot-sql.so now has dependencies on mysql, pgsql and sqlite. I am not sure why. The following change seems to be the cause: >> >> --- dovecot-2.0/src/lib-sql/Makefile.am 2011-04-16 22:02:06.000000000 +0200 >> +++ dovecot-2.1/src/lib-sql/Makefile.am 2011-08-25 23:16:57.000000000 +0200 >> @@ -66,7 +72,11 @@ >> >> pkglib_LTLIBRARIES = libdovecot-sql.la >> libdovecot_sql_la_SOURCES = >> -libdovecot_sql_la_LIBADD = libsql.la $(MODULE_LIBS) >> +libdovecot_sql_la_LIBADD = libsql.la $(deplibs) \ >> + $(MYSQL_LIBS) \ >> + $(PGSQL_LIBS) \ >> + $(SQLITE_LIBS) \ >> + $(MODULE_LIBS) >> libdovecot_sql_la_DEPENDENCIES = libsql.la >> libdovecot_sql_la_LDFLAGS = -export-dynamic >> >> Timo, any ideas? > > http://hg.dovecot.org/dovecot-2.1/rev/d2b27eae9221 probably helps? > Looks good now, dependency gone. Thanks to both of you. From lists at wildgooses.com Sat Sep 3 16:03:39 2011 From: lists at wildgooses.com (Ed W) Date: Sat, 03 Sep 2011 14:03:39 +0100 Subject: [Dovecot] Thunderbird caching problem In-Reply-To: <4E5E91F0.3020608@bunbun.be> References: <20110831185948.GG4353@ref.nmedia.net> <4E5E8E8D.3090406@neurotica.com> <20110831194953.GN4353@ref.nmedia.net> <4E5E91F0.3020608@bunbun.be> Message-ID: <4E6225AB.7090407@wildgooses.com> On 31/08/2011 20:56, Nick Rosier wrote: > Chris Cappuccio wrote: >> Dave McGuire [mcguire at neurotica.com] wrote: >> >> Interesting..How do I know that I really should be announcing all of >> these capabilities given my current dovecot version and config? >> >> With the config I posted, here's what I send out now >> >> * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE >> IDLE STARTTLS AUTH=PLAIN AUTH=DIGEST-MD5 AUTH=CRAM-MD5] Blahfart >> > This is before login, you need to verify after login. Dovecot changes > the capabilities it advertises after login. Remove CONDSTORE and > QRESYNC; the CONDSTORE is the one messing it up for you. QRESYNC also > implies CONDSTORE so you need to disable this one as well. > > N. What you are doing is disabling CONDSTORE. You can do this on a machine by machine basis by going into the Thunderbird advanced configuration page and toggling: mail.server.default.use_condstore Note, others have reported NOT having problems when using Cyrus..? For me it happens: - Using the same username to login to the same inboxes from separate machines - Both users behind the same NAT (nat timeouts and missed messages a possibility) - Rarely Possibly: - The user that gets affected has been idle for a while (see NAT idea above) - That user is either viewing the affected folder, or recently viewed the folder. Someone needs to catch this thing in the act and get a network trace so that we can put this thing to bed. It happens so rarely for me (and in such large folders) that it's not practical to get a trace. Also note that for me it's mainly a case that I see messages marked unread, when someone else marked them read. This is often fixed by restarting TB (possibly a clue). I don't think I ever need to force a re-download of all messages? Good luck Ed W From tss at iki.fi Sun Sep 4 18:33:48 2011 From: tss at iki.fi (Timo Sirainen) Date: Sun, 04 Sep 2011 18:33:48 +0300 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <4E609C46.9010306@luigirosa.com> References: <1314869252.27581.9.camel@hurina> (auto-added) <2AAA5E22-01A2-4405-922F-CA904F92EB12@iki.fi> <4E5F96B3.8090709@luigirosa.com> <5EDA8C12-D80B-48CD-B69A-A9969609617E@iki.fi> <4E5F9990.6060806@luigirosa.com> <32D56AC3-9213-4459-A231-3C41C1C2C18D@iki.fi> <4E609C46.9010306@luigirosa.com> Message-ID: <1315150429.21981.0.camel@hurina> On Fri, 2011-09-02 at 11:05 +0200, Luigi Rosa wrote: > Sep 2 11:03:11 mail dovecot: stats: Error: Mail server input error: > UPDATE-SESSION: stats shrank: ucpu 0.5999 < 0.9000 http://hg.dovecot.org/dovecot-2.1/rev/9434093229aa should fix this. From tss at iki.fi Sun Sep 4 18:34:13 2011 From: tss at iki.fi (Timo Sirainen) Date: Sun, 04 Sep 2011 18:34:13 +0300 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: References: <1314869252.27581.9.camel@hurina> <2AAA5E22-01A2-4405-922F-CA904F92EB12@iki.fi> Message-ID: <1315150453.21981.1.camel@hurina> On Thu, 2011-09-01 at 21:09 +0200, Frank Elsner wrote: > But when I stop dovecot I get > > Sep 1 17:08:17 seymour dovecot: master: Warning: Killed with signal 15 (by pid=7896 uid=0 code=kill) > Sep 1 17:08:17 seymour dovecot: anvil: Panic: file master-service.c: line 584 (master_service_client_connection_de > stroyed): assertion failed: (service->total_available_count > 0) http://hg.dovecot.org/dovecot-2.1/rev/66453d942761 should fix this. From tss at iki.fi Sun Sep 4 18:45:49 2011 From: tss at iki.fi (Timo Sirainen) Date: Sun, 04 Sep 2011 18:45:49 +0300 Subject: [Dovecot] Possible signed/unsigned bug in libdovecot-storage (2:2.0.14 ) In-Reply-To: References: <08CD5CF9-B82B-4F16-9729-C522C12BEE34@iki.fi> Message-ID: <1315151149.21981.8.camel@hurina> On Sat, 2011-09-03 at 02:29 -0700, Kui Zhang wrote: > > >> "Message has been copied too many times (32767+1)" > it is mdbox, file size 10M > > I dont know if the message was ever copy that many times. I dont know > any way to tell. I'm pretty sure the message has been copied that many times. Possibly related to some lazy-expunge bug.. You could check this manually by: > I was able to trigger the error message with following. > a uid copy 726974 inbox_2 > First you'll need to find "map_uid" of the message: > map_uid=`doveadm dump ~/mdbox/mailboxes/INBOX/dbox-Mails/|grep -A 10 uid=726974|grep -w map_uid|awk '{print $4}'` Next you can check that the reference count for the message really is 32767: doveadm dump ~/mdbox/storage|grep -A 5 uid=$map_uid | grep -w ref And finally check where that message has actually been copied to: printf '#!/bin/sh\necho $1;doveadm dump $1 | grep "map_uid.*\\b$2\\$" | wc -l\n' > /tmp/find.sh find ~/mdbox -name dbox-Mails -exec /tmp/find.sh {} $map_uid \; From lists at luigirosa.com Sun Sep 4 19:10:48 2011 From: lists at luigirosa.com (Luigi Rosa) Date: Sun, 04 Sep 2011 18:10:48 +0200 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <1315150429.21981.0.camel@hurina> References: <1314869252.27581.9.camel@hurina> (auto-added) <2AAA5E22-01A2-4405-922F-CA904F92EB12@iki.fi> <4E5F96B3.8090709@luigirosa.com> <5EDA8C12-D80B-48CD-B69A-A9969609617E@iki.fi> <4E5F9990.6060806@luigirosa.com> <32D56AC3-9213-4459-A231-3C41C1C2C18D@iki.fi> <4E609C46.9010306@luigirosa.com> <1315150429.21981.0.camel@hurina> Message-ID: <4E63A308.4050900@luigirosa.com> Timo Sirainen said the following on 04/09/11 17:33: >> Sep 2 11:03:11 mail dovecot: stats: Error: Mail server input error: >> UPDATE-SESSION: stats shrank: ucpu 0.5999< 0.9000 > > http://hg.dovecot.org/dovecot-2.1/rev/9434093229aa should fix this. Confirmed! Ciao, luigi -- / +--[Luigi Rosa]-- \ Cheap recursion jokes are my favorite kind of cheap recursion jokes. From tss at iki.fi Sun Sep 4 21:15:04 2011 From: tss at iki.fi (Timo Sirainen) Date: Sun, 04 Sep 2011 21:15:04 +0300 Subject: [Dovecot] v2.1 stats documentation Message-ID: <1315160105.21981.34.camel@hurina> http://wiki2.dovecot.org/Statistics From kyle at averageurl.com Sun Sep 4 22:10:02 2011 From: kyle at averageurl.com (Kyle Brantley) Date: Sun, 04 Sep 2011 13:10:02 -0600 Subject: [Dovecot] Quotas not recalculating Message-ID: <4E63CD0A.50500@averageurl.com> Hello all -- I have an interesting issue, where the quotas are refusing the recalculate for anyone on my server. # doveadm quota get -u kyle at averageurl.com Quota name Type Value Limit % storage=540672 STORAGE 0 - 0 storage=540672 MESSAGE 0 - 0 # doveadm quota recalc -u kyle at averageurl.com # doveadm quota get -u kyle at averageurl.com Quota name Type Value Limit % storage=540672 STORAGE 0 - 0 storage=540672 MESSAGE 0 - 0 # du -sh /var/mail/vhosts/averageurl.com/kyle 512M /var/mail/vhosts/averageurl.com/kyle The IMAP client (Thunderbird) state that the user has no quotas in place at all. Now, if I copy the maildirsize file from another user to this user account, the quotas display in the IMAP client. At this point, however, trying to recalc the quota does nothing. Any help with this would be appreciated, config below... --Kyle # doveconf -n # 2.0.beta6 (3156315704ef): /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-71.29.1.el6.x86_64 x86_64 CentOS Linux release 6.0 (Final) ext4 auth_gssapi_hostname = imap.mail.averageurl.com auth_krb5_keytab = /etc/dovecot/krb5.keytab auth_mechanisms = plain login gssapi digest-md5 cram-md5 first_valid_uid = 502 last_valid_uid = 502 mail_debug = yes mail_location = maildir:/var/mail/vhosts/%d/%n mail_plugins = $mail_plugins quota mbox_write_locks = fcntl passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { quota = maildir:Quota sieve = /var/mail/vhosts/%d/%n/.sieve sieve_dir = /var/mail/vhosts/%d/%n/sieve/ } protocols = imap lmtp sieve service auth { unix_listener auth-userdb { group = mailstore mode = 0660 } } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } } service imap { process_limit = 128 } service lmtp { unix_listener lmtp { mode = 0666 } } service managesieve-login { inet_listener sieve { port = 4190 } process_min_avail = 0 service_count = 1 } ssl_ca = password= dbname= user_query = SELECT 502 AS uid, 502 AS gid, "/var/mail/vhosts/%d/%n" AS home, concat("maildir:storage=", floor(m.quota/1024)) AS quota FROM vmailboxes m, vhosts h WHERE `m`.`username` = '%n' AND `m`.`domain` = `h`.`UUID` AND `h`.`vhost` = '%d' default_pass_scheme = PLAIN password_query = SELECT aes_decrypt(`m`.`password`, ) AS password FROM vmailboxes m, vhosts h WHERE `m`.`username` = '%n' AND `m`.`domain` = `h`.`UUID` AND `h`.`vhost` = '%d' From kyle at averageurl.com Mon Sep 5 04:28:21 2011 From: kyle at averageurl.com (Kyle Brantley) Date: Sun, 04 Sep 2011 19:28:21 -0600 Subject: [Dovecot] Quotas not recalculating In-Reply-To: <4E63CD0A.50500@averageurl.com> References: <4E63CD0A.50500@averageurl.com> Message-ID: <4E6425B5.3080305@averageurl.com> On 9/4/2011 1:10 PM, Kyle Brantley wrote: > Hello all -- > > I have an interesting issue, where the quotas are refusing the > recalculate for anyone on my server. > > # doveadm quota get -u kyle at averageurl.com > Quota name Type Value Limit % > storage=540672 STORAGE 0 - 0 > storage=540672 MESSAGE 0 - 0 > # doveadm quota recalc -u kyle at averageurl.com > # doveadm quota get -u kyle at averageurl.com > Quota name Type Value Limit % > storage=540672 STORAGE 0 - 0 > storage=540672 MESSAGE 0 - 0 > # du -sh /var/mail/vhosts/averageurl.com/kyle > 512M /var/mail/vhosts/averageurl.com/kyle > > The IMAP client (Thunderbird) state that the user has no quotas in > place at all. Now, if I copy the maildirsize file from another user to > this user account, the quotas display in the IMAP client. At this > point, however, trying to recalc the quota does nothing. > > Any help with this would be appreciated, config below... > > --Kyle > > > Okay, something else isn't cooperating with this at all. I reconfigured it to use dirsize just to test (quota = dirsize:User quota in 90-quota.conf instead of quota = maildir:User quota), and it is still trying to use maildir quotas: Sep 5 01:24:22 serenity dovecot: imap(kyle at averageurl.com): Debug: Effective uid=502, gid=502, home=/var/mail/vhosts/averageurl.com/kyle Sep 5 01:24:22 serenity dovecot: imap(kyle at averageurl.com): Debug: Quota root: name=storage=540672 backend=maildir args= Relevant `postconf -n` changes: plugin { quota = dirsize:User quota sieve = /var/mail/vhosts/%d/%n/.sieve sieve_dir = /var/mail/vhosts/%d/%n/sieve/ } Any ideas what is going on would be great. --Kyle From tss at iki.fi Mon Sep 5 08:39:39 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 5 Sep 2011 08:39:39 +0300 Subject: [Dovecot] Quotas not recalculating In-Reply-To: <4E6425B5.3080305@averageurl.com> References: <4E63CD0A.50500@averageurl.com> <4E6425B5.3080305@averageurl.com> Message-ID: <19DE1FB3-E4F7-44B2-AD44-B5AFD7E813E2@iki.fi> On 5.9.2011, at 4.28, Kyle Brantley wrote: > Okay, something else isn't cooperating with this at all. I reconfigured it to use dirsize just to test (quota = dirsize:User quota in 90-quota.conf instead of quota = maildir:User quota), and it is still trying to use maildir quotas: Your user_query in dovecot-sql.conf overrides the quota setting. From aydin.demirel at endersys.com Mon Sep 5 09:42:46 2011 From: aydin.demirel at endersys.com (=?UTF-8?B?QXlkxLFuIERlbWlyZWw=?=) Date: Mon, 05 Sep 2011 09:42:46 +0300 Subject: [Dovecot] Trash Plugin In-Reply-To: <1313355199.10421.1288.camel@hurina> References: <1313355199.10421.1288.camel@hurina> Message-ID: <4E646F66.3080207@endersys.com> Hi; Sorry for delay; if both qmail quota settings are enabled, and storage is enabled in the dovecot config; Which will be active? ie, both the user quotas will be different Regards.. On Tue, 2011-08-09 at 14:34 +0300, Ayd?n Demirel wrote: > Hi; > > I have a question about trash plugin. I added following lines into > dovecot.conf: > > quota_rule = *:storage=2048000 > quota_rule2 = Trash:storage=1MB > quota_rule3 = SPAM:ignore That looks like simply a quota plugin setting. You haven't shown anything settings about trash plugin. Which one do you really mean? > When I set *:storage line as default quota_rule , There is no problem.. > > But when I removed this line and set Trash:storage as default > quota_rule, plugin is not working.. > > That I said, Do I have to add *:storage line as first default line in > config line? You need a *:storage rule in any case. I don't know what you'd want to happen if it didn't exist. -- *Ayd?n Demirel Endersys Ltd. Sistem Destek M?hendisi/ System Support Engineer* * *<> Phone : +90 216 470 9423 | GSM : +90 530 401 8203 Fax : +90 216 470 9508 | Web : http://www.endersys.com Blog : http://blog.endersys.com Twitter : http://www.twitter.com/endersys LPI : The #1 Linux Certification for IT Professionals LPI (Linux Professional Institute) Turkey http://www.lpi-turkey.com From janfrode at tanso.net Mon Sep 5 12:05:41 2011 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Mon, 5 Sep 2011 11:05:41 +0200 Subject: [Dovecot] limit number of simultaneous lmtp deliveries ? Message-ID: <20110905090541.GA8709@oc1046828364.ibm.com> We have quite a few frontend mail gateways that deliver incoming email trough our dovecot director (lmtp proxy) to the backend lmtp servers, and are seeing this logged on the frontend mail gateways: Sep 5 10:51:56 mailgw1 postfix/lmtp[23443]: 0E2F41C01A: to=, relay=loadbalancers.example.com[192.168.42.15]:24, delay=61, delays=0.02/0.3/31/30, dsn=4.4.0, status=deferred (host loadbalancers.example.com[192.168.42.15] said: 451 4.4.0 Remote server not answering (DATA output timeout) (in reply to end of DATA command)) It's a bit unclear to me if this leads to duplicate deliveries, or just delayed deliveries, but -- is there any way to limit the number of simultanous deliveries on either the dovecot director or the backend lmtp-servers ? Will "process_limit=10" work for "service lmtp"? -jf From stsiol at yahoo.co.uk Mon Sep 5 12:37:13 2011 From: stsiol at yahoo.co.uk (Spyros Tsiolis) Date: Mon, 5 Sep 2011 10:37:13 +0100 (BST) Subject: [Dovecot] User tries to move folder, then looses it Message-ID: <1315215433.4874.YahooMailNeo@web27202.mail.ukl.yahoo.com> Hello, Well, this is kind of difficult to explain. I have this user that keeps making mistakes on his pc and sometimes I don't know if I should believe her or not. Anywhoo, this time round, she managed to loose? a whole folder on Thunderbird. She claims she tried to move the folder from a tree directory structure (see : sub-sub-folder) she created for herself to another place underneath "root". Additionaly, she managed to mangle things up since she used on TB characters like "/"? "\" and "&" . So thunderbird refuses to access those sub-folders on the folder tree and I cannot rename them (in order to have later access). Here's dovecot info : -------------------------------------------------------------------------- # 1.2.16: /etc/dovecot/dovecot.conf # OS: Linux 2.6.18-194.17.4.el5 i686 CentOS release 5.5 (Final) ext3 base_dir: /var/run/dovecot/ log_path: /var/log/dovecot/dovecot.log info_log_path: /var/log/dovecot/dovecot-info.log ssl_parameters_regenerate: 48 verbose_ssl: yes login_dir: /var/run/dovecot//login login_executable: /usr/local/dovecot/libexec/dovecot/imap-login login_greeting: * Dovecot ready * login_max_processes_count: 64 mail_location: maildir:/var/MailRoot/domains/%d/%n/Maildir mail_plugins: zlib auth default: ? verbose: yes ? debug: yes ? debug_passwords: yes ? passdb: ??? driver: passwd-file ??? args: /etc/dovecot/passwd ? passdb: ??? driver: pam ? userdb: ??? driver: static ??? args: uid=vmail gid=vmail home=/home/vmail/%u ? userdb: ??? driver: passwd -------------------------------------------------------------------------- TIA, s. ? ---- "I merely function as a channel that filters music through the chaos of noise" - Vangelis From kuizhang at gmail.com Mon Sep 5 13:11:48 2011 From: kuizhang at gmail.com (Kui Zhang) Date: Mon, 5 Sep 2011 03:11:48 -0700 Subject: [Dovecot] Possible signed/unsigned bug in libdovecot-storage (2:2.0.14 ) In-Reply-To: <1315151149.21981.8.camel@hurina> References: <08CD5CF9-B82B-4F16-9729-C522C12BEE34@iki.fi> <1315151149.21981.8.camel@hurina> Message-ID: On Sun, Sep 4, 2011 at 8:45 AM, Timo Sirainen wrote: > On Sat, 2011-09-03 at 02:29 -0700, Kui Zhang wrote: >> > >> "Message has been copied too many times (32767+1)" >> it is mdbox, file size 10M >> >> I dont know if the message was ever copy that many times. I dont know >> any way to tell. > > I'm pretty sure the message has been copied that many times. Possibly > related to some lazy-expunge bug.. You could check this manually by: > >> I was able to trigger the error message with following. >> a uid copy 726974 inbox_2 >> > First you'll need to find "map_uid" of the message: >> > map_uid=`doveadm dump ~/mdbox/mailboxes/INBOX/dbox-Mails/|grep -A 10 uid=726974|grep -w map_uid|awk '{print $4}'` > > Next you can check that the reference count for the message really is > 32767: > The ref counter was 32767. > doveadm dump ~/mdbox/storage|grep -A 5 uid=$map_uid | grep -w ref > > And finally check where that message has actually been copied to: > > printf '#!/bin/sh\necho $1;doveadm dump $1 | grep "map_uid.*\\b$2\\$" | wc -l\n' > /tmp/find.sh > find ~/mdbox -name dbox-Mails -exec /tmp/find.sh {} $map_uid \; > > The message was copied to a secondary folder. The action match one of the client side filter rules. I found 3k other messages with same problem. They all have delete flag. I upgraded dovecot the night before. I seen plugin errors during upgrade, in the pass. Do you think client made multiple copies during plugin upgrade? I will turn on debug logging for next upgrade. What else can I do, in order to track down the problem? thanks KuiZ > From tss at iki.fi Mon Sep 5 13:17:38 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 5 Sep 2011 13:17:38 +0300 Subject: [Dovecot] Possible signed/unsigned bug in libdovecot-storage (2:2.0.14 ) In-Reply-To: References: <08CD5CF9-B82B-4F16-9729-C522C12BEE34@iki.fi> <1315151149.21981.8.camel@hurina> Message-ID: <5EC91BA7-262C-4EFB-A91E-C3C03E37645C@iki.fi> On 5.9.2011, at 13.11, Kui Zhang wrote: >> First you'll need to find "map_uid" of the message: >>> >> map_uid=`doveadm dump ~/mdbox/mailboxes/INBOX/dbox-Mails/|grep -A 10 uid=726974|grep -w map_uid|awk '{print $4}'` >> >> Next you can check that the reference count for the message really is >> 32767: > > The ref counter was 32767. Well, see what happens if you try to rebuild the dbox indexes. Does the counter shrink or is it the same? If it stays the same, the message was actually copied 32767 times somewhere.. doveadm force-resync -u user at domain INBOX > I upgraded dovecot the night before. I seen plugin errors during > upgrade, in the pass. Do you think client made multiple copies during > plugin upgrade? I will turn on debug logging for next upgrade. Having 32767 copies of the message is a bit strange. Debug logging won't show anything, but you could enable mail_log plugin and it'll log about each copy operation. From Frank.Elsner at Spamfence.NET Mon Sep 5 14:53:55 2011 From: Frank.Elsner at Spamfence.NET (Frank Elsner) Date: Mon, 5 Sep 2011 13:53:55 +0200 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <1315150453.21981.1.camel@hurina> References: <1314869252.27581.9.camel@hurina> <2AAA5E22-01A2-4405-922F-CA904F92EB12@iki.fi> <1315150453.21981.1.camel@hurina> Message-ID: (auto-added) On Sun, 04 Sep 2011 18:34:13 +0300 Timo Sirainen wrote: > On Thu, 2011-09-01 at 21:09 +0200, Frank Elsner wrote: > > But when I stop dovecot I get > > > > Sep 1 17:08:17 seymour dovecot: master: Warning: Killed with signal 15 (by pid=7896 uid=0 code=kill) > > Sep 1 17:08:17 seymour dovecot: anvil: Panic: file master-service.c: line 584 (master_service_client_connection_de > > stroyed): assertion failed: (service->total_available_count > 0) > > http://hg.dovecot.org/dovecot-2.1/rev/66453d942761 should fix this. Works. --Frank Elsner From Lutz.Pressler at SerNet.DE Mon Sep 5 17:00:00 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Mon, 5 Sep 2011 16:00:00 +0200 Subject: [Dovecot] 2.1.alpha1: SIGSEGV on EXPUNGE Message-ID: Hi, I upgraded my test installation from Debian lenny with latest 2.0.14 auto builds to squeeze with v2.1.alpha1 (amd64) auto builds. (From /var/log/mail.log: Sep 5 12:34:45 pressler dovecot: master: Dovecot v2.1.alpha1 starting up (core dumps disabled) No hg hash tag in log output anymore?) Now the imap processes segfault on every EXPUNGE command: Excerpt from telnet session: 0 store 1585:1585 flags \Deleted * 1585 FETCH (FLAGS (\Deleted)) 0 OK Store completed. 0 expunge Log output: Sep 5 15:40:59 pressler dovecot: imap(2580, lpmail): delete: box=INBOX, uid=34722, msgid=, size=1980, vsize=2031, from=Lutz Pressler , flags=(\Deleted) Sep 5 15:41:22 pressler dovecot: imap(2580, lpmail): expunge: box=INBOX, uid=34722, msgid=, size=1980, vsize=2031, from=Lutz Pressler , flags=(\Deleted) Sep 5 15:41:22 pressler dovecot: master: Error: service(imap): child 2580 killed with signal 11 (core dumps disabled) Also happens with mail_log plugin disabled. Any idea? Configuration on request (or tests with core dumps enabled). Regards, Lutz -- Lutz Pre?ler http://www.SerNet.DE/ SerNet Service Network GmbH, Bahnhofsallee 1b, D-37081 G?ttingen Tel.: +49-551-370000-2, FAX: +49-551-370000-9 AG G?ttingen, HRB 2816, GF: Dr. Johannes Loxen From tss at iki.fi Mon Sep 5 19:40:51 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 5 Sep 2011 19:40:51 +0300 Subject: [Dovecot] 2.1.alpha1: SIGSEGV on EXPUNGE In-Reply-To: References: Message-ID: <1BA84716-C1F5-4DA0-9E84-362983665865@iki.fi> On 5.9.2011, at 17.00, Lutz Pre?ler wrote: > (From /var/log/mail.log: > Sep 5 12:34:45 pressler dovecot: master: Dovecot v2.1.alpha1 starting up (core dumps disabled) > No hg hash tag in log output anymore?) You have exactly the alpha1 version without any further commits. > Sep 5 15:41:22 pressler dovecot: master: Error: service(imap): child 2580 killed with signal 11 (core dumps disabled) > > Any idea? Configuration on request (or tests with core dumps enabled). gdb backtrace is always very helpful in figuring out crashes. http://dovecot.org/bugreport.html From tss at iki.fi Mon Sep 5 19:50:20 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 05 Sep 2011 19:50:20 +0300 Subject: [Dovecot] limit number of simultaneous lmtp deliveries ? In-Reply-To: <20110905090541.GA8709@oc1046828364.ibm.com> References: <20110905090541.GA8709@oc1046828364.ibm.com> Message-ID: <1315241421.21981.57.camel@hurina> On Mon, 2011-09-05 at 11:05 +0200, Jan-Frode Myklebust wrote: > We have quite a few frontend mail gateways that deliver incoming > email trough our dovecot director (lmtp proxy) to the backend lmtp > servers, and are seeing this logged on the frontend mail gateways: > > Sep 5 10:51:56 mailgw1 postfix/lmtp[23443]: 0E2F41C01A: to=, relay=loadbalancers.example.com[192.168.42.15]:24, delay=61, delays=0.02/0.3/31/30, dsn=4.4.0, status=deferred (host loadbalancers.example.com[192.168.42.15] said: 451 4.4.0 Remote server not answering (DATA output timeout) (in reply to end of DATA command)) > > It's a bit unclear to me if this leads to duplicate deliveries, or just > delayed deliveries, Possibly randomly either one. I'll need to start looking into these LMTP proxy bugs some day.. Although for 2.0.14 I improved the error messages a little. Is this from 2.0.14 or earlier? > but -- is there any way to limit the number of > simultanous deliveries on either the dovecot director or the backend > lmtp-servers ? > > Will "process_limit=10" work for "service lmtp"? It'll work for both directory and backend, yes. Although each lmtp process can also handle multiple clients. So you might also want to set client_limit=1. Actually that could be a good idea to try in any case to see if it helps with these problems. From knute2011 at knutejohnson.com Mon Sep 5 20:52:20 2011 From: knute2011 at knutejohnson.com (Knute Johnson) Date: Mon, 05 Sep 2011 10:52:20 -0700 Subject: [Dovecot] Mail files? Message-ID: <4E650C54.4030309@knutejohnson.com> I have a Ubuntu server running dovecot 1.2.9 with mail in mbox. There are mail files in /var/mail/user and there are mail files in /home/user/mail that correspond to the IMAP folders. In the config file details below it shows mail_location: mbox:~/mail:INBOX=/var/mail/%u, does that put the INBOX in /var/mail? Is INBOX in /var/mail/user to allow local delivery or something? If I was using POP3 instead would all the mail be in the INBOX? Can I backup these files by just copying and if a file is destroyed, copy them back? # 1.2.9: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-33-generic i686 Ubuntu 10.04.3 LTS log_timestamp: %Y-%m-%d %H:%M:%S protocols: imaps ssl_cert_file: /etc/ssl/certs/ssl-cert-snakeoil.pem ssl_key_file: /etc/ssl/private/ssl-cert-snakeoil.key login_dir: /var/run/dovecot/login login_executable: /usr/lib/dovecot/imap-login mail_max_userip_connections: 16 mail_privileged_group: mail mail_location: mbox:~/mail:INBOX=/var/mail/%u mbox_write_locks: fcntl dotlock imap_capability: IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS auth default: passdb: driver: pam userdb: driver: passwd Thanks, -- Knute Johnson knute2011 at knutejohnson.com From jc at info-systems.de Mon Sep 5 20:59:53 2011 From: jc at info-systems.de (Jakob Curdes) Date: Mon, 05 Sep 2011 19:59:53 +0200 Subject: [Dovecot] Mail files? In-Reply-To: <4E650C54.4030309@knutejohnson.com> References: <4E650C54.4030309@knutejohnson.com> Message-ID: <4E650E19.3070400@info-systems.de> Am 05.09.2011 19:52, schrieb Knute Johnson: > I have a Ubuntu server running dovecot 1.2.9 with mail in mbox. There > are mail files in /var/mail/user and there are mail files in > /home/user/mail that correspond to the IMAP folders. In the config > file details below it shows mail_location: > mbox:~/mail:INBOX=/var/mail/%u, does that put the INBOX in /var/mail? yes. > Is INBOX in /var/mail/user to allow local delivery or something? If > I was using POP3 instead would all the mail be in the INBOX? .. or on your local PC. If you do not want the /var/mail delivery, why not just change the mail_location to point to the home dir only? > > Can I backup these files by just copying and if a file is destroyed, > copy them back? Yes, as they are plain mbox format. cheers jc > > # 1.2.9: /etc/dovecot/dovecot.conf > # OS: Linux 2.6.32-33-generic i686 Ubuntu 10.04.3 LTS > log_timestamp: %Y-%m-%d %H:%M:%S > protocols: imaps > ssl_cert_file: /etc/ssl/certs/ssl-cert-snakeoil.pem > ssl_key_file: /etc/ssl/private/ssl-cert-snakeoil.key > login_dir: /var/run/dovecot/login > login_executable: /usr/lib/dovecot/imap-login > mail_max_userip_connections: 16 > mail_privileged_group: mail > mail_location: mbox:~/mail:INBOX=/var/mail/%u > mbox_write_locks: fcntl dotlock > imap_capability: IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE > IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND > UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 ESEARCH > ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS > auth default: > passdb: > driver: pam > userdb: > driver: passwd > > Thanks, > From dovecot at knutejohnson.com Mon Sep 5 23:21:11 2011 From: dovecot at knutejohnson.com (Knute Johnson) Date: Mon, 05 Sep 2011 13:21:11 -0700 Subject: [Dovecot] Mail files? In-Reply-To: <4E650E19.3070400@info-systems.de> References: <4E650C54.4030309@knutejohnson.com> <4E650E19.3070400@info-systems.de> Message-ID: <4E652F37.3080108@knutejohnson.com> On 9/5/2011 10:59 AM, Jakob Curdes wrote: >> Is INBOX in /var/mail/user to allow local delivery or something? If I >> was using POP3 instead would all the mail be in the INBOX? > .. or on your local PC. If you do not want the /var/mail delivery, why > not just change the mail_location to point to the home dir only? I would also have to change where the program that sendmail uses to deliver mail delivers the mail, correct? Thanks very much, -- Knute Johnson From jc at info-systems.de Mon Sep 5 23:31:45 2011 From: jc at info-systems.de (Jakob Curdes) Date: Mon, 05 Sep 2011 22:31:45 +0200 Subject: [Dovecot] Mail files? In-Reply-To: <4E652F37.3080108@knutejohnson.com> References: <4E650C54.4030309@knutejohnson.com><4E650E19.3070400@info-systems.de> <4E652F37.3080108@knutejohnson.com> Message-ID: <4E6531B1.1000009@info-systems.de> .. or on your local PC. If you do not want the /var/mail delivery, why >> not just change the mail_location to point to the home dir only? > > I would also have to change where the program that sendmail uses to > deliver mail delivers the mail, correct? Yes, often this is procmail. You can set this in the respective config file with MAILDIR=$HOME Attention: "Maildir" here just is the mailbox location, procmail assumes the mbox format by default. If you actually use the "Maildir" _/format/_, you must specify MAILDIR=$HOME/ HTH, Jakob Curdes From dovecot at knutejohnson.com Mon Sep 5 23:59:44 2011 From: dovecot at knutejohnson.com (Knute Johnson) Date: Mon, 05 Sep 2011 13:59:44 -0700 Subject: [Dovecot] Mail files? In-Reply-To: <4E6531B1.1000009@info-systems.de> References: <4E650C54.4030309@knutejohnson.com><4E650E19.3070400@info-systems.de> <4E652F37.3080108@knutejohnson.com> <4E6531B1.1000009@info-systems.de> Message-ID: <4E653840.6040407@knutejohnson.com> On 9/5/2011 1:31 PM, Jakob Curdes wrote: > .. or on your local PC. If you do not want the /var/mail delivery, why >>> not just change the mail_location to point to the home dir only? >> >> I would also have to change where the program that sendmail uses to >> deliver mail delivers the mail, correct? > Yes, often this is procmail. > > You can set this in the respective config file with > > MAILDIR=$HOME > > Attention: "Maildir" here just is the mailbox location, procmail assumes > the mbox format by default. If you actually use the "Maildir" _/format/_, > you must specify > > MAILDIR=$HOME/ > > > > HTH, > Jakob Curdes > > Thanks very much Jakob. I'm still trying to figure out what program is actually doing the local delivery. I'll post results when I figure that one out. Thanks again, -- Knute Johnson From compconsultant at yahoo.com Tue Sep 6 08:25:43 2011 From: compconsultant at yahoo.com (Steve Fatula) Date: Mon, 5 Sep 2011 22:25:43 -0700 (PDT) Subject: [Dovecot] Extdata plugin, MySQL Message-ID: <1315286743.6198.YahooMailNeo@web39413.mail.mud.yahoo.com> Does someone have an example of configuring the Pigeonhole Sieve Extdata plugin with MySQL dict? Particularly, the map and what key might be used in this? The doc in the wiki isn;t clear at all to me when one wants to use MySQL store. The file in the doc folder of the mercurial repository is basically what I want to do, in that RFC, it's bascially looking for a discard_spam setting, I presume by user whose Sieve script is running. So, what would the sql mapping file look like? What lookup key is used? I can't really find any map documentation for the syntax, can a special key be used, perhaps, I need to append a value to the user if that is the key? Can this data be accessed via the dictionary proxy to make access more efficient? While I don't want to discard spam based on the setting in the database, I DO want to not move to the spam folder based on a setting stored in an existing MySQL database. So, very similar idea. I want to use an existing database, but, the key is username + a certain constant value for another field. Am hoping this can be mapped as well. ? Steve From listas.correo at yahoo.es Tue Sep 6 14:27:36 2011 From: listas.correo at yahoo.es (mailing lists) Date: Tue, 6 Sep 2011 12:27:36 +0100 (BST) Subject: [Dovecot] Shared Mailboxes with VirtualUsers and mail_location retrieved from ldap Message-ID: <1315308456.64827.YahooMailNeo@web29115.mail.ird.yahoo.com> Hello, I spend a couple of days configurating a new installation of dovecot 2.0.14 with virtual accounts and NFS storage for maildir home/mail directories. At this point I need shared mailboxes but since user mail/home locations are ldap attributes, how is it supposed I must configure this for shared mailboxes? for the users' mail/home directories I set this line: user_attrs = mailbox=mail=maildir:/var/maildir/%$,homeFilter=home creating a namespace like the below one for shared mbx throw a lot of errors: namespace { ? type = shared ? separator = / ? prefix = shared/%%u/ ? subscriptions = no ? list = children ? #location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u ? location = mailbox=mail=maildir:/var/maildir/%$ } I would like to hear if anyone has this configuration running. Thank you. ???? /--------------/ uris = ldap://ldap.example.com dn = cn=user,ou=People,dc=example,dc=com dnpass = secret sasl_bind = no tls = no auth_bind = yes ldap_version = 3 base = dc=example,dc=com deref = never scope = subtree user_attrs = mailbox=mail=maildir:/var/maildir/%$,homeFilter=home user_filter = (&(objectClass=CourierMailAccount)(uid=%u)) pass_filter = (&(objectClass=CourierMailAccount)(uid=%u)) # dovecot -n # 2.0.14: /etc/dovecot/dovecot.conf # OS: Linux 2.6.34.7-0.7-xen x86_64 openSUSE 11.3 (x86_64) auth_debug = yes auth_debug_passwords = yes auth_verbose = yes auth_verbose_passwords = plain base_dir = /var/run/dovecot/ disable_plaintext_auth = no mail_debug = yes mail_fsync = always mail_gid = 5000 mail_nfs_index = yes mail_nfs_storage = yes mail_plugins = acl mail_uid = 5000 managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date mmap_disable = yes namespace { ? list = children ? location = mailbox=mail=maildir:/var/maildir/%$ ? prefix = shared/%%u/ ? separator = / ? subscriptions = no ? type = shared } namespace { ? inbox = yes ? location = ? prefix = INBOX. ? separator = . } passdb { ? args = /etc/dovecot/dovecot-ldap.conf.ext ? driver = ldap } plugin { ? acl = vfile ? sieve = ~/.dovecot.sieve ? sieve_dir = ~/sieve } protocols = imap ssl = no userdb { ? args = /etc/dovecot/dovecot-ldap.conf.ext ? driver = ldap } verbose_proctitle = yes protocol imap { ? mail_max_userip_connections = 100 ? mail_plugins = acl imap_acl autocreate } From pit11 at ukr.net Tue Sep 6 15:11:53 2011 From: pit11 at ukr.net (Peter Ignatov) Date: Tue, 6 Sep 2011 15:11:53 +0300 Subject: [Dovecot] Quota fs (ignore mount) Message-ID: Hi, I set "quota: fs:INBOX:noenforcing:mount=/var/spool/mail", but receive: "fs quota add storage dir = /home/pit/mail"... Why ? In fstab: /dev/mapper/mpath1p1 /var/spool/mail ext2 usrquota 0 0 In dovecot.log: Sep 06 15:02:00 pop3-login: Info: Login: user=, method=PLAIN, rip=192.168.3.10, lip=192.168.6.3, TLS Sep 06 15:02:00 POP3(pit): Info: Loading modules from directory: /usr/lib64/dovecot/pop3 Sep 06 15:02:00 POP3(pit): Info: Module loaded: /usr/lib64/dovecot/pop3/lib10_quota_plugin.so Sep 06 15:02:00 POP3(pit): Info: Effective uid=500, gid=500, home=/home/pit Sep 06 15:02:00 POP3(pit): Info: Quota root: name=INBOX backend=fs args=noenforcing:mount=/var/spool/mail Sep 06 15:02:00 POP3(pit): Info: Quota rule: root=INBOX mailbox=* bytes=10485760 messages=0 Sep 06 15:02:00 POP3(pit): Info: Quota warning: bytes=9961472 (95%) messages=0 command=/usr/local/bin/quota-warning.sh 95 Sep 06 15:02:00 POP3(pit): Info: mbox: data=~/mail:INBOX=/var/spool/mail/pit Sep 06 15:02:00 POP3(pit): Info: fs: root=/home/pit/mail, index=, control=, inbox=/var/spool/mail/pit Sep 06 15:02:00 POP3(pit): Info: fs quota add storage dir = /home/pit/mail Sep 06 15:02:00 POP3(pit): Info: fs quota block device = /dev/cciss/c0d0p3 Sep 06 15:02:00 POP3(pit): Info: fs quota mount point = / Sep 06 15:02:00 POP3(pit): Info: fs quota mount type = ext3 Sep 06 15:02:01 POP3(pit): Info: Disconnected: Logged out top=0/0, retr=0/0, del=0/2, size=1249 dovecot --version 1.2.17 dovecot -n # 1.2.17: /etc/dovecot.conf # OS: Linux 2.6.18-274.el5.asp121 x86_64 Red Hat Enterprise Linux Server release 5.6 (Tikanga) log_path: /var/log/dovecot.log protocols: pop3 pop3s listen: * login_dir: /var/run/dovecot/login login_executable: /usr/libexec/dovecot/pop3-login verbose_proctitle: yes mail_location: mbox:~/mail:INBOX=/var/spool/mail/%u mail_debug: yes mail_executable: /usr/libexec/dovecot/pop3 mail_plugins: quota mail_plugin_dir: /usr/lib64/dovecot/pop3 auth default: passdb: driver: pam userdb: driver: passwd plugin: quota: fs:INBOX:noenforcing:mount=/var/spool/mail quota_rule: *:storage=10240 quota_warning: storage=95%% /usr/local/bin/quota-warning.sh 95 From tom at whyscream.net Tue Sep 6 22:11:49 2011 From: tom at whyscream.net (Tom Hendrikx) Date: Tue, 06 Sep 2011 21:11:49 +0200 Subject: [Dovecot] Sieve "header :value" test does not work Message-ID: <4E667075.1080003@whyscream.net> hi, After following some examples and searching for sieve samples in this ml history, I'm quite sure that the following sieve snippet should give no surprises: if header :value "ge" :comparator "i;ascii-numeric" "X-Header-Name" "0.99" { /* do something */ } However the Pigeonhole Sieve 0.2.3 on dovecot 2.0.14 gives me following error: test: line 3: error: unknown tagged argument ':value' for the header test (reported only once at first occurence). test: error: validation failed. What obvious mistake am I failing to see here? -- Tom From tom at whyscream.net Tue Sep 6 22:21:57 2011 From: tom at whyscream.net (Tom Hendrikx) Date: Tue, 06 Sep 2011 21:21:57 +0200 Subject: [Dovecot] Sieve "header :value" test does not work In-Reply-To: <4E667075.1080003@whyscream.net> References: <4E667075.1080003@whyscream.net> Message-ID: <4E6672D5.6020506@whyscream.net> On 06/09/11 21:11, Tom Hendrikx wrote: > hi, > > After following some examples and searching for sieve samples in this ml > history, I'm quite sure that the following sieve snippet should give no > surprises: > > if header :value "ge" :comparator "i;ascii-numeric" "X-Header-Name" > "0.99" { /* do something */ } > > However the Pigeonhole Sieve 0.2.3 on dovecot 2.0.14 gives me following > error: > > test: line 3: error: unknown tagged argument ':value' for the header > test (reported only once at first occurence). > test: error: validation failed. > > What obvious mistake am I failing to see here? > To answer my own question (which was found by grepping through /usr/share/doc/dovecot-2.0.14/sieve/rfc/*bz2): including the "relational" extension in the "require" statement adds support for this test. Sorry for the noise :/ -- Tom From hoogendyk at bio.umass.edu Tue Sep 6 22:35:28 2011 From: hoogendyk at bio.umass.edu (Chris Hoogendyk) Date: Tue, 06 Sep 2011 15:35:28 -0400 Subject: [Dovecot] error in logs, but system appears to work Message-ID: <4E667600.1090400@bio.umass.edu> I'm bringing up a system with dovecot that has been running for years with uw-imap. In making the switch, I put a tail on the log file, made the switch, and sent a test mail and received it. I was able to receive mail with no apparent difficulties, but the log file was disconcerting. A number of users connected during the few minutes I had it running, and for each of them there was an error, e.g., "chown ~user/mail/.imap/INBOX failed: Operation not permitted" and "mkdir ~user/mail/.imap/INBOX failed: not owner". But those directories and files appeared to have been made. The first of those errors finishes with "group based on /var/mail/user". That makes no sense. I'm hoping someone can give me an idea what might cause this. Here are the log entries in debug mode and the directories for one such user: Sep 2 17:31:33 eclogite dovecot: [ID 583609 local2.info] auth(default): new auth connection: pid=7248 Sep 2 17:31:43 eclogite dovecot: [ID 583609 local2.info] auth(default): client in: AUTH 1 PLAIN service=pop3 secured lip=128.119.45.20 rip=128.119.45.9 lport=995 rport=53865 resp=AGVicmFkbGV5AFJvd2luZzEzKg== Sep 2 17:31:43 eclogite dovecot: [ID 583609 local2.info] auth(default): shadow(ebradley,128.119.45.9): lookup Sep 2 17:31:43 eclogite dovecot: [ID 583609 local2.info] auth(default): client out: OK 1 user=ebradley Sep 2 17:31:43 eclogite dovecot: [ID 583609 local2.info] auth(default): master in: REQUEST 37 7248 1 Sep 2 17:31:43 eclogite dovecot: [ID 583609 local2.info] auth(default): passwd(ebradley,128.119.45.9): lookup Sep 2 17:31:43 eclogite dovecot: [ID 583609 local2.info] auth(default): master out: USER 37 ebradley system_groups_user=ebradley uid=6633 gid=100 home=/u1/home/grad/ebradley Sep 2 17:31:43 eclogite dovecot: [ID 583609 local2.info] POP3(ebradley): Effective uid=6633, gid=100, home=/u1/home/grad/ebradley Sep 2 17:31:43 eclogite dovecot: [ID 583609 local2.info] POP3(ebradley): mbox: data=~/mail:INBOX=/var/mail/ebradley Sep 2 17:31:43 eclogite dovecot: [ID 583609 local2.info] POP3(ebradley): fs: root=/u1/home/grad/ebradley/mail, index=, control=, inbox=/var/mail/ebradley Sep 2 17:31:43 eclogite dovecot: [ID 583609 local2.info] POP3(ebradley): Namespace : Using permissions from /u1/home/grad/ebradley/mail: mode=0700 gid=-1 Sep 2 17:31:43 eclogite dovecot: [ID 583609 local2.error] POP3(ebradley): chown(/u1/home/grad/ebradley/mail/.imap/INBOX, -1, 6(mail)) failed: Operation not permitted (egid=100(geolgrad), group based on /var/mail/ebradley) Sep 2 17:31:43 eclogite dovecot: [ID 583609 local2.error] POP3(ebradley): mkdir(/u1/home/grad/ebradley/mail/.imap/INBOX) failed: Not owner Sep 2 17:31:43 eclogite dovecot: [ID 583609 local2.info] pop3-login: Login: user=, method=PLAIN, rip=128.119.45.9, lip=128.119.45.20, TLS When I looked at their home directory, I found: drwx------ 4 ebradley geolgrad 512 Jul 28 2009 /u1/home/grad/ebradley drwx------ 4 ebradley geolgrad 512 Sep 2 17:31 /u1/home/grad/ebradley/mail drwx------ 3 ebradley geolgrad 512 Sep 2 17:31 /u1/home/grad/ebradley/mail/.imap drwxrwx--- 2 ebradley geolgrad 512 Sep 2 17:31 /u1/home/grad/ebradley/mail/.imap/INBOX -rw-rw---- 1 ebradley mail 9484323 Sep 6 15:16 /var/mail/ebradley My dovecot configuration is at the end. The other pieces are sendmail, milter-greylist, mimedefang, etc. -- --------------- Chris Hoogendyk - O__ ---- Systems Administrator c/ /'_ --- Biology& Geology Departments (*) \(*) -- 140 Morrill Science Center ~~~~~~~~~~ - University of Massachusetts, Amherst --------------- Erd?s 4 # dovecot -a # 1.2.17: /usr/local/etc/dovecot.conf Warning: fd limit 256 is lower than what Dovecot can use under full load (more than 768). Either grow the limit or change login_max_processes_count and max_mail_processes settings # OS: SunOS 5.9 sun4u base_dir: /var/run/dovecot/ log_path: info_log_path: log_timestamp: %b %d %H:%M:%S syslog_facility: local2 protocols: imaps pop3s listen: * ssl_listen: * ssl: required ssl_ca_file: /etc/mail/certs/ca-bundle.crt ssl_cert_file: /etc/mail/certs/sendmail.pem ssl_key_file: /etc/mail/certs/sendmail.pem ssl_key_password: ssl_parameters_regenerate: 168 ssl_cipher_list: ssl_cert_username_field: commonName ssl_verify_client_cert: no disable_plaintext_auth: yes verbose_ssl: no shutdown_clients: yes nfs_check: yes version_ignore: no login_dir: /var/run/dovecot/login login_executable(default): /usr/local/libexec/dovecot/imap-login login_executable(imap): /usr/local/libexec/dovecot/imap-login login_executable(pop3): /usr/local/libexec/dovecot/pop3-login login_user: dovecot login_greeting: ready. login_log_format_elements: user=<%u> method=%m rip=%r lip=%l %c login_log_format: %$: %s login_process_per_connection: yes login_chroot: yes login_trusted_networks: login_process_size: 64 login_processes_count: 3 login_max_processes_count: 128 login_max_connections: 256 valid_chroot_dirs: mail_chroot: max_mail_processes: 512 mail_max_userip_connections(default): 10 mail_max_userip_connections(imap): 10 mail_max_userip_connections(pop3): 3 verbose_proctitle: no first_valid_uid: 1000 last_valid_uid: 0 first_valid_gid: 98 last_valid_gid: 0 mail_access_groups: mail_privileged_group: mail mail_uid: mail_gid: mail_location: mbox:~/mail:INBOX=/var/mail/%u mail_cache_fields: mail_never_cache_fields: imap.envelope mail_cache_min_mail_count: 0 mailbox_idle_check_interval: 30 mail_debug: yes mail_full_filesystem_access: no mail_max_keyword_length: 50 mail_save_crlf: no mmap_disable: no dotlock_use_excl: yes fsync_disable: no mail_nfs_storage: no mail_nfs_index: no mailbox_list_index_disable: yes lock_method: fcntl maildir_stat_dirs: no maildir_copy_with_hardlinks: yes maildir_copy_preserve_filename: no maildir_very_dirty_syncs: no mbox_read_locks: fcntl mbox_write_locks: dotlock fcntl mbox_lock_timeout: 300 mbox_dotlock_change_timeout: 120 mbox_min_index_size: 0 mbox_dirty_syncs: yes mbox_very_dirty_syncs: no mbox_lazy_writes: yes dbox_rotate_size: 2048 dbox_rotate_min_size: 16 dbox_rotate_days: 1 mail_drop_priv_before_exec: no mail_executable(default): /usr/local/libexec/dovecot/imap mail_executable(imap): /usr/local/libexec/dovecot/imap mail_executable(pop3): /usr/local/libexec/dovecot/pop3 mail_process_size: 256 mail_plugins: mail_plugin_dir(default): /usr/local/lib/dovecot/imap mail_plugin_dir(imap): /usr/local/lib/dovecot/imap mail_plugin_dir(pop3): /usr/local/lib/dovecot/pop3 mail_log_prefix: %Us(%u): mail_log_max_lines_per_sec: 10 imap_max_line_length: 65536 imap_capability: imap_client_workarounds: imap_logout_format: bytes=%i/%o imap_id_send: imap_id_log: imap_idle_notify_interval: 120 pop3_no_flag_updates: no pop3_enable_last: no pop3_reuse_xuidl(default): no pop3_reuse_xuidl(imap): no pop3_reuse_xuidl(pop3): yes pop3_save_uidl: no pop3_lock_session: no pop3_uidl_format(default): %08Xu%08Xv pop3_uidl_format(imap): %08Xu%08Xv pop3_uidl_format(pop3): %08Xv%08Xu pop3_client_workarounds(default): pop3_client_workarounds(imap): pop3_client_workarounds(pop3): outlook-no-nuls oe-ns-eoh pop3_logout_format: top=%t/%p, retr=%r/%b, del=%d/%m, size=%s dict_db_config: dict_process_count: 1 auth default: mechanisms: plain realms: default_realm: cache_size: 0 cache_ttl: 3600 cache_negative_ttl: 3600 executable: /usr/local/libexec/dovecot/dovecot-auth user: root chroot: username_chars: abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_ username_translation: username_format: master_user_separator: anonymous_username: anonymous krb5_keytab: gssapi_hostname: winbind_helper_path: /usr/bin/ntlm_auth failure_delay: 2 verbose: yes debug: yes debug_passwords: yes ssl_require_client_cert: no ssl_username_from_cert: no use_winbind: no count: 1 worker_max_count: 30 process_size: 256 passdb: driver: shadow args: deny: no pass: no master: no userdb: driver: passwd args: # From tss at iki.fi Tue Sep 6 22:51:35 2011 From: tss at iki.fi (Timo Sirainen) Date: Tue, 6 Sep 2011 22:51:35 +0300 Subject: [Dovecot] error in logs, but system appears to work In-Reply-To: <4E667600.1090400@bio.umass.edu> References: <4E667600.1090400@bio.umass.edu> Message-ID: On 6.9.2011, at 22.35, Chris Hoogendyk wrote: > -rw-rw---- 1 ebradley mail 9484323 Sep 6 15:16 /var/mail/ebradley Is there any reason for this to be 0660? Most likely not, so your problem goes away simply with chmod 0600 /var/mail/* and at the same time makes your system more secure. From tobias at hachmer.de Tue Sep 6 23:01:55 2011 From: tobias at hachmer.de (Tobias Hachmer) Date: Tue, 06 Sep 2011 22:01:55 +0200 Subject: [Dovecot] Quotas not recalculating In-Reply-To: <19DE1FB3-E4F7-44B2-AD44-B5AFD7E813E2@iki.fi> References: <4E63CD0A.50500@averageurl.com> <4E6425B5.3080305@averageurl.com> <19DE1FB3-E4F7-44B2-AD44-B5AFD7E813E2@iki.fi> Message-ID: On Mon, 5 Sep 2011 08:39:39 +0300, Timo Sirainen wrote: > On 5.9.2011, at 4.28, Kyle Brantley wrote: > >> Okay, something else isn't cooperating with this at all. I >> reconfigured it to use dirsize just to test (quota = dirsize:User >> quota in 90-quota.conf instead of quota = maildir:User quota), and it >> is still trying to use maildir quotas: > > Your user_query in dovecot-sql.conf overrides the quota setting. Same problem here. But how can I use maildirsize quota && user_query in dovecot-slq.conf ? I want to manage my users in a sql table and use maildirsize quota. Greetz, Tobias From tss at iki.fi Tue Sep 6 23:08:37 2011 From: tss at iki.fi (Timo Sirainen) Date: Tue, 6 Sep 2011 23:08:37 +0300 Subject: [Dovecot] Quotas not recalculating In-Reply-To: References: <4E63CD0A.50500@averageurl.com> <4E6425B5.3080305@averageurl.com> <19DE1FB3-E4F7-44B2-AD44-B5AFD7E813E2@iki.fi> Message-ID: On 6.9.2011, at 23.01, Tobias Hachmer wrote: > On Mon, 5 Sep 2011 08:39:39 +0300, Timo Sirainen wrote: >> On 5.9.2011, at 4.28, Kyle Brantley wrote: >> >>> Okay, something else isn't cooperating with this at all. I reconfigured it to use dirsize just to test (quota = dirsize:User quota in 90-quota.conf instead of quota = maildir:User quota), and it is still trying to use maildir quotas: >> >> Your user_query in dovecot-sql.conf overrides the quota setting. > > Same problem here. > But how can I use maildirsize quota && user_query in dovecot-slq.conf ? > > I want to manage my users in a sql table and use maildirsize quota. There's nothing special in that. Just about all the examples in wiki assume you want to do that. http://wiki2.dovecot.org/Quota/Configuration#Per-user_quota From hoogendyk at bio.umass.edu Tue Sep 6 23:09:09 2011 From: hoogendyk at bio.umass.edu (Chris Hoogendyk) Date: Tue, 06 Sep 2011 16:09:09 -0400 Subject: [Dovecot] error in logs, but system appears to work In-Reply-To: References: <4E667600.1090400@bio.umass.edu> Message-ID: <4E667DE5.3090803@bio.umass.edu> On 9/6/11 3:51 PM, Timo Sirainen wrote: > On 6.9.2011, at 22.35, Chris Hoogendyk wrote: > >> -rw-rw---- 1 ebradley mail 9484323 Sep 6 15:16 /var/mail/ebradley > Is there any reason for this to be 0660? Most likely not, so your problem goes away simply with chmod 0600 /var/mail/* and at the same time makes your system more secure. So, looking at my other system that has been running dovecot for over a year, I see that the entries are mostly 0600, but there are a few 0660. The system I was just implementing has mostly 0660, but some 0600. We had seen occasional similar errors on the other system. If I change both systems so that all the directories in /var/mail are 0600, then everything will be happy? -- --------------- Chris Hoogendyk - O__ ---- Systems Administrator c/ /'_ --- Biology& Geology Departments (*) \(*) -- 140 Morrill Science Center ~~~~~~~~~~ - University of Massachusetts, Amherst --------------- Erd?s 4 From tss at iki.fi Tue Sep 6 23:14:48 2011 From: tss at iki.fi (Timo Sirainen) Date: Tue, 6 Sep 2011 23:14:48 +0300 Subject: [Dovecot] error in logs, but system appears to work In-Reply-To: <4E667DE5.3090803@bio.umass.edu> References: <4E667600.1090400@bio.umass.edu> <4E667DE5.3090803@bio.umass.edu> Message-ID: <2A848160-2EF7-4EF9-87B5-73A3DF5530A5@iki.fi> On 6.9.2011, at 23.09, Chris Hoogendyk wrote: > > > On 9/6/11 3:51 PM, Timo Sirainen wrote: >> On 6.9.2011, at 22.35, Chris Hoogendyk wrote: >> >>> -rw-rw---- 1 ebradley mail 9484323 Sep 6 15:16 /var/mail/ebradley >> Is there any reason for this to be 0660? Most likely not, so your problem goes away simply with chmod 0600 /var/mail/* and at the same time makes your system more secure. > > So, looking at my other system that has been running dovecot for over a year, I see that the entries are mostly 0600, but there are a few 0660. The system I was just implementing has mostly 0660, but some 0600. We had seen occasional similar errors on the other system. > > If I change both systems so that all the directories in /var/mail are 0600, then everything will be happy? Yep. Basically the problem is that Dovecot thinks they are shared mailboxes and the "mail" group is supposed to have access to them, so it tries to use the mail group for the index files as well, but the process doesn't belong to mail group so it fails. From tobias at hachmer.de Tue Sep 6 23:17:49 2011 From: tobias at hachmer.de (Tobias Hachmer) Date: Tue, 06 Sep 2011 22:17:49 +0200 Subject: [Dovecot] Quotas not recalculating In-Reply-To: References: <4E63CD0A.50500@averageurl.com> <4E6425B5.3080305@averageurl.com> <19DE1FB3-E4F7-44B2-AD44-B5AFD7E813E2@iki.fi> Message-ID: <811c9c72bffbccebb864705ca8935e8b@hachmer.de> On Tue, 6 Sep 2011 23:08:37 +0300, Timo Sirainen wrote: > On 6.9.2011, at 23.01, Tobias Hachmer wrote: > >> On Mon, 5 Sep 2011 08:39:39 +0300, Timo Sirainen wrote: >>> On 5.9.2011, at 4.28, Kyle Brantley wrote: >>> >>>> Okay, something else isn't cooperating with this at all. I >>>> reconfigured it to use dirsize just to test (quota = dirsize:User >>>> quota in 90-quota.conf instead of quota = maildir:User quota), and >>>> it is still trying to use maildir quotas: >>> >>> Your user_query in dovecot-sql.conf overrides the quota setting. >> >> Same problem here. >> But how can I use maildirsize quota && user_query in >> dovecot-slq.conf ? >> >> I want to manage my users in a sql table and use maildirsize quota. > > There's nothing special in that. Just about all the examples in wiki > assume you want to do that. > http://wiki2.dovecot.org/Quota/Configuration#Per-user_quota OK, thanks. Removing "CONCAT('*:bytes=', CAST(quota AS CHAR)) AS userdb_quota_rule" from user_query as well as from password_query in dovecot-sql.conf worked for me. Greetz, Tobias From voytek at sbt.net.au Tue Sep 6 23:54:23 2011 From: voytek at sbt.net.au (Voytek) Date: Wed, 7 Sep 2011 07:54:23 +1100 Subject: [Dovecot] dumb Q: how to search for email hack attempts ? Message-ID: <4dc1ead7e05d6a85b2401a1ecadf7d95.squirrel@sbt.net.au> one of the users thinks someone hacked his email, I don't have time this morning to analyze mail logs in detail, but does some one has some tips to simply searching mail logs for multiple log in attempts, etc, I'd appreciate some grepping for failed logins show give some clues ? From rick at havokmon.com Wed Sep 7 00:14:26 2011 From: rick at havokmon.com (Rick Romero) Date: Tue, 06 Sep 2011 16:14:26 -0500 Subject: [Dovecot] dumb Q: how to search for email hack attempts ? In-Reply-To: <4dc1ead7e05d6a85b2401a1ecadf7d95.squirrel@sbt.net.au> References: <4dc1ead7e05d6a85b2401a1ecadf7d95.squirrel@sbt.net.au> Message-ID: <20110906161426.Horde.GNbzHG2tkQ9OZo0yGCBxWUA@beta.vfemail.net> Quoting Voytek : > one of the users thinks someone hacked his email, I don't have time this > morning to analyze mail logs in detail, but does some one has some tips to > simply searching mail logs for multiple log in attempts, etc, I'd > appreciate some > > grepping for failed logins show give some clues ? # - one of these IPs is not like the others.. grep $username /var/log/maillog | grep -v "no auth|failed" | awk '{print $13}' |sort |uniq Rick From kyle at averageurl.com Wed Sep 7 03:01:26 2011 From: kyle at averageurl.com (Kyle Brantley) Date: Tue, 06 Sep 2011 18:01:26 -0600 Subject: [Dovecot] Quotas not recalculating In-Reply-To: <811c9c72bffbccebb864705ca8935e8b@hachmer.de> References: <4E63CD0A.50500@averageurl.com> <4E6425B5.3080305@averageurl.com> <19DE1FB3-E4F7-44B2-AD44-B5AFD7E813E2@iki.fi> <811c9c72bffbccebb864705ca8935e8b@hachmer.de> Message-ID: <4E66B456.6070707@averageurl.com> On 9/6/2011 2:17 PM, Tobias Hachmer wrote: > On Tue, 6 Sep 2011 23:08:37 +0300, Timo Sirainen wrote: >> On 6.9.2011, at 23.01, Tobias Hachmer wrote: >> >>> On Mon, 5 Sep 2011 08:39:39 +0300, Timo Sirainen wrote: >>>> On 5.9.2011, at 4.28, Kyle Brantley wrote: >>>> >>>>> Okay, something else isn't cooperating with this at all. I >>>>> reconfigured it to use dirsize just to test (quota = dirsize:User >>>>> quota in 90-quota.conf instead of quota = maildir:User quota), and >>>>> it is still trying to use maildir quotas: >>>> >>>> Your user_query in dovecot-sql.conf overrides the quota setting. >>> >>> Same problem here. >>> But how can I use maildirsize quota && user_query in dovecot-slq.conf ? >>> >>> I want to manage my users in a sql table and use maildirsize quota. >> >> There's nothing special in that. Just about all the examples in wiki >> assume you want to do that. >> http://wiki2.dovecot.org/Quota/Configuration#Per-user_quota > > OK, thanks. Removing "CONCAT('*:bytes=', CAST(quota AS CHAR)) AS > userdb_quota_rule" from user_query as well as from password_query in > dovecot-sql.conf worked for me. > > Greetz, Tobias I was migrating from 1.x to 2.x and manually rebuilt everything with respect to the configs... except for my queries. In my case, luckily, it was as easy as changing the column returned from "quota" to "quota_rule" and replacing the "maildir:storage=" with "*:storage=." Thanks for the help, all. --Kyle From jtam.home at gmail.com Wed Sep 7 04:59:27 2011 From: jtam.home at gmail.com (Joseph Tam) Date: Tue, 6 Sep 2011 18:59:27 -0700 (PDT) Subject: [Dovecot] error in logs, but system appears to work In-Reply-To: References: Message-ID: Chris Hoogendyk writes: > So, looking at my other system that has been running dovecot for over a > year, I see that the entries are mostly 0600, but there are a few 0660. > The system I was just implementing has mostly 0660, but some 0600. We > had seen occasional similar errors on the other system. Been there, done that. Timo already gave an explanation of why 0600 gets rid of the problem. I'll add a reminder that you'll need to track down the reason why mailboxes are created user:mail/0660 in the first place. It's usually done by the LDA when creating a brand new mailbox (for example, Solaris's mail.local). If you've replaced your LDA with Dovecot's deliver, then this won't be a problem anymore. You may also have to scour your userbase's personal mail collection for mailboxes that has 1) mode 0660, and 2) group membership the user is not a part of, and fix up the permissions. Such a thing could happen if you've reassigned a user's GID. Joseph Tam From janfrode at tanso.net Wed Sep 7 10:09:44 2011 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Wed, 7 Sep 2011 09:09:44 +0200 Subject: [Dovecot] limit number of simultaneous lmtp deliveries ? In-Reply-To: <1315241421.21981.57.camel@hurina> References: <20110905090541.GA8709@oc1046828364.ibm.com> <1315241421.21981.57.camel@hurina> Message-ID: <20110907070944.GA5222@oc1046828364.ibm.com> On Mon, Sep 05, 2011 at 07:50:20PM +0300, Timo Sirainen wrote: > > Possibly randomly either one. I'll need to start looking into these LMTP > proxy bugs some day.. Although for 2.0.14 I improved the error messages > a little. Is this from 2.0.14 or earlier? It's with v2.0.14 on both director and backend lmtp servers. > > > Will "process_limit=10" work for "service lmtp"? > > It'll work for both directory and backend, yes. Although each lmtp > process can also handle multiple clients. So you might also want to set > client_limit=1. Actually that could be a good idea to try in any case to > see if it helps with these problems. I now tested with: process_limit=10 client_limit=1 on both directors and backend lmtp servers, but I'm still getting these same failures. Since you're hinting about "lmtp proxy bugs", I think I'll try if it works better to skip the director/proxy and just have postfix deliver directly to backend lmtp-servers directly. -jf From listas.correo at yahoo.es Wed Sep 7 13:26:28 2011 From: listas.correo at yahoo.es (mailing lists) Date: Wed, 7 Sep 2011 11:26:28 +0100 (BST) Subject: [Dovecot] is it necessary lmtp and director to avoid index corruption in mail delivery? Message-ID: <1315391188.87744.YahooMailNeo@web29112.mail.ird.yahoo.com> Hello all, If I have several postfix/dovecot-lda boxes with shared nfs storage, how director helps in this scenario? is it necesary to use lmtp instead of dovecot-lda? With postfix/dovecot-lda boxes incoming mail happens at the smtp layer but director redirects are working in the lmtp/imap/pop3 layer. From janfrode at tanso.net Wed Sep 7 13:59:18 2011 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Wed, 7 Sep 2011 12:59:18 +0200 Subject: [Dovecot] is it necessary lmtp and director to avoid index corruption in mail delivery? In-Reply-To: <1315391188.87744.YahooMailNeo@web29112.mail.ird.yahoo.com> References: <1315391188.87744.YahooMailNeo@web29112.mail.ird.yahoo.com> Message-ID: <20110907105918.GA9780@oc1046828364.ibm.com> On Wed, Sep 07, 2011 at 11:26:28AM +0100, mailing lists wrote: > Hello all, > If I have several postfix/dovecot-lda boxes with shared nfs storage, > how director helps in this scenario? The director can help by directing each unique user to the same backend server for each delivery, which should give you better performance (indexes cached in memory on only one machine instead of on all, inotify will work for IMAP NOTIFY), and also avoid some apparent race conditions that has lead to index corruption when several nodes are writing to the same mailbox at the same time. > is it necesary to use lmtp instead of dovecot-lda? Yes. > With postfix/dovecot-lda boxes incoming mail happens at the smtp layer > but director redirects are working in the lmtp/imap/pop3 layer. Right. With LMTP you can have dovecot listening on the network (port 24/tcp) for incoming mail. No need for postfix on the backend mailstorage servers. Our setups has been: Mailgw[1-14] ---smtp--> dovecot-server[1-5] (postfix + dovecot/lda) and used MX priorities to make all deliveries go to the same dovecot-server with the others as backup. $ dig mx deliver.example.com +short 10 dove2.example.com. 15 dove3.example.com. 20 dove4.example.com. 25 dove5.example.com. 5 dove1.example.com. Now I'm moving towards: Mailgw[1-14] ---lmtp--> dovecot-server[1-5] (dovecot/lmtp) but worry that the index corruption might hit me again.. Ideally I want: Mailgw[1-14] ---lmtp--> directors --lmtp--> dovecot-server[1-5] (dovecot/lmtp) but lmtp-proxying seems to have bugs (ref: my latest mails to this list). -jf From tom at whyscream.net Wed Sep 7 15:40:09 2011 From: tom at whyscream.net (Tom Hendrikx) Date: Wed, 07 Sep 2011 14:40:09 +0200 Subject: [Dovecot] Sieve "header :value" test does not work In-Reply-To: <4E6672D5.6020506@whyscream.net> References: <4E667075.1080003@whyscream.net> <4E6672D5.6020506@whyscream.net> Message-ID: <4E676629.9000108@whyscream.net> On 06/09/11 21:21, Tom Hendrikx wrote: > On 06/09/11 21:11, Tom Hendrikx wrote: >> hi, >> >> After following some examples and searching for sieve samples in this ml >> history, I'm quite sure that the following sieve snippet should give no >> surprises: >> >> if header :value "ge" :comparator "i;ascii-numeric" "X-Header-Name" >> "0.99" { /* do something */ } >> >> However the Pigeonhole Sieve 0.2.3 on dovecot 2.0.14 gives me following >> error: >> >> test: line 3: error: unknown tagged argument ':value' for the header >> test (reported only once at first occurence). >> test: error: validation failed. >> >> What obvious mistake am I failing to see here? >> > > To answer my own question (which was found by grepping through > /usr/share/doc/dovecot-2.0.14/sieve/rfc/*bz2): including the > "relational" extension in the "require" statement adds support for this > test. > > Sorry for the noise :/ > -- > Tom > The above snippet poses some other issue that I cannot easily solve: the ascii-numeric comparator only handles integer values. All 0.xxxx header values are truncated to 0 by the comparator, just like the sieve script value "0.95". After comparision, this results in true for all cases. I don't really see a way to interact with floats in sieve, other than using regular expressions. However this gets clumsy/hairy quite fast when you're matching a hypothetical header value >=0.73 in stead of >=0.99. Any ideas? -- Regards, Tom From stephan at rename-it.nl Wed Sep 7 16:48:04 2011 From: stephan at rename-it.nl (Stephan Bosch) Date: Wed, 07 Sep 2011 15:48:04 +0200 Subject: [Dovecot] Sieve "header :value" test does not work In-Reply-To: <4E676629.9000108@whyscream.net> References: <4E667075.1080003@whyscream.net> <4E6672D5.6020506@whyscream.net> <4E676629.9000108@whyscream.net> Message-ID: <4E677614.70504@rename-it.nl> On 9/7/2011 2:40 PM, Tom Hendrikx wrote: > The above snippet poses some other issue that I cannot easily solve: the > ascii-numeric comparator only handles integer values. > > All 0.xxxx header values are truncated to 0 by the comparator, just like > the sieve script value "0.95". After comparision, this results in true > for all cases. > > I don't really see a way to interact with floats in sieve, other than > using regular expressions. However this gets clumsy/hairy quite fast > when you're matching a hypothetical header value>=0.73 in stead of>=0.99. > > Any ideas? Yes. This can be a problem. However, the usual application for this is matching against a spam header. If it is, you can use the spamtest extension instead. Then you can configure the gory details in the background (http://wiki2.dovecot.org/Pigeonhole/Sieve/Extensions/SpamtestVirustest). Otherwise, things indeed tend to get hairy. I've puzzled a bit and came up with the following: ==== require "variables"; require "relational"; require "comparator-i;ascii-numeric"; require "regex"; # Extract integer and fractional part separately: set "val_int" "0"; set "val_frac" "0"; if header :regex "X-Header-Name" "([0-9]+)\\.([0-9]+)" { set "val_int" "${1}"; set "val_frac" "${2}"; } if allof ( /* Compare the integer part */ string :comparator "i;ascii-numeric" :value "ge" "${val_int}" "5", /* Compare the fractional part */ string :value "ge" "${val_frac}" "34" ) { discard; } ==== As you can see, the integer and fractional parts of the fractional number are extracted separately using a :regex match. Then the comparison is performed. The integer part is compared using i;ascii-numeric. Quite counter-intuitively, the fractional part is compared using a normal string comparison. The earlier regex match made sure that the ${val_frac} variable only contains digits. The string comparison makes sure that the length of the fractional part does not matter (much) and that the comparison works as expected. A length difference will only have an effect when there are spurious trailing zeros and all the preceeding digits are equal, thereby causing the longer string to have higher value, which is not strictly correct. The above certainly does not deserve an award for beauty, it does not handle negative numbers (can be added), and it is not tested very well. So, use this with caution. Unfortunately, there is no i;ascii-fractional (or whatever) collation and afaik nothing like that is in the works at the IETF. Regards, Stephan. From tom at whyscream.net Wed Sep 7 17:17:33 2011 From: tom at whyscream.net (Tom Hendrikx) Date: Wed, 07 Sep 2011 16:17:33 +0200 Subject: [Dovecot] Sieve "header :value" test does not work In-Reply-To: <4E677614.70504@rename-it.nl> References: <4E667075.1080003@whyscream.net> <4E6672D5.6020506@whyscream.net> <4E676629.9000108@whyscream.net> <4E677614.70504@rename-it.nl> Message-ID: <4E677CFD.4000705@whyscream.net> On 07/09/11 15:48, Stephan Bosch wrote: > On 9/7/2011 2:40 PM, Tom Hendrikx wrote: >> The above snippet poses some other issue that I cannot easily solve: the >> ascii-numeric comparator only handles integer values. >> >> All 0.xxxx header values are truncated to 0 by the comparator, just like >> the sieve script value "0.95". After comparision, this results in true >> for all cases. >> >> I don't really see a way to interact with floats in sieve, other than >> using regular expressions. However this gets clumsy/hairy quite fast >> when you're matching a hypothetical header value>=0.73 in stead of>=0.99. >> >> Any ideas? > > Yes. This can be a problem. However, the usual application for this is > matching against a spam header. If it is, you can use the spamtest > extension instead. Then you can configure the gory details in the > background > (http://wiki2.dovecot.org/Pigeonhole/Sieve/Extensions/SpamtestVirustest). > > Otherwise, things indeed tend to get hairy. I've puzzled a bit and came > up with the following: > > ==== > require "variables"; > require "relational"; > require "comparator-i;ascii-numeric"; > require "regex"; > > # Extract integer and fractional part separately: > set "val_int" "0"; > set "val_frac" "0"; > if header :regex "X-Header-Name" "([0-9]+)\\.([0-9]+)" { > set "val_int" "${1}"; > set "val_frac" "${2}"; > } > > if allof ( > /* Compare the integer part */ > string :comparator "i;ascii-numeric" :value "ge" "${val_int}" "5", > /* Compare the fractional part */ > string :value "ge" "${val_frac}" "34" ) { > discard; > } > ==== > > As you can see, the integer and fractional parts of the fractional > number are extracted separately using a :regex match. Then the > comparison is performed. The integer part is compared using > i;ascii-numeric. Quite counter-intuitively, the fractional part is > compared using a normal string comparison. The earlier regex match made > sure that the ${val_frac} variable only contains digits. The string > comparison makes sure that the length of the fractional part does not > matter (much) and that the comparison works as expected. A length > difference will only have an effect when there are spurious trailing > zeros and all the preceeding digits are equal, thereby causing the > longer string to have higher value, which is not strictly correct. > > The above certainly does not deserve an award for beauty, it does not > handle negative numbers (can be added), and it is not tested very well. > So, use this with caution. Unfortunately, there is no i;ascii-fractional > (or whatever) collation and afaik nothing like that is in the works at > the IETF. > Thanks for the idea :) My first alternative way of thinking was to put the header value in a variable, then multiply it by 10000 (in my actual issue, the fraction always has 4 characters), then handle it as an int. However, doing a calculation is also not supported. I was trying to do some nifty stuff with DSPAM headers, which adds header that indicates "Spam" or "Innocent", and a fractional value between 0 and 1 that indicates the confidence that the filter has in its own classification: X-DSPAM-Result: Spam X-DSPAM-Confidence: 0.9456 ==> quite sure it is spam X-DSPAM-Result: Innocent X-DSPAM-Confidence: 0.9889 ==> even more sure that it is not spam Based on these headers, I wanted to do something with messages that the filter was really sure about, like pushing them to spamcop. Combining these headers in the sieve spamtest configuration to create a sliding scale between 1 and 10 is not really possible. -- Regards, Tom From marcin at mejor.pl Wed Sep 7 17:42:19 2011 From: marcin at mejor.pl (=?UTF-8?B?TWFyY2luIE1pcm9zxYJhdw==?=) Date: Wed, 07 Sep 2011 16:42:19 +0200 Subject: [Dovecot] Problem with configuring dovecot to take namespaces from database Message-ID: <4E6782CB.1060803@mejor.pl> Hello! I'd like to set up dovecot to keep namespaces in database, keep more than one namespace per user. I try to create the simplest rule (even without tuple in db table) to get new namespace, unfortunately it doesn't work. My user_query is: SELECT '/dane/domeny/%d/mail/%n/' as home, dovecot_typ_skrzynki ||':'|| '/dane/domeny/%d/mail/%n/' ||'.'|| dovecot_typ_skrzynki as mail_location, '*:bytes='||quota_mb||'M' as quota_rule , 'test33/location=mdbox:~/.mdbox/test33/' as "namespace/test3/prefix" In debug log i'm getting: Debug: master out: USER#0111#011user at examle.com#011home=/dane/domeny/mejor.pl/mail/marcin/#011mail_location=maildir:/dane/domeny/mejor.pl/mail/marcin/.maildir#011quota_rule=*:bytes=0M#011namespace/test3/prefix=test33/location=mdbox:~/.mdbox/test33/ If i knew how it should look like the line in auth debug log for working configuration it could be easier for me to write correct sql query. May i please for advice? From tss at iki.fi Wed Sep 7 17:50:56 2011 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Sep 2011 17:50:56 +0300 Subject: [Dovecot] Problem with configuring dovecot to take namespaces from database In-Reply-To: <4E6782CB.1060803@mejor.pl> References: <4E6782CB.1060803@mejor.pl> Message-ID: <04EE142A-25EF-4018-A8AB-C3A35CDF7B4E@iki.fi> dovecot -n output (with version number)? On 7.9.2011, at 17.42, Marcin Miros?aw wrote: > Hello! > I'd like to set up dovecot to keep namespaces in database, keep more than one namespace per user. > > I try to create the simplest rule (even without tuple in db table) to get new namespace, unfortunately it doesn't work. > > My user_query is: > SELECT '/dane/domeny/%d/mail/%n/' as home, dovecot_typ_skrzynki ||':'|| '/dane/domeny/%d/mail/%n/' ||'.'|| dovecot_typ_skrzynki as mail_location, '*:bytes='||quota_mb||'M' as quota_rule , 'test33/location=mdbox:~/.mdbox/test33/' as "namespace/test3/prefix" > > In debug log i'm getting: > Debug: master out: USER#0111#011user at examle.com#011home=/dane/domeny/mejor.pl/mail/marcin/#011mail_location=maildir:/dane/domeny/mejor.pl/mail/marcin/.maildir#011quota_rule=*:bytes=0M#011namespace/test3/prefix=test33/location=mdbox:~/.mdbox/test33/ > > If i knew how it should look like the line in auth debug log for working configuration it could be easier for me to write correct sql query. > May i please for advice? > From marcin at mejor.pl Wed Sep 7 17:59:27 2011 From: marcin at mejor.pl (=?UTF-8?B?TWFyY2luIE1pcm9zxYJhdw==?=) Date: Wed, 07 Sep 2011 16:59:27 +0200 Subject: [Dovecot] Problem with configuring dovecot to take namespaces from database In-Reply-To: <04EE142A-25EF-4018-A8AB-C3A35CDF7B4E@iki.fi> References: <4E6782CB.1060803@mejor.pl> <04EE142A-25EF-4018-A8AB-C3A35CDF7B4E@iki.fi> Message-ID: <4E6786CF.2020102@mejor.pl> W dniu 07.09.2011 16:50, Timo Sirainen pisze: > dovecot -n output (with version number)? Argh, i've forgot about it:( Dovecot-2.0.14 # 2.0.14: /etc/dovecot/dovecot.conf # OS: Linux 3.1.0-rc4-git2 x86_64 Gentoo Base System release 2.0.3 auth_cache_size = 1 k auth_debug = yes auth_mechanisms = login digest-md5 cram-md5 plain default_vsz_limit = 32 M deliver_log_format = msgid=%m: from=%f: phys=%p: virt=%w %$ dict { quota = pgsql:/etc/dovecot/dovecot-dict-sql.conf.ext } first_valid_uid = 8 last_valid_uid = 8 lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes mail_attachment_dir = /dane/domeny/zalaczniki mail_attachment_min_size = 64000 k mail_cache_min_mail_count = 20 mail_gid = mail mail_plugins = autocreate quota fts fts_squat notify mail_log zlib mail_privileged_group = mail mail_uid = mail maildir_stat_dirs = yes managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include var iables body enotify environment mailbox date mdbox_rotate_interval = 60 days mdbox_rotate_size = 50 M namespace { inbox = yes list = yes location = prefix = separator = . subscriptions = yes type = private } passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { autocreate = Trash autocreate2 = Spam autocreate3 = Sent autocreate4 = Drafts autosubscribe = Trash autosubscribe2 = Spam autosubscribe3 = Sent autosubscribe4 = Drafts fts = squat fts_squat = partial=4 full=10 quota = dict:User quota::proxy::quota quota_exceeded_message = Quota exceeded / Skrzynka odbiorcy jest przepelniona, wiadomosc nie zostala dostarczona sieve = /dane/domeny/%d/mail/%n/.maildir/.dovecot.sieve sieve_dir = /dane/domeny/%d/mail/%n/.maildir/sieve zlib_save = bz2 } postmaster_address = forspam at kolekcja.mejor.pl protocols = imap pop3 sieve service auth { unix_listener auth-userdb { group = mail mode = 0660 user = root } } service dict { unix_listener dict { user = mail } } service managesieve-login { inet_listener sieve_deprecated { port = 2000 } vsz_limit = 4 M } ssl_cert = References: <4E667075.1080003@whyscream.net> <4E6672D5.6020506@whyscream.net> <4E676629.9000108@whyscream.net> <4E677614.70504@rename-it.nl> <4E677CFD.4000705@whyscream.net> Message-ID: <4E67888A.8010505@rename-it.nl> On 9/7/2011 4:17 PM, Tom Hendrikx wrote: > Thanks for the idea :) > My first alternative way of thinking was to put the header value in a > variable, then multiply it by 10000 (in my actual issue, the fraction > always has 4 characters), then handle it as an int. However, doing a > calculation is also not supported. > > I was trying to do some nifty stuff with DSPAM headers, which adds > header that indicates "Spam" or "Innocent", and a fractional value > between 0 and 1 that indicates the confidence that the filter has in its > own classification: > > X-DSPAM-Result: Spam > X-DSPAM-Confidence: 0.9456 > ==> quite sure it is spam > > X-DSPAM-Result: Innocent > X-DSPAM-Confidence: 0.9889 > ==> even more sure that it is not spam > > Based on these headers, I wanted to do something with messages that the > filter was really sure about, like pushing them to spamcop. > > Combining these headers in the sieve spamtest configuration to create a > sliding scale between 1 and 10 is not really possible. > Not with the current implementation, no. But I could incorporate this new type of specification in the configuration capabilities. Using the spamtest :percent test, this could for instance map as follows: Result=Innocent; Confidence=0.0000 - 1.0000 => spamtest :percent yields 50 - 0 Result=Spam; Confidence=0.0000 - 1.0000 => spamtest :percent yields 50 - 100 Other mappings are possible of course. Regards, Stephan. From tss at iki.fi Wed Sep 7 18:09:35 2011 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Sep 2011 18:09:35 +0300 Subject: [Dovecot] Problem with configuring dovecot to take namespaces from database In-Reply-To: <4E6786CF.2020102@mejor.pl> References: <4E6782CB.1060803@mejor.pl> <04EE142A-25EF-4018-A8AB-C3A35CDF7B4E@iki.fi> <4E6786CF.2020102@mejor.pl> Message-ID: On 7.9.2011, at 17.59, Marcin Miros?aw wrote: > namespace { > inbox = yes > list = yes > location = > prefix = > separator = . > subscriptions = yes > type = private > } You want to modify this namespace, or add a completely new namespace? I don't think you can add new ones via userdb lookup.. You'll basically have to have a template in the config file first, like: namespace newspace { } Then you can add settings to it via e.g. 'namespace/newspace/location'. If all users don't have a namespace, you can set the defaults so it's invisible: namespace newspace { list = no hidden = yes } From marcin at mejor.pl Wed Sep 7 18:19:02 2011 From: marcin at mejor.pl (=?UTF-8?B?TWFyY2luIE1pcm9zxYJhdw==?=) Date: Wed, 07 Sep 2011 17:19:02 +0200 Subject: [Dovecot] Problem with configuring dovecot to take namespaces from database In-Reply-To: References: <4E6782CB.1060803@mejor.pl> <04EE142A-25EF-4018-A8AB-C3A35CDF7B4E@iki.fi> <4E6786CF.2020102@mejor.pl> Message-ID: <4E678B66.60602@mejor.pl> W dniu 07.09.2011 17:09, Timo Sirainen pisze: > On 7.9.2011, at 17.59, Marcin Miros?aw wrote: > >> namespace { >> inbox = yes >> list = yes >> location = >> prefix = >> separator = . >> subscriptions = yes >> type = private >> } > > You want to modify this namespace, or add a completely new namespace? I want to add completely new. > I don't think you can add new ones via userdb lookup.. You'll basically have to have a template in the config file first, like: > > namespace newspace { > } Hmm, it doesn't looks flexible ;) But probably should be enough for my purposes. Is feature "namespace from db" in your plans or it's too rarely needed to spend time on it? From tss at iki.fi Wed Sep 7 18:24:41 2011 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Sep 2011 18:24:41 +0300 Subject: [Dovecot] Problem with configuring dovecot to take namespaces from database In-Reply-To: <4E678B66.60602@mejor.pl> References: <4E6782CB.1060803@mejor.pl> <04EE142A-25EF-4018-A8AB-C3A35CDF7B4E@iki.fi> <4E6786CF.2020102@mejor.pl> <4E678B66.60602@mejor.pl> Message-ID: <8F07F485-4BC4-40E5-A520-7F59C87A7863@iki.fi> On 7.9.2011, at 18.19, Marcin Miros?aw wrote: >> I don't think you can add new ones via userdb lookup.. You'll basically have to have a template in the config file first, like: >> >> namespace newspace { >> } > > Hmm, it doesn't looks flexible ;) But probably should be enough for my purposes. Is feature "namespace from db" in your plans or it's too rarely needed to spend time on it? Actually I'm not completely sure if this is needed. Get it working first with this template, and then see if it continues working after removing the template. > 'test33/location=mdbox:~/.mdbox/test33/' as "namespace/test3/prefix" This is wrong in any case. It should be something like: 'mdbox:~/.mdbox/test33' as 'namespace/test33/location', 'test33.' as 'namespace/test33/prefix' From tss at iki.fi Wed Sep 7 20:17:01 2011 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Sep 2011 20:17:01 +0300 Subject: [Dovecot] Quota fs (ignore mount) In-Reply-To: References: Message-ID: On 6.9.2011, at 15.11, Peter Ignatov wrote: > I set "quota: fs:INBOX:noenforcing:mount=/var/spool/mail", but receive: "fs quota add storage dir = /home/pit/mail"... > Why ? Well .. I'm not entirely sure if the current behavior is good or not, but what you need to do to get it working is to add two quota roots. One for /home/pit/mail (i.e. without specifying mount=) and another for the INBOX's /var/spool/mail. From tss at iki.fi Wed Sep 7 20:22:46 2011 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Sep 2011 20:22:46 +0300 Subject: [Dovecot] Shared Mailboxes with VirtualUsers and mail_location retrieved from ldap In-Reply-To: <1315308456.64827.YahooMailNeo@web29115.mail.ird.yahoo.com> References: <1315308456.64827.YahooMailNeo@web29115.mail.ird.yahoo.com> Message-ID: On 6.9.2011, at 14.27, mailing lists wrote: > I spend a couple of days configurating a new installation of dovecot 2.0.14 with virtual accounts and NFS storage for maildir home/mail directories. > > > At this point I need shared mailboxes but since user mail/home locations are ldap attributes, how is it supposed I must configure this for shared mailboxes? > > for the users' mail/home directories I set this line: > > user_attrs = mailbox=mail=maildir:/var/maildir/%$,homeFilter=home Are home dirs and mail dirs related in any way? The only way you can get it working is by using home dirs, e.g.: user_attrs = mailbox=home=/var/maildir/%$ Then in dovecot.conf: mail_location = maildir:~/ > namespace { > type = shared > separator = / > prefix = shared/%%u/ > subscriptions = no > list = children location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u Of course, if you're already now using separate home dirs for some stuff, this won't really work. From mathog at caltech.edu Thu Sep 8 02:39:07 2011 From: mathog at caltech.edu (mathog) Date: Wed, 07 Sep 2011 16:39:07 -0700 Subject: [Dovecot] copy and empty userA folder1, append to /var/mail/userB Message-ID: <3ee33c7814e8f3834a9210706fa3a36c@saf.bio.caltech.edu> Dovecot 2.0.13 on a 64 bit linux. We have an archiver account on one machine. Most mailing lists that handles go directly to it and everything is fine. However, there is one campus list that will only send to real people. So for that one I subscribed. When one of these messages comes in, which is 1-2x per week, I copy it to an export folder and then manually run a script which does: cat ~me/mail/export >>/var/mail/archiver echo "" > ~me/mail/export That worked fine on our last system, but dovecot doesn't like it. It leaves the imap indices for the export mailbox in an inconsistent state, so that roundcube (through dovecot) refuses to drop messages into it. The error message roundcube emits is: ServerError: Mailbox isn't a valid mbox file. Presumably the second half is from dovecot. I need a supported way to go about this, so that the next time one comes in I can copy to that folder again. The export mailbox is always completely emptied. It would suffice if there was some way to force dovecot to create "empty"" .imap/export: dovecot.index.cache dovecot.index.log files. Note this isn't a problem for the archiver itself, since it doesn't have any imap indexed files. Suggestions? Thank you, David Mathog mathog at caltech.edu Manager, Sequence Analysis Facility, Biology Division, Caltech From karol at babioch.de Thu Sep 8 02:41:58 2011 From: karol at babioch.de (Karol Babioch) Date: Thu, 08 Sep 2011 01:41:58 +0200 Subject: [Dovecot] ManageSieve with SSL/TLS only Message-ID: <4E680146.8040107@babioch.de> Hi, I'm quite new to Dovecot and ManageSieve, so probably I've missed something, although I couldn't find any hints in the wiki. I'm interested in running ManageSieve with SSL/TLS only. So is there any way to reject any non encrypted connections? I couldn't find any parameter for this purpose. I'm currently using dovecot 1.2.15 provided with Debian Squeeze, but I couldn't find any parameter in the 2.0 branch neither. Best regards, Karol Babioch -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 898 bytes Desc: OpenPGP digital signature URL: From tss at iki.fi Thu Sep 8 10:20:57 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 08 Sep 2011 10:20:57 +0300 Subject: [Dovecot] ManageSieve with SSL/TLS only In-Reply-To: <4E680146.8040107@babioch.de> References: <4E680146.8040107@babioch.de> Message-ID: <1315466458.3876.18.camel@hurina> On Thu, 2011-09-08 at 01:41 +0200, Karol Babioch wrote: > Hi, > > I'm quite new to Dovecot and ManageSieve, so probably I've missed > something, although I couldn't find any hints in the wiki. I'm > interested in running ManageSieve with SSL/TLS only. So is there any way > to reject any non encrypted connections? I couldn't find any parameter > for this purpose. > > I'm currently using dovecot 1.2.15 provided with Debian Squeeze, but I > couldn't find any parameter in the 2.0 branch neither. a) disable_plaintext_auth=yes (default) b) ssl=required They are equivalent if you've only enabled plaintext authentication mechanisms. http://wiki.dovecot.org/SSL/DovecotConfiguration and http://wiki.dovecot.org/SSL explain more. From tss at iki.fi Thu Sep 8 10:24:27 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 08 Sep 2011 10:24:27 +0300 Subject: [Dovecot] copy and empty userA folder1, append to /var/mail/userB In-Reply-To: <3ee33c7814e8f3834a9210706fa3a36c@saf.bio.caltech.edu> References: <3ee33c7814e8f3834a9210706fa3a36c@saf.bio.caltech.edu> Message-ID: <1315466667.3876.20.camel@hurina> On Wed, 2011-09-07 at 16:39 -0700, mathog wrote: > Dovecot 2.0.13 on a 64 bit linux. > > echo "" > ~me/mail/export > > That worked fine on our last system, but dovecot doesn't like it. It > leaves the imap indices for the > export mailbox in an inconsistent state, so that roundcube (through > dovecot) refuses to drop > messages into it. The error message roundcube emits is: > > ServerError: Mailbox isn't a valid mbox file. You change the "export" mbox to be one byte size containing LF. It should instead be completely zero size. For example echo -n > ~me/mail/export Alternative could be to simply rm it? From janfrode at tanso.net Thu Sep 8 10:56:20 2011 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Thu, 8 Sep 2011 09:56:20 +0200 Subject: [Dovecot] lmtp -- save failed to INBOX: BUG: Unknown internal error Message-ID: <20110908075620.GA27139@oc1046828364.ibm.com> I've had 18 instances of this error the last 24 hours: Sep 8 08:56:00 popimap1 dovecot:: lmtp(10529, first.last at example.om): mGdAOtdlaE4hKQAAg/aw4w: msgid=: save failed to INBOX: BUG: Unknown internal error 17 on lmtp-server A, and one on lmtp-server B. On server A it was a message with 55 recepients, where 17 failed initially -- and the was then successfully delivered. lmtp pid 10529, 08:55:57-08:56:01 - 11 successfull deliveries, 17 BUGs lmtp pid 10609, 08:56:00 - 1 successfull deliveries lmtp pid 31291, 08:56:06 - 2 successfull deliveries lmtp pid 10482, 08:56:04-06 - 3 successfull deliveries lmtp pid 6738, 08:56:06 - 1 successfull deliveries lmtp pid 24488, 08:56:06-07 - 5 successfull deliveries lmtp pid 7101, 08:56:01-07 - 19 successfull deliveries lmtp pid 21330, 08:56:08 - 1 successfull deliveries lmtp pid 2177, 08:56:09 - 3 successfull deliveries lmtp pid 7085, 08:56:10 - 3 successfull deliveries lmtp pid 6633, 08:56:08-10 - 6 successfull deliveries The one on lmtp-server B was a different msgid from A, and also had several recepients (6). It was successfully delivered to the recepient that initially failed the same second. Config here: # 2.0.14: /etc/dovecot/dovecot.conf # OS: Linux 2.6.18-194.26.1.el5 x86_64 Red Hat Enterprise Linux Server release 5.5 (Tikanga) auth_verbose = yes auth_verbose_passwords = sha1 disable_plaintext_auth = no mail_gid = 3000 mail_location = maildir:~/:INDEX=/indexes/%1u/%1.1u/%u mail_plugins = quota mail_uid = 3000 mmap_disable = yes namespace { inbox = yes location = prefix = INBOX. type = private } passdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } plugin { quota = maildir:User quota } service auth-worker { user = $default_internal_user } service auth { client_limit = 4396 } service imap-login { inet_listener imap { address = * port = 143 } } service imap { executable = /usr/local/sbin/imap-wrapper.sh process_limit = 2048 } service lmtp { client_limit = 1 inet_listener lmtp { address = * port = 24 } process_limit = 25 } service pop3-login { inet_listener pop3 { address = * port = 110 } } service pop3 { executable = /usr/local/sbin/pop-wrapper.sh process_limit = 2048 } ssl = no userdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } protocol lmtp { mail_plugins = quota } protocol imap { imap_client_workarounds = delay-newmail mail_plugins = quota imap_quota } protocol pop3 { mail_plugins = quota pop3_client_workarounds = outlook-no-nuls oe-ns-eoh pop3_uidl_format = UID%u-%v } -jf From tss at iki.fi Thu Sep 8 11:53:26 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 08 Sep 2011 11:53:26 +0300 Subject: [Dovecot] lmtp -- save failed to INBOX: BUG: Unknown internal error In-Reply-To: <20110908075620.GA27139@oc1046828364.ibm.com> References: <20110908075620.GA27139@oc1046828364.ibm.com> Message-ID: <1315472006.3876.22.camel@hurina> On Thu, 2011-09-08 at 09:56 +0200, Jan-Frode Myklebust wrote: > I've had 18 instances of this error the last 24 hours: > > Sep 8 08:56:00 popimap1 dovecot:: lmtp(10529, first.last at example.om): mGdAOtdlaE4hKQAAg/aw4w: msgid=: save failed to INBOX: BUG: Unknown internal error Hmm. These are pretty annoying to find. I looked through the sources and.. Well, found one possible reason for it. Try applying these patches and see what it says then: http://hg.dovecot.org/dovecot-2.0/raw-rev/858298eb101f http://hg.dovecot.org/dovecot-2.0/raw-rev/323ab62983b6 Or were there any actual errors logged before this message? From adrian.stoica at dacris.net Thu Sep 8 12:00:58 2011 From: adrian.stoica at dacris.net (Adrian Stoica) Date: Thu, 08 Sep 2011 12:00:58 +0300 Subject: [Dovecot] test Message-ID: <4E68844A.7040907@dacris.net> Hello i use dovecot 2.0.14 , with exim 4.76 using dovecot-lda. We have the following problem: when I receive mail from the site http://www.transfer.ro, which is a file transfer site, most emails appear to be empty. Empty rows appear in email body slipped through the existing, and this makemy mail client to show me an empty mail. You can see the content only by viewing the message source. instead of "- np4e68592849da7 Content-type: text / plain, charset = utf-8 " appear "- np4e68592849da7 Content-type: text / plain, charset = utf-8 " , and that blank line spoil everything. You can check if there is somethingwrong ? -------------- next part -------------- A non-text attachment was scrubbed... Name: adrian_stoica.vcf Type: text/x-vcard Size: 195 bytes Desc: not available URL: From marcin at mejor.pl Thu Sep 8 12:26:00 2011 From: marcin at mejor.pl (=?UTF-8?B?TWFyY2luIE1pcm9zxYJhdw==?=) Date: Thu, 08 Sep 2011 11:26:00 +0200 Subject: [Dovecot] Problem with configuring dovecot to take namespaces from database In-Reply-To: <8F07F485-4BC4-40E5-A520-7F59C87A7863@iki.fi> References: <4E6782CB.1060803@mejor.pl> <04EE142A-25EF-4018-A8AB-C3A35CDF7B4E@iki.fi> <4E6786CF.2020102@mejor.pl> <4E678B66.60602@mejor.pl> <8F07F485-4BC4-40E5-A520-7F59C87A7863@iki.fi> Message-ID: <4E688A28.1090800@mejor.pl> W dniu 07.09.2011 17:24, Timo Sirainen pisze: > On 7.9.2011, at 18.19, Marcin Miros?aw wrote: > Actually I'm not completely sure if this is needed. Get it working first with this template, and then see if it continues working after removing the template. I did namespace template: namespace test33 { separator = . # without this i got error: Initialization #failed: namespace configuration error: list=yes requires #prefix=test33. to end with separator } I've change sql query to get data from table. For other user which doesn't have configured namespace in db i've got error: Initialization failed: namespace configuration error: Duplicate namespace prefix: "" So there is something which i should fix. Thanks From tss at iki.fi Thu Sep 8 12:40:08 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 08 Sep 2011 12:40:08 +0300 Subject: [Dovecot] Problem with configuring dovecot to take namespaces from database In-Reply-To: <4E688A28.1090800@mejor.pl> References: <4E6782CB.1060803@mejor.pl> <04EE142A-25EF-4018-A8AB-C3A35CDF7B4E@iki.fi> <4E6786CF.2020102@mejor.pl> <4E678B66.60602@mejor.pl> <8F07F485-4BC4-40E5-A520-7F59C87A7863@iki.fi> <4E688A28.1090800@mejor.pl> Message-ID: <1315474812.3876.23.camel@hurina> On Thu, 2011-09-08 at 11:26 +0200, Marcin Miros?aw wrote: > W dniu 07.09.2011 17:24, Timo Sirainen pisze: > > On 7.9.2011, at 18.19, Marcin Miros?aw wrote: > > Actually I'm not completely sure if this is needed. Get it working first with this template, and then see if it continues working after removing the template. > > I did namespace template: > namespace test33 { > separator = . # without this i got error: Initialization > #failed: namespace configuration error: list=yes requires > #prefix=test33. to end with separator > } > > I've change sql query to get data from table. For other user which > doesn't have configured namespace in db i've got error: > Initialization failed: namespace configuration error: Duplicate > namespace prefix: "" You can't have two namespaces with prefix="". So for example add: namespace test33 { prefix = test33. } From tss at iki.fi Thu Sep 8 12:41:58 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 08 Sep 2011 12:41:58 +0300 Subject: [Dovecot] test In-Reply-To: <4E68844A.7040907@dacris.net> References: <4E68844A.7040907@dacris.net> Message-ID: <1315474919.3876.25.camel@hurina> On Thu, 2011-09-08 at 12:00 +0300, Adrian Stoica wrote: > Hello > i use dovecot 2.0.14 , with exim 4.76 using dovecot-lda. > > We have the following problem: when I receive mail from the site > http://www.transfer.ro, which is a file transfer site, most emails > appear to be empty. > Empty rows appear in email body slipped through the existing, and this > makemy mail client to show me an empty mail. You can see the content > only by viewing the message source. > > instead of > "- np4e68592849da7 > Content-type: text / plain, charset = utf-8 > " > appear > > "- np4e68592849da7 > > Content-type: text / plain, charset = utf-8 " , and that blank line > spoil everything. > > You can check if there is somethingwrong ? I'm not aware of any such bugs ever existing in dovecot-lda. You could check this by having Exim internally deliver mails from that site to some other maildir/mbox file, and check if the empty line exists there also. I don't know the specifics of how to configure Exim this way. From tss at iki.fi Thu Sep 8 12:45:31 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 08 Sep 2011 12:45:31 +0300 Subject: [Dovecot] test In-Reply-To: <1315474919.3876.25.camel@hurina> References: <4E68844A.7040907@dacris.net> <1315474919.3876.25.camel@hurina> Message-ID: <1315475131.3876.28.camel@hurina> On Thu, 2011-09-08 at 12:41 +0300, Timo Sirainen wrote: > I'm not aware of any such bugs ever existing in dovecot-lda. You could > check this by having Exim internally deliver mails from that site to > some other maildir/mbox file, and check if the empty line exists there > also. I don't know the specifics of how to configure Exim this way. Oh, or another possibility: instead of executing dovecot-lda directly, execute dovecot-lda.sh which contains something like (warning: totally untested): #!/bin/sh tmpfile=`mktemp` cat > $tmpfile if grep -q ^From.*transfer.ro; then cp $tmpfile /tmp/transfer.ro.`date +%s` fi /usr/local/libexec/dovecot/dovecot-lda "$@" < $tmpfile ret=$? rm -f $tmpfile exit $ret From janfrode at tanso.net Thu Sep 8 13:28:52 2011 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Thu, 8 Sep 2011 12:28:52 +0200 Subject: [Dovecot] lmtp -- save failed to INBOX: BUG: Unknown internal error In-Reply-To: <1315472006.3876.22.camel@hurina> References: <20110908075620.GA27139@oc1046828364.ibm.com> <1315472006.3876.22.camel@hurina> Message-ID: <20110908102852.GA30317@oc1046828364.ibm.com> On Thu, Sep 08, 2011 at 11:53:26AM +0300, Timo Sirainen wrote: > > Hmm. These are pretty annoying to find. I looked through the sources > and.. Well, found one possible reason for it. Try applying these patches > and see what it says then: > > http://hg.dovecot.org/dovecot-2.0/raw-rev/858298eb101f > http://hg.dovecot.org/dovecot-2.0/raw-rev/323ab62983b6 Thanks, applied.. Will let you know if/when it happens again. > > Or were there any actual errors logged before this message? I couldn't find any.. but these BUG:-messages were logged as debug or info level syslog messages, which quickly drowns in everything else on busy pop/imap-servers. -jf From tss at iki.fi Thu Sep 8 13:31:22 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 8 Sep 2011 13:31:22 +0300 Subject: [Dovecot] lmtp -- save failed to INBOX: BUG: Unknown internal error In-Reply-To: <20110908102852.GA30317@oc1046828364.ibm.com> References: <20110908075620.GA27139@oc1046828364.ibm.com> <1315472006.3876.22.camel@hurina> <20110908102852.GA30317@oc1046828364.ibm.com> Message-ID: <4A95E89D-FE64-42AC-8A35-3EDBF0B97986@iki.fi> On 8.9.2011, at 13.28, Jan-Frode Myklebust wrote: > I couldn't find any.. but these BUG:-messages were logged as > debug or info level syslog messages, which quickly drowns in everything > else on busy pop/imap-servers. That's why I prefer logging errors and warnings to separate logs. Those errors logs should always stay empty. You can do this either by configuring syslog or just setting e.g.: log_path = /var/log/dovecot-errors.log info_log_path = syslog From tss at iki.fi Thu Sep 8 13:42:16 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 8 Sep 2011 13:42:16 +0300 Subject: [Dovecot] limit number of simultaneous lmtp deliveries ? In-Reply-To: <20110905090541.GA8709@oc1046828364.ibm.com> References: <20110905090541.GA8709@oc1046828364.ibm.com> Message-ID: <1A3544DD-2754-4658-9AFD-CF5DD9A675F4@iki.fi> On 5.9.2011, at 12.05, Jan-Frode Myklebust wrote: > Sep 5 10:51:56 mailgw1 postfix/lmtp[23443]: 0E2F41C01A: to=, relay=loadbalancers.example.com[192.168.42.15]:24, delay=61, delays=0.02/0.3/31/30, dsn=4.4.0, status=deferred (host loadbalancers.example.com[192.168.42.15] said: 451 4.4.0 Remote server not answering (DATA output timeout) (in reply to end of DATA command)) Well, I added even more debugging output for this message: http://hg.dovecot.org/dovecot-2.0/raw-rev/8de8752b2e94 Would be interesting to know what it logs with that. From janfrode at tanso.net Thu Sep 8 13:44:19 2011 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Thu, 8 Sep 2011 12:44:19 +0200 Subject: [Dovecot] lmtp -- save failed to INBOX: BUG: Unknown internal error In-Reply-To: <4A95E89D-FE64-42AC-8A35-3EDBF0B97986@iki.fi> References: <20110908075620.GA27139@oc1046828364.ibm.com> <1315472006.3876.22.camel@hurina> <20110908102852.GA30317@oc1046828364.ibm.com> <4A95E89D-FE64-42AC-8A35-3EDBF0B97986@iki.fi> Message-ID: <20110908104419.GA31437@oc1046828364.ibm.com> On Thu, Sep 08, 2011 at 01:31:22PM +0300, Timo Sirainen wrote: > > > I couldn't find any.. but these BUG:-messages were logged as > > debug or info level syslog messages, which quickly drowns in everything > > else on busy pop/imap-servers. > > That's why I prefer logging errors and warnings to separate logs. Those errors logs should always stay empty. You can do this either by configuring syslog or just setting e.g.: > > log_path = /var/log/dovecot-errors.log > info_log_path = syslog We have that trough syslog: mail.debug -/var/log/maillog.debug mail.* -/var/log/maillog mail.warning -/var/log/maillog.warning mail.err -/var/log/maillog.errors mail.crit -/var/log/maillog.crit but these BUG-messages only ended up in /var/log/maillog and /var/log/maillog.debug, so I think they were logged with wrong severity. But "those errors logs should always stay empty" isn't quite true for us.., since every failed ldap bind() authentication is logged as an error: $ sudo wc -l maillog.errors 2063 maillog.errors $ sudo head -1 maillog.errors ; sudo tail -1 maillog.errors Sep 8 04:02:43 popimap1 dovecot: auth: Error: ldap(user2,192.168.42.15): ldap_bind() failed: No such object Sep 8 12:39:46 popimap1 dovecot: auth: Error: ldap(user1,192.168.42.15): ldap_bind() failed: No such object -jf From marcin at mejor.pl Thu Sep 8 14:00:48 2011 From: marcin at mejor.pl (=?UTF-8?B?TWFyY2luIE1pcm9zxYJhdw==?=) Date: Thu, 08 Sep 2011 13:00:48 +0200 Subject: [Dovecot] Problem with configuring dovecot to take namespaces from database In-Reply-To: <1315474812.3876.23.camel@hurina> References: <4E6782CB.1060803@mejor.pl> <04EE142A-25EF-4018-A8AB-C3A35CDF7B4E@iki.fi> <4E6786CF.2020102@mejor.pl> <4E678B66.60602@mejor.pl> <8F07F485-4BC4-40E5-A520-7F59C87A7863@iki.fi> <4E688A28.1090800@mejor.pl> <1315474812.3876.23.camel@hurina> Message-ID: <4E68A060.8090306@mejor.pl> W dniu 08.09.2011 11:40, Timo Sirainen pisze: > You can't have two namespaces with prefix="". So for example add: > > namespace test33 { > prefix = test33. > } I admit that I slightly lost me. Let me try to summarize: - i can't use db to keep completely definition of namespace(s) -- e.g. user X has no additional namespace, user Y has 3 additonal namespaces with location Y1, Y2, Y3 - if user Z wants new namespace i have to define it in config and user_db query should return list=no and hidden=yes for users diffrent than Z. I can get from db "location" for such namespace used by user Z. This is how i understood all our talk. I hope i didn't missed too much :) Thank you. From listas.correo at yahoo.es Thu Sep 8 14:14:20 2011 From: listas.correo at yahoo.es (mailing lists) Date: Thu, 8 Sep 2011 12:14:20 +0100 (BST) Subject: [Dovecot] Shared Mailboxes with VirtualUsers and mail_location retrieved from ldap Message-ID: <1315480460.20728.YahooMailNeo@web29111.mail.ird.yahoo.com> Hello, On 09/07/2011 07:22 PM, Timo Sirainen wrote: > On 6.9.2011, at 14.27, mailing lists wrote: >> At this point I need shared mailboxes but since user mail/home locations are ldap attributes, how is it supposed I must configure this for shared mailboxes? >> >> for the users' mail/home directories I set this line: >> >> user_attrs = mailbox=mail=maildir:/var/maildir/%$,homeFilter=home > > Are home dirs and mail dirs related in any way? The only way you can get it working is by using home dirs, e.g.: > > user_attrs = mailbox=home=/var/maildir/%$ yes, my virtual users have separate directories for home and mail. Their locations are stored in ldap attributes (with random generated paths), so a flat scheme like /var/maildr/%%u isn't valid. for typical (virtual) users the location returned looks like: Sep? 8 12:48:33 imap1 dovecot: auth: Debug: ldap(user012,::1): result: mailbox(mail=maildir:/var/maildir/%$)=vol06/1/15/user012 homeFilter(home)=/var/mailfilter/vol06/1/15/user012 ... Sep? 8 12:54:50 imap1 dovecot: imap(user012): Debug: maildir++: root=/var/maildir/vol06/1/15/user012, index=, control=, inbox=/var/maildir/vol06/1/15/user012, alt= ? > Then in dovecot.conf: > > mail_location = maildir:~/ > >> namespace { >>??? type = shared >>??? separator = / >>??? prefix = shared/%%u/ >>??? subscriptions = no >>??? list = children > > location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u this is that I see in? logs and not shared folders are seen by imap clients: Sep? 8 12:57:11 imap1 dovecot: imap(user012): Debug: Namespace : type=shared, prefix=shared.%u., sep=., inbox=no, hidden=no, list=children, subscriptions=no location=maildir:%h/Maildir:INDEX=~/Maildir/shared/%u Sep? 8 12:57:11 imap1 dovecot: imap(user012): Debug: shared: root=/var/run/dovecot/, index=, control=, inbox=, alt= Sep? 8 12:57:11 imap1 dovecot: imap(user012): Debug: acl: initializing backend with data: vfile I fail to understand how %%u is retrieved from ldap... ? /----------/ # dovecot -n # 2.0.14: /etc/dovecot/dovecot.conf # OS: Linux 2.6.34.7-0.7-xen x86_64 openSUSE 11.3 (x86_64) auth_debug = yes auth_debug_passwords = yes auth_verbose = yes auth_verbose_passwords = plain base_dir = /var/run/dovecot/ disable_plaintext_auth = no mail_debug = yes mail_fsync = always mail_gid = 5000 mail_location = maildir:~/ mail_nfs_index = yes mail_nfs_storage = yes mail_plugins = acl mail_uid = 5000 managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date mmap_disable = yes namespace { ? inbox = yes ? location = ? prefix = INBOX. ? separator = . } namespace { ? list = children ? location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u ? prefix = shared.%%u. ? separator = . ? subscriptions = no ? type = shared } passdb { ? args = /etc/dovecot/dovecot-ldap.conf.ext ? driver = ldap } plugin { ? acl = vfile ? acl_shared_dict = file:/var/maildir/shared-mailboxes ? sieve = ~/.dovecot.sieve ? sieve_dir = ~/sieve } protocols = imap ssl = no userdb { ? args = /etc/dovecot/dovecot-ldap.conf.ext ? driver = ldap } verbose_proctitle = yes protocol imap { ? mail_max_userip_connections = 100 ? mail_plugins = acl imap_acl autocreate } From janfrode at tanso.net Thu Sep 8 14:22:01 2011 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Thu, 8 Sep 2011 13:22:01 +0200 Subject: [Dovecot] limit number of simultaneous lmtp deliveries ? In-Reply-To: <1A3544DD-2754-4658-9AFD-CF5DD9A675F4@iki.fi> References: <20110905090541.GA8709@oc1046828364.ibm.com> <1A3544DD-2754-4658-9AFD-CF5DD9A675F4@iki.fi> Message-ID: <20110908112201.GA708@oc1046828364.ibm.com> On Thu, Sep 08, 2011 at 01:42:16PM +0300, Timo Sirainen wrote: > > Well, I added even more debugging output for this message: http://hg.dovecot.org/dovecot-2.0/raw-rev/8de8752b2e94 > > Would be interesting to know what it logs with that. > Postfix logs: Sep 8 13:14:28 asav7 postfix/lmtp[22024]: 5ADD454030: host loadbalancers.example.com[192.168.42.15] said: 451 4.4.0 Remote server not answering (DATA output stalled for 30 secs, 36742B sent, 0B buffered) (in reply to end of DATA command) Sep 8 13:17:51 asav7 postfix/lmtp[22759]: 1981954011: host loadbalancers.example.com[192.168.42.17] said: 451 4.4.0 Remote server not answering (DATA output stalled for 30 secs, 38629B sent, 0B buffered) (in reply to end of DATA command) -jf From listas.correo at yahoo.es Thu Sep 8 14:25:08 2011 From: listas.correo at yahoo.es (mailing lists) Date: Thu, 8 Sep 2011 12:25:08 +0100 (BST) Subject: [Dovecot] is it necessary lmtp and director to avoid index corruption in mail delivery? Message-ID: <1315481108.60265.YahooMailNeo@web29117.mail.ird.yahoo.com> JF, thank you for the reply. I'm just curious how to big players fix this problem, which seems impact systems with shared storage. Have a nice day. On 09/07/2011 12:59 PM, Jan-Frode Myklebust wrote: > On Wed, Sep 07, 2011 at 11:26:28AM +0100, mailing lists wrote: >> Hello all, >> If I have several postfix/dovecot-lda boxes with shared nfs storage, >> how director helps in this scenario? > > The director can help by directing each unique user to the same backend > server for each delivery, which should give you better performance > (indexes cached in memory on only one machine instead of on all, > inotify will work for IMAP NOTIFY), and also avoid some apparent race > conditions that has lead to index corruption when several nodes are > writing to the same mailbox at the same time. > >> is it necesary to use lmtp instead of dovecot-lda? > > Yes. > > >> With postfix/dovecot-lda boxes incoming mail happens at the smtp layer >> but director redirects are working in the lmtp/imap/pop3 layer. > > Right. > > With LMTP you can have dovecot listening on the network (port 24/tcp) > for incoming mail. No need for postfix on the backend mailstorage > servers. > > Our setups has been: > > ??? Mailgw[1-14] ---smtp-->? dovecot-server[1-5] (postfix + dovecot/lda) > > and used MX priorities to make all deliveries go to the same > dovecot-server with the others as backup. > > ??? $ dig mx deliver.example.com +short > ??? 10 dove2.example.com. > ??? 15 dove3.example.com. > ??? 20 dove4.example.com. > ??? 25 dove5.example.com. > ??? 5 dove1.example.com. > > > Now I'm moving towards: > > ??? Mailgw[1-14] ---lmtp-->? dovecot-server[1-5] (dovecot/lmtp) > > but worry that the index corruption might hit me again.. Ideally > I want: > > ??? Mailgw[1-14] ---lmtp-->? directors --lmtp-->? dovecot-server[1-5] (dovecot/lmtp) > > but lmtp-proxying seems to have bugs (ref: my latest mails to this > list). > > >??? -jf From tss at iki.fi Thu Sep 8 16:03:58 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 08 Sep 2011 16:03:58 +0300 Subject: [Dovecot] lmtp -- save failed to INBOX: BUG: Unknown internal error In-Reply-To: <20110908104419.GA31437@oc1046828364.ibm.com> References: <20110908075620.GA27139@oc1046828364.ibm.com> <1315472006.3876.22.camel@hurina> <20110908102852.GA30317@oc1046828364.ibm.com> <4A95E89D-FE64-42AC-8A35-3EDBF0B97986@iki.fi> <20110908104419.GA31437@oc1046828364.ibm.com> Message-ID: <1315487039.3876.35.camel@hurina> On Thu, 2011-09-08 at 12:44 +0200, Jan-Frode Myklebust wrote: > Sep 8 08:56:00 popimap1 dovecot:: lmtp(10529, first.last at example.om): mGdAOtdlaE4hKQAAg/aw4w: msgid=: save failed to INBOX: BUG: Unknown internal error .. > but these BUG-messages only ended up in /var/log/maillog and > /var/log/maillog.debug, so I think they were logged with wrong severity. The message is logged with info-level, because it's the "what happened to the message" line. It's basically the same message that gets logged every time, regardless of what happened to the message. What should have happened above was: Error: something bad happened to your message Info: save failed to INBOX: Internal error occurred. So you should have gotten one error and one info message, but because of some bug you didn't get any error. > But "those errors logs should always stay empty" isn't quite true for us.., > since every failed ldap bind() authentication is logged as an error: > > $ sudo wc -l maillog.errors > 2063 maillog.errors > $ sudo head -1 maillog.errors ; sudo tail -1 maillog.errors > Sep 8 04:02:43 popimap1 dovecot: auth: Error: ldap(user2,192.168.42.15): ldap_bind() failed: No such object > Sep 8 12:39:46 popimap1 dovecot: auth: Error: ldap(user1,192.168.42.15): ldap_bind() failed: No such object It shouldn't be behaving like that.. Are you saying that all "unknown user" failures are logged as those errors? I get without auth_bind_userdn: Sep 08 15:56:08 auth: Info: ldap(foo,127.0.0.1): unknown user With auth_bind_userdn: Sep 08 16:00:12 auth: Info: ldap(foo,127.0.0.1): invalid credentials So the "No such object" isn't expected.. Maybe different LDAP servers work in different ways?.. Yours appears to give out the difference between "user doesn't exist" and "wrong password"? Does the attached patch change these to "unknown user" messages? -------------- next part -------------- A non-text attachment was scrubbed... Name: diff Type: text/x-patch Size: 573 bytes Desc: not available URL: From tss at iki.fi Thu Sep 8 16:07:04 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 08 Sep 2011 16:07:04 +0300 Subject: [Dovecot] Shared Mailboxes with VirtualUsers and mail_location retrieved from ldap In-Reply-To: <1315480460.20728.YahooMailNeo@web29111.mail.ird.yahoo.com> References: <1315480460.20728.YahooMailNeo@web29111.mail.ird.yahoo.com> Message-ID: <1315487225.3876.37.camel@hurina> On Thu, 2011-09-08 at 12:14 +0100, mailing lists wrote: > yes, my virtual users have separate directories for home and mail. > Their locations are stored in ldap attributes (with random generated > paths), so a flat scheme like /var/maildr/%%u isn't valid. Sorry, you're out of luck with that kind of a setup. Only the %%h can look up a home directory from LDAP. Maybe some day in future there will be other variables that can be looked up. From tss at iki.fi Thu Sep 8 16:18:41 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 08 Sep 2011 16:18:41 +0300 Subject: [Dovecot] Problem with configuring dovecot to take namespaces from database In-Reply-To: <4E68A060.8090306@mejor.pl> References: <4E6782CB.1060803@mejor.pl> <04EE142A-25EF-4018-A8AB-C3A35CDF7B4E@iki.fi> <4E6786CF.2020102@mejor.pl> <4E678B66.60602@mejor.pl> <8F07F485-4BC4-40E5-A520-7F59C87A7863@iki.fi> <4E688A28.1090800@mejor.pl> <1315474812.3876.23.camel@hurina> <4E68A060.8090306@mejor.pl> Message-ID: <1315487921.3876.40.camel@hurina> On Thu, 2011-09-08 at 13:00 +0200, Marcin Miros?aw wrote: > W dniu 08.09.2011 11:40, Timo Sirainen pisze: > > You can't have two namespaces with prefix="". So for example add: > > > > namespace test33 { > > prefix = test33. > > } > > I admit that I slightly lost me. Let me try to summarize: > - i can't use db to keep completely definition of namespace(s) > -- e.g. user X has no additional namespace, user Y has 3 additonal > namespaces with location Y1, Y2, Y3 > - if user Z wants new namespace i have to define it in config and > user_db query should return list=no and hidden=yes for users diffrent > than Z. I can get from db "location" for such namespace used by user Z. Forget all of that. I just tried a few ways and looks like you can add more namespaces by returning e.g. these fields (from SQL): namespace=nsname namespace/nsname/prefix=prefix/ namespace/nsname/location=maildir:/elsewhere namespace/nsname/separator=/ Where nsname is some unique name for the namespace. If you want more than one namespace, I think you can do it by adding another name to "namespace" field, e.g.: namespace=nsname nsname2 nsname3 From janfrode at tanso.net Thu Sep 8 16:21:52 2011 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Thu, 8 Sep 2011 15:21:52 +0200 Subject: [Dovecot] lmtp -- save failed to INBOX: BUG: Unknown internal error In-Reply-To: <1315487039.3876.35.camel@hurina> References: <20110908075620.GA27139@oc1046828364.ibm.com> <1315472006.3876.22.camel@hurina> <20110908102852.GA30317@oc1046828364.ibm.com> <4A95E89D-FE64-42AC-8A35-3EDBF0B97986@iki.fi> <20110908104419.GA31437@oc1046828364.ibm.com> <1315487039.3876.35.camel@hurina> Message-ID: <20110908132152.GA4450@oc1046828364.ibm.com> On Thu, Sep 08, 2011 at 04:03:58PM +0300, Timo Sirainen wrote: > > It shouldn't be behaving like that.. Are you saying that all "unknown > user" failures are logged as those errors? Seems so yes. > > I get without auth_bind_userdn: > > Sep 08 15:56:08 auth: Info: ldap(foo,127.0.0.1): unknown user > > With auth_bind_userdn: > > Sep 08 16:00:12 auth: Info: ldap(foo,127.0.0.1): invalid credentials > > So the "No such object" isn't expected.. Maybe different LDAP servers > work in different ways?.. We're using centos directory server - aka - red hat directory server - aka - 389ds. With: auth_verbose = yes auth_verbose_passwords = sha1 (which doesn't work) userdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } hosts = ldapm1.example.net:389 ldapm2.example.net:389 auth_bind = yes auth_bind_userdn = uid=%n,ou=people,o=%d,o=ISP,o=example,c=NO base = ou=people,o=%d,o=ISP,o=example,c=NO deref = never scope = onelevel user_attrs = mailMessageStore=home, mailLocation=mail, mailQuota=mailQuota=quota_rule=*:storage=%$ user_filter = (&(objectClass=examplePerson)(uid=%n)) Could maybe also be the user_filter or auth_bind_userdn that's turning it into an error ? > Yours appears to give out the difference > between "user doesn't exist" and "wrong password"? Does the attached > patch change these to "unknown user" messages? > diff -r 8de8752b2e94 src/auth/passdb-ldap.c > --- a/src/auth/passdb-ldap.c Thu Sep 08 13:41:20 2011 +0300 > +++ b/src/auth/passdb-ldap.c Thu Sep 08 16:03:21 2011 +0300 > @@ -157,6 +157,10 @@ > } > auth_request_log_info(auth_request, "ldap", "%s", str); > passdb_result = PASSDB_RESULT_PASSWORD_MISMATCH; > + } else if (ret == LDAP_NO_SUCH_OBJECT) { > + passdb_result = PASSDB_RESULT_USER_UNKNOWN; > + auth_request_log_info(auth_request, "ldap", > + "unknown user"); > } else { > auth_request_log_error(auth_request, "ldap", > "ldap_bind() failed: %s", I've done a bit too many unscheduled changes today... will see if I can sneak this in tomorrow :-) -jf From mathog at caltech.edu Thu Sep 8 18:05:33 2011 From: mathog at caltech.edu (mathog) Date: Thu, 08 Sep 2011 08:05:33 -0700 Subject: [Dovecot] copy and empty userA folder1, append to /var/mail/userB In-Reply-To: <1315466667.3876.20.camel@hurina> References: <3ee33c7814e8f3834a9210706fa3a36c@saf.bio.caltech.edu> <1315466667.3876.20.camel@hurina> Message-ID: <529647020022fb96e9bda2440c1b73ea@saf.bio.caltech.edu> On Thu, 08 Sep 2011 10:24:27 +0300, Timo Sirainen wrote: > On Wed, 2011-09-07 at 16:39 -0700, mathog wrote: >> Dovecot 2.0.13 on a 64 bit linux. >> >> echo "" > ~me/mail/export >> >> That worked fine on our last system, but dovecot doesn't like it. >> It >> leaves the imap indices for the >> export mailbox in an inconsistent state, so that roundcube (through >> dovecot) refuses to drop >> messages into it. The error message roundcube emits is: >> >> ServerError: Mailbox isn't a valid mbox file. > > You change the "export" mbox to be one byte size containing LF. It > should instead be completely zero size that was it. Changed the script that does the move to use cat >~me/mail/export < I'll try and break up my questions the other day about extdata that went unanswered into pieces in the hopes it will be more specific and clear. In general, I am trying to figure out the syntax of the map statement and what is allowed in that statement. So, by map statement, I mean for example perhaps the?dovecot-dict-expire.conf.ext file as shown in the doc. Is the syntax the same for the various types of files (quota vs expire)? Is there syntax to allow the specification of a different key? If so, where is this documented. I have an existing table I want to use, not the table shown in the doc. The reason I am asking is I have seen web pages that reference all sorts of statements within the map statement, and I have no idea where they are documented. Specifically, I see an example here (which is LDAP), look in section 3: http://dovecot.org/patches/1.2/ldap/HOWTO_dictldap+extdata.txt You will see lots of statements, not sure which ones can be used for MySQL (instead of LDAP). So, would like to find a list of ALL valid syntax within the map. From =?utf-8?B?0JrQvtGB0YLRi9GA0LXQsiDQkNC70LXQutGB0LDQvdC00YAg0JDQu9C10LrRgQ==?= Fri Sep 9 05:30:54 2011 From: =?utf-8?B?0JrQvtGB0YLRi9GA0LXQsiDQkNC70LXQutGB0LDQvdC00YAg0JDQu9C10LrRgQ==?= (=?utf-8?B?0JrQvtGB0YLRi9GA0LXQsiDQkNC70LXQutGB0LDQvdC00YAg0JDQu9C10LrRgQ==?=) Date: Fri, 9 Sep 2011 13:30:54 +1100 Subject: [Dovecot] debug user's message retrieval Message-ID: <213B51F00051AE48A9F0E112880177178F9F88@Delta.sc.local> Hi there! Is there any method to log user's activity with pop3 service? I'll try to explain situation: In maillog I saw that my dovecot lmtp saved four letters in user's mailbox. After a while I got a call from that user saying that he received nothing. Is there any method to log that that user RETR every single letter, maybe with full names of letter's id or something like that? From =?utf-8?B?0JrQvtGB0YLRi9GA0LXQsiDQkNC70LXQutGB0LDQvdC00YAg0JDQu9C10LrRgQ==?= Fri Sep 9 05:36:13 2011 From: =?utf-8?B?0JrQvtGB0YLRi9GA0LXQsiDQkNC70LXQutGB0LDQvdC00YAg0JDQu9C10LrRgQ==?= (=?utf-8?B?0JrQvtGB0YLRi9GA0LXQsiDQkNC70LXQutGB0LDQvdC00YAg0JDQu9C10LrRgQ==?=) Date: Fri, 9 Sep 2011 13:36:13 +1100 Subject: [Dovecot] debug user's message retrieval References: <213B51F00051AE48A9F0E112880177178F9F88@Delta.sc.local> Message-ID: <213B51F00051AE48A9F0E112880177178F9F89@Delta.sc.local> I forgot to mention that when I go to user's directory there's no letters at all. On Fri, 2011-09-09 at 13:30 +1100, ???????? ????????? ?????????? wrote: > Hi there! > > Is there any method to log user's activity with pop3 service? > > I'll try to explain situation: > > In maillog I saw that my dovecot lmtp saved four letters in user's > mailbox. > After a while I got a call from that user saying that he received > nothing. > > Is there any method to log that that user RETR every single letter, > maybe with full names of letter's id or something like that? > -- ? ?????????, ???????? ????????? ????????? ????????????? ??? "??????-?????" ???.: (423) 262-02-62 (???. 2037) ????: (423) 262-02-10 a.kostyrev at serverc.ru www.serverc.ru icq: 404-198-497 From bind at enas.net Fri Sep 9 09:29:35 2011 From: bind at enas.net (Urban Loesch) Date: Fri, 09 Sep 2011 08:29:35 +0200 Subject: [Dovecot] debug user's message retrieval In-Reply-To: <213B51F00051AE48A9F0E112880177178F9F89@Delta.sc.local> References: <213B51F00051AE48A9F0E112880177178F9F88@Delta.sc.local> <213B51F00051AE48A9F0E112880177178F9F89@Delta.sc.local> Message-ID: <4E69B24F.7070501@enas.net> Hi, perhaps the "mail_log" plugin can help you. .... # mail_log plugin provides more event logging for mail processes. plugin { # Events to log. Also available: flag_change append mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename # Group events within a transaction to one line. mail_log_group_events = no # Available fields: uid, box, msgid, from, subject, size, vsize, flags # size and vsize are available only for expunge and copy events. mail_log_fields = uid box msgid size from } ... Regards Urban ???????? ????????? ?????????? wrote: > I forgot to mention that when I go to user's directory there's no > letters at all. > > On Fri, 2011-09-09 at 13:30 +1100, ???????? ????????? ?????????? wrote: >> Hi there! >> >> Is there any method to log user's activity with pop3 service? >> >> I'll try to explain situation: >> >> In maillog I saw that my dovecot lmtp saved four letters in user's >> mailbox. >> After a while I got a call from that user saying that he received >> nothing. >> >> Is there any method to log that that user RETR every single letter, >> maybe with full names of letter's id or something like that? >> > From janfrode at tanso.net Fri Sep 9 09:54:00 2011 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Fri, 9 Sep 2011 08:54:00 +0200 Subject: [Dovecot] lmtp -- save failed to INBOX: BUG: Unknown internal error In-Reply-To: <1315487039.3876.35.camel@hurina> References: <20110908075620.GA27139@oc1046828364.ibm.com> <1315472006.3876.22.camel@hurina> <20110908102852.GA30317@oc1046828364.ibm.com> <4A95E89D-FE64-42AC-8A35-3EDBF0B97986@iki.fi> <20110908104419.GA31437@oc1046828364.ibm.com> <1315487039.3876.35.camel@hurina> Message-ID: <20110909065400.GA21187@oc1046828364.ibm.com> On Thu, Sep 08, 2011 at 04:03:58PM +0300, Timo Sirainen wrote: > > So the "No such object" isn't expected.. Maybe different LDAP servers > work in different ways?.. Yours appears to give out the difference > between "user doesn't exist" and "wrong password"? Does the attached > patch change these to "unknown user" messages? Yes it does. Before patch: Sep 9 08:46:43 popimap2 dovecot: auth: Error: ldap(user at example.co,192.168.11.16): ldap_bind() failed: No such object after patch: Sep 9 08:50:50 popimap2 dovecot: auth: ldap(user at example.co,192.168.42.15): unknown user -jf From listas.correo at yahoo.es Fri Sep 9 10:18:40 2011 From: listas.correo at yahoo.es (mailing lists) Date: Fri, 9 Sep 2011 08:18:40 +0100 (BST) Subject: [Dovecot] Shared Mailboxes with VirtualUsers and mail_location retrieved from ldap Message-ID: <1315552720.25012.YahooMailNeo@web29117.mail.ird.yahoo.com> On 09/08/2011 03:07 PM, Timo Sirainen wrote: > On Thu, 2011-09-08 at 12:14 +0100, mailing lists wrote: > >> yes, my virtual users have separate directories for home and mail. >> Their locations are stored in ldap attributes (with random generated >> paths), so a flat scheme like /var/maildr/%%u isn't valid. > > Sorry, you're out of luck with that kind of a setup. Only the %%h can > look up a home directory from LDAP. Maybe some day in future there will > be other variables that can be looked up. and how to I might configure dovecot to use the mail directory as a subdirectory of the home directory? this way all lookups for home (with %%h fetched from ldap) will return the correct locationand mail will be in (i.e.) ~/mailSubDir is this configuration possible? From janfrode at tanso.net Fri Sep 9 11:04:35 2011 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Fri, 9 Sep 2011 10:04:35 +0200 Subject: [Dovecot] Shared Mailboxes with VirtualUsers and mail_location retrieved from ldap In-Reply-To: <1315552720.25012.YahooMailNeo@web29117.mail.ird.yahoo.com> References: <1315552720.25012.YahooMailNeo@web29117.mail.ird.yahoo.com> Message-ID: <20110909080435.GA23158@oc1046828364.ibm.com> On Fri, Sep 09, 2011 at 08:18:40AM +0100, mailing lists wrote: > > and how to I might configure dovecot to use the mail directory as a subdirectory of the home directory? > > this way all lookups for home (with %%h fetched from ldap) will return the correct locationand mail will be in (i.e.) ~/mailSubDir > > is this configuration possible? In the main dovecot.conf: mail_location = maildir:~/mailSubDir In the ldap-config: user_attrs = homeFilter=home -jf From joseba.torre at ehu.es Fri Sep 9 11:37:37 2011 From: joseba.torre at ehu.es (Joseba Torre) Date: Fri, 9 Sep 2011 10:37:37 +0200 Subject: [Dovecot] debug user's message retrieval In-Reply-To: <213B51F00051AE48A9F0E112880177178F9F89@Delta.sc.local> References: <213B51F00051AE48A9F0E112880177178F9F88@Delta.sc.local> <213B51F00051AE48A9F0E112880177178F9F89@Delta.sc.local> Message-ID: <201109091037.37289.joseba.torre@ehu.es> On Viernes 09 Septiembre 2011 04:36:13 ???????? ????????? ?????????? escribi?: > I forgot to mention that when I go to user's directory there's no > letters at all. > > On Fri, 2011-09-09 at 13:30 +1100, ???????? ????????? ?????????? wrote: > > Hi there! > > > > Is there any method to log user's activity with pop3 service? > > > > I'll try to explain situation: > > > > In maillog I saw that my dovecot lmtp saved four letters in user's > > mailbox. > > After a while I got a call from that user saying that he received > > nothing. > > > > Is there any method to log that that user RETR every single letter, > > maybe with full names of letter's id or something like that? The default pop3 log is enough for me: Sep 9 05:46:37 server1 dovecot: POP3(user1): Disconnected: Logged out top=0/0, retr=1/41706, del=1/1, size=41685 This means that user1 received 1 message, deleted 1 message, and total downloaded size was 41685. Don't you have a similar line for your user? -- Joseba Torre. Vicegerencia de TICs, ?rea de Explotaci?n From Lutz.Pressler at SerNet.DE Fri Sep 9 13:01:49 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Fri, 9 Sep 2011 12:01:49 +0200 Subject: [Dovecot] 2.1: imapc LIST problem / usage question Message-ID: ----- Forwarded message from SerNet Support Lutz Pre?ler ----- From: SerNet Support Lutz Pre?ler Subject: 2.1: imapc LIST problem / usage question To: dovecot at dovecot.org Date: Fri, 9 Sep 2011 12:00:46 +0200 Organization: SerNet Service Network GmbH Hello, 2.1.alpha1 (latest Debian auto build on amd64) As a test, namespace for gmail integration set up by userdb with userdb_namespace=gmail userdb_namespace/gmail/list=yes userdb_namespace/gmail/subscriptions=no userdb_namespace/gmail/separator=. userdb_namespace/gmail/prefix=INBOX.gmail. userdb_namespace/gmail/location=imapc: userdb_imapc_host=imap.gmail.com userdb_imapc_user=ixxxxx at gmail.com userdb_imapc_password=xxxxx userdb_imapc_ssl=imaps userdb_imapc_ssl_ca_dir=/etc/ssl/certs userdb_imapc_port=993 (but having the namespace set up in config file makes no difference). This works in principle. I can e.g. 0 select "INBOX.gmail.[Gmail].Alle Nachrichten" * FLAGS (\Answered \Flagged \Deleted \Seen \Draft) * OK [PERMANENTFLAGS (\Answered \Flagged \Deleted \Seen \Draft \*)] Flags permitted. * 31 EXISTS * 0 RECENT * OK [UNSEEN 1] First unseen. * OK [UIDVALIDITY 1] UIDs valid * OK [UIDNEXT 19689] Predicted next UID * OK [NOMODSEQ] No permanent modsequences 0 OK [READ-WRITE] Select completed. and even use the gmail mailboxes within dovecot-virtual files! But: LIST seems broken: 0 list "" "*" * LIST (\HasChildren) "." "INBOX" * LIST (\HasNoChildren) "." "INBOX.privat" * LIST (\HasChildren) "." "INBOX.test" * LIST (\HasNoChildren) "." "INBOX.test.test2" * LIST (\HasNoChildren) "." "INBOX.Trash" * LIST (\HasNoChildren) "." "INBOX.in2009" [...] * LIST (\Noselect \HasChildren) "." "INBOX.gmail" * LIST (\HasNoChildren) "." "Arbeit" * LIST (\HasNoChildren) "." "Belege" * LIST (\HasNoChildren) "." "Privat" * LIST (\HasNoChildren) "." "Reisen" * LIST (\Noselect \HasNoChildren) "." "[Gmail]" * LIST (\HasNoChildren) "." "[Gmail]/Alle Nachrichten" * LIST (\HasNoChildren) "." "[Gmail]/Entw&-APw-rfe" * LIST (\HasNoChildren) "." "[Gmail]/Gesendet" * LIST (\HasNoChildren) "." "[Gmail]/Markiert" * LIST (\HasNoChildren) "." "[Gmail]/Papierkorb" * LIST (\HasNoChildren) "." "[Gmail]/Spam" * LIST (\HasNoChildren) "." "[Gmail]/Wichtig" * LIST (\HasChildren) "." "INBOX.virtual" * LIST (\HasNoChildren) "." "INBOX.virtual.week" * LIST (\HasNoChildren) "." "INBOX.virtual.sent" * LIST (\HasNoChildren) "." "INBOX.virtual.allin" 0 OK List completed. For the Gmail mailboxe the INBOX.gmail prefix is missing and / is used as separator. Second question: Is there a way to include multiple imapc instances/ namespaces with e.g. different destinations servers? I don't see how because imapc_* parameters seem to be global (now), but it would be a very useful feature. Greetings, Lutz From tss at iki.fi Fri Sep 9 13:16:52 2011 From: tss at iki.fi (Timo Sirainen) Date: Fri, 09 Sep 2011 13:16:52 +0300 Subject: [Dovecot] 2.1: imapc LIST problem / usage question In-Reply-To: References: Message-ID: <1315563414.3876.50.camel@hurina> On Fri, 2011-09-09 at 12:01 +0200, Lutz Pre?ler wrote: > As a test, namespace for gmail integration set up by userdb > with > userdb_namespace=gmail userdb_namespace/gmail/list=yes userdb_namespace/gmail/subscriptions=no userdb_namespace/gmail/separator=. userdb_namespace/gmail/prefix=INBOX.gmail. userdb_namespace/gmail/location=imapc: userdb_imapc_host=imap.gmail.com userdb_imapc_user=ixxxxx at gmail.com userdb_imapc_password=xxxxx userdb_imapc_ssl=imaps userdb_imapc_ssl_ca_dir=/etc/ssl/certs userdb_imapc_port=993 > > For the Gmail mailboxe the INBOX.gmail prefix is missing and / is used > as separator. Fixed in hg. > Second question: Is there a way to include multiple imapc instances/ > namespaces with e.g. different destinations servers? I don't see how > because imapc_* parameters seem to be global (now), but it would be a very > useful feature. I don't really understand. You're already returning per-user imapc namespace from userdb. What's missing? From Lutz.Pressler at SerNet.DE Fri Sep 9 13:21:28 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Fri, 9 Sep 2011 12:21:28 +0200 Subject: [Dovecot] 2.1: imapc LIST problem / usage question In-Reply-To: <1315563414.3876.50.camel@hurina> References: <1315563414.3876.50.camel@hurina> Message-ID: On Fr, 09 Sep 2011, Timo Sirainen wrote: > On Fri, 2011-09-09 at 12:01 +0200, Lutz Pre?ler wrote: [...] > > For the Gmail mailboxe the INBOX.gmail prefix is missing and / is used > > as separator. > > Fixed in hg. Thanks. > > > Second question: Is there a way to include multiple imapc instances/ > > namespaces with e.g. different destinations servers? I don't see how > > because imapc_* parameters seem to be global (now), but it would be a very > > useful feature. > > I don't really understand. You're already returning per-user imapc > namespace from userdb. What's missing? One local dovecot user, multiple remote IMAP servers included in different namespaces. Lutz From listas.correo at yahoo.es Fri Sep 9 13:49:18 2011 From: listas.correo at yahoo.es (mailing lists) Date: Fri, 9 Sep 2011 11:49:18 +0100 (BST) Subject: [Dovecot] Shared Mailboxes with VirtualUsers and mail_location retrieved from ldap Message-ID: <1315565358.33243.YahooMailNeo@web29115.mail.ird.yahoo.com> (I'm sorry for breaking the thread with each mail) On 09/09/2011 10:04 AM, Jan-Frode Myklebust wrote: > On Fri, Sep 09, 2011 at 08:18:40AM +0100, mailing lists wrote: >> >> and how to I might configure dovecot to use the mail directory as a subdirectory of the home directory? >> >> this way all lookups for home (with %%h fetched from ldap) will return the correct locationand mail will be in (i.e.) ~/mailSubDir >> >> is this configuration possible? > > In the main dovecot.conf: > > ??? mail_location = maildir:~/mailSubDir > > In the ldap-config: > > ??? user_attrs = homeFilter=home and which is the value for the location directive in namespace declaration ?? namespace { ? list = children ? location = maildir:%%h/mailSubDir:INDEX=~/mailSubDIr/shared/%%u ? prefix = shared.%%u. ? separator = . ? subscriptions = no ? type = shared } with the above conf. no shared folders are seen by tests users and afaik %%h is retrieved from ldap. this is that I had done until now: # telnet localhost 143 Trying ::1... Connected to localhost. Escape character is '^]'. * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN] Dovecot ready. . login user001 secret . OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT CHILDREN NAME . create INBOX.docs-user001 . OK Create completed. . setacl INBOX.docs-user001 user002 lr . OK Setacl complete. . logout * BYE Logging out . OK Logout completed. Connection closed by foreign host. # telnet localhost 143 Trying ::1... Connected to localhost. Escape character is '^]'. * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN] Dovecot ready. . login user002 secret . OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT CHILDREN NAME . create INBOX.docs-user002 . OK Create completed. . setacl INBOX.docs-user002 user001 lr . OK Setacl complete. . logout * BYE Logging out . OK Logout completed. Connection closed by foreign host. ?# cat /var/maildir/shared-mailboxes shared/shared-boxes/user/user002/user001 1 shared/shared-boxes/user/user002/user002 1 shared/shared-boxes/user/user001/user001 1 shared/shared-boxes/user/user001/user002 1 # cat /var/maildir/vol04/4/46/user001/.docs-user001/dovecot-acl user=user002 lr # cat /var/maildir/vol05/4/40/user002/.docs-user002/dovecot-acl user=user001 lr # telnet localhost 143 Trying ::1... Connected to localhost. Escape character is '^]'. * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN] Dovecot ready. . login user001 secret . OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS ACL RIGHTS=texk] Logged in . namespace * NAMESPACE (("INBOX." ".")) (("shared." ".")) NIL . OK Namespace completed. . list "shared." "*" . OK List completed. ? /--------------/ # grep? ^[^#] /etc/dovecot/dovecot-ldap.conf.ext uris = ldap://ldap.example.com dn = cn=testuser,dc=example,dc=com dnpass = secret sasl_bind = no tls = no auth_bind = yes ldap_version = 3 base = dc=example,dc=com deref = never scope = subtree user_attrs = mailbox=mail=maildir:/var/maildir/%$,homeFilter=home user_filter = (&(objectClass=CourierMailAccount)(uid=%u)) pass_filter = (&(objectClass=CourierMailAccount)(uid=%u)) # dovecot -n # 2.0.14: /etc/dovecot/dovecot.conf # OS: Linux 2.6.34.7-0.7-xen x86_64 openSUSE 11.3 (x86_64) auth_debug = yes auth_debug_passwords = yes auth_verbose = yes auth_verbose_passwords = plain base_dir = /var/run/dovecot/ disable_plaintext_auth = no mail_debug = yes mail_fsync = always mail_gid = 5000 mail_location = maildir:~/mailSubDir mail_nfs_index = yes mail_nfs_storage = yes mail_plugins = acl mail_uid = 5000 managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date mmap_disable = yes namespace { ? inbox = yes ? location = ? prefix = INBOX. ? separator = . } namespace { ? list = children ? location = maildir:%%h/mailSubDir:INDEX=~/mailSubDir/shared/%%u ? prefix = shared.%%u. ? separator = . ? subscriptions = no ? type = shared } passdb { ? args = /etc/dovecot/dovecot-ldap.conf.ext ? driver = ldap } plugin { ? acl = vfile ? acl_shared_dict = file:/var/maildir/shared-mailboxes ? sieve = ~/.dovecot.sieve ? sieve_dir = ~/sieve } protocols = imap lmtp service lmtp { ? inet_listener lmtp { ??? port = 24 ? } ? unix_listener lmtp { ??? user = vmail ? } } ssl = no userdb { ? args = /etc/dovecot/dovecot-ldap.conf.ext ? driver = ldap } verbose_proctitle = yes protocol lmtp { ? mail_plugins = acl } protocol lda { ? mail_plugins = acl } protocol imap { ? mail_max_userip_connections = 100 ? mail_plugins = acl imap_acl autocreate } From marcin at mejor.pl Fri Sep 9 14:24:08 2011 From: marcin at mejor.pl (=?UTF-8?B?TWFyY2luIE1pcm9zxYJhdw==?=) Date: Fri, 09 Sep 2011 13:24:08 +0200 Subject: [Dovecot] Problem with configuring dovecot to take namespaces from database In-Reply-To: <1315487921.3876.40.camel@hurina> References: <4E6782CB.1060803@mejor.pl> <04EE142A-25EF-4018-A8AB-C3A35CDF7B4E@iki.fi> <4E6786CF.2020102@mejor.pl> <4E678B66.60602@mejor.pl> <8F07F485-4BC4-40E5-A520-7F59C87A7863@iki.fi> <4E688A28.1090800@mejor.pl> <1315474812.3876.23.camel@hurina> <4E68A060.8090306@mejor.pl> <1315487921.3876.40.camel@hurina> Message-ID: <4E69F758.8050008@mejor.pl> W dniu 08.09.2011 15:18, Timo Sirainen pisze: > Forget all of that. I just tried a few ways and looks like you can add > more namespaces by returning e.g. these fields (from SQL): > > namespace=nsname > namespace/nsname/prefix=prefix/ > namespace/nsname/location=maildir:/elsewhere > namespace/nsname/separator=/ > > Where nsname is some unique name for the namespace. If you want more > than one namespace, I think you can do it by adding another name to > "namespace" field, e.g.: > > namespace=nsname nsname2 nsname3 select .... "test1 test2" AS namespace works, it gives me two namespaces. It's nice. Now i've another problem, how to configure them usinq sql. I can't do "recursive sql query" , sql can't create variable number of output columns depended on values in table. E.g: I imagine such table: -------------------------------------------------------------- |user_id | namespace | prefix | location | -------------------------------------------------------------- | 648 | test1 | test1. | mdbox:~/test1/.mdbox | -------------------------------------------------------------- | 648 | test2 | test2. | maildir:~/test2/.maildir | -------------------------------------------------------------- etc... In query i have to know all namespaces names to mention them in query: select ... as "namespace/test1/prefix" but i don't know if there is "test1" namespace untill i fetch record from table. Ok, maybe could it be possible to do it in other way: -------------------------------------------------------------------- |user_id | namespace_full_definition | -------------------------------------------------------------------- | 7684 | /name=test1/prefix=test1./location=mdbox:~/test1/.mdbox/ name=test2/prefix=test2/location=... | -------------------------------------------------------------------- but this isn't supported by dovecot as i know. Maybe something like "user_namespace" query could be usefull? Query could be very easy: select ... namespace_name, namespace_prefix, namespace_location where user='somuser' (and table schema like in first example). Maybe there i other, way to do it by i can't see it now. Btw, i can see dovecot 2.1 can proxy imap connections. It's a great idea! Thanks. From zaharovr at inbox.ru Fri Sep 9 14:24:32 2011 From: zaharovr at inbox.ru (=?UTF-8?B?0KDQvtC80LDQvSDQl9Cw0YXRgNC+0LI=?=) Date: Fri, 09 Sep 2011 15:24:32 +0400 Subject: [Dovecot] =?utf-8?q?dovecot_2=2E0=2E12=3A_mdbox_=26__quota=3Ddirs?= =?utf-8?q?ize?= Message-ID: #doveconf -v ...................... ? quota = dirsize:User quota ? quota_debug = yes ? quota_exceeded_message = message ? quota_warning = storage=95%% quota-warning 95 %u ? quota_warning2 = storage=80%% quota-warning 80 %u ............................? # du --max-depth=1 -h 311M??? ./storage 20K???? ./sieve 7,8M??? ./mailboxes 319M??? . # doveadm quota get -u myuser Quota name????????????????????????????????????????????????????????????? Type???? Value? Limit? % User quota????????????????????????????????????????????????????????????? STORAGE 7948 399360 2 #? then i change ./dovecot-2.0.12/src/plugins/quota?/quota-dirsize.c 165--?????????????????????????????? path = mailbox_list_get_path(namespaces[i]->list, NULL,? 166-- ??????????????????????????????????????????????????????????????? MAILBOX_LIST_PATH_TYPE_MAILBOX?); 165++???????????????????????????? path = mailbox_list_get_path(namespaces[i]->list, NULL, 166++????????????????????????????????????????????????????????????????????? MAILBOX_LIST_PATH_TYPE_DIR);?? # doveadm quota get -u myuser? Quota name????????????????????????????????????????????????????????????? Type???? Value? Limit? % User quota????????????????????????????????????????????????????????????? STORAGE 325885 399360 81 #? From listas.correo at yahoo.es Fri Sep 9 14:25:58 2011 From: listas.correo at yahoo.es (mailing lists) Date: Fri, 9 Sep 2011 12:25:58 +0100 (BST) Subject: [Dovecot] Shared Mailboxes with VirtualUsers and mail_location retrieved from ldap Message-ID: <1315567558.65773.YahooMailNeo@web29119.mail.ird.yahoo.com> and for the time that user001 execute the imap 'list' command, this is the log trace in dovecot: Sep? 9 13:09:12 imap1 dovecot: imap(user001): Debug: Namespace : type=shared, prefix=shared.%u., sep=., inbox=no, hidden=no, list=children, subscriptions=no location=maildir:%h/mailSubDir:INDEX=~/mailSubDir/shared/%u Sep? 9 13:09:12 imap1 dovecot: imap(user001): Debug: shared: root=/var/run/dovecot/, index=, control=, inbox=, alt= [...] Sep? 9 13:10:44 imap1 dovecot: auth: Debug: master in: USER?? 1?????? user002 service=lib-storage Sep? 9 13:10:44 imap1 dovecot: auth: Debug: ldap(user002): user search: base=dc=example,dc=com scope=subtree filter=(&(objectClass=CourierMailAccount)(uid=user002)) fields=mailbox,homeFilter Sep? 9 13:10:44 imap1 dovecot: auth: Debug: ldap(user002): result: mailbox(mail=maildir:/var/maildir/%$)=vol05/4/40/user002 homeFilter(home)=/var/mailfilter/vol05/4/40/user002 Sep? 9 13:10:44 imap1 dovecot: auth: Debug: master out: USER? 1?????? user002 mail=maildir:/var/maildir/vol05/4/40/user002??? home=/var/mailfilter/vol05/4/40/user002 Sep? 9 13:10:44 imap1 dovecot: imap(user001): Debug: auth input: user002 mail=maildir:/var/maildir/vol05/4/40/user002 home=/var/mailfilter/vol05/4/40/user002 Sep? 9 13:10:44 imap1 dovecot: imap(user001): Debug: maildir++: root=/var/mailfilter/vol05/4/40/user002/mailSubDir, index=/var/mailfilter/vol04/4/46/user001/mailSubDir/shared/user002, control=, inbox=/var/mailfilter/vol05/4/40/user002/mailSubDir, alt= Sep? 9 13:10:44 imap1 dovecot: imap(user001): Debug: acl: initializing backend with data: vfile Sep? 9 13:10:44 imap1 dovecot: imap(user001): Debug: acl: acl username = user001 Sep? 9 13:10:44 imap1 dovecot: imap(user001): Debug: acl: owner = 0 Sep? 9 13:10:44 imap1 dovecot: imap(user001): Debug: acl vfile: Global ACL directory: (none) Sep? 9 13:10:44 imap1 dovecot: imap(user001): Debug: acl: Mailbox not in dovecot-acl-list: shared.user002.INBOX From ramon.frontera at uib.es Fri Sep 9 15:19:38 2011 From: ramon.frontera at uib.es (=?iso-8859-1?Q?Ram=F3n_Frontera?=) Date: Fri, 9 Sep 2011 14:19:38 +0200 Subject: [Dovecot] problem migrating from maildir to dbox Message-ID: <95E776CC-912A-4BD4-A99E-AA930E5CCBFB@uib.es> Hello, we want to migrate Mail folders from Maildir to dbox without downtime. We change the mail_location to dbox in 10-mail.conf and restart dovecot. After that we use dsync -u user mirror maildir:~/Maildir. The problem is that if INBOX exists the dsync create a new folder with name like b5893c0a93ff694e551200002dfa3112 Can I migrate to the existing INBOX? or How can I merge the 2 INBOX folders? Thanks for your help! Regards, -- Ramon From tobias at hachmer.de Fri Sep 9 16:14:26 2011 From: tobias at hachmer.de (Tobias Hachmer) Date: Fri, 09 Sep 2011 15:14:26 +0200 Subject: [Dovecot] BestPractice to migrate imap mailbox from one machine to another Message-ID: <8c63a852f1cdf3633ecfe820a17bd158@hachmer.de> Hi list, currently I use dovecot v1.2.15 with maildir++ mailboxes. (Debian Squeeze) I want to set up a different server with dovecot v2, also maildir++ mailboxes. (also Debian Squeeze) What is the best way to copy the existing mailboxes from the older machine running dovecot v1.2.15 to the new naked machine? Greetz, Tobias From robert at schetterer.org Fri Sep 9 16:22:54 2011 From: robert at schetterer.org (Robert Schetterer) Date: Fri, 09 Sep 2011 15:22:54 +0200 Subject: [Dovecot] BestPractice to migrate imap mailbox from one machine to another In-Reply-To: <8c63a852f1cdf3633ecfe820a17bd158@hachmer.de> References: <8c63a852f1cdf3633ecfe820a17bd158@hachmer.de> Message-ID: <4E6A132E.9080206@schetterer.org> Am 09.09.2011 15:14, schrieb Tobias Hachmer: > Hi list, > > currently I use dovecot v1.2.15 with maildir++ mailboxes. (Debian Squeeze) > I want to set up a different server with dovecot v2, also maildir++ > mailboxes. (also Debian Squeeze) > > What is the best way to copy the existing mailboxes from the older > machine running dovecot v1.2.15 to the new naked machine? > > Greetz, Tobias i used imapsync in a bash script http://ks.lamiral.info/imapsync/ at a massive migration -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria From zaharovr at inbox.ru Fri Sep 9 16:26:59 2011 From: zaharovr at inbox.ru (=?UTF-8?B?0JfQsNGF0LDRgNC+0LIg0KDQvtC80LDQvQ==?=) Date: Fri, 09 Sep 2011 17:26:59 +0400 Subject: [Dovecot] problem migrating from maildir to dbox In-Reply-To: <95E776CC-912A-4BD4-A99E-AA930E5CCBFB@uib.es> References: <95E776CC-912A-4BD4-A99E-AA930E5CCBFB@uib.es> Message-ID: <4E6A1423.9010406@inbox.ru> 09.09.2011 16:19, Ram?n Frontera ?????: > Hello, > we want to migrate Mail folders from Maildir to dbox without downtime. > We change the mail_location to dbox in 10-mail.conf and restart dovecot. > After that we use dsync -u user mirror maildir:~/Maildir. > The problem is that if INBOX exists the dsync create a new folder with name like b5893c0a93ff694e551200002dfa3112 > Can I migrate to the existing INBOX? or How can I merge the 2 INBOX folders? > Thanks for your help! > Regards, > > -- > Ramon > > > My transition from maildir to mdbox occurred so: /Maildir - an old place of mail /Mailbox - new mail_location=%h # set home for all users maildir:/Maildir/user_name script: for i in `echo "select name from user|$sql` do res=$(dsync -u $i backup mdbox:/Mailbox/$i) if [ $res -eq 0 ];then echo "update user set home=\"mdbox:/Mailbox/$i\" where name=$i"|$sql echo "$i migrated" >> $log fi done From zaharovr at inbox.ru Fri Sep 9 16:30:27 2011 From: zaharovr at inbox.ru (=?UTF-8?B?0JfQsNGF0LDRgNC+0LIg0KDQvtC80LDQvQ==?=) Date: Fri, 09 Sep 2011 17:30:27 +0400 Subject: [Dovecot] problem migrating from maildir to dbox In-Reply-To: <95E776CC-912A-4BD4-A99E-AA930E5CCBFB@uib.es> References: <95E776CC-912A-4BD4-A99E-AA930E5CCBFB@uib.es> Message-ID: <4E6A14F3.4080803@inbox.ru> 09.09.2011 16:19, Ram?n Frontera ?????: > Hello, > we want to migrate Mail folders from Maildir to dbox without downtime. > We change the mail_location to dbox in 10-mail.conf and restart dovecot. > After that we use dsync -u user mirror maildir:~/Maildir. > The problem is that if INBOX exists the dsync create a new folder with name like b5893c0a93ff694e551200002dfa3112 > Can I migrate to the existing INBOX? or How can I merge the 2 INBOX folders? > Thanks for your help! > Regards, > > -- > Ramon > > > My transition from maildir to mdbox occurred so: /Maildir - an old place of mail /Mailbox - new mail_location=%h # set home for all users maildir:/Maildir/user_name script: for i in `echo "select name from user|$sql` do res=$(dsync -u $i backup mdbox:/Mailbox/$i) if [ $res -eq 0 ];then echo "update user set home=\"mdbox:/Mailbox/$i\" where name=$i"|$sql echo "$i migrated" >> $log fi done From tobias at hachmer.de Fri Sep 9 16:34:25 2011 From: tobias at hachmer.de (Tobias Hachmer) Date: Fri, 09 Sep 2011 15:34:25 +0200 Subject: [Dovecot] BestPractice to migrate imap mailbox from one machine to another In-Reply-To: <4E6A132E.9080206@schetterer.org> References: <8c63a852f1cdf3633ecfe820a17bd158@hachmer.de> <4E6A132E.9080206@schetterer.org> Message-ID: On Fri, 09 Sep 2011 15:22:54 +0200, Robert Schetterer wrote: > Am 09.09.2011 15:14, schrieb Tobias Hachmer: >> What is the best way to copy the existing mailboxes from the older >> machine running dovecot v1.2.15 to the new naked machine? > > i used imapsync in a bash script > http://ks.lamiral.info/imapsync/ > at a massive migration ok, but this tool is not free of charge. Are there any known problems just copying the mailboxes with scp or rsync? Tobias From pit11 at ukr.net Fri Sep 9 16:35:24 2011 From: pit11 at ukr.net (Peter Ignatov) Date: Fri, 9 Sep 2011 16:35:24 +0300 Subject: [Dovecot] Quota fs (ignore mount) Message-ID: <41158249D4DC4A7FA9ACFDFAB6C709E5@port.odessa.ua> > I set "quota: fs:INBOX:noenforcing:mount=/var/spool/mail", but receive: "fs quota add storage dir = /home/pit/mail"... > Why ? Well .. I'm not entirely sure if the current behavior is good or not, but what you need to do to get it working is to add two quota roots. One for /home/pit/mail (i.e. without specifying mount=) and another for the INBOX's /var/spool/mail. Don't work... :-( # dovecot -n # 1.2.17: /etc/dovecot.conf # OS: Linux 2.6.18-274.el5.asp121 x86_64 Red Hat Enterprise Linux Server release 5.6 (Tikanga) log_path: /var/log/dovecot.log protocols: pop3 pop3s listen: * login_dir: /var/run/dovecot/login login_executable: /usr/libexec/dovecot/pop3-login verbose_proctitle: yes mail_location: mbox:~/mail:INBOX=/var/spool/mail/%u mail_debug: yes mail_executable: /usr/libexec/dovecot/pop3 mail_plugins: quota mail_plugin_dir: /usr/lib64/dovecot/pop3 auth default: passdb: driver: pam userdb: driver: passwd plugin: quota: fs:INBOX:noenforcing quota2: fs:boxes:noenforcing:mount=/var/spool/mail quota_rule: *:storage=10240 quota_rule2: *:storage=15000 dovecot.log: ------------ Sep 09 16:13:46 pop3-login: Info: Login: user=, method=PLAIN, rip=192.168.3.10, lip=192.168.6.3, TLS Sep 09 16:13:46 POP3(pit): Info: Loading modules from directory: /usr/lib64/dovecot/pop3 Sep 09 16:13:46 POP3(pit): Info: Module loaded: /usr/lib64/dovecot/pop3/lib10_quota_plugin.so Sep 09 16:13:46 POP3(pit): Info: Effective uid=500, gid=500, home=/home/pit Sep 09 16:13:46 POP3(pit): Info: Quota root: name=INBOX backend=fs args=noenforcing Sep 09 16:13:46 POP3(pit): Info: Quota rule: root=INBOX mailbox=* bytes=10485760 messages=0 Sep 09 16:13:46 POP3(pit): Info: Quota rule: root=INBOX mailbox=* bytes=15360000 messages=0 Sep 09 16:13:46 POP3(pit): Info: Quota root: name=boxes backend=fs args=noenforcing:mount=/var/spool/mail Sep 09 16:13:46 POP3(pit): Info: mbox: data=~/mail:INBOX=/var/spool/mail/pit Sep 09 16:13:46 POP3(pit): Info: fs: root=/home/pit/mail, index=, control=, inbox=/var/spool/mail/pit Sep 09 16:13:46 POP3(pit): Info: fs quota add storage dir = /home/pit/mail Sep 09 16:13:46 POP3(pit): Info: fs quota block device = /dev/cciss/c0d0p3 Sep 09 16:13:46 POP3(pit): Info: fs quota mount point = / Sep 09 16:13:46 POP3(pit): Info: fs quota mount type = ext3 Sep 09 16:13:46 POP3(pit): Info: Disconnected: Logged out top=0/0, retr=0/0, del=0/2, size=1249 From giulio at dsi.unimi.it Fri Sep 9 16:42:57 2011 From: giulio at dsi.unimi.it (Giulio Casella) Date: Fri, 09 Sep 2011 15:42:57 +0200 Subject: [Dovecot] BestPractice to migrate imap mailbox from one machine to another In-Reply-To: References: <8c63a852f1cdf3633ecfe820a17bd158@hachmer.de> <4E6A132E.9080206@schetterer.org> Message-ID: <4E6A17E1.4000004@dsi.unimi.it> Have you tried dsync (part of dovecot)? I don't know if it works for migration to a different (major) version of dovecot, but it's a nice tool. And it works also over ssh. Giulio Hope this helps. Il 09/09/2011 15.34, Tobias Hachmer ha scritto: > On Fri, 09 Sep 2011 15:22:54 +0200, Robert Schetterer wrote: >> Am 09.09.2011 15:14, schrieb Tobias Hachmer: >>> What is the best way to copy the existing mailboxes from the older >>> machine running dovecot v1.2.15 to the new naked machine? >> >> i used imapsync in a bash script >> http://ks.lamiral.info/imapsync/ >> at a massive migration > > ok, but this tool is not free of charge. > Are there any known problems just copying the mailboxes with scp or rsync? > > Tobias > > -- Giulio Casella giulio at dsi.unimi.it System and network manager Computer Science Dept. - University of Milano From tobias at hachmer.de Fri Sep 9 16:50:49 2011 From: tobias at hachmer.de (Tobias Hachmer) Date: Fri, 09 Sep 2011 15:50:49 +0200 Subject: [Dovecot] BestPractice to migrate imap mailbox from one machine to another In-Reply-To: <4E6A17E1.4000004@dsi.unimi.it> References: <8c63a852f1cdf3633ecfe820a17bd158@hachmer.de> <4E6A132E.9080206@schetterer.org> <4E6A17E1.4000004@dsi.unimi.it> Message-ID: On Fri, 09 Sep 2011 15:42:57 +0200, Giulio Casella wrote: > Have you tried dsync (part of dovecot)? I don't know if it works for > migration to a different (major) version of dovecot, but it's a nice > tool. And it works also over ssh. Yeah, I read the sections in the dovecot v2 wiki, but I don't get how to use for migration. As far as I understood it's to keep several dovecot server at a unique data bank. An well, can I use it between dovecot v1.2 and v2? Tobias From joh.hendriks at gmail.com Fri Sep 9 17:26:37 2011 From: joh.hendriks at gmail.com (Johan Hendriks) Date: Fri, 09 Sep 2011 16:26:37 +0200 Subject: [Dovecot] BestPractice to migrate imap mailbox from one machine to another In-Reply-To: <8c63a852f1cdf3633ecfe820a17bd158@hachmer.de> References: <8c63a852f1cdf3633ecfe820a17bd158@hachmer.de> Message-ID: <4E6A221D.7060805@gmail.com> Tobias Hachmer schreef: > Hi list, > > currently I use dovecot v1.2.15 with maildir++ mailboxes. (Debian > Squeeze) > I want to set up a different server with dovecot v2, also maildir++ > mailboxes. (also Debian Squeeze) > > What is the best way to copy the existing mailboxes from the older > machine running dovecot v1.2.15 to the new naked machine? > > Greetz, Tobias I did the same thing, with no know issues so far. My old server was running dovecot 1.2.x and i coppied the whole maildir structure to the other machine. Then started Dovecot 2.x and all was fine. Should be the same as instlling 2.0 over the old 1.2.x version, then it uses the old maildir also. Well test it i would say. Just do the copy, and try if everything works. then do it for a final migration. Gr Johan Hendriks From Lutz.Pressler at SerNet.DE Fri Sep 9 17:43:49 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Fri, 9 Sep 2011 16:43:49 +0200 Subject: [Dovecot] 2.1: imapc LIST problem / usage question In-Reply-To: <20110909102128.GA762256@gabi.sernet.de> References: <1315563414.3876.50.camel@hurina> <20110909102128.GA762256@gabi.sernet.de> Message-ID: On Fr, 09 Sep 2011, Lutz Pre?ler wrote: > On Fr, 09 Sep 2011, Timo Sirainen wrote: > > > On Fri, 2011-09-09 at 12:01 +0200, Lutz Pre?ler wrote: > [...] > > > For the Gmail mailboxe the INBOX.gmail prefix is missing and / is used > > > as separator. > > > > Fixed in hg. > Thanks. LIST is now working correctly in my setup, but SUBSCRIBE ist not. With subscriptions=no, as written (but same behaviour with subscriptions=yes), SUBSCRIBE INBOX.gmail.INBOX (or others) yields 0 NO [SERVERBUG] Internal error occurred. Refer to server log for more information. [2011-09-09 16:39:40] logging (with mail_debug=yes) only Sep 9 16:39:40 host dovecot: imap(1143, user): Error: stat((null)) failed: Bad address Lutz From giulio at dsi.unimi.it Fri Sep 9 18:16:57 2011 From: giulio at dsi.unimi.it (Giulio Casella) Date: Fri, 09 Sep 2011 17:16:57 +0200 Subject: [Dovecot] BestPractice to migrate imap mailbox from one machine to another In-Reply-To: References: Message-ID: <4E6A2DE9.1060806@dsi.unimi.it> This is working for me: root at oldserver # dsync -v -D -u $user backup ssh newserver dsync -u $user where $user is a username. oldserver and newserver can also have different mailbox format (in my case was mbox -> maildir) Regards, gc -------- Messaggio originale -------- Oggetto: Re: [Dovecot] BestPractice to migrate imap mailbox from one machine to another Data: Fri, 09 Sep 2011 15:50:49 +0200 Mittente: Tobias Hachmer A: On Fri, 09 Sep 2011 15:42:57 +0200, Giulio Casella wrote: > Have you tried dsync (part of dovecot)? I don't know if it works for > migration to a different (major) version of dovecot, but it's a nice > tool. And it works also over ssh. Yeah, I read the sections in the dovecot v2 wiki, but I don't get how to use for migration. As far as I understood it's to keep several dovecot server at a unique data bank. An well, can I use it between dovecot v1.2 and v2? Tobias -- Giulio Casella giulio at dsi.unimi.it System and network manager Computer Science Dept. - University of Milano From stsiol at yahoo.co.uk Fri Sep 9 18:22:04 2011 From: stsiol at yahoo.co.uk (Spyros Tsiolis) Date: Fri, 9 Sep 2011 16:22:04 +0100 (BST) Subject: [Dovecot] How to get rid of sub-folders ? Message-ID: <1315581724.65256.YahooMailNeo@web27201.mail.ukl.yahoo.com> Hello, OK, no answers on my previous e-mail. I'll rephrase it. How can I get rid of subfolders on a users' tree-like structure on dovecot ? Which file must I "touch" ? TIA, s. ? ---- "I merely function as a channel that filters music through the chaos of noise" - Vangelis From tobias at hachmer.de Fri Sep 9 20:05:08 2011 From: tobias at hachmer.de (Tobias Hachmer) Date: Fri, 09 Sep 2011 19:05:08 +0200 Subject: [Dovecot] BestPractice to migrate imap mailbox from one machine to another In-Reply-To: <4E6A2DE9.1060806@dsi.unimi.it> References: <4E6A2DE9.1060806@dsi.unimi.it> Message-ID: On Fri, 09 Sep 2011 17:16:57 +0200, Giulio Casella wrote: > This is working for me: > > root at oldserver # dsync -v -D -u $user backup ssh newserver dsync -u > $user > > where $user is a username. oldserver and newserver can also have > different mailbox format (in my case was mbox -> maildir) Thanks for your replies, I will test first the simple copy of the maildirs when the new server is set up. So thanks a lot. Greetz, Tobias From simon.brereton at buongiorno.com Fri Sep 9 20:07:54 2011 From: simon.brereton at buongiorno.com (Simon Brereton) Date: Fri, 9 Sep 2011 13:07:54 -0400 Subject: [Dovecot] Mails repopping Message-ID: <004b01cc6f13$04a166d0$0de43470$@brereton@buongiorno.com> HI I don't know if this is a dovecot issue or a client one. But as Dovecot is the most recent change, I'll start here. I have a server that's been running Courier for about 6 years and in all that time I think I've only ever had 1 issues where an entire mail box was repopped by a webmail client. However, since moving to a new server and dovecot 4 weeks ago, I've now had the webmail client repop this account 4 times (there are about 230 mails in the account). Is there a setting I need to tighten to prevent/remedy this? I have no idea if it's happening on other accounts, but this is one that I see. The format is maildir. There has been no changes to the webmail client. Thanks. Simon From robert at schetterer.org Fri Sep 9 21:26:59 2011 From: robert at schetterer.org (Robert Schetterer) Date: Fri, 09 Sep 2011 20:26:59 +0200 Subject: [Dovecot] BestPractice to migrate imap mailbox from one machine to another In-Reply-To: References: <8c63a852f1cdf3633ecfe820a17bd158@hachmer.de> <4E6A132E.9080206@schetterer.org> Message-ID: <4E6A5A73.4050403@schetterer.org> Am 09.09.2011 15:34, schrieb Tobias Hachmer: > On Fri, 09 Sep 2011 15:22:54 +0200, Robert Schetterer wrote: >> Am 09.09.2011 15:14, schrieb Tobias Hachmer: >>> What is the best way to copy the existing mailboxes from the older >>> machine running dovecot v1.2.15 to the new naked machine? >> >> i used imapsync in a bash script >> http://ks.lamiral.info/imapsync/ >> at a massive migration > > ok, but this tool is not free of charge. ? you should donate but you can use it without too, i.e its part of ubuntu > Are there any known problems just copying the mailboxes with scp or rsync? may work too, with few problems depending on your setup, but its no real way if you make migration on the fly in my eyes better setup the new server, do tests, make imapsync > > Tobias > > > -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria From robert at schetterer.org Fri Sep 9 21:28:35 2011 From: robert at schetterer.org (Robert Schetterer) Date: Fri, 09 Sep 2011 20:28:35 +0200 Subject: [Dovecot] BestPractice to migrate imap mailbox from one machine to another In-Reply-To: <4E6A2DE9.1060806@dsi.unimi.it> References: <4E6A2DE9.1060806@dsi.unimi.it> Message-ID: <4E6A5AD3.3010802@schetterer.org> Am 09.09.2011 17:16, schrieb Giulio Casella: > This is working for me: > > root at oldserver # dsync -v -D -u $user backup ssh newserver dsync -u $user > > where $user is a username. oldserver and newserver can also have > different mailbox format (in my case was mbox -> maildir) > > Regards, > gc yes, dsync should work too, but never tested it > > -------- Messaggio originale -------- > Oggetto: Re: [Dovecot] BestPractice to migrate imap mailbox from one > machine to another > Data: Fri, 09 Sep 2011 15:50:49 +0200 > Mittente: Tobias Hachmer > A: > > On Fri, 09 Sep 2011 15:42:57 +0200, Giulio Casella wrote: >> Have you tried dsync (part of dovecot)? I don't know if it works for >> migration to a different (major) version of dovecot, but it's a nice >> tool. And it works also over ssh. > > Yeah, I read the sections in the dovecot v2 wiki, but I don't get how > to use for migration. > As far as I understood it's to keep several dovecot server at a unique > data bank. An well, can I use it between dovecot v1.2 and v2? > > Tobias > -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria From tobias at hachmer.de Fri Sep 9 22:17:35 2011 From: tobias at hachmer.de (Tobias Hachmer) Date: Fri, 09 Sep 2011 21:17:35 +0200 Subject: [Dovecot] BestPractice to migrate imap mailbox from one machine to another In-Reply-To: <4E6A5A73.4050403@schetterer.org> References: <8c63a852f1cdf3633ecfe820a17bd158@hachmer.de> <4E6A132E.9080206@schetterer.org> <4E6A5A73.4050403@schetterer.org> Message-ID: <4b0910624105abb6709a382467b4f6b1@hachmer.de> On Fri, 09 Sep 2011 20:26:59 +0200, Robert Schetterer wrote: >>> i used imapsync in a bash script >>> http://ks.lamiral.info/imapsync/ >>> at a massive migration >> >> ok, but this tool is not free of charge. > > ? you should donate > but you can use it without too, i.e its part of ubuntu Oh, cool, thanks for the hint. Yes, I will test simple copy, imapsnc and dsync. Thanks a lot. Tobias From simon.brereton at buongiorno.com Fri Sep 9 22:46:05 2011 From: simon.brereton at buongiorno.com (Simon Brereton) Date: Fri, 9 Sep 2011 15:46:05 -0400 Subject: [Dovecot] Mails repopping In-Reply-To: <4E6A6021.3000109@Media-Brokers.com> References: <004b01cc6f13$04a166d0$0de43470$@brereton@buongiorno.com> <4E6A6021.3000109@Media-Brokers.com> Message-ID: <000001cc6f29$1d950730$58bf1590$@brereton@buongiorno.com> > -----Original Message----- > From: Charles Marcus [mailto:CMarcus at Media-Brokers.com] > Sent: Friday, September 09, 2011 2:51 PM > On 2011-09-09 1:07 PM, Simon Brereton > wrote: > > I have a server that's been running Courier for about 6 years and > in > > all that time I think I've only ever had 1 issues where an entire > mail > > box was repopped by a webmail client. > > I don't understand... > > Webmail doesn't speak 'pop' (that I've ever heard of)... so how does > a webmail client 'repop' emails? What webmail is this? It's Horde webmail. Webmail does pop. Yahoo and Gmail do it too. When I first set up the server, it did it on first login - obviously because the server had changed but it's doing it once a week now (and in fact, it did it twice today). It's not fatal, no one will die. It is a PITA though. Simon From micah at riseup.net Fri Sep 9 23:05:21 2011 From: micah at riseup.net (Micah Anderson) Date: Fri, 09 Sep 2011 16:05:21 -0400 Subject: [Dovecot] quota percents Message-ID: <87sjo5wkfy.fsf@algae.riseup.net> I've noticed that http://wiki2.dovecot.org/Quota/Configuration is out of date, it says: plugin { quota = maildir:User quota quota_rule = *:storage=1GB # 10% of 1GB = 100MB quota_rule2 = Trash:storage=10%% # 20% of 1GB = 200MB quota_rule3 = Spam:storage=20%% } but if you use the '10%%' notation, dovecot complains, and *also* incorrectly: dovecot: imap(test at example.net): Warning: quota root mail quota rule Trash:bytes=10%: obsolete configuration for rule 'bytes=10%' should be changed to 'bytes=+10%' its incorrect because if you change it to what it suggests ('+10%') it wont work because that wont be 10% more, rather, it is set to bytes=+10: dovecot: imap(test at example.net): Debug: Quota rule: root=mail quota mailbox=Trash bytes=+10 messages=0 clearly, that isn't right... so I guess it needs to be changed to '+10%%', setting that provides: dovecot: imap(test at example.net): Debug: Quota rule: root=mail quota mailbox=* bytes=2211724 messages=0 dovecot: imap(test at example.net): Debug: Quota rule: root=mail quota mailbox=Trash bytes=+221172 (10%) messages=0 that seems ok, its saying the Trash mailbox is set to have 221172bytes (215 kilobytes) of quota. So, clearly http://wiki2.dovecot.org/Quota/Configuration needs to be updated. However, it doesn't seem to work in practice, because I have a user that is at 99% of quota, with nothing in the Trash who cannot move a 77KB message into the Trash without getting the quota_exceeded message and refusing to move it. so... how do I get this to work? thanks! micah -- -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 835 bytes Desc: not available URL: From npap at ecs.com.gr Sat Sep 10 00:45:26 2011 From: npap at ecs.com.gr (Nikos Papadopoulos) Date: Sat, 10 Sep 2011 00:45:26 +0300 Subject: [Dovecot] Attacking Dovecot Message-ID: <201109092145.p89LjQLb017904@panas.otenet.gr> Hello, I am using Dovecot ver.1.0.7 on an x86 server with RedHat Linux Enterprise 5 and the following configuration: # 1.0.7: /etc/dovecot.conf protocols: pop3 login_dir: /var/run/dovecot/login login_executable: /usr/libexec/dovecot/pop3-login mail_location: mbox:~/mail:INBOX=/var/mail/%u mail_executable: /usr/libexec/dovecot/pop3 mail_plugin_dir: /usr/lib/dovecot/pop3 pop3_client_workarounds: outlook-no-nuls oe-ns-eoh auth default: passdb: driver: pam userdb: driver: passwd It seems that my mail server is being attacked by someone who tries to retrieve users' credentials. Please read below an output of logwatch. dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user sandra dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user tanya dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user tanya dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user dark dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user dark dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user gibson dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user frank dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user frank Besides, some of the local users receive "spam" emails, which seem to be sent by another local user. Please assist me on how to prevent the aforementioned attack. Best Regards, Nikos From christian at siebenbergen.de Sat Sep 10 00:58:55 2011 From: christian at siebenbergen.de (Christian Schmidt) Date: Fri, 9 Sep 2011 23:58:55 +0200 Subject: [Dovecot] userdb static & Quota from LDAP? Message-ID: <20110909215855.GA4680@chemie.uni-hamburg.de> Hi all, I just configured Dovecot 2.0.14 for "virtual" (i.e. non-system-) users: passdb { driver = ldap args = /etc/dovecot/conf.d/ldap-passdb.ext } userdb { driver = static args = uid=vmail gid=vmail home=/var/maildir/%u } Works fine so far - thanks for this great piece of software, Timo!!! Now I'd like to add per-user quotas that will also be stored in the LDAP directory, and I'm not sure how to put things together. IMHO quota is the only "userdb information" requested from LDAP, and I'd like to leave all the other "userdb pieces" as the are. I changed the userdb definition to: userdb { driver = ldap args = /etc/dovecot/conf.d/ldap-userdb.ext } My /etc/dovecot/conf.d/ldap-userdb.ext contains (along other lines): user_attrs = uid=vmail,gid=vmail,home=/var/maildir/%u,mailQuota=quota=quota_rule=*:storage=%$ My quota configuration looks like this: plugin { quota = maildir:Mailbox-Quota quota_rule = *:storage=1G quota_warning = storage=80%% /usr/local/bin/quotawarn.sh 80 %u quota_warning2 = storage=95%% /usr/local/bin/quotawarn.sh 95 %u } Using this setup, "doveadm quota get -u username" doesn't reveal any quota information (except from the "headings"). Instead, dovecot logs: doveadm(username): Fatal: GID 0 isn't permitted When switching back to userdb static, I receive the correct (but also) static quota information. What am I doing wrong? Thank you very much, Christian Schmidt -- question = ( to ) ? be : ! be; -- Wm. Shakespeare From tim at bishnet.net Fri Sep 9 22:44:33 2011 From: tim at bishnet.net (Tim Bishop) Date: Fri, 9 Sep 2011 20:44:33 +0100 Subject: [Dovecot] Read-only mbox files Message-ID: <20110909194433.GB1243@carrick-users.bishnet.net> Hi all, I'm using Dovecot 1.2.16 (I can upgrade to 2.0 if need be) and I'm having trouble stopping Dovecot from modifying mbox files. The setup is that my main namespace points at my Maildir mail folders. In addition to this I have a second namespace that points at some old archived mbox folders. I rarely need to access these folders, but when I do Dovecot modifies the files (adding UID headers, etc). What I'd like to do is make it so that Dovecot can't change these files. I thought there might be a setting to mark a mail_location as read-only, but I can't find anything like that. I've looked at ACLs too, but they seem to be more about user access that what Dovecot can do to files. I could just do this at the filesystem level, but I'd feel a bit happier about working with Dovecot rather than trying to work around it. Does anyone have any suggestions? Thank you for reading. Tim. -- Tim Bishop http://www.bishnet.net/tim/ PGP Key: 0x5AE7D984 From =?utf-8?B?0JrQvtGB0YLRi9GA0LXQsiDQkNC70LXQutGB0LDQvdC00YAg0JDQu9C10LrRgQ==?= Sat Sep 10 04:21:12 2011 From: =?utf-8?B?0JrQvtGB0YLRi9GA0LXQsiDQkNC70LXQutGB0LDQvdC00YAg0JDQu9C10LrRgQ==?= (=?utf-8?B?0JrQvtGB0YLRi9GA0LXQsiDQkNC70LXQutGB0LDQvdC00YAg0JDQu9C10LrRgQ==?=) Date: Sat, 10 Sep 2011 12:21:12 +1100 Subject: [Dovecot] debug user's message retrieval References: <213B51F00051AE48A9F0E112880177178F9F88@Delta.sc.local><213B51F00051AE48A9F0E112880177178F9F89@Delta.sc.local> <4E69B24F.7070501@enas.net> Message-ID: <213B51F00051AE48A9F0E112880177178F77EE@Delta.sc.local> It seems like it?s what I looked for. Many thanks! -- -----Original Message----- From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On Behalf Of Urban Loesch Sent: Friday, September 09, 2011 5:30 PM To: Dovecot Mailing List Subject: Re: [Dovecot] debug user's message retrieval Hi, perhaps the "mail_log" plugin can help you. .... # mail_log plugin provides more event logging for mail processes. plugin { # Events to log. Also available: flag_change append mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename # Group events within a transaction to one line. mail_log_group_events = no # Available fields: uid, box, msgid, from, subject, size, vsize, flags # size and vsize are available only for expunge and copy events. mail_log_fields = uid box msgid size from } ... Regards Urban ???????? ????????? ?????????? wrote: > I forgot to mention that when I go to user's directory there's no > letters at all. > > On Fri, 2011-09-09 at 13:30 +1100, ???????? ????????? ?????????? wrote: >> Hi there! >> >> Is there any method to log user's activity with pop3 service? >> >> I'll try to explain situation: >> >> In maillog I saw that my dovecot lmtp saved four letters in user's >> mailbox. >> After a while I got a call from that user saying that he received >> nothing. >> >> Is there any method to log that that user RETR every single letter, >> maybe with full names of letter's id or something like that? >> > From =?utf-8?B?0JrQvtGB0YLRi9GA0LXQsiDQkNC70LXQutGB0LDQvdC00YAg0JDQu9C10LrRgQ==?= Sat Sep 10 04:23:29 2011 From: =?utf-8?B?0JrQvtGB0YLRi9GA0LXQsiDQkNC70LXQutGB0LDQvdC00YAg0JDQu9C10LrRgQ==?= (=?utf-8?B?0JrQvtGB0YLRi9GA0LXQsiDQkNC70LXQutGB0LDQvdC00YAg0JDQu9C10LrRgQ==?=) Date: Sat, 10 Sep 2011 12:23:29 +1100 Subject: [Dovecot] debug user's message retrieval References: <213B51F00051AE48A9F0E112880177178F9F88@Delta.sc.local><213B51F00051AE48A9F0E112880177178F9F89@Delta.sc.local> <201109091037.37289.joseba.torre@ehu.es> Message-ID: <213B51F00051AE48A9F0E112880177178F77EF@Delta.sc.local> Yep, I do have info like that but I need more cowbell) -----Original Message----- From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On Behalf Of Joseba Torre Sent: Friday, September 09, 2011 7:38 PM To: dovecot at dovecot.org Subject: Re: [Dovecot] debug user's message retrieval On Viernes 09 Septiembre 2011 04:36:13 ???????? ????????? ?????????? escribi?: > I forgot to mention that when I go to user's directory there's no > letters at all. > > On Fri, 2011-09-09 at 13:30 +1100, ???????? ????????? ?????????? wrote: > > Hi there! > > > > Is there any method to log user's activity with pop3 service? > > > > I'll try to explain situation: > > > > In maillog I saw that my dovecot lmtp saved four letters in user's > > mailbox. > > After a while I got a call from that user saying that he received > > nothing. > > > > Is there any method to log that that user RETR every single letter, > > maybe with full names of letter's id or something like that? The default pop3 log is enough for me: Sep 9 05:46:37 server1 dovecot: POP3(user1): Disconnected: Logged out top=0/0, retr=1/41706, del=1/1, size=41685 This means that user1 received 1 message, deleted 1 message, and total downloaded size was 41685. Don't you have a similar line for your user? -- Joseba Torre. Vicegerencia de TICs, ?rea de Explotaci?n From henson at acm.org Sat Sep 10 05:33:16 2011 From: henson at acm.org (Paul B. Henson) Date: Fri, 09 Sep 2011 19:33:16 -0700 Subject: [Dovecot] mysql auth failover failing Message-ID: <4E6ACC6C.6020200@acm.org> We are running dovecot to provide authentication for postfix, using two mysql servers in a multi-master replication set as the password source: ---------------------------------------- # 2.0.13: /etc/dovecot/dovecot.conf # OS: Linux 2.6.37-gentoo-r4 x86_64 Gentoo Base System release 2.0.2 auth_mechanisms = plain login digest-md5 cram-md5 auth_verbose = yes passdb { args = /etc/dovecot/dovecot-sql.conf driver = sql } protocols = none service auth-worker { unix_listener auth-worker { user = postfix } user = $default_internal_user } service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } user = postfix } ssl = no userdb { driver = passwd } --------------------------------------- With an sql config of: ------------------------- driver = mysql connect = host=mysql-1.unx.csupomona.edu host=mysql-2.unx.csupomona.edu dbname=idmgmt user=postfix password=XXXXXXX default_pass_scheme = PLAIN password_query = XXXXXXXXX ------------------------- According to the sample SQL configuration file "HA / round-robin load-balancing is supported by giving multiple host settings, like: host=sql1.host.org host=sql2.host.org". However, as far as I can tell dovecot only connects to the first listed host, and processes all queries through it, there does not appear to be any load-balancing going on. That's not necessarily a dealbreaker; however, high-availability does not appear to be working either. If I shutdown the first mysql server, dovecot starts to log connection failures: Sep 9 15:47:34 tweak dovecot: auth: Error: mysql(mysql-1.unx.csupomona.edu): Connect failed to database (idmgmt): Can't connect to MySQL server on 'mysql-1.unx.csupomona.edu' (111) - waiting for 1 seconds before retry Sep 9 15:47:39 tweak dovecot: auth: Error: mysql(mysql-1.unx.csupomona.edu): Connect failed to database (idmgmt): Can't connect to MySQL server on 'mysql-1.unx.csupomona.edu' (111) - waiting for 25 seconds before retry And postfix starts to fail authentications: Sep 9 15:47:35 tweak postfix/smtpd[5119]: warning: bender.iitsys.csupomona.edu[134.71.250.134]: SASL DIGEST-MD5 authentication failed: Connection lost to authentication server Now and again the authentication process dies: Sep 9 15:47:39 tweak dovecot: auth: Panic: file auth-request-handler.c: line 697 (auth_request_handler_flush_failures): assertion failed: (auth_request->state == AUTH_REQUEST_STATE_FINISHED) Sep 9 15:47:39 tweak dovecot: auth: Error: Raw backtrace: /usr/lib64/dovecot/libdovecot.so.0(+0x3f71a) [0x7f25822ca71a] -> /usr/lib64/dovecot/libdovecot.so.0(+0x3f766) [0x7f25822ca766] -> /usr/lib64/dovecot/libdovecot.so.0(+0x198ca) [0x7f25822a48ca] -> dovecot/auth() [0x4137f4] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_handle_timeouts+0xd4) [0x7f25822d5fe4] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_handler_run+0x5b) [0x7f25822d6bcb] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_run+0x28) [0x7f25822d5c48] -> /usr/lib64/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7f25822c3de3] -> dovecot/auth(main+0x2be) [0x4179de] -> /lib64/libc.so.6(__libc_start_main+0xfd) [0x7f2581898bbd] -> dovecot/auth() [0x40bdc9] Sep 9 15:47:39 tweak dovecot: master: Error: service(auth): child 4154 killed with signal 6 (core dumps disabled) Requests start to pile up: Sep 9 15:51:46 tweak dovecot: auth: Warning: auth workers: Auth request was queued for 25 seconds, 45 left in queue Lookups time out: Sep 9 15:57:22 tweak dovecot: auth: Error: auth worker: Aborted request: Lookup timed out This occasionally pops up: Sep 9 15:58:38 tweak dovecot: auth: Fatal: net_connect_unix(auth-worker) failed: Resource temporarily unavailable And sometimes the auth process gets temporarily disabled: Sep 9 15:58:57 tweak dovecot: master: Error: service(auth): command startup failed, throttling Resulting in more postfix authentication failures: Sep 9 15:58:57 tweak postfix/smtpd[6531]: warning: bender.iitsys.csupomona.edu[134.71.250.134]: SASL DIGEST-MD5 authentication failed: Sep 9 15:59:08 tweak postfix/smtpd[6551]: fatal: no SASL authentication mechanisms To the point where postfix also temporarily throttles smtpd: Sep 9 15:59:21 tweak postfix/master[6526]: warning: /usr/lib64/postfix/smtpd: bad command startup -- throttling Resulting in a complete unavailability of smtp service, not just unavailability of authenticated services. I don't think all authentications fail during the scenario, but I think the majority do. Based on the network traffic, dovecot is almost continuously trying to connect to the first listed server. It sometimes connects to the second listed server, but when it does, the connection does not persist, it goes away almost immediately. Ideally, I would like no authentications to fail if one of the MySQL servers is unavailable. If a few fail just when the server dies, that would be undesirable but acceptable as long as they do not continuously fail while the server is down. Am I doing something wrong? Does the example sql config have incorrect information? We were previously running dovecot 1.2.11, we just recently upgraded to 2. In the previous version, we actually had two different passdb's configured, each one listing only one of the mysql servers. I seem to recall that was the recommendation at the time for high-availability. When that configuration did not seem to work under version 2, I found an updated recommendation to list both servers in the same passdb, which also does not appear to work correctly. I actually went back and tested the older version, and determined it seemed to work okay in the case where the server was up but the service was down, and connections were refused, but also failed a large number of authentication attempts when the server was completely down and connections were timing out. Thanks much... -- Paul B. Henson | (909) 979-6361 | http://www.csupomona.edu/~henson/ Operating Systems and Network Analyst | henson at csupomona.edu California State Polytechnic University | Pomona CA 91768 From noel.butler at ausics.net Sat Sep 10 06:02:57 2011 From: noel.butler at ausics.net (Noel Butler) Date: Sat, 10 Sep 2011 13:02:57 +1000 Subject: [Dovecot] mysql auth failover failing In-Reply-To: <4E6ACC6C.6020200@acm.org> References: <4E6ACC6C.6020200@acm.org> Message-ID: <1315623777.5820.21.camel@tardis> On Fri, 2011-09-09 at 19:33 -0700, Paul B. Henson wrote: > default_pass_scheme = PLAIN Uhg i'll pretend I didnt see that :) > > According to the sample SQL configuration file "HA / round-robin > load-balancing is supported by giving multiple host settings, like: > host=sql1.host.org host=sql2.host.org". > > However, as far as I can tell dovecot only connects to the first listed > host, and processes all queries through it, there does not appear to be > any load-balancing going on. > I suspect the wording here is incorrect, its just a failover AFAIK, it only hits the first entry failing to second if no response. HA would be like running a mysql slave on all the front ends failing over to the master on your CRM server etc, which is what I do and suggest, having just one master server, after all, dovecot and postfix just need to read, not alter/update/insert etc. > That's not necessarily a dealbreaker; however, high-availability does > not appear to be working either. > > If I shutdown the first mysql server, dovecot starts to log connection > failures: > > Sep 9 15:47:34 tweak dovecot: auth: Error: > mysql(mysql-1.unx.csupomona.edu): Connect failed to database (idmgmt): > Can't connect to MySQL server on 'mysql-1.unx.csupomona.edu' (111) - > waiting for 1 seconds before retry > > Sep 9 15:47:39 tweak dovecot: auth: Error: > mysql(mysql-1.unx.csupomona.edu): Connect failed to database (idmgmt): > Can't connect to MySQL server on 'mysql-1.unx.csupomona.edu' (111) - > waiting for 25 seconds before retry > yep thats correct because it has " gone away" but it still uses the second host immediately, thats just dovecot trying to re-establish its link with primary > And postfix starts to fail authentications: > err postfix is not dovecot, you need to also add failover in postfix's sql lookup commands hosts = unix:/var/run/mysql/mysql.sock 10.10.10.2 (assuming .2 is your master sql server) > > Resulting in a complete unavailability of smtp service, not just > unavailability of authenticated services. > You could have a higher sec mx smtp box that uses postfix for virtual transport for cases of if dovecot is unavailable, this of course means storing partial paths in your mail db, for use only by that one non-behind-load-balancer separated sec mx, of course this wont solve users issue of sending unless you have multiple smtp behind a load balancer, but allows for inbound still, depends on how big your setup (and budget) is or can be :) (note: I talk of load balancer as in real hardware device, not as in pretend LB's as in software) > Does the example sql config have incorrect > information? > I suspect so. -------------- next part -------------- A non-text attachment was scrubbed... Name: face-smile.png Type: image/png Size: 873 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 490 bytes Desc: This is a digitally signed message part URL: From henson at acm.org Sat Sep 10 06:16:17 2011 From: henson at acm.org (Paul B. Henson) Date: Fri, 9 Sep 2011 20:16:17 -0700 Subject: [Dovecot] mysql auth failover failing In-Reply-To: <1315623777.5820.21.camel@tardis> References: <4E6ACC6C.6020200@acm.org> <1315623777.5820.21.camel@tardis> Message-ID: <20110910031616.GN32704@bender.csupomona.edu> On Fri, Sep 09, 2011 at 08:02:57PM -0700, Noel Butler wrote: > Uhg i'll pretend I didnt see that :) We only use dovecot to provide sasl authentication to postfix smtp clients, using a separate password just for that purpose. Storing it in plaintext is the only way to support all authentication types. > I suspect the wording here is incorrect, its just a failover AFAIK, it > only hits the first entry failing to second if no response. Hmm, that would work for me, if it worked ;). > suggest, having just one master server, after all, dovecot and postfix > just need to read, not alter/update/insert etc. True; but the pieces that are altering/updating/inserting the data that postfix/dovecot need to read need redundancy as well :). > yep thats correct because it has " gone away" but it still uses the > second host immediately, thats just dovecot trying to re-establish its > link with primary Based on my testing, it doesn't use the second host immediately, but only sporadically, with most of the authentications failing. > err postfix is not dovecot, you need to also add failover in postfix's > sql lookup commands postfix relies on dovecot for authentication, this postfix error message is the result of dovecot not successfully processing an authentication request. postfix itself handles mysql failure well, it both load balances queries across both servers and also continues to function when one isn't available. > (note: I talk of load balancer as in real hardware device, not as in > pretend LB's as in software) We actually have a hardware load balancer, and I've considered just sticking the mysql servers behind it. But everything else using them handles failover ok, and initially I'd rather get dovecot doing the same before changing the current architecture. Thanks for the reply... -- Paul B. Henson | (909) 979-6361 | http://www.csupomona.edu/~henson/ Operating Systems and Network Analyst | henson at csupomona.edu California State Polytechnic University | Pomona CA 91768 From Jim at themailshack.com Sat Sep 10 06:23:45 2011 From: Jim at themailshack.com (Jim) Date: Fri, 9 Sep 2011 22:23:45 -0500 Subject: [Dovecot] Attacking Dovecot In-Reply-To: <201109092145.p89LjQLb017904@panas.otenet.gr> References: <201109092145.p89LjQLb017904@panas.otenet.gr> Message-ID: <5CD2AED2-E342-4811-B5F3-5D05091569E1@themailshack.com> There isn't enough information presented to assist, you'll want to refer to the wiki to increase your logging to get more detail: http://wiki.dovecot.org/Logging What you need is the system IP that's connecting as these users, if it's local, you should be able to track that system down easily. If it's remote, block it via a firewall to lock it out. Regarding the spam emails, they may or may not be coming from this same system, once you have more logging, you'll be able to verify that. Jim On Sep 9, 2011, at 4:45 PM, Nikos Papadopoulos wrote: > I am using Dovecot ver.1.0.7 on an x86 server with RedHat Linux Enterprise 5 > It seems that my mail server is being attacked by someone who tries to > retrieve users' credentials. > Besides, some of the local users receive "spam" emails, which seem to be > sent by another local user. From jana1972 at centrum.cz Sat Sep 10 11:04:36 2011 From: jana1972 at centrum.cz (jana1972 at centrum.cz) Date: Sat, 10 Sep 2011 10:04:36 +0200 Subject: [Dovecot] Why can NOT login as root Message-ID: <4E6B3634.18171.51F73FE@jana1972.centrum.cz> Hi i use Dovecot and it works ok for users except for root user. It is impossible to login as root Here is a log Sep 10 10:15:44 auth: Debug: Loading modules from directory: /usr/local/lib/dovecot/auth Sep 10 10:15:44 auth: Debug: auth client connected (pid=18077) Sep 10 10:15:44 auth: Debug: client in: AUTH 1 PLAIN service=imap secured lip=212.97.133.82 rip=212.97.133.82 lport=143 rport=34645 resp= Sep 10 10:15:44 auth: Debug: Loading modules from directory: /usr/local/lib/dovecot/auth Sep 10 10:15:44 auth: Debug: pam(root,212.97.133.82): lookup service=dovecot Sep 10 10:15:44 auth: Debug: pam(root,212.97.133.82): #1/1 style=1 msg=Password: Sep 10 10:15:44 auth: Debug: client out: OK 1 user=root Sep 10 10:15:44 auth: Debug: master in: REQUEST 2889482241 18077 1 3500554cf70742dfc0515671c7671bbd Sep 10 10:15:44 auth: Debug: passwd(root,212.97.133.82): lookup Sep 10 10:15:44 auth: Debug: master out: USER 2889482241 root system_groups_user=root uid=0 gid=0 home=/root Sep 10 10:15:44 imap-login: Info: Login: user=, method=PLAIN, rip=212.97.133.82, lip=212.97.133.82, mpid=18082, secured Sep 10 10:15:44 imap: Error: user root: Invalid settings in userdb: userdb returned 0 as uid Sep 10 10:15:44 imap: Error: Invalid user settings. Refer to server log for more information. Can anyone help? Thanks LL. From user+dovecot at localhost.localdomain.org Sat Sep 10 11:18:53 2011 From: user+dovecot at localhost.localdomain.org (Pascal Volk) Date: Sat, 10 Sep 2011 10:18:53 +0200 Subject: [Dovecot] Why can NOT login as root In-Reply-To: <4E6B3634.18171.51F73FE@jana1972.centrum.cz> References: <4E6B3634.18171.51F73FE@jana1972.centrum.cz> Message-ID: <4E6B1D6D.4080609@localhost.localdomain.org> On 09/10/2011 10:04 AM jana1972 at centrum.cz wrote: > Hi i use Dovecot and it works ok for users except for root user. > It is impossible to login as root > Here is a log > ? > Sep 10 10:15:44 imap: Error: user root: Invalid settings in userdb: userdb > returned 0 as uid > Sep 10 10:15:44 imap: Error: Invalid user settings. Refer to server log for > more information. > > > Can anyone help? http://hg.dovecot.org/dovecot-1.2/file/02c2ac9ddf8c/dovecot-example.conf: 374 # Valid UID range for users, defaults to 500 and above. This is mostly 375 # to make sure that users can't log in as daemons or other system users. 376 # Note that denying root logins is hardcoded to dovecot binary and can't 377 # be done even if first_valid_uid is set to 0. Regards, Pascal -- The trapper recommends today: cafebabe.1125310 at localdomain.org From ionic at ionic.de Sat Sep 10 05:36:57 2011 From: ionic at ionic.de (Mihai Moldovan) Date: Sat, 10 Sep 2011 04:36:57 +0200 Subject: [Dovecot] Annoying "feature" in dovecot/pidgeonhole - include depth limitation Message-ID: <4E6ACD49.6090406@ionic.de> Hi all, I'm using dovecot 2.0.14 build on Debian. The maintainers obviously patch the dovecot source so that it uses the pidgeonhole sieve system. Today I ran into a very annoying issue: I created several sieve scripts and interlinked via the include command, only to find dovecot spewing this error message at me: SWREG Newsletter: line 14: error: cannot nest includes deeper than 10 levels. As far as I could see this limitation is hardcoded to a depth of 10 and can only be changed at compile time. Why is it in place? I understand that you CAN create loops via the include command and limiting the inclusion depth is a way to circumvent loops - but ten is a very low value and the fact that you can't change it via a config file or sorta is even worse. My "fix" so far has been ignoring this, i.e. not returning false. I'm pretty sure that's not the best way to do it but it seems to be working so far. I'd really like to hear your opinion on this issue. Best regards, Mihai ** -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 4369 bytes Desc: S/MIME Cryptographic Signature URL: From noel.butler at ausics.net Sat Sep 10 11:49:59 2011 From: noel.butler at ausics.net (Noel Butler) Date: Sat, 10 Sep 2011 18:49:59 +1000 Subject: [Dovecot] mysql auth failover failing In-Reply-To: <20110910031616.GN32704@bender.csupomona.edu> References: <4E6ACC6C.6020200@acm.org> <1315623777.5820.21.camel@tardis> <20110910031616.GN32704@bender.csupomona.edu> Message-ID: <1315644599.5471.12.camel@tardis> On Fri, 2011-09-09 at 20:16 -0700, Paul B. Henson wrote: > On Fri, Sep 09, 2011 at 08:02:57PM -0700, Noel Butler wrote: > > suggest, having just one master server, after all, dovecot and postfix > > just need to read, not alter/update/insert etc. > > True; but the pieces that are altering/updating/inserting the data that > postfix/dovecot need to read need redundancy as well :). > Yep, depends on your network design I suppose, I rather leave the front ends to be just that, with all interactions with master DB server and the NAS done via second interface on a dedicated private LAN so those nasty bored teenagers out there can't get near it :) > > yep thats correct because it has " gone away" but it still uses the > > second host immediately, thats just dovecot trying to re-establish its > > link with primary > > Based on my testing, it doesn't use the second host immediately, but > only sporadically, with most of the authentications failing. Sounds like you have bigger issues, maybe relating as to why the primary fails? > > > err postfix is not dovecot, you need to also add failover in postfix's > > sql lookup commands > > postfix relies on dovecot for authentication, this postfix error message > is the result of dovecot not successfully processing an authentication > request. postfix itself handles mysql failure well, it both load > balances queries across both servers and also continues to function when > one isn't available. > my bad, I did see that and it is as how I do it (i'm not all there at present, had the flu for a week grrrr) but I never had a situation where primary (local slave copy) has gone away unless I'm deliberately upgrading mysql ) when doing so (tested) it hits the master server (as in secondary host=) right away, no auth failures. Cheers -------------- next part -------------- A non-text attachment was scrubbed... Name: face-smile.png Type: image/png Size: 873 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 490 bytes Desc: This is a digitally signed message part URL: From david at davidfavor.com Sat Sep 10 21:36:06 2011 From: david at davidfavor.com (David Favor) Date: Sat, 10 Sep 2011 13:36:06 -0500 Subject: [Dovecot] BestPractice to migrate imap mailbox from one machineto another In-Reply-To: <4E6A221D.7060805@gmail.com> References: <8c63a852f1cdf3633ecfe820a17bd158@hachmer.de> <4E6A221D.7060805@gmail.com> Message-ID: <4E6BAE16.90805@davidfavor.com> Johan Hendriks wrote: > Tobias Hachmer schreef: >> Hi list, >> >> currently I use dovecot v1.2.15 with maildir++ mailboxes. (Debian >> Squeeze) >> I want to set up a different server with dovecot v2, also maildir++ >> mailboxes. (also Debian Squeeze) >> >> What is the best way to copy the existing mailboxes from the older >> machine running dovecot v1.2.15 to the new naked machine? >> >> Greetz, Tobias > I did the same thing, with no know issues so far. > > My old server was running dovecot 1.2.x and i coppied the whole maildir > structure to the other machine. > Then started Dovecot 2.x and all was fine. > > Should be the same as instlling 2.0 over the old 1.2.x version, then it > uses the old maildir also. > > Well test it i would say. > Just do the copy, and try if everything works. > then do it for a final migration. > > Gr > Johan Hendriks Yes. So long as you're using same file structure, just tar + compress your Maildir hierarchy + scp it to your new machine + untar/uncompress... You'll be good to go. -- Love feeling your best ever, all day, every day? Click http://RadicalHealth.com for the easy way! From michael at orlitzky.com Sat Sep 10 21:36:58 2011 From: michael at orlitzky.com (Michael Orlitzky) Date: Sat, 10 Sep 2011 14:36:58 -0400 Subject: [Dovecot] BestPractice to migrate imap mailbox from one machine to another In-Reply-To: References: <8c63a852f1cdf3633ecfe820a17bd158@hachmer.de> <4E6A132E.9080206@schetterer.org> Message-ID: <4E6BAE4A.2080805@orlitzky.com> On 09/09/11 09:34, Tobias Hachmer wrote: > On Fri, 09 Sep 2011 15:22:54 +0200, Robert Schetterer wrote: >> Am 09.09.2011 15:14, schrieb Tobias Hachmer: >>> What is the best way to copy the existing mailboxes from the older >>> machine running dovecot v1.2.15 to the new naked machine? >> >> i used imapsync in a bash script >> http://ks.lamiral.info/imapsync/ >> at a massive migration > > ok, but this tool is not free of charge. > Are there any known problems just copying the mailboxes with scp or > rsync? > https://fedorahosted.org/released/imapsync/ From dnewman at networktest.com Sat Sep 10 22:49:39 2011 From: dnewman at networktest.com (David Newman) Date: Sat, 10 Sep 2011 12:49:39 -0700 Subject: [Dovecot] sieve and pattern matching Message-ID: <4E6BBF53.3010607@networktest.com> Dovecot 1.2.17 What is the sieve syntax for matching text somewhere in a subject line, but not at the beginning of the line? Background: Multiple machines each send a message with the subject of " operations run" to a mail server. The value is different for each sender. This sieve filter does not match any message: require ["fileinto","envelope","reject","vacation","imapflags","relational","co mparator-i;ascii-numeric","regex","notify"]; require ["body", "fileinto", "regex"]; # currentops reports if header :contains "Subject" ".* operations run" { fileinto "currentops"; stop; } However, a similar filter will match if, and only if, the string occurs at the beginning of the subject line. The various sieve help pages I've found suggest that pattern matching anywhere in the subject line should work, not just at the beginning. How to achieve this? TIA dn From compconsultant at yahoo.com Sat Sep 10 23:23:52 2011 From: compconsultant at yahoo.com (Steve Fatula) Date: Sat, 10 Sep 2011 13:23:52 -0700 (PDT) Subject: [Dovecot] MySQL, map files In-Reply-To: <1315525950.915.YahooMailNeo@web39420.mail.mud.yahoo.com> References: <1315525950.915.YahooMailNeo@web39420.mail.mud.yahoo.com> Message-ID: <1315686232.19193.YahooMailNeo@web39412.mail.mud.yahoo.com> ----- Original Message ----- > From: Steve Fatula > To: Dovecot List > Cc: > Sent: Thursday, September 8, 2011 6:52 PM > Subject: [Dovecot] MySQL, map files > > I'll try and break up my questions the other day about extdata that went > unanswered into pieces in the hopes it will be more specific and clear. > > In general, I am trying to figure out the syntax of the map statement and what > is allowed in that statement. So, by map statement, I mean for example perhaps > the?dovecot-dict-expire.conf.ext file as shown in the doc. Is the syntax the > same for the various types of files (quota vs expire)? Is there syntax to allow > the specification of a different key? If so, where is this documented. I have an > existing table I want to use, not the table shown in the doc. > > The reason I am asking is I have seen web pages that reference all sorts of > statements within the map statement, and I have no idea where they are > documented. Specifically, I see an example here (which is LDAP), look in section > 3: > > http://dovecot.org/patches/1.2/ldap/HOWTO_dictldap+extdata.txt > > > You will see lots of statements, not sure which ones can be used for MySQL > (instead of LDAP). So, would like to find a list of ALL valid syntax within the > map. > I am guessing no one knows the answer then. Oh well, will have to give up on it then as it is un-documented. From compconsultant at yahoo.com Sat Sep 10 23:36:55 2011 From: compconsultant at yahoo.com (Steve Fatula) Date: Sat, 10 Sep 2011 13:36:55 -0700 (PDT) Subject: [Dovecot] Sieve, before script - Can it include "personal" scripts? Message-ID: <1315687015.24912.YahooMailNeo@web39415.mail.mud.yahoo.com> Using sieve_before, can the script it references include a file from the personal space? I want to set some parameters (by user using the variables extension) there to control what the before script does, so, every user would have the file in their personal include space. If not, is there another way? Can the sieve_before and sieve_global_path be set from userdb extra fields? From allen at vo.lu Sun Sep 11 00:36:18 2011 From: allen at vo.lu (John Allen) Date: Sat, 10 Sep 2011 23:36:18 +0200 Subject: [Dovecot] Why can NOT login as root In-Reply-To: <4E6B3634.18171.51F73FE@jana1972.centrum.cz> References: <4E6B3634.18171.51F73FE@jana1972.centrum.cz> Message-ID: <4E6BD852.5000306@vo.lu> As far as I recall, IMAP servers generally don't allow access to root. According to the Dovecot wiki, this is hard-coded in the binary: http://wiki.dovecot.org/MainConfig see under "first_valid_uid" If the root user is receiving emails, these need to be redirected to another user so they can be read via IMAP. John On 10/09/2011 10:04, jana1972 at centrum.cz wrote: > Hi i use Dovecot and it works ok for users except for root user. > It is impossible to login as root > Here is a log > > > Sep 10 10:15:44 auth: Debug: Loading modules from directory: > /usr/local/lib/dovecot/auth > Sep 10 10:15:44 auth: Debug: auth client connected (pid=18077) > Sep 10 10:15:44 auth: Debug: client in: AUTH 1 PLAIN service=imap > secured lip=212.97.133.82 rip=212.97.133.82 lport=143 > rport=34645 resp= > Sep 10 10:15:44 auth: Debug: Loading modules from directory: > /usr/local/lib/dovecot/auth > Sep 10 10:15:44 auth: Debug: pam(root,212.97.133.82): lookup service=dovecot > Sep 10 10:15:44 auth: Debug: pam(root,212.97.133.82): #1/1 style=1 > msg=Password: > Sep 10 10:15:44 auth: Debug: client out: OK 1 user=root > Sep 10 10:15:44 auth: Debug: master in: REQUEST 2889482241 18077 1 > 3500554cf70742dfc0515671c7671bbd > Sep 10 10:15:44 auth: Debug: passwd(root,212.97.133.82): lookup > Sep 10 10:15:44 auth: Debug: master out: USER 2889482241 root > system_groups_user=root uid=0 gid=0 home=/root > Sep 10 10:15:44 imap-login: Info: Login: user=, method=PLAIN, > rip=212.97.133.82, lip=212.97.133.82, mpid=18082, secured > Sep 10 10:15:44 imap: Error: user root: Invalid settings in userdb: userdb > returned 0 as uid > Sep 10 10:15:44 imap: Error: Invalid user settings. Refer to server log for > more information. > > > Can anyone help? > Thanks > LL. From stephan at rename-it.nl Sun Sep 11 13:01:57 2011 From: stephan at rename-it.nl (Stephan Bosch) Date: Sun, 11 Sep 2011 12:01:57 +0200 Subject: [Dovecot] Annoying "feature" in dovecot/pidgeonhole - include depth limitation In-Reply-To: <4E6ACD49.6090406@ionic.de> References: <4E6ACD49.6090406@ionic.de> Message-ID: <4E6C8715.6060803@rename-it.nl> On 9/10/2011 4:36 AM, Mihai Moldovan wrote: > Hi all, > > I'm using dovecot 2.0.14 build on Debian. > > The maintainers obviously patch the dovecot source so that it uses the > pidgeonhole sieve system. > > Today I ran into a very annoying issue: I created several sieve scripts > and interlinked via the include command, only to find dovecot spewing > this error message at me: > SWREG Newsletter: line 14: error: cannot nest includes deeper than 10 > levels. > > As far as I could see this limitation is hardcoded to a depth of 10 and > can only be changed at compile time. Yes, it is. > Why is it in place? I understand that you CAN create loops via the > include command and limiting the inclusion depth is a way to circumvent > loops - but ten is a very low value and the fact that you can't change > it via a config file or sorta is even worse. True. This is one of those typical 'this aught to be enough for every one' issues. Up until now, this was true :) > My "fix" so far has been ignoring this, i.e. not returning false. I'm > pretty sure that's not the best way to do it but it seems to be working > so far. > > I'd really like to hear your opinion on this issue. I've made the limits for the include extension configurable now. This will be included in the next release. Regards, Stephan. From tss at iki.fi Sun Sep 11 13:07:00 2011 From: tss at iki.fi (Timo Sirainen) Date: Sun, 11 Sep 2011 13:07:00 +0300 Subject: [Dovecot] Annoying "feature" in dovecot/pidgeonhole - include depth limitation In-Reply-To: <4E6C8715.6060803@rename-it.nl> References: <4E6ACD49.6090406@ionic.de> <4E6C8715.6060803@rename-it.nl> Message-ID: <55C16496-EE9A-4985-B45E-86A99426A551@iki.fi> On 11.9.2011, at 13.01, Stephan Bosch wrote: > I've made the limits for the include extension configurable now. This will be included in the next release. Is there really a need for such a limit? Isn't it mainly to avoid infinite loops, which could also be detected by seeing if there are any actual include loops? From stephan at rename-it.nl Sun Sep 11 13:13:24 2011 From: stephan at rename-it.nl (Stephan Bosch) Date: Sun, 11 Sep 2011 12:13:24 +0200 Subject: [Dovecot] Sieve, before script - Can it include "personal" scripts? In-Reply-To: <1315687015.24912.YahooMailNeo@web39415.mail.mud.yahoo.com> References: <1315687015.24912.YahooMailNeo@web39415.mail.mud.yahoo.com> Message-ID: <4E6C89C4.7030606@rename-it.nl> On 9/10/2011 10:36 PM, Steve Fatula wrote: > Using sieve_before, can the script it references include a file from the personal space? Yes, that should work, however... > I want to set some parameters (by user using the variables extension) there to control what the before script does, so, every user would have the file in their personal include space. ... there is usually no way to guarantee that the user will have this script in place and that it does not produce any compile/run-time errors. This way, the user can break Sieve processing in the sieve_before stage. The first part can be mended with the new :optional tag recently added to the include extension's specification (not implemented in Pigeonhole so far). Unfortunately, there is no way to resolve the second part. > If not, is there another way? > > Can the sieve_before and sieve_global_path be set from userdb extra fields? Yes. Regards, Stephan. From stephan at rename-it.nl Sun Sep 11 13:29:40 2011 From: stephan at rename-it.nl (Stephan Bosch) Date: Sun, 11 Sep 2011 12:29:40 +0200 Subject: [Dovecot] Annoying "feature" in dovecot/pidgeonhole - include depth limitation In-Reply-To: <55C16496-EE9A-4985-B45E-86A99426A551@iki.fi> References: <4E6ACD49.6090406@ionic.de> <4E6C8715.6060803@rename-it.nl> <55C16496-EE9A-4985-B45E-86A99426A551@iki.fi> Message-ID: <4E6C8D94.7030308@rename-it.nl> On 9/11/2011 12:07 PM, Timo Sirainen wrote: > On 11.9.2011, at 13.01, Stephan Bosch wrote: > >> I've made the limits for the include extension configurable now. This will be included in the next release. > Is there really a need for such a limit? Isn't it mainly to avoid infinite loops, which could also be detected by seeing if there are any actual include loops? The detection of actual include loops is already in place, so the depth limit could be a bit of overkill indeed. The existence of this limit probably has something to do with the fact that code generation for the include extension is still a recursive process (whereas runtime interpretation is not). This means that (very) deep nesting could cause stack overflow at compile time. Once the include extension goes RFC I'll fix this along with implementing the new :optional tag. Regards, Stephan. From stephan at rename-it.nl Sun Sep 11 18:06:48 2011 From: stephan at rename-it.nl (Stephan Bosch) Date: Sun, 11 Sep 2011 17:06:48 +0200 Subject: [Dovecot] sieve and pattern matching In-Reply-To: <4E6BBF53.3010607@networktest.com> References: <4E6BBF53.3010607@networktest.com> Message-ID: <4E6CCE88.9050307@rename-it.nl> On 9/10/2011 9:49 PM, David Newman wrote: > Dovecot 1.2.17 > > What is the sieve syntax for matching text somewhere in a subject line, > but not at the beginning of the line? > > Background: Multiple machines each send a message with the subject of > " operations run" to a mail server. The value is > different for each sender. If I understand your question correctly, the following is the easiest answer: if header :matches "subject" "* operations run" { } > This sieve filter does not match any message: > > require > ["fileinto","envelope","reject","vacation","imapflags","relational","co > mparator-i;ascii-numeric","regex","notify"]; > require ["body", "fileinto", "regex"]; > > # currentops reports > if header :contains "Subject" ".* operations run" > { > fileinto "currentops"; > stop; > } Right, because that is not how :contains works. Check http://tools.ietf.org/html/rfc5228#section-2.7.1 for more info. Regards, Stephan. From lists at kokelnet.de Sun Sep 11 19:40:44 2011 From: lists at kokelnet.de (Tobias Hachmer) Date: Sun, 11 Sep 2011 18:40:44 +0200 Subject: [Dovecot] setacl on complete mailbox Message-ID: <344f5f741af038d8ae8aaab40b4267fa@kokelnet.de> Hi List, how can I grant a user full control on another mailbox (the complete mailbox with all folder and subfolders). With the setacl command I could do this but first I have to list all folders and then I have to do one setacl command for each folder. Is there a command to this in one line? Also for new created folders? Greetz, Tobias From dnewman at networktest.com Sun Sep 11 20:01:36 2011 From: dnewman at networktest.com (David Newman) Date: Sun, 11 Sep 2011 10:01:36 -0700 Subject: [Dovecot] sieve and pattern matching In-Reply-To: <4E6CCE88.9050307@rename-it.nl> References: <4E6BBF53.3010607@networktest.com> <4E6CCE88.9050307@rename-it.nl> Message-ID: <4E6CE970.9000105@networktest.com> On 9/11/11 8:06 AM, Stephan Bosch wrote: >> What is the sieve syntax for matching text somewhere in a subject line, >> but not at the beginning of the line? >> >> Background: Multiple machines each send a message with the subject of >> " operations run" to a mail server. The value is >> different for each sender. > > If I understand your question correctly, the following is the easiest > answer: > > if header :matches "subject" "* operations run" { > } Bingo! Thanks. > Right, because that is not how :contains works. > > Check http://tools.ietf.org/html/rfc5228#section-2.7.1 for more info. Thanks too for this pointer. I hadn't understood the difference between :contains and :matches. dn From Lutz.Pressler at SerNet.DE Sun Sep 11 22:22:29 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Sun, 11 Sep 2011 21:22:29 +0200 Subject: [Dovecot] 2.1: problems compiling fts-lucene - CLucene git version necessary? Message-ID: Hello! I have problems recompiling the Debian squeeze auto build packages with "--with-lecene". Is the git (2.3) version of CLucene necessary? Debian includes 0.9.21b, which does not work. Lutz From a.a.moraru at gmail.com Sun Sep 11 22:30:59 2011 From: a.a.moraru at gmail.com (Andriy Moraru) Date: Sun, 11 Sep 2011 22:30:59 +0300 Subject: [Dovecot] Filter Mail to Pipe to External Program Message-ID: Hello all! How do I add a filter that would pipe the mail message (containing a certain "To:" field) to some other program? I am running Dovecot 1.0.15. Thanks! From tss at iki.fi Sun Sep 11 22:45:56 2011 From: tss at iki.fi (Timo Sirainen) Date: Sun, 11 Sep 2011 22:45:56 +0300 Subject: [Dovecot] Filter Mail to Pipe to External Program In-Reply-To: References: Message-ID: <76872554-D3C6-4263-9A73-B4430BD0CDCC@iki.fi> On 11.9.2011, at 22.30, Andriy Moraru wrote: > How do I add a filter that would pipe the mail message (containing a > certain "To:" field) to some other program? Pipe it when? When it's delivered? Probably better to do it in MTA instead of Dovecot. From tss at iki.fi Sun Sep 11 22:46:42 2011 From: tss at iki.fi (Timo Sirainen) Date: Sun, 11 Sep 2011 22:46:42 +0300 Subject: [Dovecot] 2.1: problems compiling fts-lucene - CLucene git version necessary? In-Reply-To: References: Message-ID: <7C9B9C67-A1FD-472B-8514-BC54F1B01D00@iki.fi> On 11.9.2011, at 22.22, Lutz Pre?ler wrote: > I have problems recompiling the Debian squeeze auto build packages > with "--with-lecene". Is the git (2.3) version of CLucene necessary? Yes. > Debian includes 0.9.21b, which does not work. Right, it doesn't. From Lutz.Pressler at SerNet.DE Sun Sep 11 22:50:50 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Sun, 11 Sep 2011 21:50:50 +0200 Subject: [Dovecot] 2.1: imapc SUBSCRIBE problem In-Reply-To: <20110909144349.GA846637@gabi.sernet.de> References: <1315563414.3876.50.camel@hurina> <20110909102128.GA762256@gabi.sernet.de> <20110909144349.GA846637@gabi.sernet.de> Message-ID: On Fri, 09 Sep 2011, Lutz Pre?ler wrote: > LIST is now working correctly in my setup, but SUBSCRIBE ist not. > With subscriptions=no, as written (but same behaviour with subscriptions=yes), > SUBSCRIBE INBOX.gmail.INBOX (or others) yields > 0 NO [SERVERBUG] Internal error occurred. Refer to server log for more information. [2011-09-09 16:39:40] > logging (with mail_debug=yes) only > Sep 9 16:39:40 host dovecot: imap(1143, user): Error: stat((null)) failed: Bad address After putting (with subscriptions=no) an entry manually into the root subscriptions file, everything including UNSUBSCRIBE works fine. Lutz From al-dovecot at none.at Sun Sep 11 23:35:00 2011 From: al-dovecot at none.at (Aleksandar Lazic) Date: Sun, 11 Sep 2011 22:35:00 +0200 Subject: [Dovecot] Sieve envelope :detail "to" "xxx" does not deliver to fileinto destination Message-ID: <20110911203500.GA22889@none.at> Dear Listmember. I try to migrate from my current courier-mta setup fo postfix dovecot setup. I use the following scirpt to filter to the destination mailbox. ### /var/vmail/none.at/al/sieve/lists.sieve require ["fileinto", "subaddress", "envelope" ]; if envelope :detail "to" "pdnsusers" { fileinto "Lists.pdnsusers"; } ### postfix/master ### dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop} -a ${original_recipient} # flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop} -m ${extension} -a ${original_recipient} ### Log ### Sep 11 21:47:48 lvps46-163-74-15 postfix/smtpd[7788]: connect from Sep 11 21:48:12 lvps46-163-74-15 postfix/smtpd[7788]: 495EF9FECAF9: Sep 11 21:48:27 lvps46-163-74-15 postfix/cleanup[7795]: 495EF9FECAF9: message-id=<> Sep 11 21:48:27 lvps46-163-74-15 postfix/qmgr[7785]: 495EF9FECAF9: from=, size=268, nrcpt=1 (queue active) Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda: Debug: Loading modules from directory: /usr/lib/dovecot/modules Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda: Debug: Module loaded: /usr/lib/dovecot/modules/lib90_sieve_plugin.so Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda: Debug: auth input: al at none.at uid=5000 gid=5000 home=/var/vmail/none.at/al Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: Effective uid=5000, gid=5000, home=/var/vmail/none.at/al Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: maildir: root exists (/var/vmail/none.at/al/Maildir) Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: maildir++: root=/var/vmail/none.at/al/Maildir, index=, control=, inbox=/var/vmail/none.at/al/Maildir, alt= Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: none: root=, index=, control=, inbox=, alt= Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: Destination address: al-pdnsuser at none.at (source: -a parameter) Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: sieve: using sieve path for user's script: /var/vmail/none.at/al/.dovecot.sieve Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: sieve: opening script /var/vmail/none.at/al/.dovecot.sieve Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: sieve: script binary /var/vmail/none.at/al/.dovecot.svbin successfully loaded Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: sieve: binary save: not saving binary /var/vmail/none.at/al/.dovecot.svbin, because it is already stored Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: sieve: executing script from /var/vmail/none.at/al/.dovecot.svbin Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): sieve: msgid=unspecified: stored mail into mailbox 'INBOX' Sep 11 21:48:27 lvps46-163-74-15 postfix/pipe[7797]: 495EF9FECAF9: to=, relay=dovecot, delay=28, delays=28/0.02/0/0.22, dsn=2.0.0, status=sent (delivered via dovecot service) Sep 11 21:48:27 lvps46-163-74-15 postfix/qmgr[7785]: 495EF9FECAF9: removed Sep 11 21:48:28 lvps46-163-74-15 postfix/smtpd[7788]: disconnect from xxx ### dovecot -n => attachment dovecot_-n Due to the fact that I'am new to dovecot and sieve I hope anybody can help the solve this issue. My target is to filter the mailinglists based on address extention or is it better to filter on to header? Is there a 'log' or 'print' command in the sieve filter or how can I write a message to the log file? Many thanks for your help BR Aleks -------------- next part -------------- # 2.0.14: /etc/dovecot/dovecot.conf # OS: Linux 2.6.18-028stab092.1 x86_64 Ubuntu 10.04.3 LTS auth_mechanisms = plain login digest-md5 cram-md5 disable_plaintext_auth = no log_timestamp = "%Y-%m-%d %H:%M:%S " mail_debug = yes mail_privileged_group = mail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date passdb { args = /etc/dovecot/dovecot-sql.conf driver = sql } protocols = imap recipient_delimiter = - service auth { unix_listener auth-userdb { group = vmail mode = 0755 user = vmail } user = root } ssl_cert = References: <4E6ACC6C.6020200@acm.org> <1315623777.5820.21.camel@tardis> <20110910031616.GN32704@bender.csupomona.edu> <1315644599.5471.12.camel@tardis> Message-ID: <20110911220504.GD27941@bender.csupomona.edu> On Sat, Sep 10, 2011 at 01:49:59AM -0700, Noel Butler wrote: > Sounds like you have bigger issues, maybe relating as to why the primary > fails? For testing purposes, it fails because I stick a firewall rule in place preventing access to it ;). In production, it came to our attention because a hardware failure required downtime on one of the mysql servers to replace parts, and we received complaints of failed authentications while it was down. In general, both are up, but things using them need to be able to survive when one is down. > primary (local slave copy) has gone away unless I'm deliberately > upgrading mysql ) when doing so (tested) it hits the master server (as > in secondary host=) right away, no auth failures. Hmm, what version of dovecot are you using? In version 1 failover seems to work if the primary returns connection refused (which your scenario would). In version 2, it seems flaky for both connection refused and connection timed out. Unless I've got something misconfigured, but there doesn't seem to be that much to it... -- Paul B. Henson | (909) 979-6361 | http://www.csupomona.edu/~henson/ Operating Systems and Network Analyst | henson at csupomona.edu California State Polytechnic University | Pomona CA 91768 From listas.correo at yahoo.es Mon Sep 12 11:14:03 2011 From: listas.correo at yahoo.es (mailing lists) Date: Mon, 12 Sep 2011 09:14:03 +0100 (BST) Subject: [Dovecot] NO Unknown subscription namespace. Message-ID: <1315815243.20177.YahooMailNeo@web29114.mail.ird.yahoo.com> Hello, what this message means? "NO Unknown subscription namespace." the shared namespace is visible and I can fetch messages from it, but subscription fails with the above message. (user002 is sharing the folder named docs-users002 with user user001) # telnet localhost 143 Trying ::1... Connected to localhost. Escape character is '^]'. * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN] Dovecot ready. . login user001 secret . OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS ACL RIGHTS=texk] Logged in . list "shared." "*" * LIST (\Noselect \HasChildren) "." "shared.user002" . OK List completed. . list "shared.user002." "*" * LIST (\HasNoChildren) "." "shared.user002.docs-user002" . OK List completed. . list "shared.user002.docs-user002." "*" . OK List completed. . select "shared.user002.docs-user002" * FLAGS (\Answered \Flagged \Deleted \Seen \Draft) * OK [PERMANENTFLAGS (\Answered \Flagged \Deleted \Seen \Draft)] Flags permitted. * 2 EXISTS * 0 RECENT * OK [UIDVALIDITY 1315765265] UIDs valid * OK [UIDNEXT 3] Predicted next UID * OK [HIGHESTMODSEQ 3] Highest . OK [READ-WRITE] Select completed. . fetch 1 all * 1 FETCH (FLAGS (\Seen) INTERNALDATE "24-Nov-2009 11:58:34 +0100" RFC822.SIZE 3734 ENVELOPE ("Tue, 24 Nov 2009 07:58:34 -0400 (AST)" "Thank you for registering for the Red Hat Virtual Experience" (("support at virtualevents365.com" NIL "support" "virtualevents365.com")) (("support at virtualevents365.com" NIL "support" "virtualevents365.com")) (("support at virtualevents365.com" NIL "support" "virtualevents365.com")) (("damocles- at hotmail.com" NIL "damocles-" "hotmail.com")) NIL NIL NIL "<6955854.2731259063914762.JavaMail.root at app130.vs.int.cgsinc.ca>")) . OK Fetch completed. . subscribe "shared.user002.docs-user002" . NO Unknown subscription namespace. . logout * BYE Logging out . OK Logout completed. Connection closed by foreign host. ???? /----------------/ namespace { ? inbox = yes ? location = ? prefix = INBOX. ? separator = . ? subscriptions = yes } namespace { ? list = yes ? location = maildir:/var/virtual-maildir/%%n ? prefix = shared.%%n. ? separator = . ? subscriptions = no ? type = shared } From mike at skew.org Mon Sep 12 11:55:22 2011 From: mike at skew.org (Mike Brown) Date: Mon, 12 Sep 2011 02:55:22 -0600 Subject: [Dovecot] signal 11 crash, sometimes, during mbox bz2 decompression In-Reply-To: <1314121664.10421.1314.camel@hurina> References: <201108161100.p7GB0P3R073897@chilled.skew.org> <1314121664.10421.1314.camel@hurina> Message-ID: <4E6DC8FA.2050709@skew.org> On 8/23/2011 11:47 AM, Timo Sirainen wrote: > On Tue, 2011-08-16 at 05:00 -0600, Mike Brown wrote: > >> I'm running dovecot 1.2.16 from the ports collection on FreeBSD 8.1-STABLE, >> amd64. > .. Thanks for the reply. Since you recommended updating to dovecot2, I'm now testing dovecot 2.0.14 from the ports collection on a different machine. Hopefully I got the configuration right. # dovecot -n # 2.0.14: /usr/local/etc/dovecot/dovecot.conf # OS: FreeBSD 8.2-RELEASE-p2 i386 mail_location = mbox:~/mail:INBOX=/var/mail/%u mail_plugins = " zlib" passdb { args = %s driver = pam } plugin { zlib_save = bz2 zlib_save_level = 9 } protocols = imap ssl_cert = >> Well .. I'm not entirely sure if the current behavior is good or not, but what you need to do to get it working is to add two quota roots. One for /home/pit/mail (i.e. without specifying mount=) and another for the INBOX's /var/spool/mail. > Don't work... :-( After I installed version 2.0.13 - mount is correct: # doveadm -Dv quota get -u pit doveadm(pit): Debug: auth input: pit system_groups_user=pit uid=500 gid=500 home=/home/pit doveadm(pit): Debug: Effective uid=500, gid=500, home=/home/pit doveadm(pit): Debug: Quota root: name=INBOX backend=fs args=mount=/var/spool/mail doveadm(pit): Debug: Quota rule: root=INBOX mailbox=* bytes=19922944 messages=0 doveadm(pit): Debug: Quota warning: bytes=3984588 (20%) messages=0 reverse=no command=quota-warning 20 pit doveadm(pit): Debug: fs: root=/home/pit/mail, index=, control=, inbox=/var/spool/mail/pit doveadm(pit): Debug: fs quota add mailbox dir = /var/spool/mail doveadm(pit): Debug: fs quota block device = /dev/mapper/mpath1p1 doveadm(pit): Debug: fs quota mount point = /var/spool/mail doveadm(pit): Debug: fs quota mount type = ext2 Quota name Type Value Limit % INBOX STORAGE 4824 19456 24 But now don't work script quota-warning.sh: #!/bin/sh PERCENT=$1 USER=$2 cat << EOF | /usr/libexec/dovecot/dovecot-lda -d $USER -o "plugin/quota=fs:INBOX:mount=/var/spool/mail:noenforcing" From: postmaster at domen.org Subject: quota warning Your mailbox is now $PERCENT% full. EOF #dovecot -n # 2.0.13: /etc/dovecot/dovecot.conf # OS: Linux 2.6.18-274.3.1.el5.asp121 x86_64 Red Hat Enterprise Linux Server release 5.6 (Tikanga) disable_plaintext_auth = no listen = * log_path = /var/log/dovecot.log mail_debug = yes mail_location = mbox:~/mail:INBOX=/var/spool/mail/%u mail_plugins = quota mail_privileged_group = mail mbox_write_locks = fcntl passdb { driver = pam } plugin { quota = fs:INBOX:mount=/var/spool/mail quota_rule = *:storage=19456 quota_warning = storage=20%% quota-warning 20 %u } protocols = pop3 service quota-warning { executable = script /usr/local/bin/quota-warning.sh unix_listener quota-warning { mode = 0666 } user = root } ssl_cert = References: <1315563414.3876.50.camel@hurina> <20110909102128.GA762256@gabi.sernet.de> <20110909144349.GA846637@gabi.sernet.de> Message-ID: <1315822557.7326.0.camel@hurina> On Sun, 2011-09-11 at 21:50 +0200, Lutz Pre?ler wrote: > On Fri, 09 Sep 2011, Lutz Pre?ler wrote: > > LIST is now working correctly in my setup, but SUBSCRIBE ist not. > > With subscriptions=no, as written (but same behaviour with subscriptions=yes), > > SUBSCRIBE INBOX.gmail.INBOX (or others) yields > > 0 NO [SERVERBUG] Internal error occurred. Refer to server log for more information. [2011-09-09 16:39:40] > > logging (with mail_debug=yes) only > > Sep 9 16:39:40 host dovecot: imap(1143, user): Error: stat((null)) failed: Bad address > After putting (with subscriptions=no) an entry manually into the root > subscriptions file, everything including UNSUBSCRIBE works fine. Yeah, but then remote subscriptions don't work. I think the imapc subscription problems and namespace prefix problems are now fixed in hg. From tss at iki.fi Mon Sep 12 13:17:21 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 13:17:21 +0300 Subject: [Dovecot] 2.1: imapc LIST problem / usage question In-Reply-To: References: <1315563414.3876.50.camel@hurina> Message-ID: <1315822641.7326.2.camel@hurina> On Fri, 2011-09-09 at 12:21 +0200, Lutz Pre?ler wrote: > > > Second question: Is there a way to include multiple imapc instances/ > > > namespaces with e.g. different destinations servers? I don't see how > > > because imapc_* parameters seem to be global (now), but it would be a very > > > useful feature. > > > > I don't really understand. You're already returning per-user imapc > > namespace from userdb. What's missing? > One local dovecot user, multiple remote IMAP servers included in different > namespaces. I think you should be able to return e.g. "namespace=ns1 ns2" and then return namespaces for namespace/ns1/* and namespace/ns2/*. From tss at iki.fi Mon Sep 12 13:21:58 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 13:21:58 +0300 Subject: [Dovecot] Problem with configuring dovecot to take namespaces from database In-Reply-To: <4E69F758.8050008@mejor.pl> References: <4E6782CB.1060803@mejor.pl> <04EE142A-25EF-4018-A8AB-C3A35CDF7B4E@iki.fi> <4E6786CF.2020102@mejor.pl> <4E678B66.60602@mejor.pl> <8F07F485-4BC4-40E5-A520-7F59C87A7863@iki.fi> <4E688A28.1090800@mejor.pl> <1315474812.3876.23.camel@hurina> <4E68A060.8090306@mejor.pl> <1315487921.3876.40.camel@hurina> <4E69F758.8050008@mejor.pl> Message-ID: <1315822918.7326.5.camel@hurina> On Fri, 2011-09-09 at 13:24 +0200, Marcin Miros?aw wrote: > Ok, maybe could it be possible to do it in other way: > -------------------------------------------------------------------- > |user_id | namespace_full_definition | > -------------------------------------------------------------------- > | 7684 | /name=test1/prefix=test1./location=mdbox:~/test1/.mdbox/ > name=test2/prefix=test2/location=... | > -------------------------------------------------------------------- > > but this isn't supported by dovecot as i know. Not exactly like that, but you should be able to have a field called "userdb_import" that contains data like: namespace=n1 n2namespace/n1/prefix=blah.etc. other fields The s would of course have to be actual tab characters. From tss at iki.fi Mon Sep 12 13:25:02 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 13:25:02 +0300 Subject: [Dovecot] NO Unknown subscription namespace. In-Reply-To: <1315815243.20177.YahooMailNeo@web29114.mail.ird.yahoo.com> References: <1315815243.20177.YahooMailNeo@web29114.mail.ird.yahoo.com> Message-ID: <1315823103.7326.8.camel@hurina> On Mon, 2011-09-12 at 09:14 +0100, mailing lists wrote: > Hello, > > what this message means? > > "NO Unknown subscription namespace." It means that the namespace itself has subscriptions=no, and there are no "parent namespaces" with subscriptions=yes. > namespace { > inbox = yes > location = > prefix = INBOX. > separator = . > subscriptions = yes > } > namespace { > list = yes > location = maildir:/var/virtual-maildir/%%n > prefix = shared.%%n. > separator = . > subscriptions = no > type = shared > } I guess you'd want INBOX. namespace to handle the subscriptions here, but it doesn't work like that because in some configuration it could be ambiguous which namespace to use.. You'll need to create a prefix="" namespace to handle the subscriptions. For example: namespace { prefix = list = no hidden = yes } From tss at iki.fi Mon Sep 12 13:28:18 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 13:28:18 +0300 Subject: [Dovecot] setacl on complete mailbox In-Reply-To: <344f5f741af038d8ae8aaab40b4267fa@kokelnet.de> References: <344f5f741af038d8ae8aaab40b4267fa@kokelnet.de> Message-ID: <1315823298.7326.10.camel@hurina> On Sun, 2011-09-11 at 18:40 +0200, Tobias Hachmer wrote: > Hi List, > > how can I grant a user full control on another mailbox (the complete > mailbox with all folder and subfolders). > With the setacl command I could do this but first I have to list all > folders and then I have to do one setacl command for each folder. > > Is there a command to this in one line? Not currently. I guess doveadm acl commands could be modified to support wildcards quite easily. > Also for new created folders? Newly created folders' ACLs are copied from their parent at the create time. From tss at iki.fi Mon Sep 12 13:31:03 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 13:31:03 +0300 Subject: [Dovecot] Read-only mbox files In-Reply-To: <20110909194433.GB1243@carrick-users.bishnet.net> References: <20110909194433.GB1243@carrick-users.bishnet.net> Message-ID: <1315823464.7326.12.camel@hurina> On Fri, 2011-09-09 at 20:44 +0100, Tim Bishop wrote: > The setup is that my main namespace points at my Maildir mail folders. > In addition to this I have a second namespace that points at some old > archived mbox folders. I rarely need to access these folders, but when I > do Dovecot modifies the files (adding UID headers, etc). > > What I'd like to do is make it so that Dovecot can't change these files. > I thought there might be a setting to mark a mail_location as read-only, > but I can't find anything like that. I've looked at ACLs too, but they > seem to be more about user access that what Dovecot can do to files. Not possible without modifying Dovecot code, and seems like such a rarely wanted feature that it's not really worth the trouble, especially because..: > I could just do this at the filesystem level, but I'd feel a bit happier > about working with Dovecot rather than trying to work around it. Yeah, just chmod a-w them and that'll work. You don't want anything modifying them anyway, right? So seems like a pretty clean solution to me. From tss at iki.fi Mon Sep 12 13:33:27 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 13:33:27 +0300 Subject: [Dovecot] userdb static & Quota from LDAP? In-Reply-To: <20110909215855.GA4680@chemie.uni-hamburg.de> References: <20110909215855.GA4680@chemie.uni-hamburg.de> Message-ID: <1315823607.7326.14.camel@hurina> On Fri, 2011-09-09 at 23:58 +0200, Christian Schmidt wrote: > userdb { > driver = static > args = uid=vmail gid=vmail home=/var/maildir/%u > } These can be replaced with global settings: mail_uid = vmail mail_gid = vmail mail_home = /var/maildir/%u > Now I'd like to add per-user quotas that will also be stored in the > LDAP directory, and I'm not sure how to put things together. > IMHO quota is the only "userdb information" requested from LDAP, and > I'd like to leave all the other "userdb pieces" as the are. I changed > the userdb definition to: > userdb { > driver = ldap > args = /etc/dovecot/conf.d/ldap-userdb.ext > } > > My /etc/dovecot/conf.d/ldap-userdb.ext contains (along other lines): > > user_attrs = uid=vmail,gid=vmail,home=/var/maildir/%u,mailQuota=quota=quota_rule=*:storage=%$ Just set those global settings and drop uid/gid/home from here. Or you could get them working here too, but the syntax is slightly wrong: user_attrs = =uid=vmail, =gid=vmail, .. (With the above settings you're telling Dovecot that LDAP "uid" field will be assigned to Dovecot's "vmail" field, and the "gid" field immediately overrides it, and LDAP "home" field's value is set to Dovecot's "/var/maildir/%u" field.) From tss at iki.fi Mon Sep 12 13:37:26 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 13:37:26 +0300 Subject: [Dovecot] Mails repopping In-Reply-To: <004b01cc6f13$04a166d0$0de43470$@brereton@buongiorno.com> References: <004b01cc6f13$04a166d0$0de43470$@brereton@buongiorno.com> Message-ID: <1315823847.7326.17.camel@hurina> On Fri, 2011-09-09 at 13:07 -0400, Simon Brereton wrote: > I have a server that's been running Courier for about 6 years and in > all that time I think I've only ever had 1 issues where an entire mail > box was repopped by a webmail client. However, since moving to a new > server and dovecot 4 weeks ago, I've now had the webmail client repop > this account 4 times (there are about 230 mails in the account). > > Is there a setting I need to tighten to prevent/remedy this? I have > no idea if it's happening on other accounts, but this is one that I > see. The format is maildir. There has been no changes to the webmail > client. dovecot -n output would have been nice. Also do you see anything in error logs? If you're using the default pop3_uidl_format it'll rely on IMAP UIDs to stay the same, and I guess it's possible that due to some other problem they change (that should be logged as an error/warning though). You could try setting pop3_uidl_format=%f, but it will cause everyone to redownload mails. With newer Dovecot versions you could set pop3_save_uidl=yes and when you think everyone's downloaded mails once you can safely change the pop3_uidl_format. From tss at iki.fi Mon Sep 12 13:40:12 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 13:40:12 +0300 Subject: [Dovecot] How to get rid of sub-folders ? In-Reply-To: <1315581724.65256.YahooMailNeo@web27201.mail.ukl.yahoo.com> References: <1315581724.65256.YahooMailNeo@web27201.mail.ukl.yahoo.com> Message-ID: <1315824012.7326.19.camel@hurina> On Fri, 2011-09-09 at 16:22 +0100, Spyros Tsiolis wrote: > OK, no answers on my previous e-mail. I'll rephrase it. > How can I get rid of subfolders on a users' tree-like structure on dovecot ? > Which file must I "touch" ? This still isn't very understandable. You can delete subfolders with either IMAP client (= IMAP DELETE command) or simply rm -rf in the filesystem. Or do you mean moving the subfolders to be root level folders? Again IMAP client should be able to do this, or in filesystem level (assuming Maildir++) you'd do something like: mv ~/Maildir/.root.subfolder ~/Maildir/.subfolder From tss at iki.fi Mon Sep 12 13:43:28 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 13:43:28 +0300 Subject: [Dovecot] quota percents In-Reply-To: <87sjo5wkfy.fsf@algae.riseup.net> References: <87sjo5wkfy.fsf@algae.riseup.net> Message-ID: <1315824208.7326.21.camel@hurina> On Fri, 2011-09-09 at 16:05 -0400, Micah Anderson wrote: > I've noticed that http://wiki2.dovecot.org/Quota/Configuration is out of > date, it says: > > plugin { > quota = maildir:User quota > quota_rule = *:storage=1GB > # 10% of 1GB = 100MB > quota_rule2 = Trash:storage=10%% > # 20% of 1GB = 200MB > quota_rule3 = Spam:storage=20%% > } > > but if you use the '10%%' notation, dovecot complains, and *also* incorrectly: > > dovecot: imap(test at example.net): Warning: quota root mail quota rule Trash:bytes=10%: obsolete configuration for rule 'bytes=10%' should be changed to 'bytes=+10%' Right, fixed in wiki. Although this was only a warning, so it still worked. > its incorrect because if you change it to what it suggests ('+10%') it > wont work because that wont be 10% more, rather, it is set to bytes=+10: Well, that's a more complex problem. The %% escaping needs to be done in dovecot.conf, but it doesn't need to be done elsewhere. If this said that "use +10%%" and someone gives that in SQL user_query, it will break. So I'm not changing the warning. > However, it doesn't seem to work in practice, because I have a user that > is at 99% of quota, with nothing in the Trash who cannot move a 77KB > message into the Trash without getting the quota_exceeded message and > refusing to move it. dovecot -n output? From tss at iki.fi Mon Sep 12 13:44:34 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 13:44:34 +0300 Subject: [Dovecot] problem migrating from maildir to dbox In-Reply-To: <95E776CC-912A-4BD4-A99E-AA930E5CCBFB@uib.es> References: <95E776CC-912A-4BD4-A99E-AA930E5CCBFB@uib.es> Message-ID: <1315824275.7326.22.camel@hurina> On Fri, 2011-09-09 at 14:19 +0200, Ram?n Frontera wrote: > Hello, > we want to migrate Mail folders from Maildir to dbox without downtime. > We change the mail_location to dbox in 10-mail.conf and restart dovecot. > After that we use dsync -u user mirror maildir:~/Maildir. > The problem is that if INBOX exists the dsync create a new folder with name like b5893c0a93ff694e551200002dfa3112 > Can I migrate to the existing INBOX? or How can I merge the 2 INBOX folders? dovecot -n output? From dick at fouter.net Mon Sep 12 14:03:07 2011 From: dick at fouter.net (Dick Middleton) Date: Mon, 12 Sep 2011 12:03:07 +0100 Subject: [Dovecot] Dsync and hidden files Message-ID: <4E6DE6EB.3080000@fouter.net> Hi, I'm in the process of changing from Dovecot v1 to v2 and changing to mdbox in the process. I've come across a little problem which I was hoping there would be a workaround for. There are sieve config files in the home directories which are hidden files. Dsync croaks when it finds one of these because they are not mbox format. It would be nice if they were ignored (or copied unchanged). Is there another way to deal with them other than by deleting thm? Dick From tss at iki.fi Mon Sep 12 14:04:16 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 14:04:16 +0300 Subject: [Dovecot] dovecot 2.0.12: mdbox & quota=dirsize In-Reply-To: References: Message-ID: <1315825456.7326.26.camel@hurina> On Fri, 2011-09-09 at 15:24 +0400, ????? ?????? wrote: > #doveconf -v > ...................... > quota = dirsize:User quota > quota_debug = yes There's no such setting as quota_debug. > then i change ./dovecot-2.0.12/src/plugins/quota?/quota-dirsize.c > 165-- path = mailbox_list_get_path(namespaces[i]->list, NULL,? > 166-- MAILBOX_LIST_PATH_TYPE_MAILBOX?); > 165++ path = mailbox_list_get_path(namespaces[i]->list, NULL, > 166++ MAILBOX_LIST_PATH_TYPE_DIR);?? Well.. Hmm. I suppose that's ok. Done: http://hg.dovecot.org/dovecot-2.0/rev/9ea79795088d (Looks like hg web doesn't like UTF-8 in your name.) From Lutz.Pressler at SerNet.DE Mon Sep 12 14:20:06 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Mon, 12 Sep 2011 13:20:06 +0200 Subject: [Dovecot] multiple "imapc namespaces" Re: 2.1: imapc LIST problem / usage question In-Reply-To: <1315822641.7326.2.camel@hurina> References: <1315563414.3876.50.camel@hurina> <1315822641.7326.2.camel@hurina> Message-ID: On Mo, 12 Sep 2011, Timo Sirainen wrote: > On Fri, 2011-09-09 at 12:21 +0200, Lutz Pre?ler wrote: > > > > > Second question: Is there a way to include multiple imapc instances/ > > > > namespaces with e.g. different destinations servers? I don't see how > > > > because imapc_* parameters seem to be global (now), but it would be a very > > > > useful feature. > > > > > > I don't really understand. You're already returning per-user imapc > > > namespace from userdb. What's missing? > > One local dovecot user, multiple remote IMAP servers included in different > > namespaces. > > I think you should be able to return e.g. "namespace=ns1 ns2" and then > return namespaces for namespace/ns1/* and namespace/ns2/*. Now _I_ don't really understand ;-). This is necessary, yes, but how do I set different remote parameters (imapc_host, imapc_user, ...) for each one? Lutz From tss at iki.fi Mon Sep 12 14:28:52 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 14:28:52 +0300 Subject: [Dovecot] signal 11 crash, sometimes, during mbox bz2 decompression In-Reply-To: <4E6DC8FA.2050709@skew.org> References: <201108161100.p7GB0P3R073897@chilled.skew.org> <1314121664.10421.1314.camel@hurina> <4E6DC8FA.2050709@skew.org> Message-ID: <1315826932.7326.27.camel@hurina> On Mon, 2011-09-12 at 02:55 -0600, Mike Brown wrote: > On this system, I have the same setup with bz2-compressed mbox files. > They're still inaccessible from Thunderbird, but dovecot isn't crashing > with signal 11 anymore. Instead, the maillog says this for every > compressed box it tries to check: > > Sep 12 02:37:14 chilled dovecot: imap(mike): Error: > read(/home/mike/mail/old/sent-1999-07.bz2) failed: Invalid argument (uid=2) > Sep 12 02:37:14 chilled dovecot: imap(mike): Disconnected: Internal > error occurred. Refer to server log for more information. [2011-09-12 > 02:37:14] bytes=5492/2664368 > Sep 12 02:37:14 chilled dovecot: imap(mike): Error: Next message > unexpectedly lost from mbox file /home/mike/mail/old/sent-1999-07.bz2 at > 536 (cached) Oh, wonder why no one else has complained about that. Fixed: http://hg.dovecot.org/dovecot-2.0/rev/a930318a74a1 From tss at iki.fi Mon Sep 12 14:30:21 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 14:30:21 +0300 Subject: [Dovecot] multiple "imapc namespaces" Re: 2.1: imapc LIST problem / usage question In-Reply-To: References: <1315563414.3876.50.camel@hurina> <1315822641.7326.2.camel@hurina> Message-ID: <1315827025.7326.29.camel@hurina> On Mon, 2011-09-12 at 13:20 +0200, Lutz Pre?ler wrote: > > I think you should be able to return e.g. "namespace=ns1 ns2" and then > > return namespaces for namespace/ns1/* and namespace/ns2/*. > Now _I_ don't really understand ;-). This is necessary, yes, but how > do I set different remote parameters (imapc_host, imapc_user, ...) > for each one? Oh, yeah, didn't think about that :) I was considering making those settings per-namespace though.. Then you could change namespace/ns1/imapc_* settings. I guess most mail-related settings could be made per-namespace. I'll see if I can manage to do it easily. :) From ramon.frontera at uib.es Mon Sep 12 14:52:01 2011 From: ramon.frontera at uib.es (=?iso-8859-1?Q?Ram=F3n_Frontera?=) Date: Mon, 12 Sep 2011 13:52:01 +0200 Subject: [Dovecot] problem migrating from maildir to dbox In-Reply-To: <1315824275.7326.22.camel@hurina> References: <95E776CC-912A-4BD4-A99E-AA930E5CCBFB@uib.es> <1315824275.7326.22.camel@hurina> Message-ID: <16C8C54C-F9E5-4786-B52F-44E27CF7DD54@uib.es> hello, thanks in advance! Regards, $ dovecot -n # 2.0.13: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-131.6.1.el6.x86_64 x86_64 Red Hat Enterprise Linux Server release 6.1 (Santiago) nfs base_dir = /var/run/dovecot/ first_valid_uid = 96 listen = 10.80.82.21 log_path = /var/log/dovecot.log mail_gid = 97 mail_location = sdbox:/vmail/0/%u/dbox mail_plugins = acl quota mail_log notify mail_uid = 97 managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date mbox_write_locks = fcntl mmap_disable = yes namespace { hidden = no inbox = yes list = yes location = prefix = separator = / subscriptions = yes type = private } namespace { hidden = no inbox = no list = children location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%n prefix = shared/%%n/ separator = / subscriptions = no type = shared } passdb { driver = pam } passdb { args = /etc/dovecot/dovecot-ldap-pass.conf.ext.local driver = ldap } passdb { args = scheme=plain username_format=%u /etc/dovecot/imap.passwd driver = passwd-file } plugin { acl = vfile acl_shared_dict = file:/vmail/1/dovecot/shared-mailboxes quota = maildir:User quota quota_rule = *:storage=2500M quota_rule2 = Trash:storage=+500M quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=80%% quota-warning 80 %u } postmaster_address = xavier.pons at uib.es protocols = imap pop3 lmtp sieve service auth { unix_listener auth-userdb { group = vmail mode = 0660 } } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } } service lmtp { inet_listener lmtp { port = 30025 } } service pop3-login { inet_listener pop3 { port = 110 } inet_listener pop3s { port = 995 ssl = yes } } service quota-warning { executable = script /usr/local/bin/quota-warning.sh unix_listener quota-warning { user = vmail } user = dovecot } ssl = required ssl_cert = On Fri, 2011-09-09 at 14:19 +0200, Ram?n Frontera wrote: >> Hello, >> we want to migrate Mail folders from Maildir to dbox without downtime. >> We change the mail_location to dbox in 10-mail.conf and restart dovecot. >> After that we use dsync -u user mirror maildir:~/Maildir. >> The problem is that if INBOX exists the dsync create a new folder with name like b5893c0a93ff694e551200002dfa3112 >> Can I migrate to the existing INBOX? or How can I merge the 2 INBOX folders? > > dovecot -n output? > > From tss at iki.fi Mon Sep 12 14:52:19 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 14:52:19 +0300 Subject: [Dovecot] MySQL, map files In-Reply-To: <1315525950.915.YahooMailNeo@web39420.mail.mud.yahoo.com> References: <1315525950.915.YahooMailNeo@web39420.mail.mud.yahoo.com> Message-ID: <1315828341.7326.35.camel@hurina> On Thu, 2011-09-08 at 16:52 -0700, Steve Fatula wrote: > I'll try and break up my questions the other day about extdata that > went unanswered into pieces in the hopes it will be more specific and > clear. > > In general, I am trying to figure out the syntax of the map statement > and what is allowed in that statement. So, by map statement, I mean > for example perhaps the dovecot-dict-expire.conf.ext file as shown in > the doc. Is the syntax the same for the various types of files (quota > vs expire)? Is there syntax to allow the specification of a different > key? If so, where is this documented. I have an existing table I want > to use, not the table shown in the doc. They aren't really documented anywhere. Also I'm kind of hoping one day to replace the files anyway with a new syntax that allows mixed configuration of sql/file/other backends. The dict configuration itself is anyway generic and works basically the same for expire/quota/others, except they use different keys (=different patterns when matching). I'm not sure if there is any useful way to even explain how it works now. There is the example SQL configuration for expire and quota. Somewhere in wiki is example flat file config for them. There's really not much else you can do with them. > The reason I am asking is I have seen web pages that reference all > sorts of statements within the map statement, and I have no idea where > they are documented. Specifically, I see an example here (which is > LDAP), look in section 3: > > http://dovecot.org/patches/1.2/ldap/HOWTO_dictldap+extdata.txt > > > You will see lots of statements, not sure which ones can be used for > MySQL (instead of LDAP). That patch's mapping references to Pigeonhole's extdata plugin. If you install that plugin you can use SQL or flat file for the same maps. > So, would like to find a list of ALL valid syntax within the map. Plugins can always add more maps. From tss at iki.fi Mon Sep 12 15:06:44 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 15:06:44 +0300 Subject: [Dovecot] problem migrating from maildir to dbox In-Reply-To: <16C8C54C-F9E5-4786-B52F-44E27CF7DD54@uib.es> References: <95E776CC-912A-4BD4-A99E-AA930E5CCBFB@uib.es> <1315824275.7326.22.camel@hurina> <16C8C54C-F9E5-4786-B52F-44E27CF7DD54@uib.es> Message-ID: <1315829204.7326.38.camel@hurina> On Mon, 2011-09-12 at 13:52 +0200, Ram?n Frontera wrote: > >> After that we use dsync -u user mirror maildir:~/Maildir. > >> The problem is that if INBOX exists the dsync create a new folder with name like b5893c0a93ff694e551200002dfa3112 > >> Can I migrate to the existing INBOX? or How can I merge the 2 INBOX folders? Have you created the dbox directory before running dsync? And opened it with some tool? I tried with your config and it worked fine. The reason why these duplicate INBOXes happen is when INBOX exists both in source and in destination when dsync is run. Typically this means that you've created the destination INBOX already by e.g. logging in or delivering a mail there or something.. From ajb2 at mssl.ucl.ac.uk Mon Sep 12 15:11:16 2011 From: ajb2 at mssl.ucl.ac.uk (Alan Brown) Date: Mon, 12 Sep 2011 13:11:16 +0100 Subject: [Dovecot] general advice sought Message-ID: <4E6DF6E4.2070102@mssl.ucl.ac.uk> I'd like to hear the thoughts of list members on which type of storage method seems "best" for inboxes and for folders. The filesystem is GFS2 and for various reasons I can't change it. Inboxes - currently Mbox format. Some users have upwards of 5000 messages in there (the largest is about 18k entries) and thanks to attachments some inboxes are 40-200Mb with a few sitting at 2-3Gb. (Suicidal, I know but enforcing rules is politik-laden and getting academics to behave sensibly is like herding cats) Folders: Mdir format. Thanks to GFS2 filesystem limitations(*) I'm currently enforcing a limit of 4000 messages/folder. It'd be nice to have a "better" way of storing these which doesn't drive up backup loads tremendously. The mail spool has around 6 million files in the folders, covering about 400Gb. GFS2 filesystem limitations are painful. While there are no hard limits, It really doesn't cope well with a lot of files in any given directory thanks to limitations in the way that cluster locking is propagated, There are marked slowdowns about 100 files, this becomes awful above 1000 and effectively unusable above about 8000 entries as the entire IO system gets halted momentarily when such directories are opened and the directory may take up to 5 minutes to return a "ls" result. Some users had upwards of 80k files in their mail folders (~40k messages) and accessing these brought the entire system to a halt. If I migrate to other formats (eg mdbox), then it needs to be able to be done on the fly. (Taking the mailservers down for a day won't go down well, even an hour raises howls). Any suggestions? From tss at iki.fi Mon Sep 12 15:30:45 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 15:30:45 +0300 Subject: [Dovecot] mysql auth failover failing In-Reply-To: <4E6ACC6C.6020200@acm.org> References: <4E6ACC6C.6020200@acm.org> Message-ID: <1315830646.7326.46.camel@hurina> On Fri, 2011-09-09 at 19:33 -0700, Paul B. Henson wrote: > According to the sample SQL configuration file "HA / round-robin > load-balancing is supported by giving multiple host settings, like: > host=sql1.host.org host=sql2.host.org". > > However, as far as I can tell dovecot only connects to the first listed > host, and processes all queries through it, there does not appear to be > any load-balancing going on. The current code creates connection to the second server only when the first connection is already busy with an SQL query, or when it's not working. Once there are more connections, it starts doing round robin lookups. This works okay enough with PostgreSQL because it does asynchronous lookups, so two simultaneous lookups create a second connection. MySQL does synchronous lookups though, so the second connection is normally never created. I suppose the fix to this would be to always connect to all SQL servers at startup. > That's not necessarily a dealbreaker; however, high-availability does > not appear to be working either. > > If I shutdown the first mysql server, dovecot starts to log connection > failures: > > Sep 9 15:47:34 tweak dovecot: auth: Error: > mysql(mysql-1.unx.csupomona.edu): Connect failed to database (idmgmt): > Can't connect to MySQL server on 'mysql-1.unx.csupomona.edu' (111) - > waiting for 1 seconds before retry > > Sep 9 15:47:39 tweak dovecot: auth: Error: > mysql(mysql-1.unx.csupomona.edu): Connect failed to database (idmgmt): > Can't connect to MySQL server on 'mysql-1.unx.csupomona.edu' (111) - > waiting for 25 seconds before retry Those are intentional. > And postfix starts to fail authentications: > > Sep 9 15:47:35 tweak postfix/smtpd[5119]: warning: > bender.iitsys.csupomona.edu[134.71.250.134]: SASL DIGEST-MD5 > authentication failed: Connection lost to authentication server It should have created the second connection here and not fail.. > Now and again the authentication process dies: > > Sep 9 15:47:39 tweak dovecot: auth: Panic: file auth-request-handler.c: > line 697 (auth_request_handler_flush_failures): assertion failed: > (auth_request->state == AUTH_REQUEST_STATE_FINISHED) And this of course shouldn't happen either. > Requests start to pile up: > > Sep 9 15:51:46 tweak dovecot: auth: Warning: auth workers: Auth request > was queued for 25 seconds, 45 left in queue > > Lookups time out: > > Sep 9 15:57:22 tweak dovecot: auth: Error: auth worker: Aborted > request: Lookup timed out These are the result of the previous failures. > This occasionally pops up: > > Sep 9 15:58:38 tweak dovecot: auth: Fatal: > net_connect_unix(auth-worker) failed: Resource temporarily unavailable Probably this too. > And sometimes the auth process gets temporarily disabled: > > Sep 9 15:58:57 tweak dovecot: master: Error: service(auth): command > startup failed, throttling Most likely related to the crash, although I think this still shouldn't have happened. > I don't think all authentications fail during the scenario, but I think > the majority do. Based on the network traffic, dovecot is almost > continuously trying to connect to the first listed server. It sometimes > connects to the second listed server, but when it does, the connection > does not persist, it goes away almost immediately. There are multiple auth-worker processes, each one having their own internal MySQL connections with separate retry counters. I'll try to debug this soon. From tss at iki.fi Mon Sep 12 15:34:07 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 15:34:07 +0300 Subject: [Dovecot] general advice sought In-Reply-To: <4E6DF6E4.2070102@mssl.ucl.ac.uk> References: <4E6DF6E4.2070102@mssl.ucl.ac.uk> Message-ID: <1315830847.7326.48.camel@hurina> On Mon, 2011-09-12 at 13:11 +0100, Alan Brown wrote: > I'd like to hear the thoughts of list members on which type of storage > method seems "best" for inboxes and for folders. > > The filesystem is GFS2 and for various reasons I can't change it. .. > If I migrate to other formats (eg mdbox), then it needs to be able to be > done on the fly. (Taking the mailservers down for a day won't go down > well, even an hour raises howls). Have you had any trouble with Dovecot's index files in your current setup? Any errors at all? If not, I'd think mdbox will work fine. You can do it incrementally per-user (and you really should try it first with only a few users). http://wiki2.dovecot.org/Tools/Dsync explains how to do it on the fly. From tss at iki.fi Mon Sep 12 16:32:48 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 16:32:48 +0300 Subject: [Dovecot] Dsync and hidden files In-Reply-To: <4E6DE6EB.3080000@fouter.net> References: <4E6DE6EB.3080000@fouter.net> Message-ID: <1315834368.7326.55.camel@hurina> On Mon, 2011-09-12 at 12:03 +0100, Dick Middleton wrote: > I'm in the process of changing from Dovecot v1 to v2 and changing to mdbox in > the process. I've come across a little problem which I was hoping there would > be a workaround for. > > There are sieve config files in the home directories which are hidden files. > Dsync croaks when it finds one of these because they are not mbox format. > > It would be nice if they were ignored (or copied unchanged). Is there another > way to deal with them other than by deleting thm? Here: http://hg.dovecot.org/dovecot-2.0/raw-rev/3c8b44bb1974 From ramon.frontera at uib.es Mon Sep 12 16:38:00 2011 From: ramon.frontera at uib.es (=?iso-8859-1?Q?Ram=F3n_Frontera?=) Date: Mon, 12 Sep 2011 15:38:00 +0200 Subject: [Dovecot] problem migrating from maildir to dbox In-Reply-To: <1315829204.7326.38.camel@hurina> References: <95E776CC-912A-4BD4-A99E-AA930E5CCBFB@uib.es> <1315824275.7326.22.camel@hurina> <16C8C54C-F9E5-4786-B52F-44E27CF7DD54@uib.es> <1315829204.7326.38.camel@hurina> Message-ID: <055A7E98-5B9A-4140-AF3E-90EA34F5E271@uib.es> While the dovecot is running with the new mail_location to dbox, I try to migrate the maildir content. This is the reason because INBOX already exists. -- ------------------------------------------ Ramon Frontera Gallardo Centre de Tecnologies de la Informaci? Universitat de les Illes Balears Ctra. Valldemossa km 7,5 07122 Palma de Mallorca El 12/09/2011, a las 14:06, Timo Sirainen escribi?: > On Mon, 2011-09-12 at 13:52 +0200, Ram?n Frontera wrote: >>>> After that we use dsync -u user mirror maildir:~/Maildir. >>>> The problem is that if INBOX exists the dsync create a new folder with name like b5893c0a93ff694e551200002dfa3112 >>>> Can I migrate to the existing INBOX? or How can I merge the 2 INBOX folders? > > Have you created the dbox directory before running dsync? And opened it > with some tool? I tried with your config and it worked fine. > > The reason why these duplicate INBOXes happen is when INBOX exists both > in source and in destination when dsync is run. Typically this means > that you've created the destination INBOX already by e.g. logging in or > delivering a mail there or something.. > > From tss at iki.fi Mon Sep 12 17:09:57 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 17:09:57 +0300 Subject: [Dovecot] problem migrating from maildir to dbox In-Reply-To: <055A7E98-5B9A-4140-AF3E-90EA34F5E271@uib.es> References: <95E776CC-912A-4BD4-A99E-AA930E5CCBFB@uib.es> <1315824275.7326.22.camel@hurina> <16C8C54C-F9E5-4786-B52F-44E27CF7DD54@uib.es> <1315829204.7326.38.camel@hurina> <055A7E98-5B9A-4140-AF3E-90EA34F5E271@uib.es> Message-ID: <1315836597.7326.74.camel@hurina> You changed the mail_location globally to dbox? You should instead do it one user at a time, like explained in http://wiki2.dovecot.org/Tools/Dsync (with initial dsync done before user's mail_location is ever changed). Otherwise you'll get these duplicate INBOXes and you'll need to somehow manually figure out how to merge them. There are "doveadm move" and "doveadm mailbox delete" commands for example. On Mon, 2011-09-12 at 15:38 +0200, Ram?n Frontera wrote: > While the dovecot is running with the new mail_location to dbox, I try to migrate the maildir content. > This is the reason because INBOX already exists. > > -- > ------------------------------------------ > Ramon Frontera Gallardo > Centre de Tecnologies de la Informaci? > Universitat de les Illes Balears > Ctra. Valldemossa km 7,5 > 07122 Palma de Mallorca > > > > > El 12/09/2011, a las 14:06, Timo Sirainen escribi?: > > > On Mon, 2011-09-12 at 13:52 +0200, Ram?n Frontera wrote: > >>>> After that we use dsync -u user mirror maildir:~/Maildir. > >>>> The problem is that if INBOX exists the dsync create a new folder with name like b5893c0a93ff694e551200002dfa3112 > >>>> Can I migrate to the existing INBOX? or How can I merge the 2 INBOX folders? > > > > Have you created the dbox directory before running dsync? And opened it > > with some tool? I tried with your config and it worked fine. > > > > The reason why these duplicate INBOXes happen is when INBOX exists both > > in source and in destination when dsync is run. Typically this means > > that you've created the destination INBOX already by e.g. logging in or > > delivering a mail there or something.. > > > > > From dick at fouter.net Mon Sep 12 17:53:18 2011 From: dick at fouter.net (Dick Middleton) Date: Mon, 12 Sep 2011 15:53:18 +0100 Subject: [Dovecot] Dsync and hidden files In-Reply-To: <1315834368.7326.55.camel@hurina> References: <4E6DE6EB.3080000@fouter.net> <1315834368.7326.55.camel@hurina> Message-ID: <4E6E1CDE.3090300@fouter.net> On 09/12/11 14:32, Timo Sirainen wrote: > On Mon, 2011-09-12 at 12:03 +0100, Dick Middleton wrote: >> It would be nice if they were ignored (or copied unchanged). Is there another >> way to deal with them other than by deleting thm? > > Here: http://hg.dovecot.org/dovecot-2.0/raw-rev/3c8b44bb1974 Did you just do that? For me? Wow, I'm flattered. Many thanks. Dick From simon.brereton at buongiorno.com Mon Sep 12 18:02:33 2011 From: simon.brereton at buongiorno.com (Simon Brereton) Date: Mon, 12 Sep 2011 11:02:33 -0400 Subject: [Dovecot] Mails repopping In-Reply-To: <1315823847.7326.17.camel@hurina> References: <004b01cc6f13$04a166d0$0de43470$@brereton@buongiorno.com> <1315823847.7326.17.camel@hurina> Message-ID: <021d01cc715d$015f9400$041ebc00$@brereton@buongiorno.com> > -----Original Message----- > From: Timo Sirainen [mailto:tss at iki.fi] > On Fri, 2011-09-09 at 13:07 -0400, Simon Brereton wrote: > > > I have a server that's been running Courier for about 6 years and > in > > all that time I think I've only ever had 1 issues where an entire > mail > > box was repopped by a webmail client. However, since moving to a > new > > server and dovecot 4 weeks ago, I've now had the webmail client > repop > > this account 4 times (there are about 230 mails in the account). > > > > Is there a setting I need to tighten to prevent/remedy this? I > have > > no idea if it's happening on other accounts, but this is one that I > > see. The format is maildir. There has been no changes to the > webmail > > client. > > dovecot -n output would have been nice. Also do you see anything in > error logs? Ah. My apologies of course. Here it is.. mail:~# dovecot -n # 1.2.15: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.2 ext3 log_timestamp: %Y-%m-%d %H:%M:%S protocols: imap imaps pop3 pop3s ssl_ca_file: /etc/ssl/keys/rhodes-ca.crt ssl_cert_file: /etc/ssl/keys/mail.domain.net.crt ssl_key_file: /etc/ssl/private/mail.domain.net.key disable_plaintext_auth: no login_dir: /var/run/dovecot/login login_executable(default): /usr/lib/dovecot/imap-login login_executable(imap): /usr/lib/dovecot/imap-login login_executable(pop3): /usr/lib/dovecot/pop3-login mail_privileged_group: mailsystem mail_location: maildir:/var/spool/mail/virtual/%d/%n maildir_very_dirty_syncs: yes mbox_write_locks: fcntl dotlock mail_executable(default): /usr/lib/dovecot/imap mail_executable(imap): /usr/lib/dovecot/imap mail_executable(pop3): /usr/lib/dovecot/pop3 mail_plugins(default): quota imap_quota mail_plugins(imap): quota imap_quota mail_plugins(pop3): quota mail_plugin_dir(default): /usr/lib/dovecot/modules/imap mail_plugin_dir(imap): /usr/lib/dovecot/modules/imap mail_plugin_dir(pop3): /usr/lib/dovecot/modules/pop3 imap_client_workarounds(default): outlook-idle delay-newmail imap_client_workarounds(imap): outlook-idle delay-newmail imap_client_workarounds(pop3): pop3_client_workarounds(default): pop3_client_workarounds(imap): pop3_client_workarounds(pop3): outlook-no-nuls oe-ns-eoh lda: postmaster_address: postmaster at domain.net mail_plugins: quota log_path: info_log_path: deliver_log_format: msgid=%m: %f: %$ auth default: mechanisms: plain login user: mailsystem verbose: yes passdb: driver: sql args: /etc/dovecot/dovecot-sql.conf userdb: driver: prefetch userdb: driver: static args: uid=999 gid=115 home=/var/spool/mail/virtual/%d/%n allow_all_users=yes socket: type: listen client: path: /var/spool/postfix/private/auth mode: 432 user: postfix group: mailsystem master: path: /var/run/dovecot/auth-master mode: 432 user: mailsystem group: mailsystem plugin: quota: maildir Could you make dovecot -n munge the certificate and postmaster email addresses? I'm not comfortable with that floating on the internet.. The only thing I have in the logs is 2 sessions where mail was popped (note, it doesn't even add up to the 183 messages in the mail box). But those sessions are vastly longer than the regular ones (tens of minutes compared to a few seconds). Since both IPs are on the back-bone, that's quite a while to download 100 mails (none of which are over Sep 11 21:36:25 mail dovecot: pop3-login: Login: user=, method=PLAIN, rip=64.88.168.84, lip=83.170.65.xxx, TLS Sep 11 21:36:34 mail dovecot: POP3(user at domain.com): Disconnected: Logged out top=0/0, retr=0/0, del=0/183, size=14025971 Sep 11 21:43:44 mail dovecot: pop3-login: Login: user=, method=PLAIN, rip=64.88.168.84, lip=83.170.65.xxx, TLS Sep 11 21:44:54 mail dovecot: POP3(user at domain.com): Disconnected: Logged out top=0/0, retr=0/0, del=0/183, size=14025971 Sep 11 21:52:31 mail dovecot: pop3-login: Login: user=, method=PLAIN, rip=64.88.168.84, lip=83.170.65.xxx, TLS Sep 11 22:56:01 mail dovecot: POP3(user at domain.com): Disconnected: Logged out top=0/0, retr=100/9182678, del=0/183, size=14025971 Sep 11 23:08:58 mail dovecot: pop3-login: Login: user=, method=PLAIN, rip=64.88.168.84, lip=83.170.65.xxx, TLS Sep 11 23:37:57 mail dovecot: POP3(user at domain.com): Disconnected: Logged out top=0/0, retr=75/4748674, del=0/183, size=14025971 Sep 12 00:04:11 mail dovecot: pop3-login: Login: user=, method=PLAIN, rip=64.88.168.84, lip=83.170.65.xxx, TLS Sep 12 00:04:26 mail dovecot: POP3(user at domain.com): Disconnected: Logged out top=0/0, retr=0/0, del=0/183, size=14025971 Sep 12 00:07:40 mail dovecot: pop3-login: Login: user=, method=PLAIN, rip=64.88.168.84, lip=83.170.65.xxx, TLS Sep 12 00:07:53 mail dovecot: POP3(user at domain.com): Disconnected: Logged out top=0/0, retr=0/0, del=0/183, size=14025971 > If you're using the default pop3_uidl_format it'll rely on IMAP UIDs > to stay the same, and I guess it's possible that due to some other > problem they change (that should be logged as an error/warning > though). > > You could try setting pop3_uidl_format=%f, but it will cause everyone > to redownload mails. With newer Dovecot versions you could set > pop3_save_uidl=yes and when you think everyone's downloaded mails > once you can safely change the pop3_uidl_format. Sorry, I'm very new to dovecot and I'm not sure I understand. I presume because neither of those keys are in the dovecot -n output that they are as the defaults, yes? The account is indeed accessed by IMAP as well (from a mobile device mostly), but I don't see anything fishy there either. How could I see if the IMAP UIDs have changed? Sep 11 21:20:32 mail dovecot: IMAP(user at domain.com): Connection closed bytes=1095/8292 Sep 11 21:26:03 mail dovecot: imap-login: Login: user=, method=PLAIN, rip=174.252.83.244, lip=83.170.65.xxx, TLS Sep 11 22:11:20 mail dovecot: IMAP(user at domain.com): Disconnected for inactivity bytes=725/5638 Sep 11 22:17:10 mail dovecot: imap-login: Login: user=, method=PLAIN, rip=174.252.83.244, lip=83.170.65.xxx, TLS Sep 11 23:12:06 mail dovecot: IMAP(user at domain.com): Disconnected for inactivity bytes=1471/11025 Sep 11 23:23:22 mail dovecot: imap-login: Login: user=, method=PLAIN, rip=174.252.83.244, lip=83.170.65.xxx, TLS Sep 11 23:52:52 mail dovecot: IMAP(user at domain.com): Connection closed bytes=1841/13679 Sep 12 00:08:47 mail dovecot: imap-login: Login: user=, method=PLAIN, rip=174.252.83.244, lip=83.170.65.xxx, TLS Sep 12 01:19:05 mail dovecot: imap-login: Login: user=, method=PLAIN, rip=174.252.83.244, lip=83.170.65.xxx, TLS Sep 12 02:57:01 mail dovecot: IMAP(user at domain.com): Connection closed bytes=2713/60026 Sep 12 02:57:01 mail dovecot: IMAP(user at domain.com): Connection closed bytes=2688/18635 There are no errors or warnings in the mail log (I have one shared log file for postfix, amavis and dovecot). Reading the notes for pop3_save_uidl it doesn't seem to be a dangerous option - should I turn that on? Why will it force everyone to redownload mails (there's nothing about it on the wiki)? Thanks! Simon From simon.brereton at buongiorno.com Mon Sep 12 18:21:14 2011 From: simon.brereton at buongiorno.com (Simon Brereton) Date: Mon, 12 Sep 2011 11:21:14 -0400 Subject: [Dovecot] Mails repopping In-Reply-To: <021d01cc715d$015f9400$041ebc00$@brereton@buongiorno.com> References: <004b01cc6f13$04a166d0$0de43470$@brereton@buongiorno.com> <1315823847.7326.17.camel@hurina> <021d01cc715d$015f9400$041ebc00$@brereton@buongiorno.com> Message-ID: <022801cc715f$9d2e49b0$d78add10$@brereton@buongiorno.com> > -----Original Message----- > From: dovecot-bounces at dovecot.org [mailto:dovecot- > bounces at dovecot.org] On Behalf Of Simon Brereton > > -----Original Message----- > > From: Timo Sirainen [mailto:tss at iki.fi] On Fri, 2011-09-09 at 13:07 > > -0400, Simon Brereton wrote: > > > > > I have a server that's been running Courier for about 6 years and > > in > > > all that time I think I've only ever had 1 issues where an entire > > mail > > > box was repopped by a webmail client. However, since moving to a > > new > > > server and dovecot 4 weeks ago, I've now had the webmail client > > repop > > > this account 4 times (there are about 230 mails in the account). > > > > > > Is there a setting I need to tighten to prevent/remedy this? I > > have > > > no idea if it's happening on other accounts, but this is one that > I > > > see. The format is maildir. There has been no changes to the > > webmail > > > client. > > > > dovecot -n output would have been nice. Also do you see anything in > > error logs? > > Ah. My apologies of course. Here it is.. > > mail:~# dovecot -n > # 1.2.15: /etc/dovecot/dovecot.conf > # OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.2 ext3 I've only just noticed that installing from apt-get on Debian 64-bit installs Dovecot 1.2 - does anyone know when 2.x will be available via apt? Simon From zaharovr at inbox.ru Mon Sep 12 18:24:41 2011 From: zaharovr at inbox.ru (Roman Zakharov) Date: Mon, 12 Sep 2011 19:24:41 +0400 Subject: [Dovecot] dovecot 2.0.12: mdbox & quota=dirsize In-Reply-To: <1315825456.7326.26.camel@hurina> References: <1315825456.7326.26.camel@hurina> Message-ID: <4E6E2439.3080109@inbox.ru> 12.09.2011 15:04, Timo Sirainen ?????: > On Fri, 2011-09-09 at 15:24 +0400, ????? ?????? wrote: >> #doveconf -v >> ...................... >> quota = dirsize:User quota >> quota_debug = yes > There's no such setting as quota_debug. Yes, really, not used adjustment, but doesn't cause errors :) > >> then i change ./dovecot-2.0.12/src/plugins/quota?/quota-dirsize.c >> 165--path = mailbox_list_get_path(namespaces[i]->list, NULL,? >> 166-- MAILBOX_LIST_PATH_TYPE_MAILBOX?); >> 165++path = mailbox_list_get_path(namespaces[i]->list, NULL, >> 166++ MAILBOX_LIST_PATH_TYPE_DIR);?? > Well.. Hmm. I suppose that's ok. Done: > http://hg.dovecot.org/dovecot-2.0/rev/9ea79795088d > (Looks like hg web doesn't like UTF-8 in your name.) > > Roman Zakharov, it is not important, i think From ka at pacific.net Mon Sep 12 18:49:11 2011 From: ka at pacific.net (Ken A) Date: Mon, 12 Sep 2011 10:49:11 -0500 Subject: [Dovecot] Attacking Dovecot In-Reply-To: <201109092145.p89LjQLb017904@panas.otenet.gr> References: <201109092145.p89LjQLb017904@panas.otenet.gr> Message-ID: <4E6E29F7.90401@pacific.net> That's all normal activity (failed logins) for any internet facing machine. They may be dictionary attacks, or not... If they get on your nerves, block them. Strong passwords will help more. Also, it's likely that you have forged mail coming in from outside, and not really "spam from local users" ? If it is really locally generated, then disable the account. Ken On 9/9/2011 4:45 PM, Nikos Papadopoulos wrote: > Hello, > > > > I am using Dovecot ver.1.0.7 on an x86 server with RedHat Linux Enterprise 5 > and the following configuration: > > > > # 1.0.7: /etc/dovecot.conf > > protocols: pop3 > > login_dir: /var/run/dovecot/login > > login_executable: /usr/libexec/dovecot/pop3-login > > mail_location: mbox:~/mail:INBOX=/var/mail/%u > > mail_executable: /usr/libexec/dovecot/pop3 > > mail_plugin_dir: /usr/lib/dovecot/pop3 > > pop3_client_workarounds: outlook-no-nuls oe-ns-eoh > > auth default: > > passdb: > > driver: pam > > userdb: > > driver: passwd > > > > > > It seems that my mail server is being attacked by someone who tries to > retrieve users' credentials. Please read below an output of logwatch. > > > > dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information > about > > user sandra > > dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information > about > > user tanya > > dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information > about > > user tanya > > dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information > about > > user dark > > dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information > about > > user dark > > dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information > about > > user gibson > > dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information > about > > user frank > > dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information > about > > user frank > > > > > > > > Besides, some of the local users receive "spam" emails, which seem to be > sent by another local user. > > > > Please assist me on how to prevent the aforementioned attack. > > > > Best Regards, > > > > Nikos > > > > -- Ken Anderson Pacific Internet - http://www.pacific.net Latest Pacific.Net Status - http://twitter.com/pacnetstatus From listas.correo at yahoo.es Mon Sep 12 18:55:51 2011 From: listas.correo at yahoo.es (mailing lists) Date: Mon, 12 Sep 2011 16:55:51 +0100 (BST) Subject: [Dovecot] director ignoring director_mail_servers for lmtp connections Message-ID: <1315842951.89437.YahooMailNeo@web29120.mail.ird.yahoo.com> Hello, Following Jan-Frode's advise I am trying this configuration: {postfix} ---lmtp---> {director} ---lmtp---> {dovecot} so I have two dovecot instances for director/proxy and lmtp delivery on ports 1024 and 24 respectively. whilst for imap connections I can specify a pool of imap backend servers via 'director_mail_servers' it seems is not possible with lmtp. Sep 12 17:14:13 imap1 dovecot: auth: Debug: master in: PASS?? 1?????? user001 at example.com ?? service=lmtp??? lip=::1 lport=1024????? rip=::1 rpor5 Sep 12 17:14:13 imap1 dovecot: auth: Debug: static(user001 at example.com,::1): lookup Sep 12 17:14:13 imap1 dovecot: auth: Debug: password(user001 at eexample.com,::1): Credentials: Sep 12 17:14:13 imap1 dovecot: auth: Debug: master out: PASS? 1?????? user=user001 at example.com?????? proxy?? port=24 Sep 12 17:14:13 imap1 dovecot: lmtp(25682): Debug: auth input: user=user001 at example.com proxy port=24 Sep 12 17:14:13 imap1 dovecot: lmtp(25682): Error: proxy: host not given Sep 12 17:14:13 imap1 dovecot: lmtp(25682): Debug: Loading modules from directory: /usr/lib64/dovecot/modules Sep 12 17:14:13 imap1 dovecot: lmtp(25682): Debug: Module loaded: /usr/lib64/dovecot/modules/lib01_acl_plugin.so Sep 12 17:14:13 imap1 dovecot: auth: Debug: master in: USER?? 2?????? user001 at example.com??? service=lmtp??? lip=::1 rip=::1 Sep 12 17:14:13 imap1 dovecot: auth: Debug: static(user001 at example.com,::1): lookup Sep 12 17:14:13 imap1 dovecot: auth: Debug: password(user001 at example.com,::1): Credentials: Sep 12 17:14:13 imap1 dovecot: auth: Debug: master out: USER? 2?????? user001 at example.com Sep 12 17:14:13 imap1 dovecot: lmtp(25682): Debug: auth input: user001 at example.com Sep 12 17:14:43 imap1 dovecot: lmtp(25682): Disconnect from ::1: Client quit (in RCPT TO) how I can redirect incoming lmtp request to backend lmtp servers (and not just one)? what I'm missing here? ??? /----------/ # dovecot -c /etc/dovecot-director/dovecot.conf -n # 2.0.14: /etc/dovecot-director/dovecot.conf # OS: Linux 2.6.34.7-0.7-xen x86_64 openSUSE 11.3 (x86_64) auth_debug = yes auth_debug_passwords = yes auth_verbose = yes auth_verbose_passwords = plain base_dir = /var/run/dovecot-director/ director_mail_servers = 101.180.245.101 director_servers = 101.180.245.101 disable_plaintext_auth = no lmtp_proxy = yes mail_debug = yes mail_fsync = always mail_gid = 5000 mail_nfs_index = yes mail_nfs_storage = yes mail_plugins = acl mail_uid = 5000 managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date mmap_disable = yes passdb { ? args = proxy=y nopassword=y ? driver = static } plugin { ? acl = vfile ? sieve = ~/.dovecot.sieve ? sieve_dir = ~/sieve } protocols = imap lmtp service auth { ? unix_listener auth-userdb { ??? group = vmail ??? mode = 0666 ??? user = vmail ? } } service director { ? fifo_listener login/proxy-notify { ??? mode = 0666 ? } ? inet_listener { ??? port = 9090 ? } ? unix_listener director-userdb { ??? mode = 0666 ? } ? unix_listener login/director { ??? mode = 0666 ? } } service imap-login { ? executable = imap-login director ? inet_listener imap { ??? port = 10143 ? } } service lmtp { ? inet_listener lmtp { ??? port = 1024 ? } } ssl = no verbose_proctitle = yes protocol lmtp { ? passdb { ??? args = proxy=y nopassword=y port=24 ??? driver = static ? } } protocol imap { ? mail_max_userip_connections = 100 } From Christian.Schmidt at chemie.uni-hamburg.de Mon Sep 12 19:03:35 2011 From: Christian.Schmidt at chemie.uni-hamburg.de (Christian Schmidt) Date: Mon, 12 Sep 2011 18:03:35 +0200 Subject: [Dovecot] userdb static & Quota from LDAP? In-Reply-To: <1315823607.7326.14.camel@hurina> References: <20110909215855.GA4680@chemie.uni-hamburg.de> <1315823607.7326.14.camel@hurina> Message-ID: <20110912160335.GG16271@chemie.uni-hamburg.de> Hello Timo, Timo Sirainen, 12.09.2011 (d.m.y): > On Fri, 2011-09-09 at 23:58 +0200, Christian Schmidt wrote: > > userdb { > > driver = static > > args = uid=vmail gid=vmail home=/var/maildir/%u > > } > > These can be replaced with global settings: > > mail_uid = vmail > mail_gid = vmail > mail_home = /var/maildir/%u > > > Now I'd like to add per-user quotas that will also be stored in the > > LDAP directory, and I'm not sure how to put things together. > > IMHO quota is the only "userdb information" requested from LDAP, and > > I'd like to leave all the other "userdb pieces" as the are. I changed > > the userdb definition to: > > userdb { > > driver = ldap > > args = /etc/dovecot/conf.d/ldap-userdb.ext > > } > > > > My /etc/dovecot/conf.d/ldap-userdb.ext contains (along other lines): > > > > user_attrs = uid=vmail,gid=vmail,home=/var/maildir/%u,mailQuota=quota=quota_rule=*:storage=%$ > > Just set those global settings and drop uid/gid/home from here. Or you > could get them working here too, but the syntax is slightly wrong: > > user_attrs = =uid=vmail, =gid=vmail, .. > > (With the above settings you're telling Dovecot that LDAP "uid" field > will be assigned to Dovecot's "vmail" field, and the "gid" field > immediately overrides it, and LDAP "home" field's value is set to > Dovecot's "/var/maildir/%u" field.) This is working now: user_attrs = mailQuota=quota_rule=*:bytes=%$ Thank you, Timo! Gruss/Regards, Christian Schmidt -- You're at the end of the road again. From dave.stubbs at utoronto.ca Mon Sep 12 19:10:46 2011 From: dave.stubbs at utoronto.ca (Dave Stubbs) Date: Mon, 12 Sep 2011 12:10:46 -0400 Subject: [Dovecot] Possible to Customize File Naming Scheme? Message-ID: <4E6E2F06.6000507@utoronto.ca> Hello all, [Sorry if this has been covered already - I searched back a little way in the archive and didn't find anything recent on the topic.] I'm wondering if it is possible to customize the way dovecot creates or modifies filenames in the maildir directories? I'm watching how my mail system works, and I see that procmail creates a new file in the /new directory, each time an email is received. This file is some complex combination of UIDs and things, suffixed by the server name. So far, the filename has alphanumerics, a couple underscores, and a dot or two only. But once dovecot gets it's hands on the file and moves it to the /cur directory, it starts doing "terrible" things to the file name. Now, the filename starts to have "evil" things in it, like colons and commas. Is there a way to change this? I'm asking this primarily because I use dovecot as a massive long-term email archiving system. One of the things one needs to be able to do when running a long-term archive like this is keep things as simple and accessible as possible. The reason I use maildir is that I totally buy into the "one email, one file" idea - it means I don't have to store messages in big consolidated database files that are changeable with each new version of the vendor's software release (such as exchange DBs or Outlook PST files) or that are horrible performers (such as mbox). One of the nice things about the maildir "each email is a separate file" idea is that you are not limited to maildir or dovecot or any other piece of software to handle, read, and process the files. For instance, I would like to backup my maildir by using rsync to synchronize my dovecot-managed maildir to a Windows server running NFS. From there the files are synchronized via Windows DFS ( to which there is no open source solution that is even close) to several other servers around the continent. Only thing: The evil commas and colons in the filenames are anathema to Windows. So instead I tar the maildir folders to tgz files on the windows server, and the tgz's are synchronized to other DR sites. If I could do without the need for tar (mandated solely because of the colons and commas in the dovecot filename scheme) I could minimize the time to backup (only synchronizing changes) and suddenly I would have a lot of other benefits opened up. One simple one would be that if I could configure dovecot to append the .eml extension to the end of every file (technically each file in a maildir is an eml file regardless of the extension being present or not - eml is just a raw mail file just like what you'd find in a maildir) I would have instant access to them using Search Server Express, which can read eml files but strongly prefers to use extentions to recognize files as such. To be clear: I'm not requesting that dovecot's file naming convention be changed to match my quirky requirements - I'm just asking if it could be made configurable, so I could change it to match my needs and others could change it to match theirs. In the interests of REALLY being able to use the elegantly simple idea of each mail being a separate file, I'm trying to get more out of that great pile of folders and files I'm amassing in my mail archive server. The more use I can make of them with other software other than dovecot (i.e. data crawling, indexing, easy recovery in a catastrophe, etc) the more valuable this format is. Is this possible? From micah at riseup.net Mon Sep 12 19:17:09 2011 From: micah at riseup.net (Micah Anderson) Date: Mon, 12 Sep 2011 12:17:09 -0400 Subject: [Dovecot] quota percents References: <87sjo5wkfy.fsf@algae.riseup.net> <1315824208.7326.21.camel@hurina> Message-ID: <8739g1ka62.fsf@algae.riseup.net> Timo Sirainen writes: > On Fri, 2011-09-09 at 16:05 -0400, Micah Anderson wrote: > >> its incorrect because if you change it to what it suggests ('+10%') it >> wont work because that wont be 10% more, rather, it is set to bytes=+10: > > Well, that's a more complex problem. The %% escaping needs to be done in > dovecot.conf, but it doesn't need to be done elsewhere. If this said > that "use +10%%" and someone gives that in SQL user_query, it will > break. So I'm not changing the warning. Ok, that makes sense. >> However, it doesn't seem to work in practice, because I have a user that >> is at 99% of quota, with nothing in the Trash who cannot move a 77KB >> message into the Trash without getting the quota_exceeded message and >> refusing to move it. > > dovecot -n output? NOTE: i turned off the quota plugins while this is sorted, so you wont see them enabled below. # 2.0.13: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.2 auth_default_realm = example.net auth_verbose = yes default_process_limit = 256 default_vsz_limit = 512 M dict { expire = mysql:/etc/dovecot/dovecot-dict-sql.conf quota = mysql:/etc/dovecot/dovecot-dict-sql.conf } disable_plaintext_auth = no first_valid_gid = 8 first_valid_uid = 8 last_valid_gid = 8 last_valid_uid = 8 listen = * login_greeting = howdy, ready. mail_location = mdbox:~/mdbox mail_plugins = expire maildir_very_dirty_syncs = yes namespace { inbox = yes location = prefix = separator = . } namespace { hidden = yes inbox = no list = no location = prefix = INBOX. separator = . } passdb { args = /etc/dovecot/dovecot-sql.conf driver = sql } plugin { expire = Trash expire2 = Trash/* expire3 = Spam expire_dict = proxy::expire quota = dict:Your mail quota::proxy::quota quota_exceeded_message = You are over quota. To avoid losing mail, immediately empty your Trash and Sent folders and delete emails with large attachments. quota_rule = *:bytes=24117248 quota_rule2 = Trash:bytes=+50%% quota_rule3 = Spam:bytes=+20%% } postmaster_address = postmaster at example.net protocols = imap pop3 service dict { unix_listener dict { group = mail mode = 0600 user = mail } } service imap-login { process_min_avail = 10 service_count = 0 vsz_limit = 512 M } service imap-postlogin { executable = script-login /maildir/postlogin_imap user = $default_internal_user } service pop3-postlogin { executable = script-login /maildir/postlogin_pop user = $default_internal_user } ssl_cert = References: <4E6E2F06.6000507@utoronto.ca> Message-ID: <20110912131803.Horde.lV3aUMm_qOVObjC720uXbjA@mail.kalinowski.com.br> On Seg, 12 Set 2011, Dave Stubbs wrote: > Hello all, > > I'm watching how my mail system works, and I see that procmail > creates a new file in the /new directory, each time an email > is received. This file is some complex combination of UIDs and > things, suffixed by the server name. So far, the filename has > alphanumerics, a couple underscores, and a dot or two only. > > But once dovecot gets it's hands on the file and moves it to the > /cur directory, it starts doing "terrible" things to the > file name. Now, the filename starts to have "evil" things in it, > like colons and commas. The colon and commas are part of the Maildir spec[0], so no, it can't be changed. [0]http://cr.yp.to/proto/maildir.html -- If you want to read about love and marriage you've got to buy two separate books. -- Alan King Eduardo M KALINOWSKI eduardo at kalinowski.com.br From tss at iki.fi Mon Sep 12 19:22:23 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 19:22:23 +0300 Subject: [Dovecot] Possible to Customize File Naming Scheme? In-Reply-To: <4E6E2F06.6000507@utoronto.ca> References: <4E6E2F06.6000507@utoronto.ca> Message-ID: <94C2EC27-49CF-49EE-B778-7C09ED3A6B0A@iki.fi> On 12.9.2011, at 19.10, Dave Stubbs wrote: > I'm watching how my mail system works, and I see that procmail creates a new file in the /new directory, each time an email is received. This file is some complex combination of UIDs and things, suffixed by the server name. So far, the filename has alphanumerics, a couple underscores, and a dot or two only. > > But once dovecot gets it's hands on the file and moves it to the /cur directory, it starts doing "terrible" things to the file name. Now, the filename starts to have "evil" things in it, like colons and commas. Is there a way to change this? That's how Maildir works to store message flags. If you don't like it, use something else. > I'm asking this primarily because I use dovecot as a massive long-term email archiving system. One of the things one needs to be able to do when running a long-term archive like this is keep things as simple and accessible as possible. The reason I use maildir is that I totally buy into the "one email, one file" idea - it means I don't have to store messages in big consolidated database files that are changeable with each new version of the vendor's software release (such as exchange DBs or Outlook PST files) or that are horrible performers (such as mbox). Dovecot v2.0's sdbox format could work for you. > One of the nice things about the maildir "each email is a separate file" idea is that you are not limited to maildir or dovecot or any other piece of software to handle, read, and process the files. Well, sdbox isn't good for that then anymore. Cydir backend could possibly work, although it is missing some features that dbox has and was mainly intended as an example code for super simple mailbox format. > For instance, I would like to backup my maildir by using rsync to synchronize my dovecot-managed maildir to a Windows server running NFS. From there the files are synchronized via Windows DFS ( to which there is no open source solution that is even close) to several other servers around the continent. Only thing: The evil commas and colons in the filenames are anathema to Windows. So instead I tar the maildir folders to tgz files on the windows server, and the tgz's are synchronized to other DR sites. You could patch Dovecot's maildir code to use something else than commas and colons in maildir-storage.h: #define MAILDIR_INFO_SEP ':' #define MAILDIR_EXTRA_SEP ',' #define MAILDIR_FLAGS_SEP ',' #define MAILDIR_INFO_SEP_S ":" #define MAILDIR_EXTRA_SEP_S "," #define MAILDIR_FLAGS_SEP_S "," > If I could do without the need for tar (mandated solely because of the colons and commas in the dovecot filename scheme) I could minimize the time to backup (only synchronizing changes) and suddenly I would have a lot of other benefits opened up. One simple one would be that if I could configure dovecot to append the .eml extension to the end of every file (technically each file in a maildir is an eml file regardless of the extension being present or not - eml is just a raw mail file just like what you'd find in a maildir) I would have instant access to them using Search Server Express, which can read eml files but strongly prefers to use extentions to recognize files as such. The message flags should still be stored somewhere if not in the filename. dbox and cydir stores them in Dovecot's index files. > To be clear: I'm not requesting that dovecot's file naming convention be changed to match my quirky requirements - I'm just asking if it could be made configurable, so I could change it to match my needs and others could change it to match theirs. In the interests of REALLY being able to use the elegantly simple idea of each mail being a separate file, I'm trying to get more out of that great pile of folders and files I'm amassing in my mail archive server. The more use I can make of them with other software other than dovecot (i.e. data crawling, indexing, easy recovery in a catastrophe, etc) the more valuable this format is. > > Is this possible? One last possibility is to create your own mailbox format that works exactly like you want. From al-dovecot at none.at Mon Sep 12 20:14:48 2011 From: al-dovecot at none.at (Aleksandar Lazic) Date: Mon, 12 Sep 2011 19:14:48 +0200 Subject: [Dovecot] Sieve envelope :detail "to" "extention" does not deliver to fileinto destination Message-ID: <20110912171448.GB320@none.at> Dear Listmember. I resend this with different Subject so that the spamfilter does not drop the mail, I hope ;-) I try to migrate from my current courier-mta setup fo postfix dovecot setup. I use the following scirpt to filter to the destination mailbox. ### /var/vmail/none.at/al/.dovecot.sieve # from http://wiki.dovecot.org/LDA/Sieve require ["fileinto", "envelope", "subaddress", "include"]; include "lists.sieve"; if envelope :detail "to" "work" { fileinto "INBOX.work"; } ### ### /var/vmail/none.at/al/sieve/lists.sieve require ["fileinto", "subaddress", "envelope" ]; if envelope :detail "to" "pdnsusers" { fileinto "Lists.pdnsusers"; } ### postfix/master ### dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop} -a ${original_recipient} # flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop} -m ${extension} -a ${original_recipient} ### Log ### Sep 11 21:47:48 lvps46-163-74-15 postfix/smtpd[7788]: connect from Sep 11 21:48:12 lvps46-163-74-15 postfix/smtpd[7788]: 495EF9FECAF9: Sep 11 21:48:27 lvps46-163-74-15 postfix/cleanup[7795]: 495EF9FECAF9: message-id=<> Sep 11 21:48:27 lvps46-163-74-15 postfix/qmgr[7785]: 495EF9FECAF9: from=, size=268, nrcpt=1 (queue active) Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda: Debug: Loading modules from directory: /usr/lib/dovecot/modules Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda: Debug: Module loaded: /usr/lib/dovecot/modules/lib90_sieve_plugin.so Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda: Debug: auth input: al at none.at uid=5000 gid=5000 home=/var/vmail/none.at/al Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: Effective uid=5000, gid=5000, home=/var/vmail/none.at/al Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: maildir: root exists (/var/vmail/none.at/al/Maildir) Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: maildir++: root=/var/vmail/none.at/al/Maildir, index=, control=, inbox=/var/vmail/none.at/al/Maildir, alt= Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: none: root=, index=, control=, inbox=, alt= Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: Destination address: al-pdnsuser at none.at (source: -a parameter) Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: sieve: using sieve path for user's script: /var/vmail/none.at/al/.dovecot.sieve Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: sieve: opening script /var/vmail/none.at/al/.dovecot.sieve Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: sieve: script binary /var/vmail/none.at/al/.dovecot.svbin successfully loaded Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: sieve: binary save: not saving binary /var/vmail/none.at/al/.dovecot.svbin, because it is already stored Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: sieve: executing script from /var/vmail/none.at/al/.dovecot.svbin Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): sieve: msgid=unspecified: stored mail into mailbox 'INBOX' Sep 11 21:48:27 lvps46-163-74-15 postfix/pipe[7797]: 495EF9FECAF9: to=, relay=dovecot, delay=28, delays=28/0.02/0/0.22, dsn=2.0.0, status=sent (delivered via dovecot service) Sep 11 21:48:27 lvps46-163-74-15 postfix/qmgr[7785]: 495EF9FECAF9: removed Sep 11 21:48:28 lvps46-163-74-15 postfix/smtpd[7788]: disconnect from xxx ### dovecot -n => attachment dovecot_-n ~#: egrep -v '^(#|$)' /etc/dovecot/dovecot-sql.conf #### driver = mysql connect = host=127.0.0.1 dbname=mailserver user=$USER \ password=$PASSWORD default_pass_scheme = PLAIN-MD5 password_query = SELECT user_email AS user, \ user_password AS password \ FROM virtual_users WHERE user_email='%u'; #### Due to the fact that I'am new to dovecot and sieve I hope anybody can help the solve this issue. My target is to filter the mailinglists based on address extention or is it better to filter on to header? Is there a 'log' or 'print' command in the sieve filter or how can I write a message to the log file? Many thanks for your help BR Aleks -------------- next part -------------- # 2.0.14: /etc/dovecot/dovecot.conf # OS: Linux 2.6.18-028stab092.1 x86_64 Ubuntu 10.04.3 LTS auth_mechanisms = plain login digest-md5 cram-md5 disable_plaintext_auth = no log_timestamp = "%Y-%m-%d %H:%M:%S " mail_debug = yes mail_privileged_group = mail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date passdb { args = /etc/dovecot/dovecot-sql.conf driver = sql } protocols = imap recipient_delimiter = - service auth { unix_listener auth-userdb { group = vmail mode = 0755 user = vmail } user = root } ssl_cert = References: <1315581724.65256.YahooMailNeo@web27201.mail.ukl.yahoo.com> <1315824012.7326.19.camel@hurina> Message-ID: <1315850294.2049.YahooMailNeo@web27201.mail.ukl.yahoo.com> On Fri, 2011-09-09 at 16:22 +0100, Spyros Tsiolis wrote: > OK, no answers on my previous e-mail. I'll rephrase it. > How can I get rid of subfolders on a users' tree-like structure on dovecot ? > Which file must I "touch" ? This still isn't very understandable. You can delete subfolders with either IMAP client (= IMAP DELETE command) or simply rm -rf in the filesystem. Or do you mean moving the subfolders to be root level folders? Again IMAP client should be able to do this, or in filesystem level (assuming Maildir++) you'd do something like: mv ~/Maildir/.root.subfolder ~/Maildir/.subfolder ________________________________ Timo, thank you kindly for your time and patience, It's a weird scenario where the user uses Thunderbird and managed to create folders underneath the subscribers' (her) root folder with symbols that are not accepted by thunderbird. Hence, the trouble of not being able to get rid of these folders. Thanks for the pointer. I'll have to look more closely to the help pages for the IMAP protocol. Best Regards, spyros ? ---- "I merely function as a channel that filters music through the chaos of noise" - Vangelis From dave.stubbs at utoronto.ca Mon Sep 12 21:00:49 2011 From: dave.stubbs at utoronto.ca (Dave Stubbs) Date: Mon, 12 Sep 2011 14:00:49 -0400 Subject: [Dovecot] Possible to Customize File Naming Scheme? In-Reply-To: <94C2EC27-49CF-49EE-B778-7C09ED3A6B0A@iki.fi> References: <4E6E2F06.6000507@utoronto.ca> <94C2EC27-49CF-49EE-B778-7C09ED3A6B0A@iki.fi> Message-ID: <4E6E48D1.3040802@utoronto.ca> On 9/12/2011 12:22 PM, Timo Sirainen wrote: > On 12.9.2011, at 19.10, Dave Stubbs wrote: > >> I'm watching how my mail system works, and I see that procmail creates a new file in the/new directory, each time an email is received. This file is some complex combination of UIDs and things, suffixed by the server name. So far, the filename has alphanumerics, a couple underscores, and a dot or two only. >> >> But once dovecot gets it's hands on the file and moves it to the/cur directory, it starts doing "terrible" things to the file name. Now, the filename starts to have "evil" things in it, like colons and commas. Is there a way to change this? > That's how Maildir works to store message flags. If you don't like it, use something else. Fair enough > >> I'm asking this primarily because I use dovecot as a massive long-term email archiving system. One of the things one needs to be able to do when running a long-term archive like this is keep things as simple and accessible as possible. The reason I use maildir is that I totally buy into the "one email, one file" idea - it means I don't have to store messages in big consolidated database files that are changeable with each new version of the vendor's software release (such as exchange DBs or Outlook PST files) or that are horrible performers (such as mbox). > Dovecot v2.0's sdbox format could work for you. > >> One of the nice things about the maildir "each email is a separate file" idea is that you are not limited to maildir or dovecot or any other piece of software to handle, read, and process the files. > Well, sdbox isn't good for that then anymore. Cydir backend could possibly work, although it is missing some features that dbox has and was mainly intended as an example code for super simple mailbox format. Well, maybe sdbox could still work. Just a quick question - what is the format of the u.* file? Is it still a raw (possibly partially) mime-encoded file that contains the all-important From: line, just like a mail file in a maildir folder? If so, I could sync the sdbox files elsewhere and index them if I could convince dovecot to use the filename scheme u.*.eml instead of u.* Possible? Or is the sdbox file format different? From tss at iki.fi Mon Sep 12 21:07:28 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 21:07:28 +0300 Subject: [Dovecot] Possible to Customize File Naming Scheme? In-Reply-To: <4E6E48D1.3040802@utoronto.ca> References: <4E6E2F06.6000507@utoronto.ca> <94C2EC27-49CF-49EE-B778-7C09ED3A6B0A@iki.fi> <4E6E48D1.3040802@utoronto.ca> Message-ID: On 12.9.2011, at 21.00, Dave Stubbs wrote: >>> One of the nice things about the maildir "each email is a separate file" idea is that you are not limited to maildir or dovecot or any other piece of software to handle, read, and process the files. >> Well, sdbox isn't good for that then anymore. Cydir backend could possibly work, although it is missing some features that dbox has and was mainly intended as an example code for super simple mailbox format. > Well, maybe sdbox could still work. Just a quick question - what is the format of the u.* file? Is it still a raw (possibly partially) mime-encoded file that contains the all-important From: line, just like a mail file in a maildir folder? If so, I could sync the sdbox files elsewhere and index them if I could convince dovecot to use the filename scheme u.*.eml instead of u.* sdbox begins with a small dbox header, followed by the message text and finally a dbox metadata footer. Something like: 2 M1e C4e327f7d ^A^BN 0000000000000906 ^A^C R4e327f7d V94e G39670b147d7f324e0e1d000074ccac23 dbox-file.h describes the headers and lists the metadata characters and what they mean. Because of this extra metadata I don't really know if it would be a good idea to name them *.eml. Yes, you could copy specific sdbox files elsewhere and run "doveadm force-resync" on them. All message flags would be lost though, since they're stored only in Dovecot's index files. From tss at iki.fi Mon Sep 12 21:10:38 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 21:10:38 +0300 Subject: [Dovecot] quota percents In-Reply-To: <8739g1ka62.fsf@algae.riseup.net> References: <87sjo5wkfy.fsf@algae.riseup.net> <1315824208.7326.21.camel@hurina> <8739g1ka62.fsf@algae.riseup.net> Message-ID: On 12.9.2011, at 19.17, Micah Anderson wrote: >>> However, it doesn't seem to work in practice, because I have a user that >>> is at 99% of quota, with nothing in the Trash who cannot move a 77KB >>> message into the Trash without getting the quota_exceeded message and >>> refusing to move it. >> >> dovecot -n output? > > namespace { > inbox = yes > location = > prefix = > separator = . > } > namespace { > hidden = yes > inbox = no > list = no > location = > prefix = INBOX. > separator = . > } Maybe the client is using the INBOX. namespace and trying to copy to INBOX.Trash instead of Trash? You could try adding another quota rule for INBOX.Trash. I should probably also change the quota code to follow "alias_for" directives. Then you could have only a single Trash, if you add "alias_for = " to the INBOX. namespace. From nhelauro at gmail.com Mon Sep 12 21:10:56 2011 From: nhelauro at gmail.com (Lauro C.) Date: Mon, 12 Sep 2011 15:10:56 -0300 Subject: [Dovecot] Custom error messages. Message-ID: I am using Dovecot 1.2.9. Is it possible to have custom error messages? I want to translate some of the messages (for instance mailbox full), so it can be more user friendly. I already use the quota warning feature. But I need to translate the messages anyways, is it possible? Lauro From Lutz.Pressler at SerNet.DE Mon Sep 12 21:15:08 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Mon, 12 Sep 2011 20:15:08 +0200 Subject: [Dovecot] 2.1: imapc SUBSCRIBE problem In-Reply-To: <1315822557.7326.0.camel@hurina> References: <1315563414.3876.50.camel@hurina> <20110909102128.GA762256@gabi.sernet.de> <20110909144349.GA846637@gabi.sernet.de> <1315822557.7326.0.camel@hurina> Message-ID: On Mon, 12 Sep 2011, Timo Sirainen wrote: > On Sun, 2011-09-11 at 21:50 +0200, Lutz Pre?ler wrote: > > On Fri, 09 Sep 2011, Lutz Pre?ler wrote: > > > LIST is now working correctly in my setup, but SUBSCRIBE ist not. > > > With subscriptions=no, as written (but same behaviour with subscriptions=yes), > > > SUBSCRIBE INBOX.gmail.INBOX (or others) yields > > > 0 NO [SERVERBUG] Internal error occurred. Refer to server log for more information. [2011-09-09 16:39:40] > > > logging (with mail_debug=yes) only > > > Sep 9 16:39:40 host dovecot: imap(1143, user): Error: stat((null)) failed: Bad address > > After putting (with subscriptions=no) an entry manually into the root > > subscriptions file, everything including UNSUBSCRIBE works fine. > > Yeah, but then remote subscriptions don't work. I think the imapc > subscription problems and namespace prefix problems are now fixed in hg. Not really. No error on SUBSCRIBE anymore, but it does not work permanently: 0 lsub "" "*" * LSUB () "." "INBOX.test.test2" [... further entries ...] 0 OK Lsub completed. 0 subscribe "INBOX.gmail.[Gmail].Spam" 0 OK Subscribe completed. <--- now subscriptions file includes "gmail.[Gmail]/Spam" 0 lsub "" "*" * LSUB () "." "INBOX.test.test2" [... further entries, but NOT INBOX.gmail.[Gmail].Spam ...] 0 OK Lsub completed. <--- now the "gmail.[Gmail]/Spam" line is gone from subscriptions file again! The same happens with INBOX.gmail.INBOX, so it's not the "[]" characters. I have to test with debugging turned on later. Lutz From tss at iki.fi Mon Sep 12 21:16:34 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 21:16:34 +0300 Subject: [Dovecot] Custom error messages. In-Reply-To: References: Message-ID: On 12.9.2011, at 21.10, Lauro C. wrote: > Is it possible to have custom error messages? I want to translate some of > the messages (for instance mailbox full), so it can be more user friendly. I > already use the quota warning feature. But I need to translate the messages > anyways, is it possible? For "mailbox full", yes: http://wiki2.dovecot.org/Quota/Configuration#Custom_Quota_Exceeded_Message Anything else: no. Do you have specific examples of anything else you'd want to change? From tss at iki.fi Mon Sep 12 21:18:12 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 21:18:12 +0300 Subject: [Dovecot] 2.1: imapc SUBSCRIBE problem In-Reply-To: References: <1315563414.3876.50.camel@hurina> <20110909102128.GA762256@gabi.sernet.de> <20110909144349.GA846637@gabi.sernet.de> <1315822557.7326.0.camel@hurina> Message-ID: On 12.9.2011, at 21.15, Lutz Pre?ler wrote: >> Yeah, but then remote subscriptions don't work. I think the imapc >> subscription problems and namespace prefix problems are now fixed in hg. > Not really. No error on SUBSCRIBE anymore, but it does not work > permanently: > > 0 lsub "" "*" > * LSUB () "." "INBOX.test.test2" > [... further entries ...] > 0 OK Lsub completed. > 0 subscribe "INBOX.gmail.[Gmail].Spam" > 0 OK Subscribe completed. > <--- now subscriptions file includes > "gmail.[Gmail]/Spam" There shouldn't be any changes to subscriptions file! The subscriptions are stored on remote IMAP server. What exactly have you set to your namespaces now? From dovecot.user at seibercom.net Mon Sep 12 21:22:39 2011 From: dovecot.user at seibercom.net (Jerry) Date: Mon, 12 Sep 2011 14:22:39 -0400 Subject: [Dovecot] Sieve envelope :detail "to" "extention" does not deliver to fileinto destination In-Reply-To: <20110912171448.GB320@none.at> References: <20110912171448.GB320@none.at> Message-ID: <20110912142239.7ec8eb49@scorpio> On Mon, 12 Sep 2011 19:14:48 +0200 Aleksandar Lazic articulated: > dovecot unix - n n - - pipe > flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f > ${sender} -d ${user}@${nexthop} -a ${original_recipient} > # flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f > ${sender} -d ${user}@${nexthop} -m ${extension} -a > ${original_recipient} I use plus addressing and this is the entry in the master.cf file from Postfix: dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/usr/local/libexec/dovecot/deliver -f ${sender} -d ${user}@${nexthop} -a ${recipient} The "argv" could be different on your system; however the rest should be the same as mine I would assume. If you do make a change, you will have to restart Postfix for it to take effect. -- Jerry ? Dovecot.user at seibercom.net Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __________________________________________________________________ From compconsultant at yahoo.com Mon Sep 12 21:23:35 2011 From: compconsultant at yahoo.com (Steve Fatula) Date: Mon, 12 Sep 2011 11:23:35 -0700 (PDT) Subject: [Dovecot] MySQL, map files In-Reply-To: <1315828341.7326.35.camel@hurina> References: <1315525950.915.YahooMailNeo@web39420.mail.mud.yahoo.com> <1315828341.7326.35.camel@hurina> Message-ID: <1315851815.71073.YahooMailNeo@web39415.mail.mud.yahoo.com> ----- Original Message ----- > From: Timo Sirainen > To: Steve Fatula > Cc: Dovecot List > Sent: Monday, September 12, 2011 6:52 AM > Subject: Re: [Dovecot] MySQL, map files > >> The reason I am asking is I have seen web pages that reference all >> sorts of statements within the map statement, and I have no idea where >> they are documented. Specifically, I see an example here (which is >> LDAP), look in section 3: >> >> http://dovecot.org/patches/1.2/ldap/HOWTO_dictldap+extdata.txt >> >> >> You will see lots of statements, not sure which ones can be used for >> MySQL (instead of LDAP). > > That patch's mapping references to Pigeonhole's extdata plugin. If you > install that plugin you can use SQL or flat file for the same maps. > Ok, so, now we get to the issue. What syntax can be used for the extdata plugin?? If I have an existing MySQL table with the structure: username preference value Username would be the dovecot user name. preference would be a constant, and, value is the variable I want to set via the extdata plugin. The primary key is username + preference (constant, in this case, say it's set to "POP3"). I want to use extdata to retrieve that value. Can it be done using extdata and MySQL map syntax, and if so, can you provide an example? Can I specify the query itself (i.e., select value from table t, another table at where....) From henson at acm.org Mon Sep 12 23:26:17 2011 From: henson at acm.org (Paul B. Henson) Date: Mon, 12 Sep 2011 13:26:17 -0700 Subject: [Dovecot] mysql auth failover failing In-Reply-To: <1315830646.7326.46.camel@hurina> References: <4E6ACC6C.6020200@acm.org> <1315830646.7326.46.camel@hurina> Message-ID: <4E6E6AE9.6040105@acm.org> On 9/12/2011 5:30 AM, Timo Sirainen wrote: > This works okay enough with PostgreSQL because it does asynchronous > lookups, so two simultaneous lookups create a second connection. > MySQL does synchronous lookups though, so the second connection is > normally never created. If I could, I think I'd rather run postgres; but so many things only support mysql you can't really get away with running only postgres, and it's not worth the effort to run two separate sql services . > I suppose the fix to this would be to always connect to all SQL > servers at startup. Perhaps it could be an option, either load balancing between all available servers, or only using later listed servers when the earlier listed ones are failing. For my purposes, either way is fine, as long as authentications don't fail :). The other contributor to this thread, who has a local mysql replica listed first and the central master listed second probably wouldn't want the load balanced between them. > It should have created the second connection here and not fail.. Based on the network traffic, it is really pounding the primary trying to connect, and occasionally connecting to the secondary only to immediately disconnect after either only one or very few queries. > I'll try to debug this soon. Thanks; let me know if there's anything I could do to help, or if there are any potential fixes you would like tested. -- Paul B. Henson | (909) 979-6361 | http://www.csupomona.edu/~henson/ Operating Systems and Network Analyst | henson at csupomona.edu California State Polytechnic University | Pomona CA 91768 From Lutz.Pressler at SerNet.DE Tue Sep 13 01:10:54 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Tue, 13 Sep 2011 00:10:54 +0200 Subject: [Dovecot] 2.1: imapc SUBSCRIBE problem In-Reply-To: References: <1315563414.3876.50.camel@hurina> <20110909102128.GA762256@gabi.sernet.de> <20110909144349.GA846637@gabi.sernet.de> <1315822557.7326.0.camel@hurina> Message-ID: On Mo, 12 Sep 2011, Timo Sirainen wrote: > On 12.9.2011, at 21.15, Lutz Pre?ler wrote: > > Not really. No error on SUBSCRIBE anymore, but it does not work > > permanently: > > > > 0 lsub "" "*" > > * LSUB () "." "INBOX.test.test2" > > [... further entries ...] > > 0 OK Lsub completed. > > 0 subscribe "INBOX.gmail.[Gmail].Spam" > > 0 OK Subscribe completed. > > <--- now subscriptions file includes > > "gmail.[Gmail]/Spam" The problem seems to be the different separators (I missed the "/" earlier). First level mailboxes on gmail do work (I mixed it up... INBOX.gmail.INBOX is fine, as is INBOX.gmail.test). > > There shouldn't be any changes to subscriptions file! The subscriptions are stored on remote IMAP server. Why? With subscriptions=no I would expect the local subscriptions file beeing used (and this is useful!) > What exactly have you set to your namespaces now? The imapc namespace has subscriptions=no. I also tested subscriptions=yes now. That works as expected. (Some glitch with "INBOX.gmail.[Gmail]" not beeing UNSUBSCRIBEbable when \Noselect, but that's probably a Gmail IMAP problem). Lutz From al-dovecot at none.at Tue Sep 13 01:42:44 2011 From: al-dovecot at none.at (Aleksandar Lazic) Date: Tue, 13 Sep 2011 00:42:44 +0200 Subject: [Dovecot] Sieve envelope :detail "to" "extention" does not deliver to fileinto destination In-Reply-To: <20110912142239.7ec8eb49@scorpio> References: <20110912171448.GB320@none.at> <20110912142239.7ec8eb49@scorpio> Message-ID: <20110912224244.GA27446@none.at> Dear Jerry, On Mon 12.09.2011 14:22, Jerry wrote: >On Mon, 12 Sep 2011 19:14:48 +0200 >Aleksandar Lazic articulated: > > > >> dovecot unix - n n - - pipe >> flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f >> ${sender} -d ${user}@${nexthop} -a ${original_recipient} >> # flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f >> ${sender} -d ${user}@${nexthop} -m ${extension} -a >> ${original_recipient} > >I use plus addressing and this is the entry in the master.cf file from >Postfix: > >dovecot unix - n n - - pipe > flags=DRhu user=vmail:vmail argv=/usr/local/libexec/dovecot/deliver -f ${sender} > -d ${user}@${nexthop} -a ${recipient} > >The "argv" could be different on your system; however the rest should >be the same as mine I would assume. If you do make a change, you will >have to restart Postfix for it to take effect. thanks for your info. I have changed the -a to recipient but nothing changed. I have now changed the if statement to ### if header :contains "Delivered-To" "pdnsusers" { ### this works, but the best would be to be able to use ### if envelope :contains :detail "to" "pdnsusers" { ### Is there a command like 'print envelope' or something else to see what variables and envelope deliver have? Here is the log, maybe you can see more the I ;-) ### Sep 13 00:33:18 lvps46-163-74-15 postfix/smtpd[6011]: connect from localhost.localdomain[127.0.0.1] Sep 13 00:33:52 lvps46-163-74-15 postfix/smtpd[6011]: B1EFE9FECC15: client=localhost.localdomain[127.0.0.1] Sep 13 00:34:12 lvps46-163-74-15 postfix/cleanup[5999]: B1EFE9FECC15: message-id=<20110912223352.B1EFE9FECC15 at external.non e.at> Sep 13 00:34:12 lvps46-163-74-15 postfix/qmgr[22260]: B1EFE9FECC15: from=, size=357, nrcpt=1 (queue active) Sep 13 00:34:12 lvps46-163-74-15 dovecot: lda: Debug: Loading modules from directory: /usr/lib/dovecot/modules Sep 13 00:34:12 lvps46-163-74-15 dovecot: lda: Debug: Module loaded: /usr/lib/dovecot/modules/lib15_notify_plugin.so Sep 13 00:34:12 lvps46-163-74-15 dovecot: lda: Debug: Module loaded: /usr/lib/dovecot/modules/lib20_mail_log_plugin.so Sep 13 00:34:12 lvps46-163-74-15 dovecot: lda: Debug: Module loaded: /usr/lib/dovecot/modules/lib90_sieve_plugin.so Sep 13 00:34:12 lvps46-163-74-15 dovecot: lda: Debug: auth input: al at none.at uid=5000 gid=5000 home=/var/vmail/none.at/al Sep 13 00:34:12 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: Effective uid=5000, gid=5000, home=/var/vmail/none.at/al Sep 13 00:34:12 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: maildir: root exists (/var/vmail/none.at/al/Maildir) Sep 13 00:34:12 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: maildir++: root=/var/vmail/none.at/al/Maildir, index=, control=, inbox=/var/vmail/none.at/al/Maildir, alt= Sep 13 00:34:12 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: none: root=, index=, control=, inbox=, alt= Sep 13 00:34:12 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: Destination address: al-pdnsusers at none.at (source: -a parameter) Sep 13 00:34:12 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: sieve: using sieve path for user's script: /var/vmail/none.at/al/.dovecot.sieve Sep 13 00:34:12 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: sieve: opening script /var/vmail/none.at/al/.dovecot.sieve Sep 13 00:34:12 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: sieve: script binary /var/vmail/none.at/al/.dovecot.svbin successfully loaded Sep 13 00:34:12 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: sieve: binary save: not saving binary /var/vmail/none.at/al/.dovecot.svbin, because it is already stored Sep 13 00:34:12 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: sieve: executing script from /var/vmail/none.at/al/.dovecot.svbin Sep 13 00:34:12 lvps46-163-74-15 dovecot: lda(al at none.at): save: box=INBOX, uid=61, msgid=<20110912223352.B1EFE9FECC15 at external.none.at>, size=412 Sep 13 00:34:12 lvps46-163-74-15 dovecot: lda(al at none.at): sieve: msgid=<20110912223352.B1EFE9FECC15 at external.none.at>: stored mail into mailbox 'INBOX' Sep 13 00:34:12 lvps46-163-74-15 postfix/pipe[6001]: B1EFE9FECC15: to=, relay=dovecot, delay=28, delays=28/0/0/0.02, dsn=2.0.0, status=sent (delivered via dovecot service) Sep 13 00:34:12 lvps46-163-74-15 postfix/qmgr[22260]: B1EFE9FECC15: removed Sep 13 00:34:14 lvps46-163-74-15 postfix/smtpd[6011]: disconnect from localhost.localdomain[127.0.0.1] ### From michael.abbott at apple.com Tue Sep 13 02:00:51 2011 From: michael.abbott at apple.com (Mike Abbott) Date: Mon, 12 Sep 2011 18:00:51 -0500 Subject: [Dovecot] two little fixes for 2.0.14 Message-ID: --- a/dovecot/src/lib-index/mail-index-view.c +++ b/dovecot/src/lib-index/mail-index-view.c @@ -9,7 +9,7 @@ void mail_index_view_clone(struct mail_index_view *dest, const struct mail_index_view *src) { - memset(dest, 0, sizeof(dest)); + memset(dest, 0, sizeof(*dest)); dest->refcount = 1; dest->v = src->v; dest->index = src->index; --- a/dovecot/src/lib-storage/mail-storage-service.c +++ b/dovecot/src/lib-storage/mail-storage-service.c @@ -870,7 +870,7 @@ } user = p_new(user_pool, struct mail_storage_service_user, 1); - memset(user_r, 0, sizeof(user_r)); + memset(user_r, 0, sizeof(*user_r)); user->pool = user_pool; user->input = *input; user->input.userdb_fields = NULL; From tss at iki.fi Tue Sep 13 02:10:29 2011 From: tss at iki.fi (Timo Sirainen) Date: Tue, 13 Sep 2011 02:10:29 +0300 Subject: [Dovecot] two little fixes for 2.0.14 In-Reply-To: References: Message-ID: <19B9A715-148B-4FCC-897F-D9F8CD5ECD77@iki.fi> On 13.9.2011, at 2.00, Mike Abbott wrote: > --- a/dovecot/src/lib-index/mail-index-view.c > +++ b/dovecot/src/lib-index/mail-index-view.c > @@ -9,7 +9,7 @@ > void mail_index_view_clone(struct mail_index_view *dest, > const struct mail_index_view *src) > { > - memset(dest, 0, sizeof(dest)); > + memset(dest, 0, sizeof(*dest)); > dest->refcount = 1; > dest->v = src->v; > dest->index = src->index; Luckily the only caller had it already cleared. Fixed anyway. > --- a/dovecot/src/lib-storage/mail-storage-service.c > +++ b/dovecot/src/lib-storage/mail-storage-service.c > @@ -870,7 +870,7 @@ > } > > user = p_new(user_pool, struct mail_storage_service_user, 1); > - memset(user_r, 0, sizeof(user_r)); > + memset(user_r, 0, sizeof(*user_r)); > user->pool = user_pool; > user->input = *input; > user->input.userdb_fields = NULL; Here the sizeof() is the same in both cases, but the entire memset() is rather pointless, so removed it. Did you find these with some tool, or grepping manually? :) From dovecot.user at seibercom.net Tue Sep 13 02:17:07 2011 From: dovecot.user at seibercom.net (Jerry) Date: Mon, 12 Sep 2011 19:17:07 -0400 Subject: [Dovecot] Sieve envelope :detail "to" "extention" does not deliver to fileinto destination In-Reply-To: <20110912224244.GA27446@none.at> References: <20110912171448.GB320@none.at> <20110912142239.7ec8eb49@scorpio> <20110912224244.GA27446@none.at> Message-ID: <20110912191707.42127757@scorpio> On Tue, 13 Sep 2011 00:42:44 +0200 Aleksandar Lazic articulated: > Dear Jerry, > > On Mon 12.09.2011 14:22, Jerry wrote: > >On Mon, 12 Sep 2011 19:14:48 +0200 > >Aleksandar Lazic articulated: > > > > > > > >> dovecot unix - n n - - pipe > >> flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f > >> ${sender} -d ${user}@${nexthop} -a ${original_recipient} > >> # flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f > >> ${sender} -d ${user}@${nexthop} -m ${extension} -a > >> ${original_recipient} > > > >I use plus addressing and this is the entry in the master.cf file > >from Postfix: > > > >dovecot unix - n n - - pipe > > flags=DRhu user=vmail:vmail > > argv=/usr/local/libexec/dovecot/deliver -f ${sender} -d > > ${user}@${nexthop} -a ${recipient} > > > >The "argv" could be different on your system; however the rest should > >be the same as mine I would assume. If you do make a change, you will > >have to restart Postfix for it to take effect. > > thanks for your info. > I have changed the -a to recipient but nothing changed. > > I have now changed the if statement to > > ### > if header :contains "Delivered-To" "pdnsusers" { > ### > > this works, but the best would be to be able to use > > ### > if envelope :contains :detail "to" "pdnsusers" { > ### > > Is there a command like 'print envelope' or something else to see what > variables and envelope deliver have? This is what I use, and it works fine. The example is something I use for FreeBSD. Example address: user+fbsd at example.com This is my sieve recipe: if envelope :detail "To" "fbsd" {fileinto "FreeBSD"; stop;} I hope this helps. -- Jerry ? Dovecot.user at seibercom.net Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __________________________________________________________________ Quidquid latine dictum sit, altum viditur. (Whatever is said in Latin sounds profound.) From mike at skew.org Tue Sep 13 05:55:34 2011 From: mike at skew.org (Mike Brown) Date: Mon, 12 Sep 2011 20:55:34 -0600 Subject: [Dovecot] signal 11 crash, sometimes, during mbox bz2 decompression In-Reply-To: <1315826932.7326.27.camel@hurina> References: <201108161100.p7GB0P3R073897@chilled.skew.org> <1314121664.10421.1314.camel@hurina> <4E6DC8FA.2050709@skew.org> <1315826932.7326.27.camel@hurina> Message-ID: <4E6EC626.2040305@skew.org> On 9/12/2011 5:28 AM, Timo Sirainen wrote: > Oh, wonder why no one else has complained about that. Fixed: > http://hg.dovecot.org/dovecot-2.0/rev/a930318a74a1 I tested this patch, and it's working like a charm. Thanks! From janfrode at tanso.net Tue Sep 13 09:34:12 2011 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Tue, 13 Sep 2011 08:34:12 +0200 Subject: [Dovecot] director ignoring director_mail_servers for lmtp connections In-Reply-To: <1315842951.89437.YahooMailNeo@web29120.mail.ird.yahoo.com> References: <1315842951.89437.YahooMailNeo@web29120.mail.ird.yahoo.com> Message-ID: <20110913063412.GA24399@oc1046828364.ibm.com> On Mon, Sep 12, 2011 at 04:55:51PM +0100, mailing lists wrote: > > how I can redirect incoming lmtp request to backend lmtp servers (and not just one)? what I'm missing here? > > director_mail_servers = 101.180.245.101 > director_servers = 101.180.245.101 Is this a loop maybe? director_mail_servers should list all your backend dovecot servers, space separated. Here's mine: director_mail_servers = 192.168.42.7 192.168.42.8 192.168.42.9 192.168.42.10 192.168.42.11 192.168.42.28 192.168.42.29 and director_servers should list all your director servers so that they can share info on where to direct each user, like: director_servers = 192.168.42.15 192.168.42.17 Then, if this is configured correctly "doveadm director status" should list your backend director_mail_servers: $ sudo doveadm director status mail server ip vhosts users 192.168.42.28 100 5220 192.168.42.29 100 4733 $ sudo doveadm director status janfrode at tanso.net Current: 192.168.42.28 (expires 2011-09-13 08:46:42) Hashed: 192.168.42.28 Initial config: 192.168.42.11 -jf From listas.correo at yahoo.es Tue Sep 13 10:45:34 2011 From: listas.correo at yahoo.es (mailing lists) Date: Tue, 13 Sep 2011 08:45:34 +0100 (BST) Subject: [Dovecot] director ignoring director_mail_servers for lmtp connections Message-ID: <1315899934.22565.YahooMailNeo@web29117.mail.ird.yahoo.com> On 09/13/2011 08:34 AM, Jan-Frode Myklebust wrote: > On Mon, Sep 12, 2011 at 04:55:51PM +0100, mailing lists wrote: >> >> director_mail_servers = 101.180.245.101 >> director_servers = 101.180.245.101 it works with imap connections, so I assumed it also would do it for lmtp. Sep 13 09:04:03 imap1 dovecot: imap-login: proxy(user001): started proxying to 10.180.245.101:143: user=, method=PLAIN, rip=::1, lip=:??? :1, secured > Is this a loop maybe?? director_mail_servers should list all > your backend dovecot servers, space separated. Here's mine: > > ??? director_mail_servers = 192.168.42.7 192.168.42.8 192.168.42.9 192.168.42.10 192.168.42.11 192.168.42.28 192.168.42.29 using only one director and backend would be fine for tests purposes (as it was with imap and not loops were formed) What I don't understand is why director insists in providing a proxy host from passdb when all it needs to do is pick the ones in director_mail_servers ?? Sep 12 17:14:13 imap1 dovecot: lmtp(25682): Error: proxy: host not given please could you post you lmtp configuration?? From pit11 at ukr.net Tue Sep 13 11:06:23 2011 From: pit11 at ukr.net (Peter Ignatov) Date: Tue, 13 Sep 2011 11:06:23 +0300 Subject: [Dovecot] Quota fs (don't start script quota-warning.sh) Message-ID: Hi, # doveadm -Dv quota get -u pit doveadm(pit): Debug: auth input: pit system_groups_user=pit uid=500 gid=500 home=/home/pit doveadm(pit): Debug: Effective uid=500, gid=500, home=/home/pit doveadm(pit): Debug: Quota root: name=INBOX backend=fs args=mount=/var/spool/mail doveadm(pit): Debug: Quota rule: root=INBOX mailbox=* bytes=19922944 messages=0 doveadm(pit): Debug: Quota warning: bytes=3984588 (20%) messages=0 reverse=no command=quota-warning 20 pit doveadm(pit): Debug: fs: root=/home/pit/mail, index=, control=, inbox=/var/spool/mail/pit doveadm(pit): Debug: fs quota add mailbox dir = /var/spool/mail doveadm(pit): Debug: fs quota block device = /dev/mapper/mpath1p1 doveadm(pit): Debug: fs quota mount point = /var/spool/mail doveadm(pit): Debug: fs quota mount type = ext2 Quota name Type Value Limit % INBOX STORAGE 4824 19456 24 But don't start script quota-warning.sh: #!/bin/sh PERCENT=$1 USER=$2 cat << EOF | /usr/libexec/dovecot/dovecot-lda -d $USER -o "plugin/quota=fs:INBOX:mount=/var/spool/mail:noenforcing" From: postmaster at domen.org Subject: quota warning Your mailbox is now $PERCENT% full. EOF #dovecot -n # 2.0.13: /etc/dovecot/dovecot.conf # OS: Linux 2.6.18-274.3.1.el5.asp121 x86_64 Red Hat Enterprise Linux Server release 5.6 (Tikanga) disable_plaintext_auth = no listen = * log_path = /var/log/dovecot.log mail_debug = yes mail_location = mbox:~/mail:INBOX=/var/spool/mail/%u mail_plugins = quota mail_privileged_group = mail mbox_write_locks = fcntl passdb { driver = pam } plugin { quota = fs:INBOX:mount=/var/spool/mail quota_rule = *:storage=19456 quota_warning = storage=20%% quota-warning 20 %u } protocols = pop3 service quota-warning { executable = script /usr/local/bin/quota-warning.sh unix_listener quota-warning { mode = 0666 } user = root } ssl_cert = References: Message-ID: <1315901546.10952.3.camel@hurina> On Tue, 2011-09-13 at 11:06 +0300, Peter Ignatov wrote: > Hi, > > # doveadm -Dv quota get -u pit > doveadm(pit): Debug: auth input: pit system_groups_user=pit uid=500 gid=500 home=/home/pit > doveadm(pit): Debug: Effective uid=500, gid=500, home=/home/pit > doveadm(pit): Debug: Quota root: name=INBOX backend=fs args=mount=/var/spool/mail > doveadm(pit): Debug: Quota rule: root=INBOX mailbox=* bytes=19922944 messages=0 > doveadm(pit): Debug: Quota warning: bytes=3984588 (20%) messages=0 reverse=no command=quota-warning 20 pit > Quota name Type Value Limit % > INBOX STORAGE 4824 19456 24 > > But don't start script quota-warning.sh: Have you read (and understood) when the quota warning gets run? Just because you're over quota now doesn't mean that the script is going to be run. http://wiki2.dovecot.org/Quota/Configuration#Quota_warnings (It's possible that there's a bug here with FS quota since no one's probably tried it before, but it's a lot of trouble for me to actually test that..) From listas.correo at yahoo.es Tue Sep 13 11:34:22 2011 From: listas.correo at yahoo.es (mailing lists) Date: Tue, 13 Sep 2011 09:34:22 +0100 (BST) Subject: [Dovecot] director ignoring director_mail_servers for lmtp connections Message-ID: <1315902862.4818.YahooMailNeo@web29104.mail.ird.yahoo.com> Hello, it works!! I was missing this line "auth_socket_path = director-userdb" Sep 13 10:26:12 imap1 dovecot: auth: Debug: master in: PASS?? 1?????? user001 at example.com ?? service=lmtp??? lip=100.180.245.101????? lport=1024? 8 Sep 13 10:26:12 imap1 dovecot: auth: Debug: static(user001 at example.com,100.180.242.38): lookup Sep 13 10:26:12 imap1 dovecot: auth: Debug: password(user001 at example.com,100.180.242.38): Credentials: Sep 13 10:26:12 imap1 dovecot: auth: Debug: master out: PASS? 1?????? user=user001 at example.com ????? proxy?? port=24 Sep 13 10:26:12 imap1 dovecot: lmtp(29659): Debug: auth input: user=user001 at example.com proxy port=24 host=100.180.245.101 proxy_refresh=450 Sep 13 10:26:12 imap1 dovecot: lmtp(29658): Debug: none: root=, index=, control=, inbox=, alt= Sep 13 10:26:12 imap1 dovecot: lmtp(29658): Connect from 100.180.245.101 full config for the archives: # dovecot? -c /etc/dovecot-director/dovecot.conf -n # 2.0.14: /etc/dovecot-director/dovecot.conf # OS: Linux 2.6.34.7-0.7-xen x86_64 openSUSE 11.3 (x86_64) auth_debug = yes auth_debug_passwords = yes auth_verbose = yes auth_verbose_passwords = plain base_dir = /var/run/dovecot-director/ director_mail_servers = 100.180.245.101 director_servers = 100.180.245.101 disable_plaintext_auth = no lmtp_proxy = yes mail_debug = yes mail_fsync = always mail_gid = 5000 mail_nfs_index = yes mail_nfs_storage = yes mail_plugins = acl mail_uid = 5000 managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy ine mmap_disable = yes passdb { ? args = proxy=y nopassword=y ? driver = static } plugin { ? acl = vfile ? sieve = ~/.dovecot.sieve ? sieve_dir = ~/sieve } protocols = imap lmtp service auth { ? unix_listener auth-userdb { ??? group = vmail ??? mode = 0666 ??? user = vmail ? } } service director { ? fifo_listener login/proxy-notify { ??? mode = 0666 ? } ? inet_listener { ??? port = 9090 ? } ? unix_listener director-userdb { ??? mode = 0666 ? } ? unix_listener login/director { ??? mode = 0666 ? } } service imap-login { ? executable = imap-login director ? inet_listener imap { ??? port = 10143 ? } } service lmtp { ? inet_listener lmtp { ??? port = 1024 ? } } ssl = no verbose_proctitle = yes protocol lmtp { ? auth_socket_path = director-userdb ? passdb { ??? args = proxy=y nopassword=y port=24 ??? driver = static ? } } protocol imap { ? mail_max_userip_connections = 100 } From tss at iki.fi Tue Sep 13 11:39:37 2011 From: tss at iki.fi (Timo Sirainen) Date: Tue, 13 Sep 2011 11:39:37 +0300 Subject: [Dovecot] 2.1: imapc SUBSCRIBE problem In-Reply-To: References: <1315563414.3876.50.camel@hurina> <20110909102128.GA762256@gabi.sernet.de> <20110909144349.GA846637@gabi.sernet.de> <1315822557.7326.0.camel@hurina> Message-ID: <1315903179.10952.4.camel@hurina> On Tue, 2011-09-13 at 00:10 +0200, Lutz Pre?ler wrote: > On Mo, 12 Sep 2011, Timo Sirainen wrote: > > On 12.9.2011, at 21.15, Lutz Pre?ler wrote: > > > Not really. No error on SUBSCRIBE anymore, but it does not work > > > permanently: > > > > > > 0 lsub "" "*" > > > * LSUB () "." "INBOX.test.test2" > > > [... further entries ...] > > > 0 OK Lsub completed. > > > 0 subscribe "INBOX.gmail.[Gmail].Spam" > > > 0 OK Subscribe completed. > > > <--- now subscriptions file includes > > > "gmail.[Gmail]/Spam" > The problem seems to be the different separators (I missed the "/" > earlier). First level mailboxes on gmail do work (I mixed it up... > INBOX.gmail.INBOX is fine, as is INBOX.gmail.test). Fixed: http://hg.dovecot.org/dovecot-2.1/rev/f3eb6cc4b627 > I also tested subscriptions=yes now. That works as expected. (Some glitch > with "INBOX.gmail.[Gmail]" not beeing UNSUBSCRIBEbable when \Noselect, > but that's probably a Gmail IMAP problem). Fixed: http://hg.dovecot.org/dovecot-2.1/rev/50d0906b556f From cgregoir99 at yahoo.com Tue Sep 13 11:59:08 2011 From: cgregoir99 at yahoo.com (Christian Gregoire) Date: Tue, 13 Sep 2011 09:59:08 +0100 (BST) Subject: [Dovecot] Dovecot and Lustre FS Message-ID: <1315904348.54893.YahooMailNeo@web29004.mail.ird.yahoo.com> Hello, Right now, I'm using Exim and a customized version of an old?(10 years old)?Atmail POP3 server written in Perl, with ~10000 mailboxes located on a?Lustre file system.?So far so good. Though, I plan to migrate from Atmail to Dovecot, to provide our customers with IMAP support. Has anyone any experience with Dovecot on Lustre FS ? Thanks Christian ? From tss at iki.fi Tue Sep 13 12:04:43 2011 From: tss at iki.fi (Timo Sirainen) Date: Tue, 13 Sep 2011 12:04:43 +0300 Subject: [Dovecot] Dovecot and Lustre FS In-Reply-To: <1315904348.54893.YahooMailNeo@web29004.mail.ird.yahoo.com> References: <1315904348.54893.YahooMailNeo@web29004.mail.ird.yahoo.com> Message-ID: <1315904688.10952.6.camel@hurina> On Tue, 2011-09-13 at 09:59 +0100, Christian Gregoire wrote: > Right now, I'm using Exim and a customized version of an old (10 years > old) Atmail POP3 server written in Perl, with ~10000 mailboxes located > on a Lustre file system. So far so good. > > Though, I plan to migrate from Atmail to Dovecot, to provide our > customers with IMAP support. Has anyone any experience with Dovecot on > Lustre FS ? If there's just one Dovecot server accessing mails, there shouldn't be any problems. If there are more, you should read http://wiki2.dovecot.org/MailLocation/SharedDisk and stress test the same mailbox at the same time from 2+ servers using http://imapwiki.org/ImapTest From tss at iki.fi Tue Sep 13 12:11:04 2011 From: tss at iki.fi (Timo Sirainen) Date: Tue, 13 Sep 2011 12:11:04 +0300 Subject: [Dovecot] MySQL, map files In-Reply-To: <1315851815.71073.YahooMailNeo@web39415.mail.mud.yahoo.com> References: <1315525950.915.YahooMailNeo@web39420.mail.mud.yahoo.com> <1315828341.7326.35.camel@hurina> <1315851815.71073.YahooMailNeo@web39415.mail.mud.yahoo.com> Message-ID: <1315905064.10952.10.camel@hurina> On Mon, 2011-09-12 at 11:23 -0700, Steve Fatula wrote: > >> http://dovecot.org/patches/1.2/ldap/HOWTO_dictldap+extdata.txt > >> > >> > >> You will see lots of statements, not sure which ones can be used for > >> MySQL (instead of LDAP). > > > > That patch's mapping references to Pigeonhole's extdata plugin. If you > > install that plugin you can use SQL or flat file for the same maps. > > > > > Ok, so, now we get to the issue. What syntax can be used for the extdata plugin? > > If I have an existing MySQL table with the structure: > > username > preference > value > > Username would be the dovecot user name. preference would be a constant, and, value is the variable I want to set via the extdata plugin. The primary key is username + preference (constant, in this case, say it's set to "POP3"). I want to use extdata to retrieve that value. Can it be done using extdata and MySQL map syntax, and if so, can you provide an example? Can I specify the query itself (i.e., select value from table t, another table at where....) Well, there are two fields that you need to map: responder_mode and responder_text (explained in the .txt file). Lets assume you have those two fields in an SQL table named responders. The maps would then be: map { pattern = priv/responder_mode table = responders username_field = username value_field = responder_mode } map { pattern = priv/responder_text table = responders username_field = username value_field = responder_text } You can change anything above except the patterns. From tss at iki.fi Tue Sep 13 12:45:26 2011 From: tss at iki.fi (Timo Sirainen) Date: Tue, 13 Sep 2011 12:45:26 +0300 Subject: [Dovecot] mysql auth failover failing In-Reply-To: <4E6E6AE9.6040105@acm.org> References: <4E6ACC6C.6020200@acm.org> <1315830646.7326.46.camel@hurina> <4E6E6AE9.6040105@acm.org> Message-ID: <1315907129.10952.12.camel@hurina> On Mon, 2011-09-12 at 13:26 -0700, Paul B. Henson wrote: > > I'll try to debug this soon. > > Thanks; let me know if there's anything I could do to help, or if there > are any potential fixes you would like tested. I can't seem to be able to reproduce this. It always connects to the second MySQL without any user visible errors. What does it log with the attached debug patch? -------------- next part -------------- A non-text attachment was scrubbed... Name: diff Type: text/x-patch Size: 3408 bytes Desc: not available URL: From ibrahim.harrani at gmail.com Tue Sep 13 13:53:59 2011 From: ibrahim.harrani at gmail.com (Ibrahim Harrani) Date: Tue, 13 Sep 2011 13:53:59 +0300 Subject: [Dovecot] "Waiting for authentication process to respond" for invalid users with auth_dovecot Message-ID: Hi, I am testing dovecot 2.0.13 and 2.0.14 with qmail-ldap and auth_dovecot patch. If i login to dovecot (pop3/imap) with correct user and password. no problem, I can login immediately. but if I try with nonexistant user, dovecot does not immediate answer, wait for a while and says "Waiting for authentication process to respond." auth_dovecot process remains working in the background. How can I avoid this situation? # telnet 0 143 Trying 0.0.0.0... Connected to 0. Escape character is '^]'. * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS AUTH=PLAIN] Dovecot ready. o login validuser validpass o OK [CAPABILITY IMAP4rev1 LITERAL+ SASL o login validuser wrongpass o NO [UNAVAILABLE] Temporary authentication failure. o login non-existant anypass * OK Waiting for authentication process to respond.. Here is output of dovecot -n # OS: Linux 2.6.32-71.el6.x86_64 x86_64 CentOS Linux release 6.0 (Final) auth_debug = yes auth_verbose = yes base_dir = /var/run/dovecot disable_plaintext_auth = no first_valid_gid = 100 last_valid_gid = 65000 last_valid_uid = 65000 listen = * log_path = /var/log/dovecot mail_debug = yes mail_location = maildir:~/Maildir passdb { args =/opt/qmail/smtp/bin/auth_dovecot ./Maildir/ driver = checkpassword } plugin { mechanisms = plain login quota = maildir } protocols = imap pop3 service imap-login { inet_listener imaps { port = 993 ssl = yes } process_min_avail = 1 } service imap-postlogin { executable = script-login /opt/qmail/scripts/dovecotpostlogin.sh } service imap { executable = imap imap-postlogin } service pop3-login { inet_listener pop3s { port = 995 ssl = yes } process_min_avail = 1 } ssl_cert = References: <1315904348.54893.YahooMailNeo@web29004.mail.ird.yahoo.com> Message-ID: <4E6F4EAE.30303@iinet.com.au> Hi Gregoire, > [..] with ~10000 mailboxes located on a Lustre file system. So far so good. This may be a bit off topic but... I thought that a lustre filesystem was not designed to store a lot of small files (e.g: due to MDS inodes) Can you tell us more about your experience ? Thomas From marcin at mejor.pl Tue Sep 13 16:42:16 2011 From: marcin at mejor.pl (=?UTF-8?B?TWFyY2luIE1pcm9zxYJhdw==?=) Date: Tue, 13 Sep 2011 15:42:16 +0200 Subject: [Dovecot] Problem with configuring dovecot to take namespaces from database In-Reply-To: <1315822918.7326.5.camel@hurina> References: <4E6782CB.1060803@mejor.pl> <04EE142A-25EF-4018-A8AB-C3A35CDF7B4E@iki.fi> <4E6786CF.2020102@mejor.pl> <4E678B66.60602@mejor.pl> <8F07F485-4BC4-40E5-A520-7F59C87A7863@iki.fi> <4E688A28.1090800@mejor.pl> <1315474812.3876.23.camel@hurina> <4E68A060.8090306@mejor.pl> <1315487921.3876.40.camel@hurina> <4E69F758.8050008@mejor.pl> <1315822918.7326.5.camel@hurina> Message-ID: <4E6F5DB8.60201@mejor.pl> W dniu 12.09.2011 12:21, Timo Sirainen pisze: > Not exactly like that, but you should be able to have a field called > "userdb_import" that contains data like: > > namespace=n1 n2namespace/n1/prefix=blah.etc. other fields > > Thes would of course have to be actual tab characters. Cool. I've changed field separator in db to more visible for human eyes, next i do replace in sql to tab and works good. Thank you for help! Regards, Marcin From cgregoir99 at yahoo.com Tue Sep 13 16:58:24 2011 From: cgregoir99 at yahoo.com (Christian Gregoire) Date: Tue, 13 Sep 2011 14:58:24 +0100 (BST) Subject: [Dovecot] Re : Dovecot and Lustre FS In-Reply-To: <4E6F4EAE.30303@iinet.com.au> References: <1315904348.54893.YahooMailNeo@web29004.mail.ird.yahoo.com> <4E6F4EAE.30303@iinet.com.au> Message-ID: <1315922304.12541.YahooMailNeo@web29005.mail.ird.yahoo.com> >> [..] with ~10000 mailboxes located on a Lustre file system. So far so good. >This may be a bit off topic but... I thought that a lustre filesystem was not designed to store a lot of small files (e.g: due to MDS inodes) >Can you tell us more about your experience ? Hi Thomas, We've developped our own MDA, and customized the POP server, thus for a given email, headers are stored in a MySQL database and the whole message (headers+body, mbox format) in the Lustre FS, in a directory based on the last 3 digits of its internal id (MySQL autoincrement) : 000 ?\_986544000 <- one email ?\_852125000 ??[...] 001 ?\_780284001 ?\_986545001 ??[...] [...] 999 ?\_489288999 ?\_326541999 ??[...] As we only provide POP support, we reach a maximum of 2500 files per directory. Lustre version is 1.4, with one MDS and 3 OST. We have 9 SMTP/POP servers connected to the LFS. Indeed, I have many concerns about IMAP+Lustre. For example,?should I use mbox or maildir ? I'd go with the second one but really don't know how Lustre would behave with potentially tens of thousands of files in one directory (according to the Lustre FAQ, it should perform fine :?http://wiki.lustre.org/index.php/FAQ_-_Sizing), but ... I've been through some previous posts (http://dovecot.org/list/dovecot/2010-January/046106.html and?http://www.dovecot.org/list/dovecot/2010-March/047673.html) and I'm also wondering whether I should switch to another FS. Any advice ? What is the most widely used clustered FS with Dovecot ?? Thanks in avance for sharing your experience. Christian From tss at iki.fi Tue Sep 13 17:06:20 2011 From: tss at iki.fi (Timo Sirainen) Date: Tue, 13 Sep 2011 17:06:20 +0300 Subject: [Dovecot] Re : Dovecot and Lustre FS In-Reply-To: <1315922304.12541.YahooMailNeo@web29005.mail.ird.yahoo.com> References: <1315904348.54893.YahooMailNeo@web29004.mail.ird.yahoo.com> <4E6F4EAE.30303@iinet.com.au> <1315922304.12541.YahooMailNeo@web29005.mail.ird.yahoo.com> Message-ID: <0621D64A-1E76-41AE-A1A6-9D6ECBF2299A@iki.fi> On 13.9.2011, at 16.58, Christian Gregoire wrote: > Indeed, I have many concerns about IMAP+Lustre. For example, should I use mbox or maildir ? I'd go with the second one but really don't know how Lustre would behave with potentially tens of thousands of files in one directory (according to the Lustre FAQ, it should perform fine : http://wiki.lustre.org/index.php/FAQ_-_Sizing), but ... You should try Dovecot's mdbox format. From Lutz.Pressler at SerNet.DE Tue Sep 13 19:12:37 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Tue, 13 Sep 2011 18:12:37 +0200 Subject: [Dovecot] imapc and imap_acl Message-ID: Hello (Timo), yes, I know... maybe it's a bit far fetched, but I do have a use case. Would it be (reasonably easily) possible to implement IMAP ACL support for "imported" imapc namespaces/mailboxes? There is no local directory (like with the virtual plugin) yet... Greetings, Lutz -- Lutz Pre?ler http://www.SerNet.DE/ SerNet Service Network GmbH, Bahnhofsallee 1b, D-37081 G?ttingen Tel.: +49-551-370000-2, FAX: +49-551-370000-9 AG G?ttingen, HRB 2816, GF: Dr. Johannes Loxen From tss at iki.fi Tue Sep 13 19:22:03 2011 From: tss at iki.fi (Timo Sirainen) Date: Tue, 13 Sep 2011 19:22:03 +0300 Subject: [Dovecot] imapc and imap_acl In-Reply-To: References: Message-ID: <57674CC7-1F64-4131-98C6-45CF8B54F23B@iki.fi> On 13.9.2011, at 19.12, Lutz Pre?ler wrote: > yes, I know... maybe it's a bit far fetched, but I do have a use case. > Would it be (reasonably easily) possible to implement IMAP ACL > support for "imported" imapc namespaces/mailboxes? > There is no local directory (like with the virtual plugin) yet... You mean you'd want local ACLs that apply to imapc mailboxes? I think that should work. For example if you set: mail_location = imapc:~/imapc Then for mailbox foo/bar the ACL file should be in ~/imapc/.foo.bar/dovecot-acl "Proxying" remote IMAP ACLs isn't possible and I'm not sure how that could be nicely implemented. From Lutz.Pressler at SerNet.DE Tue Sep 13 19:46:31 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Tue, 13 Sep 2011 18:46:31 +0200 Subject: [Dovecot] imapc and imap_acl In-Reply-To: <57674CC7-1F64-4131-98C6-45CF8B54F23B@iki.fi> References: <57674CC7-1F64-4131-98C6-45CF8B54F23B@iki.fi> Message-ID: On Di, 13 Sep 2011, Timo Sirainen wrote: > On 13.9.2011, at 19.12, Lutz Pre?ler wrote: > > > yes, I know... maybe it's a bit far fetched, but I do have a use case. > > Would it be (reasonably easily) possible to implement IMAP ACL > > support for "imported" imapc namespaces/mailboxes? > > There is no local directory (like with the virtual plugin) yet... > > You mean you'd want local ACLs that apply to imapc mailboxes? Yes, exactly. Great for "integrating" legacy IMAP servers without e.g. ACL support. > I think that should work. For example if you set: > > mail_location = imapc:~/imapc Oh, had not realized that a path argument is possible for imapc:. There are even index file then... > > Then for mailbox foo/bar the ACL file should be in ~/imapc/.foo.bar/dovecot-acl It almost works: Sep 13 18:37:58 hhh dovecot: imap(4482, uuu): Error: file_dotlock_open(/home/uuu/Maildir/gmail/.[Gmail].Alle Nachrichten /dovecot-acl) failed: No such file or directory After manually creating the ".[Gmail].Alle Nachrichten" directory, SETACL succeeds. > > "Proxying" remote IMAP ACLs isn't possible and I'm not sure how that could be nicely implemented. Would surely have it's use, too (but not here at the moment). Thanks, Lutz From Lutz.Pressler at SerNet.DE Tue Sep 13 19:58:31 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Tue, 13 Sep 2011 18:58:31 +0200 Subject: [Dovecot] multiple "imapc namespaces" Re: imapc and imap_acl In-Reply-To: <20110913164631.GA1874905@gabi.sernet.de> References: <57674CC7-1F64-4131-98C6-45CF8B54F23B@iki.fi> <20110913164631.GA1874905@gabi.sernet.de> Message-ID: On Tue, 13 Sep 2011, Lutz Pre?ler wrote: > On Di, 13 Sep 2011, Timo Sirainen wrote: > > mail_location = imapc:~/imapc > Oh, had not realized that a path argument is possible for imapc:. There are > even index file then... What about taking imapc parameters/credentials optionally from a file in this directory (like dovecot-virtual)? Lutz From al-dovecot at none.at Tue Sep 13 20:07:10 2011 From: al-dovecot at none.at (Aleksandar Lazic) Date: Tue, 13 Sep 2011 19:07:10 +0200 Subject: [Dovecot] Sieve envelope :detail "to" "extention" does not deliver to fileinto destination In-Reply-To: <20110912191707.42127757@scorpio> References: <20110912171448.GB320@none.at> <20110912142239.7ec8eb49@scorpio> <20110912224244.GA27446@none.at> <20110912191707.42127757@scorpio> Message-ID: <20110913170709.GA31770@none.at> On Mon 12.09.2011 19:17, Jerry wrote: >On Tue, 13 Sep 2011 00:42:44 +0200 >Aleksandar Lazic articulated: [snip] >> ### >> if envelope :contains :detail "to" "pdnsusers" { >> ### >> >> Is there a command like 'print envelope' or something else to see >> what variables and envelope deliver have? > >This is what I use, and it works fine. The example is something I use >for FreeBSD. > >Example address: user+fbsd at example.com > >This is my sieve recipe: > >if envelope :detail "To" "fbsd" {fileinto "FreeBSD"; stop;} > >I hope this helps. Thanks for you help. I haven't solved the issue, I moved to if header :contains "to" "pdnsusers" { fileinto "Lists.pdnsusers"; } Cheers Aleks From james.r.carr at gmail.com Tue Sep 13 20:24:38 2011 From: james.r.carr at gmail.com (James Carr) Date: Tue, 13 Sep 2011 12:24:38 -0500 Subject: [Dovecot] Migrating a dovecot setup from one server to another Message-ID: Hi All, I have a server with a dovecot + postfix setup and unfortunately the server is EOL'd. I have built a new ubuntu server out and I'm in the process of migrating everything over. In migrating the dovecot setup over, this is the list of items I have done: install dovecot, postfix, etc on the new server copy configuration files over copy /var/spool and /var/mail over Is there anything else I need to consider before switching MX records to point to the new server? Thanks, James From niksfirefly at net2000.pl Tue Sep 13 20:34:35 2011 From: niksfirefly at net2000.pl (Maciek Jackowski) Date: Tue, 13 Sep 2011 19:34:35 +0200 Subject: [Dovecot] any drawbacks with using Mailbox sharing with symlinks??? Message-ID: are there any drawbacks with using Mailbox sharing with symlinks??? based on: http://wiki.dovecot.org/SharedMailboxes/Symlinks I got virtual users with same permission unix user/group and didnt noticed any drawbacks yet but i want to ask From micah at riseup.net Tue Sep 13 23:16:28 2011 From: micah at riseup.net (Micah Anderson) Date: Tue, 13 Sep 2011 16:16:28 -0400 Subject: [Dovecot] quota percents References: <87sjo5wkfy.fsf@algae.riseup.net> <1315824208.7326.21.camel@hurina> <8739g1ka62.fsf@algae.riseup.net> Message-ID: <87wrdcfbab.fsf@algae.riseup.net> Timo Sirainen writes: > On 12.9.2011, at 19.17, Micah Anderson wrote: > >>>> However, it doesn't seem to work in practice, because I have a user that >>>> is at 99% of quota, with nothing in the Trash who cannot move a 77KB >>>> message into the Trash without getting the quota_exceeded message and >>>> refusing to move it. >>> >>> dovecot -n output? >> >> namespace { >> inbox = yes >> location = >> prefix = >> separator = . >> } >> namespace { >> hidden = yes >> inbox = no >> list = no >> location = >> prefix = INBOX. >> separator = . >> } > > Maybe the client is using the INBOX. namespace and trying to copy to INBOX.Trash instead of Trash? You could try adding another quota rule for INBOX.Trash. I should probably also change the quota code to follow "alias_for" directives. Then you could have only a single Trash, if you add "alias_for = " to the INBOX. namespace. ok, I made an INBOX.Trash quota rule: 90-quota.conf: quota_rule = *:bytes=24117248 90-quota.conf: quota_rule2 = Trash:bytes=+10%% 90-quota.conf: quota_rule2 = INBOX.Trash:bytes=+10%% 90-quota.conf: quota_rule3 = INBOX.Spam:bytes=+20%% and that seemed to solve the problem! micah ps - its very annoying to test quota with thunderbird, it doesn't update the information very reliably. -- From stephan at rename-it.nl Tue Sep 13 23:56:09 2011 From: stephan at rename-it.nl (Stephan Bosch) Date: Tue, 13 Sep 2011 22:56:09 +0200 Subject: [Dovecot] Released Pigeonhole v0.2.4 for Dovecot v2.0.14 Message-ID: <4E6FC369.1090506@rename-it.nl> Hello Dovecot users, I release a new version of Pigeonhole tonight. This release extends the configuration capabilities of the include and vacation extensions, adds the ihave extension (RFC 5463), and fixes a few small other things. Judging by Timo's plans, this will be one of the last feature releases for Dovecot v2.0, since I'll be switching active development to Dovecot v2.1 once that matures a little more. Changelog v0.2.4: + Vacation extension: finally added support for using the original recipient in vacation address check. It is also possible to disable the recipient address check entirely. Check doc/vacation.txt for configuration information. + Include extension: made limits on the include depth and the total number of included scripts configurable. Check doc/include.txt for configuration information. + Implemented ihave extension. This allows checking for the availability of Sieve language extensions at 'runtime'. Actually, this is checked at compile time. At runtime the interpreter checks whether extensions that were not previously available are still unavailable. If the situation changed, the script is re-compiled and the ihave tests are evaluated again. + Sieve: optimized compilation of tests that yield constant results (i.e. known at compile tme), such as 'true' and 'false'. No code is produced anymore for script sections that are never executed. Also, semantics are not verified anymore in uncompiled script sections. + Made vnd.dovecot.debug extension available to the LDA plugin instead of only the command line tools. + Sieve: redirect action now adds X-Sieve-Redirected-From header (mainly for people using SPF/SRS). - Sieve: fixed bug in handling flags and keywords; in case of error an assertion was triggered. - Script storage: improved handling of unconfigured user home directory. Originally this would produce an unhelpful error message. - Imap4flags extension: prevent forcibly enabling imap4flags when imapflags is enabled. - Fixed various -Wunused-but-set-variable compiler warnings. - Include extension: forgot to check variable identifier syntax for 'global' command. - Sieve: fixed debug mode; no messages were logged in some situations. - sievec tool: forgot to enable -D (debug) parameter. The release is available as follows: http://www.rename-it.nl/dovecot/2.0/dovecot-2.0-pigeonhole-0.2.4.tar.gz http://www.rename-it.nl/dovecot/2.0/dovecot-2.0-pigeonhole-0.2.4.tar.gz.sig Refer to http://pigeonhole.dovecot.org and the Dovecot v2.0 wiki for more information. Have fun testing this new release and don't hesitate to notify me when there are any problems. Regards, -- Stephan Bosch stephan at rename-it.nl From simon.brereton at buongiorno.com Wed Sep 14 00:47:18 2011 From: simon.brereton at buongiorno.com (Simon Brereton) Date: Tue, 13 Sep 2011 17:47:18 -0400 Subject: [Dovecot] Mails repopping In-Reply-To: <021d01cc715d$015f9400$041ebc00$@brereton@buongiorno.com> References: <004b01cc6f13$04a166d0$0de43470$@brereton@buongiorno.com> <1315823847.7326.17.camel@hurina> <021d01cc715d$015f9400$041ebc00$@brereton@buongiorno.com> Message-ID: <03a601cc725e$b66bc470$23434d50$@brereton@buongiorno.com> > -----Original Message----- > From: dovecot-bounces at dovecot.org [mailto:dovecot- > bounces at dovecot.org] On Behalf Of Simon Brereton > > -----Original Message----- > > From: Timo Sirainen [mailto:tss at iki.fi] On Fri, 2011-09-09 at 13:07 > > -0400, Simon Brereton wrote: > > > > > I have a server that's been running Courier for about 6 years and > > in > > > all that time I think I've only ever had 1 issues where an entire > > mail > > > box was repopped by a webmail client. However, since moving to a > > new > > > server and dovecot 4 weeks ago, I've now had the webmail client > > repop > > > this account 4 times (there are about 230 mails in the account). > > > > > > Is there a setting I need to tighten to prevent/remedy this? I > > have > > > no idea if it's happening on other accounts, but this is one that > I > > > see. The format is maildir. There has been no changes to the > > webmail > > > client. > > > > dovecot -n output would have been nice. Also do you see anything in > > error logs? > > Ah. My apologies of course. Here it is.. > > mail:~# dovecot -n > # 1.2.15: /etc/dovecot/dovecot.conf > # OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.2 ext3 > log_timestamp: %Y-%m-%d %H:%M:%S > protocols: imap imaps pop3 pop3s > ssl_ca_file: /etc/ssl/keys/rhodes-ca.crt > ssl_cert_file: /etc/ssl/keys/mail.domain.net.crt > ssl_key_file: /etc/ssl/private/mail.domain.net.key > disable_plaintext_auth: no > login_dir: /var/run/dovecot/login > login_executable(default): /usr/lib/dovecot/imap-login > login_executable(imap): /usr/lib/dovecot/imap-login > login_executable(pop3): /usr/lib/dovecot/pop3-login > mail_privileged_group: mailsystem > mail_location: maildir:/var/spool/mail/virtual/%d/%n > maildir_very_dirty_syncs: yes > mbox_write_locks: fcntl dotlock > mail_executable(default): /usr/lib/dovecot/imap > mail_executable(imap): /usr/lib/dovecot/imap > mail_executable(pop3): /usr/lib/dovecot/pop3 > mail_plugins(default): quota imap_quota > mail_plugins(imap): quota imap_quota > mail_plugins(pop3): quota > mail_plugin_dir(default): /usr/lib/dovecot/modules/imap > mail_plugin_dir(imap): /usr/lib/dovecot/modules/imap > mail_plugin_dir(pop3): /usr/lib/dovecot/modules/pop3 > imap_client_workarounds(default): outlook-idle delay-newmail > imap_client_workarounds(imap): outlook-idle delay-newmail > imap_client_workarounds(pop3): > pop3_client_workarounds(default): > pop3_client_workarounds(imap): > pop3_client_workarounds(pop3): outlook-no-nuls oe-ns-eoh > lda: > postmaster_address: postmaster at domain.net > mail_plugins: quota > log_path: > info_log_path: > deliver_log_format: msgid=%m: %f: %$ > auth default: > mechanisms: plain login > user: mailsystem > verbose: yes > passdb: > driver: sql > args: /etc/dovecot/dovecot-sql.conf > userdb: > driver: prefetch > userdb: > driver: static > args: uid=999 gid=115 home=/var/spool/mail/virtual/%d/%n > allow_all_users=yes > socket: > type: listen > client: > path: /var/spool/postfix/private/auth > mode: 432 > user: postfix > group: mailsystem > master: > path: /var/run/dovecot/auth-master > mode: 432 > user: mailsystem > group: mailsystem > plugin: > quota: maildir > > Could you make dovecot -n munge the certificate and postmaster email > addresses? I'm not comfortable with that floating on the internet.. > > The only thing I have in the logs is 2 sessions where mail was popped > (note, it doesn't even add up to the 183 messages in the mail box). > But those sessions are vastly longer than the regular ones (tens of > minutes compared to a few seconds). Since both IPs are on the back- > bone, that's quite a while to download 100 mails (none of which are > over > > Sep 11 21:36:25 mail dovecot: pop3-login: Login: > user=, method=PLAIN, rip=64.88.168.84, > lip=83.170.65.xxx, TLS Sep 11 21:36:34 mail dovecot: > POP3(user at domain.com): Disconnected: Logged out top=0/0, retr=0/0, > del=0/183, size=14025971 Sep 11 21:43:44 mail dovecot: pop3-login: > Login: user=, method=PLAIN, rip=64.88.168.84, > lip=83.170.65.xxx, TLS Sep 11 21:44:54 mail dovecot: > POP3(user at domain.com): Disconnected: Logged out top=0/0, retr=0/0, > del=0/183, size=14025971 Sep 11 21:52:31 mail dovecot: pop3-login: > Login: user=, method=PLAIN, rip=64.88.168.84, > lip=83.170.65.xxx, TLS Sep 11 22:56:01 mail dovecot: > POP3(user at domain.com): Disconnected: Logged out top=0/0, > retr=100/9182678, del=0/183, size=14025971 Sep 11 23:08:58 mail > dovecot: pop3-login: Login: user=, method=PLAIN, > rip=64.88.168.84, lip=83.170.65.xxx, TLS Sep 11 23:37:57 mail > dovecot: POP3(user at domain.com): Disconnected: Logged out top=0/0, > retr=75/4748674, del=0/183, size=14025971 Sep 12 00:04:11 mail > dovecot: pop3-login: Login: user=, method=PLAIN, > rip=64.88.168.84, lip=83.170.65.xxx, TLS Sep 12 00:04:26 mail > dovecot: POP3(user at domain.com): Disconnected: Logged out top=0/0, > retr=0/0, del=0/183, size=14025971 Sep 12 00:07:40 mail dovecot: > pop3-login: Login: user=, method=PLAIN, > rip=64.88.168.84, lip=83.170.65.xxx, TLS Sep 12 00:07:53 mail > dovecot: POP3(user at domain.com): Disconnected: Logged out top=0/0, > retr=0/0, del=0/183, size=14025971 > > > > If you're using the default pop3_uidl_format it'll rely on IMAP > UIDs > > to stay the same, and I guess it's possible that due to some other > > problem they change (that should be logged as an error/warning > > though). > > > > You could try setting pop3_uidl_format=%f, but it will cause > everyone > > to redownload mails. With newer Dovecot versions you could set > > pop3_save_uidl=yes and when you think everyone's downloaded mails > once > > you can safely change the pop3_uidl_format. > > Sorry, I'm very new to dovecot and I'm not sure I understand. I > presume because neither of those keys are in the dovecot -n output > that they are as the defaults, yes? The account is indeed accessed > by IMAP as well (from a mobile device mostly), but I don't see > anything fishy there either. How could I see if the IMAP UIDs have > changed? > > Sep 11 21:20:32 mail dovecot: IMAP(user at domain.com): Connection > closed bytes=1095/8292 > > Sep 11 21:26:03 mail dovecot: imap-login: Login: > user=, method=PLAIN, rip=174.252.83.244, > lip=83.170.65.xxx, TLS Sep 11 22:11:20 mail dovecot: > IMAP(user at domain.com): Disconnected for inactivity bytes=725/5638 Sep > 11 22:17:10 mail dovecot: imap-login: Login: user=, > method=PLAIN, rip=174.252.83.244, lip=83.170.65.xxx, TLS Sep 11 > 23:12:06 mail dovecot: IMAP(user at domain.com): Disconnected for > inactivity bytes=1471/11025 Sep 11 23:23:22 mail dovecot: imap-login: > Login: user=, method=PLAIN, rip=174.252.83.244, > lip=83.170.65.xxx, TLS Sep 11 23:52:52 mail dovecot: > IMAP(user at domain.com): Connection closed bytes=1841/13679 Sep 12 > 00:08:47 mail dovecot: imap-login: Login: user=, > method=PLAIN, rip=174.252.83.244, lip=83.170.65.xxx, TLS Sep 12 > 01:19:05 mail dovecot: imap-login: Login: user=, > method=PLAIN, rip=174.252.83.244, lip=83.170.65.xxx, TLS Sep 12 > 02:57:01 mail dovecot: IMAP(user at domain.com): Connection closed > bytes=2713/60026 Sep 12 02:57:01 mail dovecot: IMAP(user at domain.com): > Connection closed bytes=2688/18635 > > > There are no errors or warnings in the mail log (I have one shared > log file for postfix, amavis and dovecot). Reading the notes for > pop3_save_uidl it doesn't seem to be a dangerous option - should I > turn that on? Why will it force everyone to redownload mails > (there's nothing about it on the wiki)? > > Thanks! > > Simon Any help would be appreciated. Thanks. Simon From stephan at rename-it.nl Wed Sep 14 01:14:24 2011 From: stephan at rename-it.nl (Stephan Bosch) Date: Wed, 14 Sep 2011 00:14:24 +0200 Subject: [Dovecot] New plugin for Pigeonhole Sieve: sieve_pipe Message-ID: <4E6FD5C0.5050304@rename-it.nl> Hello, I've finished up work on a new plugin for Pigeonhole Sieve: sieve_pipe. It adds a new Sieve extension (vnd.dovecot.pipe) providing a new action command that provides the possibility to pipe messages to external programs (e.g. shell scripts). The programs available to this command are explicitly limited and subject to administrator configuration. The plugin can currently only be downloaded from the Mercurial repository: http://hg.rename-it.nl/pigeonhole-0.2-sieve-pipe Check the README/INSTALL files in the repository or the new wiki page for more information: http://hg.rename-it.nl/pigeonhole-0.2-sieve-pipe/raw-file/tip/README http://hg.rename-it.nl/pigeonhole-0.2-sieve-pipe/raw-file/tip/INSTALL http://master.wiki2.dovecot.org/Pigeonhole/Sieve/Plugins/Pipe The specification of the vnd.dovecot.pipe extension can be found here: http://hg.rename-it.nl/pigeonhole-0.2-sieve-pipe/raw-file/tip/doc/rfc/spec-bosch-sieve-pipe.txt I'd still call this thing very much experimental, so be sure to test it extensively first. Don't hesitate to notify me when there are any problems. Regards, Stephan. From slusarz at curecanti.org Wed Sep 14 01:15:36 2011 From: slusarz at curecanti.org (Michael M Slusarz) Date: Tue, 13 Sep 2011 16:15:36 -0600 Subject: [Dovecot] Mails repopping Message-ID: <20110913161536.Horde.smZyNoF5lbhOb9YIt_IE8WA@bigworm.curecanti.org> Quoting Simon Brereton : >> -----Original Message----- >> From: dovecot-bounces at dovecot.org [mailto:dovecot- >> bounces at dovecot.org] On Behalf Of Simon Brereton >> > -----Original Message----- >> > From: Timo Sirainen [mailto:tss at iki.fi] On Fri, 2011-09-09 at 13:07 >> > -0400, Simon Brereton wrote: >> > >> > > I have a server that's been running Courier for about 6 years and >> > in >> > > all that time I think I've only ever had 1 issues where an entire >> > mail >> > > box was repopped by a webmail client. However, since moving to a >> > new >> > > server and dovecot 4 weeks ago, I've now had the webmail client >> > repop >> > > this account 4 times (there are about 230 mails in the account). >> > > >> > > Is there a setting I need to tighten to prevent/remedy this? I >> > have >> > > no idea if it's happening on other accounts, but this is one that >> I >> > > see. The format is maildir. There has been no changes to the >> > webmail >> > > client. >> > >> > dovecot -n output would have been nice. Also do you see anything in >> > error logs? >> >> Ah. My apologies of course. Here it is.. >> >> mail:~# dovecot -n >> # 1.2.15: /etc/dovecot/dovecot.conf >> # OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.2 ext3 >> log_timestamp: %Y-%m-%d %H:%M:%S >> protocols: imap imaps pop3 pop3s >> ssl_ca_file: /etc/ssl/keys/rhodes-ca.crt >> ssl_cert_file: /etc/ssl/keys/mail.domain.net.crt >> ssl_key_file: /etc/ssl/private/mail.domain.net.key >> disable_plaintext_auth: no >> login_dir: /var/run/dovecot/login >> login_executable(default): /usr/lib/dovecot/imap-login >> login_executable(imap): /usr/lib/dovecot/imap-login >> login_executable(pop3): /usr/lib/dovecot/pop3-login >> mail_privileged_group: mailsystem >> mail_location: maildir:/var/spool/mail/virtual/%d/%n >> maildir_very_dirty_syncs: yes >> mbox_write_locks: fcntl dotlock >> mail_executable(default): /usr/lib/dovecot/imap >> mail_executable(imap): /usr/lib/dovecot/imap >> mail_executable(pop3): /usr/lib/dovecot/pop3 >> mail_plugins(default): quota imap_quota >> mail_plugins(imap): quota imap_quota >> mail_plugins(pop3): quota >> mail_plugin_dir(default): /usr/lib/dovecot/modules/imap >> mail_plugin_dir(imap): /usr/lib/dovecot/modules/imap >> mail_plugin_dir(pop3): /usr/lib/dovecot/modules/pop3 >> imap_client_workarounds(default): outlook-idle delay-newmail >> imap_client_workarounds(imap): outlook-idle delay-newmail >> imap_client_workarounds(pop3): >> pop3_client_workarounds(default): >> pop3_client_workarounds(imap): >> pop3_client_workarounds(pop3): outlook-no-nuls oe-ns-eoh >> lda: >> postmaster_address: postmaster at domain.net >> mail_plugins: quota >> log_path: >> info_log_path: >> deliver_log_format: msgid=%m: %f: %$ >> auth default: >> mechanisms: plain login >> user: mailsystem >> verbose: yes >> passdb: >> driver: sql >> args: /etc/dovecot/dovecot-sql.conf >> userdb: >> driver: prefetch >> userdb: >> driver: static >> args: uid=999 gid=115 home=/var/spool/mail/virtual/%d/%n >> allow_all_users=yes >> socket: >> type: listen >> client: >> path: /var/spool/postfix/private/auth >> mode: 432 >> user: postfix >> group: mailsystem >> master: >> path: /var/run/dovecot/auth-master >> mode: 432 >> user: mailsystem >> group: mailsystem >> plugin: >> quota: maildir >> >> Could you make dovecot -n munge the certificate and postmaster email >> addresses? I'm not comfortable with that floating on the internet.. >> >> The only thing I have in the logs is 2 sessions where mail was popped >> (note, it doesn't even add up to the 183 messages in the mail box). >> But those sessions are vastly longer than the regular ones (tens of >> minutes compared to a few seconds). Since both IPs are on the back- >> bone, that's quite a while to download 100 mails (none of which are >> over >> >> Sep 11 21:36:25 mail dovecot: pop3-login: Login: >> user=, method=PLAIN, rip=64.88.168.84, >> lip=83.170.65.xxx, TLS Sep 11 21:36:34 mail dovecot: >> POP3(user at domain.com): Disconnected: Logged out top=0/0, retr=0/0, >> del=0/183, size=14025971 Sep 11 21:43:44 mail dovecot: pop3-login: >> Login: user=, method=PLAIN, rip=64.88.168.84, >> lip=83.170.65.xxx, TLS Sep 11 21:44:54 mail dovecot: >> POP3(user at domain.com): Disconnected: Logged out top=0/0, retr=0/0, >> del=0/183, size=14025971 Sep 11 21:52:31 mail dovecot: pop3-login: >> Login: user=, method=PLAIN, rip=64.88.168.84, >> lip=83.170.65.xxx, TLS Sep 11 22:56:01 mail dovecot: >> POP3(user at domain.com): Disconnected: Logged out top=0/0, >> retr=100/9182678, del=0/183, size=14025971 Sep 11 23:08:58 mail >> dovecot: pop3-login: Login: user=, method=PLAIN, >> rip=64.88.168.84, lip=83.170.65.xxx, TLS Sep 11 23:37:57 mail >> dovecot: POP3(user at domain.com): Disconnected: Logged out top=0/0, >> retr=75/4748674, del=0/183, size=14025971 Sep 12 00:04:11 mail >> dovecot: pop3-login: Login: user=, method=PLAIN, >> rip=64.88.168.84, lip=83.170.65.xxx, TLS Sep 12 00:04:26 mail >> dovecot: POP3(user at domain.com): Disconnected: Logged out top=0/0, >> retr=0/0, del=0/183, size=14025971 Sep 12 00:07:40 mail dovecot: >> pop3-login: Login: user=, method=PLAIN, >> rip=64.88.168.84, lip=83.170.65.xxx, TLS Sep 12 00:07:53 mail >> dovecot: POP3(user at domain.com): Disconnected: Logged out top=0/0, >> retr=0/0, del=0/183, size=14025971 >> >> >> > If you're using the default pop3_uidl_format it'll rely on IMAP >> UIDs >> > to stay the same, and I guess it's possible that due to some other >> > problem they change (that should be logged as an error/warning >> > though). >> > >> > You could try setting pop3_uidl_format=%f, but it will cause >> everyone >> > to redownload mails. With newer Dovecot versions you could set >> > pop3_save_uidl=yes and when you think everyone's downloaded mails >> once >> > you can safely change the pop3_uidl_format. >> >> Sorry, I'm very new to dovecot and I'm not sure I understand. I >> presume because neither of those keys are in the dovecot -n output >> that they are as the defaults, yes? The account is indeed accessed >> by IMAP as well (from a mobile device mostly), but I don't see >> anything fishy there either. How could I see if the IMAP UIDs have >> changed? >> >> Sep 11 21:20:32 mail dovecot: IMAP(user at domain.com): Connection >> closed bytes=1095/8292 >> >> Sep 11 21:26:03 mail dovecot: imap-login: Login: >> user=, method=PLAIN, rip=174.252.83.244, >> lip=83.170.65.xxx, TLS Sep 11 22:11:20 mail dovecot: >> IMAP(user at domain.com): Disconnected for inactivity bytes=725/5638 Sep >> 11 22:17:10 mail dovecot: imap-login: Login: user=, >> method=PLAIN, rip=174.252.83.244, lip=83.170.65.xxx, TLS Sep 11 >> 23:12:06 mail dovecot: IMAP(user at domain.com): Disconnected for >> inactivity bytes=1471/11025 Sep 11 23:23:22 mail dovecot: imap-login: >> Login: user=, method=PLAIN, rip=174.252.83.244, >> lip=83.170.65.xxx, TLS Sep 11 23:52:52 mail dovecot: >> IMAP(user at domain.com): Connection closed bytes=1841/13679 Sep 12 >> 00:08:47 mail dovecot: imap-login: Login: user=, >> method=PLAIN, rip=174.252.83.244, lip=83.170.65.xxx, TLS Sep 12 >> 01:19:05 mail dovecot: imap-login: Login: user=, >> method=PLAIN, rip=174.252.83.244, lip=83.170.65.xxx, TLS Sep 12 >> 02:57:01 mail dovecot: IMAP(user at domain.com): Connection closed >> bytes=2713/60026 Sep 12 02:57:01 mail dovecot: IMAP(user at domain.com): >> Connection closed bytes=2688/18635 >> >> >> There are no errors or warnings in the mail log (I have one shared >> log file for postfix, amavis and dovecot). Reading the notes for >> pop3_save_uidl it doesn't seem to be a dangerous option - should I >> turn that on? Why will it force everyone to redownload mails >> (there's nothing about it on the wiki)? >> >> Thanks! >> >> Simon > > Any help would be appreciated. What do you mean by "repopped"? You mean downloading the entire data of the messages from the POP3 server? This is expected behavior when using a stateless (e.g. webmail) client. Kind of the whole reason you don't use POP3 in the first place. Although caching can help. e.g., Here's what the first connection to the server looks like (this is using IMP 5 on a mailstore with 82 messages): S (1315951197.4976): +OK Dovecot ready. C (1315951197.513): [AUTH PLAIN Command - username: slusarz] S (1315951197.5319): +OK Logged in. C (1315951197.5325): STAT S (1315951197.5328): +OK 82 482351 C (1315951197.5348): UIDL S (1315951197.5354): +OK S (1315951197.5354): 1 000000014935d409 S (1315951197.5354): 2 000000024935d409 S (1315951197.5354): 3 000000114935d409 [...] S (1315951197.5363): 82 000000824935d409 S (1315951197.5363): . C (1315951197.9582): TOP 1 0 S (1315951198.0411): From user at domain.com Thu Jun 22 11:16:26 2006 [...] S (1315951198.0416): . [...] C (1315951199.0607): LIST S (1315951199.061): +OK 82 messages: S (1315951199.061): 1 118630 [...] S (1315951199.0619): . We need to grab all headers so we can build the envelope information (needed to produce the mailbox listing). And the LIST command grabs the size information (also used in the mailbox listing). But remember that the full headers will need to be redownloaded *EVERY* time you reload the page unless some sort of caching is enabled in the client. That's just the nature of POP3. (IMAP has the same sort of issues - if the stateless client does not cache, the envelope information must be downloaded on every access. However, with IMAP, the network traffic is reduced - you can download only the needed information, not all header text - and IMAP servers have the ability to cache this information behind the scenes due to the abstraction of the API.). This is where caching is pretty much essential on the webmail side. If caching is enabled, the best-case scenario is that the the webmail server only needs to grab the list of UIDLs on every POP3 server access going forward - if the UIDL list has not changed, we know the mailbox hasn't changed and the cached information is still valid. (CONDSTORE/QRESYNC extensions for IMAP make this synchronization check even more efficient in IMAP) michael From janfrode at tanso.net Wed Sep 14 10:12:52 2011 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Wed, 14 Sep 2011 09:12:52 +0200 Subject: [Dovecot] Warning: Subscriptions file .. Removing invalid entry: Message-ID: <20110914071252.GA13849@oc1046828364.ibm.com> One of our dovecot-servers (v2.0.14) got a bit too busy last evening: Sep 13 20:39:18 popimap1 dovecot: master: Warning: service(pop3-login): process_limit reached, client connections are being dropped then logged a few: Sep 13 20:39:20 popimap1 dovecot: pop3(XXXXXXXXX at YYYYY.YY): Warning: I/O leak: 0x3829233d20 (10) Sep 13 20:39:20 popimap1 dovecot: pop3(XXXXXXXXX at YYYYY.YY): Warning: Timeout leak: 0x3829233ce0 Sep 13 20:39:20 popimap1 dovecot: pop3(ZZZZZ.ZZZZZ at ZZZZZZ.ZZ): Warning: I/O leak: 0x3829233d20 (10) Sep 13 20:39:20 popimap1 dovecot: pop3(ZZZZZ.ZZZZZ at ZZZZZZ.ZZ): Warning: Timeout leak: 0x3829233ce0 Sep 13 20:39:20 popimap1 dovecot: pop3(YYYYYYY at YYYY.YYY): Warning: I/O leak: 0x3829233d20 (10) Sep 13 20:39:20 popimap1 dovecot: pop3(YYYYYYY at YYYY.YYY): Warning: Timeout leak: 0x3829233ce0 Sep 13 20:39:20 popimap1 dovecot: pop3-postlogin: Error: Fatal: fd_send() failed: Broken pipe Sep 13 20:39:20 popimap1 dovecot: pop3-postlogin: Error: Fatal: fd_send() failed: Broken pipe and: Error: net_connect_unix(/var/run/dovecot/pop3-postlogin) failed: Resource temporarily unavailable but what has me a bit worried is these: imap(user at xxx.xxx): Warning: Subscriptions file /path/to/user at xxx.xxx/subscriptions: Removing invalid entry: .Sent imap(user at xxx.xxx): Warning: Subscriptions file /path/to/user at xxx.xxx/subscriptions: Removing invalid entry: .Spam imap(user at xxx.xxx): Warning: Subscriptions file /path/to/user at xxx.xxx/subscriptions: Removing invalid entry: .Drafts imap(user at xxx.xxx): Warning: Subscriptions file /path/to/user at xxx.xxx/subscriptions: Removing invalid entry: .Trash which happened for a two users during this high load periode. Looking at their mail directory I can't see why these should be invalid? They're there, has sane permissions and contains messages.. -jf From janfrode at tanso.net Wed Sep 14 10:34:21 2011 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Wed, 14 Sep 2011 09:34:21 +0200 Subject: [Dovecot] Warning: Subscriptions file .. Removing invalid entry: In-Reply-To: <20110914071252.GA13849@oc1046828364.ibm.com> References: <20110914071252.GA13849@oc1046828364.ibm.com> Message-ID: <20110914073421.GA14411@oc1046828364.ibm.com> On Wed, Sep 14, 2011 at 09:12:52AM +0200, Jan-Frode Myklebust wrote: > but what has me a bit worried is these: > > imap(user at xxx.xxx): Warning: Subscriptions file /path/to/user at xxx.xxx/subscriptions: Removing invalid entry: .Sent > imap(user at xxx.xxx): Warning: Subscriptions file /path/to/user at xxx.xxx/subscriptions: Removing invalid entry: .Spam > imap(user at xxx.xxx): Warning: Subscriptions file /path/to/user at xxx.xxx/subscriptions: Removing invalid entry: .Drafts > imap(user at xxx.xxx): Warning: Subscriptions file /path/to/user at xxx.xxx/subscriptions: Removing invalid entry: .Trash > > which happened for a two users during this high load periode. Looking at > their mail directory I can't see why these should be invalid? They're there, > has sane permissions and contains messages.. I see now that this probably has nothing to do with the pop3 process_limit. It's been happening regularly since we upgraded from v1.2.16 to v2.0 on August 30. Initially 200+ times a day, but has dropped down to 30-50 times a day for the last few days. Probably because of subscription files getting emptied for the imap-users. Is this a problem with our namespace: namespace { inbox = yes location = prefix = INBOX. type = private } which for v1.2.x was defined as: namespace private { prefix = INBOX. inbox = yes } -jf From isolderj at webmail.co.za Wed Sep 14 08:48:28 2011 From: isolderj at webmail.co.za (James isolder) Date: Wed, 14 Sep 2011 07:48:28 +0200 Subject: [Dovecot] IMAP delete logs Message-ID: Version - 1.2.17 Is there a way to include message or folder deletion logs in the dovecot log files. Thanks in advance. ____________________________________________________________ South Africas premier free email service - www.webmail.co.za For super low premiums, click here. http://www.dialdirect.co.za/?vdn=15828 From bra at fsn.hu Wed Sep 14 14:32:09 2011 From: bra at fsn.hu (Attila Nagy) Date: Wed, 14 Sep 2011 13:32:09 +0200 Subject: [Dovecot] Maildir "locking" Message-ID: <4E7090B9.1000103@fsn.hu> Hello, I'm looking for the alternative of qmail's chmod -t (sticky bit on the maildir root) for Dovecot. What I'm trying to achieve with this lock: - Dovecot lmtp should give back a temporary error (so the email will be deferred and re-delivered later) - all other Dovecot daemons (pop, imap) should work as usual, but should not alter maildir contents (they can modify their own files, like indexes, logs etc) What is the best way to do this? If there is no such thing currently, would it be hard to implement the sticky bit checking on the root? Thanks, From Lutz.Pressler at SerNet.DE Wed Sep 14 14:40:00 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Wed, 14 Sep 2011 13:40:00 +0200 Subject: [Dovecot] imapc vs auth-userdb security Message-ID: Hello, with imapc settings coming from userdb (individual configuration necessary) there exists a security problem if access to auth-userdb socket is given to normal (shell) users: testuser at host:~$ doveadm user user1 userdb: lpmail uid : 1000 gid : 1111 home : /home/user1 namespace : gmail namespace/gmail/list: yes namespace/gmail/subscriptions: no namespace/gmail/separator: . namespace/gmail/prefix: INBOX.gmail. namespace/gmail/location: imapc:~/Maildir/gmail imapc_host: imap.gmail.com imapc_user: someuser at gmail.com imapc_password: cleartextpassword! imapc_ssl : imaps imapc_ssl_ca_dir: /etc/ssl/certs imapc_port: 993 Lutz From tss at iki.fi Wed Sep 14 14:46:26 2011 From: tss at iki.fi (Timo Sirainen) Date: Wed, 14 Sep 2011 14:46:26 +0300 Subject: [Dovecot] imapc vs auth-userdb security In-Reply-To: References: Message-ID: <346DECBE-B7F8-40A2-9485-EFF3B547C8ED@iki.fi> On 14.9.2011, at 14.40, Lutz Pre?ler wrote: > with imapc settings coming from userdb (individual configuration necessary) > there exists a security problem if access to auth-userdb socket is given > to normal (shell) users: So don't give it to them? :) Actually this should be pretty much solved with v2.1 defaults. If the auth-userdb socket is 0666 root:root (default now), it requires that the calling process either has root user/group privileges or its uid matches the one returned by userdb, otherwise it won't return any fields. From Lutz.Pressler at SerNet.DE Wed Sep 14 14:57:00 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Wed, 14 Sep 2011 13:57:00 +0200 Subject: [Dovecot] imapc vs auth-userdb security In-Reply-To: <346DECBE-B7F8-40A2-9485-EFF3B547C8ED@iki.fi> References: <346DECBE-B7F8-40A2-9485-EFF3B547C8ED@iki.fi> Message-ID: On Mi, 14 Sep 2011, Timo Sirainen wrote: > On 14.9.2011, at 14.40, Lutz Pre?ler wrote: > > > with imapc settings coming from userdb (individual configuration necessary) > > there exists a security problem if access to auth-userdb socket is given > > to normal (shell) users: > > So don't give it to them? :) Actually this should be pretty much solved with v2.1 defaults. If the auth-userdb socket is 0666 root:root (default now), it requires that the calling process either has root user/group privileges or its uid matches the one returned by userdb, otherwise it won't return any fields. I had to change that because of shared mailboxes and usage of %%h. Maybe one could return only home if uid does not match? Lutz From mailing at securitylabs.it Wed Sep 14 15:40:21 2011 From: mailing at securitylabs.it (mailing at securitylabs.it) Date: Wed, 14 Sep 2011 14:40:21 +0200 Subject: [Dovecot] IMAP delete logs In-Reply-To: References: Message-ID: <4E70A0B5.2060706@securitylabs.it> Il 14/09/2011 07:48, James isolder ha scritto: > Version - 1.2.17 > > Is there a way to include message or folder deletion logs in the dovecot log > files. > > Yes, you can use the mail logger plugin: http://wiki.dovecot.org/Plugins/MailLog From gjlama94 at gmail.com Wed Sep 14 14:14:15 2011 From: gjlama94 at gmail.com (Gerald LaMontagne) Date: Wed, 14 Sep 2011 07:14:15 -0400 Subject: [Dovecot] General IMAP Question Message-ID: <20110914111415.GA4866@stryder.lamafam.org> Hi- I'm developing an IMAP client library in lua and tried using a literal form of the STATUS command. Dovecot rejected the command. I was successfully able to use a literal form of the LOGIN command, so I have some confidence in my code working properly. Is this correct and, if so, is there a list of IMAP commands that don't support the literal form? I searched hi and lo for something, but have been unable to find an answer. Thanks for your time. Regards- Gerry LaMontagne -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 230 bytes Desc: Digital signature URL: From tss at iki.fi Wed Sep 14 16:23:23 2011 From: tss at iki.fi (Timo Sirainen) Date: Wed, 14 Sep 2011 16:23:23 +0300 Subject: [Dovecot] General IMAP Question In-Reply-To: <20110914111415.GA4866@stryder.lamafam.org> References: <20110914111415.GA4866@stryder.lamafam.org> Message-ID: <565DA56D-E2B7-4E42-9AE0-F2BED99E1D89@iki.fi> On 14.9.2011, at 14.14, Gerald LaMontagne wrote: > I'm developing an IMAP client library in lua and tried using a literal > form of the STATUS command. Dovecot rejected the command. I was > successfully able to use a literal form of the LOGIN command, so I > have some confidence in my code working properly. There are no "literal forms of commands". Individual parameters have literal forms. In LOGIN command the username and password can be literals. In STATUS the mailbox name can be a literal, which is followed by a list of atoms. > Is this correct and, if so, is there a list of IMAP commands that > don't support the literal form? I searched hi and lo for something, > but have been unable to find an answer. Read the ABNF rules from RFC 3501. They tell exactly what is allowed. From dovecot at lists.grepular.com Wed Sep 14 16:46:10 2011 From: dovecot at lists.grepular.com (Mike Cardwell) Date: Wed, 14 Sep 2011 14:46:10 +0100 Subject: [Dovecot] Shredding instead of deleting Message-ID: <4E70B022.3050502@lists.grepular.com> Hi, I have a wishlist item. Is there an appropriate place for me to post it? Basically, I would like to know that my email isn't recoverable from the local disk on the mail server after I delete it. So instead of just deleting the file from my Maildir, I'd like the option to exist for Dovecot to shred it.. Ie, overwrite the file with random data and/or null bytes before deletion. In the same way that GNU shred behaves: https://www.gnu.org/software/coreutils/manual/html_node/shred-invocation.html -- Mike Cardwell https://grepular.com/ https://twitter.com/mickeyc Professional http://cardwellit.com/ http://linkedin.com/in/mikecardwell PGP.mit.edu 0018461F/35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 455 bytes Desc: OpenPGP digital signature URL: From tss at iki.fi Wed Sep 14 17:06:33 2011 From: tss at iki.fi (Timo Sirainen) Date: Wed, 14 Sep 2011 17:06:33 +0300 Subject: [Dovecot] Shredding instead of deleting In-Reply-To: <4E70B022.3050502@lists.grepular.com> References: <4E70B022.3050502@lists.grepular.com> Message-ID: <30659D1F-80F3-40D5-A239-38D2BE963243@iki.fi> On 14.9.2011, at 16.46, Mike Cardwell wrote: > I have a wishlist item. Is there an appropriate place for me to post it? > Basically, I would like to know that my email isn't recoverable from the > local disk on the mail server after I delete it. So instead of just > deleting the file from my Maildir, I'd like the option to exist for > Dovecot to shred it.. Ie, overwrite the file with random data and/or > null bytes before deletion. In the same way that GNU shred behaves: Well, the choices are: a) Patch Dovecot sources b) Use a LD_PRELOAD library to override unlink() c) Use a FUSE filesystem that replaces unlinks with shredding d) Wait until I've finished making dbox code use lib-fs, and write a lib-fs wrapper plugin that replaces unlink() I'm not anyway planning on distributing any of these solutions with Dovecot. It won't even work with newer copy-on-write filesystems (ZFS, BTRFS, etc.) From dovecot at lists.grepular.com Wed Sep 14 17:15:35 2011 From: dovecot at lists.grepular.com (dovecot at lists.grepular.com) Date: Wed, 14 Sep 2011 15:15:35 +0100 Subject: [Dovecot] Shredding instead of deleting In-Reply-To: <30659D1F-80F3-40D5-A239-38D2BE963243@iki.fi> References: <4E70B022.3050502@lists.grepular.com> <30659D1F-80F3-40D5-A239-38D2BE963243@iki.fi> Message-ID: <4E70B707.4060200@lists.grepular.com> On 14/09/11 15:06, Timo Sirainen wrote: >> I have a wishlist item. Is there an appropriate place for me to post it? >> Basically, I would like to know that my email isn't recoverable from the >> local disk on the mail server after I delete it. So instead of just >> deleting the file from my Maildir, I'd like the option to exist for >> Dovecot to shred it.. Ie, overwrite the file with random data and/or >> null bytes before deletion. In the same way that GNU shred behaves: > > Well, the choices are: > > a) Patch Dovecot sources > > b) Use a LD_PRELOAD library to override unlink() > > c) Use a FUSE filesystem that replaces unlinks with shredding > > d) Wait until I've finished making dbox code use lib-fs, and write a lib-fs wrapper plugin that replaces unlink() > > I'm not anyway planning on distributing any of these solutions with Dovecot. It won't even work with newer copy-on-write filesystems (ZFS, BTRFS, etc.) Is there no general wishlist area for Dovecot then? I didn't necessarily expect the functionality to be packaged with Dovecot, but thought that somebody might pick up the idea and write a plugin for it if it was written down somewhere. From a privacy/security perspective, making sure deleted email isn't recoverable does have real value for some people. I did consider FUSE. I might tackle that one myself. I don't really have the expertise to modify Dovecot it's self though. -- Mike Cardwell https://grepular.com/ https://twitter.com/mickeyc Professional http://cardwellit.com/ http://linkedin.com/in/mikecardwell PGP.mit.edu 0018461F/35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 455 bytes Desc: OpenPGP digital signature URL: From smt at vgersoft.com Wed Sep 14 17:19:58 2011 From: smt at vgersoft.com (Steve Thompson) Date: Wed, 14 Sep 2011 10:19:58 -0400 (EDT) Subject: [Dovecot] Shredding instead of deleting In-Reply-To: <4E70B707.4060200@lists.grepular.com> References: <4E70B022.3050502@lists.grepular.com> <30659D1F-80F3-40D5-A239-38D2BE963243@iki.fi> <4E70B707.4060200@lists.grepular.com> Message-ID: On Wed, 14 Sep 2011, dovecot at lists.grepular.com wrote: > From a privacy/security perspective, making sure deleted email isn't > recoverable does have real value for some people. What would you do about backups? From simon.brereton at buongiorno.com Wed Sep 14 17:25:43 2011 From: simon.brereton at buongiorno.com (Simon Brereton) Date: Wed, 14 Sep 2011 10:25:43 -0400 Subject: [Dovecot] Mails repopping In-Reply-To: <20110913161536.Horde.smZyNoF5lbhOb9YIt_IE8WA@bigworm.curecanti.org> References: <20110913161536.Horde.smZyNoF5lbhOb9YIt_IE8WA@bigworm.curecanti.org> Message-ID: <04db01cc72ea$30612b90$912382b0$@brereton@buongiorno.com> > -----Original Message----- > From: dovecot-bounces at dovecot.org [mailto:dovecot- > bounces at dovecot.org] On Behalf Of Michael M Slusarz > Quoting Simon Brereton : > > >> -----Original Message----- > >> From: dovecot-bounces at dovecot.org [mailto:dovecot- > >> bounces at dovecot.org] On Behalf Of Simon Brereton > >> > -----Original Message----- > >> > From: Timo Sirainen [mailto:tss at iki.fi] On Fri, 2011-09-09 at > 13:07 > >> > -0400, Simon Brereton wrote: > >> > > >> > > I have a server that's been running Courier for about 6 years > and > >> > in > >> > > all that time I think I've only ever had 1 issues where an > entire > >> > mail > >> > > box was repopped by a webmail client. However, since moving > to a > >> > new > >> > > server and dovecot 4 weeks ago, I've now had the webmail > client > >> > repop > >> > > this account 4 times (there are about 230 mails in the > account). > >> > > > >> > > Is there a setting I need to tighten to prevent/remedy this? > I > >> > have > >> > > no idea if it's happening on other accounts, but this is one > that > >> I > >> > > see. The format is maildir. There has been no changes to the > >> > webmail > >> > > client. > >> > > >> > dovecot -n output would have been nice. Also do you see anything > in > >> > error logs? > >> > >> Ah. My apologies of course. Here it is.. > >> > >> mail:~# dovecot -n > >> # 1.2.15: /etc/dovecot/dovecot.conf > >> # OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.2 ext3 > >> log_timestamp: %Y-%m-%d %H:%M:%S > >> protocols: imap imaps pop3 pop3s > >> ssl_ca_file: /etc/ssl/keys/rhodes-ca.crt > >> ssl_cert_file: /etc/ssl/keys/mail.domain.net.crt > >> ssl_key_file: /etc/ssl/private/mail.domain.net.key > >> disable_plaintext_auth: no > >> login_dir: /var/run/dovecot/login > >> login_executable(default): /usr/lib/dovecot/imap-login > >> login_executable(imap): /usr/lib/dovecot/imap-login > >> login_executable(pop3): /usr/lib/dovecot/pop3-login > >> mail_privileged_group: mailsystem > >> mail_location: maildir:/var/spool/mail/virtual/%d/%n > >> maildir_very_dirty_syncs: yes > >> mbox_write_locks: fcntl dotlock > >> mail_executable(default): /usr/lib/dovecot/imap > >> mail_executable(imap): /usr/lib/dovecot/imap > >> mail_executable(pop3): /usr/lib/dovecot/pop3 > >> mail_plugins(default): quota imap_quota > >> mail_plugins(imap): quota imap_quota > >> mail_plugins(pop3): quota > >> mail_plugin_dir(default): /usr/lib/dovecot/modules/imap > >> mail_plugin_dir(imap): /usr/lib/dovecot/modules/imap > >> mail_plugin_dir(pop3): /usr/lib/dovecot/modules/pop3 > >> imap_client_workarounds(default): outlook-idle delay-newmail > >> imap_client_workarounds(imap): outlook-idle delay-newmail > >> imap_client_workarounds(pop3): > >> pop3_client_workarounds(default): > >> pop3_client_workarounds(imap): > >> pop3_client_workarounds(pop3): outlook-no-nuls oe-ns-eoh > >> lda: > >> postmaster_address: postmaster at domain.net > >> mail_plugins: quota > >> log_path: > >> info_log_path: > >> deliver_log_format: msgid=%m: %f: %$ auth default: > >> mechanisms: plain login > >> user: mailsystem > >> verbose: yes > >> passdb: > >> driver: sql > >> args: /etc/dovecot/dovecot-sql.conf > >> userdb: > >> driver: prefetch > >> userdb: > >> driver: static > >> args: uid=999 gid=115 home=/var/spool/mail/virtual/%d/%n > >> allow_all_users=yes > >> socket: > >> type: listen > >> client: > >> path: /var/spool/postfix/private/auth > >> mode: 432 > >> user: postfix > >> group: mailsystem > >> master: > >> path: /var/run/dovecot/auth-master > >> mode: 432 > >> user: mailsystem > >> group: mailsystem > >> plugin: > >> quota: maildir > >> > >> Could you make dovecot -n munge the certificate and postmaster > email > >> addresses? I'm not comfortable with that floating on the > internet.. > >> > >> The only thing I have in the logs is 2 sessions where mail was > popped > >> (note, it doesn't even add up to the 183 messages in the mail > box). > >> But those sessions are vastly longer than the regular ones (tens > of > >> minutes compared to a few seconds). Since both IPs are on the > back- > >> bone, that's quite a while to download 100 mails (none of which > are > >> over > >> > >> Sep 11 21:36:25 mail dovecot: pop3-login: Login: > >> user=, method=PLAIN, rip=64.88.168.84, > >> lip=83.170.65.xxx, TLS Sep 11 21:36:34 mail dovecot: > >> POP3(user at domain.com): Disconnected: Logged out top=0/0, retr=0/0, > >> del=0/183, size=14025971 Sep 11 21:43:44 mail dovecot: pop3-login: > >> Login: user=, method=PLAIN, rip=64.88.168.84, > >> lip=83.170.65.xxx, TLS Sep 11 21:44:54 mail dovecot: > >> POP3(user at domain.com): Disconnected: Logged out top=0/0, retr=0/0, > >> del=0/183, size=14025971 Sep 11 21:52:31 mail dovecot: pop3-login: > >> Login: user=, method=PLAIN, rip=64.88.168.84, > >> lip=83.170.65.xxx, TLS Sep 11 22:56:01 mail dovecot: > >> POP3(user at domain.com): Disconnected: Logged out top=0/0, > >> retr=100/9182678, del=0/183, size=14025971 Sep 11 23:08:58 mail > >> dovecot: pop3-login: Login: user=, method=PLAIN, > >> rip=64.88.168.84, lip=83.170.65.xxx, TLS Sep 11 23:37:57 mail > >> dovecot: POP3(user at domain.com): Disconnected: Logged out top=0/0, > >> retr=75/4748674, del=0/183, size=14025971 Sep 12 00:04:11 mail > >> dovecot: pop3-login: Login: user=, method=PLAIN, > >> rip=64.88.168.84, lip=83.170.65.xxx, TLS Sep 12 00:04:26 mail > >> dovecot: POP3(user at domain.com): Disconnected: Logged out top=0/0, > >> retr=0/0, del=0/183, size=14025971 Sep 12 00:07:40 mail dovecot: > >> pop3-login: Login: user=, method=PLAIN, > >> rip=64.88.168.84, lip=83.170.65.xxx, TLS Sep 12 00:07:53 mail > >> dovecot: POP3(user at domain.com): Disconnected: Logged out top=0/0, > >> retr=0/0, del=0/183, size=14025971 > >> > >> > >> > If you're using the default pop3_uidl_format it'll rely on IMAP > >> UIDs > >> > to stay the same, and I guess it's possible that due to some > other > >> > problem they change (that should be logged as an error/warning > >> > though). > >> > > >> > You could try setting pop3_uidl_format=%f, but it will cause > >> everyone > >> > to redownload mails. With newer Dovecot versions you could set > >> > pop3_save_uidl=yes and when you think everyone's downloaded > mails > >> once > >> > you can safely change the pop3_uidl_format. > >> > >> Sorry, I'm very new to dovecot and I'm not sure I understand. I > >> presume because neither of those keys are in the dovecot -n output > >> that they are as the defaults, yes? The account is indeed > accessed > >> by IMAP as well (from a mobile device mostly), but I don't see > >> anything fishy there either. How could I see if the IMAP UIDs > have > >> changed? > >> > >> Sep 11 21:20:32 mail dovecot: IMAP(user at domain.com): Connection > >> closed bytes=1095/8292 > >> > >> Sep 11 21:26:03 mail dovecot: imap-login: Login: > >> user=, method=PLAIN, rip=174.252.83.244, > >> lip=83.170.65.xxx, TLS Sep 11 22:11:20 mail dovecot: > >> IMAP(user at domain.com): Disconnected for inactivity bytes=725/5638 > Sep > >> 11 22:17:10 mail dovecot: imap-login: Login: > user=, > >> method=PLAIN, rip=174.252.83.244, lip=83.170.65.xxx, TLS Sep 11 > >> 23:12:06 mail dovecot: IMAP(user at domain.com): Disconnected for > >> inactivity bytes=1471/11025 Sep 11 23:23:22 mail dovecot: imap- > login: > >> Login: user=, method=PLAIN, rip=174.252.83.244, > >> lip=83.170.65.xxx, TLS Sep 11 23:52:52 mail dovecot: > >> IMAP(user at domain.com): Connection closed bytes=1841/13679 Sep 12 > >> 00:08:47 mail dovecot: imap-login: Login: user=, > >> method=PLAIN, rip=174.252.83.244, lip=83.170.65.xxx, TLS Sep 12 > >> 01:19:05 mail dovecot: imap-login: Login: user=, > >> method=PLAIN, rip=174.252.83.244, lip=83.170.65.xxx, TLS Sep 12 > >> 02:57:01 mail dovecot: IMAP(user at domain.com): Connection closed > >> bytes=2713/60026 Sep 12 02:57:01 mail dovecot: > IMAP(user at domain.com): > >> Connection closed bytes=2688/18635 > >> > >> > >> There are no errors or warnings in the mail log (I have one shared > >> log file for postfix, amavis and dovecot). Reading the notes for > >> pop3_save_uidl it doesn't seem to be a dangerous option - should > I > >> turn that on? Why will it force everyone to redownload mails > >> (there's nothing about it on the wiki)? > >> > >> Thanks! > >> > >> Simon > > > > Any help would be appreciated. > > What do you mean by "repopped"? You mean downloading the entire data > of the messages from the POP3 server? This is expected behavior when > using a stateless (e.g. webmail) client. Kind of the whole reason > you don't use POP3 in the first place. Michael - I use a spam filtering service, that uses Horde as the web-front end. Essentially, it pops all my mail accounts (that allow popping) one of which is the one I control and is now running Dovecot - though was previously running Courier. Until now, mails that the service has popped once have never been repopped. That is, I assume that when Horde does a RETR on the account it knows what it has already popped and what it new and only retrieves the new mails. Right now though, it's redownloaded them all 5 or 6 times in 4 weeks. I don't think this is a Horde issue (since that hasn't changed), which is why I didn't post there. Horde continues to be a fantastic project. >From my limited knowledge (meaning I didn't understand the rest of your mail :) I suspect that Dovecot is doing something with the IDs that Courier wasn't doing and that's causing Horde to see those old mails as new every now and again. Simon > Although caching can help. e.g., Here's what the first connection to > the server looks like (this is using IMP 5 on a mailstore with 82 > messages): > > S (1315951197.4976): +OK Dovecot ready. > C (1315951197.513): [AUTH PLAIN Command - username: slusarz] S > (1315951197.5319): +OK Logged in. > C (1315951197.5325): STAT > S (1315951197.5328): +OK 82 482351 > C (1315951197.5348): UIDL > S (1315951197.5354): +OK > S (1315951197.5354): 1 000000014935d409 > S (1315951197.5354): 2 000000024935d409 > S (1315951197.5354): 3 000000114935d409 > [...] > S (1315951197.5363): 82 000000824935d409 S (1315951197.5363): . > C (1315951197.9582): TOP 1 0 > S (1315951198.0411): From user at domain.com Thu Jun 22 11:16:26 2006 > [...] S (1315951198.0416): . > [...] > C (1315951199.0607): LIST > S (1315951199.061): +OK 82 messages: > S (1315951199.061): 1 118630 > [...] > S (1315951199.0619): . > > We need to grab all headers so we can build the envelope information > (needed to produce the mailbox listing). And the LIST command grabs > the size information (also used in the mailbox listing). > > But remember that the full headers will need to be redownloaded > *EVERY* time you reload the page unless some sort of caching is > enabled in the client. That's just the nature of POP3. (IMAP has > the same sort of issues - if the stateless client does not cache, the > envelope information must be downloaded on every access. However, > with IMAP, the network traffic is reduced - you can download only the > needed information, not all header text - and IMAP servers have the > ability to cache this information behind the scenes due to the > abstraction of the API.). > > This is where caching is pretty much essential on the webmail side. > If caching is enabled, the best-case scenario is that the the webmail > server only needs to grab the list of UIDLs on every POP3 server > access going forward - if the UIDL list has not changed, we know the > mailbox hasn't changed and the cached information is still valid. > (CONDSTORE/QRESYNC extensions for IMAP make this synchronization > check even more efficient in IMAP) > > michael From tss at iki.fi Wed Sep 14 17:26:44 2011 From: tss at iki.fi (Timo Sirainen) Date: Wed, 14 Sep 2011 17:26:44 +0300 Subject: [Dovecot] Shredding instead of deleting In-Reply-To: <4E70B707.4060200@lists.grepular.com> References: <4E70B022.3050502@lists.grepular.com> <30659D1F-80F3-40D5-A239-38D2BE963243@iki.fi> <4E70B707.4060200@lists.grepular.com> Message-ID: <25487043-CBC6-43AA-990B-1D15A1E30E8C@iki.fi> On 14.9.2011, at 17.15, dovecot at lists.grepular.com wrote: > On 14/09/11 15:06, Timo Sirainen wrote: > >>> I have a wishlist item. Is there an appropriate place for me to post it? >>> Basically, I would like to know that my email isn't recoverable from the >>> local disk on the mail server after I delete it. So instead of just >>> deleting the file from my Maildir, I'd like the option to exist for >>> Dovecot to shred it.. Ie, overwrite the file with random data and/or >>> null bytes before deletion. In the same way that GNU shred behaves: >> >> Well, the choices are: .. > Is there no general wishlist area for Dovecot then? There's my internal TODO list distributed with source code :) > I didn't necessarily > expect the functionality to be packaged with Dovecot, but thought that > somebody might pick up the idea and write a plugin for it if it was > written down somewhere. I guess some wishlist page could be added to wiki, but I don't know if it would be all that useful. Few people want to code features they don't want themselves, and things I want to add are already being added to my own TODO list. > From a privacy/security perspective, making sure > deleted email isn't recoverable does have real value for some people. I > did consider FUSE. I might tackle that one myself. I don't really have > the expertise to modify Dovecot it's self though. The LD_PRELOAD way would be simple. Probably 10-20 lines of C code for something that would replace unlink()s to mail files with fork+exec to /usr/bin/shred. From dovecot at lists.grepular.com Wed Sep 14 17:27:06 2011 From: dovecot at lists.grepular.com (dovecot at lists.grepular.com) Date: Wed, 14 Sep 2011 15:27:06 +0100 Subject: [Dovecot] Shredding instead of deleting In-Reply-To: References: <4E70B022.3050502@lists.grepular.com> <30659D1F-80F3-40D5-A239-38D2BE963243@iki.fi> <4E70B707.4060200@lists.grepular.com> Message-ID: <4E70B9BA.9020303@lists.grepular.com> On 14/09/11 15:19, Steve Thompson wrote: >> From a privacy/security perspective, making sure deleted email isn't >> recoverable does have real value for some people. > > What would you do about backups? I realise that there are lots of other areas where an email can be leaked. It only makes sense to address how Dovecot behaves on this list though. I also need to address this for my MTA's mail spool and client caches. I will address your backup question, but I'd prefer if people don't expand on this. I currently use some open source software called Duplicity, which allows me to perform incremental, gnupg encrypted backups. Also, all of my incoming email is automatically encrypted with my public GnuPG key as described here: https://grepular.com/Automatically_Encrypting_all_Incoming_Email Even though it is encrypted, I'd like the mail to be shredded on delete because the message headers are stored in plain text, even if the message bodies are encrypted. -- Mike Cardwell https://grepular.com/ https://twitter.com/mickeyc Professional http://cardwellit.com/ http://linkedin.com/in/mikecardwell PGP.mit.edu 0018461F/35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 455 bytes Desc: OpenPGP digital signature URL: From dovecot at lists.grepular.com Wed Sep 14 18:05:18 2011 From: dovecot at lists.grepular.com (dovecot at lists.grepular.com) Date: Wed, 14 Sep 2011 16:05:18 +0100 Subject: [Dovecot] Shredding instead of deleting In-Reply-To: <25487043-CBC6-43AA-990B-1D15A1E30E8C@iki.fi> References: <4E70B022.3050502@lists.grepular.com> <30659D1F-80F3-40D5-A239-38D2BE963243@iki.fi> <4E70B707.4060200@lists.grepular.com> <25487043-CBC6-43AA-990B-1D15A1E30E8C@iki.fi> Message-ID: <4E70C2AE.10900@lists.grepular.com> On 14/09/11 15:26, Timo Sirainen wrote: >> From a privacy/security perspective, making sure >> deleted email isn't recoverable does have real value for some people. I >> did consider FUSE. I might tackle that one myself. I don't really have >> the expertise to modify Dovecot it's self though. > > The LD_PRELOAD way would be simple. Probably 10-20 lines of C code for something that would replace unlink()s to mail files with fork+exec to /usr/bin/shred. Simple for somebody who can code in C you mean :) -- Mike Cardwell https://grepular.com/ https://twitter.com/mickeyc Professional http://cardwellit.com/ http://linkedin.com/in/mikecardwell PGP.mit.edu 0018461F/35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 455 bytes Desc: OpenPGP digital signature URL: From tss at iki.fi Wed Sep 14 18:19:06 2011 From: tss at iki.fi (Timo Sirainen) Date: Wed, 14 Sep 2011 18:19:06 +0300 Subject: [Dovecot] Shredding instead of deleting In-Reply-To: <4E70C2AE.10900@lists.grepular.com> References: <4E70B022.3050502@lists.grepular.com> <30659D1F-80F3-40D5-A239-38D2BE963243@iki.fi> <4E70B707.4060200@lists.grepular.com> <25487043-CBC6-43AA-990B-1D15A1E30E8C@iki.fi> <4E70C2AE.10900@lists.grepular.com> Message-ID: <35E08247-C7CB-47EE-936D-127DFE68CC02@iki.fi> On 14.9.2011, at 18.05, dovecot at lists.grepular.com wrote: >> The LD_PRELOAD way would be simple. Probably 10-20 lines of C code for something that would replace unlink()s to mail files with fork+exec to /usr/bin/shred. > > Simple for somebody who can code in C you mean :) I have no idea if this works (or even compiles), it's based on a web page I found: #define _GNU_SOURCE #include #include #include int unlink(const char *path) { static int (*libc_unlink)(const char *) = NULL; char *args[3]; int status; if (libc_unlink == NULL) *(void **)(&libc_unlink) = dlsym(RTLD_NEXT, "unlink"); if (strstr(path, "Maildir/") != NULL) { args[0] = "/usr/bin/shred"; args[1] = path; args[2] = NULL; switch (fork()) { case -1: return -1; case 0: execve(args[0], args); exit(99); default: if (wait(&status) < 0) return -1; } if (WIFEXITED(status) && WEXITSTATUS(status) == 0) return 0; errno = ENOENT; /* not really correct, should maybe check it properly */ return -1; } else { libc_unlink(path); } } From dovecot at lists.grepular.com Wed Sep 14 18:23:00 2011 From: dovecot at lists.grepular.com (dovecot at lists.grepular.com) Date: Wed, 14 Sep 2011 16:23:00 +0100 Subject: [Dovecot] Shredding instead of deleting In-Reply-To: <35E08247-C7CB-47EE-936D-127DFE68CC02@iki.fi> References: <4E70B022.3050502@lists.grepular.com> <30659D1F-80F3-40D5-A239-38D2BE963243@iki.fi> <4E70B707.4060200@lists.grepular.com> <25487043-CBC6-43AA-990B-1D15A1E30E8C@iki.fi> <4E70C2AE.10900@lists.grepular.com> <35E08247-C7CB-47EE-936D-127DFE68CC02@iki.fi> Message-ID: <4E70C6D4.5090605@lists.grepular.com> On 14/09/11 16:19, Timo Sirainen wrote: >>> The LD_PRELOAD way would be simple. Probably 10-20 lines of C code for something that would replace unlink()s to mail files with fork+exec to /usr/bin/shred. >> >> Simple for somebody who can code in C you mean :) > > I have no idea if this works (or even compiles), it's based on a web page I found: Thanks. That gives me an excellent starting point. I'll have a play with this code next week when I have some free time. -- Mike Cardwell https://grepular.com/ https://twitter.com/mickeyc Professional http://cardwellit.com/ http://linkedin.com/in/mikecardwell PGP.mit.edu 0018461F/35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 455 bytes Desc: OpenPGP digital signature URL: From asai at globalchangemusic.org Wed Sep 14 19:04:57 2011 From: asai at globalchangemusic.org (Asai) Date: Wed, 14 Sep 2011 09:04:57 -0700 Subject: [Dovecot] Dsync Permissions Issue Message-ID: <4E70D0A9.8060604@globalchangemusic.org> Greetings, I recently upgraded Dovecot from 1.2 to 2.0.14, for purposes of using Dsync to migrate emails from one server to another. I'm using MySQL for authentication. However I get this error message when I try to run Dsync, and after looking around for an answer, I'm at a bit of a loss: [root at triata ~]# dsync -v -u asai at globalchangemusic.org backup ssh -p22222 vmail at xx.xxx.xx.xxx dsync -u asai at globalchangemusic.org vmail at xx.xxx.xx.xxx's password: dsync(vmail): Error: userdb lookup: connect(/var/run/dovecot/auth-userdb) failed: Permission denied (euid=1001(vmail) egid=1001(vmail) missing +r perm: /var/run/dovecot/auth-userdb, euid is not dir owner) dsync(vmail): Fatal: User lookup failed: Internal error occurred. Refer to server log for more information. dsync-local(asai at globalchangemusic.org): Error: read() from worker server failed: EOF Config as follows: [root at triata ~]# doveconf -n # 2.0.14: /etc/dovecot/dovecot.conf # OS: Linux 2.6.18-92.1.10.el5.xs5.0.0.39xen x86_64 CentOS release 5 (Final) ext3 auth_mechanisms = plain login mail_home = /vmail/%d/%n/home mail_location = maildir:/vmail/%d/%n managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date namespace { inbox = yes location = prefix = separator = / type = private } passdb { args = /etc/dovecot-mysql.conf driver = sql } plugin { sieve = /vmail/%d/%n/sievescript } service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } unix_listener auth-master { group = vmail mode = 0660 user = vmail } unix_listener auth-userdb { group = vmail mode = 0666 user = vmail } user = root } ssl_cert = The dovecot lda panics with "Trying to sync mailbox INBOX with open transactions" if a user has no sieve script defined. Debugging shows: Sep 14 19:49:26 server dovecot: [ID 583609 local0.debug] lda(userxx): Debug: sieve: user's script path /home/grp/userxx/.dovecot.sieve doesn't exist (using global script path in stead) Sep 14 19:49:26 server dovecot: [ID 583609 local0.debug] lda(userxx): Debug: sieve: user has no valid personal script Sep 14 19:49:26 server dovecot: [ID 583609 local0.debug] lda(userxx): Debug: sieve: no scripts to execute: reverting to default delivery. Sep 14 19:49:26 server dovecot: [ID 583609 local0.crit] lda(userxx): Panic: Trying to sync mailbox INBOX with open transactions Sep 14 19:49:26 server dovecot: [ID 583609 local0.error] lda(userxx): Error: Raw backtrace: 0xff1cc2ac -> 0xff1cbb70 -> 0xff2a6474 -> 0xff2a668c -> 0xff2fa444 -> 0xff2a63c8 -> 0xff2668ec -> 0xff266f74 -> 0xff26741c -> 0x12720 -> 0x11948 I then did create an empty sieve script file with touch /home/grp/userxx/.dovecot.sieve and after that lda worked: Sep 14 19:50:55 server dovecot: [ID 583609 local0.debug] lda(userxx): Debug: sieve: using sieve path for user's script: /home/grp/userxx/.dovecot.sieve Sep 14 19:50:55 server dovecot: [ID 583609 local0.debug] lda(userxx): Debug: sieve: opening script /home/grp/userxx/.dovecot.sieve Sep 14 19:50:55 server dovecot: [ID 583609 local0.debug] lda(userxx): Debug: sieve: script /home/grp/userxx/.dovecot.sieve successfully compiled Sep 14 19:50:55 server dovecot: [ID 583609 local0.debug] lda(userxx): Debug: sieve: executing script from /home/grp/userxx/.dovecot.sieve Sep 14 19:50:56 server dovecot: [ID 583609 local0.info] lda(userxx): save: box=INBOX, uid=6, msgid=<201109141750.p8EHotbE015854 at server.hrz.uni-giessen.de>, size=1035 Sep 14 19:50:56 server dovecot: [ID 583609 local0.debug] lda(userxx): Debug: box=/var/mail/userxx mount=/var/mail match=yes Sep 14 19:50:56 server dovecot: [ID 583609 local0.info] lda(userxx): sieve: msgid=<201109141750.p8EHotbE015854 at server.hrz.uni-giessen.de>: stored mail into mailbox 'INBOX' I think the lda worked in previous releases without a sieve script file in the users home directory. dovecot -n output is: # 2.0.14: /opt/local/etc/dovecot/dovecot.conf # OS: SunOS 5.10 sun4v auth_debug = yes auth_debug_passwords = yes auth_verbose = yes disable_plaintext_auth = no listen = server.hrz.uni-giessen.de localhost mail_debug = yes mail_fsync = always mail_location = mbox:~/Mail:INBOX=/var/mail/%u mail_nfs_index = yes mail_nfs_storage = yes mail_plugins = mail_log notify quota mail_privileged_group = mail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mmap_disable = yes namespace { inbox = yes location = prefix = separator = / type = private } namespace { hidden = yes list = no location = prefix = Mail/ separator = / subscriptions = yes type = private } passdb { driver = pam } passdb { args = /opt/local/etc/dovecot/dovecot-ldap.conf.ext driver = ldap } plugin { autocreate = Trash autocreate2 = caughtspam autocreate3 = Sent autosubscribe = Trash autosubscribe2 = caughtspam autosubscribe3 = Sent mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename mail_log_fields = uid box msgid size quota = fs:Home-Verzeichnis:noenforcing quota2 = fs:INBOX:noenforcing:mount=/var/mail sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } postmaster_address = postmaster at hrz.uni-giessen.de protocols = imap pop3 lmtp sieve sendmail_path = /usr/lib/sendmail service auth { client_limit = 11120 } service imap-login { process_min_avail = 16 service_count = 0 vsz_limit = 640 M } service imap { process_limit = 4096 vsz_limit = 1 G } ssl_cert = Hi I'm a little confused as there are two repos for the dovecot-antispam plugin. Eugene's hg repo is explicitly labeled "for Dovecot 2", but the Johannes' git repo has commits later in date: hg: http://wiki2.dovecot.org/Plugins/Antispam git: http://git.sipsolutions.net/?p=dovecot-antispam.git I guess the unrelease hg code ist the one for Dovecot 2, but what is Eugene's 1.4 code for? Thanks! From compconsultant at yahoo.com Wed Sep 14 22:53:34 2011 From: compconsultant at yahoo.com (Steve Fatula) Date: Wed, 14 Sep 2011 12:53:34 -0700 (PDT) Subject: [Dovecot] Which dovecot-antispam with dovecot 2? In-Reply-To: References: Message-ID: <1316030014.84244.YahooMailNeo@web39424.mail.mud.yahoo.com> ----- Original Message ----- > From: Svoop > To: dovecot at dovecot.org > Cc: > Sent: Wednesday, September 14, 2011 2:06 PM > Subject: [Dovecot] Which dovecot-antispam with dovecot 2? > > Hi > > I'm a little confused as there are two repos for the dovecot-antispam > plugin. > Eugene's hg repo is explicitly labeled "for Dovecot 2", but the > Johannes' git > repo has commits later in date: > > hg:? http://wiki2.dovecot.org/Plugins/Antispam > git: http://git.sipsolutions.net/?p=dovecot-antispam.git > > I guess the unrelease hg code ist the one for Dovecot 2, but what is > Eugene's > 1.4 code for? Yes, the HG code works fine with Dovecot 2, am using it. The Berg site is for Dovecot 1. Dovecot 1 is in use in many distributions like Centos 5, etc. So, it still needs updates. From micah at riseup.net Thu Sep 15 06:17:50 2011 From: micah at riseup.net (Micah Anderson) Date: Wed, 14 Sep 2011 23:17:50 -0400 Subject: [Dovecot] movming mail out of alt storage Message-ID: <87sjnya3z5.fsf@algae.riseup.net> I moved some mail into the alt storage: doveadm altmove -u johnd at example.com seen savedbefore 1w and now I want to move it back to the regular INBOX, but I can't see how I can do that with either 'altmove' or 'mailbox move'. thanks! micah -- -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 835 bytes Desc: not available URL: From kjonca at o2.pl Thu Sep 15 09:48:55 2011 From: kjonca at o2.pl (Kamil =?iso-8859-2?Q?Jo=F1ca?=) Date: Thu, 15 Sep 2011 08:48:55 +0200 Subject: [Dovecot] compressed mboxes very slow References: <87iptnoans.fsf@alfa.kjonca> <1305041104.10421.131.camel@hurina> <87ipti8ffk.fsf@alfa.kjonca> <9DE1215A-F41F-4397-B24B-2282E54F523D@iki.fi> Message-ID: <877h5axpuw.fsf@alfa.kjonca> Timo Sirainen writes: > On 10.5.2011, at 23.32, Kamil Jo?ca wrote: > >> Timo Sirainen writes: >> >>> Here are some fixes: >>> >>> http://hg.dovecot.org/dovecot-2.0/rev/15a0687ec9d0 >>> http://hg.dovecot.org/dovecot-2.0/rev/66ec075a49d3 >> >> Hard to say, but I can't see any significant improvement after applying >> them :| > > Get strace -tt output of such slowness and send them to me. Some time ago I complained about very slow mbox. In the meantime I have no time to check it. But recently I have to use them (compressed mboxes) again. And no progress :( Under http://strony.aster.pl/kjonca/mbox.log.gz (WARN: ~170MB) is file with output of strace -tt when dovecot try to open rather huge bzipped mbox. And it took about four hours. Second open is a lot faster (about minute), but sometimes message fetching take about 30-60s KJ -- http://modnebzdury.wordpress.com/2009/10/01/niewiarygodny-list-prof-majewskiej-wprowadzenie/ Zanim wlaczysz komputer, zastanow sie: Czy jestes absolutnie pewien(na), ze nie jest podlaczany do wyrzutni rakiet? From tss at iki.fi Thu Sep 15 11:13:28 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 15 Sep 2011 11:13:28 +0300 Subject: [Dovecot] imapc vs auth-userdb security In-Reply-To: References: <346DECBE-B7F8-40A2-9485-EFF3B547C8ED@iki.fi> Message-ID: <1316074408.12936.1.camel@hurina> On Wed, 2011-09-14 at 13:57 +0200, Lutz Pre?ler wrote: > On Mi, 14 Sep 2011, Timo Sirainen wrote: > > > On 14.9.2011, at 14.40, Lutz Pre?ler wrote: > > > > > with imapc settings coming from userdb (individual configuration necessary) > > > there exists a security problem if access to auth-userdb socket is given > > > to normal (shell) users: > > > > So don't give it to them? :) Actually this should be pretty much solved with v2.1 defaults. If the auth-userdb socket is 0666 root:root (default now), it requires that the calling process either has root user/group privileges or its uid matches the one returned by userdb, otherwise it won't return any fields. > I had to change that because of shared mailboxes and usage of %%h. > Maybe one could return only home if uid does not match? Well, you could also solve it by making it 0660 with group=dovecot and then set mail_access_groups=dovecot. From tss at iki.fi Thu Sep 15 11:19:40 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 15 Sep 2011 11:19:40 +0300 Subject: [Dovecot] Maildir "locking" In-Reply-To: <4E7090B9.1000103@fsn.hu> References: <4E7090B9.1000103@fsn.hu> Message-ID: <1316074780.12936.5.camel@hurina> On Wed, 2011-09-14 at 13:32 +0200, Attila Nagy wrote: > Hello, > > I'm looking for the alternative of qmail's chmod -t (sticky bit on the > maildir root) for Dovecot. What I'm trying to achieve with this lock: > - Dovecot lmtp should give back a temporary error (so the email will be > deferred and re-delivered later) > - all other Dovecot daemons (pop, imap) should work as usual, but should > not alter maildir contents (they can modify their own files, like > indexes, logs etc) > > What is the best way to do this? If there is no such thing currently, > would it be hard to implement the sticky bit checking on the root? dovecot-uidlist.lock basically does this. Dovecot comes with maildirlock utility to properly create it. How long would your locks be? They are assumed stale after 2 minutes if you don't update the mtime. Readers will block and if they're still locked after 2 minutes they'll abort (if mtime has been changed). There's also mail_max_lock_timeout setting that changes this wait (you could e.g. lower it only with lmtp). From bra at fsn.hu Thu Sep 15 11:25:43 2011 From: bra at fsn.hu (Attila Nagy) Date: Thu, 15 Sep 2011 10:25:43 +0200 Subject: [Dovecot] Maildir "locking" In-Reply-To: <1316074780.12936.5.camel@hurina> References: <4E7090B9.1000103@fsn.hu> <1316074780.12936.5.camel@hurina> Message-ID: <4E71B687.10005@fsn.hu> On 09/15/11 10:19, Timo Sirainen wrote: > On Wed, 2011-09-14 at 13:32 +0200, Attila Nagy wrote: >> Hello, >> >> I'm looking for the alternative of qmail's chmod -t (sticky bit on the >> maildir root) for Dovecot. What I'm trying to achieve with this lock: >> - Dovecot lmtp should give back a temporary error (so the email will be >> deferred and re-delivered later) >> - all other Dovecot daemons (pop, imap) should work as usual, but should >> not alter maildir contents (they can modify their own files, like >> indexes, logs etc) >> >> What is the best way to do this? If there is no such thing currently, >> would it be hard to implement the sticky bit checking on the root? > dovecot-uidlist.lock basically does this. Dovecot comes with maildirlock > utility to properly create it. How long would your locks be? They are > assumed stale after 2 minutes if you don't update the mtime. Readers > will block and if they're still locked after 2 minutes they'll abort (if > mtime has been changed). There's also mail_max_lock_timeout setting that > changes this wait (you could e.g. lower it only with lmtp). > Well, basically "forever" in the sense that I would like to move the mailbox to a different machine, so if lmtp waits for the lock to disappear and that happens when the mailbox is deleted, and it will do the delivery, it's a bad thing. Before Dovecot, we've had the following process of mailbox moving: - set the sticky bit on the maildir, so qmail won't deliver into it (will give back 4XX) - start to sync/copy the mailbox to the other machine - if it's over, remove the directory on the source machine So what I'm looking for is a lock method, which makes the mailbox read only, so every modification should "soft" fail (no 500 errors on lmtp). What would be the best for this (moving mailboxes between machines)? BTW, the process can be time consuming, even tens of minutes (lots of mails). From tss at iki.fi Thu Sep 15 11:39:22 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 15 Sep 2011 11:39:22 +0300 Subject: [Dovecot] Maildir "locking" In-Reply-To: <4E71B687.10005@fsn.hu> References: <4E7090B9.1000103@fsn.hu> <1316074780.12936.5.camel@hurina> <4E71B687.10005@fsn.hu> Message-ID: <1316075963.12936.14.camel@hurina> On Thu, 2011-09-15 at 10:25 +0200, Attila Nagy wrote: > >> What is the best way to do this? If there is no such thing currently, > >> would it be hard to implement the sticky bit checking on the root? > > dovecot-uidlist.lock basically does this. Dovecot comes with maildirlock > > utility to properly create it. How long would your locks be? They are > > assumed stale after 2 minutes if you don't update the mtime. Readers > > will block and if they're still locked after 2 minutes they'll abort (if > > mtime has been changed). There's also mail_max_lock_timeout setting that > > changes this wait (you could e.g. lower it only with lmtp). > > > Well, basically "forever" in the sense that I would like to move the > mailbox to a different machine, So you have a proxy that decides what backend server the connections are redirected to? How about you do it completely without locking with dsync? Moving between servers works basically the same as converting a mailbox format, with the difference of "changing mail_location" you "change backend server". http://wiki2.dovecot.org/Tools/Dsync#example_converting From tss at iki.fi Thu Sep 15 11:58:53 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 15 Sep 2011 11:58:53 +0300 Subject: [Dovecot] movming mail out of alt storage In-Reply-To: <87sjnya3z5.fsf@algae.riseup.net> References: <87sjnya3z5.fsf@algae.riseup.net> Message-ID: <1316077133.12936.18.camel@hurina> On Wed, 2011-09-14 at 23:17 -0400, Micah Anderson wrote: > I moved some mail into the alt storage: > > doveadm altmove -u johnd at example.com seen savedbefore 1w > > and now I want to move it back to the regular INBOX, but I can't see how > I can do that with either 'altmove' or 'mailbox move'. Is this sdbox or mdbox? With sdbox you could simply "mv" the files. Or apply patch: http://hg.dovecot.org/dovecot-2.0/rev/1910c76a6cc9 From stephan at rename-it.nl Thu Sep 15 12:29:23 2011 From: stephan at rename-it.nl (Stephan Bosch) Date: Thu, 15 Sep 2011 11:29:23 +0200 Subject: [Dovecot] Sieve envelope :detail "to" "extention" does not deliver to fileinto destination In-Reply-To: <20110912171448.GB320@none.at> References: <20110912171448.GB320@none.at> Message-ID: <4E71C573.2040407@rename-it.nl> Op 12-9-2011 19:14, Aleksandar Lazic schreef: > Is there a 'log' or 'print' command in the sieve filter or how can I > write a message to the log file? With the latest Pigeonhole (0.2.4), you can use the vnd.dovecot.debug extension (which is not available by default and therefore needs to be added to sieve_extensions), e.g. === require "vnd.dovecot.debug"; require "envelope"; require "variables"; if envelope :matches "to" "*" { debug_log "envelope to `${1}'"; } === A message should be logged to the user's personal log file (typically ~/.dovecot.sieve.log), e.g: === sieve: info: started log at Sep 15 11:27:26. main_script: line 6: info: DEBUG: envelope to = `user at example.com'. info: msgid=3453453534r42 at example.com: stored mail into mailbox 'INBOX'. === Regards, Stephan. From tss at iki.fi Thu Sep 15 12:34:33 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 15 Sep 2011 12:34:33 +0300 Subject: [Dovecot] LDA panics without sieve script In-Reply-To: <20110914212225.20430xx3alpgxomo@webmail.hrz.uni-giessen.de> References: <20110914212225.20430xx3alpgxomo@webmail.hrz.uni-giessen.de> Message-ID: <1316079275.12936.21.camel@hurina> On Wed, 2011-09-14 at 21:22 +0200, J?rgen Obermann wrote: > The dovecot lda panics with "Trying to sync mailbox INBOX with open > transactions" if a user has no sieve script defined. Debugging shows: Fixed: http://hg.dovecot.org/dovecot-2.0/rev/0264ac68c770 From bra at fsn.hu Thu Sep 15 12:37:12 2011 From: bra at fsn.hu (Attila Nagy) Date: Thu, 15 Sep 2011 11:37:12 +0200 Subject: [Dovecot] Maildir "locking" In-Reply-To: <1316075963.12936.14.camel@hurina> References: <4E7090B9.1000103@fsn.hu> <1316074780.12936.5.camel@hurina> <4E71B687.10005@fsn.hu> <1316075963.12936.14.camel@hurina> Message-ID: <4E71C748.1080004@fsn.hu> On 09/15/11 10:39, Timo Sirainen wrote: > On Thu, 2011-09-15 at 10:25 +0200, Attila Nagy wrote: >>>> What is the best way to do this? If there is no such thing currently, >>>> would it be hard to implement the sticky bit checking on the root? >>> dovecot-uidlist.lock basically does this. Dovecot comes with maildirlock >>> utility to properly create it. How long would your locks be? They are >>> assumed stale after 2 minutes if you don't update the mtime. Readers >>> will block and if they're still locked after 2 minutes they'll abort (if >>> mtime has been changed). There's also mail_max_lock_timeout setting that >>> changes this wait (you could e.g. lower it only with lmtp). >>> >> Well, basically "forever" in the sense that I would like to move the >> mailbox to a different machine, > So you have a proxy that decides what backend server the connections are > redirected to? How about you do it completely without locking with > dsync? Moving between servers works basically the same as converting a > mailbox format, with the difference of "changing mail_location" you > "change backend server". > http://wiki2.dovecot.org/Tools/Dsync#example_converting > Yes, there is a proxy in front of the servers. Is dsync usable with 3rd party maildir programs? (not only Dovecot uses these mailboxes) From tss at iki.fi Thu Sep 15 12:43:56 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 15 Sep 2011 12:43:56 +0300 Subject: [Dovecot] Maildir "locking" In-Reply-To: <4E71C748.1080004@fsn.hu> References: <4E7090B9.1000103@fsn.hu> <1316074780.12936.5.camel@hurina> <4E71B687.10005@fsn.hu> <1316075963.12936.14.camel@hurina> <4E71C748.1080004@fsn.hu> Message-ID: <1316079836.12936.26.camel@hurina> On Thu, 2011-09-15 at 11:37 +0200, Attila Nagy wrote: > > So you have a proxy that decides what backend server the connections are > > redirected to? How about you do it completely without locking with > > dsync? Moving between servers works basically the same as converting a > > mailbox format, with the difference of "changing mail_location" you > > "change backend server". > > http://wiki2.dovecot.org/Tools/Dsync#example_converting > > > Yes, there is a proxy in front of the servers. Is dsync usable with 3rd > party maildir programs? (not only Dovecot uses these mailboxes) The problems with 3rd party maildir programs come if during the move they: - Expunge last message(s) from mailbox. (dsync can't know if it should add or expunge them, so it plays it safe and adds them back) - Delete a mailbox. (dsync can't know if it should add or delete it, so again it just adds it back.) - Remove subscriptions. (again pretty much the same reason.) It's probably quite unlikely that they do any of this during the move. You could even reduce the window by doing: 1. dsync backup 2. dsync backup 3. switch to new server 4. kill all existing connections 5. dsync mirror The 3-5 steps probably take only a few seconds. The "dsync backup" then guarantees that the destination server will look exactly like the source server. ("dsync mirror" is used in step 5, because between steps 3-4 either server can get changes.) From bra at fsn.hu Thu Sep 15 12:46:42 2011 From: bra at fsn.hu (Attila Nagy) Date: Thu, 15 Sep 2011 11:46:42 +0200 Subject: [Dovecot] Maildir "locking" In-Reply-To: <1316079836.12936.26.camel@hurina> References: <4E7090B9.1000103@fsn.hu> <1316074780.12936.5.camel@hurina> <4E71B687.10005@fsn.hu> <1316075963.12936.14.camel@hurina> <4E71C748.1080004@fsn.hu> <1316079836.12936.26.camel@hurina> Message-ID: <4E71C982.8080503@fsn.hu> On 09/15/11 11:43, Timo Sirainen wrote: > On Thu, 2011-09-15 at 11:37 +0200, Attila Nagy wrote: >>> So you have a proxy that decides what backend server the connections are >>> redirected to? How about you do it completely without locking with >>> dsync? Moving between servers works basically the same as converting a >>> mailbox format, with the difference of "changing mail_location" you >>> "change backend server". >>> http://wiki2.dovecot.org/Tools/Dsync#example_converting >>> >> Yes, there is a proxy in front of the servers. Is dsync usable with 3rd >> party maildir programs? (not only Dovecot uses these mailboxes) > The problems with 3rd party maildir programs come if during the move > they: > > - Expunge last message(s) from mailbox. (dsync can't know if it should > add or expunge them, so it plays it safe and adds them back) > > - Delete a mailbox. (dsync can't know if it should add or delete it, so > again it just adds it back.) > > - Remove subscriptions. (again pretty much the same reason.) > > It's probably quite unlikely that they do any of this during the move. > You could even reduce the window by doing: > > 1. dsync backup > 2. dsync backup > 3. switch to new server > 4. kill all existing connections > 5. dsync mirror > > The 3-5 steps probably take only a few seconds. The "dsync backup" then > guarantees that the destination server will look exactly like the source > server. ("dsync mirror" is used in step 5, because between steps 3-4 > either server can get changes.) > OK, thanks for the info, I will try it out. From Juergen.Obermann at hrz.uni-giessen.de Thu Sep 15 12:58:31 2011 From: Juergen.Obermann at hrz.uni-giessen.de (g033) Date: Thu, 15 Sep 2011 11:58:31 +0200 Subject: [Dovecot] LDA panics without sieve script In-Reply-To: <1316079275.12936.21.camel@hurina> References: <20110914212225.20430xx3alpgxomo@webmail.hrz.uni-giessen.de> <1316079275.12936.21.camel@hurina> Message-ID: <52d414697945a8554a6e4a598950d126@imapproxy.hrz> On Thu, 15 Sep 2011 12:34:33 +0300, Timo Sirainen wrote: > On Wed, 2011-09-14 at 21:22 +0200, J?rgen Obermann wrote: > >> The dovecot lda panics with "Trying to sync mailbox INBOX with open >> transactions" if a user has no sieve script defined. Debugging >> shows: > > Fixed: http://hg.dovecot.org/dovecot-2.0/rev/0264ac68c770 [1] Thank you, with this fix lda works now! J?rgen Obermann From Lutz.Pressler at SerNet.DE Thu Sep 15 13:46:41 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Thu, 15 Sep 2011 12:46:41 +0200 Subject: [Dovecot] sharing of non-INBOX namespaces? Re: imapc and imap_acl In-Reply-To: <20110913164631.GA1874905@gabi.sernet.de> References: <57674CC7-1F64-4131-98C6-45CF8B54F23B@iki.fi> <20110913164631.GA1874905@gabi.sernet.de> Message-ID: Hi, On Tue, 13 Sep 2011, Lutz Pre?ler wrote: > On Di, 13 Sep 2011, Timo Sirainen wrote: > > You mean you'd want local ACLs that apply to imapc mailboxes? > Yes, exactly. Great for "integrating" legacy IMAP servers without e.g. > ACL support. > > I think that should work. For example if you set: > > > > mail_location = imapc:~/imapc > Oh, had not realized that a path argument is possible for imapc:. There are > even index file then... > > > > Then for mailbox foo/bar the ACL file should be in ~/imapc/.foo.bar/dovecot-acl > It almost works: > Sep 13 18:37:58 hhh dovecot: imap(4482, uuu): Error: file_dotlock_open(/home/uuu/Maildir/gmail/.[Gmail].Alle Nachrichten > /dovecot-acl) failed: No such file or directory > After manually creating the ".[Gmail].Alle Nachrichten" directory, SETACL > succeeds. Ok, I thought I tested accessing the mailbox afterwards, too - but I probably had not. I have a more general problem now: shared mailboxes from any "non-INBOX" namespace are not available to other users. That's not only with virtual or imapc namespaces, but also tested with two Maildir ones: namespace personal { inbox = yes location = maildir:~/Maildir prefix = INBOX. type = private } namespace second { inbox = no location = maildir:~/Maildir2 prefix = INBOX.second. type = private } namespace others { type = shared separator = . prefix = INBOX.shared.%%u. location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u #location = maildir:/home/%%n/Maildir:INDEX=~/Maildir/shared/%%u subscriptions = no list = children } [...] I can as user1 SETACL INBOX.second.box ~user1/Maildir2/dovecot-acl-list contains "1316082286 box" ~user1/Maildir2/.box/dovecot-acl contains "user=testuser lrs" (as does ~user1/Maildir/.in2007/dovecot-acl) The shared mailboxes dict contains shared/shared-boxes/user/testuser/user1 1 But - as testuser - 0 list "" "*" * LIST (\HasChildren) "." "INBOX" * LIST (\HasNoChildren) "." "INBOX.test" * LIST (\HasNoChildren) "." "INBOX.second" * LIST (\Noselect \HasChildren) "." "INBOX.shared.user1" * LIST (\HasNoChildren) "." "INBOX.virtual" * LIST (\HasNoChildren) "." "INBOX.shared.user1.in2007" 0 OK List completed. INBOX.shared.user1.second.box is missing. Also 0 select INBOX.shared.user1.second.box * OK [CLOSED] Previous mailbox closed. 0 NO Mailbox doesn't exist: second.box Log shows then: Sep 15 12:39:48 host dovecot: imap(8796, testuser): Debug: acl vfile: file /etc/dovecot/global-acls/INBOX.shared.user1.second.box not found Sep 15 12:39:48 host dovecot: imap(8796, testuser): Debug: acl vfile: file /home/user1/Maildir/.second.box/dovecot-acl not found ... not searching for the acl file correctly. Thought I tested this with earlier (2.0) versions. Changed group set up inbetween, but this does not seem relevant. Regards, Lutz From tss at iki.fi Thu Sep 15 13:53:28 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 15 Sep 2011 13:53:28 +0300 Subject: [Dovecot] mysql auth failover failing In-Reply-To: <4E6ACC6C.6020200@acm.org> References: <4E6ACC6C.6020200@acm.org> Message-ID: <1316084011.12936.31.camel@hurina> On Fri, 2011-09-09 at 19:33 -0700, Paul B. Henson wrote: > Sep 9 15:47:34 tweak dovecot: auth: Error: > mysql(mysql-1.unx.csupomona.edu): Connect failed to database (idmgmt): > Can't connect to MySQL server on 'mysql-1.unx.csupomona.edu' (111) - > waiting for 1 seconds before retry I did several fixes related to this in v2.0 hg. > And postfix starts to fail authentications: > > Sep 9 15:47:35 tweak postfix/smtpd[5119]: warning: > bender.iitsys.csupomona.edu[134.71.250.134]: SASL DIGEST-MD5 > authentication failed: Connection lost to authentication server The reason why it kept failing with Postfix was because Dovecot had 10 second timeout for SQL connecting, and Postfix had 10 second timeout before failing authentication. So Postfix never waited long enough for Dovecot to attempt a second connection to the second MySQL server. I dropped Dovecot's SQL connect timeout to 5 seconds. > Now and again the authentication process dies: > > Sep 9 15:47:39 tweak dovecot: auth: Panic: file auth-request-handler.c: > line 697 (auth_request_handler_flush_failures): assertion failed: > (auth_request->state == AUTH_REQUEST_STATE_FINISHED) This happened only with non-plaintext authentication (e.g. DIGEST-MD5). Fixed also. From tss at iki.fi Thu Sep 15 14:12:18 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 15 Sep 2011 14:12:18 +0300 Subject: [Dovecot] sharing of non-INBOX namespaces? Re: imapc and imap_acl In-Reply-To: References: <57674CC7-1F64-4131-98C6-45CF8B54F23B@iki.fi> <20110913164631.GA1874905@gabi.sernet.de> Message-ID: <1316085138.12936.39.camel@hurina> On Thu, 2011-09-15 at 12:46 +0200, Lutz Pre?ler wrote: > I have a more general problem now: shared mailboxes from any "non-INBOX" > namespace are not available to other users. That's not only with virtual or > imapc namespaces, but also tested with two Maildir ones: > namespace others { > type = shared > separator = . > prefix = INBOX.shared.%%u. > location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u Right, because here you have configured a shared namespace for ~/Maildir. If you want to access also ~/Maildir2, you'd need to create a second shared namespace for it. Perhaps in future there could be some kind of automated detection of namespaces and putting them all under a single shared namespace. Configuration could probably be something like: namespace others { type = shared separator = . prefix = INBOX.shared.%%u. location = shared:INBOX.:INDEX=~/Maildir/shared/%%u } The above would then map "INBOX.shared.%%u." namespace to other user's "INBOX." namespace and also export any other private namespaces under it. From robert at schetterer.org Thu Sep 15 14:39:14 2011 From: robert at schetterer.org (Robert Schetterer) Date: Thu, 15 Sep 2011 13:39:14 +0200 Subject: [Dovecot] mysql auth failover failing In-Reply-To: <1316084011.12936.31.camel@hurina> References: <4E6ACC6C.6020200@acm.org> <1316084011.12936.31.camel@hurina> Message-ID: <4E71E3E2.1080600@schetterer.org> Am 15.09.2011 12:53, schrieb Timo Sirainen: > On Fri, 2011-09-09 at 19:33 -0700, Paul B. Henson wrote: > >> Sep 9 15:47:34 tweak dovecot: auth: Error: >> mysql(mysql-1.unx.csupomona.edu): Connect failed to database (idmgmt): >> Can't connect to MySQL server on 'mysql-1.unx.csupomona.edu' (111) - >> waiting for 1 seconds before retry > > I did several fixes related to this in v2.0 hg. > >> And postfix starts to fail authentications: >> >> Sep 9 15:47:35 tweak postfix/smtpd[5119]: warning: >> bender.iitsys.csupomona.edu[134.71.250.134]: SASL DIGEST-MD5 >> authentication failed: Connection lost to authentication server > > The reason why it kept failing with Postfix was because Dovecot had 10 > second timeout for SQL connecting, and Postfix had 10 second timeout > before failing authentication. So Postfix never waited long enough for > Dovecot to attempt a second connection to the second MySQL server. I > dropped Dovecot's SQL connect timeout to 5 seconds. > >> Now and again the authentication process dies: >> >> Sep 9 15:47:39 tweak dovecot: auth: Panic: file auth-request-handler.c: >> line 697 (auth_request_handler_flush_failures): assertion failed: >> (auth_request->state == AUTH_REQUEST_STATE_FINISHED) > > This happened only with non-plaintext authentication (e.g. DIGEST-MD5). > Fixed also. > Hi Timo, silly question is there really a native failover mysql in dovecot ? cant remember this , i only remember this as part of dovecot proxiing -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria From Lutz.Pressler at SerNet.DE Thu Sep 15 14:41:43 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Thu, 15 Sep 2011 13:41:43 +0200 Subject: [Dovecot] sharing of non-INBOX namespaces? Re: imapc and imap_acl In-Reply-To: <1316085138.12936.39.camel@hurina> References: <57674CC7-1F64-4131-98C6-45CF8B54F23B@iki.fi> <20110913164631.GA1874905@gabi.sernet.de> <1316085138.12936.39.camel@hurina> Message-ID: On Do, 15 Sep 2011, Timo Sirainen wrote: > On Thu, 2011-09-15 at 12:46 +0200, Lutz Pre?ler wrote: > > I have a more general problem now: shared mailboxes from any "non-INBOX" > > namespace are not available to other users. That's not only with virtual or > > imapc namespaces, but also tested with two Maildir ones: > > > namespace others { > > type = shared > > separator = . > > prefix = INBOX.shared.%%u. > > location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u > > Right, because here you have configured a shared namespace for > ~/Maildir. Uh, oh... of course. Stupid to expect it to work as your proposal for future extension already... but that would be the most flexible way, please implement :-). > If you want to access also ~/Maildir2, you'd need to create a > second shared namespace for it. Maybe I mess something up the second time today - but I cannot get it to work: namespace others { type = shared separator = . prefix = INBOX.shared.%%u. location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u subscriptions = no list = children } namespace otherssecond { type = shared separator = . prefix = INBOX.shared2.%%u. location = maildir:%%h/Maildir2:INDEX=~/Maildir/shared2/%%u subscriptions = no list = children } As testuser: 0 select INBOX.shared2.user1.box 0 NO Mailbox doesn't exist: shared2.user1.box with log: Sep 15 13:28:51 host dovecot: imap(17320, testuser): Debug: acl vfile: file /etc/dovecot/global-acls/INBOX.shared2.user1.box not found Sep 15 13:28:51 host dovecot: imap(17320, testuser): Debug: acl vfile: file /home/testuser/Maildir/.shared2.user1.box/dovecot-acl not found like the otherssecond namespace beeing ignored (yes, I've restarted dovecot). First I tried in otherssecond prefix = INBOX.shared.%%u.second. location = maildir:%%h/Maildir2:INDEX=~/Maildir/shared/%%u/second - don't know if this is even supposed to work, but both variants do not. Lutz From tss at iki.fi Thu Sep 15 14:43:04 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 15 Sep 2011 14:43:04 +0300 Subject: [Dovecot] mysql auth failover failing In-Reply-To: <4E71E3E2.1080600@schetterer.org> References: <4E6ACC6C.6020200@acm.org> <1316084011.12936.31.camel@hurina> <4E71E3E2.1080600@schetterer.org> Message-ID: <1316086984.12936.49.camel@hurina> On Thu, 2011-09-15 at 13:39 +0200, Robert Schetterer wrote: > > is there really a native failover mysql in dovecot ? > cant remember this , i only remember this as part of dovecot proxiing For SQL authentication it can use multiple SQL server hosts (with both MySQL and PostgreSQL) and do HA/load balancing. From tss at iki.fi Thu Sep 15 14:45:01 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 15 Sep 2011 14:45:01 +0300 Subject: [Dovecot] multiple "imapc namespaces" Re: imapc and imap_acl In-Reply-To: References: <57674CC7-1F64-4131-98C6-45CF8B54F23B@iki.fi> <20110913164631.GA1874905@gabi.sernet.de> Message-ID: <1316087101.12936.51.camel@hurina> On Tue, 2011-09-13 at 18:58 +0200, Lutz Pre?ler wrote: > On Tue, 13 Sep 2011, Lutz Pre?ler wrote: > > On Di, 13 Sep 2011, Timo Sirainen wrote: > > > mail_location = imapc:~/imapc > > Oh, had not realized that a path argument is possible for imapc:. There are > > even index file then... > What about taking imapc parameters/credentials optionally from > a file in this directory (like dovecot-virtual)? Hmm. I'd rather not implement something that gets obsolete later. If there were per-namespace imapc_ settings, this (and other things) could be implemented by having per-user configuration files. From tss at iki.fi Thu Sep 15 14:50:08 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 15 Sep 2011 14:50:08 +0300 Subject: [Dovecot] Warning: Subscriptions file .. Removing invalid entry: In-Reply-To: <20110914071252.GA13849@oc1046828364.ibm.com> References: <20110914071252.GA13849@oc1046828364.ibm.com> Message-ID: <1316087409.12936.55.camel@hurina> On Wed, 2011-09-14 at 09:12 +0200, Jan-Frode Myklebust wrote: > One of our dovecot-servers (v2.0.14) got a bit too busy last evening: > > Sep 13 20:39:18 popimap1 dovecot: master: Warning: service(pop3-login): process_limit reached, client connections are being dropped > > then logged a few: > > Sep 13 20:39:20 popimap1 dovecot: pop3(XXXXXXXXX at YYYYY.YY): Warning: I/O leak: 0x3829233d20 (10) > Sep 13 20:39:20 popimap1 dovecot: pop3(XXXXXXXXX at YYYYY.YY): Warning: Timeout leak: 0x3829233ce0 Could you show the output of: gdb /usr/local/libexec/dovecot/pop3 # or whatever path it is in x 0x3829233d20 x 0x3829233ce0 I guess the client isn't being destroyed properly for some reason.. > but what has me a bit worried is these: > > imap(user at xxx.xxx): Warning: Subscriptions file /path/to/user at xxx.xxx/subscriptions: Removing invalid entry: .Sent > imap(user at xxx.xxx): Warning: Subscriptions file /path/to/user at xxx.xxx/subscriptions: Removing invalid entry: .Spam > imap(user at xxx.xxx): Warning: Subscriptions file /path/to/user at xxx.xxx/subscriptions: Removing invalid entry: .Drafts > imap(user at xxx.xxx): Warning: Subscriptions file /path/to/user at xxx.xxx/subscriptions: Removing invalid entry: .Trash These are simply broken subscription entries that have never worked. They're not supposed to begin with a ".". In older Dovecot versions they were shown to clients, but I don't know what clients would have done with such broken entries. I guess some could have shown them "correctly", some could have shown them in a broken way and some could have just ignored them. From robert at schetterer.org Thu Sep 15 15:11:13 2011 From: robert at schetterer.org (Robert Schetterer) Date: Thu, 15 Sep 2011 14:11:13 +0200 Subject: [Dovecot] mysql auth failover failing In-Reply-To: <1316086984.12936.49.camel@hurina> References: <4E6ACC6C.6020200@acm.org> <1316084011.12936.31.camel@hurina> <4E71E3E2.1080600@schetterer.org> <1316086984.12936.49.camel@hurina> Message-ID: <4E71EB61.2090508@schetterer.org> Am 15.09.2011 13:43, schrieb Timo Sirainen: > On Thu, 2011-09-15 at 13:39 +0200, Robert Schetterer wrote: >> >> is there really a native failover mysql in dovecot ? >> cant remember this , i only remember this as part of dovecot proxiing > > For SQL authentication it can use multiple SQL server hosts (with both > MySQL and PostgreSQL) and do HA/load balancing. > > ok, i see, but i have nearly all possible parameters in mysql ( i use a mysql cluster ), thx anyway for answer -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria From janfrode at tanso.net Thu Sep 15 15:11:15 2011 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Thu, 15 Sep 2011 14:11:15 +0200 Subject: [Dovecot] Warning: Subscriptions file .. Removing invalid entry: In-Reply-To: <1316087409.12936.55.camel@hurina> References: <20110914071252.GA13849@oc1046828364.ibm.com> <1316087409.12936.55.camel@hurina> Message-ID: <20110915121115.GA10074@oc1046828364.ibm.com> On Thu, Sep 15, 2011 at 02:50:08PM +0300, Timo Sirainen wrote: > > Sep 13 20:39:20 popimap1 dovecot: pop3(XXXXXXXXX at YYYYY.YY): Warning: I/O leak: 0x3829233d20 (10) > > Sep 13 20:39:20 popimap1 dovecot: pop3(XXXXXXXXX at YYYYY.YY): Warning: Timeout leak: 0x3829233ce0 > > Could you show the output of: > > gdb /usr/local/libexec/dovecot/pop3 # or whatever path it is in > x 0x3829233d20 > x 0x3829233ce0 sorry, but I have no debugging enabled.. % gdb /usr/libexec/dovecot/pop3 Reading symbols from /usr/libexec/dovecot/pop3...(no debugging symbols found)...done. (gdb) x 0x3829233d20 0x3829233d20: Cannot access memory at address 0x3829233d20 (gdb) x 0x3829233ce0 0x3829233ce0: Cannot access memory at address 0x3829233ce0 (gdb) quit > > imap(user at xxx.xxx): Warning: Subscriptions file /path/to/user at xxx.xxx/subscriptions: Removing invalid entry: .Drafts > > imap(user at xxx.xxx): Warning: Subscriptions file /path/to/user at xxx.xxx/subscriptions: Removing invalid entry: .Trash > > These are simply broken subscription entries that have never worked. > They're not supposed to begin with a ".". In older Dovecot versions they > were shown to clients, but I don't know what clients would have done > with such broken entries. I guess some could have shown them > "correctly", some could have shown them in a broken way and some could > have just ignored them. Ok, thanks for the explanation. -jf From tom at elysium.ltd.uk Thu Sep 15 16:40:34 2011 From: tom at elysium.ltd.uk (Tom Clark) Date: Thu, 15 Sep 2011 14:40:34 +0100 Subject: [Dovecot] Shared folder not listing Message-ID: <005501cc73ad$0bc3cea0$234b6be0$@elysium.ltd.uk> Hi Timo, I've got a weird problem on our dovecot. We're trying to setup private shared folder access. I have 2 users. tom at mailbox.com and system at mailbox.com. I have set the ACL's on all the folders (and subfolders) on system at mailbox.com. However, I'm not getting any of them listed when I check tom at mailbox.com 's IMAP folders. Our configuration is below (we're migrating from Courier hence the INBOX.): In 10-mail.conf: namespace { type = private prefix = INBOX. separator = . inbox = yes list = yes hidden = yes } namespace { type = shared separator = . prefix = INBOX.Shared.%%u location = maildir:%%h/Maildir:INDEX=~/Maildir/Shared/%%u subscriptions = no list = children } mail_plugins = acl protocol imap { mail_plugins = $mail_plugins imap_acl } In 90-acl.conf: plugin { #acl = vfile:/etc/dovecot/acls:cache_secs=300 acl = vfile } # To let users LIST mailboxes shared by other users, Dovecot needs a # shared mailbox dictionary. For example: plugin { acl_shared_dict = file:/var/vpopmail/domains/%d/shared-mailboxes } Have I missed anthing!?!? Thanks in advance! Tom From CMarcus at Media-Brokers.com Thu Sep 15 17:23:10 2011 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Thu, 15 Sep 2011 10:23:10 -0400 Subject: [Dovecot] Shared folder not listing In-Reply-To: <005501cc73ad$0bc3cea0$234b6be0$@elysium.ltd.uk> References: <005501cc73ad$0bc3cea0$234b6be0$@elysium.ltd.uk> Message-ID: <4E720A4E.5050303@Media-Brokers.com> On 2011-09-15 9:40 AM, Tom Clark wrote: > Have I missed anthing!?!? Only to please not copy/paste from your config files, but post output of doveconf -n. This ensures that your settings really are what you think they are. -- Best regards, Charles From tom at elysium.ltd.uk Thu Sep 15 17:39:52 2011 From: tom at elysium.ltd.uk (Tom Clark) Date: Thu, 15 Sep 2011 15:39:52 +0100 Subject: [Dovecot] Shared folder not listing In-Reply-To: <4E720A4E.5050303@Media-Brokers.com> References: <005501cc73ad$0bc3cea0$234b6be0$@elysium.ltd.uk> <4E720A4E.5050303@Media-Brokers.com> Message-ID: <00a401cc73b5$543c6220$fcb52660$@elysium.ltd.uk> Fair enough. Here is output from doveconf -n # 2.0.13: /etc/dovecot/dovecot.conf # OS: Linux 2.6.35.6-45.fc14.x86_64 x86_64 Fedora release 14 (Laughlin) auth_debug_passwords = yes auth_verbose = yes auth_verbose_passwords = plain base_dir = /var/run/dovecot/ disable_plaintext_auth = no first_valid_uid = 1 login_greeting = Ready mail_debug = yes mail_location = maildir:~/Maildir mail_plugins = acl managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date mbox_write_locks = fcntl namespace { hidden = yes inbox = yes list = yes location = prefix = INBOX. separator = . type = private } namespace { list = children location = maildir:/var/vpopmail/domains/%d/%%n/Maildir:INDEX=~/Maildir/Shared/%d/%%u prefix = INBOX.Shared.%%u separator = . subscriptions = no type = shared } passdb { driver = vpopmail } plugin { acl = vfile acl_shared_dict = file:/var/vpopmail/domains/%d/shared-mailboxes sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } ssl_cert = wrote: > Have I missed anthing!?!? Only to please not copy/paste from your config files, but post output of doveconf -n. This ensures that your settings really are what you think they are. -- Best regards, Charles From ajb2 at mssl.ucl.ac.uk Thu Sep 15 17:39:52 2011 From: ajb2 at mssl.ucl.ac.uk (Alan Brown) Date: Thu, 15 Sep 2011 15:39:52 +0100 Subject: [Dovecot] dovecot Digest, Vol 101, Issue 26 In-Reply-To: References: Message-ID: <4E720E38.7040109@mssl.ucl.ac.uk> > From: Timo Sirainen > Subject: Re: [Dovecot] general advice sought > Message-ID: <1315830847.7326.48.camel at hurina> > Content-Type: text/plain; charset="ISO-8859-15" > > On Mon, 2011-09-12 at 13:11 +0100, Alan Brown wrote: >> I'd like to hear the thoughts of list members on which type of storage >> method seems "best" for inboxes and for folders. >> >> The filesystem is GFS2 and for various reasons I can't change it. > .. >> If I migrate to other formats (eg mdbox), then it needs to be able to be >> done on the fly. (Taking the mailservers down for a day won't go down >> well, even an hour raises howls). > > Have you had any trouble with Dovecot's index files in your current > setup? Any errors at all? Zero. The issues which have arisen are: 1: Really slow access to messages in large folders (GFS2 issue) 2: Users trashing their inbox then demanding we drop everything to restore "all my important mail" > If not, I'd think mdbox will work fine. You > can do it incrementally per-user (and you really should try it first > with only a few users). http://wiki2.dovecot.org/Tools/Dsync explains > how to do it on the fly. I thought so too, just wanted to hear opinions on doing it vs other approaches. :) From Lutz.Pressler at SerNet.DE Thu Sep 15 18:15:18 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Thu, 15 Sep 2011 17:15:18 +0200 Subject: [Dovecot] unexpected LSUB / LIST (SUBSCRIBED) output Re: Panic: file mailbox-list-subscriptions.c: line 66 (mailbox_list_subscription_fill_one): assertion failed: (ns!= NULL && (ns->flags & NAMESPACE_FLAG_AUTOCREATED) != 0) In-Reply-To: <1316078544.12936.20.camel@hurina> References: <1316078544.12936.20.camel@hurina> Message-ID: On Thu, 15 Sep 2011, Timo Sirainen wrote: > On Wed, 2011-09-14 at 12:10 +0200, Lutz Pre?ler wrote: > > imap(2717, testuser): Panic: file mailbox-list-subscriptions.c: line > > 66 (mailbox_list_subscription_fill_one): assertion failed: (ns!= NULL > > && (ns->flags & NAMESPACE_FLAG_AUTOCREATED) != 0) > > > Fixed: http://hg.dovecot.org/dovecot-2.1/rev/309a707c22c0 No assertion anymore. 0 login testuser password [...] 0 list "" "*" * LIST (\HasChildren) "." "INBOX" * LIST (\HasNoChildren) "." "INBOX.test" * LIST (\Noselect \HasChildren) "." "INBOX.shared.user1" * LIST (\HasNoChildren) "." "INBOX.virtual" * LIST (\HasNoChildren) "." "INBOX.shared.user1.in2007" 0 OK List completed. 0 lsub "" "*" * LSUB (\Noselect) "." "INBOX.shared.user1" 0 OK Lsub completed. 0 list (subscribed) "" "*" * LIST (\NonExistent) "." "INBOX.shared.user1" 0 OK List completed. >>> ~testuser/Maildir/subscription is empty here 0 subscribe INBOX.shared.user1.in2007 0 OK Subscribe completed. 0 lsub "" "*" * LSUB (\Noselect) "." "INBOX.shared.user1" * LSUB () "." "INBOX.shared.user1.in2007" 0 OK Lsub completed. 0 list (subscribed) "" "*" * LIST (\NonExistent) "." "INBOX.shared.user1" * LIST (\Subscribed) "." "INBOX.shared.user1.in2007" 0 OK List completed. >>> ~testuser/Maildir/subscription now contains "shared.user1.in2007" Is this "INBOX.shared.user1" LSUB/LIST output correct? Lutz From tom at elysium.ltd.uk Thu Sep 15 18:23:30 2011 From: tom at elysium.ltd.uk (Tom Clark) Date: Thu, 15 Sep 2011 16:23:30 +0100 Subject: [Dovecot] Shared folder not listing In-Reply-To: <00a401cc73b5$543c6220$fcb52660$@elysium.ltd.uk> References: <005501cc73ad$0bc3cea0$234b6be0$@elysium.ltd.uk> <4E720A4E.5050303@Media-Brokers.com> <00a401cc73b5$543c6220$fcb52660$@elysium.ltd.uk> Message-ID: <011201cc73bb$6d0626a0$471273e0$@elysium.ltd.uk> I have managed to sort this out myself. Initially I was missing the ending "." from the prefix. I also noted that %%d wasn't returning the domain correctly (mailbox instead of mailbox.com). I changed to using %d which worked fine (as I'm not sharing folders outside the domain). I'm not sure if this is a bug and whether it would have been fixed in a later version of Dovecot. Tom -----Original Message----- From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On Behalf Of Tom Clark Sent: 15 September 2011 3:40 PM To: 'Dovecot Mailing List' Subject: Re: [Dovecot] Shared folder not listing Fair enough. Here is output from doveconf -n # 2.0.13: /etc/dovecot/dovecot.conf # OS: Linux 2.6.35.6-45.fc14.x86_64 x86_64 Fedora release 14 (Laughlin) auth_debug_passwords = yes auth_verbose = yes auth_verbose_passwords = plain base_dir = /var/run/dovecot/ disable_plaintext_auth = no first_valid_uid = 1 login_greeting = Ready mail_debug = yes mail_location = maildir:~/Maildir mail_plugins = acl managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date mbox_write_locks = fcntl namespace { hidden = yes inbox = yes list = yes location = prefix = INBOX. separator = . type = private } namespace { list = children location = maildir:/var/vpopmail/domains/%d/%%n/Maildir:INDEX=~/Maildir/Shared/%d/%%u prefix = INBOX.Shared.%%u separator = . subscriptions = no type = shared } passdb { driver = vpopmail } plugin { acl = vfile acl_shared_dict = file:/var/vpopmail/domains/%d/shared-mailboxes sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } ssl_cert = wrote: > Have I missed anthing!?!? Only to please not copy/paste from your config files, but post output of doveconf -n. This ensures that your settings really are what you think they are. -- Best regards, Charles From micah at riseup.net Thu Sep 15 20:14:39 2011 From: micah at riseup.net (Micah Anderson) Date: Thu, 15 Sep 2011 13:14:39 -0400 Subject: [Dovecot] moving mail out of alt storage References: <87sjnya3z5.fsf@algae.riseup.net> <1316077133.12936.18.camel@hurina> Message-ID: <87obylafsw.fsf_-_@algae.riseup.net> Timo Sirainen writes: > On Wed, 2011-09-14 at 23:17 -0400, Micah Anderson wrote: >> I moved some mail into the alt storage: >> >> doveadm altmove -u johnd at example.com seen savedbefore 1w >> >> and now I want to move it back to the regular INBOX, but I can't see how >> I can do that with either 'altmove' or 'mailbox move'. > > Is this sdbox or mdbox? With sdbox you could simply "mv" the files. Or > apply patch: http://hg.dovecot.org/dovecot-2.0/rev/1910c76a6cc9 This is mdbox, which is why I am not sure how to operate because I am used to individual files as is with maildir. micah From al-dovecot at none.at Thu Sep 15 22:13:32 2011 From: al-dovecot at none.at (Aleksandar Lazic) Date: Thu, 15 Sep 2011 21:13:32 +0200 Subject: [Dovecot] Sieve envelope :detail "to" "extention" does not deliver to fileinto destination In-Reply-To: <4E71C573.2040407@rename-it.nl> References: <20110912171448.GB320@none.at> <4E71C573.2040407@rename-it.nl> Message-ID: <20110915191332.GA29568@none.at> Dear Stephan, On Don 15.09.2011 11:29, Stephan Bosch wrote: >Op 12-9-2011 19:14, Aleksandar Lazic schreef: >>Is there a 'log' or 'print' command in the sieve filter or how can I >>write a message to the log file? > >With the latest Pigeonhole (0.2.4), you can use the vnd.dovecot.debug >extension (which is not available by default and therefore needs to be >added to sieve_extensions), e.g. > >=== >require "vnd.dovecot.debug"; >require "envelope"; >require "variables"; > >if envelope :matches "to" "*" { debug_log "envelope to `${1}'"; } >=== [snipp] Thank you. debug_log "envelope to `${1}'"; debug_log "envelope to detail `${detail}'"; <= is this a default variable? I get === sieve: info: started log at Sep 15 21:07:07. lists.sieve: line 15: info: DEBUG: envelope to `al-pdnsusers at none.at'. lists.sieve: line 16: info: DEBUG: envelope to detail `'. info: msgid=<20110915190707.256ED9FECC31 at external.none.at>: stored mail into mailbox 'Lists.pdnsusers'. === Is there a possibility to print the :detail from the subaddress module? Maybe like Pseudocode: === set "detail" :detail if :detail not empty === Is there a possibility to dump all variables? Are there any default variables in variables module? What does I make wrong that I haven't the :detail from the subaddress?! BR Aleks From al-dovecot at none.at Thu Sep 15 22:15:24 2011 From: al-dovecot at none.at (Aleksandar Lazic) Date: Thu, 15 Sep 2011 21:15:24 +0200 Subject: [Dovecot] convert maildrop filter to sieve Message-ID: <20110915191524.GB29568@none.at> Dear list member, does anybody have a script which can convert maildrop filter to sive filter? BR Aleks From henson at acm.org Thu Sep 15 23:40:28 2011 From: henson at acm.org (Paul B. Henson) Date: Thu, 15 Sep 2011 13:40:28 -0700 Subject: [Dovecot] mysql auth failover failing In-Reply-To: <1316084011.12936.31.camel@hurina> References: <4E6ACC6C.6020200@acm.org> <1316084011.12936.31.camel@hurina> Message-ID: <4E7262BC.6070709@acm.org> On 9/15/2011 3:53 AM, Timo Sirainen wrote: > I did several fixes related to this in v2.0 hg. Cool, thanks. Any thoughts on when you'll release a new version including them? Looks like the relevant changesets are 0dffdc3bfad1, 3334c12a2b1a, c056bd23fdcc, 11273f581686, 1b829680dce4, 55552b4e8c65, 3955a5b2a917, and 20a901f1de31. I'll suck those down and try to make a patch for the current release version and give it a test. > The reason why it kept failing with Postfix was because Dovecot had 10 > second timeout for SQL connecting, and Postfix had 10 second timeout > before failing authentication. D'oh :). I thought about timeout issues, but there doesn't appear to be any way in dovecot or postfix to change them via the configuration file. -- Paul B. Henson | (909) 979-6361 | http://www.csupomona.edu/~henson/ Operating Systems and Network Analyst | henson at csupomona.edu California State Polytechnic University | Pomona CA 91768 From al-dovecot at none.at Fri Sep 16 01:02:46 2011 From: al-dovecot at none.at (Aleksandar Lazic) Date: Fri, 16 Sep 2011 00:02:46 +0200 Subject: [Dovecot] Detecting duplicate messages with sieve Message-ID: <20110915220246.GA17639@none.at> Dear Listmember, I use http://www.courier-mta.org/reformail.html for "Detecting duplicate messages" ### The -D option implements a simple way to delete duplicate messages in incoming mail. filename is a file that will be approximately 'len' bytes long. This file will be used by reformail to save message IDs seen in recent mail. reformail reads the message on standard input. If the message has a Message-ID: header that's already in the cache file, reformail terminates with the exit code set to 0. Otherwise, reformail terminates with the exit code set to 1. ### ### my entry in mailfilter `reformail -D 8192 $HOME/.msg.cache` if ($RETURNCODE == 0) { /^From: *!.*/ FROM1=${MATCH2} /^Subject: *!.*/ log "$FROM (${FROM1}) => Not Delivered duplicate MSG-ID. Subject ${MATCH2}\n" exit } ### Is there a similar feature in sieve or can I still use the upper setup? Another question is about to add this header line in every mail. xfilter "${REFORMAIL} -a\"Lines: $LINES\"" Thanks for your help. BR Aleks From serarien at baqs.net Fri Sep 16 01:58:30 2011 From: serarien at baqs.net (Pierre) Date: Fri, 16 Sep 2011 00:58:30 +0200 Subject: [Dovecot] dovecot-virtual folder configuration Message-ID: <2a82c4fe9e3aba3c621fe9eb2e530200@mail3.serarien.com> Hi all, Long story short, I'd like to configure a folder containing: INBOX (some other folders) -> unseen emails from these folders + all other emails (also seen) from the same thread -> seen emails from these folders, but only the recent ones + all other emails from the same thread I tried: # inthread refs (or (or recent unseen) recent ) inthread refs unseen # inthread refs (or unseen ( recent seen) ) # inthread refs recent unseen # inthread refs unseen #inthread refs recent (or unseen ) # inthread refs (recent seen (or unseen )) # (inthread refs (or unseen) recent seen) #( inthread refs (or (or recent unseen) flagged) ) without success. Where could I find proper,understandable doc for this? Could anybody help me on configuring such rule(s) ? Thanks a lot in adavance, Pierre From henson at acm.org Fri Sep 16 03:03:25 2011 From: henson at acm.org (Paul B. Henson) Date: Thu, 15 Sep 2011 17:03:25 -0700 Subject: [Dovecot] mysql auth failover failing In-Reply-To: <1316084011.12936.31.camel@hurina> References: <4E6ACC6C.6020200@acm.org> <1316084011.12936.31.camel@hurina> Message-ID: <4E72924D.8090709@acm.org> On 9/15/2011 3:53 AM, Timo Sirainen wrote: > I did several fixes related to this in v2.0 hg. I patched version 2.0.13 with these fixes and tested it out. As far as I can tell, it still doesn't do load balancing. When started, it only connects to the primary server, and as long as that server is available never seems to try and connect to the other one. However, the failover is much better. There are a few failed authentications when the primary server first becomes unavailable (seems to depend on load; under a light load, only a couple fail, the heavier the load, the more fail). After that blip though, authentications work fine. Thanks much for your help resolving this issue, I greatly appreciate it. -- Paul B. Henson | (909) 979-6361 | http://www.csupomona.edu/~henson/ Operating Systems and Network Analyst | henson at csupomona.edu California State Polytechnic University | Pomona CA 91768 From florob at babelmonkeys.de Fri Sep 16 03:47:56 2011 From: florob at babelmonkeys.de (Florian Zeitz) Date: Fri, 16 Sep 2011 02:47:56 +0200 Subject: [Dovecot] [PATCH] SCRAM-SHA-1 authentication Message-ID: <4E729CBC.5080600@babelmonkeys.de> Hy, over the last days I have implemented SCRAM-SHA-1 in Dovecot's 2.1 branch. It does not do SCRAM-SHA-1-PLUS, but should be extendable enough to introduce it later. There are some checks for the message format which (assuming the client acts correclty) are not strictly necessary during parsing. This is partially in the hope that it might aid client implementers, partially because it (IMHO) improves readability when checking against the RFC. Also errors found in this way could be sent to the client, this is however strictly OPTIONAL in the RFC, for now they are just logged. Some of the variable names are rather long. This is in order to have them match the terms introduced in the RFC, again I expect it to help readability (maybe my recent Objective-C programming showing though). I do feel somewhat insecure about my usage of some lib functions. Hopefully no API has been abused too much. I also note that there are a lot of fields in the scram_auth_request struct. I think they are all there for a reason, however feel free to prove me wrong. Attached is a hg export. It also includes a hmac-sha1 implementation, an adaption off of the hmac-md5 implementation already in Dovecot. I guess those should eventually be merged into a hash-independent hmac implementation, but I figured this would have to do for now. The implementation has been tested against GNU SASL and does appear to work fine. (The command line was `gsasl -m SCRAM-SHA-1 -a user -p pass --imap host` for those curious) Regards Florian "Florob" Zeitz -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: scram-sha-1.exp URL: From tss at iki.fi Fri Sep 16 12:21:36 2011 From: tss at iki.fi (Timo Sirainen) Date: Fri, 16 Sep 2011 12:21:36 +0300 Subject: [Dovecot] mysql auth failover failing In-Reply-To: <4E72924D.8090709@acm.org> References: <4E6ACC6C.6020200@acm.org> <1316084011.12936.31.camel@hurina> <4E72924D.8090709@acm.org> Message-ID: <1316164896.12936.57.camel@hurina> On Thu, 2011-09-15 at 17:03 -0700, Paul B. Henson wrote: > > I did several fixes related to this in v2.0 hg. > > I patched version 2.0.13 with these fixes and tested it out. > > As far as I can tell, it still doesn't do load balancing. Oh. http://hg.dovecot.org/dovecot-2.0/rev/327698228158 should finally fix it. :) From amateo at um.es Fri Sep 16 12:51:19 2011 From: amateo at um.es (Angel L. Mateo) Date: Fri, 16 Sep 2011 11:51:19 +0200 Subject: [Dovecot] Deleted mailboxes with lazy_expunge Message-ID: <4E731C17.5090305@um.es> Hello, I'm trying to configure lazy_expunge plugin (as a way to provide easy backup for mails). This is my configuration (as explained in dovecot wiki): # Default namespace namespace { prefix = separator = / inbox = yes } # namespaces for lazy_expunge plugin: namespace { prefix = .EXPUNGED/ separator = / location = maildir:~/Maildir/expunged } namespace { prefix = .DELETED/ separator = / location = maildir:~/Maildir/deleted } namespace { prefix = .DELETED/.EXPUNGED/ separator = / location = maildir:~/Maildir/deleted/expunged lazy_expunge = .EXPUNGED/ .DELETED/ .DELETED/.EXPUNGED/ I use just one namespace because I don't want to differentiate between deleting mails or deleting mailboxes, but I have the same problem using the 3 namespaces. With this configuration, when a user connects, if he doesn't have the expunged folder, dovecot logs: Sep 16 10:53:35 myotis30 dovecot: imap(angel.luis): Debug: Namespace : type=private, prefix=.EXPUNGED/, sep=/, inbox=no, hidden=no, list=yes, subscriptions=yes location=maildir:~/Maildir/expunged Sep 16 10:53:35 myotis30 dovecot: imap(angel.luis): Debug: maildir++: root=/home/alumnos/46/113246/Maildir/expunged, index=, control=, inbox= Sep 16 10:53:35 myotis30 dovecot: imap(angel.luis): Debug: Namespace .EXPUNGED/: Permission lookup failed from /home/alumnos/46/113246/Maildir/expunged Sep 16 10:53:35 myotis30 dovecot: imap(angel.luis): Debug: Namespace .EXPUNGED/: Using permissions from /home/alumnos/46/113246/Maildir/expunged: mode=0700 gid=-1 and the expunged folder is created (without the cur, new neither tmp folders). When I delete a message in the INBOX folder (for example), dovecot logs: Sep 16 10:57:19 myotis30 dovecot: imap(angel.luis): Debug: Namespace .EXPUNGED/: Permission lookup failed from /home/alumnos/46/113246/Maildir/expunged/.INBOX Sep 16 10:57:19 myotis30 dovecot: imap(angel.luis): Debug: Namespace .EXPUNGED/: Using permissions from /home/alumnos/46/113246/Maildir/expunged: mode=0700 gid=-1 Sep 16 10:57:19 myotis30 dovecot: imap(angel.luis): Debug: Namespace .EXPUNGED/: Permission lookup failed from /home/alumnos/46/113246/Maildir/expunged/.INBOX Sep 16 10:57:19 myotis30 dovecot: imap(angel.luis): Debug: Namespace .EXPUNGED/: Using permissions from /home/alumnos/46/113246/Maildir/expunged: mode=0700 gid=-1 and the message is stored in the expunge namespace (that is an imap INBOX folder is created in the namespace, with its cur, new and tmp, and the message is stored). But when I try to delete a whole imap folder (in the example I delete it from trash folder because I use thunderbird and it previously move the folder to trash), dovecot logs: Sep 16 11:45:46 myotis30 dovecot: imap(angel.luis): Debug: Namespace .DELETED/: Using permissions from /home/alumnos/46/113246/Maildir/deleted: mode=0700 gid=-1 Sep 16 11:45:46 myotis30 dovecot: imap(angel.luis): Debug: Namespace .DELETED/: Permission lookup failed from /home/alumnos/46/113246/Maildir/deleted/.Trash.kk-20110916-114546 Sep 16 11:45:46 myotis30 dovecot: imap(angel.luis): Debug: Namespace .DELETED/: Using permissions from /home/alumnos/46/113246/Maildir/deleted: mode=0700 gid=-1 Sep 16 11:45:46 myotis30 dovecot: imap(angel.luis): Debug: Namespace .DELETED/: Permission lookup failed from /home/alumnos/46/113246/Maildir/deleted/.Trash.kk-20110916-114546 Sep 16 11:45:46 myotis30 dovecot: imap(angel.luis): Debug: Namespace .DELETED/: Using permissions from /home/alumnos/46/113246/Maildir/deleted: mode=0700 gid=-1 and my mail client reports the error "[CANNOT] Can't rename mailboxes accross specified storages" and the mail folder isn't created in the DELETED namespace. Any idea? -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n _o) y las Comunicaciones Aplicadas (ATICA) / \\ http://www.um.es/atica _(___V Tfo: 868887590 Fax: 868888337 From tss at iki.fi Fri Sep 16 13:08:08 2011 From: tss at iki.fi (Timo Sirainen) Date: Fri, 16 Sep 2011 13:08:08 +0300 Subject: [Dovecot] Deleted mailboxes with lazy_expunge In-Reply-To: <4E731C17.5090305@um.es> References: <4E731C17.5090305@um.es> Message-ID: <1316167688.12936.61.camel@hurina> On Fri, 2011-09-16 at 11:51 +0200, Angel L. Mateo wrote: > Hello, > > I'm trying to configure lazy_expunge plugin (as a way to provide easy > backup for mails). This is my configuration (as explained in dovecot wiki): dovecot -n output would have been better. What do you use as mail_location? My guess is that you have specified INDEX or CONTROL path there, which isn't currently compatible with this.. > # Default namespace > namespace { > prefix = > separator = / > inbox = yes > } > > # namespaces for lazy_expunge plugin: > namespace { > prefix = .EXPUNGED/ > separator = / > location = maildir:~/Maildir/expunged > } > namespace { > prefix = .DELETED/ > separator = / > location = maildir:~/Maildir/deleted > } > namespace { > prefix = .DELETED/.EXPUNGED/ > separator = / > location = maildir:~/Maildir/deleted/expunged > > > lazy_expunge = .EXPUNGED/ .DELETED/ .DELETED/.EXPUNGED/ > > I use just one namespace because I don't want to differentiate between > deleting mails or deleting mailboxes, but I have the same problem using > the 3 namespaces. In above config you're using 3 namespaces, not 1. This problem shouldn't exist if you use just one namespace. > and my mail client reports the error "[CANNOT] Can't rename mailboxes > accross specified storages" and the mail folder isn't created in the > DELETED namespace. With http://hg.dovecot.org/dovecot-2.0/rev/e57bd3e2ec27 it'll now log the reason why it's not possible. From tss at iki.fi Fri Sep 16 13:18:41 2011 From: tss at iki.fi (Timo Sirainen) Date: Fri, 16 Sep 2011 13:18:41 +0300 Subject: [Dovecot] Shared folder not listing In-Reply-To: <011201cc73bb$6d0626a0$471273e0$@elysium.ltd.uk> References: <005501cc73ad$0bc3cea0$234b6be0$@elysium.ltd.uk> <4E720A4E.5050303@Media-Brokers.com> <00a401cc73b5$543c6220$fcb52660$@elysium.ltd.uk> <011201cc73bb$6d0626a0$471273e0$@elysium.ltd.uk> Message-ID: <1316168321.12936.65.camel@hurina> On Thu, 2011-09-15 at 16:23 +0100, Tom Clark wrote: > I have managed to sort this out myself. Initially I was missing the ending > "." from the prefix. It usually complains if that's missing, but looks like shared namespaces were a special case. Fixed: http://hg.dovecot.org/dovecot-2.0/rev/ea657df52a85 > I also noted that %%d wasn't returning the domain > correctly (mailbox instead of mailbox.com). I changed to using %d which > worked fine (as I'm not sharing folders outside the domain). > > I'm not sure if this is a bug and whether it would have been fixed in a > later version of Dovecot. Where were you using %%d? It's not in any config you posted here. But anyway "." is problematic, because you're also using it as hierarchy separator. I think you're going to run into trouble unless you change the separator. From amateo at um.es Fri Sep 16 13:34:16 2011 From: amateo at um.es (Angel L. Mateo) Date: Fri, 16 Sep 2011 12:34:16 +0200 Subject: [Dovecot] Deleted mailboxes with lazy_expunge In-Reply-To: <1316167688.12936.61.camel@hurina> References: <4E731C17.5090305@um.es> <1316167688.12936.61.camel@hurina> Message-ID: <4E732628.4000209@um.es> El 16/09/11 12:08, Timo Sirainen escribi?: > On Fri, 2011-09-16 at 11:51 +0200, Angel L. Mateo wrote: >> Hello, >> >> I'm trying to configure lazy_expunge plugin (as a way to provide easy >> backup for mails). This is my configuration (as explained in dovecot wiki): > > dovecot -n output would have been better. What do you use as Yes, I know but I forgot it :-(. You have now the config. > mail_location? My guess is that you have specified INDEX or CONTROL path > there, which isn't currently compatible with this.. > Yes, I'm using INDEX in mail_location >> I use just one namespace because I don't want to differentiate between >> deleting mails or deleting mailboxes, but I have the same problem using >> the 3 namespaces. > > In above config you're using 3 namespaces, not 1. This problem shouldn't > exist if you use just one namespace. I have tried with both configurations with the same problem. I have made another test, this time with 1 namespace and with thunderbird directly expunging messages (to avoid moving them to trash and then purging trash). With this, dovecot logs: Sep 16 12:26:48 myotis30 dovecot: imap(angel.luis): Debug: Namespace .EXPUNGED/: Using permissions from /home/alumnos/46/113246/Maildir/expunged: mode=0700 gid=-1 Sep 16 12:26:48 myotis30 dovecot: imap(angel.luis): Debug: Namespace .EXPUNGED/: Permission lookup failed from /home/alumnos/46/113246/Maildir/expunged/.kk Sep 16 12:26:48 myotis30 dovecot: imap(angel.luis): Debug: Namespace .EXPUNGED/: Using permissions from /home/alumnos/46/113246/Maildir/expunged: mode=0700 gid=-1 Sep 16 12:26:48 myotis30 dovecot: imap(angel.luis): Debug: Namespace .EXPUNGED/: Permission lookup failed from /home/alumnos/46/113246/Maildir/expunged/.kk Sep 16 12:26:48 myotis30 dovecot: imap(angel.luis): Debug: Namespace .EXPUNGED/: Using permissions from /home/alumnos/46/113246/Maildir/expunged: mode=0700 gid=-1 but "kk" mail folder isn't created in the expunge namespace. > >> and my mail client reports the error "[CANNOT] Can't rename mailboxes >> accross specified storages" and the mail folder isn't created in the >> DELETED namespace. > > With http://hg.dovecot.org/dovecot-2.0/rev/e57bd3e2ec27 it'll now log > the reason why it's not possible. > I'm going to try it... -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n _o) y las Comunicaciones Aplicadas (ATICA) / \\ http://www.um.es/atica _(___V Tfo: 868887590 Fax: 868888337 -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: doveconf.txt URL: From amateo at um.es Fri Sep 16 14:24:53 2011 From: amateo at um.es (Angel L. Mateo) Date: Fri, 16 Sep 2011 13:24:53 +0200 Subject: [Dovecot] Deleted mailboxes with lazy_expunge In-Reply-To: <1316167688.12936.61.camel@hurina> References: <4E731C17.5090305@um.es> <1316167688.12936.61.camel@hurina> Message-ID: <4E733205.5050406@um.es> El 16/09/11 12:08, Timo Sirainen escribi?: > > With http://hg.dovecot.org/dovecot-2.0/rev/e57bd3e2ec27 it'll now log > the reason why it's not possible. > These are the logs reported with this patch: ep 16 13:21:00 myotis30 dovecot: imap(angel.luis): Debug: Namespace .DELETED/: Using permissions from /home/alumnos/46/113246/Maildir/deleted: mode=0700 gid=-1 Sep 16 13:21:00 myotis30 dovecot: imap(angel.luis): Debug: Namespace .DELETED/: Permission lookup failed from /home/alumnos/46/113246/Maildir/deleted/.kk-20110916-132100 Sep 16 13:21:00 myotis30 dovecot: imap(angel.luis): Debug: Namespace .DELETED/: Using permissions from /home/alumnos/46/113246/Maildir/deleted: mode=0700 gid=-1 Sep 16 13:21:00 myotis30 dovecot: imap(angel.luis): Debug: Namespace .DELETED/: Permission lookup failed from /home/alumnos/46/113246/Maildir/deleted/.kk-20110916-132100 Sep 16 13:21:00 myotis30 dovecot: imap(angel.luis): Debug: Namespace .DELETED/: Using permissions from /home/alumnos/46/113246/Maildir/deleted: mode=0700 gid=-1 Sep 16 13:21:00 myotis30 dovecot: imap(angel.luis): Debug: Can't rename 'kk' to '.DELETED/kk-20110916-132100': index dirs don't match I have try to remove the same folder without INDEX in mail_location. Without this option it works. -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n _o) y las Comunicaciones Aplicadas (ATICA) / \\ http://www.um.es/atica _(___V Tfo: 868887590 Fax: 868888337 From leho at kraav.com Fri Sep 16 14:48:35 2011 From: leho at kraav.com (Leho Kraav) Date: Fri, 16 Sep 2011 14:48:35 +0300 Subject: [Dovecot] Plugins: virtuals vs acls Message-ID: <4E733793.3030304@kraav.com> Hi all dovecot-virtual: * all when dovecot-acl files restrict some subset of * for a user, does dovecot respect these ACLs when collecting messages for virtual folder? I'd like a confirmation about what I should be seeing when I start implementing this setup. From tss at iki.fi Fri Sep 16 14:53:39 2011 From: tss at iki.fi (Timo Sirainen) Date: Fri, 16 Sep 2011 14:53:39 +0300 Subject: [Dovecot] unexpected LSUB / LIST (SUBSCRIBED) output Re: Panic: file mailbox-list-subscriptions.c: line 66 (mailbox_list_subscription_fill_one): assertion failed: (ns!= NULL && (ns->flags & NAMESPACE_FLAG_AUTOCREATED) != 0) In-Reply-To: References: <1316078544.12936.20.camel@hurina> Message-ID: <1316174020.12936.66.camel@hurina> On Thu, 2011-09-15 at 17:15 +0200, Lutz Pre?ler wrote: > 0 lsub "" "*" > * LSUB (\Noselect) "." "INBOX.shared.user1" > 0 OK Lsub completed. > 0 list (subscribed) "" "*" > * LIST (\NonExistent) "." "INBOX.shared.user1" > 0 OK List completed. These shouldn't be here. > 0 lsub "" "*" > * LSUB (\Noselect) "." "INBOX.shared.user1" The above entry shouldn't be here. > * LSUB () "." "INBOX.shared.user1.in2007" > 0 OK Lsub completed. > 0 list (subscribed) "" "*" > * LIST (\NonExistent) "." "INBOX.shared.user1" > * LIST (\Subscribed) "." "INBOX.shared.user1.in2007" > 0 OK List completed. > > >>> ~testuser/Maildir/subscription now contains "shared.user1.in2007" > > Is this "INBOX.shared.user1" LSUB/LIST output correct? http://hg.dovecot.org/dovecot-2.1/rev/080c8f9521d2 should fix these and other related problems. From tss at iki.fi Fri Sep 16 15:01:11 2011 From: tss at iki.fi (Timo Sirainen) Date: Fri, 16 Sep 2011 15:01:11 +0300 Subject: [Dovecot] Deleted mailboxes with lazy_expunge In-Reply-To: <4E733205.5050406@um.es> References: <4E731C17.5090305@um.es> <1316167688.12936.61.camel@hurina> <4E733205.5050406@um.es> Message-ID: <1316174471.12936.70.camel@hurina> On Fri, 2011-09-16 at 13:24 +0200, Angel L. Mateo wrote: > > Sep 16 13:21:00 myotis30 dovecot: imap(angel.luis): Debug: Can't rename > 'kk' to '.DELETED/kk-20110916-132100': index dirs don't match > > I have try to remove the same folder without INDEX in mail_location. > Without this option it works. Alternatively you could add INDEX path to lazy_expunge namespaces and it would work. The important thing is that both source and destination either have or don't have INDEX path specified, but it can't be mixed. (Looks like I messed up those new debug messages - clarified them in hg now.) From tss at iki.fi Fri Sep 16 15:03:47 2011 From: tss at iki.fi (Timo Sirainen) Date: Fri, 16 Sep 2011 15:03:47 +0300 Subject: [Dovecot] Plugins: virtuals vs acls In-Reply-To: <4E733793.3030304@kraav.com> References: <4E733793.3030304@kraav.com> Message-ID: <1316174628.12936.72.camel@hurina> On Fri, 2011-09-16 at 14:48 +0300, Leho Kraav wrote: > dovecot-virtual: > * > all > > when dovecot-acl files restrict some subset of * for a user, does > dovecot respect these ACLs when collecting messages for virtual folder? If they aren't respected, it's a bug. From tss at iki.fi Fri Sep 16 15:08:23 2011 From: tss at iki.fi (Timo Sirainen) Date: Fri, 16 Sep 2011 15:08:23 +0300 Subject: [Dovecot] dovecot-virtual folder configuration In-Reply-To: <2a82c4fe9e3aba3c621fe9eb2e530200@mail3.serarien.com> References: <2a82c4fe9e3aba3c621fe9eb2e530200@mail3.serarien.com> Message-ID: <1316174903.12936.76.camel@hurina> On Fri, 2011-09-16 at 00:58 +0200, Pierre wrote: > Hi all, > > Long story short, I'd like to configure a folder containing: > > INBOX > (some other folders) > > -> unseen emails from these folders + all other emails (also seen) from > the same thread > -> seen emails from these folders, but only the recent ones + all other > emails from the same thread The "other mails from same thread" is still a bit problematic with virtual folders. From my TODO: - virtual: If last message matching INTHREAD rule gets expunged, the rest of the thread doesn't go away First you'll need to create a virtual folder that has all the mails that you would ever want to see in threads. For example: virtual/all/dovecot-virtual: ----- INBOX Sent some other folders all ----- Then based on that create the virtual mailbox you want: virtual/newstuff/dovecot-virtual: ----- virtual/all inthread refs or unseen recent ----- From tss at iki.fi Fri Sep 16 15:11:27 2011 From: tss at iki.fi (Timo Sirainen) Date: Fri, 16 Sep 2011 15:11:27 +0300 Subject: [Dovecot] Detecting duplicate messages with sieve In-Reply-To: <20110915220246.GA17639@none.at> References: <20110915220246.GA17639@none.at> Message-ID: <1316175087.12936.78.camel@hurina> On Fri, 2011-09-16 at 00:02 +0200, Aleksandar Lazic wrote: > "Detecting duplicate messages" .. > Is there a similar feature in sieve No. > or can I still use the upper setup? I think so. > Another question is about to add this header line in every mail. > > xfilter "${REFORMAIL} -a\"Lines: $LINES\"" What do you need it for? But nope, I don't think there's a way to do that with Sieve either. There's an extension to add headers, but it's not implemented yet. And I don't think there's a way to get the number of header lines. From tss at iki.fi Fri Sep 16 15:40:51 2011 From: tss at iki.fi (Timo Sirainen) Date: Fri, 16 Sep 2011 15:40:51 +0300 Subject: [Dovecot] [PATCH] SCRAM-SHA-1 authentication In-Reply-To: <4E729CBC.5080600@babelmonkeys.de> References: <4E729CBC.5080600@babelmonkeys.de> Message-ID: <1316176851.12936.91.camel@hurina> On Fri, 2011-09-16 at 02:47 +0200, Florian Zeitz wrote: > over the last days I have implemented SCRAM-SHA-1 in Dovecot's 2.1 > branch. It does not do SCRAM-SHA-1-PLUS, but should be extendable enough > to introduce it later. Looks pretty good. Below are a few things I noticed. I could fix these myself next week also, or you can do them during weekend if you want to. :) > I also note that there are a lot of fields in the scram_auth_request > struct. I think they are all there for a reason, however feel free to > prove me wrong. The username wouldn't necessarily have to be there. Also its name was confusing me for a while since I thought you were setting auth_request->user directly. > + snonce[i] = (snonce[i] % ('~' - '!')) + '!'; > + if (snonce[i] == ',') > + snonce[i] = '.'; Here '~' is actually never used. But a nice solution would be to simply replace ',' with '~' so '.' isn't more likely to occur than others. > + fields = t_strsplit((const char*)data, ","); Not safe. data isn't guaranteed to be NUL-terminated. One simple solution would be: t_strsplit(t_strndup(data, size), ",") And others: - Could be nicer if client->proof was stored base64-decoded, so its validity could be checked and also later there wouldn't be need to base64-encode signature when testing it. - There's no log message is authentication fails due to wrong password? - Doesn't verify_credentials() need to check the credentials in any way that it contains expected (sized) data? Anything is allowed? From tss at iki.fi Fri Sep 16 16:02:26 2011 From: tss at iki.fi (Timo Sirainen) Date: Fri, 16 Sep 2011 16:02:26 +0300 Subject: [Dovecot] sharing of non-INBOX namespaces? Re: imapc and imap_acl In-Reply-To: References: <57674CC7-1F64-4131-98C6-45CF8B54F23B@iki.fi> <20110913164631.GA1874905@gabi.sernet.de> <1316085138.12936.39.camel@hurina> Message-ID: <1316178147.12936.92.camel@hurina> On Thu, 2011-09-15 at 13:41 +0200, Lutz Pre?ler wrote: > > If you want to access also ~/Maildir2, you'd need to create a > > second shared namespace for it. > Maybe I mess something up the second time today - but I cannot get > it to work: Yeah, it didn't work. Fixed now in hg. From tss at iki.fi Fri Sep 16 16:09:23 2011 From: tss at iki.fi (Timo Sirainen) Date: Fri, 16 Sep 2011 16:09:23 +0300 Subject: [Dovecot] Dsync Permissions Issue In-Reply-To: <4E70D0A9.8060604@globalchangemusic.org> References: <4E70D0A9.8060604@globalchangemusic.org> Message-ID: <1316178563.12936.97.camel@hurina> On Wed, 2011-09-14 at 09:04 -0700, Asai wrote: > [root at triata ~]# dsync -v -u asai at globalchangemusic.org backup ssh > -p22222 vmail at xx.xxx.xx.xxx dsync -u asai at globalchangemusic.org > vmail at xx.xxx.xx.xxx's password: > dsync(vmail): Error: userdb lookup: > connect(/var/run/dovecot/auth-userdb) failed: Permission denied > (euid=1001(vmail) egid=1001(vmail) missing +r perm: > /var/run/dovecot/auth-userdb, euid is not dir owner) .. > service auth { > unix_listener auth-userdb { > group = vmail > mode = 0666 > user = vmail > } > user = root > } So clearly you've given more than necessary permissions in here. 0600 with user=vmail should be enough. But the permission problem isn't on the server where you ran this "doveconf -n". The problem is on your remote server's Dovecot config. BTW: > unix_listener auth-master { > group = vmail > mode = 0660 > user = vmail > } There's no reason to change this from defaults. From tss at iki.fi Fri Sep 16 16:11:11 2011 From: tss at iki.fi (Timo Sirainen) Date: Fri, 16 Sep 2011 16:11:11 +0300 Subject: [Dovecot] "Waiting for authentication process to respond" for invalid users with auth_dovecot In-Reply-To: References: Message-ID: <1316178672.12936.99.camel@hurina> On Tue, 2011-09-13 at 13:53 +0300, Ibrahim Harrani wrote: > I am testing dovecot 2.0.13 and 2.0.14 with qmail-ldap and > auth_dovecot patch. If i login to dovecot (pop3/imap) with correct > user and password. > no problem, I can login immediately. but if I try with nonexistant > user, dovecot does not immediate answer, wait for a while and says > "Waiting for authentication process to respond." > auth_dovecot process remains working in the background. > How can I avoid this situation? If auth_dovecot process keeps running, the bug is in auth_dovecot. I've never looked at it (or probably even heard of it). From micah at riseup.net Fri Sep 16 16:53:31 2011 From: micah at riseup.net (Micah Anderson) Date: Fri, 16 Sep 2011 09:53:31 -0400 Subject: [Dovecot] convert maildrop filter to sieve References: <20110915191524.GB29568@none.at> Message-ID: <87bouka90k.fsf@algae.riseup.net> Aleksandar Lazic writes: > Dear list member, > > does anybody have a script which can convert maildrop filter to sive > filter? I would also like this, but I'm afraid it may be too complicated due to the different possibilities. Moving to sieve from maildrop would be great, but in practice quite difficult to do when you have a large number of people with customized mailfilters. micah From tss at iki.fi Fri Sep 16 17:09:47 2011 From: tss at iki.fi (Timo Sirainen) Date: Fri, 16 Sep 2011 17:09:47 +0300 Subject: [Dovecot] v2.0.15 released Message-ID: <1316182189.12936.111.camel@hurina> http://dovecot.org/releases/2.0/dovecot-2.0.15.tar.gz http://dovecot.org/releases/2.0/dovecot-2.0.15.tar.gz.sig + doveadm altmove: Added -r parameter to move mails back to primary storage. - v2.0.14: Index reading could have eaten a lot of memory in some situations - doveadm index no longer affects future caching decisions - mbox: Fixed crash during mail delivery when mailbox didn't yet have GUID assigned to it. - zlib+mbox: Fetching last message from compressed mailboxes crashed. - lib-sql: Fixed load balancing and error handling when multiple hosts are used. From tss at iki.fi Fri Sep 16 17:11:11 2011 From: tss at iki.fi (Timo Sirainen) Date: Fri, 16 Sep 2011 17:11:11 +0300 Subject: [Dovecot] v2.1.alpha2 released Message-ID: <1316182272.12936.112.camel@hurina> http://dovecot.org/releases/2.1/alpha/dovecot-2.1.alpha2.tar.gz http://dovecot.org/releases/2.1/alpha/dovecot-2.1.alpha2.tar.gz.sig This is actually looking rather stable. I'm still calling it "alpha" in case I think of doing some more API changes, but I think the next one will be called "beta1", hopefully soon followed by "rc1". - Statistics gathering improvements (more fields) and fixes. - Lots of imapc fixes and improvements - Fixes to handling shared namespaces - Several other fixes From asai at globalchangemusic.org Fri Sep 16 18:17:12 2011 From: asai at globalchangemusic.org (Asai) Date: Fri, 16 Sep 2011 08:17:12 -0700 Subject: [Dovecot] Dsync Permissions Issue In-Reply-To: <1316178563.12936.97.camel@hurina> References: <4E70D0A9.8060604@globalchangemusic.org> <1316178563.12936.97.camel@hurina> Message-ID: <4E736878.5000103@globalchangemusic.org> Thank you for your assistance, I have changed permissions on the remote server and all is well. On 9/16/2011 6:09 AM, Timo Sirainen wrote: > On Wed, 2011-09-14 at 09:04 -0700, Asai wrote: > >> [root at triata ~]# dsync -v -u asai at globalchangemusic.org backup ssh >> -p22222 vmail at xx.xxx.xx.xxx dsync -u asai at globalchangemusic.org >> vmail at xx.xxx.xx.xxx's password: >> dsync(vmail): Error: userdb lookup: >> connect(/var/run/dovecot/auth-userdb) failed: Permission denied >> (euid=1001(vmail) egid=1001(vmail) missing +r perm: >> /var/run/dovecot/auth-userdb, euid is not dir owner) > .. >> service auth { >> unix_listener auth-userdb { >> group = vmail >> mode = 0666 >> user = vmail >> } >> user = root >> } > So clearly you've given more than necessary permissions in here. 0600 > with user=vmail should be enough. But the permission problem isn't on > the server where you ran this "doveconf -n". The problem is on your > remote server's Dovecot config. > > BTW: > >> unix_listener auth-master { >> group = vmail >> mode = 0660 >> user = vmail >> } > There's no reason to change this from defaults. > From simon.brereton at buongiorno.com Fri Sep 16 19:05:15 2011 From: simon.brereton at buongiorno.com (Simon Brereton) Date: Fri, 16 Sep 2011 12:05:15 -0400 Subject: [Dovecot] v2.0.15 released In-Reply-To: <1316182189.12936.111.camel@hurina> References: <1316182189.12936.111.camel@hurina> Message-ID: <001901cc748a$6cacbaf0$460630d0$@brereton@buongiorno.com> -----Original Message----- From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On Behalf Of Timo Sirainen http://dovecot.org/releases/2.0/dovecot-2.0.15.tar.gz http://dovecot.org/releases/2.0/dovecot-2.0.15.tar.gz.sig + doveadm altmove: Added -r parameter to move mails back to primary storage. - v2.0.14: Index reading could have eaten a lot of memory in some situations - doveadm index no longer affects future caching decisions - mbox: Fixed crash during mail delivery when mailbox didn't yet have GUID assigned to it. - zlib+mbox: Fetching last message from compressed mailboxes crashed. - lib-sql: Fixed load balancing and error handling when multiple hosts are used. ----------- I'll bite.. But it's probably not your concern. When will we be able to get stable 2.x packages for Debian? Apt installs 1.2.15-7 Thanks. Simon (Sorry about breaking the quotes) From odhiambo at gmail.com Fri Sep 16 19:08:24 2011 From: odhiambo at gmail.com (Odhiambo Washington) Date: Fri, 16 Sep 2011 19:08:24 +0300 Subject: [Dovecot] v2.1.alpha2 released In-Reply-To: <1316182272.12936.112.camel@hurina> References: <1316182272.12936.112.camel@hurina> Message-ID: On Fri, Sep 16, 2011 at 17:11, Timo Sirainen wrote: > http://dovecot.org/releases/2.1/alpha/dovecot-2.1.alpha2.tar.gz > http://dovecot.org/releases/2.1/alpha/dovecot-2.1.alpha2.tar.gz.sig > > This is actually looking rather stable. I'm still calling it "alpha" in > case I think of doing some more API changes, but I think the next one > will be called "beta1", hopefully soon followed by "rc1". > > - Statistics gathering improvements (more fields) and fixes. > - Lots of imapc fixes and improvements > - Fixes to handling shared namespaces > - Several other fixes > I am trying to compile on FreeBSD 8.2-STABLE with the following options: #!/bin/sh ./configure \ --prefix=/opt/dovecot2.1 \ --with-ioloop=kqueue \ --with-notify=kqueue \ --with-sql=yes \ --with-mysql \ --with-zlib \ --with-bzlib \ --with-ssl=openssl \ --with-storages="maildir mdbox sdbox cydir" And I get a failure, viz: jaribu# make make all-recursive Making all in . /bin/bash ./update-version.sh . . Making all in src Making all in lib-test Making all in lib make all-am Making all in lib-auth Making all in lib-charset Making all in lib-dns Making all in lib-fs Making all in lib-mail Making all in lib-imap Making all in lib-master Making all in lib-dict Making all in lib-settings Making all in lib-ssl-iostream /bin/bash ../../libtool --tag=CC --mode=link gcc -std=gnu99 -g -O2 -Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -Wstrict-aliasing=2 -export-dynamic -Wl,--as-needed -Wl,--no-undefined -o libdovecot-ssl.la-rpath /opt/dovecot2.1/lib/dovecot libssl_iostream.la ../lib/liblib.la -export-dynamic -lrt libtool: link: gcc -shared -fPIC -DPIC -Wl,--whole-archive ./.libs/libssl_iostream.a ../lib/.libs/liblib.a -Wl,--no-whole-archive -lssl -lcrypto -lrt -O2 -Wl,--as-needed -Wl,--no-undefined -Wl,-soname -Wl,libdovecot-ssl.so.0 -o .libs/libdovecot-ssl.so.0 ../lib/.libs/liblib.a(env-util.o)(.text+0x31): In function `env_get_environ_p': /usr/home/wash/Tools/Dovecot/dovecot-2.1.alpha2/src/lib/env-util.c:148: undefined reference to `environ' ../lib/.libs/liblib.a(env-util.o)(.text+0x1f8): In function `env_clean': /usr/home/wash/Tools/Dovecot/dovecot-2.1.alpha2/src/lib/env-util.c:71: undefined reference to `environ' *** Error code 1 Stop in /usr/home/wash/Tools/Dovecot/dovecot-2.1.alpha2/src/lib-ssl-iostream. *** Error code 1 Stop in /usr/home/wash/Tools/Dovecot/dovecot-2.1.alpha2/src. *** Error code 1 Stop in /usr/home/wash/Tools/Dovecot/dovecot-2.1.alpha2. *** Error code 1 Stop in /usr/home/wash/Tools/Dovecot/dovecot-2.1.alpha2. -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ I can't hear you -- I'm using the scrambler. Please consider the environment before printing this email. -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.png Type: image/png Size: 652 bytes Desc: not available URL: From odhiambo at gmail.com Fri Sep 16 19:09:47 2011 From: odhiambo at gmail.com (Odhiambo Washington) Date: Fri, 16 Sep 2011 19:09:47 +0300 Subject: [Dovecot] v2.0.15 released In-Reply-To: <4e7373ea.0a41df0a.7188.ffffcd51SMTPIN_ADDED@mx.google.com> References: <1316182189.12936.111.camel@hurina> <4e7373ea.0a41df0a.7188.ffffcd51SMTPIN_ADDED@mx.google.com> Message-ID: I think someone else is responsible for the Debianization of Dovecot, not Timo. On Fri, Sep 16, 2011 at 19:05, Simon Brereton wrote: > -----Original Message----- > From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On > Behalf Of Timo Sirainen > > http://dovecot.org/releases/2.0/dovecot-2.0.15.tar.gz > http://dovecot.org/releases/2.0/dovecot-2.0.15.tar.gz.sig > > + doveadm altmove: Added -r parameter to move mails back to primary > storage. > - v2.0.14: Index reading could have eaten a lot of memory in some > situations > - doveadm index no longer affects future caching decisions > - mbox: Fixed crash during mail delivery when mailbox didn't yet > have > GUID assigned to it. > - zlib+mbox: Fetching last message from compressed mailboxes > crashed. > - lib-sql: Fixed load balancing and error handling when multiple > hosts > are used. > > > ----------- > > I'll bite.. But it's probably not your concern. When will we be able to > get stable 2.x packages for Debian? Apt installs 1.2.15-7 > > Thanks. > > Simon > (Sorry about breaking the quotes) > > -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ I can't hear you -- I'm using the scrambler. Please consider the environment before printing this email. -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.png Type: image/png Size: 652 bytes Desc: not available URL: From eduardo at kalinowski.com.br Fri Sep 16 19:20:56 2011 From: eduardo at kalinowski.com.br (Eduardo M KALINOWSKI) Date: Fri, 16 Sep 2011 13:20:56 -0300 Subject: [Dovecot] v2.0.15 released In-Reply-To: <001901cc748a$6cacbaf0$460630d0$@brereton@buongiorno.com> References: <1316182189.12936.111.camel@hurina> <001901cc748a$6cacbaf0$460630d0$@brereton@buongiorno.com> Message-ID: <20110916132056.Horde.IMEjKcm_qOVOc3doMo93biA@mail.kalinowski.com.br> On Sex, 16 Set 2011, Simon Brereton wrote: > I'll bite.. But it's probably not your concern. When will we be > able to get stable 2.x packages for Debian? Apt installs 1.2.15-7 In Debian stable? Only when the next stable version (wheezy) is released. Not in squeeze. Though perhaps a backport might appear. -- Colors may fade in time. Eduardo M KALINOWSKI eduardo at kalinowski.com.br From kuizhang at gmail.com Fri Sep 16 21:10:25 2011 From: kuizhang at gmail.com (Kui Zhang) Date: Fri, 16 Sep 2011 11:10:25 -0700 Subject: [Dovecot] outlook 2007 very slow. Message-ID: Hello I have a user with 2500+ sub folders. Total mailboxes size is around 6G. (mdbox, dovecot 2:2.0.14) Syncing/Receiving appears to be slow, with outlook 2007. He does not want to switch to an alternative, due to various reasons. I did not find any error logs indicate issues. during idle, imap process appears to loop at adding inotify watches to all folders. I found outlook-idle in wiki, but it is obsolete. doveconf: Warning: Obsolete setting in /etc/dovecot/conf.d/20-imap.conf:55: imap_client_workarounds=outlook-idle is no longer necessary Any one else having similar issue? Anything else I should do to narrow down the issue? Thanks KuiZ From robert at schetterer.org Fri Sep 16 21:47:20 2011 From: robert at schetterer.org (Robert Schetterer) Date: Fri, 16 Sep 2011 20:47:20 +0200 Subject: [Dovecot] v2.0.15 released In-Reply-To: <20110916132056.Horde.IMEjKcm_qOVOc3doMo93biA@mail.kalinowski.com.br> References: <1316182189.12936.111.camel@hurina> <001901cc748a$6cacbaf0$460630d0$@brereton@buongiorno.com> <20110916132056.Horde.IMEjKcm_qOVOc3doMo93biA@mail.kalinowski.com.br> Message-ID: <4E7399B8.70904@schetterer.org> Am 16.09.2011 18:20, schrieb Eduardo M KALINOWSKI: > On Sex, 16 Set 2011, Simon Brereton wrote: >> I'll bite.. But it's probably not your concern. When will we be able >> to get stable 2.x packages for Debian? Apt installs 1.2.15-7 > > In Debian stable? Only when the next stable version (wheezy) is > released. Not in squeeze. Though perhaps a backport might appear. > > http://xi.rename-it.nl/debian has a up2date repository -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria From Lutz.Pressler at SerNet.DE Fri Sep 16 22:19:57 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Fri, 16 Sep 2011 21:19:57 +0200 Subject: [Dovecot] sharing of non-INBOX namespaces? Re: imapc and imap_acl In-Reply-To: <1316178147.12936.92.camel@hurina> References: <57674CC7-1F64-4131-98C6-45CF8B54F23B@iki.fi> <20110913164631.GA1874905@gabi.sernet.de> <1316085138.12936.39.camel@hurina> <1316178147.12936.92.camel@hurina> Message-ID: Timo, On Fri, 16 Sep 2011, Timo Sirainen wrote: > On Thu, 2011-09-15 at 13:41 +0200, Lutz Pre?ler wrote: > > > > If you want to access also ~/Maildir2, you'd need to create a > > > second shared namespace for it. > > Maybe I mess something up the second time today - but I cannot get > > it to work: > > Yeah, it didn't work. Fixed now in hg. multiple shared namespaces do work now, but: I retried to have in otherssecond prefix = INBOX.shared.%%u.second. location = maildir:%%h/Maildir2:INDEX=~/Maildir/shared/%%u/second This is found to be a configuration error: Sep 16 20:49:32 host dovecot: imap(5025, testuser): Error: user lpmail: Initialization failed: namespace configuration error: Dupl icate namespace prefix: "INBOX.shared." Sep 16 20:49:32 host dovecot: imap(5025, testuser): Error: Invalid user settings. Refer to server log for more information. I think the test is too strict, as in general "prefix = bla.%%u.blubb." does work for a shared namespace. Or is there some other problem with this attempt to manually map source to destination structure? Btw, I found a SIGSEGV when SELECTing INBOX.shared. I'll send it seperately. Have a nice weekend, Lutz From Lutz.Pressler at SerNet.DE Fri Sep 16 23:06:15 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Fri, 16 Sep 2011 22:06:15 +0200 Subject: [Dovecot] imapc and imap_acl In-Reply-To: <20110913164631.GA1874905@gabi.sernet.de> References: <57674CC7-1F64-4131-98C6-45CF8B54F23B@iki.fi> <20110913164631.GA1874905@gabi.sernet.de> Message-ID: On Tue, 13 Sep 2011, Lutz Pre?ler wrote: > On Di, 13 Sep 2011, Timo Sirainen wrote: > > You mean you'd want local ACLs that apply to imapc mailboxes? > Yes, exactly. Great for "integrating" legacy IMAP servers without e.g. > ACL support. ... but as long as imapc parameters are global that's of no real use, I just realized... > > I think that should work. For example if you set: > > > > mail_location = imapc:~/imapc > > Then for mailbox foo/bar the ACL file should be in ~/imapc/.foo.bar/dovecot-acl > It almost works: > Sep 13 18:37:58 hhh dovecot: imap(4482, uuu): Error: file_dotlock_open(/home/uuu/Maildir/gmail/.[Gmail].Alle Nachrichten > /dovecot-acl) failed: No such file or directory > After manually creating the ".[Gmail].Alle Nachrichten" directory, SETACL > succeeds. ... so this does not really matter yet. Lutz From tss at iki.fi Fri Sep 16 23:55:15 2011 From: tss at iki.fi (Timo Sirainen) Date: Fri, 16 Sep 2011 23:55:15 +0300 Subject: [Dovecot] v2.1.alpha2 released In-Reply-To: References: <1316182272.12936.112.camel@hurina> Message-ID: <2B96294B-2E59-45F0-B614-554D193CAAE2@iki.fi> On 16.9.2011, at 19.08, Odhiambo Washington wrote: > /usr/home/wash/Tools/Dovecot/dovecot-2.1.alpha2/src/lib/env-util.c:148: > undefined reference to `environ' Hmm. I suppose it works if you remove this line from configure: NOPLUGIN_LDFLAGS="-Wl,--as-needed -Wl,--no-undefined" and then re-configure + make. I wonder what's the difference to Linux.. From stephan at rename-it.nl Sat Sep 17 00:11:24 2011 From: stephan at rename-it.nl (Stephan Bosch) Date: Fri, 16 Sep 2011 23:11:24 +0200 Subject: [Dovecot] v2.0.15 released In-Reply-To: <4E7399B8.70904@schetterer.org> References: <1316182189.12936.111.camel@hurina> <001901cc748a$6cacbaf0$460630d0$@brereton@buongiorno.com> <20110916132056.Horde.IMEjKcm_qOVOc3doMo93biA@mail.kalinowski.com.br> <4E7399B8.70904@schetterer.org> Message-ID: <4E73BB7C.3050406@rename-it.nl> Op 16-9-2011 20:47, Robert Schetterer schreef: > http://xi.rename-it.nl/debian has a up2date repository Yes, extremely up-to-date. So, just don't forget to mention that this repository is not for production setups. Regards, Stephan. From stephan at rename-it.nl Sat Sep 17 00:35:40 2011 From: stephan at rename-it.nl (Stephan Bosch) Date: Fri, 16 Sep 2011 23:35:40 +0200 Subject: [Dovecot] Sieve envelope :detail "to" "extention" does not deliver to fileinto destination In-Reply-To: <20110915191332.GA29568@none.at> References: <20110912171448.GB320@none.at> <4E71C573.2040407@rename-it.nl> <20110915191332.GA29568@none.at> Message-ID: <4E73C12C.2050803@rename-it.nl> Hi Aleksandar, Op 15-9-2011 21:13, Aleksandar Lazic schreef: > Dear Stephan, > > [...] > debug_log "envelope to `${1}'"; > debug_log "envelope to detail `${detail}'"; <= is this a default > variable? Eh, no. > I get > === > sieve: info: started log at Sep 15 21:07:07. > lists.sieve: line 15: info: DEBUG: envelope to `al-pdnsusers at none.at'. > lists.sieve: line 16: info: DEBUG: envelope to detail `'. > info: msgid=<20110915190707.256ED9FECC31 at external.none.at>: stored mail > into mailbox 'Lists.pdnsusers'. > === > > Is there a possibility to print the :detail from the subaddress module? > Maybe like > > Pseudocode: > === > set "detail" :detail if :detail not empty > === Let's just print all relevant stuff: === require "vnd.dovecot.debug"; require "envelope"; require "variables"; require "subaddress"; if envelope :matches "to" "*" { debug_log "envelope to `${1}'"; } if envelope :localpart :matches "to" "*" { debug_log "envelope to; localpart `${1}'"; } if envelope :user :matches "to" "*" { debug_log "envelope to; user `${1}'"; } /* This will print nothing if there is no detail */ if envelope :detail :matches "to" "*" { debug_log "envelope to; detail `${1}'"; } === Yielding, e.g.: === main_script: line 6: info: DEBUG: envelope to `stephan-frop at rename-it.nl'. main_script: line 7: info: DEBUG: envelope to; localpart `stephan-frop'. main_script: line 8: info: DEBUG: envelope to; user `stephan'. main_script: line 9: info: DEBUG: envelope to; detail `frop'. info: msgid=unspecified: stored mail into mailbox 'INBOX'. === > Is there a possibility to dump all variables? > Are there any default variables in variables module? There are no variables defined other than those that you define (using the set command or implicitly for match values). > > What does I make wrong that I haven't the :detail from the subaddress?! My guess is that you need to add the recipient_delimiter setting to the plugin section also: plugin { recipient_delimiter = - } Matbe this should be unified somehow. Regards, Stephan. From stephan at rename-it.nl Sat Sep 17 02:30:23 2011 From: stephan at rename-it.nl (Stephan Bosch) Date: Sat, 17 Sep 2011 01:30:23 +0200 Subject: [Dovecot] Sieve envelope :detail "to" "extention" does not deliver to fileinto destination In-Reply-To: <4E73C12C.2050803@rename-it.nl> References: <20110912171448.GB320@none.at> <4E71C573.2040407@rename-it.nl> <20110915191332.GA29568@none.at> <4E73C12C.2050803@rename-it.nl> Message-ID: <4E73DC0F.6060903@rename-it.nl> Op 16-9-2011 23:35, Stephan Bosch schreef: > > My guess is that you need to add the recipient_delimiter setting to > the plugin section also: > > plugin { > recipient_delimiter = - > } > > Matbe this should be unified somehow. > This should be fixed in hg now. Regards, Stephan. From henson at acm.org Sat Sep 17 03:38:20 2011 From: henson at acm.org (Paul B. Henson) Date: Fri, 16 Sep 2011 17:38:20 -0700 Subject: [Dovecot] mysql auth failover failing In-Reply-To: <1316164896.12936.57.camel@hurina> References: <4E6ACC6C.6020200@acm.org> <1316084011.12936.31.camel@hurina> <4E72924D.8090709@acm.org> <1316164896.12936.57.camel@hurina> Message-ID: <4E73EBFC.3010409@acm.org> On 9/16/2011 2:21 AM, Timo Sirainen wrote: >> As far as I can tell, it still doesn't do load balancing. > > Oh. http://hg.dovecot.org/dovecot-2.0/rev/327698228158 should finally > fix it. :) I installed the new 2.0.15 release including this change, and can confirm it does now successfully load balance across my two servers. Not only that, but with this change, there are no failed authentications at all when one of the servers goes away :). I have it running on one of my three production mail servers now, and barring any unexpected issues will deploy it on the other two next week, and then we'll be sitting pretty ;). Thanks again... -- Paul B. Henson | (909) 979-6361 | http://www.csupomona.edu/~henson/ Operating Systems and Network Analyst | henson at csupomona.edu California State Polytechnic University | Pomona CA 91768 From robert at schetterer.org Sat Sep 17 10:46:15 2011 From: robert at schetterer.org (Robert Schetterer) Date: Sat, 17 Sep 2011 09:46:15 +0200 Subject: [Dovecot] v2.0.15 released In-Reply-To: <4E73BB7C.3050406@rename-it.nl> References: <1316182189.12936.111.camel@hurina> <001901cc748a$6cacbaf0$460630d0$@brereton@buongiorno.com> <20110916132056.Horde.IMEjKcm_qOVOc3doMo93biA@mail.kalinowski.com.br> <4E7399B8.70904@schetterer.org> <4E73BB7C.3050406@rename-it.nl> Message-ID: <4E745047.3010507@schetterer.org> Am 16.09.2011 23:11, schrieb Stephan Bosch: > Op 16-9-2011 20:47, Robert Schetterer schreef: >> http://xi.rename-it.nl/debian has a up2date repository > > Yes, extremely up-to-date. So, just don't forget to mention that this > repository is not for production setups. > > Regards, > > Stephan. anyway i used it in production, with small problems since ever so thx ! -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria From odhiambo at gmail.com Sat Sep 17 11:45:27 2011 From: odhiambo at gmail.com (Odhiambo Washington) Date: Sat, 17 Sep 2011 11:45:27 +0300 Subject: [Dovecot] v2.1.alpha2 released In-Reply-To: <2B96294B-2E59-45F0-B614-554D193CAAE2@iki.fi> References: <1316182272.12936.112.camel@hurina> <2B96294B-2E59-45F0-B614-554D193CAAE2@iki.fi> Message-ID: On Fri, Sep 16, 2011 at 23:55, Timo Sirainen wrote: > On 16.9.2011, at 19.08, Odhiambo Washington wrote: > > > /usr/home/wash/Tools/Dovecot/dovecot-2.1.alpha2/src/lib/env-util.c:148: > > undefined reference to `environ' > > Hmm. I suppose it works if you remove this line from configure: > > NOPLUGIN_LDFLAGS="-Wl,--as-needed -Wl,--no-undefined" > > and then re-configure + make. I wonder what's the difference to Linux.. > > Yes, that made it work. You are welcome to login to this box and spot the difference to Linux :-) -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ I can't hear you -- I'm using the scrambler. Please consider the environment before printing this email. -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.png Type: image/png Size: 652 bytes Desc: not available URL: From al-dovecot at none.at Sat Sep 17 13:52:08 2011 From: al-dovecot at none.at (Aleksandar Lazic) Date: Sat, 17 Sep 2011 12:52:08 +0200 Subject: [Dovecot] Sieve envelope :detail "to" "extention" does not deliver to fileinto destination In-Reply-To: <4E73DC0F.6060903@rename-it.nl> References: <20110912171448.GB320@none.at> <4E71C573.2040407@rename-it.nl> <20110915191332.GA29568@none.at> <4E73C12C.2050803@rename-it.nl> <4E73DC0F.6060903@rename-it.nl> Message-ID: <20110917105208.GA31187@none.at> Dear Stephan, On Sam 17.09.2011 01:30, Stephan Bosch wrote: >Op 16-9-2011 23:35, Stephan Bosch schreef: >> >>My guess is that you need to add the recipient_delimiter setting to >>the plugin section also: >> >>plugin { >>recipient_delimiter = - >>} >> >>Matbe this should be unified somehow. >> > >This should be fixed in hg now. Your guess was right, thanks. Thanks also that the next release will use the global recipient_delimiter. Aleks From al-dovecot at none.at Sat Sep 17 13:54:57 2011 From: al-dovecot at none.at (Aleksandar Lazic) Date: Sat, 17 Sep 2011 12:54:57 +0200 Subject: [Dovecot] Detecting duplicate messages with sieve In-Reply-To: <1316175087.12936.78.camel@hurina> References: <20110915220246.GA17639@none.at> <1316175087.12936.78.camel@hurina> Message-ID: <20110917105457.GB31187@none.at> On Fre 16.09.2011 15:11, Timo Sirainen wrote: >On Fri, 2011-09-16 at 00:02 +0200, Aleksandar Lazic wrote: > >> "Detecting duplicate messages" >.. >> Is there a similar feature in sieve > >No. > >> or can I still use the upper setup? > >I think so. Maybe I have overseen this possibiliy but how an I execute a shell command in LDA / Sieve? >> Another question is about to add this header line in every mail. >> >> xfilter "${REFORMAIL} -a\"Lines: $LINES\"" > >What do you need it for? But nope, I don't think there's a way to do >that with Sieve either. There's an extension to add headers, but it's >not implemented yet. And I don't think there's a way to get the number >of header lines. Well this was for the mutt mail client. Maildrop saves the whole line of a mail into LINES-ENV-Variable. It was just a question, maybe a feature request ;-) Cheers Aleks From zash at zash.se Sat Sep 17 15:30:48 2011 From: zash at zash.se (Kim Alvefur) Date: Sat, 17 Sep 2011 14:30:48 +0200 Subject: [Dovecot] Auth protocol and XMPP Message-ID: <1316262648.7480.37.camel@carcharodon> Hello. I've written an authentication backend for the XMPP server Prosody, which makes it use Dovecots auth socket and protocol, and letting the client use any SASL mechanism Dovecot offers. However, setups using the full user at domain as authnid won't work, due to most XMPP clients assuming that the authnid is the localpart. I want to avoid hardcoding it to PLAIN, or otherwise doing MITM/rewrites if possible. (There exists an older auth backend that does just that already) Ideas? -- Kim Alvefur From ef at math.uni-bonn.de Sat Sep 17 17:16:53 2011 From: ef at math.uni-bonn.de (=?iso-8859-1?Q?Edgar_Fu=DF?=) Date: Sat, 17 Sep 2011 16:16:53 +0200 Subject: [Dovecot] FreeBSD compilation issues (was: v2.1.alpha2 released) In-Reply-To: References: <1316182272.12936.112.camel@hurina> <2B96294B-2E59-45F0-B614-554D193CAAE2@iki.fi> Message-ID: <3A33324B-98AF-41B0-A591-6FFBA1A359CE@math.uni-bonn.de> > You are welcome to login to this box and spot the difference to Linux Could this be a problem similar to that mentioned in http://mail-index.NetBSD.org/tech-pkg/2011/09/05/msg007628.html and its follow-ups? From mr88talent at gmail.com Sun Sep 18 00:39:54 2011 From: mr88talent at gmail.com (Gary V) Date: Sat, 17 Sep 2011 15:39:54 -0600 Subject: [Dovecot] default_pass_scheme = PLAIN and blank password Message-ID: I'm using Dovecot 1.2.15 on Ubuntu, but I think this applies to other versions as well. I store user info and passwords in MySQL. It appears 'default_pass_scheme = PLAIN' allows blank passwords. My question is: Is this a bug or is this by design? If it is by design, is there a setting that I'm not aware of that changes this behavior? Of course let me know if you need additional info on the setup I'm using. Thank you, Gary V From florob at babelmonkeys.de Sun Sep 18 04:44:48 2011 From: florob at babelmonkeys.de (Florian Zeitz) Date: Sun, 18 Sep 2011 03:44:48 +0200 Subject: [Dovecot] [PATCH] SCRAM-SHA-1 authentication In-Reply-To: <1316176851.12936.91.camel@hurina> References: <4E729CBC.5080600@babelmonkeys.de> <1316176851.12936.91.camel@hurina> Message-ID: <4E754D10.5010404@babelmonkeys.de> Am 16.09.2011 14:40, schrieb Timo Sirainen: > On Fri, 2011-09-16 at 02:47 +0200, Florian Zeitz wrote: > > Looks pretty good. Below are a few things I noticed. I could fix these > myself next week also, or you can do them during weekend if you want > to. :) > I decided to do it myself, hope this fixes all issues. > - Could be nicer if client->proof was stored base64-decoded, so its > validity could be checked and also later there wouldn't be need to > base64-encode signature when testing it. > > - Doesn't verify_credentials() need to check the credentials in any way > that it contains expected (sized) data? Anything is allowed? > I don't think it needs to. The password read from the database can legitimately have any length and from the client it just takes a base64 encoded SHA-1 hash. The correct size of that was previously implicitly checked when comparing the base64 encoded data (strings of different length don't compare equal). It's now explicitly checked after base64 decoding the client proof. -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: scram-sha-1.exp URL: From Lutz.Pressler at SerNet.DE Sun Sep 18 14:27:54 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Sun, 18 Sep 2011 13:27:54 +0200 Subject: [Dovecot] 2.1: problems compiling fts-lucene - CLucene git version necessary? In-Reply-To: <7C9B9C67-A1FD-472B-8514-BC54F1B01D00@iki.fi> References: <7C9B9C67-A1FD-472B-8514-BC54F1B01D00@iki.fi> Message-ID: Hello, On So, 11 Sep 2011, Timo Sirainen wrote: > On 11.9.2011, at 22.22, Lutz Pre?ler wrote: > > I have problems recompiling the Debian squeeze auto build packages > > with "--with-lecene". Is the git (2.3) version of CLucene necessary? > Yes. Ok, I now tried to test with clucene-core-2.3.3.4. Quite unsucessfully... I built libclucene-core-static.a and libclucene-shared-static.a after changing the cmake option (BUILD_STATIC_LIBRARIES). But despite enabling BUILD_CONTRIBS, BUILD_CONTRIBS_LIB no snowball/libstemmer has been build. (I am quite unfamiliar with the cmake process. Timo, maybe you can document how you build clucene - if you do it youself.) Anyway, I then changed the Debian auto package source to configure --with-lucene (but not --with-stemmer), and added/changed include paths and the static library to get lib21_fts_lucene_plugin.so (and doveadm/lib20_doveadm_fts_lucene_plugin.so). Adding "fts and fts_lucene" to mail_plugins and "fts = lucene" in plugin section this loads fine. But: trying to use it with SEARCH yields dovecot: imap(...): Error: fts_lucene: default_language set, but Dovecot built without stemmer support (and 3 times Error: fts: Failed to initialize backend 'lucene': Invalid fts_lucene setting) In fts_lucene_plugin_init_settings (src/plugins/fts-lucene/fts-lucene-plugin.c) default_language is initally set to 'english', and I don't find a way to get it unset. Adding to plugin section fts_lucene = default_language= or fts_lucene = default_language="" does not work. Bug? I changed the source (set variable to NULL before interpreting the settings) to fix this. Now it's crashing though when trying a SEARCH. In crc32_str_more (crc=0, str=0x0) at crc32.c:87 87 for (; *p != '\0'; p++) (dovecot src/lib/crc32.c, not clucene). I'll send the full back trace seperately. Lutz From serarien at baqs.net Sun Sep 18 20:06:42 2011 From: serarien at baqs.net (Pierre) Date: Sun, 18 Sep 2011 19:06:42 +0200 Subject: [Dovecot] dovecot-virtual folder configuration In-Reply-To: <1316174903.12936.76.camel@hurina> References: <2a82c4fe9e3aba3c621fe9eb2e530200@mail3.serarien.com> <1316174903.12936.76.camel@hurina> Message-ID: <20110918170642.GA15868@mail3.serarien.com> Thanks for the tip Timo. I was trying to make this work, when I got stupid issue: I named my namespace "#virtual", but putting "#" at the beginning of dovecot-virtual line makes it be a comment. I tryed with '#", \#... without success Is there any method to make it work ? thx, Pierre On 16/sept. - 15:08, Timo Sirainen wrote: > On Fri, 2011-09-16 at 00:58 +0200, Pierre wrote: > > Hi all, > > > > Long story short, I'd like to configure a folder containing: > > > > INBOX > > (some other folders) > > > > -> unseen emails from these folders + all other emails (also seen) from > > the same thread > > -> seen emails from these folders, but only the recent ones + all other > > emails from the same thread > > The "other mails from same thread" is still a bit problematic with > virtual folders. From my TODO: > > - virtual: If last message matching INTHREAD rule gets expunged, the rest of > the thread doesn't go away > > First you'll need to create a virtual folder that has all the mails that > you would ever want to see in threads. For example: > > virtual/all/dovecot-virtual: > ----- > INBOX > Sent > some > other > folders > all > ----- > > Then based on that create the virtual mailbox you want: > > virtual/newstuff/dovecot-virtual: > ----- > virtual/all > inthread refs or unseen recent > ----- > From micah at riseup.net Mon Sep 19 01:27:10 2011 From: micah at riseup.net (Micah Anderson) Date: Sun, 18 Sep 2011 18:27:10 -0400 Subject: [Dovecot] v2.0.15 released References: <1316182189.12936.111.camel@hurina> <18462.520853109$1316189132@news.gmane.org> Message-ID: <87k4951o75.fsf@algae.riseup.net> "Simon Brereton" writes: > I'll bite.. But it's probably not your concern. When will we be able > to get stable 2.x packages for Debian? Apt installs 1.2.15-7 2.x packages are available in Debian Wheezy and Sid. A backport to Squeeze (stable) will be made once the 1.x transition packages make it into Wheezy (~10 days from now). micah From al-dovecot at none.at Mon Sep 19 04:24:18 2011 From: al-dovecot at none.at (Aleksandar Lazic) Date: Mon, 19 Sep 2011 03:24:18 +0200 Subject: [Dovecot] convert maildrop filter to sieve In-Reply-To: <87bouka90k.fsf@algae.riseup.net> References: <20110915191524.GB29568@none.at> <87bouka90k.fsf@algae.riseup.net> Message-ID: <20110919012417.GA30394@none.at> Hi Micah, On Fre 16.09.2011 09:53, Micah Anderson wrote: >Aleksandar Lazic writes: > >> Dear list member, >> >> does anybody have a script which can convert maildrop filter to sive >> filter? > >I would also like this, but I'm afraid it may be too complicated due to >the different possibilities. Moving to sieve from maildrop would be >great, but in practice quite difficult to do when you have a large >number of people with customized mailfilters. I have written a small script for me to convert my mailfilter into sieve. There are some manual fixes which I make after a script run but there are so less that I have decided to show it to the list ;-) Maybe someone can use it also for the migration. BR Aleks -------------- next part -------------- A non-text attachment was scrubbed... Name: convert_maildropfilter_sieve.pl Type: application/x-perl Size: 8254 bytes Desc: not available URL: From tom at elysium.ltd.uk Mon Sep 19 11:27:41 2011 From: tom at elysium.ltd.uk (Tom Clark) Date: Mon, 19 Sep 2011 09:27:41 +0100 Subject: [Dovecot] mail_max_userip_connections=10 Message-ID: <002d01cc76a5$ff88f970$fe9aec50$@elysium.ltd.uk> Hi, A couple of questions rather than a problem for once! We've got our Dovecot server running smoothly now apart from our MD. He's having problems with mail_max_userip_connections. He has 3 (Phone/Laptop/Tablet) items that all connect to the server at about the same time. Which means he's frequently running over the max_userip_connections. My questions are: Is there anyway of whitelisting an IP so that it can ignore mail_max_userip_connections=10? What should we set mail_max_userip_connections too realistically? 10 seems a bit low? Thanks Tom From amateo at um.es Mon Sep 19 12:07:51 2011 From: amateo at um.es (Angel L. Mateo) Date: Mon, 19 Sep 2011 11:07:51 +0200 Subject: [Dovecot] Deleted mailboxes with lazy_expunge In-Reply-To: <1316174471.12936.70.camel@hurina> References: <4E731C17.5090305@um.es> <1316167688.12936.61.camel@hurina> <4E733205.5050406@um.es> <1316174471.12936.70.camel@hurina> Message-ID: <4E770667.7060609@um.es> El 16/09/11 14:01, Timo Sirainen escribi?: > On Fri, 2011-09-16 at 13:24 +0200, Angel L. Mateo wrote: >> >> Sep 16 13:21:00 myotis30 dovecot: imap(angel.luis): Debug: Can't rename >> 'kk' to '.DELETED/kk-20110916-132100': index dirs don't match >> >> I have try to remove the same folder without INDEX in mail_location. >> Without this option it works. > > Alternatively you could add INDEX path to lazy_expunge namespaces and it > would work. The important thing is that both source and destination > either have or don't have INDEX path specified, but it can't be mixed. > (Looks like I messed up those new debug messages - clarified them in hg > now.) > > OK. I have configured all namespaces with the same INDEX path and the problem is solved. Thank you, Timo. -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n _o) y las Comunicaciones Aplicadas (ATICA) / \\ http://www.um.es/atica _(___V Tfo: 868887590 Fax: 868888337 From paulg at cse.yorku.ca Mon Sep 19 15:29:37 2011 From: paulg at cse.yorku.ca (Paul Griffith) Date: Mon, 19 Sep 2011 08:29:37 -0400 Subject: [Dovecot] mail_max_userip_connections=10 In-Reply-To: <002d01cc76a5$ff88f970$fe9aec50$@elysium.ltd.uk> References: <002d01cc76a5$ff88f970$fe9aec50$@elysium.ltd.uk> Message-ID: <4E7735B1.5000501@cse.yorku.ca> On 09/19/11 04:27, Tom Clark wrote: > Hi, > > > > A couple of questions rather than a problem for once! > > > > We've got our Dovecot server running smoothly now apart from our MD. He's > having problems with mail_max_userip_connections. He has 3 > (Phone/Laptop/Tablet) items that all connect to the server at about the same > time. Which means he's frequently running over the max_userip_connections. > > > > My questions are: > > > > Is there anyway of whitelisting an IP so that it can ignore > mail_max_userip_connections=10? > > > > What should we set mail_max_userip_connections too realistically? 10 seems a > bit low? > Hi Tom, The setting mail_max_userip_connections is per IP. from 20-imap.conf (version 2.0.13, the version we are running) # Maximum number of IMAP connections allowed for a user from each IP address. # NOTE: The username is compared case-sensitively. #mail_max_userip_connections = 10 I am going to assume he has a different IP for each device, in this case that would allow up to 30 connections. You need to post your 'doveconf -n' output! Cheers, Paul From tom at elysium.ltd.uk Mon Sep 19 15:36:53 2011 From: tom at elysium.ltd.uk (Tom Clark) Date: Mon, 19 Sep 2011 13:36:53 +0100 Subject: [Dovecot] mail_max_userip_connections=10 In-Reply-To: <4E7735B1.5000501@cse.yorku.ca> References: <002d01cc76a5$ff88f970$fe9aec50$@elysium.ltd.uk> <4E7735B1.5000501@cse.yorku.ca> Message-ID: <006e01cc76c8$cf849090$6e8db1b0$@elysium.ltd.uk> Hi Paul, It's coming from the same IP address through his ADSL. Hence he gets the problem with max_userip_connections. I think I tracked down the problem. He's been using K9 mail which seems to have a problem where it doesn't release a connection and has 1 connection per subscribed folder.... Ta, Tom -----Original Message----- From: Paul Griffith [mailto:paulg at cse.yorku.ca] Sent: 19 September 2011 1:30 PM To: Tom Clark Cc: dovecot at dovecot.org Subject: Re: [Dovecot] mail_max_userip_connections=10 On 09/19/11 04:27, Tom Clark wrote: > Hi, > > > > A couple of questions rather than a problem for once! > > > > We've got our Dovecot server running smoothly now apart from our MD. > He's having problems with mail_max_userip_connections. He has 3 > (Phone/Laptop/Tablet) items that all connect to the server at about > the same time. Which means he's frequently running over the max_userip_connections. > > > > My questions are: > > > > Is there anyway of whitelisting an IP so that it can ignore > mail_max_userip_connections=10? > > > > What should we set mail_max_userip_connections too realistically? 10 > seems a bit low? > Hi Tom, The setting mail_max_userip_connections is per IP. from 20-imap.conf (version 2.0.13, the version we are running) # Maximum number of IMAP connections allowed for a user from each IP address. # NOTE: The username is compared case-sensitively. #mail_max_userip_connections = 10 I am going to assume he has a different IP for each device, in this case that would allow up to 30 connections. You need to post your 'doveconf -n' output! Cheers, Paul From tss at iki.fi Mon Sep 19 18:35:40 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 19 Sep 2011 18:35:40 +0300 Subject: [Dovecot] 2.1: problems compiling fts-lucene - CLucene git version necessary? In-Reply-To: References: <7C9B9C67-A1FD-472B-8514-BC54F1B01D00@iki.fi> Message-ID: <1316446540.12936.114.camel@hurina> On Sun, 2011-09-18 at 13:27 +0200, Lutz Pre?ler wrote: > Hello, > On So, 11 Sep 2011, Timo Sirainen wrote: > > On 11.9.2011, at 22.22, Lutz Pre?ler wrote: > > > I have problems recompiling the Debian squeeze auto build packages > > > with "--with-lecene". Is the git (2.3) version of CLucene necessary? > > Yes. > Ok, I now tried to test with clucene-core-2.3.3.4. Quite unsucessfully... > I built libclucene-core-static.a and libclucene-shared-static.a after > changing the cmake option (BUILD_STATIC_LIBRARIES). But despite enabling > BUILD_CONTRIBS, BUILD_CONTRIBS_LIB no snowball/libstemmer has been build. You need to install libstemmer separately. I think I used http://snowball.tartarus.org/dist/libstemmer_c.tgz > dovecot: imap(...): Error: fts_lucene: default_language set, but Dovecot built without stemmer support Fixed: http://hg.dovecot.org/dovecot-2.1/rev/02c84406c661 From list at airstreamcomm.net Mon Sep 19 18:55:53 2011 From: list at airstreamcomm.net (list at airstreamcomm.net) Date: Mon, 19 Sep 2011 10:55:53 -0500 Subject: [Dovecot] ODBC support Message-ID: I was wondering if ODBC support was on the road map for Dovecot, or if it has ever been discussed? Thanks. From micah at riseup.net Mon Sep 19 20:19:07 2011 From: micah at riseup.net (Micah Anderson) Date: Mon, 19 Sep 2011 13:19:07 -0400 Subject: [Dovecot] dsync with quotas Message-ID: <8762kozbzo.fsf@algae.riseup.net> I have been working on converting people from courier maildir -> dovecot mdbox and during some of the dsync runs I'm seeing the quota_exceeded_message be printed as an Error: dsync(): Error: Can't save message to mailbox INBOX: You are over quota. To avoid losing mail, immediately empty your Trash and Sent folders and \ delete emails with large attachments. dsync(): Info: INBOX: Couldn't keep all uids^M Its possible the user was over quota on the originating courier side, but I would still like to migrate their mail proprely to mdbox, but it seems like being over quota is inhibiting that. Are the quota calculations including both the maildir files as well as the converted mdbox files, resulting in a double counting? I'm not entirely sure if the messages above indicate that the migration failed for that user or not, so I've been manually increasing their quota, then redoing the dsync mirror until it works properly. I wonder if it would be better if I turned off quota entirely during migration so I don't run into this problem? thanks, micah -- -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 835 bytes Desc: not available URL: From asai at globalchangemusic.org Mon Sep 19 20:43:57 2011 From: asai at globalchangemusic.org (Asai) Date: Mon, 19 Sep 2011 10:43:57 -0700 Subject: [Dovecot] mail_max_userip_connections=10 In-Reply-To: <006e01cc76c8$cf849090$6e8db1b0$@elysium.ltd.uk> References: <002d01cc76a5$ff88f970$fe9aec50$@elysium.ltd.uk> <4E7735B1.5000501@cse.yorku.ca> <006e01cc76c8$cf849090$6e8db1b0$@elysium.ltd.uk> Message-ID: <4E777F5D.7050006@globalchangemusic.org> On 9/19/2011 5:36 AM, Tom Clark wrote: > Hi Paul, > > It's coming from the same IP address through his ADSL. Hence he gets the > problem with max_userip_connections. > > I think I tracked down the problem. He's been using K9 mail which seems to > have a problem where it doesn't release a connection and has 1 connection > per subscribed folder.... > > Ta, > > Tom If you figure it out, please post the solution, because we're running into a similar issue right now with K9 mail where it's causing us to get this error:imap-login: Disconnected: Connection queue full From tss at iki.fi Mon Sep 19 21:12:24 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 19 Sep 2011 21:12:24 +0300 Subject: [Dovecot] mail_max_userip_connections=10 In-Reply-To: <4E777F5D.7050006@globalchangemusic.org> References: <002d01cc76a5$ff88f970$fe9aec50$@elysium.ltd.uk> <4E7735B1.5000501@cse.yorku.ca> <006e01cc76c8$cf849090$6e8db1b0$@elysium.ltd.uk> <4E777F5D.7050006@globalchangemusic.org> Message-ID: <42D8EE74-351A-4508-99BC-626318016346@iki.fi> On 19.9.2011, at 20.43, Asai wrote: > If you figure it out, please post the solution, because we're running into a similar issue right now with K9 mail where it's causing us to get this error:imap-login: Disconnected: Connection queue full That's a different problem. You need to increase number of login processes / connections. http://wiki2.dovecot.org/LoginProcess From dovecot at tlinx.org Tue Sep 20 02:03:54 2011 From: dovecot at tlinx.org (Linda Walsh) Date: Mon, 19 Sep 2011 16:03:54 -0700 Subject: [Dovecot] outlook 2007 very slow. In-Reply-To: References: Message-ID: <4E77CA5A.6010506@tlinx.org> ` Kui Zhang wrote: > Hello > > I have a user with 2500+ sub folders. Total mailboxes size is around > 6G. (mdbox, dovecot 2:2.0.14) > > Syncing/Receiving appears to be slow, with outlook 2007. He does not > want to switch to an alternative, due to various reasons. > > Any one else having similar issue? > Anything else I should do to narrow down the issue? > ---- I can't speak for outlook 2007, but back in outlook 2000, as well as outlook 2002, it spoke a broken dialect of IMAP that would cause it to hang if you enabled it to read multiple mailboxes at one time. The only safe way I found to use it was to only let it use 1 connection at a time, and even then it wasn't impossible to cause to to fail. Perhaps MS limited outlook to only 1 connection to IMAP servers -- when I spoke to the engineer, they said that really had IMAP support at the lowest level, as it allowed the use of non-MS servers and mail servers -- and they only wanted to support Exchange (in order to get sites to buy exchange!)... The issue was reported broken in 2000, and they had not fixed it by 2002 (office XP), so I moved to thunderbird... I missed a few-several features, but I didn't miss the slowness and unreliability in everyday reading of email. Another problem -- AFAIK, outlook is only 32bit. My mom gets harassed, constantly to move things out of her primary .pst file and into 'archives', (where she can't easily access them and they don't have to be indexed...) because, the internal format became more strained as it got larger. With 6G of folders, indexing those, your user might be hitting outlook memory problems (not running out, but 'thrashing')... If possible, he might try unsubbing to older boxes on his main account, and setup an alternate account to 'go into the archives'...that way syncing only with currently active folders should go much faster)... Send him my condolences... -l > > Thanks > KuiZ > From dovecot at tlinx.org Tue Sep 20 02:22:34 2011 From: dovecot at tlinx.org (Linda Walsh) Date: Mon, 19 Sep 2011 16:22:34 -0700 Subject: [Dovecot] Why can NOT login as root In-Reply-To: <4E6BD852.5000306@vo.lu> References: <4E6B3634.18171.51F73FE@jana1972.centrum.cz> <4E6BD852.5000306@vo.lu> Message-ID: <4E77CEBA.8050603@tlinx.org> John Allen wrote: > As far as I recall, IMAP servers generally don't allow access to root. > > According to the Dovecot wiki, this is hard-coded in the binary: > http://wiki.dovecot.org/MainConfig see under "first_valid_uid" > > If the root user is receiving emails, these need to be redirected to > another user so they can be read via IMAP. --- I guess the source needs a patch. Why would dovecot choose to play nursemaid to people who want to read root email remotely via IMAPS? I can log in via SSH, so why not allow it with secure IMAP? I suppose really, if someone wants to run as root with no password dovecot should be **configurable** to allow this -- as we can't always understand the needs of end users. Example. You have a system on which root uid=0 means nothing (assigns no privs -- all assigned via privilege/capability bits). This means dovecot is hardcoded to lock out a user that may have no privileges, but has no prob permitting access to those with full Capability/priv sets. That is NOT remotely a secure design -- Not that it "allows login to those w/caps", but that it bogusly tries to invalidate site-security policies that it doesn't like Samba has done this and actually disparages people who don't use conventional security policies 'insecure', when those same people can point out a multitude of ways samba can be easily -- in the ways that the samba team, _recommend_, that samba can be accidentally or surreptitiously configured insecurely. When it is asked why alternate security policies are insecure -- they change the subject and agree grudgingly to re-allow 'banned' commands under options like "allow insecure XXXX"... Trying to 'play nursemaid' to users is a bad security policy -- since as soon you (like samba team leader said, "we had to make it impossible to configure samba insecurely", you are asking for trouble; cuz then users think they don't have to worry about how they config things, it will always be secure...and we know that is very untrue! From tss at iki.fi Tue Sep 20 02:50:32 2011 From: tss at iki.fi (Timo Sirainen) Date: Tue, 20 Sep 2011 02:50:32 +0300 Subject: [Dovecot] Why can NOT login as root In-Reply-To: <4E77CEBA.8050603@tlinx.org> References: <4E6B3634.18171.51F73FE@jana1972.centrum.cz> <4E6BD852.5000306@vo.lu> <4E77CEBA.8050603@tlinx.org> Message-ID: On 20.9.2011, at 2.22, Linda Walsh wrote: > I can log in via SSH, so why not allow it with secure IMAP? I suppose > really, if someone wants to run as root with no password dovecot should be > **configurable** to allow this -- as we can't always understand the needs > of end users. Because there's no good reason to read mails as root. If you can give me a good reason I might reconsider, but I highly doubt that's going to happen. Anyway it's mainly about making sure that in the case of some internal security hole (or misconfiguration) in Dovecot at least that security hole couldn't be leveraged to gain root privileges that would allow reading everyone's mails. > Example. You have a system on which root uid=0 means nothing (assigns no > privs -- all assigned via privilege/capability bits). > > This means dovecot is hardcoded to lock out a user that may have no > privileges, but has no prob permitting access to those with full > Capability/priv sets. Rare, and in such cases irrelevant. From user+dovecot at localhost.localdomain.org Tue Sep 20 02:53:32 2011 From: user+dovecot at localhost.localdomain.org (Pascal Volk) Date: Tue, 20 Sep 2011 01:53:32 +0200 Subject: [Dovecot] Why can NOT login as root In-Reply-To: <4E77CEBA.8050603@tlinx.org> References: <4E6B3634.18171.51F73FE@jana1972.centrum.cz> <4E6BD852.5000306@vo.lu> <4E77CEBA.8050603@tlinx.org> Message-ID: <4E77D5FC.5060608@localhost.localdomain.org> On 09/20/2011 01:22 AM Linda Walsh wrote: > I guess the source needs a patch. > > Why would dovecot choose to play nursemaid to people who want to read > root email remotely via IMAPS? > ? So, why do you not simply create and apply the patch? Dovecot is OSS. You are free to modify it in order to satisfy your special requirements. EOD Pascal -- The trapper recommends today: f007ba11.1126301 at localdomain.org From kuizhang at gmail.com Tue Sep 20 05:10:05 2011 From: kuizhang at gmail.com (Kui Zhang) Date: Mon, 19 Sep 2011 19:10:05 -0700 Subject: [Dovecot] outlook 2007 very slow. In-Reply-To: <4E77CA5A.6010506@tlinx.org> References: <4E77CA5A.6010506@tlinx.org> Message-ID: On Mon, Sep 19, 2011 at 4:03 PM, Linda Walsh wrote: > > > > ` Kui Zhang wrote: >> >> Hello >> >> I have a user with 2500+ sub folders. Total mailboxes size is around >> 6G. (mdbox, dovecot 2:2.0.14) >> >> Syncing/Receiving appears to be slow, with outlook 2007. He does not >> want to switch to an alternative, due to various reasons. >> >> Any one else having similar issue? >> Anything else I should do to narrow down the issue? >> > > ---- > ? I can't speak for outlook 2007, but back in outlook 2000, as well as > outlook 2002, it spoke a broken dialect of IMAP that would cause it to > hang if you enabled it to read multiple mailboxes at one time. > > The only safe way I found to use it was to only let it use 1 connection at > a time, and even then it wasn't impossible to cause to to fail. > > Perhaps MS limited outlook to only 1 connection to IMAP servers -- when I > spoke to the engineer, they said that really had IMAP support at the > lowest level, as it allowed the use of non-MS servers and mail servers -- > and they only wanted to support Exchange (in order to get sites to buy > exchange!)... > I thought it might have been something anti-competitive... We decided to give outlook 2k10 a try. Everything appears to work so far. It seems to be using only 1 connection... 2k7 was using 5 connections, with multiple connections in idle state(adding inotify watches) > ? The issue was reported broken in 2000, and they had not fixed it by > 2002 (office XP), so I moved to thunderbird... > thunderbird does not really work for us, due to amount of emails per mailbox. It was hogging all the memory + cpu. Trying out claw-mail. It is working really well. > ? I missed a few-several features, but I didn't miss the slowness and > unreliability in everyday reading of email. > > ? Another problem -- AFAIK, outlook is only 32bit. ?My mom gets > harassed, constantly to move things out of her primary .pst file and into > 'archives', (where she can't easily access them and they don't have to be > indexed...) because, the internal format became more strained as it got > larger. ? With 6G of folders, indexing those, your user might be hitting > outlook memory problems (not running out, but 'thrashing')... > > ? If possible, he might try unsubbing to older boxes on his main > account, and setup an alternate account to 'go into the archives'...that > way syncing only with currently active folders should go much faster)... > > Send him my condolences... > > > -l > > > > >> >> Thanks >> KuiZ >> > From other at ahhyes.net Tue Sep 20 06:49:23 2011 From: other at ahhyes.net (Alex) Date: Tue, 20 Sep 2011 13:49:23 +1000 Subject: [Dovecot] Why can NOT login as root In-Reply-To: References: <4E6B3634.18171.51F73FE@jana1972.centrum.cz> <4E6BD852.5000306@vo.lu> <4E77CEBA.8050603@tlinx.org> Message-ID: <308b79326740349f16af13f2077c1f62@ahhyes.net> On Tue, 20 Sep 2011 02:50:32 +0300, Timo Sirainen wrote: > On 20.9.2011, at 2.22, Linda Walsh wrote: > >> I can log in via SSH, so why not allow it with secure IMAP? I >> suppose >> really, if someone wants to run as root with no password dovecot >> should be >> **configurable** to allow this -- as we can't always understand the >> needs >> of end users. > > Because there's no good reason to read mails as root. If you can give > me a good reason I might reconsider, but I highly doubt that's going > to happen. > > Anyway it's mainly about making sure that in the case of some > internal security hole (or misconfiguration) in Dovecot at least that > security hole couldn't be leveraged to gain root privileges that > would > allow reading everyone's mails. > >> Example. You have a system on which root uid=0 means nothing >> (assigns no >> privs -- all assigned via privilege/capability bits). >> >> This means dovecot is hardcoded to lock out a user that may have no >> privileges, but has no prob permitting access to those with full >> Capability/priv sets. > > Rare, and in such cases irrelevant. From other at ahhyes.net Tue Sep 20 07:03:29 2011 From: other at ahhyes.net (Alex) Date: Tue, 20 Sep 2011 14:03:29 +1000 Subject: [Dovecot] Why can NOT login as root In-Reply-To: <308b79326740349f16af13f2077c1f62@ahhyes.net> References: <4E6B3634.18171.51F73FE@jana1972.centrum.cz> <4E6BD852.5000306@vo.lu> <4E77CEBA.8050603@tlinx.org> <308b79326740349f16af13f2077c1f62@ahhyes.net> Message-ID: <9dbaaa16a9731eefa05cef6c3c6a9dbf@ahhyes.net> On Tue, 20 Sep 2011 13:49:23 +1000, Alex wrote: > On Tue, 20 Sep 2011 02:50:32 +0300, Timo Sirainen wrote: >> On 20.9.2011, at 2.22, Linda Walsh wrote: >> >>> I can log in via SSH, so why not allow it with secure IMAP? I >>> suppose >>> really, if someone wants to run as root with no password dovecot >>> should be >>> **configurable** to allow this -- as we can't always understand >>> the needs >>> of end users. >> >> Because there's no good reason to read mails as root. If you can >> give >> me a good reason I might reconsider, but I highly doubt that's going >> to happen. >> >> Anyway it's mainly about making sure that in the case of some >> internal security hole (or misconfiguration) in Dovecot at least >> that >> security hole couldn't be leveraged to gain root privileges that >> would >> allow reading everyone's mails. >> >>> Example. You have a system on which root uid=0 means nothing >>> (assigns no >>> privs -- all assigned via privilege/capability bits). >>> >>> This means dovecot is hardcoded to lock out a user that may have no >>> privileges, but has no prob permitting access to those with full >>> Capability/priv sets. >> >> Rare, and in such cases irrelevant. From other at ahhyes.net Tue Sep 20 07:06:16 2011 From: other at ahhyes.net (Alex) Date: Tue, 20 Sep 2011 14:06:16 +1000 Subject: [Dovecot] Default permissions on newly created maildir Message-ID: Hi Guys, I am setting up SQL auth for mail. Auth works fine, I notice that if no maildir exists for the authenticated user, it is created automatically (depending on the homedir specified in the sql table entry). The problem is that it creates the dir with "700" permissions which is causing grief for my MTA when it comes time for it to try and drop mail there. If I chmod the dir to 770 things work fine. How do I change the default permissions that dovecot uses whenever it creates a new mail account? From Lutz.Pressler at SerNet.DE Tue Sep 20 10:12:45 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Tue, 20 Sep 2011 09:12:45 +0200 Subject: [Dovecot] 2.1: problems compiling fts-lucene - CLucene git version necessary? In-Reply-To: <1316446540.12936.114.camel@hurina> References: <7C9B9C67-A1FD-472B-8514-BC54F1B01D00@iki.fi> <1316446540.12936.114.camel@hurina> Message-ID: On Mo, 19 Sep 2011, Timo Sirainen wrote: > On Sun, 2011-09-18 at 13:27 +0200, Lutz Pre?ler wrote: > > Hello, > > On So, 11 Sep 2011, Timo Sirainen wrote: > > > On 11.9.2011, at 22.22, Lutz Pre?ler wrote: > > > > I have problems recompiling the Debian squeeze auto build packages > > > > with "--with-lecene". Is the git (2.3) version of CLucene necessary? > > > Yes. > > Ok, I now tried to test with clucene-core-2.3.3.4. Quite unsucessfully... > > I built libclucene-core-static.a and libclucene-shared-static.a after > > changing the cmake option (BUILD_STATIC_LIBRARIES). But despite enabling > > BUILD_CONTRIBS, BUILD_CONTRIBS_LIB no snowball/libstemmer has been build. > > You need to install libstemmer separately. I think I used > http://snowball.tartarus.org/dist/libstemmer_c.tgz Still having build problems --with-stemmer... libstemmer built and referenced seperately, libtextcat as Debian package, it's: lucene-wrapper.cc: In function 'lucene_index* lucene_index_init(const char*, mailbox_list*, const fts_lucene_settings*)': lucene-wrapper.cc:108: error: no matching function for call to 'lucene::analysis::snowball::SnowballAnalyzer::SnowballAnalyzer(const char*&)' ../../../../clucene-core-2.3.3.4/src/contribs-lib/CLucene/snowball/SnowballAnalyzer.h:32: note: candidates are: lucene::analysis::snowball::SnowballAnalyzer::SnowballAnalyzer(const TCHAR*, const TCHAR**) ../../../../clucene-core-2.3.3.4/src/contribs-lib/CLucene/snowball/SnowballAnalyzer.h:28: note: lucene::analysis::snowball::SnowballAnalyzer::SnowballAnalyzer(const TCHAR*) ../../../../clucene-core-2.3.3.4/src/contribs-lib/CLucene/snowball/SnowballAnalyzer.h:22: note: lucene::analysis::snowball::SnowballAnalyzer::SnowballAnalyzer(const lucene::analysis::snowball::SnowballAnalyzer&) index->set.default_language is char, but TCHAR is wchar_t but not char? > > > dovecot: imap(...): Error: fts_lucene: default_language set, but Dovecot built without stemmer support > > Fixed: http://hg.dovecot.org/dovecot-2.1/rev/02c84406c661 Without stemmer support it works nicely now though. One further question: Is fts indexing after delivery still on your TODO list? Lutz From tom at elysium.ltd.uk Tue Sep 20 11:15:01 2011 From: tom at elysium.ltd.uk (Tom Clark) Date: Tue, 20 Sep 2011 09:15:01 +0100 Subject: [Dovecot] mail_max_userip_connections=10 In-Reply-To: <42D8EE74-351A-4508-99BC-626318016346@iki.fi> References: <002d01cc76a5$ff88f970$fe9aec50$@elysium.ltd.uk> <4E7735B1.5000501@cse.yorku.ca> <006e01cc76c8$cf849090$6e8db1b0$@elysium.ltd.uk> <4E777F5D.7050006@globalchangemusic.org> <42D8EE74-351A-4508-99BC-626318016346@iki.fi> Message-ID: <000d01cc776d$653d5280$2fb7f780$@elysium.ltd.uk> If it is the same problem with K9 (although Timo doesn't think it is) we fixed it on the K9 machine by turning off PUSH mail folders. Tom -----Original Message----- From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On Behalf Of Timo Sirainen Sent: 19 September 2011 7:12 PM To: Asai Cc: Dovecot Mailing List Subject: Re: [Dovecot] mail_max_userip_connections=10 On 19.9.2011, at 20.43, Asai wrote: > If you figure it out, please post the solution, because we're running into a similar issue right now with K9 mail where it's causing us to get this error:imap-login: Disconnected: Connection queue full That's a different problem. You need to increase number of login processes / connections. http://wiki2.dovecot.org/LoginProcess From usuda at designet.co.jp Tue Sep 20 12:28:49 2011 From: usuda at designet.co.jp (USUDA Hisashi) Date: Tue, 20 Sep 2011 18:28:49 +0900 Subject: [Dovecot] DRAC plugin for Dovecot-2.x Message-ID: <4E785CD1.5030907@designet.co.jp> Hello All, I released the DRAC plugin for dovecot-2.x. http://sourceforge.jp/projects/dovecot2-drac/ It's based the plugin for dovecot-1.1: http://dovecot.org/patches/1.1/drac.c Please see README file for details. Best regards, -- mailto:usuda at designet.co.jp From CMarcus at Media-Brokers.com Tue Sep 20 13:21:50 2011 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Tue, 20 Sep 2011 06:21:50 -0400 Subject: [Dovecot] outlook 2007 very slow. In-Reply-To: <4E77CA5A.6010506@tlinx.org> References: <4E77CA5A.6010506@tlinx.org> Message-ID: <4E78693E.3080308@Media-Brokers.com> On 2011-09-19 7:03 PM, Linda Walsh wrote: > Another problem -- AFAIK, outlook is only 32bit. My mom gets > harassed, constantly to move things out of her primary .pst file and > into 'archives', (where she can't easily access them and they don't > have to be indexed...) because, the internal format became more > strained as it got larger. With 6G of folders, indexing those, your > user might be hitting outlook memory problems (not running out, but > 'thrashing')... Outlook < 2007 were limited to 2GB .pst files. > 2007 could use max of 20GB .pst files, although in my experience it gets slow/sluggish with more than 10GB (and keep good backups, .pst files can get corrupted if you look at them too hard)... IMAP support got much better in 2007, and is even better in 2010, but Outlook still only really shines as an Exchange client, and that is the way Microsoft wants it (and understandably so)... Personally, I would only use Outlook in an Exchange environment, never as a standalone email client, although it's calendar is much better than Thunderbird+Lightning I'm sad to say... -- Best regards, Charles From CMarcus at Media-Brokers.com Tue Sep 20 13:23:51 2011 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Tue, 20 Sep 2011 06:23:51 -0400 Subject: [Dovecot] Why can NOT login as root In-Reply-To: <4E77CEBA.8050603@tlinx.org> References: <4E6B3634.18171.51F73FE@jana1972.centrum.cz> <4E6BD852.5000306@vo.lu> <4E77CEBA.8050603@tlinx.org> Message-ID: <4E7869B7.4090209@Media-Brokers.com> On 2011-09-19 7:22 PM, Linda Walsh wrote: >> If the root user is receiving emails, these need to be redirected to >> another user so they can be read via IMAP. > I guess the source needs a patch. Only if you like wasting your time. > Why would dovecot choose to play nursemaid to people who want to read > root email remotely via IMAPS? It is generally considered 'standard procedure' to alias root to another user account for mail. That's one of the first things I do when setting up a new server, whether it is a mail server or other... -- Best regards, Charles From dovecot at lists.grepular.com Tue Sep 20 13:30:26 2011 From: dovecot at lists.grepular.com (dovecot at lists.grepular.com) Date: Tue, 20 Sep 2011 11:30:26 +0100 Subject: [Dovecot] outlook 2007 very slow. In-Reply-To: <4E78693E.3080308@Media-Brokers.com> References: <4E77CA5A.6010506@tlinx.org> <4E78693E.3080308@Media-Brokers.com> Message-ID: <4E786B42.8090706@lists.grepular.com> On 20/09/11 11:21, Charles Marcus wrote: > IMAP support got much better in 2007, How did it get better? They removed NAMESPACE support when moving from 2003 to 2007, which was a complete ball ache for us. > and is even better in 2010 Do they support ACL in 2010? They don't in 2007, which is really frustrating. What is better about 2010 IMAP support compared to 2007? I'm genuinely interested to know... -- Mike Cardwell https://grepular.com/ https://twitter.com/mickeyc Professional http://cardwellit.com/ http://linkedin.com/in/mikecardwell PGP.mit.edu 0018461F/35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 455 bytes Desc: OpenPGP digital signature URL: From CMarcus at Media-Brokers.com Tue Sep 20 13:46:17 2011 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Tue, 20 Sep 2011 06:46:17 -0400 Subject: [Dovecot] outlook 2007 very slow. In-Reply-To: <4E786B42.8090706@lists.grepular.com> References: <4E77CA5A.6010506@tlinx.org> <4E78693E.3080308@Media-Brokers.com> <4E786B42.8090706@lists.grepular.com> Message-ID: <4E786EF9.8090101@Media-Brokers.com> On 2011-09-20 6:30 AM, dovecot at lists.grepular.com wrote: > On 20/09/11 11:21, Charles Marcus wrote: > >> IMAP support got much better in 2007, > > How did it get better? They removed NAMESPACE support when moving from > 2003 to 2007, which was a complete ball ache for us. 2003 was basically unusable on large mail stores. 2007 actually became usable, in that it was much more responsive when working with mail, but my testing didn't really go beyond that, it was more curiosity than anything (and, I have ONE friend who insists on using Outlook because the Calendar is so much better than anything else out there). >> and is even better in 2010 > Do they support ACL in 2010? They don't in 2007, which is really > frustrating. What is better about 2010 IMAP support compared to 2007? > I'm genuinely interested to know... What do you mean by 'ACL support'? Do you mean the ability to create/edit them on shared folders? If so, then no, not natively, I don't think, but I didn't do any intensive testing, all I can tell you is it is much more responsive, especially on larger folders. -- Best regards, Charles From dovecot at lists.grepular.com Tue Sep 20 13:57:17 2011 From: dovecot at lists.grepular.com (Mike Cardwell) Date: Tue, 20 Sep 2011 11:57:17 +0100 Subject: [Dovecot] outlook 2007 very slow. In-Reply-To: <4E786EF9.8090101@Media-Brokers.com> References: <4E77CA5A.6010506@tlinx.org> <4E78693E.3080308@Media-Brokers.com> <4E786B42.8090706@lists.grepular.com> <4E786EF9.8090101@Media-Brokers.com> Message-ID: <4E78718D.6090400@lists.grepular.com> On 20/09/11 11:46, Charles Marcus wrote: >>> and is even better in 2010 > >> Do they support ACL in 2010? They don't in 2007, which is really >> frustrating. What is better about 2010 IMAP support compared to 2007? >> I'm genuinely interested to know... > > What do you mean by 'ACL support'? Do you mean the ability to > create/edit them on shared folders? Yes. Support for the IMAP ACL extension. > If so, then no, not natively, I > don't think, but I didn't do any intensive testing, all I can tell you > is it is much more responsive, especially on larger folders. This is a real shame. IMAP can do so much more than Exchange's IMAP implementation allows. -- Mike Cardwell https://grepular.com/ https://twitter.com/mickeyc Professional http://cardwellit.com/ http://linkedin.com/in/mikecardwell PGP.mit.edu 0018461F/35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 455 bytes Desc: OpenPGP digital signature URL: From stan at hardwarefreak.com Tue Sep 20 15:21:01 2011 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Tue, 20 Sep 2011 07:21:01 -0500 Subject: [Dovecot] mail_max_userip_connections=10 In-Reply-To: <006e01cc76c8$cf849090$6e8db1b0$@elysium.ltd.uk> References: <002d01cc76a5$ff88f970$fe9aec50$@elysium.ltd.uk> <4E7735B1.5000501@cse.yorku.ca> <006e01cc76c8$cf849090$6e8db1b0$@elysium.ltd.uk> Message-ID: <4E78852D.1070506@hardwarefreak.com> On 9/19/2011 7:36 AM, Tom Clark wrote: > Hi Paul, > > It's coming from the same IP address through his ADSL. Hence he gets the > problem with max_userip_connections. > > I think I tracked down the problem. He's been using K9 mail which seems to > have a problem where it doesn't release a connection and has 1 connection > per subscribed folder.... The reasoning behind the multiple socket communication design in the IMAP protocol is flawed, thus we end up with problems like yours, and others. It may have looked good on the white board but it doesn't seem to add benefit in production--only add problems. At least from an SA's perspective. Just about every other modern internet protocol gets by with a single socket, and many of those applications are more complex than IMAP. Multiple virtual channels are a good idea at the data link layer of WAN communications links, and work well there. They're a lousy idea at the application layer, however, as the IMAP protocol clearly demonstrates. Everything IMAP does over multiple sockets could have been accomplished over a single socket, with no noticeable decrease in performance, but with fewer SA headaches and fewer server resources consumed. I eagerly await a successor to the current version of IMAP, which will hopefully do away with this problematic, unnecessary, multiple socket nonsense. It may be a long wait, unfortunately... -- Stan From helge at monsternett.no Tue Sep 20 16:58:13 2011 From: helge at monsternett.no (Helge Milde) Date: Tue, 20 Sep 2011 15:58:13 +0200 Subject: [Dovecot] Trouble getting lda to gzip incomming mails (zlib plugin) Message-ID: <20110920135808.GB28582@monsternett.no> Hi! I've followed the guide at http://wiki2.dovecot.org/Plugins/Zlib to try to make Dovecot gzip incomming mails, but it doesn't seem to work. I've made pop/imap read gzipped files, and this seems to work perfectly, but LDA is still saving incomming mails in plain text. There's not too much information out there regarding the zlib module, so I'm not sure where to start debugging the problem, and was hoping someone could point me in the right direction. The only mention of zlib when LDA is delivering a file: Sep 20 15:51:19 mail dovecot: deliver(helgemil): Module loaded: /usr/lib/dovecot/modules/lda/lib20_zlib_plugin.so The most relevant lines from dovecot.conf: mail_debug = yes protocols = imap pop3 imaps pop3s mail_location = maildir:~/Maildir mail_privileged_group = mail max_mail_processes = 1024 mail_process_size = 512 protocol imap { mail_max_userip_connections = 50 mail_plugins = fts fts_squat zlib } protocol pop3 { pop3_uidl_format = %08Xu%08Xv mail_max_userip_connections = 50 mail_plugins = zlib } protocol lda { postmaster_address = postmaster at monsternett.no mail_plugins = sieve zlib mail_plugin_dir = /usr/lib/dovecot/modules/lda sieve_global_dir = /etc/dovecot/sieve/ sieve_global_path = /etc/dovecot/sieve/default.sieve } plugin { zlib_save_level = 6 zlib_save = gz fts = squat sieve = ~/dovecot.sieve sieve_dir = ~/ } -- Helge Milde, 69701808 www.monsternett.no From udo.lembke at albertbauer.com Tue Sep 20 18:36:47 2011 From: udo.lembke at albertbauer.com (Udo Lembke) Date: Tue, 20 Sep 2011 17:36:47 +0200 Subject: [Dovecot] how to disable quota for second namespace? Message-ID: <4E78B30F.7020000@albertbauer.com> Hi all, I have a second namespace as archive, where no quota should be active (work with type = shared). But if I change the type to private the quota will allways count. My dovecot version is the 2.0.13. I have tried things like this: plugin { quota_rule = *:storage=500M quota_rule2 = Trash:storage=+100M quota_rule3 = Sent:storage=+50M quota_rule4 = ns=archiv/%u/:ignore } It's also doesn't work with "quota_rule4 = archiv/%u/:ignore" The namespace: namespace { type = private separator = / prefix = "archiv/%u/" location = maildir:/var/data/archiv/%d/%n:INDEX=/var/data/indexes/archiv/%u:LAYOUT=fs inbox = no hidden = no subscriptions = no list = yes } Even if I define the namespace for quota I see the quota-value also in the "root": plugin { quota = maildir:User quota quota2 = maildir:Archiv quota:ns=archiv/%u/ } doveadm quota get -u test at example.com Quota name Type Value Limit % User quota STORAGE 1587135 512000 309 User quota MESSAGE 13346 - 0 Archiv quota STORAGE 1359379 - 0 Archiv quota MESSAGE 10577 - 0 du -ks /var/data/mail/example.com/test 234364 /var/data/mail/example.com/test du -ks /var/data/archiv/example.com/test 1383792 /var/data/archiv/example.com/test Now is the big question, how can I reach such an output? doveadm quota get -u test at example.com Quota name Type Value Limit % User quota STORAGE 227756 512000 44 User quota MESSAGE 2769 - 0 Archiv quota STORAGE 1359379 - 0 Archiv quota MESSAGE 10577 - 0 I can't believe that's only possible with a shared namespace, or? Any hints are welcome. Best regards Udo From patrickdk at patrickdk.com Tue Sep 20 18:54:21 2011 From: patrickdk at patrickdk.com (Patrick Domack) Date: Tue, 20 Sep 2011 11:54:21 -0400 Subject: [Dovecot] Trouble getting lda to gzip incomming mails (zlib plugin) In-Reply-To: <20110920135808.GB28582@monsternett.no> References: <20110920135808.GB28582@monsternett.no> Message-ID: <20110920115421.Horde.44HXTZLnE6FOeLctSTJCeHA@kishi.patrickdk.com> I thinking your mail_plugin_dir is not needed, I don't have it configured, and that path doesn't even exist on my system, maybe hangover from 1.x config? Quoting Helge Milde : > Hi! > I've followed the guide at http://wiki2.dovecot.org/Plugins/Zlib to > try to make Dovecot gzip incomming mails, but it doesn't seem to work. > I've made pop/imap read gzipped files, and this seems to work > perfectly, but LDA is still saving incomming mails in plain text. > There's not too much information out there regarding the zlib > module, so I'm not sure where to start debugging the problem, and > was hoping someone could point me in the right direction. > > The only mention of zlib when LDA is delivering a file: > Sep 20 15:51:19 mail dovecot: deliver(helgemil): Module loaded: > /usr/lib/dovecot/modules/lda/lib20_zlib_plugin.so The most > relevant lines from dovecot.conf: > mail_debug = yes > protocols = imap pop3 imaps pop3s > mail_location = maildir:~/Maildir > mail_privileged_group = mail > max_mail_processes = 1024 > mail_process_size = 512 > > protocol imap { > mail_max_userip_connections = 50 > mail_plugins = fts fts_squat zlib > } > > protocol pop3 { > pop3_uidl_format = %08Xu%08Xv > mail_max_userip_connections = 50 > mail_plugins = zlib > } > > protocol lda { > postmaster_address = postmaster at monsternett.no > mail_plugins = sieve zlib > mail_plugin_dir = /usr/lib/dovecot/modules/lda > sieve_global_dir = /etc/dovecot/sieve/ > sieve_global_path = /etc/dovecot/sieve/default.sieve > } > > plugin { > zlib_save_level = 6 > zlib_save = gz > fts = squat > sieve = ~/dovecot.sieve > sieve_dir = ~/ > } > > -- > Helge Milde, 69701808 > www.monsternett.no From helge at monsternett.no Tue Sep 20 19:22:53 2011 From: helge at monsternett.no (Helge Milde) Date: Tue, 20 Sep 2011 18:22:53 +0200 Subject: [Dovecot] Trouble getting lda to gzip incomming mails (zlib plugin) In-Reply-To: <20110920115421.Horde.44HXTZLnE6FOeLctSTJCeHA@kishi.patrickdk.com> References: <20110920135808.GB28582@monsternett.no> <20110920115421.Horde.44HXTZLnE6FOeLctSTJCeHA@kishi.patrickdk.com> Message-ID: <20110920162253.GC2939@monsternett.no> Well, I can't see why it would hurt either. The reason we're using that directory is that the sieve plugin is compiled into lda/ by default, I think. I will try to move the sieve files into dovecot/ and remove mail_plugin_dir tomorrow, but I don't think it will help since dovecot has no problems *loading* the library. On Tue, Sep 20, 2011 at 11:54:21AM -0400, Patrick Domack wrote: >I thinking your mail_plugin_dir is not needed, I don't have it >configured, and that path doesn't even exist on my system, maybe >hangover from 1.x config? > > >Quoting Helge Milde : > >>Hi! >>I've followed the guide at http://wiki2.dovecot.org/Plugins/Zlib to >>try to make Dovecot gzip incomming mails, but it doesn't seem to >>work. >>I've made pop/imap read gzipped files, and this seems to work >>perfectly, but LDA is still saving incomming mails in plain text. >>There's not too much information out there regarding the zlib >>module, so I'm not sure where to start debugging the problem, and >>was hoping someone could point me in the right direction. >> >>The only mention of zlib when LDA is delivering a file: >>Sep 20 15:51:19 mail dovecot: deliver(helgemil): Module loaded: >>/usr/lib/dovecot/modules/lda/lib20_zlib_plugin.so The most >>relevant lines from dovecot.conf: >>mail_debug = yes >>protocols = imap pop3 imaps pop3s >>mail_location = maildir:~/Maildir >>mail_privileged_group = mail >>max_mail_processes = 1024 >>mail_process_size = 512 >> >>protocol imap { >> mail_max_userip_connections = 50 >> mail_plugins = fts fts_squat zlib >>} >> >>protocol pop3 { >> pop3_uidl_format = %08Xu%08Xv >> mail_max_userip_connections = 50 >> mail_plugins = zlib >>} >> >>protocol lda { >> postmaster_address = postmaster at monsternett.no >> mail_plugins = sieve zlib >> mail_plugin_dir = /usr/lib/dovecot/modules/lda >> sieve_global_dir = /etc/dovecot/sieve/ >> sieve_global_path = /etc/dovecot/sieve/default.sieve >>} >> >>plugin { >> zlib_save_level = 6 >> zlib_save = gz >> fts = squat >> sieve = ~/dovecot.sieve >> sieve_dir = ~/ >>} >> >>-- >>Helge Milde, 69701808 >>www.monsternett.no > > > -- Helge Milde, 69701808 www.monsternett.no From asai at globalchangemusic.org Tue Sep 20 20:46:38 2011 From: asai at globalchangemusic.org (Asai) Date: Tue, 20 Sep 2011 10:46:38 -0700 Subject: [Dovecot] mail_max_userip_connections=10 In-Reply-To: <000d01cc776d$653d5280$2fb7f780$@elysium.ltd.uk> References: <002d01cc76a5$ff88f970$fe9aec50$@elysium.ltd.uk> <4E7735B1.5000501@cse.yorku.ca> <006e01cc76c8$cf849090$6e8db1b0$@elysium.ltd.uk> <4E777F5D.7050006@globalchangemusic.org> <42D8EE74-351A-4508-99BC-626318016346@iki.fi> <000d01cc776d$653d5280$2fb7f780$@elysium.ltd.uk> Message-ID: <4E78D17E.90607@globalchangemusic.org> Thanks for the insight, Tom. Yeah, it was a different problem, and we solved it. On 9/20/2011 1:15 AM, Tom Clark wrote: > If it is the same problem with K9 (although Timo doesn't think it is) we > fixed it on the K9 machine by turning off PUSH mail folders. > > Tom > > -----Original Message----- > From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On > Behalf Of Timo Sirainen > Sent: 19 September 2011 7:12 PM > To: Asai > Cc: Dovecot Mailing List > Subject: Re: [Dovecot] mail_max_userip_connections=10 > > On 19.9.2011, at 20.43, Asai wrote: > >> If you figure it out, please post the solution, because we're running into > a similar issue right now with K9 mail where it's causing us to get this > error:imap-login: Disconnected: Connection queue full > > That's a different problem. You need to increase number of login processes / > connections. http://wiki2.dovecot.org/LoginProcess > > From Anton.Aylward at antonaylward.com Tue Sep 20 23:03:39 2011 From: Anton.Aylward at antonaylward.com (Anton Aylward) Date: Tue, 20 Sep 2011 16:03:39 -0400 Subject: [Dovecot] About using Dovecot indexes with Thunderbird/kmail Message-ID: <4E78F19B.2070909@antonaylward.com> I have Dovecot running well on my Mandriva mail hub, handing out IMAP to the household LAN. This is 1.2.15. Eventually I'll upgrade the OS and get 2.x, but this is working fine. So this question is really about the mail readers I use and how they make use of Dovecot. I have Thunderbird on my laptop and KMail2 on my desktop. Dovecot indexes. GOOD! The trouble is that the mail readers want their own indexes :-( I wish that Thunderbird would NOT index mail on my laptop, but it does. I wish Kmail2 would not use nepomuk/akonadi to index the mail but it does. Why can't they both believe the indexes used by Dovecot? Is this an unreasonable request? -- "We stand behind all of our products, except for the manure spreader." -- Corporate motto of an equipment manufacturer From CMarcus at Media-Brokers.com Tue Sep 20 23:22:53 2011 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Tue, 20 Sep 2011 16:22:53 -0400 Subject: [Dovecot] About using Dovecot indexes with Thunderbird/kmail In-Reply-To: <4E78F19B.2070909@antonaylward.com> References: <4E78F19B.2070909@antonaylward.com> Message-ID: <4E78F61D.2050601@Media-Brokers.com> On 2011-09-20 4:03 PM, Anton Aylward wrote: > I wish that Thunderbird would NOT index mail on my laptop, but it does. So turn it (GLODA) off... -- Best regards, Charles From lists at necoro.eu Tue Sep 20 23:38:21 2011 From: lists at necoro.eu (=?UTF-8?B?UmVuw6kgTmV1bWFubg==?=) Date: Tue, 20 Sep 2011 22:38:21 +0200 Subject: [Dovecot] Sieve: Vacation, handle and variable Message-ID: <4E78F9BD.6090306@necoro.eu> Hi *, I am adding a generic way for vacation-replies in my sieve setup. There I set the handle and the reason using variables (see end of mail). My simple question now is: Though variable expansion is not done for subject and reason, is it done for the handle? Because else there seems no way in configuring the vacation action via variables. I tried to read the code for this extension, but ... well ... the whole sieve implementation is way more complicated then I figured ^^. Thus I take the question to the list. Thanks, Ren? ----- default.sieve ----- require [..., "include", "variables"]; # set this to the text you want to get included in the vacation-mail global ["vacation", "vhandle"]; set "vhandle" ""; set "vacation" ""; [...] include :personal "vacation"; ----- vacation.sieve ----- require ["variables", "include", "vacation"]; # this is set in the including script global ["vacation", "vhandle"]; if string :is "${vacation}" "" { return; } # ensure we have a handle if string :is "${vhandle}" "" { set "vhandle" "${vacation}"; } if header :matches "subject" "*" { set "sbj" "Out of office [was: ${1}]"; vacation :addresses [...] :from "..." :days 7 :handle "${vhandle}" :subject "${sbj}" "${vacation}"; } ------------------------- -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From Anton.Aylward at antonaylward.com Wed Sep 21 00:37:50 2011 From: Anton.Aylward at antonaylward.com (Anton Aylward) Date: Tue, 20 Sep 2011 17:37:50 -0400 Subject: [Dovecot] About using Dovecot indexes with Thunderbird/kmail In-Reply-To: <4E78F61D.2050601@Media-Brokers.com> References: <4E78F19B.2070909@antonaylward.com> <4E78F61D.2050601@Media-Brokers.com> Message-ID: <4E7907AE.2040809@antonaylward.com> Charles Marcus said the following on 09/20/2011 04:22 PM: > On 2011-09-20 4:03 PM, Anton Aylward wrote: >> I wish that Thunderbird would NOT index mail on my laptop, but it does. > > So turn it (GLODA) off... > Ah https://wiki.mozilla.org/Thunderbird:Using_Gloda Well it is off, but I still have these index files ... So perhaps its not index that taking all the space and gets rebuilt when T Bird says its downloading the headers and indexing ... And then there's nepomuk.... I'm coming to hate nepomuk! -- "Beware of bugs in the above code; I have only proved it correct, not tried it." -- Knuth From lists at necoro.eu Wed Sep 21 00:48:54 2011 From: lists at necoro.eu (=?UTF-8?B?UmVuw6kgTmV1bWFubg==?=) Date: Tue, 20 Sep 2011 23:48:54 +0200 Subject: [Dovecot] Sieve: Vacation, handle and variable In-Reply-To: <4E78F9BD.6090306@necoro.eu> References: <4E78F9BD.6090306@necoro.eu> Message-ID: <4E790A46.7020603@necoro.eu> Am 20.09.2011 22:38, schrieb Ren? Neumann: > Hi *, > > I am adding a generic way for vacation-replies in my sieve setup. There > I set the handle and the reason using variables (see end of mail). My > simple question now is: Though variable expansion is not done for > subject and reason, is it done for the handle? Because else there seems > no way in configuring the vacation action via variables. Ok. I just learned about sieve-test. And this shows me: * send vacation message: => seconds : 604800 => subject: FooSubj => from : ... => handle : ${vhandle} So the handle does not expand variables. Hence: Would it be possible to add for example a non-standard ":expand list" option to vacation, where 'list' contains the names of the options where it is safe to do variable-expansion? - Ren? -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From stephan at rename-it.nl Wed Sep 21 02:09:50 2011 From: stephan at rename-it.nl (Stephan Bosch) Date: Wed, 21 Sep 2011 01:09:50 +0200 Subject: [Dovecot] Sieve: Vacation, handle and variable In-Reply-To: <4E790A46.7020603@necoro.eu> References: <4E78F9BD.6090306@necoro.eu> <4E790A46.7020603@necoro.eu> Message-ID: <4E791D3E.1080009@rename-it.nl> Op 20-9-2011 23:48, Ren? Neumann schreef: > Am 20.09.2011 22:38, schrieb Ren? Neumann: >> Hi *, >> >> I am adding a generic way for vacation-replies in my sieve setup. There >> I set the handle and the reason using variables (see end of mail). My >> simple question now is: Though variable expansion is not done for >> subject and reason, is it done for the handle? Because else there seems >> no way in configuring the vacation action via variables. > Ok. I just learned about sieve-test. And this shows me: > > * send vacation message: > => seconds : 604800 > => subject: FooSubj > => from : ... > => handle : ${vhandle} > > So the handle does not expand variables. Hence: Would it be possible to > add for example a non-standard ":expand list" option to vacation, where > 'list' contains the names of the options where it is safe to do > variable-expansion? No need. This is a violation of the standard and it was actually a long standing FIXME already. Fortunately, it was quite simple to repair: http://hg.rename-it.nl/dovecot-2.0-pigeonhole/rev/fe6df3425850 This will be included in the next release. Regards, Stephan From wgillespie+dovecot at es2eng.com Wed Sep 21 06:35:43 2011 From: wgillespie+dovecot at es2eng.com (Willie Gillespie) Date: Tue, 20 Sep 2011 21:35:43 -0600 Subject: [Dovecot] About using Dovecot indexes with Thunderbird/kmail In-Reply-To: <4E7907AE.2040809@antonaylward.com> References: <4E78F19B.2070909@antonaylward.com> <4E78F61D.2050601@Media-Brokers.com> <4E7907AE.2040809@antonaylward.com> Message-ID: <4E795B8F.3070007@es2eng.com> On 09/20/2011 03:37 PM, Anton Aylward wrote: > https://wiki.mozilla.org/Thunderbird:Using_Gloda > Well it is off, but I still have these index files ... > > So perhaps its not index that taking all the space and gets rebuilt when > T Bird says its downloading the headers and indexing ... Just have to ask: Is "Keep messages for this account on this computer" checked under the Synchronization & Storage settings? From isolderj at webmail.co.za Wed Sep 21 08:59:58 2011 From: isolderj at webmail.co.za (James isolder) Date: Wed, 21 Sep 2011 07:59:58 +0200 Subject: [Dovecot] IMAP delete logs Message-ID: Since enabling the mail_plugins = mail_log. I now get an error. Is there anything else I need to check adn how I can put the dovecot into debug mode so I can get more info about where it is failing. dovecot not running? (check /var/run/dovecot//master.pid). Starting dovecot. Error: imap dump-capability process returned 1 Fkevent(EV_ADD, 0) failed: Operation not supported by device Fatal: Invalid configuration in /usr/local/etc/dovecot.conf # 1.2.17: /usr/local/etc/dovecot.conf # OS: FreeBSD 7.0-RELEASE i386 base_dir: /var/run/dovecot/ protocols: imap pop3 listen(default): *:1143 listen(imap): *:1143 listen(pop3): *:1110 ssl: no disable_plaintext_auth: no login_dir: /var/run/dovecot//login login_executable(default): /usr/local/libexec/dovecot/imap-login login_executable(imap): /usr/local/libexec/dovecot/imap-login login_executable(pop3): /usr/local/libexec/dovecot/pop3-login login_log_format_elements: pid=%p rsock=%r:%b lsock=%l:%a proto=%s user=%u auth_method=%m secure=%c login_log_format: role=proxy realm=test %$: %s login_process_per_connection: no login_processes_count: 50 login_max_processes_count: 5120 login_max_connections: 512 max_mail_processes: 6144 mail_max_userip_connections(imap): 8 mail_max_userip_connections(pop3): 10 verbose_proctitle: yes first_valid_uid: 1000 first_valid_gid: 1000 mail_privileged_group: mail mail_location: mbox:~/mail/:INBOX=/var/mail/%u mail_debug: yes maildir_copy_preserve_filename: yes mail_executable(default): /usr/local/libexec/dovecot/rawlog /usr/local/libexec/dovecot/imap mail_executable(imap): /usr/local/libexec/dovecot/rawlog /usr/local/libexec/dovecot/imap mail_executable(pop3): /usr/local/libexec/dovecot/rawlog /usr/local/libexec/dovecot/pop3 mail_plugins(default): mail_log mail_plugins(imap): mail_log mail_plugins(pop3): mail_plugin_dir: /usr/local/lib/dovecot/pop3 mail_log_max_lines_per_sec: 0 pop3_enable_last(default): yes pop3_enable_last(imap): yes pop3_enable_last(pop3): no pop3_client_workarounds(default): outlook-no-nuls oe-ns-eoh pop3_client_workarounds(imap): outlook-no-nuls oe-ns-eoh pop3_client_workarounds(pop3): auth default: mechanisms: plain login cache_ttl: 0 cache_negative_ttl: 0 worker_max_count: 60 process_size: 512 passdb: driver: sql args: /usr/local/etc/dovecot-proxy.sql socket: type: listen client: path: /var/run/dovecot/auth-client mode: 432 master: path: /var/run/dovecot/auth-master mode: 384 plugin: mail_log_events: delete undelete expunge copy mailbox_delete mailbox_rename On Wed, 14 Sep 2011 14:40:21 +0200 "mailing at securitylabs.it" wrote > Il 14/09/2011 07:48, James isolder ha scritto: > > Version - 1.2.17 > > > > Is there a way to include message or folder deletion logs in the dovecot > > log > > files. > > > > > > Yes, you can use the mail logger plugin: > > http://wiki.dovecot.org/Plugins/MailLog ____________________________________________________________ South Africas premier free email service - www.webmail.co.za For super low premiums, click here. http://www.dialdirect.co.za/?vdn=15828 From helge at monsternett.no Wed Sep 21 09:25:31 2011 From: helge at monsternett.no (Helge Milde) Date: Wed, 21 Sep 2011 08:25:31 +0200 Subject: [Dovecot] Trouble getting lda to gzip incomming mails (zlib plugin) In-Reply-To: <20110920162253.GC2939@monsternett.no> References: <20110920135808.GB28582@monsternett.no> <20110920115421.Horde.44HXTZLnE6FOeLctSTJCeHA@kishi.patrickdk.com> <20110920162253.GC2939@monsternett.no> Message-ID: <20110921062531.GB20799@monsternett.no> Nope. It didn't change anything. Tried delivering manually while tracing the process too, and the only mention of "zlib" is this: open("/usr/lib/dovecot/modules/lda/lib20_zlib_plugin.so", O_RDONLY) = 9 read(9, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\200\22\0\0\0\0\0\0@"..., 832) = 832 fstat(9, {st_mode=S_IFREG|0644, st_size=15080, ...}) = 0 mmap(NULL, 2110464, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 9, 0) = 0x7f1407f1a000 mprotect(0x7f1407f1d000, 2097152, PROT_NONE) = 0 mmap(0x7f140811d000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 9, 0x3000) = 0x7f140811d000 close(9) = 0 On Tue, Sep 20, 2011 at 06:22:53PM +0200, Helge Milde wrote: >Well, I can't see why it would hurt either. >The reason we're using that directory is that the sieve plugin is compiled into lda/ by default, I think. I will try to move the sieve files into dovecot/ and remove mail_plugin_dir tomorrow, but I don't think it will help since dovecot has no problems *loading* the library. > >On Tue, Sep 20, 2011 at 11:54:21AM -0400, Patrick Domack wrote: >>I thinking your mail_plugin_dir is not needed, I don't have it >>configured, and that path doesn't even exist on my system, maybe >>hangover from 1.x config? >> >> >>Quoting Helge Milde : >> >>>Hi! >>>I've followed the guide at http://wiki2.dovecot.org/Plugins/Zlib >>>to try to make Dovecot gzip incomming mails, but it doesn't seem >>>to work. >>>I've made pop/imap read gzipped files, and this seems to work >>>perfectly, but LDA is still saving incomming mails in plain text. >>>There's not too much information out there regarding the zlib >>>module, so I'm not sure where to start debugging the problem, and >>>was hoping someone could point me in the right direction. >>> >>>The only mention of zlib when LDA is delivering a file: >>>Sep 20 15:51:19 mail dovecot: deliver(helgemil): Module loaded: >>>/usr/lib/dovecot/modules/lda/lib20_zlib_plugin.so The most >>>relevant lines from dovecot.conf: >>>mail_debug = yes >>>protocols = imap pop3 imaps pop3s >>>mail_location = maildir:~/Maildir >>>mail_privileged_group = mail >>>max_mail_processes = 1024 >>>mail_process_size = 512 >>> >>>protocol imap { >>> mail_max_userip_connections = 50 >>> mail_plugins = fts fts_squat zlib >>>} >>> >>>protocol pop3 { >>> pop3_uidl_format = %08Xu%08Xv >>> mail_max_userip_connections = 50 >>> mail_plugins = zlib >>>} >>> >>>protocol lda { >>> postmaster_address = postmaster at monsternett.no >>> mail_plugins = sieve zlib >>> mail_plugin_dir = /usr/lib/dovecot/modules/lda >>> sieve_global_dir = /etc/dovecot/sieve/ >>> sieve_global_path = /etc/dovecot/sieve/default.sieve >>>} >>> >>>plugin { >>> zlib_save_level = 6 >>> zlib_save = gz >>> fts = squat >>> sieve = ~/dovecot.sieve >>> sieve_dir = ~/ >>>} >>> >>>-- >>>Helge Milde, 69701808 >>>www.monsternett.no >> >> >> > >-- >Helge Milde, 69701808 >www.monsternett.no -- Helge Milde, 69701808 www.monsternett.no From g.ankkit at gmail.com Wed Sep 21 09:37:09 2011 From: g.ankkit at gmail.com (Ankit Gupta) Date: Wed, 21 Sep 2011 12:07:09 +0530 Subject: [Dovecot] Login problem via webmail and outlook Message-ID: Hi Mentors, Please help, our users are not able to login into their mailbox account using either outlook or webmail. Please find logs from /var/log/maillog Jan 17 10:45:40 elct dovecot: imap-login: Aborted login: user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured Jan 17 10:49:17 elct dovecot: imap-login: Aborted login: user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured Jan 17 11:02:57 elct dovecot: imap-login: Aborted login: user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured Jan 17 11:03:03 elct dovecot: imap-login: Aborted login: user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured Jan 17 11:10:08 elct dovecot: imap-login: Aborted login: user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured Jan 17 11:10:14 elct dovecot: imap-login: Aborted login: user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured Please help it is urgent. -- Regards Ankit Gupta, Tel: | M: +91 - 9650594790 From lists at necoro.eu Wed Sep 21 09:52:45 2011 From: lists at necoro.eu (=?UTF-8?B?UmVuw6kgTmV1bWFubg==?=) Date: Wed, 21 Sep 2011 08:52:45 +0200 Subject: [Dovecot] Sieve: Vacation, handle and variable In-Reply-To: <4E791D3E.1080009@rename-it.nl> References: <4E78F9BD.6090306@necoro.eu> <4E790A46.7020603@necoro.eu> <4E791D3E.1080009@rename-it.nl> Message-ID: <4E7989BD.2080206@necoro.eu> Am 21.09.2011 01:09, schrieb Stephan Bosch: > Op 20-9-2011 23:48, Ren? Neumann schreef: >> Am 20.09.2011 22:38, schrieb Ren? Neumann: >>> Hi *, >>> >>> I am adding a generic way for vacation-replies in my sieve setup. There >>> I set the handle and the reason using variables (see end of mail). My >>> simple question now is: Though variable expansion is not done for >>> subject and reason, is it done for the handle? Because else there seems >>> no way in configuring the vacation action via variables. >> Ok. I just learned about sieve-test. And this shows me: >> >> * send vacation message: >> => seconds : 604800 >> => subject: FooSubj >> => from : ... >> => handle : ${vhandle} >> >> So the handle does not expand variables. Hence: Would it be possible to >> add for example a non-standard ":expand list" option to vacation, where >> 'list' contains the names of the options where it is safe to do >> variable-expansion? > > No need. This is a violation of the standard and it was actually a long > standing FIXME already. Fortunately, it was quite simple to repair: > > http://hg.rename-it.nl/dovecot-2.0-pigeonhole/rev/fe6df3425850 > > This will be included in the next release. > > Regards, > > Stephan > Thanks a lot. I'll try it out. - Ren? -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From serarien at baqs.net Wed Sep 21 15:02:52 2011 From: serarien at baqs.net (Pierre) Date: Wed, 21 Sep 2011 14:02:52 +0200 Subject: [Dovecot] dovecot-virtual folder configuration In-Reply-To: <20110918170642.GA15868@mail3.serarien.com> References: <2a82c4fe9e3aba3c621fe9eb2e530200@mail3.serarien.com> <1316174903.12936.76.camel@hurina> <20110918170642.GA15868@mail3.serarien.com> Message-ID: <20110921120250.GR32217@mail3.serarien.com> Ok, named this "VIRTUAL" at the moment... Strange behaviour: this unread folder does not get refreshed, even if I refresh 'all' folder. I read something about putting index file in memory which could solve the problem. Is this reliable ? Pierre On 18/sept. - 19:06, Pierre wrote: > Thanks for the tip Timo. > > I was trying to make this work, when I got stupid issue: > I named my namespace "#virtual", but putting "#" > at the beginning of dovecot-virtual line makes it be > a comment. > > I tryed with '#", \#... without success > > Is there any method to make it work ? > > thx, > Pierre > > On 16/sept. - 15:08, Timo Sirainen wrote: > > On Fri, 2011-09-16 at 00:58 +0200, Pierre wrote: > > > Hi all, > > > > > > Long story short, I'd like to configure a folder containing: > > > > > > INBOX > > > (some other folders) > > > > > > -> unseen emails from these folders + all other emails (also seen) from > > > the same thread > > > -> seen emails from these folders, but only the recent ones + all other > > > emails from the same thread > > > > The "other mails from same thread" is still a bit problematic with > > virtual folders. From my TODO: > > > > - virtual: If last message matching INTHREAD rule gets expunged, the rest of > > the thread doesn't go away > > > > First you'll need to create a virtual folder that has all the mails that > > you would ever want to see in threads. For example: > > > > virtual/all/dovecot-virtual: > > ----- > > INBOX > > Sent > > some > > other > > folders > > all > > ----- > > > > Then based on that create the virtual mailbox you want: > > > > virtual/newstuff/dovecot-virtual: > > ----- > > virtual/all > > inthread refs or unseen recent > > ----- > > From Anton.Aylward at antonaylward.com Wed Sep 21 15:01:23 2011 From: Anton.Aylward at antonaylward.com (Anton Aylward) Date: Wed, 21 Sep 2011 08:01:23 -0400 Subject: [Dovecot] About using Dovecot indexes with Thunderbird/kmail In-Reply-To: <4E795B8F.3070007@es2eng.com> References: <4E78F19B.2070909@antonaylward.com> <4E78F61D.2050601@Media-Brokers.com> <4E7907AE.2040809@antonaylward.com> <4E795B8F.3070007@es2eng.com> Message-ID: <4E79D213.6010401@antonaylward.com> Willie Gillespie said the following on 09/20/2011 11:35 PM: > On 09/20/2011 03:37 PM, Anton Aylward wrote: >> https://wiki.mozilla.org/Thunderbird:Using_Gloda >> Well it is off, but I still have these index files ... >> >> So perhaps its not index that taking all the space and gets rebuilt when >> T Bird says its downloading the headers and indexing ... > > Just have to ask: Is "Keep messages for this account on this computer" > checked under the Synchronization& Storage settings? :-) No, its not. I'm aware of that one. I've googled for GLODA and found some articles that makes me think its not as simple as one setting in the about:config It seems even with GLODA turned OFF (see earlier in this thread) that global-messages-db.sqlite keeps getting rebuilt - that is the index is being rebuilt. So there must be more to it. See https://developer.mozilla.org/en/Thunderbird/gloda under 'Data Storage'. Why am I making an issue of this? It seems pointless to me that I should run Dovecot on a server and let it do indexing and full text indexing "in the background" with the intent to offload this processing and storage from my laptop (and in due course netbook and 'Pad -- both of which will be underpowered and lacking in storage and memory compared to the mailhub server, when my preferred clients - Thunderbird and Kmail/nepomuk - are going to be doing the indexing over again. While it may not matter on a hefty laptop it is going to matter on the Asus eee and tablets. -- My definition of an expert in any field is a person who knows enough about what's really going on to be scared. P. J. Plauger, Computer Language, March 1983 From forumer at smartmobili.com Wed Sep 21 15:04:37 2011 From: forumer at smartmobili.com (forumer at smartmobili.com) Date: Wed, 21 Sep 2011 14:04:37 +0200 Subject: [Dovecot] Webmail architecture : questions about cache and storage backend Message-ID: <2f02a9d98f83399faa4c502fb9ef13ee@smartmobili.com> Hi, I have some questions about dovecot-2.1 and need some advice about software architecture. My company plans to develop a kind of Document Managing System (DMS) and one of its module is a webmail that is currently in a pre-alpha stage (if you are curious you can have a look here http://kairos.smartmobili.com/ but don't be surprised if it doesn't work and please do not use IE for now). From my personal analysis that I am sure is incomplete we have the following options to handle emails storage and cache: 1) Do not use a cache and rely on dovecot performance to retrieve email's header in real time. Actually don't know if it's that simple because we might need to have a transformed version of emails to be able to display them more easily in the webmail. In this case this option is not really possible. 2) Use new dovecot-2.1 imap backend and develop a kind of dummy imap server listening to a custom port and storing emails inside a mongoDB database. Advantage is it allow replication very easily. 3) Wait for dovecot2.x to implement a NoSQL storage. Will it happen soon ? If you have other suggestions or ideas I would be happy to hear them. Vincent R. From CMarcus at Media-Brokers.com Wed Sep 21 15:05:48 2011 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Wed, 21 Sep 2011 08:05:48 -0400 Subject: [Dovecot] About using Dovecot indexes with Thunderbird/kmail In-Reply-To: <4E7907AE.2040809@antonaylward.com> References: <4E78F19B.2070909@antonaylward.com> <4E78F61D.2050601@Media-Brokers.com> <4E7907AE.2040809@antonaylward.com> Message-ID: <4E79D31C.5030609@Media-Brokers.com> On 2011-09-20 5:37 PM, Anton Aylward wrote: > Charles Marcus said the following on 09/20/2011 04:22 PM: >> On 2011-09-20 4:03 PM, Anton Aylward wrote: >>> I wish that Thunderbird would NOT index mail on my laptop, but it does. >> So turn it (GLODA) off... > Ah > https://wiki.mozilla.org/Thunderbird:Using_Gloda > Well it is off, but I still have these index files ... You still have *what* index files? There is only one GLODA index file, and you have to manually delete it after disabling GLODA to make it go away. It will recreate itself, but it will be tiny, and remain static. > So perhaps its not index that taking all the space and gets rebuilt when > T Bird says its downloading the headers and indexing ... It will definitely say it is downloading headers, but it shouldn't say indexing, that is GLODA. Do you have it set to download *all* messages? That is the default, and I *hate* it. I always disable it globally, then set a few select folders to only download 'on demand' (offline use) (Inbox, Sent, and a few others). -- Best regards, Charles From CMarcus at Media-Brokers.com Wed Sep 21 15:11:45 2011 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Wed, 21 Sep 2011 08:11:45 -0400 Subject: [Dovecot] Login problem via webmail and outlook In-Reply-To: References: Message-ID: <4E79D481.1060008@Media-Brokers.com> You need to learn how to ask for help. You have provided very little information. How about saying what has changed on your system recently (dovecot update? system updates?)... Have you attempted to restart dovecot? Does it give any errors? Also, provide config info - like output of doveconf -n On 2011-09-21 2:37 AM, Ankit Gupta wrote: > Hi Mentors, > > Please help, our users are not able to login into their mailbox account > using either outlook or webmail. > > Please find logs from /var/log/maillog > > Jan 17 10:45:40 elct dovecot: imap-login: Aborted login: > user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured > Jan 17 10:49:17 elct dovecot: imap-login: Aborted login: > user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured > Jan 17 11:02:57 elct dovecot: imap-login: Aborted login: > user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured > Jan 17 11:03:03 elct dovecot: imap-login: Aborted login: > user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured > Jan 17 11:10:08 elct dovecot: imap-login: Aborted login: > user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured > Jan 17 11:10:14 elct dovecot: imap-login: Aborted login: > user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured > > > Please help it is urgent. > > -- Best regards, Charles Marcus I.T. Director Media Brokers International, Inc. 678.514.6200 x224 | 678.514.6299 fax From Anton.Aylward at antonaylward.com Wed Sep 21 15:25:27 2011 From: Anton.Aylward at antonaylward.com (Anton Aylward) Date: Wed, 21 Sep 2011 08:25:27 -0400 Subject: [Dovecot] About using Dovecot indexes with Thunderbird/kmail In-Reply-To: <4E79D31C.5030609@Media-Brokers.com> References: <4E78F19B.2070909@antonaylward.com> <4E78F61D.2050601@Media-Brokers.com> <4E7907AE.2040809@antonaylward.com> <4E79D31C.5030609@Media-Brokers.com> Message-ID: <4E79D7B7.7010805@antonaylward.com> Charles Marcus said the following on 09/21/2011 08:05 AM: > On 2011-09-20 5:37 PM, Anton Aylward wrote: >> Charles Marcus said the following on 09/20/2011 04:22 PM: >>> On 2011-09-20 4:03 PM, Anton Aylward wrote: >>>> I wish that Thunderbird would NOT index mail on my laptop, but it does. > >>> So turn it (GLODA) off... > >> Ah >> https://wiki.mozilla.org/Thunderbird:Using_Gloda >> Well it is off, but I still have these index files ... > > You still have *what* index files? There is only one GLODA index file, > and you have to manually delete it after disabling GLODA to make it go > away. It will recreate itself, but it will be tiny, and remain static. global-messages-db.sqlite No, it grows. I speculate it grows as I visit new folders but am still looking into that. >> So perhaps its not index that taking all the space and gets rebuilt when >> T Bird says its downloading the headers and indexing ... > > It will definitely say it is downloading headers, but it shouldn't say > indexing, that is GLODA. I can't say I like that but see its necessity: how else could it display them :-) But looking under ~/.thunderbird/1current/ I'm finding folders for each folder on the server that have the full text of the messages (but not in mbox format), as well as the XML styled header information. Occasionally I find binary blobs that 'strings' shows contain headers. I've deleted them but it doesn't seem to affect TBird. I'll go back and look to see if they get recreated :-( > Do you have it set to download *all* messages? That is the default, and > I *hate* it. NO I DO NOT! I NEVER HAVE AND I NEVER WILL That strikes me as such an obvious space-waster! > I always disable it globally, then set a few select folders to only > download 'on demand' (offline use) (Inbox, Sent, and a few others). Not even that. -- "Television is a medium because it is neither rare nor well done." -- Fred Friendly From tom at elysium.ltd.uk Wed Sep 21 15:50:26 2011 From: tom at elysium.ltd.uk (Tom Clark) Date: Wed, 21 Sep 2011 13:50:26 +0100 Subject: [Dovecot] Shared Namespace Message-ID: <012501cc785d$091fc370$1b5f4a50$@elysium.ltd.uk> Is there anyway of limiting a shared namespace to a domain? E.g. mailbox.com and mailbox2.com are setup with vpopmail. We've got a shared namespace but only want the ability on mailbox.com. Thanks, Tom From lists at necoro.eu Wed Sep 21 22:39:15 2011 From: lists at necoro.eu (=?UTF-8?B?UmVuw6kgTmV1bWFubg==?=) Date: Wed, 21 Sep 2011 21:39:15 +0200 Subject: [Dovecot] Sieve: Vacation, handle and variable In-Reply-To: <4E7989BD.2080206@necoro.eu> References: <4E78F9BD.6090306@necoro.eu> <4E790A46.7020603@necoro.eu> <4E791D3E.1080009@rename-it.nl> <4E7989BD.2080206@necoro.eu> Message-ID: <4E7A3D63.5040109@necoro.eu> Am 21.09.2011 08:52, schrieb Ren? Neumann: > Am 21.09.2011 01:09, schrieb Stephan Bosch: >> >> http://hg.rename-it.nl/dovecot-2.0-pigeonhole/rev/fe6df3425850 >> >> This will be included in the next release. >> >> Regards, >> >> Stephan >> > > Thanks a lot. I'll try it out. > > - Ren? > Ok ... seems to work like a charm :) (that is: pigeonhole-0.2.4 with the above patch applied). Thanks again, Ren? -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From asai at globalchangemusic.org Wed Sep 21 22:56:07 2011 From: asai at globalchangemusic.org (Asai) Date: Wed, 21 Sep 2011 12:56:07 -0700 Subject: [Dovecot] Using Dsync for Incremental Sync Message-ID: <4E7A4157.2080206@globalchangemusic.org> Greetings, We have about 26 GB of email which we're trying to sync nightly to a remote server, but what I just read from a post from Timo awhile back is that it's not possible because dsync relies on message GUIDs which aren't available in the IMAP protocol. It seems that this is still the case, is there anything on the horizon for this to change? -- *Asai* Global Change Multi-Media Internet Application Development IT and Networking Services 520-398-2542 From ar-dovecotlist at acrconsulting.co.uk Thu Sep 22 01:59:28 2011 From: ar-dovecotlist at acrconsulting.co.uk (Andrew Richards) Date: Wed, 21 Sep 2011 23:59:28 +0100 Subject: [Dovecot] Dovecot failing to parse some UTF-8 encoded attachment filenames, returning empty string instead Message-ID: Hi, I'm seeing a strange problem with some attachment filenames that are UTF-8 encoded. The problem seems to be related to spaces and/or unusual characters in filenames, like accented characters (or perhaps just to filenames if UTF-8 encoded; I've not explored that fully). These filenames are shown as empty strings in IMAP using Dovecot. I've attached a sample message that exhibits this problem, trimmed down to fairly bare essentials. By comparison I find that (for example) Courier happily returns the filename (still encoded). Although I suspect the problem lies within Dovecot, it may be an underlying Unicode or other component that's at the root of the problem. I can replicate this by putting the attached message in a mailbox (I'm using Maildir format mailboxes, so I just drop the raw file in Maildir/new and change the ownership of the file to match the mailbox owner). Then a pretend IMAP session to show the problem, $ telnet localhost 143 Trying ::1... Connected to localhost. Escape character is '^]'. * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN] Dovecot ready. 0 login some.one at test.domain password 0 OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS] Logged in 0 select inbox * FLAGS (\Answered \Flagged \Deleted \Seen \Draft) * OK [PERMANENTFLAGS (\Answered \Flagged \Deleted \Seen \Draft \*)] Flags permitted. * 4 EXISTS * 0 RECENT * OK [UNSEEN 1] First unseen. * OK [UIDVALIDITY 1316621730] UIDs valid * OK [UIDNEXT 8] Predicted next UID * OK [HIGHESTMODSEQ 1] Highest 0 OK [READ-WRITE] Select completed. 0 fetch 4 body * 4 FETCH (BODY (("text" "html" ("charset" "iso-8859-15") NIL NIL "base64" 278 5)("application" "octet-stream" ("name" "") NIL NIL "base64" 18) "mixed")) 0 OK Fetch completed. 0 logout * BYE Logging out 0 OK Logout completed. Connection closed by foreign host. $ especially note the ("name" "") part showing a supposedly empty filename. I've observed this behaviour on the following versions of Dovecot, - 1.2.9 on Ubuntu 10.04LTS (pre-compiled version) - 1.2.17 on Fedora 13 (pre-compiled version) - 2.0.15 on Fedora 13 (from source) I don't think the Dovecot configuration is relevant, but I've put it below for good measure for the 2.0.15 setup. Any ideas on what might be causing this? Best regards, Andrew. # dovecot -n # 2.0.15: /usr/local/etc/dovecot/dovecot.conf # OS: Linux 2.6.34.9-69.fc13.i686.PAE i686 Fedora release 13 (Goddard) auth_debug = yes default_login_user = nobody log_path = /var/log/dovecot.log passdb { args = /usr/local/bin/checkcdb driver = checkpassword } protocols = imap pop3 service auth { user = root } service imap-login { inet_listener imap { ssl = no } } service pop3-login { inet_listener pop3 { ssl = no } } ssl = no userdb { driver = prefetch } -------------- next part -------------- A non-text attachment was scrubbed... Name: troublesome-dovecot-message Type: application/octet-stream Size: 971 bytes Desc: not available URL: From tss at iki.fi Thu Sep 22 02:45:32 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 22 Sep 2011 02:45:32 +0300 Subject: [Dovecot] Dovecot failing to parse some UTF-8 encoded attachment filenames, returning empty string instead In-Reply-To: References: Message-ID: On 22.9.2011, at 1.59, Andrew Richards wrote: > I'm seeing a strange problem with some attachment filenames that are > UTF-8 encoded. The problem seems to be related to spaces and/or > unusual characters in filenames, like accented characters (or perhaps > just to filenames if UTF-8 encoded; I've not explored that fully). The problem is that the client sends it wrong: > Content-Type: application/octet-stream; > name==?UTF-8?B?dGhpc19mYWlscy50eHQ=?= > Content-Disposition: attachment; > filename==?UTF-8?B?dGhpc19mYWlscy50eHQ=?= These are both wrong. First of all they are illegal because they have = and ? characters, from RFC 2045: > parameter := attribute "=" value > value := token / quoted-string > token := 1* or tspecials> > tspecials := "(" / ")" / "<" / ">" / "@" / > "," / ";" / ":" / "\" / <"> > "/" / "[" / "]" / "?" / "=" > ; Must be in quoted-string, > ; to use within parameter values Also from RFC 2047 (encoded-word is the =?UTF-8?...?= thing): > + An 'encoded-word' MUST NOT be used in parameter of a MIME > Content-Type or Content-Disposition field, or in any structured > field body except within a 'comment' or 'phrase'. The proper way to do this would be to use RFC 2184, which looks something like this: > Content-Disposition: attachment; > filename*=iso-8859-1''p%E4%E4 Looks like Apple Mail also sends: > Content-Type: application/octet-stream; > name="=?iso-8859-1?Q?p=E4=E4?=" That is inside a quoted-string, so it's not broken, but clients aren't really supposed to decode that string in there either. Anyway .. I'll check tomorrow if I can easily add code to workaround your problem. If it's just a minor change I'll do it. From kuizhang at gmail.com Thu Sep 22 05:28:08 2011 From: kuizhang at gmail.com (Kui Zhang) Date: Wed, 21 Sep 2011 19:28:08 -0700 Subject: [Dovecot] global ACL inheritances Message-ID: Hello I am trying to prevent people from actively delete lazy expunged messages. ACL in following file does not appears to apply to existing or new mailboxes. dovecot/acls/.EXPUNGED/.DEFAULT owner lripk Am I missing something, or is it due to ACL inheritances support? mail_plugins = acl plugin { ... acl = vfile:/etc/dovecot/acls ... } Thank KuiZ From dovecot at knutejohnson.com Thu Sep 22 05:54:01 2011 From: dovecot at knutejohnson.com (Knute Johnson) Date: Wed, 21 Sep 2011 19:54:01 -0700 Subject: [Dovecot] Help restoring imap mail Message-ID: <4E7AA349.2080202@knutejohnson.com> My mailserver blew up today with a power hit. I've created a new server and have dovecot running and I want to restore my mail. I have a copy of the file that was in /var/mail. I set the new dovecot config up the same as the old one and copied the mail file over. I can see the INBOX mail but none of the rest of it. I'm running 1.2.15 under Ubuntu server 11.04. I'm using Thunderbird as my client running on XP. Any help would be greatly appreciated. Thanks, -- Knute Johnson From dovecot at knutejohnson.com Thu Sep 22 06:14:35 2011 From: dovecot at knutejohnson.com (Knute Johnson) Date: Wed, 21 Sep 2011 20:14:35 -0700 Subject: [Dovecot] Restoring mail Message-ID: <4E7AA81B.4000407@knutejohnson.com> I solved it myself, I forgot about the folders in the /home/user/mail directory. So kindly disregard my panicky message from before. -- Knute Johnson From Juergen.Obermann at hrz.uni-giessen.de Thu Sep 22 12:52:23 2011 From: Juergen.Obermann at hrz.uni-giessen.de (=?iso-8859-1?b?SvxyZ2Vu?= Obermann) Date: Thu, 22 Sep 2011 11:52:23 +0200 Subject: [Dovecot] doveadm mailbox list shows file system directories as mailboxes Message-ID: <20110922115223.73054v8up83ej0wg@webmail.hrz.uni-giessen.de> Hello. In our dovecvot we use mbox format with the default filesystem layout. Therefore it is not possible to have mailboxes which are subfolders of other mailboxes containing messages. The command "doveadm mailbox list" includes the file system directories, that contain only subfolders, as normal mailboxes in the output: archiv archiv/daemon archiv/dovecot Did I miss something in the dovecot configuration or is there a bug in the command "doveadm mailbox list"? # 2.0.13: /opt/local/etc/dovecot/dovecot.conf # OS: SunOS 5.10 sun4v auth_verbose = yes disable_plaintext_auth = no listen = imap.hrz.uni-giessen.de localhost mail_fsync = always mail_location = mbox:~/Mail:INBOX=/var/mail/%u mail_nfs_index = yes mail_nfs_storage = yes mail_plugins = mail_log notify managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date mmap_disable = yes namespace { inbox = yes location = prefix = separator = / type = private } namespace { hidden = yes list = no location = prefix = Mail/ separator = / subscriptions = yes type = private } Thanks, J?rgen -- Hochschulrechenzentrum der | Mail: Juergen.Obermann at hrz.uni-giessen.de Justus-Liebig-Universitaet | WWW: http://www.uni-giessen.de/obermann/ Heinrich-Buff-Ring 44 | Tel: 0641-99-13054 (0641-99-13001) D-35392 Giessen, Germany | Fax: 0641-99-13009 From tss at iki.fi Thu Sep 22 13:11:00 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 22 Sep 2011 13:11:00 +0300 Subject: [Dovecot] Dovecot failing to parse some UTF-8 encoded attachment filenames, returning empty string instead In-Reply-To: References: Message-ID: <1316686260.26085.6.camel@hurina> On Thu, 2011-09-22 at 02:45 +0300, Timo Sirainen wrote: > Anyway .. I'll check tomorrow if I can easily add code to workaround your problem. If it's just a minor change I'll do it. http://hg.dovecot.org/dovecot-2.0/rev/dc9028da338b From Lutz.Pressler at SerNet.DE Thu Sep 22 14:24:34 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Thu, 22 Sep 2011 13:24:34 +0200 Subject: [Dovecot] fts-lucene vs SEARCH header Re: 2.1: problems compiling fts-lucene - CLucene git version necessary? In-Reply-To: <20110920071245.GA3617217@gabi.sernet.de> References: <7C9B9C67-A1FD-472B-8514-BC54F1B01D00@iki.fi> <1316446540.12936.114.camel@hurina> <20110920071245.GA3617217@gabi.sernet.de> Message-ID: On Tue, 20 Sep 2011, Lutz Pre?ler wrote: > On Mo, 19 Sep 2011, Timo Sirainen wrote: > > > On Sun, 2011-09-18 at 13:27 +0200, Lutz Pre?ler wrote: > > > Hello, > > > On So, 11 Sep 2011, Timo Sirainen wrote: > > > dovecot: imap(...): Error: fts_lucene: default_language set, but Dovecot built without stemmer support > > > > Fixed: http://hg.dovecot.org/dovecot-2.1/rev/02c84406c661 > Without stemmer support it works nicely now though. Next problem :-) side effect: my test setup (some commits ago) with fts = lucene in plugin section (ftps_lucene plugin without stemmer support): SEARCH header is not working (empty result sets, no logging). Tested in different circumstances (and also happening with virtual folders). Simply disable fts option (while module is still loaded) or use fts=sqat to have header search working correctly again. Lutz From ar-dovecotlist at acrconsulting.co.uk Thu Sep 22 14:31:40 2011 From: ar-dovecotlist at acrconsulting.co.uk (Andrew Richards) Date: 22 Sep 2011 12:31:40 +0100 Subject: [Dovecot] Dovecot failing to parse some UTF-8 encoded attachment filenames, returning empty string instead In-Reply-To: References: Message-ID: <201109221231.40494.ar-dovecotlist@acrconsulting.co.uk> On Thursday 22 September 2011 00:45:32 Timo Sirainen wrote: > On 22.9.2011, at 1.59, Andrew Richards wrote: > > I'm seeing a strange problem with some attachment filenames that are > > UTF-8 encoded. The problem seems to be related to spaces and/or > > unusual characters in filenames, like accented characters (or perhaps > > just to filenames if UTF-8 encoded; I've not explored that fully). > > The problem is that the client sends it wrong: > > Content-Type: application/octet-stream; > > name==?UTF-8?B?dGhpc19mYWlscy50eHQ=?= > > Content-Disposition: attachment; > > filename==?UTF-8?B?dGhpc19mYWlscy50eHQ=?= > > These are both wrong. First of all they are illegal because they have = and ? characters, from RFC 2045: > ...snip... > Also from RFC 2047 (encoded-word is the =?UTF-8?...?= thing): > > + An 'encoded-word' MUST NOT be used in parameter of a MIME > > Content-Type or Content-Disposition field, or in any structured > > field body except within a 'comment' or 'phrase'. > ...snip... > Anyway .. I'll check tomorrow if I can easily add code to workaround your > problem. If it's just a minor change I'll do it. Wow - a very thorough response only 45 minutes after I'd posted the question, and in your follow up message you've already provided a suggested fix - a huge thank you! So in summary it's a "Garbage in -> Garbage out" issue... This also explains why I'm only getting this issue with one client after a Courier->Dovecot migration. I'll research which mail client program(s) are generating the faulty messages for completeness for this thread. I expect to test the fix later today or tomorrow, I'll update the thread accordingly when I've done so. Best regards, Andrew. From Lutz.Pressler at SerNet.DE Thu Sep 22 14:35:37 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Thu, 22 Sep 2011 13:35:37 +0200 Subject: [Dovecot] (2.1 recent:) fts_decoder Message-ID: Hello again, test setup as in previous messages. With fts = lucene, I enabled the adapted decode2text.sh (at least I tried...) as suggested in the comment section. On dovecot-start /var/run/dovecot/decode2text socket is created with sufficiant permissions (rw for anybody), but decode2text.sh is not started (it's rx for anybody). When creating lucene indexes, I cannot see it executed either (and no attachment-only content is findable afterwards). No errors with mail_debug - if I change fts_decoder to a nonexistant value, that's logged. Lutz From tss at iki.fi Thu Sep 22 14:53:17 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 22 Sep 2011 14:53:17 +0300 Subject: [Dovecot] Webmail architecture : questions about cache and storage backend In-Reply-To: <2f02a9d98f83399faa4c502fb9ef13ee@smartmobili.com> References: <2f02a9d98f83399faa4c502fb9ef13ee@smartmobili.com> Message-ID: <1316692397.21919.14.camel@hurina> On Wed, 2011-09-21 at 14:04 +0200, forumer at smartmobili.com wrote: > 1) Do not use a cache and rely on dovecot performance to retrieve > email's header in real time. > Actually don't know if it's that simple because we might need to > have a transformed version > of emails to be able to display them more easily in the webmail. In > this case this option is > not really possible. I'm not really sure what you mean by this. Dovecot can cache individual headers and make fetching them fast. > 2) Use new dovecot-2.1 imap backend and develop a kind of dummy imap > server listening to a custom port > and storing emails inside a mongoDB database. Advantage is it allow > replication very easily. I suppose that would be the easiest way to do it currently. But note that you can't get all of Dovecot's features to work through imapc backend. Especially the concept of message and mailbox GUIDs doesn't exist in IMAP protocol (some kind of a new X-DOVECOT extension could be added for those of course). Also implementing a bug-free IMAP server may not be as easy as you think, even though Dovecot uses only a small subset of IMAP commands. Be sure to stress test Dovecot using imaptest: http://imapwiki.org/ImapTest (I've noticed this week that Exchange totally screws up its internal IMAP state when stress testing.) > 3) Wait for dovecot2.x to implement a NoSQL storage. Will it happen > soon ? I hope so! :) But I can't really say when.. My priorities currently are: 1. Do whatever paying customers want (not that much currently) 2. Finish v2.1.0 (still quite a lot of small things to do) 3. Create v2.2 branch where lib-storage API is changed to support more asynchronous lookups, and modify imapc backend to use those (= support handling commands in parallel) 4. Probably change dbox code to use lib-fs, or maybe create a new backend using lib-fs 5. Implement NoSQL backend for lib-fs Actually 3 isn't really necessary for 4-5, but it improves the performance. From tss at iki.fi Thu Sep 22 16:41:19 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 22 Sep 2011 16:41:19 +0300 Subject: [Dovecot] Shared Namespace In-Reply-To: <012501cc785d$091fc370$1b5f4a50$@elysium.ltd.uk> References: <012501cc785d$091fc370$1b5f4a50$@elysium.ltd.uk> Message-ID: <695E7576-B3CD-4C31-BF9B-A8A2A810A270@iki.fi> On 21.9.2011, at 15.50, Tom Clark wrote: > Is there anyway of limiting a shared namespace to a domain? E.g. mailbox.com > and mailbox2.com are setup with vpopmail. We've got a shared namespace but > only want the ability on mailbox.com. Basically use %d instead of %%d in configuration. The client can't change it then. From tss at iki.fi Thu Sep 22 16:45:02 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 22 Sep 2011 16:45:02 +0300 Subject: [Dovecot] Trouble getting lda to gzip incomming mails (zlib plugin) In-Reply-To: <20110920135808.GB28582@monsternett.no> References: <20110920135808.GB28582@monsternett.no> Message-ID: On 20.9.2011, at 16.58, Helge Milde wrote: > plugin { > zlib_save_level = 6 > zlib_save = gz These are enough. You don't mention your Dovecot version. My guess is that your Dovecot version is too old and doesn't support saving mails with zlib. From tss at iki.fi Thu Sep 22 16:46:37 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 22 Sep 2011 16:46:37 +0300 Subject: [Dovecot] IMAP delete logs In-Reply-To: References: Message-ID: <9D9B4D05-DD78-4EFC-A473-CD3BBB7A88E9@iki.fi> On 21.9.2011, at 8.59, James isolder wrote: > Since enabling the mail_plugins = mail_log. I now get an error. Is there > anything else I need to check adn how I can put the dovecot into debug mode so > I can get more info about where it is failing. > > dovecot not running? (check /var/run/dovecot//master.pid). > Starting dovecot. > Error: imap dump-capability process returned 1 > Fkevent(EV_ADD, 0) failed: Operation not supported by device I don't really know why it's doing this, but the solutions are either a) Upgrade to v2.0. There's no more dump-capability or b) Set imap_capability setting explicitly so it doesn't dump capability. From tss at iki.fi Thu Sep 22 16:48:33 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 22 Sep 2011 16:48:33 +0300 Subject: [Dovecot] mail_max_userip_connections=10 In-Reply-To: <002d01cc76a5$ff88f970$fe9aec50$@elysium.ltd.uk> References: <002d01cc76a5$ff88f970$fe9aec50$@elysium.ltd.uk> Message-ID: <2ED64BFB-87F1-40B2-A489-226031A4633C@iki.fi> On 19.9.2011, at 11.27, Tom Clark wrote: > Is there anyway of whitelisting an IP so that it can ignore > mail_max_userip_connections=10? With v2.0 in theory: remote 1.2.3.4 { mail_max_userip_connections = 0 } I don't know if it actually works. > What should we set mail_max_userip_connections too realistically? 10 seems a > bit low? It's 10 because I thought it would be enough :) From andreas at kado-web.de Thu Sep 22 16:48:58 2011 From: andreas at kado-web.de (Andreas Cieslak) Date: Thu, 22 Sep 2011 15:48:58 +0200 Subject: [Dovecot] Create userdir on dovecot login Message-ID: <0LjODj-1Re8SF1oWF-00d1Yx@mrelayeu.kundenserver.de> Hi List, I am trying to set up automated userdir-creation on login via squirrelmail or email-client with a dovecot backend. The users are first imported on an openldap directory on the same server as the dovecot runs on. Authentication on the dovecot mail system via pam_ldap works properly. Tried already to integrate some advices from the dovecot wiki like Passdb { Driver = pam args = session=yes dovecot } But the homedir creation works only when the user logs onto the machine. When I try to log in via Squirrel on the dovecot no homedir is created and there is following message in the logs: auth: Error: pam(cieslak,193.175.157.121): pam_open_session() failed: Permission denied I think its something about the user rights, but dont really know where to search for the needle Here is the config of my environment root at server:/home# dovecot -n # 2.0.13: /usr/local/etc/dovecot/dovecot.conf # OS: Linux 2.6.32-5-686 i686 Debian 6.0.2 auth_debug = yes auth_mechanisms = login plain auth_verbose = yes first_valid_uid = 1000 hostname = server info_log_path = /var/log/dovecot-info last_valid_uid = 10000 listen = * log_path = /var/log/dovecot mail_access_groups = mail mail_debug = yes mail_full_filesystem_access = yes mail_location = maildir:~/Maildir mbox_write_locks = fcntl passdb { args = session=yes dovecot driver = pam } postmaster_address = mailaddress service auth-worker { group = shadow user = $default_internal_user } service auth { user = $default_internal_user } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } process_min_avail = 0 service_count = 0 vsz_limit = 256 M } service lmtp { unix_listener lmtp { mode = 0666 } } service pop3-login { inet_listener pop3s { port = 995 ssl = yes } } ssl_ca = References: <012501cc785d$091fc370$1b5f4a50$@elysium.ltd.uk> <695E7576-B3CD-4C31-BF9B-A8A2A810A270@iki.fi> Message-ID: <00be01cc792e$8fef1a50$afcd4ef0$@elysium.ltd.uk> Hi Timo, I'm using %d which is working great. However, mailbox2.com can still create shared folders. We just wanted to limit the ability to create shared folders only to mailbox.com Tom -----Original Message----- From: Timo Sirainen [mailto:tss at iki.fi] Sent: 22 September 2011 2:41 PM To: Tom Clark Cc: dovecot at dovecot.org Subject: Re: [Dovecot] Shared Namespace On 21.9.2011, at 15.50, Tom Clark wrote: > Is there anyway of limiting a shared namespace to a domain? E.g. > mailbox.com and mailbox2.com are setup with vpopmail. We've got a > shared namespace but only want the ability on mailbox.com. Basically use %d instead of %%d in configuration. The client can't change it then. From tom at elysium.ltd.uk Thu Sep 22 16:51:16 2011 From: tom at elysium.ltd.uk (Tom Clark) Date: Thu, 22 Sep 2011 14:51:16 +0100 Subject: [Dovecot] mail_max_userip_connections=10 In-Reply-To: <2ED64BFB-87F1-40B2-A489-226031A4633C@iki.fi> References: <002d01cc76a5$ff88f970$fe9aec50$@elysium.ltd.uk> <2ED64BFB-87F1-40B2-A489-226031A4633C@iki.fi> Message-ID: <00c001cc792e$b34546a0$19cfd3e0$@elysium.ltd.uk> Thanks Timo. I've been doing some investigation. Apart from K9 being fundamentally broken 10 is fine! I'll try the remote fix. -----Original Message----- From: Timo Sirainen [mailto:tss at iki.fi] Sent: 22 September 2011 2:49 PM To: Tom Clark Cc: dovecot at dovecot.org Subject: Re: [Dovecot] mail_max_userip_connections=10 On 19.9.2011, at 11.27, Tom Clark wrote: > Is there anyway of whitelisting an IP so that it can ignore > mail_max_userip_connections=10? With v2.0 in theory: remote 1.2.3.4 { mail_max_userip_connections = 0 } I don't know if it actually works. > What should we set mail_max_userip_connections too realistically? 10 > seems a bit low? It's 10 because I thought it would be enough :) From tss at iki.fi Thu Sep 22 16:55:06 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 22 Sep 2011 16:55:06 +0300 Subject: [Dovecot] Shared Namespace In-Reply-To: <00be01cc792e$8fef1a50$afcd4ef0$@elysium.ltd.uk> References: <012501cc785d$091fc370$1b5f4a50$@elysium.ltd.uk> <695E7576-B3CD-4C31-BF9B-A8A2A810A270@iki.fi> <00be01cc792e$8fef1a50$afcd4ef0$@elysium.ltd.uk> Message-ID: <20828CC2-E90E-4D8D-90CB-001031AC44D2@iki.fi> By "create shared folders" I guess you basically mean "be able to use SETACL command", which you could do by limiting imap_acl plugin to be loaded only to mailbox.com domain. How to do this depends on your userdb and Dovecot version (with v2.0.14 you can just add mail_plugins+=imap_acl userdb extra field). On 22.9.2011, at 16.50, Tom Clark wrote: > Hi Timo, > > I'm using %d which is working great. However, mailbox2.com can still create > shared folders. We just wanted to limit the ability to create shared folders > only to mailbox.com > > Tom > > -----Original Message----- > From: Timo Sirainen [mailto:tss at iki.fi] > Sent: 22 September 2011 2:41 PM > To: Tom Clark > Cc: dovecot at dovecot.org > Subject: Re: [Dovecot] Shared Namespace > > On 21.9.2011, at 15.50, Tom Clark wrote: > >> Is there anyway of limiting a shared namespace to a domain? E.g. >> mailbox.com and mailbox2.com are setup with vpopmail. We've got a >> shared namespace but only want the ability on mailbox.com. > > Basically use %d instead of %%d in configuration. The client can't change it > then. > > From helge at monsternett.no Thu Sep 22 16:55:25 2011 From: helge at monsternett.no (Helge Milde) Date: Thu, 22 Sep 2011 15:55:25 +0200 Subject: [Dovecot] Trouble getting lda to gzip incomming mails (zlib plugin) In-Reply-To: References: <20110920135808.GB28582@monsternett.no> Message-ID: <20110922135524.GA2394@monsternett.no> My bad, you are correct. "v2.0+" slipped by my eyes when reading your v1.x documentation at http://wiki.dovecot.org/Plugins/Zlib. On Thu, Sep 22, 2011 at 04:45:02PM +0300, Timo Sirainen wrote: >On 20.9.2011, at 16.58, Helge Milde wrote: > >> plugin { >> zlib_save_level = 6 >> zlib_save = gz > >These are enough. You don't mention your Dovecot version. My guess is that your Dovecot version is too old and doesn't support saving mails with zlib. > -- Helge Milde, 69701808 www.monsternett.no From tom at elysium.ltd.uk Thu Sep 22 17:01:25 2011 From: tom at elysium.ltd.uk (Tom Clark) Date: Thu, 22 Sep 2011 15:01:25 +0100 Subject: [Dovecot] Shared Namespace In-Reply-To: <20828CC2-E90E-4D8D-90CB-001031AC44D2@iki.fi> References: <012501cc785d$091fc370$1b5f4a50$@elysium.ltd.uk> <695E7576-B3CD-4C31-BF9B-A8A2A810A270@iki.fi> <00be01cc792e$8fef1a50$afcd4ef0$@elysium.ltd.uk> <20828CC2-E90E-4D8D-90CB-001031AC44D2@iki.fi> Message-ID: <00d501cc7930$1de7bfa0$59b73ee0$@elysium.ltd.uk> Hi Timo, Ok great. I'll look into doing that then! Thanks, Tom -----Original Message----- From: Timo Sirainen [mailto:tss at iki.fi] Sent: 22 September 2011 2:55 PM To: Tom Clark Cc: dovecot at dovecot.org Subject: Re: [Dovecot] Shared Namespace By "create shared folders" I guess you basically mean "be able to use SETACL command", which you could do by limiting imap_acl plugin to be loaded only to mailbox.com domain. How to do this depends on your userdb and Dovecot version (with v2.0.14 you can just add mail_plugins+=imap_acl userdb extra field). On 22.9.2011, at 16.50, Tom Clark wrote: > Hi Timo, > > I'm using %d which is working great. However, mailbox2.com can still > create shared folders. We just wanted to limit the ability to create > shared folders only to mailbox.com > > Tom > > -----Original Message----- > From: Timo Sirainen [mailto:tss at iki.fi] > Sent: 22 September 2011 2:41 PM > To: Tom Clark > Cc: dovecot at dovecot.org > Subject: Re: [Dovecot] Shared Namespace > > On 21.9.2011, at 15.50, Tom Clark wrote: > >> Is there anyway of limiting a shared namespace to a domain? E.g. >> mailbox.com and mailbox2.com are setup with vpopmail. We've got a >> shared namespace but only want the ability on mailbox.com. > > Basically use %d instead of %%d in configuration. The client can't > change it then. > > From baartman at lin12.triumf.ca Mon Sep 19 20:05:47 2011 From: baartman at lin12.triumf.ca (Rick Baartman) Date: Mon, 19 Sep 2011 10:05:47 -0700 Subject: [Dovecot] 64.31.19.48 attempt to break into my computer Message-ID: <201109191705.p8JH5las016087@lin12.triumf.ca> >From my secure log: Sep 19 01:16:44 lin12 dovecot-auth: pam_unix(dovecot:auth): check pass; user unknown Sep 19 01:16:44 lin12 dovecot-auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser= rhost=::ffff:64.31.19.48 Sep 19 01:16:44 lin12 dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user aaron Sep 19 01:16:45 lin12 dovecot-auth: pam_unix(dovecot:auth): check pass; user unknown Sep 19 01:16:45 lin12 dovecot-auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser= rhost=::ffff:64.31.19.48 Sep 19 01:16:45 lin12 dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user abby etc. Literally, 30,000 user names attempted. -- rick baartman TRIUMF 4004 Wesbrook Mall Vancouver, BC V6T2A3 From andreas at kado-web.de Thu Sep 22 16:41:25 2011 From: andreas at kado-web.de (Andreas Cieslak) Date: Thu, 22 Sep 2011 15:41:25 +0200 Subject: [Dovecot] Create userdir on dovecot login Message-ID: <0M1dC2-1RLmLB2SUc-00t7Te@mrelayeu.kundenserver.de> Hi List, I am trying to set up automated userdir-creation on login via squirrelmail or email-client with a dovecot backend. The users are first imported on an openldap directory on the same server as the dovecot runs on. Authentication on the dovecot mail system via pam_ldap works properly. Tried already to integrate some advices from the dovecot wiki like Passdb { Driver = pam args = session=yes dovecot } But the homedir creation works only when the user logs onto the machine. When I try to log in via Squirrel on the dovecot no homedir is created and there is following message in the logs: auth: Error: pam(cieslak,193.175.157.121): pam_open_session() failed: Permission denied I think its something about the user rights, but dont really know where to search for the needle Here is the config of my environment root at server:/home# dovecot -n # 2.0.13: /usr/local/etc/dovecot/dovecot.conf # OS: Linux 2.6.32-5-686 i686 Debian 6.0.2 auth_debug = yes auth_mechanisms = login plain auth_verbose = yes first_valid_uid = 1000 hostname = server info_log_path = /var/log/dovecot-info last_valid_uid = 10000 listen = * log_path = /var/log/dovecot mail_access_groups = mail mail_debug = yes mail_full_filesystem_access = yes mail_location = maildir:~/Maildir mbox_write_locks = fcntl passdb { args = session=yes dovecot driver = pam } postmaster_address = mailaddress service auth-worker { group = shadow user = $default_internal_user } service auth { user = $default_internal_user } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } process_min_avail = 0 service_count = 0 vsz_limit = 256 M } service lmtp { unix_listener lmtp { mode = 0666 } } service pop3-login { inet_listener pop3s { port = 995 ssl = yes } } ssl_ca = References: <201109191705.p8JH5las016087@lin12.triumf.ca> Message-ID: <4E7B4148.2090902@Media-Brokers.com> On 2011-09-19 1:05 PM, Rick Baartman wrote: > From my secure log: > > Sep 19 01:16:44 lin12 dovecot-auth: pam_unix(dovecot:auth): check pass; user unknown > Sep 19 01:16:44 lin12 dovecot-auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser= rhost=::ffff:64.31.19.48 > Sep 19 01:16:44 lin12 dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user aaron > Sep 19 01:16:45 lin12 dovecot-auth: pam_unix(dovecot:auth): check pass; user unknown > Sep 19 01:16:45 lin12 dovecot-auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser= rhost=::ffff:64.31.19.48 > Sep 19 01:16:45 lin12 dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user abby > > etc. Literally, 30,000 user names attempted. Dictionaryt attacks are quite common, nothing new here... fail2ban is what I use, would have killed this one (since it's from the same IP) almost immediately... It doesn't work so well with sophisticated bots that can change IPs at will, but the secondary method of locking out an account after X number of failed auth attempts will eliminate the risk of a focused attack on a single account, so as long as you are using strong passwords, your system is secure (from these kinds of attacks, at least). The only attack I haven't figured out how to eliminate is the social/phishing attack, where $DumbUser gives out their username password voluntarily... although I have been considering faking a phishing attack on my own users, and flagging the ones who fall for it for training. -- Best regards, Charles From Ralf.Hildebrandt at charite.de Thu Sep 22 17:12:36 2011 From: Ralf.Hildebrandt at charite.de (Ralf Hildebrandt) Date: Thu, 22 Sep 2011 16:12:36 +0200 Subject: [Dovecot] 64.31.19.48 attempt to break into my computer In-Reply-To: <201109191705.p8JH5las016087@lin12.triumf.ca> References: <201109191705.p8JH5las016087@lin12.triumf.ca> Message-ID: <20110922141236.GO18064@charite.de> * Rick Baartman : > From my secure log: > > Sep 19 01:16:44 lin12 dovecot-auth: pam_unix(dovecot:auth): check pass; user unknown > Sep 19 01:16:44 lin12 dovecot-auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser= rhost=::ffff:64.31.19.48 > Sep 19 01:16:44 lin12 dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user aaron > Sep 19 01:16:45 lin12 dovecot-auth: pam_unix(dovecot:auth): check pass; user unknown > Sep 19 01:16:45 lin12 dovecot-auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser= rhost=::ffff:64.31.19.48 > Sep 19 01:16:45 lin12 dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user abby > > etc. Literally, 30,000 user names attempted. And? Any success? -- Ralf Hildebrandt Gesch?ftsbereich IT | Abteilung Netzwerk Charit? - Universit?tsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebrandt at charite.de | http://www.charite.de From john.alexander at preachain.org Thu Sep 22 17:13:43 2011 From: john.alexander at preachain.org (John Alexander) Date: Thu, 22 Sep 2011 07:13:43 -0700 Subject: [Dovecot] 64.31.19.48 attempt to break into my computer In-Reply-To: <201109191705.p8JH5las016087@lin12.triumf.ca> References: <201109191705.p8JH5las016087@lin12.triumf.ca> Message-ID: <20110922141258.M23185@preachain.org> Fail2Ban is an excellent tool to deal with this sort of thing. On Mon, 19 Sep 2011 10:05:47 -0700, Rick Baartman wrote > >From my secure log: > > Sep 19 01:16:44 lin12 dovecot-auth: pam_unix(dovecot:auth): check > pass; user unknown > Sep 19 01:16:44 lin12 dovecot-auth: pam_unix(dovecot:auth): > authentication failure; logname= uid=0 euid=0 tty=dovecot ruser= > rhost=::ffff:64.31.19.48 > Sep 19 01:16:44 lin12 dovecot-auth: pam_succeed_if(dovecot:auth): > error retrieving information about user aaron > Sep 19 01:16:45 lin12 dovecot-auth: pam_unix(dovecot:auth): check > pass; user unknown > Sep 19 01:16:45 lin12 dovecot-auth: pam_unix(dovecot:auth): > authentication failure; logname= uid=0 euid=0 tty=dovecot ruser= > rhost=::ffff:64.31.19.48 > Sep 19 01:16:45 lin12 dovecot-auth: pam_succeed_if(dovecot:auth): > error retrieving information about user abby > > etc. Literally, 30,000 user names attempted. > -- > rick baartman > > TRIUMF > 4004 Wesbrook Mall > Vancouver, BC > V6T2A3 ------------------------------------ I've stopped trying to catch up, I'm just trying to limit the rate at which I'm falling behind John Alexander From tomislav.mihalicek at gmail.com Thu Sep 22 17:16:59 2011 From: tomislav.mihalicek at gmail.com (Tomislav Mihalicek) Date: Thu, 22 Sep 2011 07:16:59 -0700 (PDT) Subject: [Dovecot] Dovecot 1.2, problem with SQL quota and mail aliases In-Reply-To: References: Message-ID: <32503821.post@talk.nabble.com> I have the same problem but with LDAP, how to fix this on LDAP backed? scope = subtree deref = never pass_attrs = userPassword=password base = ou=accounts,dc=globalnet,dc=hr user_filter = (&(|(objectClass=qmailUser)(objectClass=mailUser))(accountService=mail)(accountService=%Ls%Lc)(|(mail=%u)(mailAlternateAddress=%u))) pass_filter = (&(|(objectClass=qmailUser)(objectClass=mailUser))(accountService=mail)(accountService=%Ls%Lc)(|(mail=%u)(mailAlternateAddress=%u))) pass_attrs = userPassword=password default_pass_scheme = MD5 user_attrs = homeDirectory=home,mailQuotaSize=quota_rule=*:bytes=%$ Jacek Osiecki wrote: > > Hello, > > I have a small server running dovecot 1.2 (still not balsy enough to > switch to 2.0 - virtual sql accounts, managesieve etc.). There are no > local users - only ones defined in the SQL database, and everything else > (including quota) is defined in SQL db too. Dovecot is used as IMAP > daemon, and dovecot-lda is responsible for delivery (in order to make use > of sieve and managesieve). I know that my configuration might be a bit > ancient, but this is not referring to any bug (at least I think so) and > rather to errors I've made in configuration. > > Several users have reported, that they are running out of quota even > though their mailboxes are empty. I thought these were some single cases, > but recently I discovered that this situation occurs when: > - user john at domain.com has a mail alias, eg. john.smith at domain.com > - he logs in to the imap account (using MUA or webmail) using his alias > (john.smith at domain.com). > > In effect, all incoming emails for john at domain.com are increasing the > counters (both "bytes" and "messages"), but since user logs in using > john.smith at domain.com - anything he deletes from the mailbox decreases > the records for john.smith at domain.com. Finally, John has two records: > > +---------------------------+-----------+----------+ > | username | bytes | messages | > +---------------------------+-----------+----------+ > | john.smith at domain.com | -5488133 | -13 | > | john at domain.com | 341411029 | 1111 | > +---------------------------+-----------+----------+ > > The record for john at domain.com finaly reaches the quota limit - and even > removing all emails does not help. > > My /etc/dovecot/dovecot-dict-quota.conf looks like this: > > map { > pattern = priv/quota/storage > table = quota > username_field = username > value_field = bytes > } > map { > pattern = priv/quota/messages > table = quota > username_field = username > value_field = messages > } > > And my question is: what is used as "username"? Always the username given > wher user logs in? Is there a way to provide some dictionary to translate > all aliases to the real username? > > Best regards, > -- > Jacek Osiecki joshua at ceti.pl GG:3828944 > I don't want something I need. I want something I want. > > -- View this message in context: http://old.nabble.com/Dovecot-1.2%2C-problem-with-SQL-quota-and-mail-aliases-tp30949509p32503821.html Sent from the Dovecot mailing list archive at Nabble.com. From dovecot at lists.grepular.com Thu Sep 22 17:17:31 2011 From: dovecot at lists.grepular.com (Mike Cardwell) Date: Thu, 22 Sep 2011 15:17:31 +0100 Subject: [Dovecot] 64.31.19.48 attempt to break into my computer In-Reply-To: <4E7B4148.2090902@Media-Brokers.com> References: <201109191705.p8JH5las016087@lin12.triumf.ca> <4E7B4148.2090902@Media-Brokers.com> Message-ID: <4E7B437B.9030600@lists.grepular.com> On 22/09/11 15:08, Charles Marcus wrote: > The only attack I haven't figured out how to eliminate is the > social/phishing attack, where $DumbUser gives out their username > password voluntarily... although I have been considering faking a > phishing attack on my own users, and flagging the ones who fall for it > for training. The University I work at was suffering from this a *lot*. Phishers kept contacting our users pretending to be from our IT helpdesk asking users to reply with their login details so that their mailbox could be refreshed or so their quota could be fixed and other such things. So I developed an application that sits on our outgoing mail routers looking for login credentials inside emails. If it finds any, it blackholes the email and sends an autoresponse to the sender telling them to never ever send login details via email under any circumstances. It Cc's me in too, and it catches people emailing their logins around on a *daily* basis. Our usernames follow a very strict format, and we have a pretty strict password policy so what my program does is pull out a list of all the *possible* usernames and passwords and then attempts to authenticate against our AD using them. I built it into a framework so other people can use it: http://kochi.lboro.ac.uk/kochi1.html You need to know how to write Perl though in order to use it. It's not plug and play. We also added ratelimiting to our outgoing mail, and a system which alerts us whenever anyone hits the limit. If it takes a phisher 2000 spams to get access to one account, but that one account only allows the phisher to send 1000 spams, then it completely destroys the point of what they're doing. -- Mike Cardwell https://grepular.com/ https://twitter.com/mickeyc Professional http://cardwellit.com/ http://linkedin.com/in/mikecardwell PGP.mit.edu 0018461F/35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 455 bytes Desc: OpenPGP digital signature URL: From nighoo at googlemail.com Thu Sep 22 17:18:23 2011 From: nighoo at googlemail.com (Nighoo) Date: Thu, 22 Sep 2011 16:18:23 +0200 Subject: [Dovecot] 64.31.19.48 attempt to break into my computer In-Reply-To: <201109191705.p8JH5las016087@lin12.triumf.ca> References: <201109191705.p8JH5las016087@lin12.triumf.ca> Message-ID: <4E7B43AF.80203@gmail.com> Am 19.09.2011 19:05, schrieb Rick Baartman: > From my secure log: > > Sep 19 01:16:44 lin12 dovecot-auth: pam_unix(dovecot:auth): check pass; user unknown > Sep 19 01:16:44 lin12 dovecot-auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser= rhost=::ffff:64.31.19.48 > Sep 19 01:16:44 lin12 dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user aaron > Sep 19 01:16:45 lin12 dovecot-auth: pam_unix(dovecot:auth): check pass; user unknown > Sep 19 01:16:45 lin12 dovecot-auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser= rhost=::ffff:64.31.19.48 > Sep 19 01:16:45 lin12 dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user abby > > etc. Literally, 30,000 user names attempted. I can advice you to use Fail2Ban. This will block that Ip-Adresse after a customizable number of failed logins. In addition you can `whois` this ip adresse and send an email to his abuse at provider. From Ralf.Hildebrandt at charite.de Thu Sep 22 17:21:52 2011 From: Ralf.Hildebrandt at charite.de (Ralf Hildebrandt) Date: Thu, 22 Sep 2011 16:21:52 +0200 Subject: [Dovecot] 64.31.19.48 attempt to break into my computer In-Reply-To: <4E7B437B.9030600@lists.grepular.com> References: <201109191705.p8JH5las016087@lin12.triumf.ca> <4E7B4148.2090902@Media-Brokers.com> <4E7B437B.9030600@lists.grepular.com> Message-ID: <20110922142152.GQ18064@charite.de> * Mike Cardwell : > The University I work at was suffering from this a *lot*. Phishers kept > contacting our users pretending to be from our IT helpdesk asking users > to reply with their login details so that their mailbox could be > refreshed or so their quota could be fixed and other such things. Same here. > So I developed an application that sits on our outgoing mail routers > looking for login credentials inside emails. If it finds any, it > blackholes the email and sends an autoresponse to the sender telling > them to never ever send login details via email under any circumstances. > It Cc's me in too, and it catches people emailing their logins around on > a *daily* basis. clamav is supposed to be capable of that functionality > Our usernames follow a very strict format, and we have a pretty strict > password policy so what my program does is pull out a list of all the > *possible* usernames and passwords and then attempts to authenticate > against our AD using them. Ah! That's a nice idea. -- Ralf Hildebrandt Gesch?ftsbereich IT | Abteilung Netzwerk Charit? - Universit?tsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebrandt at charite.de | http://www.charite.de From dovecot at lists.grepular.com Thu Sep 22 17:27:25 2011 From: dovecot at lists.grepular.com (Mike Cardwell) Date: Thu, 22 Sep 2011 15:27:25 +0100 Subject: [Dovecot] 64.31.19.48 attempt to break into my computer In-Reply-To: <20110922142152.GQ18064@charite.de> References: <201109191705.p8JH5las016087@lin12.triumf.ca> <4E7B4148.2090902@Media-Brokers.com> <4E7B437B.9030600@lists.grepular.com> <20110922142152.GQ18064@charite.de> Message-ID: <4E7B45CD.5060904@lists.grepular.com> On 22/09/11 15:21, Ralf Hildebrandt wrote: >> The University I work at was suffering from this a *lot*. Phishers kept >> contacting our users pretending to be from our IT helpdesk asking users >> to reply with their login details so that their mailbox could be >> refreshed or so their quota could be fixed and other such things. > > Same here. > >> So I developed an application that sits on our outgoing mail routers >> looking for login credentials inside emails. If it finds any, it >> blackholes the email and sends an autoresponse to the sender telling >> them to never ever send login details via email under any circumstances. >> It Cc's me in too, and it catches people emailing their logins around on >> a *daily* basis. > > clamav is supposed to be capable of that functionality > >> Our usernames follow a very strict format, and we have a pretty strict >> password policy so what my program does is pull out a list of all the >> *possible* usernames and passwords and then attempts to authenticate >> against our AD using them. > > Ah! > That's a nice idea. Perhaps, if you have a list of the plain text passwords in advance you could use ClamAV. In our case, we don't as we're using an AD. I actually copied the ClamAV tcp and local interface API so that any MTA which can plug in to ClamAV is also able to plug into Kochi. That's one of the things the framework provides. -- Mike Cardwell https://grepular.com/ https://twitter.com/mickeyc Professional http://cardwellit.com/ http://linkedin.com/in/mikecardwell PGP.mit.edu 0018461F/35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 455 bytes Desc: OpenPGP digital signature URL: From Ralf.Hildebrandt at charite.de Thu Sep 22 17:30:50 2011 From: Ralf.Hildebrandt at charite.de (Ralf Hildebrandt) Date: Thu, 22 Sep 2011 16:30:50 +0200 Subject: [Dovecot] 64.31.19.48 attempt to break into my computer In-Reply-To: <4E7B45CD.5060904@lists.grepular.com> References: <201109191705.p8JH5las016087@lin12.triumf.ca> <4E7B4148.2090902@Media-Brokers.com> <4E7B437B.9030600@lists.grepular.com> <20110922142152.GQ18064@charite.de> <4E7B45CD.5060904@lists.grepular.com> Message-ID: <20110922143050.GT18064@charite.de> > Perhaps, if you have a list of the plain text passwords in advance you > could use ClamAV. No, clamav is supposed to find stuff that looks like "social security numbers". It's probably harder with usernames (especially if the username is by chance a real word) > In our case, we don't as we're using an AD. I actually copied the > ClamAV tcp and local interface API so that any MTA which can plug in to > ClamAV is also able to plug into Kochi. That's one of the things the > framework provides. WOW! -- Ralf Hildebrandt Gesch?ftsbereich IT | Abteilung Netzwerk Charit? - Universit?tsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebrandt at charite.de | http://www.charite.de From tomislav.mihalicek at gmail.com Thu Sep 22 17:33:31 2011 From: tomislav.mihalicek at gmail.com (Tomislav Mihalicek) Date: Thu, 22 Sep 2011 07:33:31 -0700 (PDT) Subject: [Dovecot] Dovecot 1.2, problem with SQL quota and mail aliases In-Reply-To: <32503821.post@talk.nabble.com> References: <32503821.post@talk.nabble.com> Message-ID: <32503822.post@talk.nabble.com> SOLVED add mail=user in user_attrs user_attrs = mail=user,homeDirectory=home,mailQuotaSize=quota_rule=*:bytes=%$ Tomislav Mihalicek wrote: > > I have the same problem but with LDAP, how to fix this on LDAP backed? > > scope = subtree > deref = never > pass_attrs = userPassword=password > base = ou=accounts,dc=globalnet,dc=hr > user_filter = > (&(|(objectClass=qmailUser)(objectClass=mailUser))(accountService=mail)(accountService=%Ls%Lc)(|(mail=%u)(mailAlternateAddress=%u))) > pass_filter = > (&(|(objectClass=qmailUser)(objectClass=mailUser))(accountService=mail)(accountService=%Ls%Lc)(|(mail=%u)(mailAlternateAddress=%u))) > pass_attrs = userPassword=password > default_pass_scheme = MD5 > user_attrs = homeDirectory=home,mailQuotaSize=quota_rule=*:bytes=%$ > > > > Jacek Osiecki wrote: >> >> Hello, >> >> I have a small server running dovecot 1.2 (still not balsy enough to >> switch to 2.0 - virtual sql accounts, managesieve etc.). There are no >> local users - only ones defined in the SQL database, and everything else >> (including quota) is defined in SQL db too. Dovecot is used as IMAP >> daemon, and dovecot-lda is responsible for delivery (in order to make use >> of sieve and managesieve). I know that my configuration might be a bit >> ancient, but this is not referring to any bug (at least I think so) and >> rather to errors I've made in configuration. >> >> Several users have reported, that they are running out of quota even >> though their mailboxes are empty. I thought these were some single cases, >> but recently I discovered that this situation occurs when: >> - user john at domain.com has a mail alias, eg. john.smith at domain.com >> - he logs in to the imap account (using MUA or webmail) using his alias >> (john.smith at domain.com). >> >> In effect, all incoming emails for john at domain.com are increasing the >> counters (both "bytes" and "messages"), but since user logs in using >> john.smith at domain.com - anything he deletes from the mailbox decreases >> the records for john.smith at domain.com. Finally, John has two records: >> >> +---------------------------+-----------+----------+ >> | username | bytes | messages | >> +---------------------------+-----------+----------+ >> | john.smith at domain.com | -5488133 | -13 | >> | john at domain.com | 341411029 | 1111 | >> +---------------------------+-----------+----------+ >> >> The record for john at domain.com finaly reaches the quota limit - and even >> removing all emails does not help. >> >> My /etc/dovecot/dovecot-dict-quota.conf looks like this: >> >> map { >> pattern = priv/quota/storage >> table = quota >> username_field = username >> value_field = bytes >> } >> map { >> pattern = priv/quota/messages >> table = quota >> username_field = username >> value_field = messages >> } >> >> And my question is: what is used as "username"? Always the username given >> wher user logs in? Is there a way to provide some dictionary to translate >> all aliases to the real username? >> >> Best regards, >> -- >> Jacek Osiecki joshua at ceti.pl GG:3828944 >> I don't want something I need. I want something I want. >> >> > > -- View this message in context: http://old.nabble.com/Dovecot-1.2%2C-problem-with-SQL-quota-and-mail-aliases-tp30949509p32503822.html Sent from the Dovecot mailing list archive at Nabble.com. From rick at havokmon.com Thu Sep 22 17:34:17 2011 From: rick at havokmon.com (Rick Romero) Date: Thu, 22 Sep 2011 09:34:17 -0500 Subject: [Dovecot] 64.31.19.48 attempt to break into my computer In-Reply-To: <4E7B45CD.5060904@lists.grepular.com> References: <201109191705.p8JH5las016087@lin12.triumf.ca> <4E7B4148.2090902@Media-Brokers.com> <4E7B437B.9030600@lists.grepular.com> <20110922142152.GQ18064@charite.de> <4E7B45CD.5060904@lists.grepular.com> Message-ID: <20110922093417.Horde.p1v6IqPBW7JOe0dpQ45kRsA@beta.vfemail.net> Quoting Mike Cardwell : > On 22/09/11 15:21, Ralf Hildebrandt wrote: > > > Perhaps, if you have a list of the plain text passwords in advance you > could use ClamAV. In our case, we don't as we're using an AD. I actually > copied the ClamAV tcp and local interface API so that any MTA which can > plug in to ClamAV is also able to plug into Kochi. That's one of the > things the framework provides. There are additional 'non-official' ClamAV signatures that are meant to detect phishing attempts. They do work, but aren't perfect. I'm fortunate enough to be on the phishing list, so I wrote a quickie perl script that will grep the logs for all the recipients and then scan their INBOX for the phishing email and remove it before they read it. Rick From Ralf.Hildebrandt at charite.de Thu Sep 22 17:36:58 2011 From: Ralf.Hildebrandt at charite.de (Ralf Hildebrandt) Date: Thu, 22 Sep 2011 16:36:58 +0200 Subject: [Dovecot] 64.31.19.48 attempt to break into my computer In-Reply-To: <20110922093417.Horde.p1v6IqPBW7JOe0dpQ45kRsA@beta.vfemail.net> References: <201109191705.p8JH5las016087@lin12.triumf.ca> <4E7B4148.2090902@Media-Brokers.com> <4E7B437B.9030600@lists.grepular.com> <20110922142152.GQ18064@charite.de> <4E7B45CD.5060904@lists.grepular.com> <20110922093417.Horde.p1v6IqPBW7JOe0dpQ45kRsA@beta.vfemail.net> Message-ID: <20110922143658.GV18064@charite.de> * Rick Romero : > There are additional 'non-official' ClamAV signatures that are meant > to detect phishing attempts. > They do work, but aren't perfect. Got a link? Or are you thinking of the SaneSecurity Signatures? > I'm fortunate enough to be on the phishing list, so I wrote a quickie > perl script that will grep the logs for all the recipients and then > scan their INBOX for the phishing email and remove it before they > read it. I usually use doveadm for this. -- Ralf Hildebrandt Gesch?ftsbereich IT | Abteilung Netzwerk Charit? - Universit?tsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebrandt at charite.de | http://www.charite.de From rick at havokmon.com Thu Sep 22 17:39:08 2011 From: rick at havokmon.com (Rick Romero) Date: Thu, 22 Sep 2011 09:39:08 -0500 Subject: [Dovecot] 64.31.19.48 attempt to break into my computer In-Reply-To: <20110922143658.GV18064@charite.de> References: <201109191705.p8JH5las016087@lin12.triumf.ca> <4E7B4148.2090902@Media-Brokers.com> <4E7B437B.9030600@lists.grepular.com> <20110922142152.GQ18064@charite.de> <4E7B45CD.5060904@lists.grepular.com> <20110922093417.Horde.p1v6IqPBW7JOe0dpQ45kRsA@beta.vfemail.net> <20110922143658.GV18064@charite.de> Message-ID: <20110922093908.Horde.aS3PC22tkQ9Oe0iMKQXrmnA@beta.vfemail.net> Quoting Ralf Hildebrandt : > * Rick Romero : > >> There are additional 'non-official' ClamAV signatures that are meant >> to detect phishing attempts. >> They do work, but aren't perfect. > > Got a link? Or are you thinking of the SaneSecurity Signatures? Yep. The SaneSecurity Sigs. > >> I'm fortunate enough to be on the phishing list, so I wrote a quickie >> perl script that will grep the logs for all the recipients and then >> scan their INBOX for the phishing email and remove it before they >> read it. > > I usually use doveadm for this. I'm slow to adopting new technology :) I would definitely do it if I wasn't still running plain old Maildir. Rick From Ralf.Hildebrandt at charite.de Thu Sep 22 17:40:37 2011 From: Ralf.Hildebrandt at charite.de (Ralf Hildebrandt) Date: Thu, 22 Sep 2011 16:40:37 +0200 Subject: [Dovecot] 64.31.19.48 attempt to break into my computer In-Reply-To: <20110922093908.Horde.aS3PC22tkQ9Oe0iMKQXrmnA@beta.vfemail.net> References: <201109191705.p8JH5las016087@lin12.triumf.ca> <4E7B4148.2090902@Media-Brokers.com> <4E7B437B.9030600@lists.grepular.com> <20110922142152.GQ18064@charite.de> <4E7B45CD.5060904@lists.grepular.com> <20110922093417.Horde.p1v6IqPBW7JOe0dpQ45kRsA@beta.vfemail.net> <20110922143658.GV18064@charite.de> <20110922093908.Horde.aS3PC22tkQ9Oe0iMKQXrmnA@beta.vfemail.net> Message-ID: <20110922144037.GW18064@charite.de> * Rick Romero : > >I usually use doveadm for this. > > I'm slow to adopting new technology :) I would definitely do it if > I wasn't still running plain old Maildir. It's working on plain old Maildir :) -- Ralf Hildebrandt Gesch?ftsbereich IT | Abteilung Netzwerk Charit? - Universit?tsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebrandt at charite.de | http://www.charite.de From robert at schetterer.org Thu Sep 22 17:42:43 2011 From: robert at schetterer.org (Robert Schetterer) Date: Thu, 22 Sep 2011 16:42:43 +0200 Subject: [Dovecot] 64.31.19.48 attempt to break into my computer In-Reply-To: <20110922143658.GV18064@charite.de> References: <201109191705.p8JH5las016087@lin12.triumf.ca> <4E7B4148.2090902@Media-Brokers.com> <4E7B437B.9030600@lists.grepular.com> <20110922142152.GQ18064@charite.de> <4E7B45CD.5060904@lists.grepular.com> <20110922093417.Horde.p1v6IqPBW7JOe0dpQ45kRsA@beta.vfemail.net> <20110922143658.GV18064@charite.de> Message-ID: <4E7B4963.80207@schetterer.org> Am 22.09.2011 16:36, schrieb Ralf Hildebrandt: > * Rick Romero : > >> There are additional 'non-official' ClamAV signatures that are meant >> to detect phishing attempts. >> They do work, but aren't perfect. > > Got a link? Or are you thinking of the SaneSecurity Signatures? > >> I'm fortunate enough to be on the phishing list, so I wrote a quickie >> perl script that will grep the logs for all the recipients and then >> scan their INBOX for the phishing email and remove it before they >> read it. > > I usually use doveadm for this. > why not simply use clamav-milter with sanesecurity sigs ( works like charme here ) so the stuff dont pass ever in mailboxes, if you dont like reject , then hold for manual human admin interaction -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria From dovecot at lists.grepular.com Thu Sep 22 17:42:44 2011 From: dovecot at lists.grepular.com (dovecot at lists.grepular.com) Date: Thu, 22 Sep 2011 15:42:44 +0100 Subject: [Dovecot] 64.31.19.48 attempt to break into my computer In-Reply-To: <20110922093908.Horde.aS3PC22tkQ9Oe0iMKQXrmnA@beta.vfemail.net> References: <201109191705.p8JH5las016087@lin12.triumf.ca> <4E7B4148.2090902@Media-Brokers.com> <4E7B437B.9030600@lists.grepular.com> <20110922142152.GQ18064@charite.de> <4E7B45CD.5060904@lists.grepular.com> <20110922093417.Horde.p1v6IqPBW7JOe0dpQ45kRsA@beta.vfemail.net> <20110922143658.GV18064@charite.de> <20110922093908.Horde.aS3PC22tkQ9Oe0iMKQXrmnA@beta.vfemail.net> Message-ID: <4E7B4964.4030603@lists.grepular.com> On 22/09/11 15:39, Rick Romero wrote: >>> There are additional 'non-official' ClamAV signatures that are meant >>> to detect phishing attempts. >>> They do work, but aren't perfect. >> >> Got a link? Or are you thinking of the SaneSecurity Signatures? > > Yep. The SaneSecurity Sigs. We do use ClamAV+SaneSecurity on incoming email, but these are *very* targetted phishing attacks, and lots of them manage to get through. The Kochi application that I brought up sits on the *outgoing* mail routers and prevents people sending out their login details once they've been tricked. -- Mike Cardwell https://grepular.com/ https://twitter.com/mickeyc Professional http://cardwellit.com/ http://linkedin.com/in/mikecardwell PGP.mit.edu 0018461F/35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 455 bytes Desc: OpenPGP digital signature URL: From Lutz.Pressler at SerNet.DE Thu Sep 22 17:44:30 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Thu, 22 Sep 2011 16:44:30 +0200 Subject: [Dovecot] zlib_save per namespace/mailbox? Message-ID: Hi, the zlib_save question reminds me of a wish: I think it's not possible to set zlib_save parameter per namespace (or even mailbox). Per namespace would be something for the wish list to get rid of the cron job method to compress archival mailboxes. And maybe an option to add a "Z" flag to compressed maildir message files as recommended in the wiki regarding compress crob job. Lutz From robert at schetterer.org Thu Sep 22 17:51:07 2011 From: robert at schetterer.org (Robert Schetterer) Date: Thu, 22 Sep 2011 16:51:07 +0200 Subject: [Dovecot] 64.31.19.48 attempt to break into my computer In-Reply-To: <4E7B4964.4030603@lists.grepular.com> References: <201109191705.p8JH5las016087@lin12.triumf.ca> <4E7B4148.2090902@Media-Brokers.com> <4E7B437B.9030600@lists.grepular.com> <20110922142152.GQ18064@charite.de> <4E7B45CD.5060904@lists.grepular.com> <20110922093417.Horde.p1v6IqPBW7JOe0dpQ45kRsA@beta.vfemail.net> <20110922143658.GV18064@charite.de> <20110922093908.Horde.aS3PC22tkQ9Oe0iMKQXrmnA@beta.vfemail.net> <4E7B4964.4030603@lists.grepular.com> Message-ID: <4E7B4B5B.5050104@schetterer.org> Am 22.09.2011 16:42, schrieb dovecot at lists.grepular.com: > On 22/09/11 15:39, Rick Romero wrote: > >>>> There are additional 'non-official' ClamAV signatures that are meant >>>> to detect phishing attempts. >>>> They do work, but aren't perfect. >>> >>> Got a link? Or are you thinking of the SaneSecurity Signatures? >> >> Yep. The SaneSecurity Sigs. > > We do use ClamAV+SaneSecurity on incoming email, but these are *very* > targetted phishing attacks, and lots of them manage to get through. The > Kochi application that I brought up sits on the *outgoing* mail routers > and prevents people sending out their login details once they've been > tricked. > yes youre right, after all this isnt really dovecot related wasnt the orginal topic about brute force pop/imap attack ? -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria From jeetendra.p at directi.com Thu Sep 22 18:26:01 2011 From: jeetendra.p at directi.com (Jeetu) Date: Thu, 22 Sep 2011 20:56:01 +0530 Subject: [Dovecot] Missing man page for doveadm move Message-ID: <4E7B5389.7050907@directi.com> Hi, i cant see man pages for doveadm-move, though the command "doveadm move ..." works on new version of dovecot. http://hg.dovecot.org/dovecot-2.0/rev/d7a02077d91f -- -Jeetu From lee at standen.id.au Thu Sep 22 18:55:02 2011 From: lee at standen.id.au (Lee Standen) Date: Thu, 22 Sep 2011 23:55:02 +0800 Subject: [Dovecot] Dovecot 1.x vs 2.x Message-ID: <6F135AF5-22B0-4E3D-97F0-C0F520FB4B6D@standen.id.au> Hi All, I'm currently in the planning stages for a technology refresh for a very large mail installation, and looking at using Dovecot with LDA/Sieve/FTS_Solr and a number of other plugins to give our users some great features. Currently, our standard distribution is Ubuntu Lucid, which has Dovecot 1.x included with it in pre-built packages, and Dovecot 2.x is in the upcoming Oneiric beta coming out next month. My question is, are there any compelling reasons why we should gravitate towards running Dovecot 2.x beyond the fact it's the "latest and greatest" version? What features would we miss that we're likely to want or need on a very large installation (i'm talking dozens of VM's, over 1 million mailboxes). Thanks From tgoguen at ilap.com Thu Sep 22 20:01:16 2011 From: tgoguen at ilap.com (Tristan Goguen) Date: Thu, 22 Sep 2011 13:01:16 -0400 Subject: [Dovecot] Duplicates when switching from Qpopper to Dovecot pop3 Message-ID: Hi All, Our test users re-download the mail they've left on the server when they switch from Qpopper to Dovecot. Qpopper includes the X-UIDL header - X-UIDL: X8V"!E)<"!58?"!"9C"! - on read messages. Any suggestions are appreciated. I've included my dovecot configuration. Thank you, Tristan --- Tristan Tristan Goguen CEO, ILAP? T: 416-250-5600 ext. 205 F: 416-250-6755 tgoguen at ilap.com www.ilap.com --- # 2.0.14: /etc/dovecot.conf # OS: SunOS 5.10 sun4v auth_cache_size = 1048575 B auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.+-_@ auth_username_format = %Ln auth_verbose = yes base_dir = /usr/local/var/run/dovecot/ disable_plaintext_auth = no first_valid_uid = 100 log_path = /var/log/dovecot.log login_greeting = mail_access_groups = mail mail_fsync = never mail_location = mbox:~/mail:INBOX=/var/mail/%1u/%1.1u/%u mbox_dotlock_change_timeout = 1 mins mbox_min_index_size = 1 B mbox_read_locks = dotlock mbox_write_locks = dotlock mmap_disable = yes passdb { driver = shadow } protocols = pop3 service pop3-login { client_limit = 10 inet_listener pop3 { address = 216.223.136.7 port = 110 } process_limit = 128 process_min_avail = 5 service_count = 0 vsz_limit = 512 M } shutdown_clients = no ssl = no userdb { args = blocking=yes driver = passwd } protocol pop3 { pop3_client_workarounds = outlook-no-nuls oe-ns-eoh pop3_enable_last = yes pop3_lock_session = yes pop3_reuse_xuidl = yes pop3_save_uidl = yes } From other at ahhyes.net Fri Sep 23 01:28:07 2011 From: other at ahhyes.net (Alex) Date: Fri, 23 Sep 2011 08:28:07 +1000 Subject: [Dovecot] =?utf-8?q?64=2E31=2E19=2E48_attempt_to_break_into_my_co?= =?utf-8?q?mputer?= Message-ID: It is a great tool. Unfortunately dovecot allows infinate incorrect logins during a single session. When fail2ban has firewalled the ip its pointless as the rule only affects new sessions, not established ones. I am disappointed that the author of dovecot has no interest in adding a feature that closes the session after x auth failures. It would certainly make tools like fail2ban more effective. ----- Reply message ----- From: "John Alexander" Date: Fri, Sep 23, 2011 00:13 Subject: [Dovecot] 64.31.19.48 attempt to break into my computer To: Fail2Ban is an excellent tool to deal with this sort of thing. On Mon, 19 Sep 2011 10:05:47 -0700, Rick Baartman wrote > >From my secure log: > > Sep 19 01:16:44 lin12 dovecot-auth: pam_unix(dovecot:auth): check > pass; user unknown > Sep 19 01:16:44 lin12 dovecot-auth: pam_unix(dovecot:auth): > authentication failure; logname= uid=0 euid=0 tty=dovecot ruser= > rhost=::ffff:64.31.19.48 > Sep 19 01:16:44 lin12 dovecot-auth: pam_succeed_if(dovecot:auth): > error retrieving information about user aaron From rick at havokmon.com Fri Sep 23 02:39:09 2011 From: rick at havokmon.com (Rick Romero) Date: Thu, 22 Sep 2011 18:39:09 -0500 Subject: [Dovecot] 64.31.19.48 attempt to break into my computer In-Reply-To: References: Message-ID: <20110922183909.Horde.LWfYRaPBW7JOe8cdbPhxKc0@beta.vfemail.net> Quoting Alex : > It [fail2ban] is a great tool. Unfortunately dovecot allows infinate > incorrect logins during a single session. When fail2ban has > firewalled the ip its pointless as the rule only affects new > sessions, not established ones. I am disappointed that the author of > dovecot has no interest in adding a feature that closes the session > after x auth failures. It would certainly make tools like fail2ban > more effective. If that is a big issue for you, you could always have fail2ban add a dummy route: For example: route add $IP gw 127.0.0.1 Rick From h.e at gmx.at Fri Sep 23 13:03:17 2011 From: h.e at gmx.at (Hannes Erven) Date: Fri, 23 Sep 2011 12:03:17 +0200 Subject: [Dovecot] 64.31.19.48 attempt to break into my computer In-Reply-To: <20110922183909.Horde.LWfYRaPBW7JOe8cdbPhxKc0@beta.vfemail.net> References: <20110922183909.Horde.LWfYRaPBW7JOe8cdbPhxKc0@beta.vfemail.net> Message-ID: <4E7C5965.4020101@gmx.at> Am 2011-09-23 01:39, schrieb Rick Romero: > > Quoting Alex : > >> It [fail2ban] is a great tool. Unfortunately dovecot allows infinate >> incorrect logins during a single session. When fail2ban has firewalled >> the ip its pointless as the rule only affects new sessions > [...] > If that is a big issue for you, you could always have fail2ban add a > dummy route: > For example: route add $IP gw 127.0.0.1 ... or configure the fail2ban actions so they apply to any traffic from the offending IP. My iptables ruleset has this action: actionban = iptables -I fail2ban- 1 -s -j DROP Of course, if you have users that are proxied behind the same address, just one of them would instantly kill everybody's sessions. So I agree with Alex, it would be great to limit the number of failed login attempts per connection. -hannes From busseniu at in.tum.de Fri Sep 23 15:13:36 2011 From: busseniu at in.tum.de (Christoph Bussenius) Date: Fri, 23 Sep 2011 14:13:36 +0200 Subject: [Dovecot] Strange behavior from shared namespaces and INBOX, probably a bug Message-ID: <20110923121329.GA13235@informatik.tu-muenchen.de> Hi, we have experienced some erratic behavior from Dovecot 2.0.15 if a user's INBOX is shared. Some folders of user1, including the INBOX, have been shared using these IMAP commands: . login user1 XXXXXX . setacl INBOX user2 lrwstiekx . setacl box-a user2 lrwstiekx Now if we use telnet to log in as user2 and select "shared/user1", it will contain the same mails as "shared/user1/INBOX". The really strange thing is that "SELECT"-ing "shared/user1" succeeds only if it is the first command afted logging in. If it not the first command (if e. g. the "LIST" or "SELECT" command has already been used), then dovecot will report that the mailbox does not exist. As a result, user agents like Thunderbird will behave very erratically in this setup. They may show both mailboxes ("shared/user1" and "shared/user1/INBOX") with the same mails, but will not always succeed to download mails for "shared/user1". We were able to reproduce this behavior with a quite simple configuration (see further below), so I doubt that the problem is in the configuration. So, is this a bug in Dovecot? I am not quite sure how exactly it should behave, but it definitely does not seem right this way. Below are the results from telnet: Sending: . login user2 XXXXXX . select shared/user1 Receiving: * FLAGS (\Answered \Flagged \Deleted \Seen \Draft) * OK [PERMANENTFLAGS (\Answered \Flagged \Deleted \Seen \Draft \*)] Flags permitted. * 5 EXISTS * 0 RECENT * OK [UNSEEN 1] First unseen. * OK [UIDVALIDITY 1316698162] UIDs valid * OK [UIDNEXT 6] Predicted next UID * OK [HIGHESTMODSEQ 1] Highest . OK [READ-WRITE] Select completed. Sending: . fetch 1:2 (internaldate rfc822.size) Receiving: * 1 FETCH (INTERNALDATE "25-Apr-2006 23:09:07 +0200" RFC822.SIZE 5660) * 2 FETCH (INTERNALDATE "25-Apr-2006 23:11:01 +0200" RFC822.SIZE 6612) . OK Fetch completed. Sending: . select shared/user1/INBOX Receiving: * OK [CLOSED] Previous mailbox closed. * FLAGS (\Answered \Flagged \Deleted \Seen \Draft) * OK [PERMANENTFLAGS (\Answered \Flagged \Deleted \Seen \Draft \*)] Flags permitted. * 5 EXISTS * 0 RECENT * OK [UNSEEN 1] First unseen. * OK [UIDVALIDITY 1316698162] UIDs valid * OK [UIDNEXT 6] Predicted next UID * OK [HIGHESTMODSEQ 1] Highest . OK [READ-WRITE] Select completed. Sending: . fetch 1:2 (internaldate rfc822.size) Receiving: (Note that these mails are the same as those above) * 1 FETCH (INTERNALDATE "25-Apr-2006 23:09:07 +0200" RFC822.SIZE 5660) * 2 FETCH (INTERNALDATE "25-Apr-2006 23:11:01 +0200" RFC822.SIZE 6612) . OK Fetch completed. Now we select the first mailbox again: Sending: . select shared/user1 Receiving: . NO Mailbox doesn't exist: shared/user1 * OK [CLOSED] Previous mailbox closed. The same command did not fail earlier. Listing the mailboxes shows the following: Sending: . list "" * Receiving: * LIST (\HasNoChildren) "/" "INBOX" * LIST (\Noselect \HasChildren) "/" "shared/user1" * LIST (\HasNoChildren) "/" "shared/user1/box-a" * LIST (\HasNoChildren) "/" "shared/user1/INBOX" . OK List completed. I can reproduce this behavior using the following setup: Virtual users on an ext4 filesystem in /mail/users/{user1,user2} configured in a passwd file (/usr/local/dovecot/etc/dovecot/users): user1:{plain}XXXXXX:::user1:/mail/users/user1:: user2:{plain}XXXXXX:::user2:/mail/users/user2:: Output of doveconf -n: # 2.0.15: /usr/local/dovecot/etc/dovecot/dovecot.conf # OS: Linux 2.6.32-33-server x86_64 Ubuntu 10.04.3 LTS disable_plaintext_auth = no mail_gid = vmail mail_plugins = acl mail_uid = vmail namespace { inbox = yes location = maildir:~/Maildir prefix = separator = / } namespace { list = children location = maildir:%%h/Maildir prefix = shared/%%u/ separator = / subscriptions = no type = shared } passdb { args = scheme=CRYPT username_format=%u /usr/local/dovecot/etc/dovecot/users driver = passwd-file } plugin { acl = vfile acl_shared_dict = file:/mail/shared-mailboxes } protocols = imap service auth { unix_listener auth-userdb { group = vmail mode = 0660 } } ssl_cert = Raum 00.05.055 <> Boltzmannstr. 3 <> Garching From stan at hardwarefreak.com Fri Sep 23 16:13:46 2011 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Fri, 23 Sep 2011 08:13:46 -0500 Subject: [Dovecot] 64.31.19.48 attempt to break into my computer In-Reply-To: <4E7B4963.80207@schetterer.org> References: <201109191705.p8JH5las016087@lin12.triumf.ca> <4E7B4148.2090902@Media-Brokers.com> <4E7B437B.9030600@lists.grepular.com> <20110922142152.GQ18064@charite.de> <4E7B45CD.5060904@lists.grepular.com> <20110922093417.Horde.p1v6IqPBW7JOe0dpQ45kRsA@beta.vfemail.net> <20110922143658.GV18064@charite.de> <4E7B4963.80207@schetterer.org> Message-ID: <4E7C860A.2070908@hardwarefreak.com> On 9/22/2011 9:42 AM, Robert Schetterer wrote: > why not simply use clamav-milter with sanesecurity sigs > ( works like charme here ) > so the stuff dont pass ever in mailboxes, if you dont like reject , then > hold for manual human admin interaction Seems to me this could be done pretty easily with a PCRE/regexp body filter in Postfix, assuming the credentials follow a strict pattern. Apply it to the submission daemon stream and redirect the mail with a filter action to an admin mailbox. I've not written such a thing myself but it seems it would be pretty straightforward. -- Stan From robert at schetterer.org Fri Sep 23 16:45:01 2011 From: robert at schetterer.org (Robert Schetterer) Date: Fri, 23 Sep 2011 15:45:01 +0200 Subject: [Dovecot] 64.31.19.48 attempt to break into my computer In-Reply-To: <4E7C860A.2070908@hardwarefreak.com> References: <201109191705.p8JH5las016087@lin12.triumf.ca> <4E7B4148.2090902@Media-Brokers.com> <4E7B437B.9030600@lists.grepular.com> <20110922142152.GQ18064@charite.de> <4E7B45CD.5060904@lists.grepular.com> <20110922093417.Horde.p1v6IqPBW7JOe0dpQ45kRsA@beta.vfemail.net> <20110922143658.GV18064@charite.de> <4E7B4963.80207@schetterer.org> <4E7C860A.2070908@hardwarefreak.com> Message-ID: <4E7C8D5D.5030708@schetterer.org> Am 23.09.2011 15:13, schrieb Stan Hoeppner: > On 9/22/2011 9:42 AM, Robert Schetterer wrote: > >> why not simply use clamav-milter with sanesecurity sigs >> ( works like charme here ) >> so the stuff dont pass ever in mailboxes, if you dont like reject , then >> hold for manual human admin interaction > > Seems to me this could be done pretty easily with a PCRE/regexp body > filter in Postfix, assuming the credentials follow a strict pattern. > Apply it to the submission daemon stream and redirect the mail with a > filter action to an admin mailbox. I've not written such a thing myself > but it seems it would be pretty straightforward. > why that difficult clamav-milter is able to hold mail, simply configure some monitor script alarming admin when x number mail are in the hold queue so he may delete or unhold it after inspection, i do monitoring i.e. with bb-clone xymon anyway monitoring postfix queues is always nice to have from clamav-milter.conf ACTIONS The following group of options controls the delievery process under different circumstances. The following actions are available: - Accept: The message is accepted for delievery - Reject: Immediately refuse delievery (a 5xx error is returned to the peer) - Defer: Return a temporary failure message (4xx) to the peer - Blackhole (not available for OnFail): Like Accept but the message is sent to oblivion - Quarantine (not available for OnFail): Like Accept but message is quarantined instead of being delivered. NOTE: In Sendmail the quarantine queue can be examined via mailq -qQ. For Postfix this causes the message to be placed on hold. -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria From Lutz.Pressler at SerNet.DE Fri Sep 23 17:49:13 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Fri, 23 Sep 2011 16:49:13 +0200 Subject: [Dovecot] fts (lucene): indexing of virtual mailboxes? Message-ID: Hello, (recent 2.1alpha2 variant - my test setup known to Timo). No time to diagnose in depth at the moment, but I just noticed that SEARCHing in virtual mailboxes seems not to create lucene index content of its own but use those of referenced mailboxes? The problem is that no new indexing takes place. Example: with INBOX INBOX.in% all in dovecot-virtual, for a given query I only get matches from those mailboxes searched in previously. Regards, Lutz From tss at iki.fi Fri Sep 23 17:51:11 2011 From: tss at iki.fi (Timo Sirainen) Date: Fri, 23 Sep 2011 17:51:11 +0300 Subject: [Dovecot] fts (lucene): indexing of virtual mailboxes? In-Reply-To: References: Message-ID: <86A557F0-7062-49B3-A278-3C9418769C65@iki.fi> On 23.9.2011, at 17.49, Lutz Pre?ler wrote: > (recent 2.1alpha2 variant - my test setup known to Timo). > No time to diagnose in depth at the moment, but I just noticed > that SEARCHing in virtual mailboxes seems not to create lucene > index content of its own but use those of referenced mailboxes? Right. > The problem is that no new indexing takes place. It used to work previously.. I'll check later.. From tss at iki.fi Fri Sep 23 17:51:36 2011 From: tss at iki.fi (Timo Sirainen) Date: Fri, 23 Sep 2011 17:51:36 +0300 Subject: [Dovecot] (2.1 recent:) fts_decoder In-Reply-To: References: Message-ID: <072C43C9-38A9-4A22-91AC-78F43EDA74E4@iki.fi> On 22.9.2011, at 14.35, Lutz Pre?ler wrote: > test setup as in previous messages. > With fts = lucene, I enabled the adapted decode2text.sh (at least I tried...) > as suggested in the comment section. > On dovecot-start /var/run/dovecot/decode2text socket is created with sufficiant > permissions (rw for anybody), but decode2text.sh is not started (it's rx for > anybody). When creating lucene indexes, I cannot see it executed either > (and no attachment-only content is findable afterwards). Yeah, it was broken. Fixed today. From forumer at smartmobili.com Fri Sep 23 18:14:06 2011 From: forumer at smartmobili.com (forumer at smartmobili.com) Date: Fri, 23 Sep 2011 17:14:06 +0200 Subject: [Dovecot] How to port this dovecot-1.x configuration file to dovecot-2.x Message-ID: <6638d9f44ea260fbd224784d8a1e958c@smartmobili.com> Hi, I am trying to move from dovecot-1.x to dovecot 2.1 but I have this error : Sep 23 16:04:13 lda: Error: userdb lookup: connect(/var/run/dovecot/auth-master) failed: Permission denied (euid=5000(vmail) egid=5000(vmail) missing +r perm: /var/run/dovecot/auth-master, dir owned by 0:0 mode=0755) and I dont' manage to find information about how to translate this old configuration part: socket listen { master { # Master socket provides access to userdb information. It's typically # used to give Dovecot's local delivery agent access to userdb so it # can find mailbox locations. path = /var/run/dovecot/auth-master mode = 0600 # Default user/group is the one who started dovecot-auth (root) user = vmail #group = } client { # The client socket is generally safe to export to everyone. Typical use # is to export it to your SMTP server so it can do SMTP AUTH lookups # using it. path = /var/run/dovecot/auth-client mode = 0660 } Thanks From tss at iki.fi Fri Sep 23 18:23:05 2011 From: tss at iki.fi (Timo Sirainen) Date: Fri, 23 Sep 2011 18:23:05 +0300 Subject: [Dovecot] How to port this dovecot-1.x configuration file to dovecot-2.x In-Reply-To: <6638d9f44ea260fbd224784d8a1e958c@smartmobili.com> References: <6638d9f44ea260fbd224784d8a1e958c@smartmobili.com> Message-ID: <1C9BC876-89CC-4EB7-A2F7-71500032FA51@iki.fi> On 23.9.2011, at 18.14, forumer at smartmobili.com wrote: > I am trying to move from dovecot-1.x to dovecot 2.1 but I have this error : > > Sep 23 16:04:13 lda: Error: userdb lookup: connect(/var/run/dovecot/auth-master) failed: > Permission denied (euid=5000(vmail) egid=5000(vmail) missing +r perm: /var/run/dovecot/auth-master, dir owned by 0:0 mode=0755) Preferably you'd use auth-userdb now instead of auth-master. > and I dont' manage to find information about how to translate this old configuration part: > > socket listen { > master { > # Master socket provides access to userdb information. It's typically > # used to give Dovecot's local delivery agent access to userdb so it > # can find mailbox locations. > path = /var/run/dovecot/auth-master > mode = 0600 > # Default user/group is the one who started dovecot-auth (root) > user = vmail > #group = > } > client { > # The client socket is generally safe to export to everyone. Typical use > # is to export it to your SMTP server so it can do SMTP AUTH lookups > # using it. > path = /var/run/dovecot/auth-client > mode = 0660 > } doveconf converts that just fine: service auth { unix_listener /var/run/dovecot/auth-client { mode = 0660 } unix_listener /var/run/dovecot/auth-master { mode = 0600 user = vmail } } But again, auth-userdb instead of auth-master is safer. From asai at globalchangemusic.org Fri Sep 23 18:23:41 2011 From: asai at globalchangemusic.org (Asai) Date: Fri, 23 Sep 2011 08:23:41 -0700 Subject: [Dovecot] Using Dsync for Incremental Sync In-Reply-To: <4E7A4157.2080206@globalchangemusic.org> References: <4E7A4157.2080206@globalchangemusic.org> Message-ID: <4E7CA47D.6050904@globalchangemusic.org> So maybe a better question would be, "What can I use for incremental syncing of Dovecot maildirs?" On 9/21/2011 12:56 PM, Asai wrote: > Greetings, > > We have about 26 GB of email which we're trying to sync nightly to a > remote server, but what I just read from a post from Timo awhile back > is that it's not possible because dsync relies on message GUIDs which > aren't available in the IMAP protocol. It seems that this is still > the case, is there anything on the horizon for this to change? From tss at iki.fi Fri Sep 23 19:13:28 2011 From: tss at iki.fi (Timo Sirainen) Date: Fri, 23 Sep 2011 19:13:28 +0300 Subject: [Dovecot] Using Dsync for Incremental Sync In-Reply-To: <4E7A4157.2080206@globalchangemusic.org> References: <4E7A4157.2080206@globalchangemusic.org> Message-ID: <6E40B212-C3FE-4C26-A646-38897E05D34A@iki.fi> On 21.9.2011, at 22.56, Asai wrote: > We have about 26 GB of email which we're trying to sync nightly to a remote server, but what I just read from a post from Timo awhile back is that it's not possible because dsync relies on message GUIDs which aren't available in the IMAP protocol. It seems that this is still the case, is there anything on the horizon for this to change? You mean you want one way Dovecot -> some other IMAP server? Then GUIDs don't really matter and "dsync backup" should work fine. You'll need Dovecot v2.1 of course. From asai at globalchangemusic.org Fri Sep 23 19:27:04 2011 From: asai at globalchangemusic.org (Asai) Date: Fri, 23 Sep 2011 09:27:04 -0700 Subject: [Dovecot] Using Dsync for Incremental Sync In-Reply-To: <6E40B212-C3FE-4C26-A646-38897E05D34A@iki.fi> References: <4E7A4157.2080206@globalchangemusic.org> <6E40B212-C3FE-4C26-A646-38897E05D34A@iki.fi> Message-ID: <4E7CB358.1070205@globalchangemusic.org> Thanks, Timo. Maybe I misunderstood then that Dsync will only add or remove the changed email items on the remote server? Basically we're just trying to keep the mailboxes stored and backed up on the remote server, without having to transfer 26 GB every night. We're using version 2.0.14 right now. So we'd need 2.1 to do that? *Asai* Global Change Multi-Media Internet Application Development IT and Networking Services 520-398-2542 On 9/23/2011 9:13 AM, Timo Sirainen wrote: > On 21.9.2011, at 22.56, Asai wrote: > >> We have about 26 GB of email which we're trying to sync nightly to a remote server, but what I just read from a post from Timo awhile back is that it's not possible because dsync relies on message GUIDs which aren't available in the IMAP protocol. It seems that this is still the case, is there anything on the horizon for this to change? > You mean you want one way Dovecot -> some other IMAP server? Then GUIDs don't really matter and "dsync backup" should work fine. You'll need Dovecot v2.1 of course. > From moseleymark at gmail.com Sat Sep 24 01:35:14 2011 From: moseleymark at gmail.com (Mark Moseley) Date: Fri, 23 Sep 2011 15:35:14 -0700 Subject: [Dovecot] Glued-together private namespaces Message-ID: I've been goofing with this all day with 2.0.15 and I'm starting to realize that either a) I'm not that smart, b) it's been so long since I messed with namespaces that I'm going about it completely wrong, or c) it's just not possible. I haven't posted 'doveconf -n' and other details, because mainly I'm just looking for 'yes, this is possible' or 'no, you're smoking crack' before posting further details. At this point, it's all maildir and moving to mdbox, while highly desirable in the future, is not possible in the near- to medium-term. I'm trying to glue a namespace underneath INBOX: namespace INBOX { type = private separator = . prefix = INBOX. # Yes, this used to be on Courier inbox = yes list = yes hidden = no subscriptions = yes location = maildir:~/Maildir } namespace archive { type = private separator = . prefix = INBOX.Archives. inbox = no list = children subscriptions = yes location = maildir:~/Maildir-Archive } I've tried putting namespace archive's 'prefix' as just "Archives", but Tbird doesn't seem to see this namespace, regardless of how much I futz with the imap settings in tbird. With the above setup, it actually seems to work correctly (provided ~/Maildir-Archive exists), though I'm sure a big gotcha is waiting in the wings. I can move messages around, create subfolders, subscribe to folders in ~/Maildir-Archive). The only thing I can't seem to get working is quotas. With my password_query like: password_query = ... CONCAT( '*:bytes=', "1M" ) AS 'userdb_quota_rule', \ CONCAT( '*:messages=10' ) AS 'userdb_quota_rule2', \ CONCAT( 'INBOX.Archives:bytes=+4900M' ) AS 'userdb_quota_rule3', \ CONCAT( 'INBOX.Archives:messages=+3900' ) AS 'userdb_quota_rule4' ... only the default quota seems to be in place for any subfolder of INBOX.Archives and for INBOX.Archives itself, i.e. *:bytes still applies to INBOX.Archives. The debug log show that: Debug: Quota root: name=User quota backend=maildir args= Debug: Quota rule: root=User quota mailbox=* bytes=1048576 messages=0 Debug: Quota rule: root=User quota mailbox=* bytes=1048576 messages=10 Debug: Quota rule: root=User quota mailbox=INBOX.Archives bytes=+5138022400 messages=0 Debug: Quota rule: root=User quota mailbox=INBOX.Archives bytes=+5138022400 messages=+3900 These are wildly stupid quotas but they're just there to test. With INBOX already at capacity (byte-wise; only set to a meg), copying large messages inside INBOX.Archives fails (only copying a 800k message but the quota should be 5gig now). Again, before I post configs, I'm just curious if what I'm trying to do isn't remotely possible, or that I'm approaching this entirely wrongly. Thanks! From piotr-l at netexpert.pl Sat Sep 24 12:00:22 2011 From: piotr-l at netexpert.pl (Piotr NetExpert) Date: Sat, 24 Sep 2011 11:00:22 +0200 Subject: [Dovecot] dsync doubts Message-ID: <4E7D9C26.6030207@netexpert.pl> Hi everyone, I want to backup mailboxes to another server. A usage information for dsync says "... ". Does it mean I need dsync installed on the other server too? Now when I try to run dsync I receive: # dsync -v -D -u abc backup ssh user at other.server dsync(username): Debug: Effective uid=123, gid=123, home=/path/abc dsync(username): Debug: maildir++: root=/path/abc, index=, control=, inbox=/path/abc dsync-local(abc): Debug: Namespace : Using permissions from /path/abc: mode=0700 gid=-1 Password: server: not found dsync-local(abc): Error: read() from worker server failed: EOF What could be wrong? How can I check what it wants to do and cannot? I cannot find more information I need in a wiki page of dsync. -- pozdrawiam Piotr Szafarczyk http://www.netexpert.pl From lennon at orcon.net.nz Sat Sep 24 12:13:10 2011 From: lennon at orcon.net.nz (Craig Whitmore) Date: Sat, 24 Sep 2011 21:13:10 +1200 Subject: [Dovecot] dsync doubts In-Reply-To: <4E7D9C26.6030207@netexpert.pl> Message-ID: http://wiki2.dovecot.org/Tools/Dsync On 24/09/11 8:00 PM, "Piotr NetExpert" wrote: >Hi everyone, > >I want to backup mailboxes to another server. A usage information for >dsync says "... ". Does it mean I need dsync >installed on the other server too? > >Now when I try to run dsync I receive: ># dsync -v -D -u abc backup ssh user at other.server >dsync(username): Debug: Effective uid=123, gid=123, home=/path/abc >dsync(username): Debug: maildir++: root=/path/abc, index=, control=, >inbox=/path/abc >dsync-local(abc): Debug: Namespace : Using permissions from /path/abc: >mode=0700 gid=-1 >Password: >server: not found >dsync-local(abc): Error: read() from worker server failed: EOF > >What could be wrong? How can I check what it wants to do and cannot? I >cannot find more information I need in a wiki page of dsync. >-- >pozdrawiam >Piotr Szafarczyk > >http://www.netexpert.pl From piotr-l at netexpert.pl Sat Sep 24 12:55:26 2011 From: piotr-l at netexpert.pl (Piotr NetExpert) Date: Sat, 24 Sep 2011 11:55:26 +0200 Subject: [Dovecot] dsync doubts In-Reply-To: References: Message-ID: <4E7DA90E.6050800@netexpert.pl> ??? I know the page. Do you mean I missed something there? What exactly? > http://wiki2.dovecot.org/Tools/Dsync > > > On 24/09/11 8:00 PM, "Piotr NetExpert" wrote: > >> Hi everyone, >> >> I want to backup mailboxes to another server. A usage information for >> dsync says "...". Does it mean I need dsync >> installed on the other server too? >> >> Now when I try to run dsync I receive: >> # dsync -v -D -u abc backup ssh user at other.server >> dsync(username): Debug: Effective uid=123, gid=123, home=/path/abc >> dsync(username): Debug: maildir++: root=/path/abc, index=, control=, >> inbox=/path/abc >> dsync-local(abc): Debug: Namespace : Using permissions from /path/abc: >> mode=0700 gid=-1 >> Password: >> server: not found >> dsync-local(abc): Error: read() from worker server failed: EOF >> >> What could be wrong? How can I check what it wants to do and cannot? I >> cannot find more information I need in a wiki page of dsync. >> -- pozdrawiam Piotr Szafarczyk http://www.netexpert.pl From dvrsn at diphi.com Fri Sep 23 23:20:58 2011 From: dvrsn at diphi.com (Jeff Rogers) Date: Fri, 23 Sep 2011 13:20:58 -0700 Subject: [Dovecot] tiny doc bug report Message-ID: <4E7CEA2A.8080100@diphi.com> First timer, I'm installing dovecot-2.0.15. I ran configure; make; sudo make install The INSTALL file then says: --- Rename configuration file: mv /usr/local/etc/dovecot-example.conf /usr/local/etc/dovecot.conf Read through, and make needed modifications. --- The example configuration file is not installed in that location. Presumably it is now installed as /usr/local/share/doc/dovecot/example-config/dovecot.conf Unless this path difference is a quirk of my local system, the INSTALL directions should be fixed to avoid confusion. Thanks, -J From dick at fouter.net Sat Sep 24 21:02:36 2011 From: dick at fouter.net (Dick Middleton) Date: Sat, 24 Sep 2011 19:02:36 +0100 Subject: [Dovecot] dsync doubts In-Reply-To: <4E7D9C26.6030207@netexpert.pl> References: <4E7D9C26.6030207@netexpert.pl> Message-ID: <4E7E1B3C.9010809@fouter.net> On 09/24/11 10:00, Piotr NetExpert wrote: > Hi everyone, > > I want to backup mailboxes to another server. A usage information for dsync > says "... ". Does it mean I need dsync installed on the > other server too? Yes Dick From dovecot-user at spambox.dk Sun Sep 25 01:23:49 2011 From: dovecot-user at spambox.dk (Henrik Larsson) Date: Sun, 25 Sep 2011 00:23:49 +0200 Subject: [Dovecot] "doveadm log reopen" don't reopen seperate lmtp log Message-ID: <4E7E5875.60508@spambox.dk> Dear all I have setup separate pop3/imap log "/var/log/dovecot" and lmtp delivery log "/var/log/dovecot-deliver". After rotating logfiles, i run "doveadm log reopen". I see that my pop3/imap log "/var/log/dovecot" is used straight away, but my lmpt log "/var/log/dovecot-deliver" isn't used at first. After some time, usually a few minutes, logs are being written to this file anyway. But if I compare this to my maillog, it misses some deliveries just after the log rotation. Is there any problems with this configuration that should be corrected? --cut-- # doveconf -n # 2.0.15: /usr/local/etc/dovecot/dovecot.conf # OS: FreeBSD 8.2-STABLE amd64 auth_mechanisms = plain login digest-md5 cram-md5 first_valid_uid = 125 hostname = mail.larsson.it listen = * log_path = /var/log/dovecot mail_plugins = fts fts_squat zlib mail_privileged_group = postfix mail_temp_dir = /var/db/dovecot managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date namespace { inbox = yes location = prefix = separator = . type = private } namespace { hidden = yes inbox = no list = no location = prefix = INBOX. separator = . type = private } passdb { args = /usr/local/etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { fts = squat fts_squat = partial=4 full=10 sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = imap pop3 lmtp sieve service auth-worker { user = $default_internal_user } service auth { unix_listener /home/mail/postfix/private/auth { group = postfix mode = 0666 user = postfix } } service lmtp { executable = lmtp -L unix_listener /home/mail/postfix/private/dovecot-lmtp { group = postfix mode = 0660 user = postfix } } ssl_cert = I'm attempting to create a virtual inbox that contains all unread messages from the user's Maildir. I created a conf file called 80-virtual.conf containing: mail_plugins = $mail_plugins virtual namespace { prefix = virtual/ separator = / location = virtual:~/Maildir/virtual } And created the /home/username/Maildir/virtual/unseen/dovecot-virtual file which contains: # ~/Maildir/virtual/unseen/dovecot-virtual * unseen However it doesn't work and the maillog file contains: dovecot: imap(username): Error: user username: Initialization failed: namespace configuration error: inbox=yes namespace missing This is with dovecot 2.0.beta6 (3156315704ef) Does anybody have any suggestions? Thanks! Terry From Lutz.Pressler at SerNet.DE Mon Sep 26 14:11:23 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Mon, 26 Sep 2011 13:11:23 +0200 Subject: [Dovecot] Virtual Folder configuration problem. In-Reply-To: <20110924213056.Horde.qHIQRFeGiNBOfoRQjGNhvJA@www.cnysupport.com> References: <20110924213056.Horde.qHIQRFeGiNBOfoRQjGNhvJA@www.cnysupport.com> Message-ID: On Sa, 24 Sep 2011, Terry Carmen wrote: > I'm attempting to create a virtual inbox that contains all unread > messages from the user's Maildir. > > I created a conf file called 80-virtual.conf containing: [...] > However it doesn't work and the maillog file contains: > > dovecot: imap(username): Error: user username: Initialization failed: > namespace configuration error: inbox=yes namespace missing > Probably you forgot to follow this advise from 10-mail.conf: # REMEMBER: If you add any namespaces, the default namespace must be added # explicitly, ie. mail_location does nothing unless you have a namespace # without a location setting. Default namespace is simply done by having a # namespace with empty prefix. Lutz From udo.lembke at albertbauer.com Mon Sep 26 14:24:09 2011 From: udo.lembke at albertbauer.com (Udo Lembke) Date: Mon, 26 Sep 2011 13:24:09 +0200 Subject: [Dovecot] how to disable quota for second namespace? In-Reply-To: <4E78B30F.7020000@albertbauer.com> References: <4E78B30F.7020000@albertbauer.com> Message-ID: <4E8060D9.2010603@albertbauer.com> Am 20.09.2011 17:36, schrieb Udo Lembke: > > > Hi all, > I have a second namespace as archive, where no quota should be active > (work with type = shared). > But if I change the type to private the quota will allways count. Hi, for reference only (if someone find this post) with help in the irc-channel I got the right configuration: plugin { quota = maildir:User quota:ns= quota2 = maildir:Archiv quota:ns=archiv/%u/ } plugin { quota_rule = *:storage=500M quota_rule2 = Trash:storage=+100M quota_rule3 = Sent:storage=+50M quota_rule4 = ns=archiv/%u/:ignore } The ":ns=" do the right trick! Here the result: doveadm quota get -u test at example.com Quota name Type Value Limit % User quota STORAGE 95132 204800 46 User quota MESSAGE 6423 - 0 Archiv quota STORAGE 3290972 - 0 Archiv quota MESSAGE 136950 - 0 Udo From carloswill at gmail.com Mon Sep 26 15:43:56 2011 From: carloswill at gmail.com (Carlos Mennens) Date: Mon, 26 Sep 2011 08:43:56 -0400 Subject: [Dovecot] Subscription File Message-ID: I had a use lose 20 folders on their mail account. I was able to pull them back from a restore and dumped them all back on the server in her Maildir. The problem is she doesn't see them on her Thunderbird or Outlook client. I checked to make sure I put them back into the correct directory and I did as well as verify permissions aren't weird. I then noticed a file called 'subscriptions' in her Maildir directory. She appears to only be seeing folders that are listed in this 'subscriptions' file. My question is how do I update this file? If I delete it, will Dovecot re-generate the file with the correct subscription entries? I don't understand what to do but I'm hoping I don't have to edit the file by hand...that seems way too cumbersome. From Ralf.Hildebrandt at charite.de Mon Sep 26 15:45:44 2011 From: Ralf.Hildebrandt at charite.de (Ralf Hildebrandt) Date: Mon, 26 Sep 2011 14:45:44 +0200 Subject: [Dovecot] Subscription File In-Reply-To: References: Message-ID: <20110926124544.GN21539@charite.de> * Carlos Mennens : > I had a use lose 20 folders on their mail account. I was able to pull > them back from a restore and dumped them all back on the server in her > Maildir. The problem is she doesn't see them on her Thunderbird or > Outlook client. I checked to make sure I put them back into the > correct directory and I did as well as verify permissions aren't > weird. I then noticed a file called 'subscriptions' in her Maildir > directory. She appears to only be seeing folders that are listed in > this 'subscriptions' file. My question is how do I update this file? > If I delete it, will Dovecot re-generate the file with the correct > subscription entries? I don't understand what to do but I'm hoping I > don't have to edit the file by hand...that seems way too cumbersome. The client handles the subscriptions (and dovecot does in turn update the file) -- Ralf Hildebrandt Gesch?ftsbereich IT | Abteilung Netzwerk Charit? - Universit?tsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebrandt at charite.de | http://www.charite.de From CMarcus at Media-Brokers.com Mon Sep 26 16:38:44 2011 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Mon, 26 Sep 2011 09:38:44 -0400 Subject: [Dovecot] Virtual Folder configuration problem. In-Reply-To: <20110924213056.Horde.qHIQRFeGiNBOfoRQjGNhvJA@www.cnysupport.com> References: <20110924213056.Horde.qHIQRFeGiNBOfoRQjGNhvJA@www.cnysupport.com> Message-ID: <4E808064.9050005@Media-Brokers.com> On 2011-09-24 9:30 PM, Terry Carmen wrote: > This is with dovecot 2.0.beta6 (3156315704ef) > > Does anybody have any suggestions? Upgrade - which probably won't fix your problem, but because the version you're using is so old should be considered a requirement before asking for further help. -- Best regards, Charles From carloswill at gmail.com Mon Sep 26 17:07:35 2011 From: carloswill at gmail.com (Carlos Mennens) Date: Mon, 26 Sep 2011 10:07:35 -0400 Subject: [Dovecot] Subscription File In-Reply-To: <20110926124544.GN21539@charite.de> References: <20110926124544.GN21539@charite.de> Message-ID: On Mon, Sep 26, 2011 at 8:45 AM, Ralf Hildebrandt wrote: > The client handles the subscriptions (and dovecot does in turn update > the file) So I added some folders back to the users Maildir directory and made sure ownership on the Linux side was correct. I just can't see where in Thunderbird, the user is able to see folders in her Maildir that she's unsubscribed to and how we enable the subscription. From CMarcus at Media-Brokers.com Mon Sep 26 17:11:46 2011 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Mon, 26 Sep 2011 10:11:46 -0400 Subject: [Dovecot] Subscription File In-Reply-To: References: <20110926124544.GN21539@charite.de> Message-ID: <4E808822.4030406@Media-Brokers.com> On 2011-09-26 10:07 AM, Carlos Mennens wrote: > So I added some folders back to the users Maildir directory and made > sure ownership on the Linux side was correct. I just can't see where > in Thunderbird, the user is able to see folders in her Maildir that > she's unsubscribed to and how we enable the subscription. Right-click on any folder under the account, then click 'Subscribe'... -- Best regards, Charles From terry at cnysupport.com Mon Sep 26 17:14:28 2011 From: terry at cnysupport.com (Terry Carmen) Date: Mon, 26 Sep 2011 10:14:28 -0400 Subject: [Dovecot] Virtual Folder configuration problem. In-Reply-To: <4E808064.9050005@Media-Brokers.com> References: <20110924213056.Horde.qHIQRFeGiNBOfoRQjGNhvJA@www.cnysupport.com> <4E808064.9050005@Media-Brokers.com> Message-ID: <20110926101428.Horde.qUH2U1eGiNBOgIjErxtgghA@www.cnysupport.com> ----- Message from Charles Marcus --------- Date: Mon, 26 Sep 2011 09:38:44 -0400 From: Charles Marcus Reply-To: Dovecot Mailing List Subject: Re: [Dovecot] Virtual Folder configuration problem. To: dovecot at dovecot.org > On 2011-09-24 9:30 PM, Terry Carmen wrote: >> This is with dovecot 2.0.beta6 (3156315704ef) >> >> Does anybody have any suggestions? > > Upgrade - which probably won't fix your problem, but because the > version you're using is so old should be considered a requirement > before asking for further help. It's the version that came with Centos 6. I was keeping it to maintain compatibility with the Cendos distribution. In any case, I'll probably try an upgrade later today, because even after adding the default namespace config, the virtual folders still don't work and it suddenly began complaining about not supporting TLS. Terry From carloswill at gmail.com Mon Sep 26 17:16:34 2011 From: carloswill at gmail.com (Carlos Mennens) Date: Mon, 26 Sep 2011 10:16:34 -0400 Subject: [Dovecot] Subscription File In-Reply-To: <4E808822.4030406@Media-Brokers.com> References: <20110926124544.GN21539@charite.de> <4E808822.4030406@Media-Brokers.com> Message-ID: On Mon, Sep 26, 2011 at 10:11 AM, Charles Marcus wrote: > Right-click on any folder under the account, then click 'Subscribe'... I don't think we're on the same page here. I restored the folders off tape and moved them back into her 'Maildir' directory on the server. She doesn't see them in Webmail or Thunderbird clients because they are not listed in this 'subscribe' text file Dovecot uses to display the folders to the user. She can't right click what she can't see. The folders are sitting in her Maildir and I can see them on the server...I'm just missing how we can see or present these folders to the user so she can see / subscribe the folders. Sorry if I'm missing something here... From CMarcus at Media-Brokers.com Mon Sep 26 17:27:01 2011 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Mon, 26 Sep 2011 10:27:01 -0400 Subject: [Dovecot] Subscription File In-Reply-To: References: <20110926124544.GN21539@charite.de> <4E808822.4030406@Media-Brokers.com> Message-ID: <4E808BB5.9050902@Media-Brokers.com> On 2011-09-26 10:16 AM, Carlos Mennens wrote: > On Mon, Sep 26, 2011 at 10:11 AM, Charles Marcus > wrote: >> Right-click on any folder under the account, then click 'Subscribe'... > > I don't think we're on the same page here. I restored the folders off > tape and moved them back into her 'Maildir' directory on the server. > She doesn't see them in Webmail or Thunderbird clients because they > are not listed in this 'subscribe' text file Dovecot uses to display > the folders to the user. She can't right click what she can't see. The > folders are sitting in her Maildir and I can see them on the > server...I'm just missing how we can see or present these folders to > the user so she can see / subscribe the folders. > > Sorry if I'm missing something here... You are... as has already been told to you, the subscriptions file is accessed/manipulated by IMAP *clients - ie, Thunderbird. Do as I suggested - in Thunderbird, right-click on ANY folder that IS being displayed, click 'Subscriptions', then ENABLE the missing folders in the subscriptions list (click the little checkbox). If you don't see them there, then that would most likely be a permissions problem. -- Best regards, Charles From carloswill at gmail.com Mon Sep 26 18:00:01 2011 From: carloswill at gmail.com (Carlos Mennens) Date: Mon, 26 Sep 2011 11:00:01 -0400 Subject: [Dovecot] Subscription File In-Reply-To: <4E808BB5.9050902@Media-Brokers.com> References: <20110926124544.GN21539@charite.de> <4E808822.4030406@Media-Brokers.com> <4E808BB5.9050902@Media-Brokers.com> Message-ID: On Mon, Sep 26, 2011 at 10:27 AM, Charles Marcus wrote: > You are... as has already been told to you, the subscriptions file is > accessed/manipulated by IMAP *clients - ie, Thunderbird. > > Do as I suggested - in Thunderbird, right-click on ANY folder that IS being > displayed, click 'Subscriptions', then ENABLE the missing folders in the > subscriptions list (click the little checkbox). > > If you don't see them there, then that would most likely be a permissions > problem. Sorry Monday's are a bit slow for me. Understood and thanks! From busseniu at in.tum.de Mon Sep 26 19:56:51 2011 From: busseniu at in.tum.de (Christoph Bussenius) Date: Mon, 26 Sep 2011 18:56:51 +0200 Subject: [Dovecot] [PATCH] Bad boundary check in client_find_namespace Message-ID: <20110926165651.GA20769@informatik.tu-muenchen.de> Hi, while trying to investigate the bug I reported last week, I found that there is a broken boundary check in client_find_namespace in src/imap/imap-commands-util.c. The code is: /* make sure two hierarchy separators aren't next to each others */ for (p = storage_name+1; *p != '\0'; p++) { if (p[0] == ns->real_sep && p[-1] == ns->real_sep) { client_send_tagline(cmd, "NO Invalid mailbox name."); return NULL; } } The loop iterates over the string storage_name starting from its second byte. However, the string may be "". This is the case if you select the root of a namespace, like in "SELECT shared" or "SELECT shared/user1". In that case, the code will read past the end of the buffer from random memory until it finds a zero byte or a duplicate separator. This would fix it: diff -ru dovecot-2.0.15.orig/src/imap/imap-commands-util.c dovecot-2.0.15/src/imap/imap-commands-util.c --- dovecot-2.0.15.orig/src/imap/imap-commands-util.c 2011-08-02 12:29:37.000000000 +0200 +++ dovecot-2.0.15/src/imap/imap-commands-util.c 2011-09-26 18:33:16.121917759 +0200 @@ -81,7 +81,9 @@ } /* make sure two hierarchy separators aren't next to each others */ - for (p = storage_name+1; *p != '\0'; p++) { + for (p = storage_name; *p != '\0'; p++) { + if (p == storage_name) + continue; if (p[0] == ns->real_sep && p[-1] == ns->real_sep) { client_send_tagline(cmd, "NO Invalid mailbox name."); return NULL; Cheers, Christoph Bu?enius -- Christoph Bu?enius Rechnerbetriebsgruppe der Fakult?ten Informatik und Mathematik TU M?nchen +49 89-289-18519 <> Raum 00.05.055 <> Boltzmannstr. 3 <> Garching From moseleymark at gmail.com Mon Sep 26 20:11:45 2011 From: moseleymark at gmail.com (Mark Moseley) Date: Mon, 26 Sep 2011 10:11:45 -0700 Subject: [Dovecot] Glued-together private namespaces In-Reply-To: References: Message-ID: On Fri, Sep 23, 2011 at 3:35 PM, Mark Moseley wrote: > I've been goofing with this all day with 2.0.15 and I'm starting to > realize that either a) I'm not that smart, b) it's been so long since > I messed with namespaces that I'm going about it completely wrong, or > c) it's just not possible. I haven't posted 'doveconf -n' and other > details, because mainly I'm just looking for 'yes, this is possible' > or 'no, you're smoking crack' before posting further details. At this > point, it's all maildir and moving to mdbox, while highly desirable in > the future, is not possible in the near- to medium-term. > > I'm trying to glue a namespace underneath INBOX: > > namespace INBOX { > ? ? ? ?type = private > ? ? ? ?separator = . > ? ? ? ?prefix = INBOX. ? ?# Yes, this used to be on Courier > ? ? ? ?inbox = yes > ? ? ? ?list = yes > ? ? ? ?hidden = no > ? ? ? ?subscriptions = yes > ? ? ? ?location = maildir:~/Maildir > } > namespace archive { > ? ? ? ?type = private > ? ? ? ?separator = . > ? ? ? ?prefix = INBOX.Archives. > ? ? ? ?inbox = no > ? ? ? ?list = children > ? ? ? ?subscriptions = yes > ? ? ? ?location = maildir:~/Maildir-Archive > } > > > I've tried putting namespace archive's 'prefix' as just "Archives", > but Tbird doesn't seem to see this namespace, regardless of how much I > futz with the imap settings in tbird. > > With the above setup, it actually seems to work correctly (provided > ~/Maildir-Archive exists), though I'm sure a big gotcha is waiting in > the wings. I can move messages around, create subfolders, subscribe to > folders in ~/Maildir-Archive). The only thing I can't seem to get > working is quotas. With my password_query like: > > password_query = ... > CONCAT( '*:bytes=', "1M" ) AS 'userdb_quota_rule', \ > CONCAT( '*:messages=10' ) AS 'userdb_quota_rule2', \ > CONCAT( 'INBOX.Archives:bytes=+4900M' ) AS 'userdb_quota_rule3', \ > CONCAT( 'INBOX.Archives:messages=+3900' ) AS 'userdb_quota_rule4' > ... > > only the default quota seems to be in place for any subfolder of > INBOX.Archives and for INBOX.Archives itself, i.e. *:bytes still > applies to INBOX.Archives. The debug log show that: > > Debug: Quota root: name=User quota backend=maildir args= > Debug: Quota rule: root=User quota mailbox=* bytes=1048576 messages=0 > Debug: Quota rule: root=User quota mailbox=* bytes=1048576 messages=10 > Debug: Quota rule: root=User quota mailbox=INBOX.Archives > bytes=+5138022400 messages=0 > Debug: Quota rule: root=User quota mailbox=INBOX.Archives > bytes=+5138022400 messages=+3900 > > These are wildly stupid quotas but they're just there to test. With > INBOX already at capacity (byte-wise; only set to a meg), copying > large messages inside INBOX.Archives fails (only copying a 800k > message but the quota should be 5gig now). > > Again, before I post configs, I'm just curious if what I'm trying to > do isn't remotely possible, or that I'm approaching this entirely > wrongly. Thanks! > Thanks to a fortuitously unrelated thread ("how to disable quota for second namespace"), I got the quota part figured out and that seems to be working: Add a second entry to plugin {}, e.g. "quota2 = maildir:Archive quota:ns=INBOX.Archives." and add rules for userdb_quota2_rule, userdb_quota2_rule2, etc. My real question now is: Are there any fatal gotchas in this that I'm just not thinking of? From nerijus.kislauskas at ktu.lt Tue Sep 27 15:56:10 2011 From: nerijus.kislauskas at ktu.lt (Nerijus Kislauskas) Date: Tue, 27 Sep 2011 15:56:10 +0300 Subject: [Dovecot] deliver agent and index/control files Message-ID: <4E81C7EA.6040502@ktu.lt> Hi Timo and others, We use Dovecot in Kaunas University of Technology in Lithuania. For now our LDA is Postfix and POP/IMAP server is Dovecot. We would like to implement dovecot deliver as LDA. Everything is ok exept one small thing: deliver is creating dovecot.index.log in wrong place In dovecot config files we have: ... mail_location = maildir:/var/mail/%Ln:INDEX=/var/indexes/%Ln:CONTROL=/var/indexes/%Ln ... As you can see, mail and index/control files are in different partitions. and deliver log: deliver(nerijus.kislauskas at ktu.lt): maildir: data=/var/mail/nerkisl deliver(nerijus.kislauskas at ktu.lt): maildir++: root=/var/mail/nerkisl, index=, control=, inbox=/var/mail/nerkisl That is why dovecot.index.log is created in /var/mail/nerkisl, and not in /var/indexes/nerkisl. How can we fix this? -- Sincerely, Nerijus Kislauskas KTU ITPI, LitNET NOC Studentu g. 48a - 101, Kaunas tel.: (8~37) 30 06 45 mob. tel.: 8-614-93889 e-mail.: nerijus.kislauskas at ktu.lt From nerijus.kislauskas at ktu.lt Tue Sep 27 16:11:04 2011 From: nerijus.kislauskas at ktu.lt (Nerijus Kislauskas) Date: Tue, 27 Sep 2011 16:11:04 +0300 Subject: [Dovecot] deliver agent and index/control files In-Reply-To: <4E81C7EA.6040502@ktu.lt> References: <4E81C7EA.6040502@ktu.lt> Message-ID: <4E81CB68.4040606@ktu.lt> On 09/27/2011 03:56 PM, Nerijus Kislauskas wrote: > How can we fix this? Sorry for your disturbance. LDAP replication issue. Everything is working fine. Thanks for your great job. -- Pagarbiai, Nerijus Kislauskas KTU ITPI, Litnet valdymo centras Studentu g. 48a - 101, Kaunas tel.: (8~37) 30 06 45 mob. tel.: 8-614-93889 e-mail.: nerijus.kislauskas at ktu.lt From andreas at kado-web.de Tue Sep 27 17:32:20 2011 From: andreas at kado-web.de (Andreas Cieslak) Date: Tue, 27 Sep 2011 16:32:20 +0200 Subject: [Dovecot] Create userdir on dovecot login --- solved Message-ID: <0MGXWy-1RLm6d3cJM-00DXml@mrelayeu.kundenserver.de> Sorted out the problem, which was already solved in an older forum post of dovecot. In the file /usr/local/etc/dovecot/conf.d/auth-system.conf.ext I set Passdb { Driver = pam args = session=yes dovecot } Unfortunately this didn?t work because when I log in with a user xy, the user dovecot became the owner of the userdir. When I modified the file /usr/local/etc/dovecot/conf.d/auth-system.conf.ext like this: Passdb { Driver = pam # args = session=yes dovecot } And gave anyone (for testing) the permission to write to home. That worked! At least put the ldap-users in a group and gave that group writing permissions to home. Finished! -----Urspr?ngliche Nachricht----- Von: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] Im Auftrag von Andreas Cieslak Gesendet: Donnerstag, 22. September 2011 15:41 An: dovecot at dovecot.org Betreff: [Dovecot] Create userdir on dovecot login Hi List, I am trying to set up automated userdir-creation on login via squirrelmail or email-client with a dovecot backend. The users are first imported on an openldap directory on the same server as the dovecot runs on. Authentication on the dovecot mail system via pam_ldap works properly. Tried already to integrate some advices from the dovecot wiki like Passdb { Driver = pam args = session=yes dovecot } But the homedir creation works only when the user logs onto the machine. When I try to log in via Squirrel on the dovecot no homedir is created and there is following message in the logs: auth: Error: pam(cieslak,193.175.157.121): pam_open_session() failed: Permission denied I think its something about the user rights, but dont really know where to search for the needle Here is the config of my environment root at server:/home# dovecot -n # 2.0.13: /usr/local/etc/dovecot/dovecot.conf # OS: Linux 2.6.32-5-686 i686 Debian 6.0.2 auth_debug = yes auth_mechanisms = login plain auth_verbose = yes first_valid_uid = 1000 hostname = server info_log_path = /var/log/dovecot-info last_valid_uid = 10000 listen = * log_path = /var/log/dovecot mail_access_groups = mail mail_debug = yes mail_full_filesystem_access = yes mail_location = maildir:~/Maildir mbox_write_locks = fcntl passdb { args = session=yes dovecot driver = pam } postmaster_address = mailaddress service auth-worker { group = shadow user = $default_internal_user } service auth { user = $default_internal_user } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } process_min_avail = 0 service_count = 0 vsz_limit = 256 M } service lmtp { unix_listener lmtp { mode = 0666 } } service pop3-login { inet_listener pop3s { port = 995 ssl = yes } } ssl_ca = Hello, I'm moving my mail server from Exchange to an opensource one. After a bunch of reading, I decided on building a Dovecot2 + Postfix server in a VirtualUsers-only + Multiple-domains configuration. Since my messages will be stored by Dovecot, and the documentation is really good, I figured that it's smartest to configure Dovecot, then make Postfix 'fit' to it, sharing the data files that way. I read through lots of the Dovecot wiki for v2. There are many ways for storing the database data. My goal is to only have data in one instances, used by both Postfix & Dovecot. I'm a little confused about: to do that sharing-in-one-place, do I have to use SQL or can I use the flatfiles like passwd-db? I think for sure someone already decided the best approach for this, and maybe I'm not understanding the logic to it. The data I think I need to share are: users (user at domain.com) passwords user aliases (mapping user2 at domain.com -> user1 at domain.com) domains domain aliases (domain.com also receives email for domain2.com) And I think all of this can be in passwd-db in Dovecot. But I also want to make sure that Postfix ONLY accepts email for users/domains that exist, so it has to read that data too. Can I do this that way with the flatfiles? Or do I have to use the SQL approach? TJ From tom at whyscream.net Tue Sep 27 20:29:25 2011 From: tom at whyscream.net (Tom Hendrikx) Date: Tue, 27 Sep 2011 19:29:25 +0200 Subject: [Dovecot] What best decision to make for flatfiles or SQL when I use Dovecot2 + Postfix together? In-Reply-To: <1317138678.29156.140258148311993@webmail.messagingengine.com> References: <1317138678.29156.140258148311993@webmail.messagingengine.com> Message-ID: <4E8207F5.2070105@whyscream.net> On 27/09/11 17:51, terryjames9461 at mm.st wrote: > Hello, > > I'm moving my mail server from Exchange to an opensource one. > > After a bunch of reading, I decided on building a Dovecot2 + Postfix > server in a VirtualUsers-only + Multiple-domains configuration. > > Since my messages will be stored by Dovecot, and the documentation is > really good, I figured that it's smartest to configure Dovecot, then > make Postfix 'fit' to it, sharing the data files that way. > > I read through lots of the Dovecot wiki for v2. > > There are many ways for storing the database data. My goal is to only > have data in one instances, used by both Postfix & Dovecot. > > I'm a little confused about: to do that sharing-in-one-place, do I have > to use SQL or can I use the flatfiles like passwd-db? I think for sure > someone already decided the best approach for this, and maybe I'm not > understanding the logic to it. > > The data I think I need to share are: > > users (user at domain.com) > passwords > user aliases (mapping user2 at domain.com -> user1 at domain.com) > domains > domain aliases (domain.com also receives email for domain2.com) > > And I think all of this can be in passwd-db in Dovecot. But I also want > to make sure that Postfix ONLY accepts email for users/domains that > exist, so it has to read that data too. > > Can I do this that way with the flatfiles? Or do I have to use the SQL > approach? > The problem with passwd(like) files is that they are almost never in the correct format to fit both daemons. The easiest way to use a database. You could check out postfixadmin: it contains the database format you need, the documentation to hook postfix and dovecot into it, and a nice web gui for administrating the list of domains, aliases, mailboxes, passwords, etc etc. -- Tom From lists at wildgooses.com Tue Sep 27 21:06:22 2011 From: lists at wildgooses.com (Ed W) Date: Tue, 27 Sep 2011 19:06:22 +0100 Subject: [Dovecot] outlook 2007 very slow. In-Reply-To: References: <4E77CA5A.6010506@tlinx.org> Message-ID: <4E82109E.2000600@wildgooses.com> On 20/09/2011 03:10, Kui Zhang wrote: > thunderbird does not really work for us, due to amount of emails per > mailbox. It was hogging all the memory + cpu. I think if you disable the new local indexing features in TB then it should start running fairly decently? I don't have mega large inboxes, but basically no real concerns with my normal inboxes which are around the 44K level at the largest and the remainder around 10K-15K Obviously it's a whole new problem to push out company wide configuration with the local indexing/download stuff disabled, but I think there is some ability to do this in newer versions? Good luck Ed W From CMarcus at Media-Brokers.com Tue Sep 27 21:21:06 2011 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Tue, 27 Sep 2011 14:21:06 -0400 Subject: [Dovecot] outlook 2007 very slow. In-Reply-To: <4E82109E.2000600@wildgooses.com> References: <4E77CA5A.6010506@tlinx.org> <4E82109E.2000600@wildgooses.com> Message-ID: <4E821412.2040801@Media-Brokers.com> On 2011-09-27 2:06 PM, Ed W wrote: > On 20/09/2011 03:10, Kui Zhang wrote: >> thunderbird does not really work for us, due to amount of emails per >> mailbox. It was hogging all the memory + cpu. > I think if you disable the new local indexing features in TB then it > should start running fairly decently? Also - Outlook is by far much slower than Thunderbird in my experience... -- Best regards, Charles From user+dovecot at localhost.localdomain.org Tue Sep 27 22:46:02 2011 From: user+dovecot at localhost.localdomain.org (Pascal Volk) Date: Tue, 27 Sep 2011 21:46:02 +0200 Subject: [Dovecot] Missing man page for doveadm move In-Reply-To: <4E7B5389.7050907@directi.com> References: <4E7B5389.7050907@directi.com> Message-ID: <4E8227FA.8030608@localhost.localdomain.org> On 09/22/2011 05:26 PM Jeetu wrote: > Hi, > > i cant see man pages for doveadm-move, though the command "doveadm move > ..." works on new version of dovecot. There is the manual page: http://hg.dovecot.org/dovecot-2.0/rev/c194c76b98ff also available in the wiki: http://wiki2.dovecot.org/Tools/Doveadm/Move Regards, Pascal -- The trapper recommends today: c01dcafe.1127021 at localdomain.org From nick+dovecot at bunbun.be Tue Sep 27 22:47:29 2011 From: nick+dovecot at bunbun.be (Nick Rosier) Date: Tue, 27 Sep 2011 21:47:29 +0200 Subject: [Dovecot] What best decision to make for flatfiles or SQL when I use Dovecot2 + Postfix together? In-Reply-To: <4E8207F5.2070105@whyscream.net> References: <1317138678.29156.140258148311993@webmail.messagingengine.com> <4E8207F5.2070105@whyscream.net> Message-ID: <4E822851.1030000@bunbun.be> Tom Hendrikx wrote: > On 27/09/11 17:51, terryjames9461 at mm.st wrote: >> Hello, >> >> I'm moving my mail server from Exchange to an opensource one. >> >> After a bunch of reading, I decided on building a Dovecot2 + Postfix >> server in a VirtualUsers-only + Multiple-domains configuration. >> >> Since my messages will be stored by Dovecot, and the documentation is >> really good, I figured that it's smartest to configure Dovecot, then >> make Postfix 'fit' to it, sharing the data files that way. >> >> I read through lots of the Dovecot wiki for v2. >> >> There are many ways for storing the database data. My goal is to only >> have data in one instances, used by both Postfix& Dovecot. >> >> I'm a little confused about: to do that sharing-in-one-place, do I have >> to use SQL or can I use the flatfiles like passwd-db? I think for sure >> someone already decided the best approach for this, and maybe I'm not >> understanding the logic to it. >> >> The data I think I need to share are: >> >> users (user at domain.com) >> passwords >> user aliases (mapping user2 at domain.com -> user1 at domain.com) >> domains >> domain aliases (domain.com also receives email for domain2.com) >> >> And I think all of this can be in passwd-db in Dovecot. But I also want >> to make sure that Postfix ONLY accepts email for users/domains that >> exist, so it has to read that data too. >> >> Can I do this that way with the flatfiles? Or do I have to use the SQL >> approach? >> > > The problem with passwd(like) files is that they are almost never in the > correct format to fit both daemons. The easiest way to use a database. > > You could check out postfixadmin: it contains the database format you > need, the documentation to hook postfix and dovecot into it, and a nice > web gui for administrating the list of domains, aliases, mailboxes, > passwords, etc etc. +1 one on PostfixAdmin. Wouldn't want to live without it. The main advantage of using a DB is that all information is stored in 1 location and available in the right format through SQL-queries. My 1st config used flat-files and the biggest issue was keeping the different files in sync (i.e. when creating/deleting users making sure to update all the necessary files). My main concern was losing mails if the DB is unavailable but this isn't a problem; if the DB is unavailable Postfix will return a temporarily unavailable and the MTA should retry. Rgds, N. From voytek at sbt.net.au Tue Sep 27 23:27:06 2011 From: voytek at sbt.net.au (Voytek) Date: Wed, 28 Sep 2011 07:27:06 +1100 Subject: [Dovecot] What best decision to make for flatfiles or SQL when I use Dovecot2 + Postfix together? In-Reply-To: <1317138678.29156.140258148311993@webmail.messagingengine.com> References: <1317138678.29156.140258148311993@webmail.messagingengine.com> Message-ID: On Wed, September 28, 2011 2:51 am, terryjames9461 at mm.st wrote: > I'm a little confused about: to do that sharing-in-one-place, do I have > to use SQL or can I use the flatfiles like passwd-db? I think for sure > someone already decided the best approach for this, and maybe I'm not > understanding the logic to it. personally, I'd suggest SQL, that's what I use, used it with CourierIMAP/Postfix, now, with Dovecot/Postfix, it works well, I also use Postfix.admin, for, well, admin Voytek From voytek at sbt.net.au Tue Sep 27 23:32:31 2011 From: voytek at sbt.net.au (Voytek) Date: Wed, 28 Sep 2011 07:32:31 +1100 Subject: [Dovecot] What best decision to make for flatfiles or SQL when I use Dovecot2 + Postfix together? In-Reply-To: <4E822851.1030000@bunbun.be> References: <1317138678.29156.140258148311993@webmail.messagingengine.com> <4E8207F5.2070105@whyscream.net> <4E822851.1030000@bunbun.be> Message-ID: On Wed, September 28, 2011 6:47 am, Nick Rosier wrote: > My main concern was losing mails if the DB is unavailable but this isn't > a problem; if the DB is unavailable Postfix will return a temporarily > unavailable and the MTA should retry. yes, that was also my biggest concern when I 1st looked at the issue, after several years of usage, it still remain my biggest concern luckily, it's just a concern, never caused a problem, and, mail will queue up if there are issues From kuizhang at gmail.com Wed Sep 28 00:50:39 2011 From: kuizhang at gmail.com (Kui Zhang) Date: Tue, 27 Sep 2011 14:50:39 -0700 Subject: [Dovecot] outlook 2007 very slow. In-Reply-To: <4E821412.2040801@Media-Brokers.com> References: <4E77CA5A.6010506@tlinx.org> <4E82109E.2000600@wildgooses.com> <4E821412.2040801@Media-Brokers.com> Message-ID: > I think if you disable the new local indexing features in TB then it > should start running fairly decently? I had indexing disabled... that did not help much. TB work better after I have these settings... mail.imap.expunge_after_delete true mail.imap.expunge_option 2 mail.server.default.autosync_offline_stores false mail.server.default.offline_download false mail.server.default.autosync_max_age_days 14 I think mail.imap.expunge_after_delete might have caused mdbox limit problem I had before... but not confirmed. > > Also - Outlook is by far much slower than Thunderbird in my experience... > Multiple people in the office report outlook is faster (when it works). KuiZ On Tue, Sep 27, 2011 at 11:21 AM, Charles Marcus wrote: > On 2011-09-27 2:06 PM, Ed W wrote: >> >> On 20/09/2011 03:10, Kui Zhang wrote: >>> >>> thunderbird does not really work for us, due to amount of emails per >>> mailbox. It was hogging all the memory + cpu. > >> I think if you disable the new local indexing features in TB then it >> should start running fairly decently? > > Also - Outlook is by far much slower than Thunderbird in my experience... > > -- > > Best regards, > > Charles > From terryjames9461 at mm.st Wed Sep 28 01:00:29 2011 From: terryjames9461 at mm.st (terryjames9461 at mm.st) Date: Tue, 27 Sep 2011 15:00:29 -0700 Subject: [Dovecot] What best decision to make for flatfiles or SQL when I use Dovecot2 + Postfix together? In-Reply-To: <4E8207F5.2070105@whyscream.net> References: <1317138678.29156.140258148311993@webmail.messagingengine.com> <4E8207F5.2070105@whyscream.net> Message-ID: <1317160829.10644.140258148445373@webmail.messagingengine.com> Hello Tom, On Tuesday, September 27, 2011 7:29 PM, "Tom Hendrikx" wrote: > The problem with passwd(like) files is that they are almost never in the > correct format to fit both daemons. The easiest way to use a database. I don't yet see using a database easier than flatfiles. I understand that the one-instance data is done well in a database. But also I found this page at the Dovecot wiki, http://wiki2.dovecot.org/HowTo/VirtualUserFlatFilesPostfix. I keep rereading it and I think that it tells me that I can do this with flatfiles only. I think its this section, http://wiki2.dovecot.org/HowTo/VirtualUserFlatFilesPostfix#Master_Configuration, that tells how to share data with Postfix. Except there's also LMTP which I haven't figured out how to do it yet. For only 3 domains and 30 users its silly to have to run a mysql database. But who knows yet if I an reading this right, and if sharing flatfiles are possible? Its confusing to read and understand. TJ From patrickdk at patrickdk.com Wed Sep 28 01:02:13 2011 From: patrickdk at patrickdk.com (Patrick Domack) Date: Tue, 27 Sep 2011 18:02:13 -0400 Subject: [Dovecot] What best decision to make for flatfiles or SQL when I use Dovecot2 + Postfix together? In-Reply-To: References: <1317138678.29156.140258148311993@webmail.messagingengine.com> <4E8207F5.2070105@whyscream.net> <4E822851.1030000@bunbun.be> Message-ID: <20110927180213.Horde.ayLBaZLnE6FOgkflBICBR6A@kishi.patrickdk.com> For my personal email, I have a habit of having the sql server down for one reason or another. I just dump the sql tables to flatfiles on the email server, and a script runs every 15min and checks for updates if any exist. Works well. Another method would be to just keep it sql, but dump the mysql tables into sqlite tables that postfix/dovecot use. Quoting Voytek : > On Wed, September 28, 2011 6:47 am, Nick Rosier wrote: > >> My main concern was losing mails if the DB is unavailable but this isn't >> a problem; if the DB is unavailable Postfix will return a temporarily >> unavailable and the MTA should retry. > > yes, that was also my biggest concern when I 1st looked at the issue, > after several years of usage, it still remain my biggest concern > > luckily, it's just a concern, never caused a problem, and, mail will queue > up if there are issues From patrickdk at patrickdk.com Wed Sep 28 01:06:32 2011 From: patrickdk at patrickdk.com (Patrick Domack) Date: Tue, 27 Sep 2011 18:06:32 -0400 Subject: [Dovecot] What best decision to make for flatfiles or SQL when I use Dovecot2 + Postfix together? In-Reply-To: <1317160829.10644.140258148445373@webmail.messagingengine.com> References: <1317138678.29156.140258148311993@webmail.messagingengine.com> <4E8207F5.2070105@whyscream.net> <1317160829.10644.140258148445373@webmail.messagingengine.com> Message-ID: <20110927180632.Horde.jPUpZZLnE6FOgkjoSa5RRHA@kishi.patrickdk.com> Well, the info dovecot needs, it mailbox name/location, username, password, and quota, misc info. postfix will need email address to mailbox name mapping info. That is the very basic things you need. Using dovecot lda/lmtp you remove all postfix needs to know mailbox name to directory mapping, that would be duplicated. Quoting terryjames9461 at mm.st: > Hello Tom, > > On Tuesday, September 27, 2011 7:29 PM, "Tom Hendrikx" > wrote: >> The problem with passwd(like) files is that they are almost never in the >> correct format to fit both daemons. The easiest way to use a database. > > I don't yet see using a database easier than flatfiles. I understand > that the one-instance data is done well in a database. > > But also I found this page at the Dovecot wiki, > http://wiki2.dovecot.org/HowTo/VirtualUserFlatFilesPostfix. I keep > rereading it and I think that it tells me that I can do this with > flatfiles only. > > I think its this section, > http://wiki2.dovecot.org/HowTo/VirtualUserFlatFilesPostfix#Master_Configuration, > that tells how to share data with Postfix. Except there's also LMTP > which I haven't figured out how to do it yet. > > For only 3 domains and 30 users its silly to have to run a mysql > database. But who knows yet if I an reading this right, and if sharing > flatfiles are possible? Its confusing to read and understand. > > TJ From terryjames9461 at mm.st Wed Sep 28 01:08:14 2011 From: terryjames9461 at mm.st (terryjames9461 at mm.st) Date: Tue, 27 Sep 2011 15:08:14 -0700 Subject: [Dovecot] What best decision to make for flatfiles or SQL when I use Dovecot2 + Postfix together? In-Reply-To: <4E822851.1030000@bunbun.be> References: <1317138678.29156.140258148311993@webmail.messagingengine.com><4E8207F5.2070105@whyscream.net> <4E822851.1030000@bunbun.be> Message-ID: <1317161294.12320.140258148448633@webmail.messagingengine.com> Hello Nick, On Tuesday, September 27, 2011 9:47 PM, "Nick Rosier" wrote: > +1 one on PostfixAdmin. Wouldn't want to live without it. The main > advantage of using a DB is that all information is stored in 1 location > and available in the right format through SQL-queries. My 1st config > used flat-files and the biggest issue was keeping the different files in > sync (i.e. when creating/deleting users making sure to update all the > necessary files). Did you try that system with flatfiles in Dovecot v2 or v1? I think that this instructed possibility, http://wiki2.dovecot.org/HowTo/VirtualUserFlatFilesPostfix, is only for v2? Its that sync of the different files that I hope to avoid. If I can with flatfiles, all the better. If not then maybe I will have to use SQL. And then the Postfix Admin looks interesting. TJ From terryjames9461 at mm.st Wed Sep 28 01:14:12 2011 From: terryjames9461 at mm.st (terryjames9461 at mm.st) Date: Tue, 27 Sep 2011 15:14:12 -0700 Subject: [Dovecot] What best decision to make for flatfiles or SQL when I use Dovecot2 + Postfix together? In-Reply-To: <20110927180632.Horde.jPUpZZLnE6FOgkjoSa5RRHA@kishi.patrickdk.com> References: <1317138678.29156.140258148311993@webmail.messagingengine.com><4E8207F5.2070105@whyscream.net><1317160829.10644.140258148445373@webmail.messagingengine.com> <20110927180632.Horde.jPUpZZLnE6FOgkjoSa5RRHA@kishi.patrickdk.com> Message-ID: <1317161652.13631.140258148451673@webmail.messagingengine.com> Hello Patrick, On Tuesday, September 27, 2011 6:06 PM, "Patrick Domack" wrote: > Using dovecot lda/lmtp you remove all postfix needs to know mailbox > name to directory mapping, that would be duplicated. With using the Dovecot lmtp option, where does Postfix know to refuse email for a non-existing user or domain? That also has to be shared? I am trying to draw a picture in my head of all the data pieces. Are you saying that when using lmtp the data for Postfix and the data for Dovecot/LMTP do not overlap anymore? Each can have its own flatfiles? TJ From tgoguen at ilap.com Wed Sep 28 01:18:45 2011 From: tgoguen at ilap.com (Tristan Goguen) Date: Tue, 27 Sep 2011 18:18:45 -0400 Subject: [Dovecot] Duplicates when switching from Qpopper to Dovecot pop3 In-Reply-To: References: Message-ID: <2106AB5E-F6ED-431B-8E7B-97D82EC47131@ilap.com> Hi All, Problems can sometimes be solved by _carefully_ reading the documentation: Some clients re-download all mails if you change the hostname in the client configuration. Be aware of this when testing. We converted without a hitch this morning. Thank you for great software. Tristan Tristan Goguen CEO, ILAP? T: 416-250-5600 ext. 205 F: 416-250-6755 tgoguen at ilap.com www.ilap.com On Sep 22, 2011, at 1:01 PM, Tristan Goguen wrote: > > Hi All, > Our test users re-download the mail they've left on the server when they switch from Qpopper to Dovecot. Qpopper includes the X-UIDL header - X-UIDL: X8V"!E)<"!58?"!"9C"! - on read messages. Any suggestions are appreciated. I've included my dovecot configuration. > > Thank you, > Tristan > > --- > Tristan > > Tristan Goguen > CEO, ILAP? > T: 416-250-5600 ext. 205 > F: 416-250-6755 > tgoguen at ilap.com > www.ilap.com > > --- > > # 2.0.14: /etc/dovecot.conf > # OS: SunOS 5.10 sun4v > auth_cache_size = 1048575 B > auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.+-_@ > auth_username_format = %Ln > auth_verbose = yes > base_dir = /usr/local/var/run/dovecot/ > disable_plaintext_auth = no > first_valid_uid = 100 > log_path = /var/log/dovecot.log > login_greeting = > mail_access_groups = mail > mail_fsync = never > mail_location = mbox:~/mail:INBOX=/var/mail/%1u/%1.1u/%u > mbox_dotlock_change_timeout = 1 mins > mbox_min_index_size = 1 B > mbox_read_locks = dotlock > mbox_write_locks = dotlock > mmap_disable = yes > passdb { > driver = shadow > } > protocols = pop3 > service pop3-login { > client_limit = 10 > inet_listener pop3 { > address = 216.223.136.7 > port = 110 > } > process_limit = 128 > process_min_avail = 5 > service_count = 0 > vsz_limit = 512 M > } > shutdown_clients = no > ssl = no > userdb { > args = blocking=yes > driver = passwd > } > protocol pop3 { > pop3_client_workarounds = outlook-no-nuls oe-ns-eoh > pop3_enable_last = yes > pop3_lock_session = yes > pop3_reuse_xuidl = yes > pop3_save_uidl = yes > } > > From dovecot.user at seibercom.net Wed Sep 28 01:42:09 2011 From: dovecot.user at seibercom.net (Jerry) Date: Tue, 27 Sep 2011 18:42:09 -0400 Subject: [Dovecot] outlook 2007 very slow. In-Reply-To: References: <4E77CA5A.6010506@tlinx.org> <4E82109E.2000600@wildgooses.com> <4E821412.2040801@Media-Brokers.com> Message-ID: <20110927184209.504e9c90@scorpio> On Tue, 27 Sep 2011 14:50:39 -0700 Kui Zhang articulated: > On Tue, Sep 27, 2011 at 11:21 AM, Charles Marcus > wrote: > > On 2011-09-27 2:06 PM, Ed W wrote: > >> > >> On 20/09/2011 03:10, Kui Zhang wrote: > >>> > >>> thunderbird does not really work for us, due to amount of emails > >>> per mailbox. It was hogging all the memory + cpu. > > > >> I think if you disable the new local indexing features in TB then > >> it should start running fairly decently? > > > > Also - Outlook is by far much slower than Thunderbird in my > > experience... > > > > I think if you disable the new local indexing features in TB then it > > should start running fairly decently? > > I had indexing disabled... that did not help much. > > TB work better after I have these settings... > > mail.imap.expunge_after_delete true > mail.imap.expunge_option 2 > mail.server.default.autosync_offline_stores false > mail.server.default.offline_download false > mail.server.default.autosync_max_age_days 14 > > I think mail.imap.expunge_after_delete might have caused mdbox limit > problem I had before... but not confirmed. > > > > > > Also - Outlook is by far much slower than Thunderbird in my > > experience... > > > > Multiple people in the office report outlook is faster (when it > works). I have always found Outlook to be much faster than TB. In any case, Outlook 2007 is an old version. I am using the 2010 version at work and it is a much more polished application than the 2010 version and far superior to TB. -- Jerry ? Dovecot.user at seibercom.net Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __________________________________________________________________ From patrickdk at patrickdk.com Wed Sep 28 04:41:37 2011 From: patrickdk at patrickdk.com (Patrick Domack) Date: Tue, 27 Sep 2011 21:41:37 -0400 Subject: [Dovecot] What best decision to make for flatfiles or SQL when I use Dovecot2 + Postfix together? In-Reply-To: <1317161652.13631.140258148451673@webmail.messagingengine.com> References: <1317138678.29156.140258148311993@webmail.messagingengine.com><4E8207F5.2070105@whyscream.net><1317160829.10644.140258148445373@webmail.messagingengine.com> <20110927180632.Horde.jPUpZZLnE6FOgkjoSa5RRHA@kishi.patrickdk.com> <1317161652.13631.140258148451673@webmail.messagingengine.com> Message-ID: <20110927214137.Horde.Bx9rKpLnE6FOgntRdGVQihA@kishi.patrickdk.com> Depends on how you think about it. If you forget about email addresses. Dovecot works on mailbox's, and it maps a mailbox to a path, username, and password. In postfix, it only cares about email addresses (if you use dovecot for delivery, if not then postfix also has to care about the mailbox location). In this case you just tell postfix the email addresses that are valid, and what mailbox they go to. So normally most users would just have a 1 to 1 mapping in postfix, email -> email, as their email address will be the same as their mailbox. But then you might have extra, like, sales at x -> user at x All depends on how flexable or simple you want it later. You could just manage two flatfiles. Or you could have it create the 1 to 1 mapping automatically with a script, and just do the extra mappings seperate. Or do the whole thing in sql, and use like postfixadmin to manage it all. Or even use postfixadmin, and have a script pull the results into flatfiles that it uses. It all depends on how much time and energy you want to spend in setting it up, vs the flexibility you in vision you need later. I do it 3 different ways, on different systems, one is just sql fully, nothing interesting. My personal email is sql, but dumped to local flatfiles. And another system I pull the info from windows AD. Quoting terryjames9461 at mm.st: > Hello Patrick, > > On Tuesday, September 27, 2011 6:06 PM, "Patrick Domack" > wrote: >> Using dovecot lda/lmtp you remove all postfix needs to know mailbox >> name to directory mapping, that would be duplicated. > > With using the Dovecot lmtp option, where does Postfix know to refuse > email for a non-existing user or domain? That also has to be shared? > > I am trying to draw a picture in my head of all the data pieces. Are > you saying that when using lmtp the data for Postfix and the data for > Dovecot/LMTP do not overlap anymore? Each can have its own flatfiles? > > > TJ From terry at cnysupport.com Wed Sep 28 06:41:31 2011 From: terry at cnysupport.com (Terry Carmen) Date: Tue, 27 Sep 2011 23:41:31 -0400 Subject: [Dovecot] Virtual Folder configuration problem. In-Reply-To: <4E808064.9050005@Media-Brokers.com> References: <20110924213056.Horde.qHIQRFeGiNBOfoRQjGNhvJA@www.cnysupport.com> <4E808064.9050005@Media-Brokers.com> Message-ID: <20110927234131.Horde.q0raU1eGiNBOgpdraHYkUUA@www.cnysupport.com> >> Does anybody have any suggestions? > > Upgrade - which probably won't fix your problem, but because the > version you're using is so old should be considered a requirement > before asking for further help. OK, I upgraded to the current version of Dovecot, which didn't actually fix anything. However I spent pretty much an entire day experimenting and reading docs from all over the net, I came up with something that more-or-less works, although it still behaves a touch strangely. I added the following code: dovecot.conf: mail_plugins = $mail_plugins virtual namespace { list = yes type = private prefix = virtual-folders. separator = . location = virtual:~/Maildir/virtual-folders } 10-mail.conf: namespace { separator = . prefix = inbox = yes } 10-lda.conf mail_plugins = $mail_plugins sieve virtual 20-imap.conf mail_plugins = $mail_plugins virtual The directory virtual-folders appears inside the ~/Maildir folder and contains the file dovecot-virtual, which contains: # ~/Maildir/dovecot-virtual INBOX INBOX.Folder1 INBOX.Folder1.* INBOX.Folder2 INBOX.Folder2.* unseen This actually works, although the subscription to the virtual folder vanishes with each logout, and need to be re-subscribed with each login. Also, the virtual folder appears as "virtual-folder" in the client, at the same level as INBOX. I'd like to make move it under INBOX and place other virtual folders inside it, but haven't been able to find the right configuration. I would appreciate any hints on where to look to make the subscription permanent and to make a folder structure containing virtual-folder sub-nodes for various search criteria. Any assistance is appreciated. Thanks! Terry From stan at hardwarefreak.com Wed Sep 28 08:42:15 2011 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Wed, 28 Sep 2011 00:42:15 -0500 Subject: [Dovecot] outlook 2007 very slow. In-Reply-To: References: <4E77CA5A.6010506@tlinx.org> <4E82109E.2000600@wildgooses.com> <4E821412.2040801@Media-Brokers.com> Message-ID: <4E82B3B7.2020301@hardwarefreak.com> On 9/27/2011 4:50 PM, Kui Zhang wrote: >> I think if you disable the new local indexing features in TB then it >> should start running fairly decently? > > I had indexing disabled... that did not help much. > > TB work better after I have these settings... > > mail.imap.expunge_after_delete true > mail.imap.expunge_option 2 > mail.server.default.autosync_offline_stores false > mail.server.default.offline_download false > mail.server.default.autosync_max_age_days 14 > > I think mail.imap.expunge_after_delete might have caused mdbox limit > problem I had before... but not confirmed. What, exactly, was the nature of the performance problem you originally mentioned to start this thread, the mailbox with the thousands of sub folders? With GLODA and local synchronization disabled, using 1 IMAP connection instead of the default 5, disabling IDLE and using check interval seconds, and using the default: mail.server.default.check_all_folders_for_new FALSE then you should have excellent performance with TB regardless of the number of folders in a mailbox. Unless maybe the hardware or net pipe are lacking. What are the specs of the client machine in question? What CPU/freq. Maybe more importantly, what is the link speed of the network between this PC and the Dovecot server? LAN or WAN? -- Stan From terryjames9461 at mm.st Wed Sep 28 09:08:03 2011 From: terryjames9461 at mm.st (terryjames9461 at mm.st) Date: Tue, 27 Sep 2011 23:08:03 -0700 Subject: [Dovecot] What best decision to make for flatfiles or SQL when I use Dovecot2 + Postfix together? In-Reply-To: <20110927214137.Horde.Bx9rKpLnE6FOgntRdGVQihA@kishi.patrickdk.com> References: <1317138678.29156.140258148311993@webmail.messagingengine.com><4E8207F5.2070105@whyscream.net><1317160829.10644.140258148445373@webmail.messagingengine.com><20110927180632.Horde.jPUpZZLnE6FOgkjoSa5RRHA@kishi.patrickdk.com><1317161652.13631.140258148451673@webmail.messagingengine.com> <20110927214137.Horde.Bx9rKpLnE6FOgntRdGVQihA@kishi.patrickdk.com> Message-ID: <1317190083.25639.140258148566589@webmail.messagingengine.com> Hello Patrick, On Tuesday, September 27, 2011 9:41 PM, "Patrick Domack" wrote: > It all depends on how much time and energy you want to spend in > setting it up, vs the flexibility you in vision you need later. This is the intersection of the decision. I still am no sure if that simple flatfile dream of one-instance data can be done. I think I am going to have to try it a number of times becuase I dont see a certain answer, yes or no. Can you may be explain more what you do with your case that you dump SQL to flatfile? I don't see why that would ever be a benefit and am interested in understanding that. I think I am worried about using SQL a bit because it is not something that I think I can edit so quickly as I do text files. And also like you others, losing data when things are corrupted. TJ From dlie76 at yahoo.com.au Wed Sep 28 09:37:32 2011 From: dlie76 at yahoo.com.au (Daminto Lie) Date: Tue, 27 Sep 2011 23:37:32 -0700 (PDT) Subject: [Dovecot] deliver LDA issue with setuid-root Message-ID: <1317191852.67316.YahooMailNeo@web113415.mail.gq1.yahoo.com> Hi, I am getting the following error message when trying to implement LDA Dovecot 1.2.9 with virtual users: Sep 28 15:59:33 server1 postfix/pipe[3041]: 28BEC2400A1: to=, relay=dovecot, delay=2361, delays=2361/0.01/0/0.03, dsn=4.3.0, status=deferred (temporary failure. Command output: /usr/lib/dovecot/deliver must not be both world-executable and setuid-root. This allows root exploits. See http://wiki.dovecot.org/LDA#multipleuids ) I do not know if I need to change the group to secmail. Currently, I have as follows -rwsr-xr-x?? 1 root root 933796 2011-06-10 05:36 deliver Can I change it to any other group apart from secmail? and what does it mean by world-executable? Sorry if I ask a silly question here but keen to learn more about linux. Here is my dovecot.conf log_timestamp: %Y-%m-%d %H:%M:%S protocols: imap listen: *:143 ssl: no disable_plaintext_auth: no login_dir: /var/run/dovecot/login login_executable: /usr/lib/dovecot/imap-login verbose_proctitle: yes first_valid_uid: 106 last_valid_uid: 200 mail_privileged_group: mail mail_location: maildir:/home/vmail/%u/Maildir mbox_write_locks: fcntl dotlock mail_plugins: quota imap_quota imap_client_workarounds: outlook-idle delay-newmail netscape-eoh tb-extra-mailbox-sep lda: ? postmaster_address: postmaster at example.com ? mail_plugins: quota ? sendmail_path: /usr/lib/sendmail ? rejection_reason: Your message to <%t> was automatically rejected:%n%r auth default: ? mechanisms: plain login ? username_format: %Lu ? verbose: yes ? debug: yes ? debug_passwords: yes ? passdb: ??? driver: pam ? passdb: ??? driver: ldap ??? args: /etc/dovecot/dovecot-ldap.conf ? userdb: ??? driver: prefetch ? userdb: ??? driver: passwd ? userdb: ??? driver: static ??? args: uid=106 gid=1010 home=/home/vmail/%u ? socket: ??? type: listen ??? client: ????? path: /var/spool/postfix/private/auth ????? mode: 432 ????? user: postfix ????? group: mail ??? master: ????? path: /var/run/dovecot-auth-master ????? mode: 432 ????? user: vmail ????? group: vmail plugin: ? quota: maildir ? quota_rule: *:storage=3GB ? quota_rule2: Trash:storage=20%% ? quota_rule3: Spam:storage=10%% ? quota_warning: storage=95%% /usr/local/bin/quota-warning.sh 95 ? quota_warning2: storage=80%% /usr/local/bin/quota-warning.sh 80 Here is my master.cf # delivery through dovecot dovecot?? unix? -?????? n?????? n?????? -?????? -?????? pipe ? flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${recipient} Any help would be greatly appreciated. Thank you From janfrode at tanso.net Wed Sep 28 09:44:24 2011 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Wed, 28 Sep 2011 08:44:24 +0200 Subject: [Dovecot] What best decision to make for flatfiles or SQL when I use Dovecot2 + Postfix together? In-Reply-To: <1317138678.29156.140258148311993@webmail.messagingengine.com> References: <1317138678.29156.140258148311993@webmail.messagingengine.com> Message-ID: <20110928064424.GA31755@oc1046828364.ibm.com> On Tue, Sep 27, 2011 at 08:51:18AM -0700, terryjames9461 at mm.st wrote: > > I'm a little confused about: to do that sharing-in-one-place, do I have > to use SQL or can I use the flatfiles like passwd-db? I think for sure > someone already decided the best approach for this, and maybe I'm not > understanding the logic to it. Best approach is probably to store this in an ldap-directory. Then you can easily have multi-master replication, and avoid any single point of failure for your database. Both postfix and dovecot will be able to lookup the data using ldap. -jf From dovecot.user at seibercom.net Wed Sep 28 15:02:05 2011 From: dovecot.user at seibercom.net (Jerry) Date: Wed, 28 Sep 2011 08:02:05 -0400 Subject: [Dovecot] What best decision to make for flatfiles or SQL when I use Dovecot2 + Postfix together? In-Reply-To: <20110928064424.GA31755@oc1046828364.ibm.com> References: <1317138678.29156.140258148311993@webmail.messagingengine.com> <20110928064424.GA31755@oc1046828364.ibm.com> Message-ID: <20110928080205.5d621f20@scorpio> On Wed, 28 Sep 2011 08:44:24 +0200 Jan-Frode Myklebust articulated: > On Tue, Sep 27, 2011 at 08:51:18AM -0700, terryjames9461 at mm.st wrote: > > > > I'm a little confused about: to do that sharing-in-one-place, do I > > have to use SQL or can I use the flatfiles like passwd-db? I > > think for sure someone already decided the best approach for this, > > and maybe I'm not understanding the logic to it. > > Best approach is probably to store this in an ldap-directory. Then you > can easily have multi-master replication, and avoid any single point > of failure for your database. Both postfix and dovecot will be able to > lookup the data using ldap. While "ldap" may be fine for some users; personally, I have had nothing but catastrophic results when attempting to use it. I am fully aware that the main problem is that I am not truly "ldap" proficient. For the end user who needs an easy to maintain database I would unequivocally recommend MySQL. It has the added bonus of not requiring that Postfix (and I am not sure about Dovecot) be restarted if the database is changed. In Postfix, this also eliminates the requirement that "postmap" be run on the edited files prior to restarting Postfix. Just my unsolicited 2?. -- Jerry ? Dovecot.user at seibercom.net Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __________________________________________________________________ From ra at rz.uni-frankfurt.de Wed Sep 28 15:33:33 2011 From: ra at rz.uni-frankfurt.de (ra at rz.uni-frankfurt.de) Date: Wed, 28 Sep 2011 14:33:33 +0200 Subject: [Dovecot] Problems running Dovecot 1.2.17 on AIX Message-ID: <4E83141D.90306@rz.uni-frankfurt.de> Hello, we have a problem getting Dovecot 1.2.17 to work on one of our AIX-Machines (AIX 5.3). Dovecot compiles fine, but if we try to run it we get strange library dependency problems such as the following: [root at localhost dovecot-test]# /local/dovecot-test/sbin/dovecot -F -c /local/dovecot-test/etc/dovecot.clients.conf Edlopen(/local/dovecot-test/lib/dovecot/imap/lib01_acl_plugin.so) failed: rtld: 0712-001 Symbol bsearch_strcmp was referenced from module /local/dovecot-test/lib/dovecot/imap/lib01_acl_plugin.so(), but a runtime definition of the symbol was not found. rtld: 0712-001 Symbol safe_mkstemp_group was referenced from module /local/dovecot-test/lib/dovecot/imap/lib01_acl_plugin.so(), but a runtime definition of the symbol was not found. rtld: 0712-001 Symbol mail_user_module_register was referenced from module /local/dovecot-test/lib/dovecot/imap/lib01_acl_plugin.so(), but a runtime definition of the symbol was not found. rtld: 0712-001 Symbol dict_iterate_init was referenced from module /local/dovecot-test/lib/dovecot/imap/lib01_acl_plugin.so(), but a runtime definition of the symbol was not found. rtld: 0712-001 Symbol dict_iterate was referenced from module /local/dovecot-test/lib/dovecot/imap/lib01_acl_plugin.so(), but a runtime definition of the symbol was not found. rtld: 0712-001 Symbol dict_iterate_deinit was referenced from module /local/dovecot-test/lib/dovecot/imap/lib01_acl_plugin.so(), but a runtime definition of the symbol was not found. rtld: 0712-001 Symbol i_strcmp_p was referenced from module /local/dovecot-test/lib/dovecot/imap/lib01_acl_plugin.so(), but a runtime definition of the symbol was not found. Additional errors occurred but are not reported. FCouldn't load required plugins We tried to use the compiler-script as described on the wiki (http://wiki1.dovecot.org/AixPluginsSupport) and we tried to compile dovecot with gcc instead of xlc. We even tried it on another host running AIX 5.3 but dovecot still fails with the runtime linker complaining about missing runtime definitions. Any hint/help would be appreciated. Thanks in advance Manuel From robert at schetterer.org Wed Sep 28 16:02:51 2011 From: robert at schetterer.org (Robert Schetterer) Date: Wed, 28 Sep 2011 15:02:51 +0200 Subject: [Dovecot] What best decision to make for flatfiles or SQL when I use Dovecot2 + Postfix together? In-Reply-To: <1317138678.29156.140258148311993@webmail.messagingengine.com> References: <1317138678.29156.140258148311993@webmail.messagingengine.com> Message-ID: <4E831AFB.9000603@schetterer.org> Am 27.09.2011 17:51, schrieb terryjames9461 at mm.st: > Hello, > > I'm moving my mail server from Exchange to an opensource one. > > After a bunch of reading, I decided on building a Dovecot2 + Postfix > server in a VirtualUsers-only + Multiple-domains configuration. > > Since my messages will be stored by Dovecot, and the documentation is > really good, I figured that it's smartest to configure Dovecot, then > make Postfix 'fit' to it, sharing the data files that way. > > I read through lots of the Dovecot wiki for v2. > > There are many ways for storing the database data. My goal is to only > have data in one instances, used by both Postfix & Dovecot. > > I'm a little confused about: to do that sharing-in-one-place, do I have > to use SQL or can I use the flatfiles like passwd-db? I think for sure > someone already decided the best approach for this, and maybe I'm not > understanding the logic to it. > > The data I think I need to share are: > > users (user at domain.com) > passwords > user aliases (mapping user2 at domain.com -> user1 at domain.com) > domains > domain aliases (domain.com also receives email for domain2.com) > > And I think all of this can be in passwd-db in Dovecot. But I also want > to make sure that Postfix ONLY accepts email for users/domains that > exist, so it has to read that data too. > > Can I do this that way with the flatfiles? Or do I have to use the SQL > approach? > > > TJ i do it all with postfixadmin and mysql, in my eyes you could use plain flat files , if your the only on who admins i.e over ssh etc but if you want a customer friendly mailserver, with parted superadmin/domainadmin/user administration over some i.e. http gui you should better use sql and/or ldap stuff -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria From CMarcus at Media-Brokers.com Wed Sep 28 16:03:18 2011 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Wed, 28 Sep 2011 09:03:18 -0400 Subject: [Dovecot] outlook 2007 very slow. In-Reply-To: <20110927184209.504e9c90@scorpio> References: <4E77CA5A.6010506@tlinx.org> <4E82109E.2000600@wildgooses.com> <4E821412.2040801@Media-Brokers.com> <20110927184209.504e9c90@scorpio> Message-ID: <4E831B16.4050607@Media-Brokers.com> On 2011-09-27 6:42 PM, Jerry wrote: > I have always found Outlook to be much faster than TB. In any case, > Outlook 2007 is an old version. I am using the 2010 version at work and > it is a much more polished application than the 2010 version and far > superior to TB. That's funny - I find Outlooks email UI to be horrible. And HTML support relies on Word's HTML rendering engine? Give me a break... Outlook's calendar is definitely superior, but as an email client it is only useful when it is used in a full blown Exchange environment. As an IMAP client, it blows chunks. -- Best regards, Charles From nick+dovecot at bunbun.be Wed Sep 28 16:04:17 2011 From: nick+dovecot at bunbun.be (Nick Rosier) Date: Wed, 28 Sep 2011 15:04:17 +0200 Subject: [Dovecot] What best decision to make for flatfiles or SQL when I use Dovecot2 + Postfix together? In-Reply-To: <1317161294.12320.140258148448633@webmail.messagingengine.com> References: <1317138678.29156.140258148311993@webmail.messagingengine.com><4E8207F5.2070105@whyscream.net> <4E822851.1030000@bunbun.be> <1317161294.12320.140258148448633@webmail.messagingengine.com> Message-ID: <4E831B51.9040308@bunbun.be> terryjames9461 at mm.st wrote: > Hello Nick, > > On Tuesday, September 27, 2011 9:47 PM, "Nick Rosier" > wrote: > >> +1 one on PostfixAdmin. Wouldn't want to live without it. The main >> advantage of using a DB is that all information is stored in 1 location >> and available in the right format through SQL-queries. My 1st config >> used flat-files and the biggest issue was keeping the different files in >> sync (i.e. when creating/deleting users making sure to update all the >> necessary files). > > Did you try that system with flatfiles in Dovecot v2 or v1? I think that > this instructed possibility, > http://wiki2.dovecot.org/HowTo/VirtualUserFlatFilesPostfix, is only for > v2? This was back with v1. It was working with a little script I wrote. A problem was delegating management of all the domains. My servers hosts a number of domains which are owned by different people (family+friends). With PostfixAdmin you can define which user administers which domains (another perk). > > Its that sync of the different files that I hope to avoid. If I can > with flatfiles, all the better. If not then maybe I will have to use > SQL. And then the Postfix Admin looks interesting. An additional advantage I found with PostfixAdmin is the possibility to run post-creation/editing/deleting scripts on mailboxes and domains. I'm using Amavisd-new and have the post-creation script create users in the Amavis-DB with e.g. the default policies for a user and populating some tables used by other tools (quarReminder etc...). Rgds, N. PS: my mailserver only hosts a couple of domains and less than 100 mailboxes. I could have done this with flat-files but the possibility to delegate mailbox creation/deletion to the domain owners was worth the "trouble" using a DB which I was using anyway for other services. From simon.brereton at buongiorno.com Wed Sep 28 16:49:49 2011 From: simon.brereton at buongiorno.com (Simon Brereton) Date: Wed, 28 Sep 2011 09:49:49 -0400 Subject: [Dovecot] What best decision to make for flatfiles or SQL when I use Dovecot2 + Postfix together? In-Reply-To: <1317190083.25639.140258148566589@webmail.messagingengine.com> References: <1317138678.29156.140258148311993@webmail.messagingengine.com><4E8207F5.2070105@whyscream.net><1317160829.10644.140258148445373@webmail.messagingengine.com><20110927180632.Horde.jPUpZZLnE6FOgkjoSa5RRHA@kishi.patrickdk.com><1317161652.13631.140258148451673@webmail.messagingengine.com> <20110927214137.Horde.Bx9rKpLnE6FOgntRdGVQihA@kishi.patrickdk.com> <1317190083.25639.140258148566589@webmail.messagingengine.com> Message-ID: <044601cc7de5$7eb585b0$7c209110$@brereton@buongiorno.com> > -----Original Message----- > From: dovecot-bounces at dovecot.org [mailto:dovecot- > bounces at dovecot.org] On Behalf Of terryjames9461 at mm.st > Hello Patrick, > > On Tuesday, September 27, 2011 9:41 PM, "Patrick Domack" > wrote: > > It all depends on how much time and energy you want to spend in > > setting it up, vs the flexibility you in vision you need later. > > This is the intersection of the decision. I still am no sure if that > simple flatfile dream of one-instance data can be done. I think I am > going to have to try it a number of times becuase I dont see a > certain answer, yes or no. > > Can you may be explain more what you do with your case that you dump > SQL to flatfile? I don't see why that would ever be a benefit and am > interested in understanding that. > > I think I am worried about using SQL a bit because it is not > something that I think I can edit so quickly as I do text files. And > also like you others, losing data when things are corrupted. I have reasonable evidence that I'm by no means a sys-admin or even a linux Guru. But for the past 5 years, I've managed a system like you're trying to build - Postfix/Amavis/SpamAssassin/Dovecot (until recently I was running Courier for the MDA) with an SQL backend. It's never let me down, gives me a web interface (with PHPMyAdmin) to make changes, has 7 domains and about 300 user accounts. Once the set-up is done, you can save a file with a few queries or even build a php page to make common changes (adding domains/users, etc). Backup is easy. For the record, I've never used Postfixadmin - although I hear great things about it. Like the others, I'd recommend going the SQL route - it's easier to maintain and upgrade and it scales. If you don't need it to scale you've lost nothing because it uses virtually no resources, and if you do, you have it. Simon From dovecot.user at seibercom.net Wed Sep 28 17:04:47 2011 From: dovecot.user at seibercom.net (Jerry) Date: Wed, 28 Sep 2011 10:04:47 -0400 Subject: [Dovecot] outlook 2007 very slow. In-Reply-To: <4E831B16.4050607@Media-Brokers.com> References: <4E77CA5A.6010506@tlinx.org> <4E82109E.2000600@wildgooses.com> <4E821412.2040801@Media-Brokers.com> <20110927184209.504e9c90@scorpio> <4E831B16.4050607@Media-Brokers.com> Message-ID: <20110928100447.05f8beee@scorpio> On Wed, 28 Sep 2011 09:03:18 -0400 Charles Marcus articulated: > On 2011-09-27 6:42 PM, Jerry wrote: > > I have always found Outlook to be much faster than TB. In any case, > > Outlook 2007 is an old version. I am using the 2010 version at work > > and it is a much more polished application than the 2010 version > > and far superior to TB. > > That's funny - I find Outlooks email UI to be horrible. And HTML > support relies on Word's HTML rendering engine? Give me a break... > > Outlook's calendar is definitely superior, but as an email client it > is only useful when it is used in a full blown Exchange environment. > As an IMAP client, it blows chunks. Like all things, the usefulness of any application can only be truly measured in the context of the end user's environment. I virtually never use HTML e-mail myself. There are a few publications that I subscribe to that supply their material in HTML format; however, they all also list a URL to view the material. I prefer to use that method instead. E-mail, in my opinion, is a poor environment for HTML. MS Outlook's calender is the best available. I find Outlook's interface easy to use. Then again, I am quite familiar with it so that would only be natural. You fail to mention what version of Outlook you are referring to so there is no way I can gather any useful data from your analysis other to state that I have never used any version of TB that I found as useful as a comparative version of Outlook. If it is Outlook 2007, then perhaps this comparison of products should be restricted to a four year old version of TB also. I think I can safely say without fear of contradiction that, that is not something anyone would readily want to do. In any case, the idiom, "better the devil you know than the devil you don't" is apropos to this thread. -- Jerry ? Dovecot.user at seibercom.net Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __________________________________________________________________ From tompru at jla.rutgers.edu Wed Sep 28 17:09:17 2011 From: tompru at jla.rutgers.edu (Tom Pawlowski) Date: Wed, 28 Sep 2011 10:09:17 -0400 Subject: [Dovecot] 2.0.14 IPC client_limit reached error Message-ID: <20110928140917.GC16725@hawkeye.rutgers.edu> Hi Timo, Upgraded to 2.0.14 last night for the director-related features and I noticed an oddity in the logs: Sep 28 09:53:21 director2 dovecot: master: Warning: service(ipc): client_limit reached, client connections are being dropped Sep 28 09:53:56 director1 dovecot: master: Warning: service(ipc): client_limit reached, client connections are being dropped Sep 28 09:54:23 director2 dovecot: master: Warning: service(ipc): client_limit reached, client connections are being dropped Sep 28 09:55:07 director1 dovecot: master: Warning: service(ipc): client_limit reached, client connections are being dropped Sep 28 09:55:24 director2 dovecot: master: Warning: service(ipc): client_limit reached, client connections are being dropped Sep 28 09:56:08 director1 dovecot: master: Warning: service(ipc): client_limit reached, client connections are being dropped Sep 28 09:56:25 director2 dovecot: master: Warning: service(ipc): client_limit reached, client connections are being dropped Sep 28 09:57:10 director1 dovecot: master: Warning: service(ipc): client_limit reached, client connections are being dropped Sep 28 09:57:26 director2 dovecot: master: Warning: service(ipc): client_limit reached, client connections are being dropped These warnings are only being printed out by the directors. Both the directors and imap/pop3 servers have init scripts with the following ulimits set in the start sections: ulimit -s unlimited ulimit -n 30000 ulimit -u 30000 (We'd get alerts long before resource consumption became an issue) I've been watching the established imap/pop3 connection count on both directors for the past hour and a half and despite these warnings, those counts have grown continuously. The other weird thing is, according the configuration (attached), the ipc service has a client_limit of 0 by default, so we shouldn't be hitting a ceiling anyway, correct? So are these false warnings or something to be concerned about? -- Tom Pawlowski OIT-CSS System Administrator office: Hill 147 email: tompru at jla.rutgers.edu phone: (732) 445-2634 -------------- next part -------------- # 2.0.14: /etc/dovecot/dovecot.conf # OS: Linux 2.6.18-194.32.1.el5 x86_64 CentOS release 5.5 (Final) auth_anonymous_username = anonymous auth_cache_negative_ttl = 1 hours auth_cache_size = 0 auth_cache_ttl = 1 hours auth_debug = no auth_debug_passwords = no auth_default_realm = auth_failure_delay = 2 secs auth_first_valid_uid = 500 auth_gssapi_hostname = auth_krb5_keytab = auth_last_valid_uid = 0 auth_master_user_separator = auth_mechanisms = plain auth_realms = auth_socket_path = auth-userdb auth_ssl_require_client_cert = no auth_ssl_username_from_cert = no auth_use_winbind = no auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@ auth_username_format = auth_username_translation = auth_verbose = no auth_verbose_passwords = no auth_winbind_helper_path = /usr/bin/ntlm_auth auth_worker_max_count = 30 base_dir = /var/run/dovecot config_cache_size = 1 M debug_log_path = default_client_limit = 1000 default_idle_kill = 60 default_internal_user = dovecot default_login_user = dovenull default_process_limit = 100 default_vsz_limit = 256 M deliver_log_format = msgid=%m: %$ dict_db_config = director_doveadm_port = 9091 director_mail_servers = 192.168.160.74 192.168.160.75 192.168.160.76 192.168.160.77 192.168.160.78 192.168.160.79 director_servers = 192.168.160.80 192.168.160.81 director_user_expire = 15 mins disable_plaintext_auth = yes dotlock_use_excl = yes doveadm_allowed_commands = doveadm_password = doveadm_proxy_port = 0 doveadm_socket_path = doveadm-server doveadm_worker_count = 0 first_valid_gid = 1 first_valid_uid = 500 hostname = imap_capability = imap_client_workarounds = imap_id_log = imap_id_send = imap_idle_notify_interval = 2 mins imap_logout_format = bytes=%i/%o imap_max_line_length = 64 k import_environment = TZ LISTEN_PID LISTEN_FDS info_log_path = last_valid_gid = 0 last_valid_uid = 0 lda_mailbox_autocreate = no lda_mailbox_autosubscribe = no lda_original_recipient_header = libexec_dir = /usr/libexec/dovecot listen = * lmtp_proxy = no lmtp_save_to_detail_mailbox = no lock_method = fcntl log_path = syslog log_timestamp = "%b %d %H:%M:%S " login_access_sockets = login_greeting = Dovecot ready. login_log_format = %$: %s login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c login_trusted_networks = mail_access_groups = mail_attachment_dir = mail_attachment_fs = sis posix mail_attachment_hash = %{sha1} mail_attachment_min_size = 128 k mail_cache_fields = flags mail_cache_min_mail_count = 0 mail_chroot = mail_debug = no mail_fsync = optimized mail_full_filesystem_access = no mail_gid = mail_home = mail_location = mail_log_prefix = "%s(%u): " mail_max_keyword_length = 50 mail_max_lock_timeout = 0 mail_max_userip_connections = 10 mail_never_cache_fields = imap.envelope mail_nfs_index = no mail_nfs_storage = no mail_plugin_dir = /usr/lib64/dovecot mail_plugins = mail_privileged_group = mail_save_crlf = no mail_temp_dir = /tmp mail_uid = mailbox_idle_check_interval = 30 secs mailbox_list_index_disable = no maildir_copy_with_hardlinks = yes maildir_stat_dirs = no maildir_very_dirty_syncs = no master_user_separator = mbox_dirty_syncs = yes mbox_dotlock_change_timeout = 2 mins mbox_lazy_writes = yes mbox_lock_timeout = 5 mins mbox_min_index_size = 0 mbox_read_locks = fcntl mbox_very_dirty_syncs = no mbox_write_locks = dotlock fcntl mdbox_preallocate_space = no mdbox_rotate_interval = 0 mdbox_rotate_size = 2 M mmap_disable = no passdb { args = proxy=y nopassword=y deny = no driver = static master = no pass = no } pop3_client_workarounds = pop3_enable_last = no pop3_fast_size_lookups = no pop3_lock_session = no pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s pop3_no_flag_updates = no pop3_reuse_xuidl = no pop3_save_uidl = no pop3_uidl_format = %08Xu%08Xv postmaster_address = protocols = imap pop3 lmtp quota_full_tempfail = no recipient_delimiter = + rejection_reason = Your message to <%t> was automatically rejected:%n%r rejection_subject = Rejected: %s sendmail_path = /usr/sbin/sendmail service anvil { chroot = empty client_limit = 16321 drop_priv_before_exec = no executable = anvil extra_groups = group = idle_kill = 4294967295 secs privileged_group = process_limit = 1 process_min_avail = 1 protocol = service_count = 0 type = anvil unix_listener anvil-auth-penalty { group = mode = 0600 user = } unix_listener anvil { group = mode = 0600 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service auth-worker { chroot = client_limit = 1 drop_priv_before_exec = no executable = auth -w extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 1 type = unix_listener auth-worker { group = mode = 0600 user = $default_internal_user } user = vsz_limit = 18446744073709551615 B } service auth { chroot = client_limit = 18466 drop_priv_before_exec = no executable = auth extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener auth-client { group = mode = 0600 user = } unix_listener auth-login { group = mode = 0600 user = $default_internal_user } unix_listener auth-master { group = mode = 0600 user = } unix_listener auth-userdb { group = mode = 0600 user = } unix_listener login/login { group = mode = 0666 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service config { chroot = client_limit = 0 drop_priv_before_exec = no executable = config extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = config unix_listener config { group = mode = 0600 user = } user = vsz_limit = 18446744073709551615 B } service dict { chroot = client_limit = 1 drop_priv_before_exec = no executable = dict extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = unix_listener dict { group = mode = 0600 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service director { chroot = client_limit = 0 drop_priv_before_exec = no executable = director extra_groups = fifo_listener login/proxy-notify { group = mode = 0666 user = } group = idle_kill = 4294967295 secs inet_listener { address = port = 9090 ssl = no } privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener director-admin { group = mode = 0600 user = } unix_listener director-userdb { group = mode = 0600 user = } unix_listener login/director { group = mode = 0666 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service dns_client { chroot = client_limit = 1 drop_priv_before_exec = no executable = dns-client extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = unix_listener dns-client { group = mode = 0666 user = } unix_listener login/dns-client { group = mode = 0666 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service doveadm { chroot = client_limit = 1 drop_priv_before_exec = no executable = doveadm-server extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 1 type = unix_listener doveadm-server { group = mode = 0600 user = } user = vsz_limit = 18446744073709551615 B } service imap-login { chroot = login client_limit = 0 drop_priv_before_exec = no executable = imap-login director extra_groups = group = idle_kill = 0 inet_listener imap { address = port = 143 ssl = no } inet_listener imaps { address = port = 993 ssl = yes } privileged_group = process_limit = 12222 process_min_avail = 10 protocol = imap service_count = 1 type = login user = $default_login_user vsz_limit = 2 G } service imap { chroot = client_limit = 1 drop_priv_before_exec = no executable = imap extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1024 process_min_avail = 0 protocol = imap service_count = 1 type = unix_listener login/imap { group = mode = 0666 user = } user = vsz_limit = 18446744073709551615 B } service ipc { chroot = empty client_limit = 0 drop_priv_before_exec = no executable = ipc extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener ipc { group = mode = 0600 user = } unix_listener login/ipc-proxy { group = mode = 0600 user = $default_login_user } user = $default_internal_user vsz_limit = 18446744073709551615 B } service lmtp { chroot = client_limit = 0 drop_priv_before_exec = no executable = lmtp extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = lmtp service_count = 0 type = unix_listener lmtp { group = mode = 0666 user = } user = vsz_limit = 0 } service log { chroot = client_limit = 0 drop_priv_before_exec = no executable = log extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = log user = vsz_limit = 18446744073709551615 B } service pop3-login { chroot = login client_limit = 0 drop_priv_before_exec = no executable = pop3-login director extra_groups = group = idle_kill = 0 inet_listener pop3 { address = port = 110 ssl = no } inet_listener pop3s { address = port = 995 ssl = yes } privileged_group = process_limit = 4096 process_min_avail = 0 protocol = pop3 service_count = 1 type = login user = $default_login_user vsz_limit = 64 M } service pop3 { chroot = client_limit = 1 drop_priv_before_exec = no executable = pop3 extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1024 process_min_avail = 0 protocol = pop3 service_count = 1 type = unix_listener login/pop3 { group = mode = 0666 user = } user = vsz_limit = 18446744073709551615 B } service ssl-params { chroot = client_limit = 0 drop_priv_before_exec = no executable = ssl-params extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = startup unix_listener login/ssl-params { group = mode = 0666 user = } user = vsz_limit = 18446744073709551615 B } shutdown_clients = yes ssl = required ssl_ca = Hello We are going to split our mailhub in two :-) one for students and one for the others Does Dovecot 2 provide some mechanisms to filter users's' login ? a flat file would be enough for my usage ( I use pam_ldap nss_ldap with nsswitch ) thanks From asai at globalchangemusic.org Wed Sep 28 20:30:07 2011 From: asai at globalchangemusic.org (Asai) Date: Wed, 28 Sep 2011 10:30:07 -0700 Subject: [Dovecot] Dsync Removing Subscriptions Entries Message-ID: <4E83599F.8030603@globalchangemusic.org> Greetings, In learning to get Dsync to work, I see a lot of this type of warning in the logs: dsync-remote(user at domain.org): Warning: Subscriptions file /vmail/domain/user/subscriptions: Removing invalid entry: INBOX/SOME folder When I ran a test this morning on the backed up emails on the remote server with Thunderbird, I did indeed see that many of the subscribed folders were not present in TB, although the directories and data were indeed present on the remote server. The subscriptions file on the remote server had the omissions which Dsync warned about. These maildir folders seem to work fine on the main server. Can someone help me to understand how to make the sync without omissions in the subscriptions file? -- *Asai* Global Change Multi-Media Internet Application Development IT and Networking Services 520-398-2542 From user+dovecot at localhost.localdomain.org Wed Sep 28 21:33:27 2011 From: user+dovecot at localhost.localdomain.org (Pascal Volk) Date: Wed, 28 Sep 2011 20:33:27 +0200 Subject: [Dovecot] deliver LDA issue with setuid-root In-Reply-To: <1317191852.67316.YahooMailNeo@web113415.mail.gq1.yahoo.com> References: <1317191852.67316.YahooMailNeo@web113415.mail.gq1.yahoo.com> Message-ID: <4E836877.4070105@localhost.localdomain.org> On 09/28/2011 08:37 AM Daminto Lie wrote: > Hi, > > I am getting the following error message when trying to implement LDA Dovecot 1.2.9 with virtual users: > > > Sep 28 15:59:33 server1 postfix/pipe[3041]: 28BEC2400A1: to=, relay=dovecot, delay=2361, delays=2361/0.01/0/0.03, dsn=4.3.0, status=deferred (temporary failure. Command output: /usr/lib/dovecot/deliver must not be both world-executable and setuid-root. This allows root exploits. See http://wiki.dovecot.org/LDA#multipleuids ) > > I do not know if I need to change the group to secmail. Currently, I have as follows > > -rwsr-xr-x 1 root root 933796 2011-06-10 05:36 deliver > > > Can I change it to any other group apart from secmail? and what does it mean by world-executable? Sorry if I ask a silly question here but keen to learn more about linux. RTFM chmod(1) > ? > Here is my master.cf > # delivery through dovecot > dovecot unix - n n - - pipe > flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${recipient} > > Any help would be greatly appreciated. > > Thank you chgrp vmail /usr/lib/dovecot/deliver chmod o-rx !$ Regards, Pascal -- The trapper recommends today: cafefeed.1127120 at localdomain.org From kuizhang at gmail.com Wed Sep 28 23:00:27 2011 From: kuizhang at gmail.com (Kui Zhang) Date: Wed, 28 Sep 2011 13:00:27 -0700 Subject: [Dovecot] outlook 2007 very slow. In-Reply-To: <4E82B3B7.2020301@hardwarefreak.com> References: <4E77CA5A.6010506@tlinx.org> <4E82109E.2000600@wildgooses.com> <4E821412.2040801@Media-Brokers.com> <4E82B3B7.2020301@hardwarefreak.com> Message-ID: On Tue, Sep 27, 2011 at 10:42 PM, Stan Hoeppner wrote: > On 9/27/2011 4:50 PM, Kui Zhang wrote: >>> >>> I think if you disable the new local indexing features in TB then it >>> should start running fairly decently? >> >> I had indexing disabled... that did not help much. >> >> TB work better after I have these settings... >> >> mail.imap.expunge_after_delete true >> mail.imap.expunge_option 2 >> mail.server.default.autosync_offline_stores false >> mail.server.default.offline_download false >> mail.server.default.autosync_max_age_days 14 >> >> I think mail.imap.expunge_after_delete might have caused mdbox limit >> problem I had before... but not confirmed. > > What, exactly, was the nature of the performance problem you originally > mentioned to start this thread, the mailbox with the thousands of sub > folders? This thread might be getting little off topic. It was for inotify loop on server side during idle (outlook 2k7), with approximate 2.1k folders. > > With GLODA and local synchronization disabled, using 1 IMAP connection > instead of the default 5, disabling IDLE and using check interval seconds, > and using the default: I have not notice looping on idle when client using Thunderbird. So it might be outlook specific. > > mail.server.default.check_all_folders_for_new ? FALSE > Not feasible. Few folders need to be checked periodically... > then you should have excellent performance with TB regardless of the number > of folders in a mailbox. ?Unless maybe the hardware or net pipe are lacking. > Ya, but TB would be doing less work. > What are the specs of the client machine in question? ?What CPU/freq. Maybe > more importantly, what is the link speed of the network between this PC and > the Dovecot server? ?LAN or WAN? avg ttl = 0.5ms Sustain 10-12MB/s, concurrent connections, from 5+ workstations. No load issues recorded on the server side. The clients have 8GB of ram, athlon II X4 640 quad core. they should have enough juice... On an athlon 3200, 2G Ram, I did some tests on an account, with 3GB on disk, approximate 100k emails, and 30 folders. on the client side, when no mail client running. 450-500MB ram used. CPU at 1-2% TB hangs on start up, for extent period of time. cpu at 100%, ram at 1 - 1.2 GB used. CPU usage almost always at 100%. And it hangs from time to time. The client side disk usage for TB is around 200MB? why would it need 500MB of ram? This is something I will bring up with the thunderbird people. With claws-mail, cpu goes up depending on amount of email in the folder. And cpu usage drop almost immediately after folder switch. around 480 ? 520 MB ram used. So the client box is not too slow. KuiZ > > -- > Stan > > From pavel.obr at gmail.com Wed Sep 28 23:40:45 2011 From: pavel.obr at gmail.com (Pavel Obr) Date: Wed, 28 Sep 2011 22:40:45 +0200 Subject: [Dovecot] Dovecot and NTLM problem Message-ID: Hallo, i am trying setup dovecot 2.0.9 with NTLM. I tested succesfully winbind with winbind -k, ntlm-auth with ntlm_auth --username=pavel. But I cannot authenticate in Dovecot. My log show these lines: Sep 28 22:16:25 srv-pat dovecot: auth: Debug: auth client connected (pid=6002) Sep 28 22:16:25 srv-pat dovecot: auth: Debug: client in: AUTH#0111#011NTLM#011service=imap#011lip=192.168.7.67#011rip=192.168.100.141#011lport=143#011rport=5109 Sep 28 22:16:25 srv-pat dovecot: auth: Debug: client out: CONT#0111#011 Sep 28 22:16:25 srv-pat dovecot: auth: Fatal: execv(/usr/bin/ntlm_auth) failed: Permission denied Sep 28 22:16:25 srv-pat dovecot: auth: Error: winbind: ntlm_auth exited with exit code 84 Sep 28 22:16:25 srv-pat dovecot: auth: Debug: client in: CONT#0111#011TlRMTVNTUAABAAAAB4IIAAAAAAAAAAAAAAAAAAAAAAA= Sep 28 22:16:25 srv-pat dovecot: auth: Error: winbind(?,192.168.100.141): write(out_pipe) failed: Broken pipe Sep 28 22:16:27 srv-pat dovecot: auth: Debug: client out: FAIL#0111 Do you know what that is mean "Fatal: execv(/usr/bin/ntlm_auth) failed: Permission denied" ? What is exit code 84 - "Error: winbind: ntlm_auth exited with exit code 84"? My dovecot -n: # 2.0.9: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-131.12.1.el6.x86_64 x86_64 Scientific Linux release 6.1 (Carbon) auth_debug = yes auth_debug_passwords = yes auth_mechanisms = plain ntlm login auth_use_winbind = yes auth_username_format = %n mail_home = /data/vmail/%d/%n mail_location = mdbox:~/mail mbox_write_locks = fcntl passdb { driver = pam } protocols = pop3 imap lmtp ssl_cert = >> New subscriber here. I noticed that the FTS index is not used in compound searches. >> Is this expected? Tested in 2.0.0 and 2.0.8: > >Yep. It's been in TODO for a while. I know this thread is quite old, but we have the same issue with v2.0.14 and squat. Would this issue also affect the Solr FTS backend? Thanks, Nikolai. From tlx at leuxner.net Thu Sep 29 10:57:53 2011 From: tlx at leuxner.net (Thomas Leuxner) Date: Thu, 29 Sep 2011 09:57:53 +0200 Subject: [Dovecot] What best decision to make for flatfiles or SQL when I use Dovecot2 + Postfix together? In-Reply-To: <1317161652.13631.140258148451673@webmail.messagingengine.com> References: <1317138678.29156.140258148311993@webmail.messagingengine.com> <4E8207F5.2070105@whyscream.net> <1317160829.10644.140258148445373@webmail.messagingengine.com> <20110927180632.Horde.jPUpZZLnE6FOgkjoSa5RRHA@kishi.patrickdk.com> <1317161652.13631.140258148451673@webmail.messagingengine.com> Message-ID: <20110929075753.GA10332@nihlus.leuxner.net> On Tue, Sep 27, 2011 at 03:14:12PM -0700, terryjames9461 at mm.st wrote: > With using the Dovecot lmtp option, where does Postfix know to refuse > email for a non-existing user or domain? That also has to be shared? Sticking to the Flatfile recipe on the Wiki, Postfix would query the Auth Backend of Dovecot. The actual user records would sit on the Dovecot side, where Postfix would only worry about valid domains etc. Fancy stuff like Aliasing would be better done on the Postfix side in this scenario although it would also be possible to have bogus User records in Dovecot to address that. Thomas -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: Digital signature URL: From per at computer.org Thu Sep 29 11:15:52 2011 From: per at computer.org (Per Jessen) Date: Thu, 29 Sep 2011 10:15:52 +0200 Subject: [Dovecot] What best decision to make for flatfiles or SQL when I use Dovecot2 + Postfix together? References: <1317138678.29156.140258148311993@webmail.messagingengine.com> <20110928064424.GA31755@oc1046828364.ibm.com> <20110928080205.5d621f20@scorpio> Message-ID: Jerry wrote: > On Wed, 28 Sep 2011 08:44:24 +0200 > Jan-Frode Myklebust articulated: > >> On Tue, Sep 27, 2011 at 08:51:18AM -0700, terryjames9461 at mm.st wrote: >> > >> > I'm a little confused about: to do that sharing-in-one-place, do I >> > have to use SQL or can I use the flatfiles like passwd-db? I >> > think for sure someone already decided the best approach for this, >> > and maybe I'm not understanding the logic to it. >> >> Best approach is probably to store this in an ldap-directory. Then >> you can easily have multi-master replication, and avoid any single >> point of failure for your database. Both postfix and dovecot will be >> able to lookup the data using ldap. > > While "ldap" may be fine for some users; personally, I have had > nothing but catastrophic results when attempting to use it. I am fully > aware that the main problem is that I am not truly "ldap" proficient. > For the end user who needs an easy to maintain database I would > unequivocally recommend MySQL. +1 on the mysql. /Per Jessen, Z?rich From rainer.frey at inxmail.de Thu Sep 29 12:24:29 2011 From: rainer.frey at inxmail.de (Rainer Frey) Date: Thu, 29 Sep 2011 11:24:29 +0200 Subject: [Dovecot] What best decision to make for flatfiles or SQL when I use Dovecot2 + Postfix together? In-Reply-To: <1317161652.13631.140258148451673@webmail.messagingengine.com> References: <1317138678.29156.140258148311993@webmail.messagingengine.com><4E8207F5.2070105@whyscream.net><1317160829.10644.140258148445373@webmail.messagingengine.com> <20110927180632.Horde.jPUpZZLnE6FOgkjoSa5RRHA@kishi.patrickdk.com> <1317161652.13631.140258148451673@webmail.messagingengine.com> Message-ID: On 28.09.2011, at 00:14, terryjames9461 at mm.st wrote: > Hello Patrick, > > On Tuesday, September 27, 2011 6:06 PM, "Patrick Domack" > wrote: >> Using dovecot lda/lmtp you remove all postfix needs to know mailbox >> name to directory mapping, that would be duplicated. > > With using the Dovecot lmtp option, where does Postfix know to refuse > email for a non-existing user or domain? That also has to be shared? I wondered that as well, and unfortunately the Howto doesn't explain the concept it builds upon. But I found it: it uses LMTP and recipient verification (see reject_unverified_recipient in smtpd_recipient_restictions). See http://www.postfix.org/ADDRESS_VERIFICATION_README.html for details. Rainer From venom00 at setsun.org Thu Sep 29 15:22:49 2011 From: venom00 at setsun.org (venom00) Date: Thu, 29 Sep 2011 14:22:49 +0200 Subject: [Dovecot] Messages not deleted from mbox Message-ID: Hello, I've two accounts on my mail server, and from my client (Evolution) I've set up two configurations. If I dowload mail one account at a time everything works fine, but if I download both of them at the same time I'm not able to delete downloaded messages, so I download them twice, three times and counting to infinity. On th client side everything looks good: ----------------------------------------------------- LIST +OK 1 messages: 1 485 . UIDL +OK 1 000000704e57eebd . RETR 1 +OK 485 octets Message here... . DELE 1 +OK Marked to be deleted. QUIT +OK Logging out, messages deleted. ----------------------------------------------------- On the server side I've enabled debug logging but nothing relevant comes up, except sometimes an error: Panic: Message unexpectedly expunged from index Full log: http://pastebin.com/raw.php?i=bBizx9tm But most of the times there are no errors and simply the message is not deleted. I'm using mbox format in /var/spool/mail/%u. The dovecot user has read-write access to the folder (even because, as I said, if download an account at once everything works fine). I think it's about locking, I've tried several lock methods but always the same result and I can't see dead locks from lsof, fuser or ls (for dotlocks). Thanks in advance, venom00 From lists at wildgooses.com Thu Sep 29 15:27:11 2011 From: lists at wildgooses.com (Ed W) Date: Thu, 29 Sep 2011 13:27:11 +0100 Subject: [Dovecot] outlook 2007 very slow. In-Reply-To: References: <4E77CA5A.6010506@tlinx.org> <4E82109E.2000600@wildgooses.com> <4E821412.2040801@Media-Brokers.com> <4E82B3B7.2020301@hardwarefreak.com> Message-ID: <4E84641F.8080001@wildgooses.com> On 28/09/2011 21:00, Kui Zhang wrote: > TB hangs on start up, for extent period of time. cpu at 100%, ram at 1 > - 1.2 GB used. CPU usage almost always at 100%. And it hangs from time > to time. The client side disk usage for TB is around 200MB? why would > it need 500MB of ram? This is something I will bring up with the > thunderbird people. > If you care to debug in more detail, you may learn a lot by watching the network traffic at this point? You can setup debugging on the server side, but personally I find this a touch hard to setup for one off sessions (and shared IPs/mailboxes, etc). Also consider wireshark and just tracing a single machine. The point being to see if it's locked up because it's thrashing the mail server for some reason, or if it's doing something silly client side? Random untested ideas: - I believe it pulls the folder list down at startup. With thousands of folders in your case (did I understand that?) you might find it's doing some silly select on each folder and hence spending ages being bound by the ping speed to the server (something like 100-200 round trips per sec max I think you said?), or perhaps it's even worse than that if it causes some disk seek for each folder? - Quantity of headers could be large under certain circumstances - check if you are network bandwidth bound? - TB might be doing something silly locally and you are bound by disk seek time on your local machine as it does whatever it does to several thousand mbox files? Move the TB local folder to some slower/faster disk and observe if the startup speed gets proportionally slower/faster..? Eg I slapped in some large flash drive to my Mac and now I keep forgetting that others still have seek time limitations starting apps... Good luck - interested to hear if you can trace this to something? Ed W P.S. I will try and post some tips in a new thread, but I found that TB and other clever clients can benefit enormously if you turn on the appropriate zlib stuff that means the COMPRESS extension is supported (not on by default). Outlook hasn't historically supported this, so I doubt it will help above, but it's one feature that can give TB the edge over Outlook. From lists at wildgooses.com Thu Sep 29 15:30:59 2011 From: lists at wildgooses.com (Ed W) Date: Thu, 29 Sep 2011 13:30:59 +0100 Subject: [Dovecot] outlook 2007 very slow. In-Reply-To: <20110928100447.05f8beee@scorpio> References: <4E77CA5A.6010506@tlinx.org> <4E82109E.2000600@wildgooses.com> <4E821412.2040801@Media-Brokers.com> <20110927184209.504e9c90@scorpio> <4E831B16.4050607@Media-Brokers.com> <20110928100447.05f8beee@scorpio> Message-ID: <4E846503.9020900@wildgooses.com> On 28/09/2011 15:04, Jerry wrote: > MS Outlook's calender is the best available. I find Outlook's interface > easy to use. Then again, I am quite familiar with it so that would only > be natural. I have been waiting for what is likely to be TB 8 + the subsequent release of SoGo. I have some hope that the sogo plugins, which should then have all the patches they need natively in TB, will go a long way to level the playing field on the calendering vs Outlook... Watch this space and all that... Just chewing the cud and all that, but one of the features which does very much annoy me about Outlook is the apparent failure to do simple nested indents on replied emails, ie like this one where you get each person's reply indented one level all the way down the exchange. I get so many emails where the user starts writing in various coloured writing to try and and make up for the completely flat reply... I *believe* this is entirely down to the settings you pick in Outlook, but it's clearly a common setup to have replies non indented? (Plenty of things tick me off about TB, but this margin too small to accomodate them....) Cheers Ed W From danilo.abbasciano at gmail.com Thu Sep 29 16:05:53 2011 From: danilo.abbasciano at gmail.com (Danilo) Date: Thu, 29 Sep 2011 15:05:53 +0200 Subject: [Dovecot] Timeout leak in get quota Message-ID: <4E846D31.6010900@gmail.com> Hello! I wrote perl script for read current quota usage, it works but when I run the program I receive a warning in Dovecot log: 2011-09-29 14:45:30 doveadm(guest at testmail.com): Warning: Timeout leak: 0x7f14800ad970 This is the script: =============================== #!/usr/bin/perl use strict; use Socket; use IO::Handle; socket(TSOCK, PF_UNIX, SOCK_STREAM,0); connect(TSOCK, sockaddr_un("/var/run/dovecot/doveadm-server")) or print("ERROR!"); print "VERSION\tdoveadm-server\t1\t0\n"; print "\tguest\@testmail.com\tquota get\n"; print "=" x 20 . "\n"; if (defined(my $messg = )) { print $messg; print TSOCK "VERSION\tdoveadm-server\t1\t0\n"; TSOCK->flush; print TSOCK "\tguest\@testmail.com\tquota get\n"; TSOCK->flush; $messg = ; print $messg; $messg = ; print $messg; close TSOCK; } ============================= I hope someone could help me to fix the warning. Thanks in advance, Dany From ibrahim.harrani at gmail.com Thu Sep 29 16:08:55 2011 From: ibrahim.harrani at gmail.com (Ibrahim Harrani) Date: Thu, 29 Sep 2011 16:08:55 +0300 Subject: [Dovecot] "Waiting for authentication process to respond" for invalid users with auth_dovecot In-Reply-To: <1316178672.12936.99.camel@hurina> References: <1316178672.12936.99.camel@hurina> Message-ID: Hi Timo, I switched to auth_pop wrapper to solve the problem. I agree that there is something wrong with auth_dovecot. Thanks. On Fri, Sep 16, 2011 at 4:11 PM, Timo Sirainen wrote: > On Tue, 2011-09-13 at 13:53 +0300, Ibrahim Harrani wrote: > >> I am testing dovecot 2.0.13 and 2.0.14 with qmail-ldap and >> auth_dovecot patch. If i login to dovecot (pop3/imap) with correct >> user and password. >> no problem, I can login immediately. but if I try with nonexistant >> user, dovecot does not immediate answer, wait for a while and says >> "Waiting for authentication process to respond." >> auth_dovecot process remains working in the background. >> How can I avoid this situation? > > If auth_dovecot process keeps running, the bug is in auth_dovecot. I've > never looked at it (or probably even heard of it). > > > From listas.correo at yahoo.es Thu Sep 29 18:09:02 2011 From: listas.correo at yahoo.es (mailing lists) Date: Thu, 29 Sep 2011 16:09:02 +0100 (BST) Subject: [Dovecot] Panic: file lmtp-proxy.c: line 370 (lmtp_proxy_output_timeout): assertion failed: (proxy->data_input->eof) Message-ID: <1317308942.24498.YahooMailNeo@web29115.mail.ird.yahoo.com> Hello all, today I got this crash from dovecot (2.0.14) Sep 29 14:09:32 imap1 dovecot: lmtp(17693): Panic: file lmtp-proxy.c: line 370 (lmtp_proxy_output_timeout): assertion failed: (proxy->data_input->eof) Sep 29 14:09:32 imap1 dovecot: lmtp(17693): Error: Raw backtrace: /usr/lib64/dovecot/libdovecot.so.0(+0x3f9aa)? [0x7f18f10299aa] -> /usr/lib64/dovecot/libdovecot.so.0(+0x3f9f6) [0x7f18f10299f6] -> /usr/lib64/dovecot/libdovecot.so.0(i_fatal+0) [0x7f18f1003211] -> dovecot/lmtp(+0x7a4f) [0x7f18f1982a4f] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_handle_timeouts+0xcb) [0x7f18f103590b] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_handler_run+0x5b) [0x7f18f103680b] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_run+0x28) [0x7f18f1035768] -> /usr/lib64/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7f18f1023423] -> dovecot/lmtp(main+0x183) [0x7f18f197fa93] -> /lib64/libc.so.6(__libc_start_main+0xfd) [0x7f18f0ca8b7d] -> dovecot/lmtp(+0x4819) [0x7f18f197f819] Sep 29 14:09:32 imap1 dovecot: master: Error: service(lmtp): child 17693 killed with signal 6 (core dumps disabled) ?? /-----------------/ # dovecot -n -c /etc/dovecot-director/dovecot.conf # 2.0.14: /etc/dovecot-director/dovecot.conf # OS: Linux 2.6.34.7-0.7-xen x86_64 openSUSE 11.3 (x86_64) auth_debug = yes auth_verbose = yes base_dir = /var/run/dovecot-director/ director_mail_servers = 100.1.245.101 100.1.245.105 director_servers = 100.1.245.101:9091 100.1.245.105:9091 100.1.241.204:9091 disable_plaintext_auth = no doveadm_proxy_port = 24245 lmtp_proxy = yes mail_debug = yes mail_fsync = always mail_gid = 5000 mail_nfs_index = yes mail_nfs_storage = yes mail_plugins = acl mail_uid = 5000 managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date mmap_disable = yes passdb { ? args = proxy=y nopassword=y ? driver = static } plugin { ? acl = vfile ? sieve = ~/.dovecot.sieve ? sieve_dir = ~/sieve } protocols = imap lmtp pop3 service auth { ? unix_listener auth-userdb { ??? group = vmail ??? mode = 0666 ??? user = vmail ? } } service director { ? fifo_listener login/proxy-notify { ??? mode = 0666 ? } ? inet_listener { ??? port = 9091 ? } ? unix_listener director-userdb { ??? mode = 0666 ? } ? unix_listener login/director { ??? mode = 0666 ? } } service doveadm { ? inet_listener { ??? port = 24245 ? } } service imap-login { ? executable = imap-login director ? inet_listener imap { ??? port = 10143 ? } } service lmtp { ? inet_listener lmtp { ??? port = 1024 ? } } service pop3-login { ? executable = pop3-login director ? inet_listener pop3 { ??? port = 10110 ? } } ssl = no verbose_proctitle = yes protocol lmtp { ? auth_socket_path = director-userdb ? passdb { ??? args = proxy=y nopassword=y port=24 ??? driver = static ? } } protocol imap { ? mail_max_userip_connections = 100 } local 100.1.245.101/28/28 { ? doveadm_password = secret } From dovecot at knutejohnson.com Thu Sep 29 19:56:22 2011 From: dovecot at knutejohnson.com (Knute Johnson) Date: Thu, 29 Sep 2011 09:56:22 -0700 Subject: [Dovecot] Error message Message-ID: <4E84A336.1060002@knutejohnson.com> I'm getting the following message in my log; dovecot: IMAP(knute): fchown(/home/knute/mail/.imap/INBOX/dovecot.index.cache.lock, -1, 8(mail)) failed: Operation not permitted (egid=1000(knute), group based on /var/mail/knute): 1 Time(s) dovecot: IMAP(knute): fchown(/home/knute/mail/.imap/INBOX/dovecot.index.log.newlock, -1, 8(mail)) failed: Operation not permitted (egid=1000(knute), group based on /var/mail/knute): 2 Time(s) dovecot: IMAP(knute): fchown(/home/knute/mail/.imap/INBOX/dovecot.index.tmp, -1, 8(mail)) failed: Operation not permitted (egid=1000(knute), group based on /var/mail/knute): 4 Time(s) I got these once before on the /var/mail/user files and changed the permissions to 600. /home/knute/mail/.imap/INBOX is 770 and the index files are 600. Is this a problem with the directory privilege? Thanks, -- Knute Johnson From terry at cnysupport.com Thu Sep 29 20:15:13 2011 From: terry at cnysupport.com (Terry Carmen) Date: Thu, 29 Sep 2011 13:15:13 -0400 Subject: [Dovecot] Virtual Folder configuration problem. [FIXED] Message-ID: <20110929131513.Horde.o8eCXFeGiNBOhKehtHSilmA@www.cnysupport.com> Well, it took a ton of time and research, but I finally have a working Unread virtual mailbox on Dovecot 2.x on Centos 6.0. I have no idea if it's optimal or correct, but it works perfectly and doesn't raise any errors or warnings. Here's what I ended up with: dovecot.conf: Add the following: mail_plugins = $mail_plugins virtual namespace { type = private prefix = virtual. separator = . location = virtual:~/Maildir/virtual } 10-mail.conf: Add the following: # default namespace namespace { separator = . prefix = inbox = yes } 20-imap.conf: Add the following: protocol imap { mail_plugins = $mail_plugins virtual } 15-lda.conf: Add the following: protocol lda { mail_plugins = $mail_plugins virtual } Restart dovecot. Reload your mail client. Dovecot will create ~/Maildir/virtual cd ~/Maildir/virtual mkdir Unread Use your favorite editor and create a file named "dovecot-virtual" contaiing: # ~/Maildir/virtual/unseen/dovecot-virtual INBOX INBOX.* -INBOX.Trash unseen Save the file and restart your mail client. Go to "Subscriptions" in your mail client and subscribe to the Unseen folder. You should now have a virtual folder that contains all your unread mail, except for the contents of the Trash folder. Enjoy! -- Terry Carmen CNY Support, LLC https://www.cnysupport.com From tompru at jla.rutgers.edu Thu Sep 29 20:21:34 2011 From: tompru at jla.rutgers.edu (Tom Pawlowski) Date: Thu, 29 Sep 2011 13:21:34 -0400 Subject: [Dovecot] 2.0.14 doveadm proxy list segfault Message-ID: <20110929172134.GA25237@hawkeye.rutgers.edu> Hi Timo, Periodic segfaults with doveadm proxy list: root at director1:~) doveadm proxy list doveadm(root): Error: LIST failed: Disconnected Segmentation fault (core dumped) Sometimes it's just the 'LIST failed' error, other times it's the error with the segfault. Usually the first attempt to call it works, subsequent attempts fail. I've attached a strace log of it in action. -- Tom Pawlowski OIT-CSS System Administrator office: Hill 147 email: tompru at jla.rutgers.edu phone: (732) 445-2634 -------------- next part -------------- execve("/usr/bin/doveadm", ["doveadm", "proxy", "list"], [/* 26 vars */]) = 0 brk(0) = 0x1bb97000 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2b99123e5000 uname({sys="Linux", node="director1", ...}) = 0 access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory) open("/usr/lib64/dovecot/tls/x86_64/libdovecot-storage.so.0", O_RDONLY) = -1 ENOENT (No such file or directory) stat("/usr/lib64/dovecot/tls/x86_64", 0x7fffbbe8e710) = -1 ENOENT (No such file or directory) open("/usr/lib64/dovecot/tls/libdovecot-storage.so.0", O_RDONLY) = -1 ENOENT (No such file or directory) stat("/usr/lib64/dovecot/tls", 0x7fffbbe8e710) = -1 ENOENT (No such file or directory) open("/usr/lib64/dovecot/x86_64/libdovecot-storage.so.0", O_RDONLY) = -1 ENOENT (No such file or directory) stat("/usr/lib64/dovecot/x86_64", 0x7fffbbe8e710) = -1 ENOENT (No such file or directory) open("/usr/lib64/dovecot/libdovecot-storage.so.0", O_RDONLY) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\0\242\242\3071\0\0\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=862264, ...}) = 0 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2b99123e6000 mmap(0x31c7a00000, 2955496, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x31c7a00000 mprotect(0x31c7acb000, 2093056, PROT_NONE) = 0 mmap(0x31c7cca000, 32768, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xca000) = 0x31c7cca000 close(3) = 0 open("/usr/lib64/dovecot/libdovecot.so.0", O_RDONLY) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\220ma\3071\0\0\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=508488, ...}) = 0 mmap(0x31c7600000, 2611840, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x31c7600000 mprotect(0x31c7679000, 2093056, PROT_NONE) = 0 mmap(0x31c7878000, 16384, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x78000) = 0x31c7878000 mmap(0x31c787c000, 6784, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x31c787c000 close(3) = 0 open("/usr/lib64/dovecot/libcrypt.so.1", O_RDONLY) = -1 ENOENT (No such file or directory) open("/etc/ld.so.cache", O_RDONLY) = 3 fstat(3, {st_mode=S_IFREG|0644, st_size=26844, ...}) = 0 mmap(NULL, 26844, PROT_READ, MAP_PRIVATE, 3, 0) = 0x2b99123e7000 close(3) = 0 open("/lib64/libcrypt.so.1", O_RDONLY) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\360\t\240\257>\0\0\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=48600, ...}) = 0 mmap(0x3eafa00000, 2322880, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x3eafa00000 mprotect(0x3eafa09000, 2093056, PROT_NONE) = 0 mmap(0x3eafc08000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x8000) = 0x3eafc08000 mmap(0x3eafc0a000, 184768, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x3eafc0a000 close(3) = 0 open("/usr/lib64/dovecot/libpam.so.0", O_RDONLY) = -1 ENOENT (No such file or directory) open("/lib64/libpam.so.0", O_RDONLY) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\220\"`N6\0\0\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=50904, ...}) = 0 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2b99123ee000 mmap(0x364e600000, 2143696, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x364e600000 mprotect(0x364e60b000, 2097152, PROT_NONE) = 0 mmap(0x364e80b000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xb000) = 0x364e80b000 close(3) = 0 open("/usr/lib64/dovecot/libdl.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) open("/lib64/libdl.so.2", O_RDONLY) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\20\16\340\255>\0\0\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=23360, ...}) = 0 mmap(0x3eade00000, 2109696, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x3eade00000 mprotect(0x3eade02000, 2097152, PROT_NONE) = 0 mmap(0x3eae002000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x3eae002000 close(3) = 0 open("/usr/lib64/dovecot/librt.so.1", O_RDONLY) = -1 ENOENT (No such file or directory) open("/lib64/librt.so.1", O_RDONLY) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0 \"`\257>\0\0\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=53448, ...}) = 0 mmap(0x3eaf600000, 2132936, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x3eaf600000 mprotect(0x3eaf607000, 2097152, PROT_NONE) = 0 mmap(0x3eaf807000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x7000) = 0x3eaf807000 close(3) = 0 open("/usr/lib64/dovecot/libc.so.6", O_RDONLY) = -1 ENOENT (No such file or directory) open("/lib64/libc.so.6", O_RDONLY) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\220\332\241\255>\0\0\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=1718120, ...}) = 0 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2b99123ef000 mmap(0x3eada00000, 3498328, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x3eada00000 mprotect(0x3eadb4e000, 2093056, PROT_NONE) = 0 mmap(0x3eadd4d000, 20480, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x14d000) = 0x3eadd4d000 mmap(0x3eadd52000, 16728, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x3eadd52000 close(3) = 0 open("/usr/lib64/dovecot/libaudit.so.0", O_RDONLY) = -1 ENOENT (No such file or directory) open("/lib64/libaudit.so.0", O_RDONLY) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\340&`&8\0\0\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=98920, ...}) = 0 mmap(0x3826600000, 2191888, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x3826600000 mprotect(0x3826617000, 2093056, PROT_NONE) = 0 mmap(0x3826816000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x16000) = 0x3826816000 close(3) = 0 open("/usr/lib64/dovecot/libpthread.so.0", O_RDONLY) = -1 ENOENT (No such file or directory) open("/lib64/libpthread.so.0", O_RDONLY) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\240W \256>\0\0\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=145824, ...}) = 0 mmap(0x3eae200000, 2204528, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x3eae200000 mprotect(0x3eae216000, 2093056, PROT_NONE) = 0 mmap(0x3eae415000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x15000) = 0x3eae415000 mmap(0x3eae417000, 13168, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x3eae417000 close(3) = 0 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2b99123f0000 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2b99123f1000 arch_prctl(ARCH_SET_FS, 0x2b99123f13a0) = 0 mprotect(0x3eafc08000, 4096, PROT_READ) = 0 mprotect(0x3eae002000, 4096, PROT_READ) = 0 mprotect(0x3eaf807000, 4096, PROT_READ) = 0 mprotect(0x3eadd4d000, 16384, PROT_READ) = 0 mprotect(0x3ead81b000, 4096, PROT_READ) = 0 mprotect(0x3eae415000, 4096, PROT_READ) = 0 munmap(0x2b99123e7000, 26844) = 0 set_tid_address(0x2b99123f1430) = 29539 set_robust_list(0x2b99123f1440, 0x18) = 0 futex(0x7fffbbe8f23c, FUTEX_WAKE_PRIVATE, 1) = 0 rt_sigaction(SIGRTMIN, {0x3eae205380, [], SA_RESTORER|SA_SIGINFO, 0x3eae20eb10}, NULL, 8) = 0 rt_sigaction(SIGRT_1, {0x3eae2052b0, [], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x3eae20eb10}, NULL, 8) = 0 rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 getrlimit(RLIMIT_STACK, {rlim_cur=10240*1024, rlim_max=RLIM_INFINITY}) = 0 brk(0) = 0x1bb97000 brk(0x1bbc0000) = 0x1bbc0000 uname({sys="Linux", node="director1", ...}) = 0 rt_sigaction(SIGPIPE, {0x1, [], SA_RESTORER|SA_RESTART, 0x3eada302d0}, NULL, 8) = 0 rt_sigaction(SIGALRM, {0x31c7648b40, [], SA_RESTORER|SA_SIGINFO, 0x3eada302d0}, NULL, 8) = 0 socket(PF_FILE, SOCK_STREAM, 0) = 3 fcntl(3, F_GETFL) = 0x2 (flags O_RDWR) fcntl(3, F_SETFL, O_RDWR|O_NONBLOCK) = 0 connect(3, {sa_family=AF_FILE, path="/var/run/dovecot/config"...}, 110) = 0 fcntl(3, F_GETFL) = 0x802 (flags O_RDWR|O_NONBLOCK) fcntl(3, F_SETFL, O_RDWR) = 0 write(3, "VERSION\tconfig\t2\t0\nREQ\tmodule=do"..., 38) = 38 fstat(3, {st_mode=S_IFSOCK|0777, st_size=0, ...}) = 0 alarm(10) = 0 read(3, "\n\n", 8192) = 2 alarm(0) = 10 open("/usr/lib64/dovecot/doveadm", O_RDONLY|O_NONBLOCK|O_DIRECTORY) = 4 fcntl(4, F_SETFD, FD_CLOEXEC) = 0 getdents(4, /* 10 entries */, 32768) = 464 getdents(4, /* 0 entries */, 32768) = 0 close(4) = 0 futex(0x3eae0030ec, FUTEX_WAKE_PRIVATE, 2147483647) = 0 open("/usr/lib64/dovecot/doveadm/lib10_doveadm_acl_plugin.so", O_RDONLY) = 4 read(4, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\220\33\0\0\0\0\0\0"..., 832) = 832 fstat(4, {st_mode=S_IFREG|0755, st_size=16696, ...}) = 0 mmap(NULL, 2112392, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 4, 0) = 0x2b99123f2000 mprotect(0x2b99123f6000, 2093056, PROT_NONE) = 0 mmap(0x2b99125f5000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 4, 0x3000) = 0x2b99125f5000 close(4) = 0 munmap(0x2b99123f2000, 2112392) = 0 open("/usr/lib64/dovecot/doveadm/lib10_doveadm_expire_plugin.so", O_RDONLY) = 4 read(4, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\300\24\0\0\0\0\0\0"..., 832) = 832 fstat(4, {st_mode=S_IFREG|0755, st_size=12208, ...}) = 0 mmap(NULL, 2107912, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 4, 0) = 0x2b99123f2000 mprotect(0x2b99123f5000, 2093056, PROT_NONE) = 0 mmap(0x2b99125f4000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 4, 0x2000) = 0x2b99125f4000 close(4) = 0 munmap(0x2b99123f2000, 2107912) = 0 open("/usr/lib64/dovecot/doveadm/lib10_doveadm_quota_plugin.so", O_RDONLY) = 4 read(4, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\320\v\0\0\0\0\0\0"..., 832) = 832 fstat(4, {st_mode=S_IFREG|0755, st_size=7248, ...}) = 0 mmap(NULL, 2102936, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 4, 0) = 0x2b99123f2000 mprotect(0x2b99123f4000, 2093056, PROT_NONE) = 0 mmap(0x2b99125f3000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 4, 0x1000) = 0x2b99125f3000 close(4) = 0 munmap(0x2b99123f2000, 2102936) = 0 open("/usr/lib64/dovecot/doveadm/lib10_doveadm_zlib_plugin.so", O_RDONLY) = 4 read(4, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\260\22\0\0\0\0\0\0"..., 832) = 832 fstat(4, {st_mode=S_IFREG|0755, st_size=11048, ...}) = 0 mmap(NULL, 2106296, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 4, 0) = 0x2b99123f2000 mprotect(0x2b99123f4000, 2097152, PROT_NONE) = 0 mmap(0x2b99125f4000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 4, 0x2000) = 0x2b99125f4000 close(4) = 0 munmap(0x2b99123f2000, 2106296) = 0 rt_sigaction(SIGINT, {0x31c7648d70, [], SA_RESTORER|SA_SIGINFO, 0x3eada302d0}, NULL, 8) = 0 pipe([4, 5]) = 0 fcntl(4, F_GETFL) = 0 (flags O_RDONLY) fcntl(4, F_SETFL, O_RDONLY|O_NONBLOCK) = 0 fcntl(5, F_GETFL) = 0x1 (flags O_WRONLY) fcntl(5, F_SETFL, O_WRONLY|O_NONBLOCK) = 0 fcntl(4, F_GETFD) = 0 fcntl(4, F_SETFD, FD_CLOEXEC) = 0 fcntl(5, F_GETFD) = 0 fcntl(5, F_SETFD, FD_CLOEXEC) = 0 epoll_create(128) = 6 fcntl(6, F_GETFD) = 0 fcntl(6, F_SETFD, FD_CLOEXEC) = 0 epoll_ctl(6, EPOLL_CTL_ADD, 4, {EPOLLIN|EPOLLPRI|EPOLLERR|EPOLLHUP, {u32=465205840, u64=465205840}}) = 0 rt_sigaction(SIGTERM, {0x31c7648d70, [], SA_RESTORER|SA_SIGINFO, 0x3eada302d0}, NULL, 8) = 0 open("/dev/null", O_WRONLY|O_CREAT|O_APPEND, 0600) = 7 fcntl(7, F_GETFD) = 0 fcntl(7, F_SETFD, FD_CLOEXEC) = 0 ioctl(1, TIOCGWINSZ, {ws_row=68, ws_col=155, ws_xpixel=0, ws_ypixel=0}) = 0 socket(PF_FILE, SOCK_STREAM, 0) = 8 fcntl(8, F_GETFL) = 0x2 (flags O_RDWR) fcntl(8, F_SETFL, O_RDWR|O_NONBLOCK) = 0 connect(8, {sa_family=AF_FILE, path="/var/run/dovecot/ipc"...}, 110) = 0 epoll_ctl(6, EPOLL_CTL_ADD, 8, {EPOLLIN|EPOLLPRI|EPOLLERR|EPOLLHUP, {u32=465209040, u64=465209040}}) = 0 fstat(8, {st_mode=S_IFSOCK|0777, st_size=0, ...}) = 0 lseek(8, 0, SEEK_CUR) = -1 ESPIPE (Illegal seek) getsockname(8, {sa_family=AF_FILE, path="\377\377\377\377\377\377\200\363\271\33"...}, [18446462603027808258]) = 0 writev(8, [{"proxy\t*\tLIST", 12}, {"\n", 1}], 2) = -1 EPIPE (Broken pipe) --- SIGPIPE (Broken pipe) @ 0 (0) --- epoll_wait(6, {{EPOLLIN|EPOLLHUP, {u32=465209040, u64=465209040}}}, 2, 4294967295) = 1 read(8, "", 8192) = 0 write(2, "doveadm(root): Error: LIST faile"..., 48) = 48 epoll_ctl(6, EPOLL_CTL_DEL, 8, {0, {u32=465209040, u64=465209040}}) = 0 close(8) = 0 --- SIGSEGV (Segmentation fault) @ 0 (0) --- +++ killed by SIGSEGV (core dumped) +++ From ar-dovecotlist at acrconsulting.co.uk Fri Sep 30 01:38:23 2011 From: ar-dovecotlist at acrconsulting.co.uk (Andrew Richards) Date: 29 Sep 2011 23:38:23 +0100 Subject: [Dovecot] Dovecot failing to parse some UTF-8 encoded attachment filenames, returning empty string instead [SOLVED] In-Reply-To: <201109221231.40494.ar-dovecotlist@acrconsulting.co.uk> References: <201109221231.40494.ar-dovecotlist@acrconsulting.co.uk> Message-ID: <201109292338.23297.ar-dovecotlist@acrconsulting.co.uk> On Thursday 22 September 2011 12:31:40 Andrew Richards wrote: > On Thursday 22 September 2011 00:45:32 Timo Sirainen wrote: > > On 22.9.2011, at 1.59, Andrew Richards wrote: > > > I'm seeing a strange problem with some attachment filenames that are > > > UTF-8 encoded. The problem seems to be related to spaces and/or > > > unusual characters in filenames, like accented characters (or perhaps > > > just to filenames if UTF-8 encoded; I've not explored that fully). > > > > The problem is that the client sends it wrong: > > > Content-Type: application/octet-stream; > > > name==?UTF-8?B?dGhpc19mYWlscy50eHQ=?= > > > Content-Disposition: attachment; > > > filename==?UTF-8?B?dGhpc19mYWlscy50eHQ=?= > > > > These are both wrong. First of all they are illegal because they have = > > and > > ? characters, from RFC 2045: > > ...snip... > > > > Also from RFC 2047 (encoded-word is the =?UTF-8?...?= thing): > > > + An 'encoded-word' MUST NOT be used in parameter of a MIME > > > Content-Type or Content-Disposition field, or in any structured > > > field body except within a 'comment' or 'phrase'. > > > > ...snip... > > Anyway .. I'll check tomorrow if I can easily add code to workaround your > > problem. If it's just a minor change I'll do it. > > Wow - a very thorough response only 45 minutes after I'd posted the > question, and in your follow up message you've already provided a > suggested fix - a huge thank you! > > So in summary it's a "Garbage in -> Garbage out" issue... This also > explains why I'm only getting this issue with one client after a > Courier->Dovecot migration. I'll research which mail client program(s) are > generating the faulty messages for completeness for this thread. > > I expect to test the fix later today or tomorrow, I'll update the thread > accordingly when I've done so. Firstly, my apologies - it's been a week before I've got back to this - I was making sense of another MIME issue which I thought might be related (it isn't), but I'll start a new thread for that. The fix works just fine. However... ...regarding the broken MIME fields: These look to occur in the form I noted for a single client program only, which on further investigation turns out to be an in-house[-written] mail program of my client, and therefore this problem is unlikely to bite other people: I've had permission to search the client's mailboxes for similar non-conforming emails and they only occur for this one in-house mail program. Summary: False alarm. However once again a huge thank-you to Timo for the patch to workaround this broken data. Best regards, Andrew. From ar-dovecotlist at acrconsulting.co.uk Fri Sep 30 01:38:44 2011 From: ar-dovecotlist at acrconsulting.co.uk (Andrew Richards) Date: 29 Sep 2011 23:38:44 +0100 Subject: [Dovecot] Broken mail clients? [MIME] Long attachment encoded filenames (for non-ASCII characters etc) Message-ID: <201109292338.44590.ar-dovecotlist@acrconsulting.co.uk> Hi, I've noticed a possible minor issue with long encoded filenames for attachments where these filenames are split across multiple lines. My understanding of character encoding and MIME is not as good as it should be, so I may easily have got this all mixed up, in which case sorry for the noise... Although I understand the preferred method for handling filenames split across multiple lines (because they're too long to fit on one line in the message) is that suggested in RFC2184/2231, so for example, filename*0*=iso-8859-1''accented_characters_here_%EA%CA%E6 filename*1=etc%2Epdf I find that some mail clients do this instead, filename="=?ISO-8859-1?Q?accented_characters_here_=EA=CA=E6?= =?ISO-8859-1?Q?etc=2Epdf?=" In Dovecot this results in, 0 fetch 25 body * 25 FETCH (BODY (("text" "plain" ("charset" "ISO-8859-1") NIL NIL "7bit" 239 8)("application" "pdf" ("name" "=?ISO-8859-1?Q?accented_characters_here_=EA=CA=E6?= =?ISO-8859-1?Q?etc=2Epdf?=") NIL NIL "base64" 219130) "mixed")) esp. note the unwanted space - or in fact the sequence ?= =? between the two sections of the filename. I think a possible tweak for Dovecot would be to combine the filename parts in this situation to remove the ?= =?. I'm not sure if an IMAP client should know to combine the parts in their current format. FWIW I see that Courier does the same as Dovecot in this situation. I think the 'alternative' method of splitting filenames I'm raising breaks RFC2047 (details below), but unfortunately this method is used by some large email generators like gmail - also details below. Key bits from RFC2047 section 5 part (3) re. only a single encoded-word ('phrase') being allowed for a MIME Content-Type / Content-Disposition: phrase = 1*( encoded-word / word ) An 'encoded-word' MUST NOT be used in parameter of a MIME Content-Type or Content-Disposition field, or in any structured field body except within a 'comment' or 'phrase'. Here are the mail clients I noted this issue with (original filenames destroyed because I've been examining my client's emails for this issue - with their permission), (AOL) X-Mailer: Webmail 33953-STANDARD Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="=?utf-8?Q?abcde?= =?utf-8?Q?abcde=C3=A9abcde.jpg?=" Content-Type: image/jpeg; name="=?utf-8?Q?abcde?= =?utf-8?Q?abcde=C3=A9abcde.jpg?=" Gmail: Content-Type: application/pdf; name="=?ISO-8859-1?Q?with_a_=EA=CA=E6_super=2Dlong_name_that=27s_bound?= =?ISO-8859-1?Q?_to_overflow_a_line_boundary_to_test_gmail=2Epdf?=" Content-Disposition: attachment; filename="=?ISO-8859-1?Q?with_a_=EA=CA=E6_super=2Dlong_name_that=27s_bound?= =?ISO-8859-1?Q?_to_overflow_a_line_boundary_to_test_gmail=2Epdf?=" X-Mailer: YahooMailWebService/0.8.113.313619 Content-Type: application/vnd.openxmlformats- officedocument.wordprocessingml.document; name="=?utf-8?B?base64encodedstring?= =?utf-8?B?base64encodedstring?=" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="=?utf-8?B?base64encodedstring?= =?utf-8?B?base64encodedstring?=" X-Mailer: Lotus Notes Release 6.5.5 November 30, 2005: Content-type: application/pdf; name="=?ISO-8859-1?Q?abcde=E9abcde=E9abcde=E9?= =?ISO-8859-1?Q?abcde=2Cl=2Epdf?=" Content-Disposition: attachment; filename="=?ISO-8859-1?Q?abcde=E9abcde=E9_abcde=E9?= =?ISO-8859-1?Q?abcde=2Cl=2Epdf?=" Content-ID: <20__=snip> Content-transfer-encoding: base64 X-Mailer: Lotus Domino Web Server Release 6.5.5FP1 HF551 November 27, 2007: Content-type: application/pdf; name="=?windows-1252?Q?abcde_=28=E9?= =?windows-1252?Q?=29=2Epdf?=" Content-Disposition: attachment; filename="=?windows-1252?Q?abcde_=28=E9?= =?windows-1252?Q?=29=2Epdf?=" Content-transfer-encoding: base64 Timo also noted the same style of filename encoding in Apple Mail in the previous thread I started, it would be interesting to try Apple Mail with a very long filename to cause it to split across multiple lines and see how it encodes the filename then, > Looks like Apple Mail also sends: > > Content-Type: application/octet-stream; > > name="=?iso-8859-1?Q?p=E4=E4?=" Best regards, Andrew. From ar-dovecotlist at acrconsulting.co.uk Fri Sep 30 01:48:21 2011 From: ar-dovecotlist at acrconsulting.co.uk (Andrew Richards) Date: 29 Sep 2011 23:48:21 +0100 Subject: [Dovecot] Long attachment encoded filenames (for non-ASCII characters etc) in MIME headers & corresponding Dovecot behaviour Message-ID: <201109292348.21999.ar-dovecotlist@acrconsulting.co.uk> (Correction: Subject was confused) Hi, I've noticed a possible minor issue with long encoded filenames for attachments where these filenames are split across multiple lines. My understanding of character encoding and MIME is not as good as it should be, so I may easily have got this all mixed up, in which case sorry for the noise... Although I understand the preferred method for handling filenames split across multiple lines (because they're too long to fit on one line in the message) is that suggested in RFC2184/2231, so for example, filename*0*=iso-8859-1''accented_characters_here_%EA%CA%E6 filename*1=etc%2Epdf I find that some mail clients do this instead, filename="=?ISO-8859-1?Q?accented_characters_here_=EA=CA=E6?= =?ISO-8859-1?Q?etc=2Epdf?=" In Dovecot this results in, 0 fetch 25 body * 25 FETCH (BODY (("text" "plain" ("charset" "ISO-8859-1") NIL NIL "7bit" 239 8)("application" "pdf" ("name" "=?ISO-8859-1?Q?accented_characters_here_=EA=CA=E6?= =?ISO-8859-1?Q?etc=2Epdf?=") NIL NIL "base64" 219130) "mixed")) esp. note the unwanted space - or in fact the sequence ?= =? between the two sections of the filename. I think a possible tweak for Dovecot would be to combine the filename parts in this situation to remove the ?= =?. I'm not sure if an IMAP client should know to combine the parts in their current format. FWIW I see that Courier does the same as Dovecot in this situation. I think the 'alternative' method of splitting filenames I'm raising breaks RFC2047 (details below), but unfortunately this method is used by some large email generators like gmail - also details below. Key bits from RFC2047 section 5 part (3) re. only a single encoded-word ('phrase') being allowed for a MIME Content-Type / Content-Disposition: phrase = 1*( encoded-word / word ) An 'encoded-word' MUST NOT be used in parameter of a MIME Content-Type or Content-Disposition field, or in any structured field body except within a 'comment' or 'phrase'. Here are the mail clients I noted this issue with (original filenames destroyed because I've been examining my client's emails for this issue - with their permission), (AOL) X-Mailer: Webmail 33953-STANDARD Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="=?utf-8?Q?abcde?= =?utf-8?Q?abcde=C3=A9abcde.jpg?=" Content-Type: image/jpeg; name="=?utf-8?Q?abcde?= =?utf-8?Q?abcde=C3=A9abcde.jpg?=" Gmail: Content-Type: application/pdf; name="=?ISO-8859-1?Q?with_a_=EA=CA=E6_super=2Dlong_name_that=27s_bound?= =?ISO-8859-1?Q?_to_overflow_a_line_boundary_to_test_gmail=2Epdf?=" Content-Disposition: attachment; filename="=?ISO-8859-1?Q?with_a_=EA=CA=E6_super=2Dlong_name_that=27s_bound?= =?ISO-8859-1?Q?_to_overflow_a_line_boundary_to_test_gmail=2Epdf?=" X-Mailer: YahooMailWebService/0.8.113.313619 Content-Type: application/vnd.openxmlformats- officedocument.wordprocessingml.document; name="=?utf-8?B?base64encodedstring?= =?utf-8?B?base64encodedstring?=" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="=?utf-8?B?base64encodedstring?= =?utf-8?B?base64encodedstring?=" X-Mailer: Lotus Notes Release 6.5.5 November 30, 2005: Content-type: application/pdf; name="=?ISO-8859-1?Q?abcde=E9abcde=E9abcde=E9?= =?ISO-8859-1?Q?abcde=2Cl=2Epdf?=" Content-Disposition: attachment; filename="=?ISO-8859-1?Q?abcde=E9abcde=E9_abcde=E9?= =?ISO-8859-1?Q?abcde=2Cl=2Epdf?=" Content-ID: <20__=snip> Content-transfer-encoding: base64 X-Mailer: Lotus Domino Web Server Release 6.5.5FP1 HF551 November 27, 2007: Content-type: application/pdf; name="=?windows-1252?Q?abcde_=28=E9?= =?windows-1252?Q?=29=2Epdf?=" Content-Disposition: attachment; filename="=?windows-1252?Q?abcde_=28=E9?= =?windows-1252?Q?=29=2Epdf?=" Content-transfer-encoding: base64 Timo also noted the same style of filename encoding in Apple Mail in the previous thread I started, it would be interesting to try Apple Mail with a very long filename to cause it to split across multiple lines and see how it encodes the filename then, > Looks like Apple Mail also sends: > > Content-Type: application/octet-stream; > > name="=?iso-8859-1?Q?p=E4=E4?=" Best regards, Andrew. From slusarz at curecanti.org Fri Sep 30 02:07:08 2011 From: slusarz at curecanti.org (Michael M Slusarz) Date: Thu, 29 Sep 2011 17:07:08 -0600 Subject: [Dovecot] Broken mail clients? [MIME] Long attachment encoded filenames (for non-ASCII characters etc) In-Reply-To: <201109292338.44590.ar-dovecotlist@acrconsulting.co.uk> References: <201109292338.44590.ar-dovecotlist@acrconsulting.co.uk> Message-ID: <20110929170708.Horde.C90fP4F5lbhOhPocU46wxcA@bigworm.curecanti.org> Quoting Andrew Richards : > Hi, > > I've noticed a possible minor issue with long encoded filenames for > attachments > where these filenames are split across multiple lines. My understanding of > character encoding and MIME is not as good as it should be, so I may easily > have got this all mixed up, in which case sorry for the noise... > > Although I understand the preferred method for handling filenames > split across > multiple lines (because they're too long to fit on one line in the > message) is > that suggested in RFC2184/2231, so for example, > filename*0*=iso-8859-1''accented_characters_here_%EA%CA%E6 > filename*1=etc%2Epdf > > I find that some mail clients do this instead, > filename="=?ISO-8859-1?Q?accented_characters_here_=EA=CA=E6?= > =?ISO-8859-1?Q?etc=2Epdf?=" > > In Dovecot this results in, > 0 fetch 25 body > * 25 FETCH (BODY (("text" "plain" ("charset" "ISO-8859-1") NIL NIL "7bit" 239 > 8)("application" "pdf" ("name" > "=?ISO-8859-1?Q?accented_characters_here_=EA=CA=E6?= > =?ISO-8859-1?Q?etc=2Epdf?=") NIL NIL "base64" 219130) "mixed")) > > esp. note the unwanted space - or in fact the sequence ?= =? between the two > sections of the filename. I think a possible tweak for Dovecot would be to > combine the filename parts in this situation to remove the ?= =?. > I'm not sure > if an IMAP client should know to combine the parts in their current format. > FWIW I see that Courier does the same as Dovecot in this situation. Dovecot's behavior is correct. There's nothing "special" about that name parameter - it's not RFC 2231 encoded - so the IMAP server should output the exact header text as-is. Those two parts were separated by space in the original header - they should be separated by space when grabbing the fetch data. If the *client* wants to workaround these broken messages, it can do whatever munging is wants to translate the contents of the "name" parameter. But that should be up to the client. An IMAP server should not be making wild assumptions about what the original sender wanted to do with the message vs. what it actually sent. FYI: A workaround is to do something like this when sending a message: Content-Dispostion: attachment; filename="=?ISO-8859-1?Q?accented_characters_here_=EA=CA=E6?= =?ISO-8859-1?Q?etc=2Epdf?="; filename*0*=iso-8859-1''accented_characters_here_%EA%CA%E6; filename*1=etc%2Epdf When parsing, MIME parsers *generally* perform in a FIFO manner (although see note below). So what will happen here is an IMAP server will overwrite the initial broken filename parameter with the correct, unencoded RFC 2231 parameter. (Note: RFC 2045 [5] states that parameter order is not significant, so you can't depend on this 100%. But any decent RFC 2231 MIME parser will do sanity checking no matter the order of the parameters and should never replace an parameter value generated via RFC 2231 encoding with a parameter value that is non-encoded). Conversely, a broken (or at least non-RFC2231 MIME parser) that sees the above header will instead report three different parameters - filename, filename*0*, and filename*1. Non 2231 agents will most likely try to do RFC 2046 unencoding on the 'filename' parameter, which will succeed. 2231 agents will recognize that 2231 data exists and will do the necessary concatenation/unencoding itself on the 'filename*0*' and 'filename*1' parameters, and will completely ignore the 'filename' parameter. michael From ar-dovecotlist at acrconsulting.co.uk Fri Sep 30 02:30:55 2011 From: ar-dovecotlist at acrconsulting.co.uk (Andrew Richards) Date: 30 Sep 2011 00:30:55 +0100 Subject: [Dovecot] Long attachment encoded filenames (for non-ASCII characters etc) in MIME headers & corresponding Dovecot behaviour In-Reply-To: <20110929170708.Horde.C90fP4F5lbhOhPocU46wxcA@bigworm.curecanti.org> References: <201109292338.44590.ar-dovecotlist@acrconsulting.co.uk> <20110929170708.Horde.C90fP4F5lbhOhPocU46wxcA@bigworm.curecanti.org> Message-ID: <201109300030.55645.ar-dovecotlist@acrconsulting.co.uk> (Subject line altered - original was confused) On Friday 30 September 2011 00:07:08 Michael M Slusarz wrote: > Quoting Andrew Richards : > > Hi, > > > > I've noticed a possible minor issue with long encoded filenames for > > attachments > > where these filenames are split across multiple lines. My understanding > > of character encoding and MIME is not as good as it should be, so I may > > easily have got this all mixed up, in which case sorry for the noise... > > > > Although I understand the preferred method for handling filenames > > split across multiple lines (because they're too long to fit on one line > > in the message) is that suggested in RFC2184/2231, so for example, > > filename*0*=iso-8859-1''accented_characters_here_%EA%CA%E6 > > filename*1=etc%2Epdf > > > > I find that some mail clients do this instead, > > filename="=?ISO-8859-1?Q?accented_characters_here_=EA=CA=E6?= > > =?ISO-8859-1?Q?etc=2Epdf?=" > > > > In Dovecot this results in, > > 0 fetch 25 body > > * 25 FETCH (BODY (("text" "plain" ("charset" "ISO-8859-1") NIL NIL "7bit" > > 239 8)("application" "pdf" ("name" > > "=?ISO-8859-1?Q?accented_characters_here_=EA=CA=E6?= > > =?ISO-8859-1?Q?etc=2Epdf?=") NIL NIL "base64" 219130) "mixed")) > > > > esp. note the unwanted space - or in fact the sequence ?= =? between the > > two sections of the filename. I think a possible tweak for Dovecot would > > be to combine the filename parts in this situation to remove the ?= =?. Correcting myself: ...remove the ?= =?ISO-8859-1?Q? (not just ?= =?) to generate the string in this example, "=?ISO-8859-1?Q?accented_characters_here_=EA=CA=E6etc=2Epdf?=" > > I'm not sure > > if an IMAP client should know to combine the parts in their current > > format. FWIW I see that Courier does the same as Dovecot in this > > situation. > > Dovecot's behavior is correct. There's nothing "special" about that > name parameter - it's not RFC 2231 encoded - so the IMAP server should > output the exact header text as-is. Those two parts were separated by > space in the original header - they should be separated by space when > grabbing the fetch data. I can accept that Dovecot's behaviour is technically correct, but my point is that (if I've understood correctly) with some large mailers like Gmail acting in a non-RFC2231 manner, is it worth adapting Dovecot to play nicely with them. Possibly I'm conflating 2 separate issues: Munging together non-RFC2231 attachment filename parts, large mailers not using RFC2231 to handle long non- ASCII filenames. > If the *client* wants to workaround these broken messages, it can do > whatever munging is wants to translate the contents of the "name" > parameter. But that should be up to the client. An IMAP server > should not be making wild assumptions about what the original sender > wanted to do with the message vs. what it actually sent. > > FYI: A workaround is to do something like this when sending a message: > > Content-Dispostion: attachment; > filename="=?ISO-8859-1?Q?accented_characters_here_=EA=CA=E6?= > =?ISO-8859-1?Q?etc=2Epdf?="; > filename*0*=iso-8859-1''accented_characters_here_%EA%CA%E6; > filename*1=etc%2Epdf Sure: I accept that that's the preferred way to handle long filenames that need to be encoded - but I'm noting that there are badly-behaved large mailers that don't do so, so I wonder if it's worth Dovecot mitigating the effects. Best regards, Andrew. From knute2011 at knutejohnson.com Fri Sep 30 06:56:34 2011 From: knute2011 at knutejohnson.com (Knute Johnson) Date: Thu, 29 Sep 2011 20:56:34 -0700 Subject: [Dovecot] Error message in log Message-ID: <4E853DF2.7070105@knutejohnson.com> I'm getting the following message in my log; dovecot: IMAP(knute): fchown(/home/knute/mail/.imap/INBOX/dovecot.index.cache.lock, -1, 8(mail)) failed: Operation not permitted (egid=1000(knute), group based on /var/mail/knute): 1 Time(s) dovecot: IMAP(knute): fchown(/home/knute/mail/.imap/INBOX/dovecot.index.log.newlock, -1, 8(mail)) failed: Operation not permitted (egid=1000(knute), group based on /var/mail/knute): 2 Time(s) dovecot: IMAP(knute): fchown(/home/knute/mail/.imap/INBOX/dovecot.index.tmp, -1, 8(mail)) failed: Operation not permitted (egid=1000(knute), group based on /var/mail/knute): 4 Time(s) I got these once before on the /var/mail/user files and changed the permissions to 600. /home/knute/mail/.imap/INBOX is 770 and the index files are 600. Is this a problem with the directory privilege? Thanks, -- Knute Johnson knute2011 at knutejohnson.com From janfrode at tanso.net Fri Sep 30 13:42:17 2011 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Fri, 30 Sep 2011 12:42:17 +0200 Subject: [Dovecot] Panic: file lmtp-proxy.c: line 370 (lmtp_proxy_output_timeout): assertion failed: (proxy->data_input->eof) In-Reply-To: <1317308942.24498.YahooMailNeo@web29115.mail.ird.yahoo.com> References: <1317308942.24498.YahooMailNeo@web29115.mail.ird.yahoo.com> Message-ID: <20110930104217.GA21864@oc1046828364.ibm.com> On Thu, Sep 29, 2011 at 04:09:02PM +0100, mailing lists wrote: > Hello all, > > today I got this crash from dovecot (2.0.14) FYI: You're not alone.. http://dovecot.org/list/dovecot/2011-September/060830.html I seem to remember thinking this probably was caused by too short LMTP_PROXY_DATA_INPUT_TIMEOUT_MSECS in lmtp-proxy.c, but I've given up on lmtp-proxying for now.. Will have to revisit at some later point. -jf From ejs at shubes.net Fri Sep 30 19:07:41 2011 From: ejs at shubes.net (Eric Shubert) Date: Fri, 30 Sep 2011 09:07:41 -0700 Subject: [Dovecot] Intermittent authentication failures Message-ID: I'm running dovecot with vpopmail. Here's the configuration: [root at wong log]# dovecot -n # 2.0.11: /etc/dovecot/dovecot.conf # OS: Linux 2.6.18-238.9.1.el5 i686 CentOS release 5.6 (Final) auth_cache_size = 32 M auth_mechanisms = plain login digest-md5 cram-md5 auth_username_format = %Lu first_valid_uid = 89 log_path = /var/log/dovecot.log login_greeting = Dovecot toaster ready. mail_fsync = always mail_nfs_index = yes mail_nfs_storage = yes mmap_disable = yes namespace { inbox = yes location = prefix = separator = . type = private } passdb { args = cache_key=%u webmail=127.0.0.1 driver = vpopmail } plugin/quota = maildir protocols = imap ssl_cert = , method=CRAM-MD5, rip=192.168.252.8, lip=192.168.252.14, mpid=20301 but (seemingly more frequently) the authentication fails: Sep 30 08:16:41 imap-login: Info: Aborted login (auth failed, 1 attempts): user=, method=CRAM-MD5, rip=192.168.252.8, lip=192.168.252.14 I restarted dovecot, and that apparently cleared the problem for one user, but not others. Is this perhaps a bug in dovecot, or would the problem lie with vpopmail? TIA for any pointers. -- -Eric 'shubes' From simon.brereton at buongiorno.com Fri Sep 30 19:33:02 2011 From: simon.brereton at buongiorno.com (Simon Brereton) Date: Fri, 30 Sep 2011 12:33:02 -0400 Subject: [Dovecot] SSL only for external connections Message-ID: <01ca01cc7f8e$a04dab30$e0e90190$@brereton@buongiorno.com> Hi I'm running dovecot 1:1.2.15-7 and php webmail application is throwing errors when connecting to IMAP with TLS. Is there away to disable SSL/TLS for localhost connections? I googled, but didn't see anything specific. Can I assume that it's as simple as setting ssl_listen = to the external IP address(es) and leaving listen = * as it is? Thanks. Simon From terry at cnysupport.com Fri Sep 30 20:15:50 2011 From: terry at cnysupport.com (Terry Carmen) Date: Fri, 30 Sep 2011 13:15:50 -0400 Subject: [Dovecot] SSL only for external connections Message-ID: <20110930131550.Horde.s20OVVeGiNBOhflGDHUDDtA@www.cnysupport.com> An embedded and charset-unspecified text was scrubbed... Name: not available URL: From simon.brereton at buongiorno.com Fri Sep 30 20:34:56 2011 From: simon.brereton at buongiorno.com (Simon Brereton) Date: Fri, 30 Sep 2011 13:34:56 -0400 Subject: [Dovecot] SSL only for external connections In-Reply-To: <20110930131550.Horde.s20OVVeGiNBOhflGDHUDDtA@www.cnysupport.com> References: <20110930131550.Horde.s20OVVeGiNBOhflGDHUDDtA@www.cnysupport.com> Message-ID: <01ea01cc7f97$45fa69d0$d1ef3d70$@brereton@buongiorno.com> > -----Original Message----- > From: dovecot-bounces at dovecot.org [mailto:dovecot- > bounces at dovecot.org] On Behalf Of Terry Carmen > > If SSL/TLS works from the outside, but not the inside, you should > probably find out why and fix that instead. You'd think so - but since I don't actually need TLS from the inside, and given my skill level - disabling it seems easier :) > What is the actual error text? 2011-09-29T15:33:14-04:00 WARN: HORDE4 [imp] PHP ERROR: fwrite(): SSL: Broken pipe [pid 23503 on line 3716 of "/usr/share/php/Horde/Imap/Client/Socket.php"] 2011-09-29T15:33:14-04:00 WARN: HORDE4 [imp] PHP ERROR: fwrite() expects parameter 1 to be resource, null given [pid 23503 on line 3714 of "/usr/share/php/Horde/Imap/Client/Socket.php"] 2011-09-29T15:33:14-04:00 WARN: HORDE4 [imp] PHP ERROR: fwrite() expects parameter 1 to be resource, null given [pid 23503 on line 3716 of "/usr/share/php/Horde/Imap/Client/Socket.php"] 2011-09-29T15:33:14-04:00 WARN: HORDE4 [imp] PHP ERROR: feof() expects parameter 1 to be resource, null given [pid 23503 on line 3909 of "/usr/share/php/Horde/Imap/Client/Socket.php"] 2011-09-29T15:33:14-04:00 WARN: HORDE4 [imp] PHP ERROR: fgets() expects parameter 1 to be resource, null given [pid 23503 on line 3925 of "/usr/share/php/Horde/Imap/Client/Socket.php"] 2011-09-29T15:33:14-04:00 ERR: HORDE4 [imp] IMAP server denied authentication. [pid 23503 on line 340 of "/usr/share/horde4/imp/lib/Imap.php"] 2011-09-29T15:38:05-04:00 ERR: HORDE4 [imp] Server does not support TLS connections. [pid 23596 on line 340 of "/usr/share/horde4/imp/lib/Imap.php"] The mail log (to which Dovecot logs) shows nothing for either of those time periods - and a single (successful) login with TLS at 15:33:15 - The consensus from the excellent Horde mailing list is that it's either an IMAP issue or a PHP one. Since the dovecot log isn't showing any errors I'm inclined to believe it's PHP. And since I have neither the skills nor the time to engage with those folks on the intricacies of fwrite, fget and feof, I'd rather just not have the TLS overhead on localhost connections (which probably makes sense even if I did have the inclination). So, would setting ssl_listen to the external IP remove the TLS offer from localhost connections? Simon From stan at hardwarefreak.com Fri Sep 30 20:46:10 2011 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Fri, 30 Sep 2011 12:46:10 -0500 Subject: [Dovecot] SSL only for external connections In-Reply-To: <01ea01cc7f97$45fa69d0$d1ef3d70$@brereton@buongiorno.com> References: <20110930131550.Horde.s20OVVeGiNBOhflGDHUDDtA@www.cnysupport.com> <01ea01cc7f97$45fa69d0$d1ef3d70$@brereton@buongiorno.com> Message-ID: <4E860062.40902@hardwarefreak.com> On 9/30/2011 12:34 PM, Simon Brereton wrote: >> -----Original Message----- >> From: dovecot-bounces at dovecot.org [mailto:dovecot- >> bounces at dovecot.org] On Behalf Of Terry Carmen > >> >> If SSL/TLS works from the outside, but not the inside, you should >> probably find out why and fix that instead. > > You'd think so - but since I don't actually need TLS from the inside, and given my skill level - disabling it seems easier :) You don't need TLS/SSL from the outside either, if this is strictly a webmail box. In this case, configure Apache/lighttpd+Horde to only accept HTTPS connections from the outside, and configure Horde to connect via the Dovecot localhost:143 listener. This is how I've been doing it with Roundcube for years. Works like a champ. With encrypted sessions between browser and web server, and both Horde and Dovecot running on the same host, you don't need to, nor want to, use IMAPS. -- Stan From simon.brereton at buongiorno.com Fri Sep 30 21:04:01 2011 From: simon.brereton at buongiorno.com (Simon Brereton) Date: Fri, 30 Sep 2011 14:04:01 -0400 Subject: [Dovecot] SSL only for external connections In-Reply-To: <4E860062.40902@hardwarefreak.com> References: <20110930131550.Horde.s20OVVeGiNBOhflGDHUDDtA@www.cnysupport.com> <01ea01cc7f97$45fa69d0$d1ef3d70$@brereton@buongiorno.com> <4E860062.40902@hardwarefreak.com> Message-ID: <01f001cc7f9b$560ca730$0225f590$@brereton@buongiorno.com> > -----Original Message----- > From: dovecot-bounces at dovecot.org [mailto:dovecot- > bounces at dovecot.org] On Behalf Of Stan Hoeppner > On 9/30/2011 12:34 PM, Simon Brereton wrote: > >> -----Original Message----- > >> From: dovecot-bounces at dovecot.org [mailto:dovecot- > >> bounces at dovecot.org] On Behalf Of Terry Carmen > > > >> > >> If SSL/TLS works from the outside, but not the inside, you should > >> probably find out why and fix that instead. > > > > You'd think so - but since I don't actually need TLS from the > inside, > > and given my skill level - disabling it seems easier :) > > You don't need TLS/SSL from the outside either, if this is strictly a > webmail box. In this case, configure Apache/lighttpd+Horde to only > accept HTTPS connections from the outside, and configure Horde to > connect via the Dovecot localhost:143 listener. This is how I've > been doing it with Roundcube for years. Works like a champ. It's not strictly a webmail box though. IMAP clients (fixed and mobile) connect to it. So what I'd like is IMAP, IMAPS, POP3 and POP3S on the outside and IMAP only on the local host (there's no actual reason to offer POP to the localhost either... > With encrypted sessions between browser and web server, and both > Horde and Dovecot running on the same host, you don't need to, nor > want to, use IMAPS. Makes sense. Simon From slusarz at curecanti.org Fri Sep 30 21:17:18 2011 From: slusarz at curecanti.org (Michael M Slusarz) Date: Fri, 30 Sep 2011 12:17:18 -0600 Subject: [Dovecot] SSL only for external connections In-Reply-To: <01f001cc7f9b$560ca730$0225f590$@brereton@buongiorno.com> References: <20110930131550.Horde.s20OVVeGiNBOhflGDHUDDtA@www.cnysupport.com> <01ea01cc7f97$45fa69d0$d1ef3d70$@brereton@buongiorno.com> <4E860062.40902@hardwarefreak.com> <01f001cc7f9b$560ca730$0225f590$@brereton@buongiorno.com> Message-ID: <20110930121718.Horde.3eYlX4F5lbhOhgeuZgDH09A@bigworm.curecanti.org> Quoting Simon Brereton : >> -----Original Message----- >> From: dovecot-bounces at dovecot.org [mailto:dovecot- >> bounces at dovecot.org] On Behalf Of Stan Hoeppner >> On 9/30/2011 12:34 PM, Simon Brereton wrote: >> >> -----Original Message----- >> >> From: dovecot-bounces at dovecot.org [mailto:dovecot- >> >> bounces at dovecot.org] On Behalf Of Terry Carmen >> > >> >> >> >> If SSL/TLS works from the outside, but not the inside, you should >> >> probably find out why and fix that instead. >> > >> > You'd think so - but since I don't actually need TLS from the >> inside, >> > and given my skill level - disabling it seems easier :) >> >> You don't need TLS/SSL from the outside either, if this is strictly a >> webmail box. In this case, configure Apache/lighttpd+Horde to only >> accept HTTPS connections from the outside, and configure Horde to >> connect via the Dovecot localhost:143 listener. This is how I've >> been doing it with Roundcube for years. Works like a champ. > > It's not strictly a webmail box though. IMAP clients (fixed and > mobile) connect to it. So what I'd like is IMAP, IMAPS, POP3 and > POP3S on the outside and IMAP only on the local host (there's no > actual reason to offer POP to the localhost either... You can also configure the MUA (e.g. Horde) to not use a secure connection, as opposed to turning off features on the server level. michael From dick at fouter.net Fri Sep 30 21:28:51 2011 From: dick at fouter.net (Dick Middleton) Date: Fri, 30 Sep 2011 19:28:51 +0100 Subject: [Dovecot] SSL only for external connections In-Reply-To: <20110930131550.Horde.s20OVVeGiNBOhflGDHUDDtA@www.cnysupport.com> References: <20110930131550.Horde.s20OVVeGiNBOhflGDHUDDtA@www.cnysupport.com> Message-ID: <4E860A63.4040604@fouter.net> On 09/30/11 18:15, Terry Carmen wrote: > > If SSL/TLS works from the outside, but not the inside, you should probably > find out why and fix that instead. > > What is the actual error text? In my limited experience there are two main reasons why it can work from outside but not inside. One is a routing problem. The common problem is trying to connect from inside using the outside IP address where the replies try to take a different route back. The second reason is to do with the SSL certificate which will have a CN indicating the server name. If you try to connect from the inside the server name will not match and you'll get a certificate error. A third possibility is you're trying to use TLS on an SSL connection. You need to use port 143 for TLS and 993 for SSL. However your error messages show an authentication error and I suspect you are using an encrypted password on a connection that doesn't support it. It's fairly common if TLS is demanded that PLAIN auth is the only method accepted. Without more detail one can only guess. Dick From simon.brereton at buongiorno.com Fri Sep 30 22:25:01 2011 From: simon.brereton at buongiorno.com (Simon Brereton) Date: Fri, 30 Sep 2011 15:25:01 -0400 Subject: [Dovecot] SSL only for external connections In-Reply-To: <4E860A63.4040604@fouter.net> References: <20110930131550.Horde.s20OVVeGiNBOhflGDHUDDtA@www.cnysupport.com> <4E860A63.4040604@fouter.net> Message-ID: <01f601cc7fa6$a6f27cf0$f4d776d0$@brereton@buongiorno.com> > -----Original Message----- > From: dovecot-bounces at dovecot.org [mailto:dovecot- > bounces at dovecot.org] On Behalf Of Dick Middleton > On 09/30/11 18:15, Terry Carmen wrote: > > > > If SSL/TLS works from the outside, but not the inside, you should > > probably find out why and fix that instead. > > > > What is the actual error text? > > In my limited experience there are two main reasons why it can work > from outside but not inside. One is a routing problem. The common > problem is trying to connect from inside using the outside IP address > where the replies try to take a different route back. > > The second reason is to do with the SSL certificate which will have a > CN indicating the server name. If you try to connect from the inside > the server name will not match and you'll get a certificate error. > > A third possibility is you're trying to use TLS on an SSL connection. > You need to use port 143 for TLS and 993 for SSL. > > However your error messages show an authentication error and I > suspect you are using an encrypted password on a connection that > doesn't support it. It's fairly common if TLS is demanded that PLAIN > auth is the only method accepted. > > Without more detail one can only guess. 1) No. 2) Yes. 3) No. Your postulation about the certificate is a good one. The weird thing is that the error is not consistent, which is why I hadn't caught it before I was idly trawling through the logs. As Michael says - I can (and probably should) turn this off in the horde config. But the question remains - if only because it's now there - how does one limit services effectively in Dovecot. In Courier it was fairly easy and well documented. There's no reason for me to offer IMAPS or POP3S to localhost (because of the certificate issue) and there's also no reason for me to offer POP3 to localhost either. For posterity and for my own edification it would be nice to know how to do that. Thanks for the help and input. Simon From slusarz at curecanti.org Fri Sep 30 22:39:40 2011 From: slusarz at curecanti.org (Michael M Slusarz) Date: Fri, 30 Sep 2011 13:39:40 -0600 Subject: [Dovecot] SSL only for external connections In-Reply-To: <01f601cc7fa6$a6f27cf0$f4d776d0$@brereton@buongiorno.com> References: <20110930131550.Horde.s20OVVeGiNBOhflGDHUDDtA@www.cnysupport.com> <4E860A63.4040604@fouter.net> <01f601cc7fa6$a6f27cf0$f4d776d0$@brereton@buongiorno.com> Message-ID: <20110930133940.Horde.Eyq2RoF5lbhOhhr8YnmH1IA@bigworm.curecanti.org> Quoting Simon Brereton : > But the question remains - if only because it's now there - how does > one limit services effectively in Dovecot. In Courier it was fairly > easy and well documented. There's no reason for me to offer IMAPS > or POP3S to localhost (because of the certificate issue) and there's > also no reason for me to offer POP3 to localhost either. > > For posterity and for my own edification it would be nice to know > how to do that. At a minimum, you can't disable TLS. If you disable TLS support in dovecot, the server is no longer IMAP 4rev1 compliant (see RFC 3501 [6.1.1] - STARTTLS MUST be supported by server). michael From dick at fouter.net Fri Sep 30 22:47:29 2011 From: dick at fouter.net (Dick Middleton) Date: Fri, 30 Sep 2011 20:47:29 +0100 Subject: [Dovecot] SSL only for external connections In-Reply-To: <01f601cc7fa6$a6f27cf0$f4d776d0$@brereton@buongiorno.com> References: <20110930131550.Horde.s20OVVeGiNBOhflGDHUDDtA@www.cnysupport.com> <4E860A63.4040604@fouter.net> <01f601cc7fa6$a6f27cf0$f4d776d0$@brereton@buongiorno.com> Message-ID: <4E861CD1.8000301@fouter.net> On 09/30/11 20:25, Simon Brereton wrote: > But the question remains - if only because it's now there - how does one limit services effectively in Dovecot. In Courier it was fairly easy and well documented. There's no reason for me to offer IMAPS or POP3S to localhost (because of the certificate issue) and there's also no reason for me to offer POP3 to localhost either. > > For posterity and for my own edification it would be nice to know how to do that. I don't think you can do that. However if you don't want to use tls/ssl just connect to port 143 plain. I don't know about horde but Roundcube you use tls://localhost, ssl://locahost or just localhost. i.e the choice is with the client not the server. Dick From ejs at shubes.net Fri Sep 30 22:55:32 2011 From: ejs at shubes.net (Eric Shubert) Date: Fri, 30 Sep 2011 12:55:32 -0700 Subject: [Dovecot] SSL only for external connections In-Reply-To: <20110930121718.Horde.3eYlX4F5lbhOhgeuZgDH09A@bigworm.curecanti.org> References: <20110930131550.Horde.s20OVVeGiNBOhflGDHUDDtA@www.cnysupport.com> <01ea01cc7f97$45fa69d0$d1ef3d70$@brereton@buongiorno.com> <4E860062.40902@hardwarefreak.com> <01f001cc7f9b$560ca730$0225f590$@brereton@buongiorno.com> <20110930121718.Horde.3eYlX4F5lbhOhgeuZgDH09A@bigworm.curecanti.org> Message-ID: On 09/30/2011 11:17 AM, Michael M Slusarz wrote: > Quoting Simon Brereton : > >>> -----Original Message----- >>> From: dovecot-bounces at dovecot.org [mailto:dovecot- >>> bounces at dovecot.org] On Behalf Of Stan Hoeppner >>> On 9/30/2011 12:34 PM, Simon Brereton wrote: >>> >> -----Original Message----- >>> >> From: dovecot-bounces at dovecot.org [mailto:dovecot- >>> >> bounces at dovecot.org] On Behalf Of Terry Carmen >>> > >>> >> >>> >> If SSL/TLS works from the outside, but not the inside, you should >>> >> probably find out why and fix that instead. >>> > >>> > You'd think so - but since I don't actually need TLS from the >>> inside, >>> > and given my skill level - disabling it seems easier :) >>> >>> You don't need TLS/SSL from the outside either, if this is strictly a >>> webmail box. In this case, configure Apache/lighttpd+Horde to only >>> accept HTTPS connections from the outside, and configure Horde to >>> connect via the Dovecot localhost:143 listener. This is how I've >>> been doing it with Roundcube for years. Works like a champ. >> >> It's not strictly a webmail box though. IMAP clients (fixed and >> mobile) connect to it. So what I'd like is IMAP, IMAPS, POP3 and POP3S >> on the outside and IMAP only on the local host (there's no actual >> reason to offer POP to the localhost either... > > You can also configure the MUA (e.g. Horde) to not use a secure > connection, as opposed to turning off features on the server level. > > michael > > This makes the most sense to me. The client should decide what to use. FWIW. -- -Eric 'shubes' From terry at cnysupport.com Fri Sep 30 22:59:29 2011 From: terry at cnysupport.com (Terry Carmen) Date: Fri, 30 Sep 2011 15:59:29 -0400 Subject: [Dovecot] SSL only for external connections In-Reply-To: <4E861CD1.8000301@fouter.net> References: <20110930131550.Horde.s20OVVeGiNBOhflGDHUDDtA@www.cnysupport.com> <4E860A63.4040604@fouter.net> <01f601cc7fa6$a6f27cf0$f4d776d0$@brereton@buongiorno.com> <4E861CD1.8000301@fouter.net> Message-ID: <20110930155929.Horde.5sE8eFeGiNBOhh_hd8OmjeA@www.cnysupport.com> > On 09/30/11 20:25, Simon Brereton wrote: > >> But the question remains - if only because it's now there - how >> does one limit services effectively in Dovecot. In Courier it was >> fairly easy and well documented. There's no reason for me to offer >> IMAPS or POP3S to localhost (because of the certificate issue) and >> there's also no reason for me to offer POP3 to localhost either. >> >> For posterity and for my own edification it would be nice to know >> how to do that. You can specify what ports and interfaces the various services listen on with the inet_listener configuration block and the "address" and "port" configuration items in the 10-master.conf configuration file. Terry From ejs at shubes.net Fri Sep 30 22:59:56 2011 From: ejs at shubes.net (Eric Shubert) Date: Fri, 30 Sep 2011 12:59:56 -0700 Subject: [Dovecot] Intermittent authentication failures In-Reply-To: References: Message-ID: On 09/30/2011 09:07 AM, Eric Shubert wrote: > > CRAM-MD5 works sometimes: > Sep 30 08:15:43 imap-login: Info: Login: user=, > method=CRAM-MD5, rip=192.168.252.8, lip=192.168.252.14, mpid=20301 > > but (seemingly more frequently) the authentication fails: > Sep 30 08:16:41 imap-login: Info: Aborted login (auth failed, 1 > attempts): user=, method=CRAM-MD5, rip=192.168.252.8, > lip=192.168.252.14 > > I restarted dovecot, and that apparently cleared the problem for one > user, but not others. > > Is this perhaps a bug in dovecot, or would the problem lie with vpopmail? > > TIA for any pointers. > FWIW, I tried digest-md5, and experience the same problem. Is it possible that passwords are being cached in such a way that different login mechanisms cannot be used by different client programs with the same user account? -- -Eric 'shubes' From simon.brereton at buongiorno.com Fri Sep 30 23:49:21 2011 From: simon.brereton at buongiorno.com (Simon Brereton) Date: Fri, 30 Sep 2011 16:49:21 -0400 Subject: [Dovecot] SSL only for external connections In-Reply-To: <20110930155929.Horde.5sE8eFeGiNBOhh_hd8OmjeA@www.cnysupport.com> References: <20110930131550.Horde.s20OVVeGiNBOhflGDHUDDtA@www.cnysupport.com> <4E860A63.4040604@fouter.net> <01f601cc7fa6$a6f27cf0$f4d776d0$@brereton@buongiorno.com> <4E861CD1.8000301@fouter.net> <20110930155929.Horde.5sE8eFeGiNBOhh_hd8OmjeA@www.cnysupport.com> Message-ID: <01ff01cc7fb2$6ef8ff20$4ceafd60$@brereton@buongiorno.com> > -----Original Message----- > From: dovecot-bounces at dovecot.org [mailto:dovecot- > bounces at dovecot.org] On Behalf Of Terry Carmen > > On 09/30/11 20:25, Simon Brereton wrote: > > > >> But the question remains - if only because it's now there - how > does > >> one limit services effectively in Dovecot. In Courier it was > fairly > >> easy and well documented. There's no reason for me to offer IMAPS > or > >> POP3S to localhost (because of the certificate issue) and there's > >> also no reason for me to offer POP3 to localhost either. > >> > >> For posterity and for my own edification it would be nice to know > how > >> to do that. > > You can specify what ports and interfaces the various services listen > on with the inet_listener configuration block and the "address" and > "port" > configuration items in the 10-master.conf configuration file. I don't have that file. Part of the problem is that I'm confused between protocols and wrappers and interfaces :) Dick and Michael have persuaded me that it's just easier to for Horde not to ask for TLS on port 143 - because that's in fact what I was doing - and it's pointless. Nonetheless, I think it would be nice to tell Dovecot listen on the local interface for IMAP. Listen on the external interface for IMAP, IMAPS, POP and POP3S. But if there's not simple way to do that I don't have a valid use-case for doing it right now. Thanks for all the input everyone! Happy Weekend. Simon From spack.world at gmail.com Thu Sep 1 01:17:47 2011 From: spack.world at gmail.com (Spack) Date: Thu, 1 Sep 2011 00:17:47 +0200 Subject: [Dovecot] [PATCH] Allow verification of user's hash in doveadm-pw Message-ID: Hi, It may be useful for testing purpose to know if a generated password hash correspond to a given clear password. This can be useful to check if a hash generated by another program can be verified by Dovecot without any errors. This patch adds the ability the verify a password hash using `doveadm pw` via the `-V` option. ??? $ doveadm pw -s SSHA.hex ??? Enter new password: ??? Retype new password: ??? {SSHA.HEX}58b910d947c60b35be3e12b0d9897c1f87dfa450e6d5a75c ??? $ doveadm pw -s SSHA.hex -V{SSHA.HEX}58b910d947c60b35be3e12b0d9897c1f87dfa450e6d5a75c ??? Enter new password: ??? Retype new password: ??? {SSHA.HEX}4fdf801f57870fb624bee60895c2308187837dfb3987ca06 (verified) When the user specify a hash, it is checked in place of the usual verification process. This works with all schemes. Just be sure to escape special characters or use simple quotes. $ doveadm pw -s MD5-CRYPT -V'{MD5-CRYPT}$1$R7thDyN.$E0G0czPE/h4S0Hn/b5oVW1' Enter new password: Retype new password: {MD5-CRYPT}$1$rp8nVSqq$gDAPM5iqv1yhBoDZIWsQ4/ (verified) Lets print a failed check: doveadm pw -s CRYPT -V{CRYPT}/uuE/AAAAAAAA Enter new password: Retype new password: reverse password verification check failed FYI the word used for those test cases was "password". Regards, ___ Jimmy Thrasibule -------------- next part -------------- A non-text attachment was scrubbed... Name: user_hash-doveadm-pw.diff Type: text/x-patch Size: 1708 bytes Desc: not available URL: From stephan at rename-it.nl Thu Sep 1 02:15:39 2011 From: stephan at rename-it.nl (Stephan Bosch) Date: Thu, 01 Sep 2011 01:15:39 +0200 Subject: [Dovecot] thunderbird and subscriptions with sieve In-Reply-To: <4E5E9E36.8020904@teradactyl.com> References: <4E5E9E36.8020904@teradactyl.com> Message-ID: <4E5EC09B.6010709@rename-it.nl> On 8/31/2011 10:48 PM, Kristen J. Webb wrote: > Hi All, > I'm a newbie trying to move mail out of my ISP onto a ubuntu (lucid) > dovecot 1.2.9 server. > > Is there any way to automatically add folders created by sieve > (GNU Mailutils 2.1) to the subscriptions file for a user? > > I'm currently testing spam, and if sieve created the folder with the > first > message, the thunderbird user does not see the new folder. > Even more interesting, if the user then tries to create the Spam > directory > it thunderbird seems to quietly ignore the request and the user still > cannot see the folder, but I digress... > > I can manually subscribe with thunderbird, but this won't scale for more > complex sieve later by making the user responsible for finding > everything. > > I can turn off subscription view in advanced settings on thunderbird, > but we are trying to wean ourselves of of individual mail clients > and I don't want to have to test this everywhere. > > Many thanks in advance! If you set lda_mailbox_autosubscribe to yes, it will subscribe folders created by Sieve automatically. However, afaik Thunderbird will not notice the subscription at first. You need to reconnect for that to be noticed. Regards, Stephan. From thomas-lists at nybeta.com Thu Sep 1 03:30:11 2011 From: thomas-lists at nybeta.com (Thomas Harold) Date: Wed, 31 Aug 2011 20:30:11 -0400 Subject: [Dovecot] thunderbird and subscriptions with sieve In-Reply-To: <4E5EC09B.6010709@rename-it.nl> References: <4E5E9E36.8020904@teradactyl.com> <4E5EC09B.6010709@rename-it.nl> Message-ID: <4E5ED213.809@nybeta.com> On 8/31/2011 7:15 PM, Stephan Bosch wrote: > > If you set lda_mailbox_autosubscribe to yes, it will subscribe folders > created by Sieve automatically. > > However, afaik Thunderbird will not notice the subscription at first. > You need to reconnect for that to be noticed. > That's been my experience. Sometimes a refresh will pick it up, but Thunderbird tends to be very slow about picking up new folders until you restart Thunderbird. Note that in Dovecot v1, there's a flag that you set on the dovecot LDA to enable this behavior (lda_mailbox_autosubscribe was added in Dovecot v2): http://wiki.dovecot.org/LDA Note the "-n" and "-s" parameters. (Which get configured in master.cf if you're using Postfix. Not sure how that gets configured on other MTAs.) From thomas-lists at nybeta.com Thu Sep 1 03:40:09 2011 From: thomas-lists at nybeta.com (Thomas Harold) Date: Wed, 31 Aug 2011 20:40:09 -0400 Subject: [Dovecot] Multiple domains to one inbox and temporary redirects... In-Reply-To: <4E5E6446.1070406@bunbun.be> References: <007f01cc67f6$5622d1c0$02687540$@brereton@buongiorno.com> <4E5E6446.1070406@bunbun.be> Message-ID: <4E5ED469.5070202@nybeta.com> On 8/31/2011 12:41 PM, Nick Rosier wrote: > I'm using Postfixadmin to manage users and have server alias-domains. > All mail sent to an alias-domain is delivered to the other domain. Quite > easy if you've got postfixadmin already setup. > > Otherwise I think you could configure virtual_alias_maps in postfix to > something like hash:virtual_domains > > virtual_domains: > @example.net @example.com > It's been a while since I played with virtual_alias_maps, but does that allow Postfix to say "that account doesn't exist" during the initial SMTP transaction? We try to reject as much as possible during the SMTP session to avoid any later bounces. I remember that one of the ways of doing it was bad as Postfix would accept, then a later step (maybe the LDA) would say "whoops! can't deliver this". So we do it one by one by creating a virtual mailbox under the primary domain (user1 at example.com) and then doing a virtual alias under the secondary domain (user1 at example.net -> user1 at example.com). From micah at riseup.net Thu Sep 1 00:58:31 2011 From: micah at riseup.net (Micah Anderson) Date: Wed, 31 Aug 2011 17:58:31 -0400 Subject: [Dovecot] sorting order changed during migration from courier Message-ID: <87bov5dz08.fsf@algae.riseup.net> Hello, I've been working to migrate to dovecot (debian stable: 1:1.2.15-7) from courier (debian old-stable: 4.4.0-2). I've setup everything and migrated a test user over to the new system, and ran the courier-dovecot-migrate.pl script. The user is using alpine (the free version of pine) and their sort order changed on move to dovecot. Originally it was the default in alpine, which is to sort based on arrival. If he changes the sort order in alpine to sort based on date, then things are back to how he expects it. I noticed that there are no known issues with pine (http://wiki.dovecot.org/Clients#Pine). Ideally, I would prefer if all the users who are migrated aren't presented with a different sort order than they were used to, as the support burden will be quite high. What is it about this migration that could have caused that, and more importantly, how can I fix it? I moved the mail from the original system to this system via rsync -a. The old system was an i686 machine and ext3, this new one is amd64 and ext4. thanks for any ideas! micah # dovecot -n # 1.2.15: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.2 protocols: imap imaps pop3 pop3s disable_plaintext_auth: no verbose_ssl: yes login_dir: /var/run/dovecot/login login_executable(default): /usr/lib/dovecot/imap-login login_executable(imap): /usr/lib/dovecot/imap-login login_executable(pop3): /usr/lib/dovecot/pop3-login login_greeting: howdy, ready. login_processes_count: 10 login_max_processes_count: 256 first_valid_uid: 8 last_valid_uid: 8 first_valid_gid: 8 last_valid_gid: 8 mail_uid: 8 mail_gid: 8 mail_location: maildir:~/ maildir_copy_preserve_filename: yes maildir_very_dirty_syncs: yes mbox_write_locks: fcntl dotlock mail_executable(default): /maildir/postlogin_imap mail_executable(imap): /maildir/postlogin_imap mail_executable(pop3): /maildir/postlogin_pop mail_process_size: 512 mail_plugins(default): expire quota imap_quota mail_plugins(imap): expire quota imap_quota mail_plugins(pop3): expire quota mail_plugin_dir(default): /usr/lib/dovecot/modules/imap mail_plugin_dir(imap): /usr/lib/dovecot/modules/imap mail_plugin_dir(pop3): /usr/lib/dovecot/modules/pop3 imap_client_workarounds(default): tb-extra-mailbox-sep delay-newmail imap_client_workarounds(imap): tb-extra-mailbox-sep delay-newmail imap_client_workarounds(pop3): pop3_client_workarounds(default): pop3_client_workarounds(imap): pop3_client_workarounds(pop3): outlook-no-nuls oe-ns-eoh namespace: type: private separator: . prefix: INBOX. inbox: yes list: yes subscriptions: yes lda: postmaster_address: postmaster at riseup.net auth default: default_realm: riseup.net verbose: yes passdb: driver: sql args: /etc/dovecot/dovecot-sql.conf userdb: driver: prefetch dict: expire: mysql:/etc/dovecot/dovecot-dict-expire.conf -- -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 835 bytes Desc: not available URL: From tss at iki.fi Thu Sep 1 04:32:34 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 1 Sep 2011 04:32:34 +0300 Subject: [Dovecot] thunderbird and subscriptions with sieve In-Reply-To: <4E5E9E36.8020904@teradactyl.com> References: <4E5E9E36.8020904@teradactyl.com> Message-ID: On 31.8.2011, at 23.48, Kristen J. Webb wrote: > Is there any way to automatically add folders created by sieve > (GNU Mailutils 2.1) to the subscriptions file for a user? You mean you're using Mailutils Sieve, not Dovecot Sieve? The only reasonable solution I can think of is: Mailutils Sieve would have to subscribe to newly created folders itself, maybe by patching it or if it supports running some script then doing it that way. With Dovecot v2.0 it could run "doveadm mailbox subscribe $folder", but with v1.2 you'd have to write your own script. Any other solution would basically require always subscribing to all folders, which kind of defeats their whole purpose. From tss at iki.fi Thu Sep 1 04:34:48 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 1 Sep 2011 04:34:48 +0300 Subject: [Dovecot] Proprietary mail storage. In-Reply-To: References: <6E503447-8B67-454D-9B3E-EE34C3675405@iki.fi> Message-ID: Should work fine. On 31.8.2011, at 22.19, Alex Cherniak wrote: > Thanks, Timo. > Technically, it's not a Maildir, but my plan is to re-create one with > folders containing hard or symbolic links pointing to the real > storage. Is it going to be a problem? > > On Wed, Aug 31, 2011 at 10:52 AM, Timo Sirainen wrote: >> On 31.8.2011, at 17.24, Alex Cherniak wrote: >> >>> I have a large existing read-only collection of mails packaged in >>> individual zip files as +. Is it >>> possible (and how difficult) to create a proprietary plugin (like >>> gzip) which will open a zip file, extract mail and pass it back to >>> Dovecot? Where do I start? If plugin is not the right approach, what >>> is? >> >> Is it otherwise a Maildir? If yes, you could base your code on the zlib plugin, or perhaps more easily you could use mail-filter plugin: http://dovecot.org/patches/2.0/mail-filter.tar.gz >> >> With mail-filter you can basically just put the messages through whatever program/script you want which gets the mail as input and outputs the wanted message body. I think the v2.0 mail-filter had some (potential?) bug, v2.1 mail-filter is anyway redesigned and should work perfectly. >> >>> Another question is how will this affect Dovecot performance and how >>> to avoid any significant degradation. >> >> I doubt it's going to be a problem. >> >> > From dlie76 at yahoo.com.au Thu Sep 1 09:07:57 2011 From: dlie76 at yahoo.com.au (Daminto Lie) Date: Wed, 31 Aug 2011 23:07:57 -0700 (PDT) Subject: [Dovecot] dovecot imap permission denied In-Reply-To: <69D3650A-1B43-42C7-8FBD-C921F80C5D5F@iki.fi> References: <1314763772.49414.YahooMailNeo@web113404.mail.gq1.yahoo.com> <1314766974.8787.26.camel@hurina> <1314773266.74037.YahooMailNeo@web113409.mail.gq1.yahoo.com> <69D3650A-1B43-42C7-8FBD-C921F80C5D5F@iki.fi> Message-ID: <1314857277.11811.YahooMailNeo@web113409.mail.gq1.yahoo.com> Thanks Timo for your reply. It now works fine with Passdb LDAP with password lookups. Users can now login with no problem.? However, when trying to do LDAP authentication with Authentication binds, I received the following errors from mail.log Sep? 1 15:34:22 server1 dovecot: auth(default): client in: AUTH#0111#011PLAIN#011service=imap#011secured#011lip=127.0.0.1#011rip=127.0.0.1#011lport=143#011rport=34719#011resp=AG1pa2VfbGVlAGRsaWUzMjA1 Sep? 1 15:34:22 server1 dovecot: auth-worker(default): pam(mike_lee,127.0.0.1): lookup service=dovecot Sep? 1 15:34:22 server1 dovecot: auth-worker(default): pam(mike_lee,127.0.0.1): #1/1 style=1 msg=Password: Sep? 1 15:34:22 server1 dovecot: auth(default): new auth connection: pid=1947 Sep? 1 15:34:24 server1 dovecot: auth-worker(default): pam(mike_lee,127.0.0.1): pam_authenticate() failed: Authentication failure (password mismatch?) (given password: secrets) Sep? 1 15:34:24 server1 dovecot: auth(default): passwd(mike_lee,127.0.0.1): lookup Sep? 1 15:34:24 server1 dovecot: auth(default): passwd(mike_lee,127.0.0.1): unknown user Sep? 1 15:34:24 server1 dovecot: auth(default): ldap(mike_lee,127.0.0.1): invalid credentials (given password: secrets) Sep? 1 15:34:26 server1 dovecot: auth(default): client out: FAIL#0111#011user=mike_lee Sep? 1 15:34:31 server1 dovecot: imap-login: Aborted login (auth failed, 1 attempts): user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured I do not understand why I am getting pam() authentication issue when I deliberately chose not to use it. The following is the setting I have in dovecot-ldap.conf hosts = localhost #uris = dn = uid=dovecot,ou=accounts,dc=companyexample,dc=com,dc=au dnpass = helloworld #sasl_bind = no #sasl_mech = #sasl_realm = #sasl_authz_id = #tls = no #tls_ca_cert_file = #tls_ca_cert_dir = #tls_cert_file = #tls_key_file = #tls_cipher_suite = #tls_require_cert = #ldaprc_path = #debug_level = 0 auth_bind = yes auth_bind_userdn = cn=%u,ou=accounts,dc=companyexample,dc=com,dc=au ldap_version = 3 base = ou=accounts,dc=companyexample,dc=com,dc=au deref = never scope = subtree user_attrs = homeDirectory=home user_filter = (&(objectClass=posixAccount)(uid=%u)) #pass_attrs = uid=user,userPassword=password pass_filter = (&(objectClass=posixAccount)(uid=%u)) default_pass_scheme = PLAIN This is what I have in dovecot.conf base_dir = /var/run/dovecot protocols = imap ?? protocol imap { ???? listen = *:143 ?? } #?? protocol pop3 { #???? listen = *:10100 #???? .. #?? } #?? protocol managesieve { #???? listen = *:12000 #???? .. #?? } #listen = * disable_plaintext_auth = no log_timestamp = "%Y-%m-%d %H:%M:%S " #ssl_listen = ssl = no #ssl_cert_file = /etc/ssl/certs/dovecot.pem #ssl_key_file = /etc/ssl/private/dovecot.pem #ssl_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem #ssl_key_file = /etc/ssl/private/ssl-cert-snakeoil.key #ssl_key_password = #ssl_ca_file = #ssl_verify_client_cert = no #ssl_cert_username_field = commonName #ssl_parameters_regenerate = 168 #ssl_cipher_list = ALL:!LOW:!SSLv2 #verbose_ssl = no login_dir = /var/run/dovecot/login login_chroot = yes login_user = dovecot #login_process_size = 64 #login_process_per_connection = yes #login_processes_count = 3 #login_max_processes_count = 128 #login_max_connections = 256 #login_greeting = Dovecot ready. #login_trusted_networks = #login_log_format_elements = user=<%u> method=%m rip=%r lip=%l %c #login_log_format = %$: %s mail_location = maildir:/home/%u/Maildir mail_uid = 3000 mail_gid = 8 mail_privileged_group = mail #mail_access_groups = #mail_full_filesystem_access = no #mail_debug = no #mail_log_max_lines_per_sec = 10 #mmap_disable = no #dotlock_use_excl = yes #fsync_disable = no #mail_nfs_index = no #lock_method = fcntl #mail_drop_priv_before_exec = no verbose_proctitle = yes first_valid_uid = 3000 last_valid_uid = 3000 first_valid_gid = 8 last_valid_gid = 8 #max_mail_processes = 512 #mail_process_size = 256 #mail_max_keyword_length = 50 #valid_chroot_dirs = #mail_chroot = #mail_cache_min_mail_count = 0 #mailbox_idle_check_interval = 30 mail_save_crlf = no #maildir_stat_dirs = no maildir_copy_with_hardlinks = yes #maildir_copy_preserve_filename = no #maildir_very_dirty_syncs = no protocol imap { ? #login_executable = /usr/lib/dovecot/imap-login ? #mail_executable = /usr/lib/dovecot/imap ? #imap_max_line_length = 65536 ? #mail_max_userip_connections = 10 ? #mail_plugin_dir = /usr/lib/dovecot/modules/imap ? #imap_logout_format = bytes=%i/%o ? #imap_capability = ? #imap_idle_notify_interval = 120 ? #imap_id_send = ? #imap_id_log = ? imap_client_workarounds = outlook-idle delay-newmail netscape-eoh tb-extra-mailbox-sep oe6-fetch-no-newmail } protocol pop3 { ? pop3_uidl_format = %08Xu%08Xv } protocol managesieve { } #auth_executable = /usr/lib/dovecot/dovecot-auth #auth_process_size = 256 #auth_cache_size = 0 #auth_cache_ttl = 3600 #auth_cache_negative_ttl = 3600 #auth_realms = #auth_default_realm = #auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@ #auth_username_translation = #auth_username_format = #auth_master_user_separator = #auth_anonymous_username = anonymous auth_verbose = yes auth_debug = yes auth_debug_passwords = yes #auth_worker_max_count = 30 #auth_gssapi_hostname = #auth_krb5_keytab = #auth_use_winbind = no #auth_winbind_helper_path = /usr/bin/ntlm_auth #auth_failure_delay = 2 auth default { ? mechanisms = plain ? passdb pam { ? } ? passdb passwd { ? } ? passdb ldap { ??? args = /etc/dovecot/dovecot-ldap.conf ? } ? userdb passwd { ??? args = /etc/dovecot/dovecot-ldap-userdb.conf ? } ? userdb ldap { ??? args = /etc/dovecot/dovecot-ldap.conf ? } ? user = root ? #user = dovecot-auth??? ? #chroot = ? #count = 1 ? #ssl_require_client_cert = no ? #ssl_username_from_cert = no ? socket listen { ??? client { ????? path = /var/spool/postfix/private/auth ????? mode = 0660 ????? user = postfix ????? group = postfix ??? } ? } ? !include_try /etc/dovecot/auth.d/*.auth } plugin { } # Config files can also be included. deliver doesn't support them currently. #!include /etc/dovecot/conf.d/*.conf # Optional configurations, don't give an error if it's not found: !include_try /etc/dovecot/conf.d/*.conf #!include_try /etc/dovecot/extra.conf I wonder where I did it wrong. I did not set pam authentication. Any help would be appreciated. Thank you ________________________________ From: Timo Sirainen To: Daminto Lie Cc: "dovecot at dovecot.org" Sent: Wednesday, 31 August 2011 4:52 PM Subject: Re: [Dovecot] dovecot imap permission denied On 31.8.2011, at 9.47, Daminto Lie wrote: > Thanks a lot Timo, > > Creating directories for new users is not an issue. It's the permission that makes me headache. The error message you showed said that the user's home directory didn't exist, and the permission problem came only because it didn't exist and Dovecot tried to create it. > I tried the following > > sudo chmod o-r /home/$USER > sudo chmod g+rw /home/$USER > > It did not work until I did chmod 777 /home. Right, because only then did it have enough permissions to create the home dir. > Is it safe to make home directory with permission 777? No. From janfrode at tanso.net Thu Sep 1 10:17:43 2011 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Thu, 1 Sep 2011 09:17:43 +0200 Subject: [Dovecot] lmtp bouncing -- Invalid parameters (in reply to MAIL FROM command) In-Reply-To: <1314790730.1197.10.camel@hurina> References: <20110831110307.GA25350@oc1046828364.ibm.com> <20110831112131.GB25350@oc1046828364.ibm.com> <1314790730.1197.10.camel@hurina> Message-ID: <20110901071743.GA30405@oc1046828364.ibm.com> On Wed, Aug 31, 2011 at 02:38:50PM +0300, Timo Sirainen wrote: > On Wed, 2011-08-31 at 13:21 +0200, Jan-Frode Myklebust wrote: > > mail from:<"a b"@no.no> > > 501 5.5.4 Invalid parameters > > This is fixed in v2.0.14. Wow, you're quick :-) Thanks! -jf From janfrode at tanso.net Thu Sep 1 10:26:39 2011 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Thu, 1 Sep 2011 09:26:39 +0200 Subject: [Dovecot] Crash in director/lmtp-proxy (lmtp_proxy_output_timeout) Message-ID: <20110901072639.GB30405@oc1046828364.ibm.com> FYI, we saw one panic on our director/lmtp-proxy yesterday. It's running dovecot v2.0.13, so it very well might have been fixed already.., but here it is anyway: Aug 31 11:33:31 loadbalancer1 dovecot:: lmtp(4119): Panic: file lmtp-proxy.c: line 370 (lmtp_proxy_output_timeout): assertion failed: (proxy->data_input->eof) Aug 31 11:33:31 loadbalancer1 dovecot:: lmtp(4119): Error: Raw backtrace: /usr/lib64/dovecot/libdovecot.so.0 [0x3aabc3bb70] -> /usr/lib64/dovecot/libdovecot.so.0 [0x3aabc3bbc6] -> /usr/lib64/dovecot/libdovecot.so.0 [0x3aabc3b083] -> dovecot/lmtp [0x406c90] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_handle_timeouts+0xcd) [0x3aabc46a8d] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_handler_run+0x68) [0x3aabc47a48] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_run+0x2d) [0x3aabc466fd] -> /usr/lib64/dovecot/libdovecot.so.0(master_service_run+0x13) [0x3aabc34fe3] -> dovecot/lmtp(main+0x144) [0x404034] -> /lib64/libc.so.6(__libc_start_main+0xf4) [0x32ae81d994] -> dovecot/lmtp [0x403e39] Aug 31 11:33:31 loadbalancer1 dovecot:: master: Error: service(lmtp): child 4119 killed with signal 6 (core dumps disabled) On postfix side at the same time, we saw a few different messages about: postfix/lmtp[5178]:: 849FD1C024: lost connection with loadbalancers.example.com[192.168.42.15] while sending end of data -- message may be sent more than once so I suspect this crash took down all active lmtp-proxyed connections. -jf From r.vicinus at metaways.de Thu Sep 1 11:26:20 2011 From: r.vicinus at metaways.de (Reinhard Vicinus) Date: Thu, 01 Sep 2011 10:26:20 +0200 Subject: [Dovecot] Segmentation fault in dovecot director lmtp service In-Reply-To: <1314121487.10421.1312.camel@hurina> References: <20110817114228.2705AA0D2@mx04.metaways.net> <1314121487.10421.1312.camel@hurina> Message-ID: <4E5F41AC.7070009@metaways.de> Hi, sorry for my late reply. I have run dovecot with your patch for a week and i wasn't able to reproduce the segmentation fault and it also hasn't occurred during normal operation since then. Thanks Reinhard On 23/08/11 19:44, Timo Sirainen wrote: > On Wed, 2011-08-17 at 11:42 +0000, Reinhard Vicinus wrote: >> Hi, >> >> >> the lmtp service of our dovecot director installation quits with a >> segmentation fault if a lot of mails are simultaneously delivered. >> For example if the postfix mailqueue is filled (for whatever reason) >> and postqueue -f is run the lmtp service quits with a segmentation >> fault: > It probably means that the remote LMTP server disconnected the client > for whatever reason. http://hg.dovecot.org/dovecot-2.0/rev/2f988e370a41 > should help. > > -- Reinhard Vicinus Metaways Infosystems GmbH Pickhuben 2, D-20457 Hamburg E-Mail: r.vicinus at metaways.de Web: http://www.metaways.de Tel: +49 (0)40 317031-524 Fax: +49 (0)40 317031-10 Metaways Infosystems GmbH - Sitz: D-22967 Tremsb?ttel Handelsregister: Amtsgericht L?beck HRB 4508 AH Gesch?ftsf?hrung: Hermann Thaele, L?der-H. Thaele From tss at iki.fi Thu Sep 1 12:27:32 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 01 Sep 2011 12:27:32 +0300 Subject: [Dovecot] v2.1.alpha1 released Message-ID: <1314869252.27581.9.camel@hurina> http://dovecot.org/releases/2.1/alpha/dovecot-2.1.alpha1.tar.gz http://dovecot.org/releases/2.1/alpha/dovecot-2.1.alpha1.tar.gz.sig So it's time for the first alpha version of Dovecot v2.1. There are no huge intrusive changes, so I expect v2.1.0 to be released this year (maybe even in a few months?) The biggest changes are related to full text search handling. I'll probably still make some changes to it and its configuration. Also it wouldn't be difficult to add more backends, does anyone want to add Xapian support for Dovecot? :) Mailbox list indexes are intended to improve performance of IMAP STATUS command lookups, since they could be simply looked up from the index without even opening the mailbox. TODO related to this: 1) optimize virtual mailbox handling so that it doesn't need to actually open all of the mailboxes' index files, it can simply look at the mailbox list index for changes. 2) Implement IMAP NOTIFY extension using this. Statistics tracking can be used to look at what's happening currently in your system and also its history. You can look at what's happening in command/session/user/domain/ip level. "doveadm stats top" gives a list of currently running sessions and sorts them by whichever is using the most disk io/cpu/whatever. "doveadm stats dump" followed by one of the levels shows you a raw dump of everything stored in that level. It would be nice if someone wrote a pretty Ajaxy HTML stats browser where you could zoom in/out of levels. I'd also like to hear if anyone has suggestions on how to improve what stats are gathered or how they could be exported. (I've thought about SNMP, but I'm not entirely sure how to export the data nicely using it.) Finally here's the NEWS file: * Plugins now use UTF-8 mailbox names rather than mUTF-7: acl, autocreate, expire, trash, virtual * auth_username_format default changed to %Lu. If you really want case sensitive usernames, set it back to empty. * Solr full text search backend changed to use mailbox GUIDs instead of mailbox names, requiring reindexing everything. solr_old backend can be used with old indexes to avoid reindexing, but it doesn't support some newer features. + imapc (= IMAP client) storage allows using a remote IMAP server to be used as storage. This allows using Dovecot as a smart (caching) proxy or using dsync to do migration from remote IMAP server. + Mailbox indexing via queuing indexer service (required for Lucene) + Lucene full text search (FTS) backend rewritten with support for different languages + FTS finally supports "OR" search operation + FTS supports indexing attachments via external programs + IMAP FUZZY extension, supported by Lucene and Solr FTS backends + Mailbox list indexes + Statistics tracking via stats service. Exported via doveadm stats. + Autocreate plugin creates/subscribes mailboxes physically only when the mailbox is opened for the first time. Mailbox listing shows the autocreated mailboxes even if they don't physically exist. + Password and user databases now support default_fields and override_fields settings to specify template defaults/overrides. - listescape plugin works perfectly now From arne at drlinux.no Thu Sep 1 13:56:12 2011 From: arne at drlinux.no (Arne K. Haaje) Date: Thu, 01 Sep 2011 12:56:12 +0200 Subject: [Dovecot] Password query returned multiple matches Message-ID: <1433050.adJ7uCDQRR@trillian> Wednesday 31. August 2011 11.44.03 skrev Simon Brereton : > > -----Original Message----- > > From: Timo Sirainen [mailto:tss at iki.fi] > > > > On 31.8.2011, at 18.19, Simon Brereton wrote: > > > Aug 30 22:41:45 mail dovecot: auth-worker(default): > > sql(sbrereton at domain.co.uk,64.88.168.84): Password query returned > > multiple matches > > .. > > > > > password_query = SELECT EmailAdd AS user, Password AS password, > > > > concat('/var/spool/mail/virtual/',MailDirLoc) as userdb_home, 999 as > > userdb_uid, 115 as userdb_gid FROM MailAccounts WHERE Username='%u' > > AND active = '1'; > > > > > Since the EmailAdd is unique I don't see how it can return multiple > > > > matches. > > > > You're querying with Username, not with EmailAdd, and apparently > > there are multiple rows where Username='sbrereton at domain.co.uk'. > > Well, what do you know - there are two Usernames that at the same! I have > no idea how that happened. You could change or add the index for Username column to UNIQUE. That will ensure it does not happen again :) Arne -- Arne K. Haaje - Dr Linux http://www.drlinux.no/ ::: arne at drlinux.no LinkedIn: http://no.linkedin.com/pub/arne-haaje/27/189/bb From warden at geneseo.edu Thu Sep 1 14:50:33 2011 From: warden at geneseo.edu (David Warden) Date: Thu, 1 Sep 2011 07:50:33 -0400 Subject: [Dovecot] Kerberos GSSAPI - proper item name in keytab In-Reply-To: <20110831203956.GC30654@obsidianresearch.com> References: <4E5B9682.1040408@yandex.ru> <4E5BE3AE.7080303@inblock.ru> <4E5C7403.6020008@yandex.ru> <4E5E28CA.6020602@yandex.ru> <2332E510-FF66-4DFC-BE29-C85453561FFD@geneseo.edu> <4E5E38B8.7060404@yandex.ru> <4E5E5332.3060006@gmail.com> <20110831203956.GC30654@obsidianresearch.com> Message-ID: <68FC786C-9DF0-46CE-A943-F4B6D0B422FF@geneseo.edu> On Aug 31, 2011, at 4:39 PM, Jason Gunthorpe wrote: > On Wed, Aug 31, 2011 at 09:28:50AM -0600, Trever L. Adams wrote: > >> I have only followed part of this. It the original poster's problem is >> that the LDAP database is not being able to be accessed with an SPN >> ticket, this is because SPNs are not allowed to log in in AD. You need >> to use a user account (including MACHINE$ accounts). It took me forever >> to figure this out. To use this, you need a cron job that creates/renews >> tickets from time to time for the user/machine account. Then you use >> Dovecot's environment setup configuration to set the KRB5_CC (or >> whatever it is called, my head is elsewhere) env variable to that >> Kerberos ticket cache that was created in the cronjob. This cache needs >> to be readable by dovecot and should be owned by its user. > > This all works a 1000% better if you use Samba to join the domain and > create your keytab with the right SPNs. See my prior posts to this > list for a formula. Using the MS kerberos compatability tools is > painful, complicated and tends to make a mess. > > Samba will create a machine UPN and populate the system keytab > appropriately. From a cron job you can use 'kinit -k' to maintain an > active ticket for the machine UPN which dovecot can use for LDAP > operations. > I would agree with that is easier unless/until you are load balancing connections on a single hostname to multiple physical machines. In that scenario you can't add SPNs for the shared hostname to the machine accounts (since SPNs must be unique) and you're still looking at futzing with ktpass. > Jason From stephan at rename-it.nl Thu Sep 1 15:55:14 2011 From: stephan at rename-it.nl (Stephan Bosch) Date: Thu, 01 Sep 2011 14:55:14 +0200 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <1314869252.27581.9.camel@hurina> References: <1314869252.27581.9.camel@hurina> Message-ID: <4E5F80B2.4080105@rename-it.nl> Op 1-9-2011 11:27, Timo Sirainen wrote: > http://dovecot.org/releases/2.1/alpha/dovecot-2.1.alpha1.tar.gz > http://dovecot.org/releases/2.1/alpha/dovecot-2.1.alpha1.tar.gz.sig > > So it's time for the first alpha version of Dovecot v2.1. There are no > huge intrusive changes, so I expect v2.1.0 to be released this year > (maybe even in a few months?) There is no specific Pigeonhole repository for v2.1 yet. However, we did port it to v2.1 and there is a patch available to port Pigeonhole v0.2 to Dovecot v2.1. It is kept up-to-date in its own mq repository: http://hg.rename-it.nl/pigeonhole-0.2-dovecot-2.1-patches/file/tip/pigeonhole-0.2-dovecot-2.1.patch Just apply it to a recent dovecot-2.0-pigeonhole tree and compile it against dovecot-2.1. Regards, Stephan. From klinkov at yandex.ru Thu Sep 1 16:53:36 2011 From: klinkov at yandex.ru (Stanislav Klinkov) Date: Thu, 01 Sep 2011 17:53:36 +0400 Subject: [Dovecot] [Solved] Kerberos GSSAPI - proper item name in keytab In-Reply-To: <4E5B9682.1040408@yandex.ru> References: <4E5B9682.1040408@yandex.ru> Message-ID: <4E5F8E60.9040701@yandex.ru> OK, gentlemen. I have found the source of problem. It appears to be very unexpectedly. My testing stand was deployed on a OpenVZ-bazed virtual machine with Venet interface on board. Here are references to OpenVZ documentation: http://wiki.openvz.org/Virtual_network_device http://wiki.openvz.org/Differences_between_venet_and_veth By design venet interface coressponds to a loopback interface with one or more aliases and very foxy routing rules. For example, in Debian it looks like this: ************** ifconfig output **************** lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:956 errors:0 dropped:0 overruns:0 frame:0 TX packets:956 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:134666 (131.5 KiB) TX bytes:134666 (131.5 KiB) venet0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 UP BROADCAST POINTOPOINT RUNNING NOARP MTU:1500 Metric:1 RX packets:160164 errors:0 dropped:0 overruns:0 frame:0 TX packets:106318 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:155480098 (148.2 MiB) TX bytes:17449831 (16.6 MiB) venet0:0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 inet addr:192.168.9.36 P-t-P:192.168.9.36 Bcast:0.0.0.0 Mask:255.255.255.255 UP BROADCAST POINTOPOINT RUNNING NOARP MTU:1500 Metric:1 ************************************************ In config file it looks like this: *********** /etc/network/interfaces ********* # Auto generated lo interface auto lo iface lo inet loopback # Auto generated venet0 interface auto venet0 iface venet0 inet manual up ifconfig venet0 up up ifconfig venet0 0 up route add default dev venet0 down route del default dev venet0 down ifconfig venet0 down iface venet0 inet6 manual auto venet0:0 iface venet0:0 inet static address 192.168.9.36 netmask 255.255.255.255 ********************************************* For most cases such type of emulation works fine. But this time either krb5 libs, or dovecot, or someone else could not correctly define hostname. So, someone of them (I beleive than krb5 libs) was unable to compare proper IP with the proper stanza in keytab. And neither explicit "listen" nor "auth_gssapi_hostname" directives became helpful. So, I changed equipped emulated interface from "Venet" to more "brute" Veth, and everything flies up. Thank you all very much for such an interesting discussion. I shall describe this situation in my howto's and known issues archive, for others. In other words, my trouble is totally OpenVZ-specific. So, I may pretend to be the first who bumped into it. And then, there is a second question. Can there be a way to continue using this crafty venet interface, but force krb5 libs to look up for desired IP ? Respectfully, Stanislav Klinkov. From frank at moltke28.B.Shuttle.DE Thu Sep 1 16:57:19 2011 From: frank at moltke28.B.Shuttle.DE (Frank Elsner) Date: Thu, 1 Sep 2011 15:57:19 +0200 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <1314869252.27581.9.camel@hurina> References: <1314869252.27581.9.camel@hurina> Message-ID: (auto-added) On Thu, 01 Sep 2011 12:27:32 +0300 Timo Sirainen wrote: > http://dovecot.org/releases/2.1/alpha/dovecot-2.1.alpha1.tar.gz > http://dovecot.org/releases/2.1/alpha/dovecot-2.1.alpha1.tar.gz.sig [ ... ] > + Statistics tracking via stats service. Exported via doveadm stats. My 2.0.13 configuration works perfect with dovecot-2.1.alpha1. What must I add to my configuration to enable the stats service? --Frank Elsner From tss at iki.fi Thu Sep 1 17:05:56 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 1 Sep 2011 17:05:56 +0300 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: (auto-added) References: <1314869252.27581.9.camel@hurina> (auto-added) Message-ID: <2AAA5E22-01A2-4405-922F-CA904F92EB12@iki.fi> On 1.9.2011, at 16.57, Frank Elsner wrote: >> + Statistics tracking via stats service. Exported via doveadm stats. > > My 2.0.13 configuration works perfect with dovecot-2.1.alpha1. > What must I add to my configuration to enable the stats service? mail_plugins = $mail_plugins stats protocol imap { mail_plugins = $mail_plugins imap_stats } plugin { stats_refresh = 10s stats_track_cmds = yes } Then you can use doveadm stats top/dump. From lists at luigirosa.com Thu Sep 1 17:29:07 2011 From: lists at luigirosa.com (Luigi Rosa) Date: Thu, 01 Sep 2011 16:29:07 +0200 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <2AAA5E22-01A2-4405-922F-CA904F92EB12@iki.fi> References: <1314869252.27581.9.camel@hurina> (auto-added) <2AAA5E22-01A2-4405-922F-CA904F92EB12@iki.fi> Message-ID: <4E5F96B3.8090709@luigirosa.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Timo Sirainen said the following on 01/09/11 16:05: > Then you can use doveadm stats top/dump. did what you said, restarted dovecot, run (as root) doveadm stats top and got this in dovecot log: Error: stats: open(/var/run/dovecot//stats-mail) failed: Permission denied And the output of doveadm was simply USER SERVICE %CPU %SYS DISKIN DISKOUT # ls -al /var/run/dovecot/ total 24 drwxr-xr-x 4 root root 4096 Sep 1 16:25 . drwxr-xr-x 22 root root 4096 Sep 1 15:01 .. srw------- 1 root root 0 Sep 1 16:25 anvil srw------- 1 root root 0 Sep 1 16:25 anvil-auth-penalty srw------- 1 root root 0 Sep 1 16:25 auth-client srw------- 1 dovecot root 0 Sep 1 16:25 auth-login srw------- 1 root root 0 Sep 1 16:25 auth-master srw-rw-rw- 1 root root 0 Sep 1 16:25 auth-userdb srw------- 1 dovecot root 0 Sep 1 16:25 auth-worker srw------- 1 root root 0 Sep 1 16:25 config srw------- 1 root root 0 Sep 1 16:25 dict srw------- 1 root root 0 Sep 1 16:25 director-admin srw------- 1 root root 0 Sep 1 16:25 director-userdb srw-rw-rw- 1 root root 0 Sep 1 16:25 dns-client srw------- 1 root root 0 Sep 1 16:25 doveadm-server lrwxrwxrwx 1 root root 25 Sep 1 16:25 dovecot.conf -> /etc/dovecot/dovecot.conf drwxr-xr-x 2 root root 4096 Dec 14 2009 empty srw-rw-rw- 1 root root 0 Sep 1 16:25 indexer srw-rw-rw- 1 root root 0 Sep 1 16:25 indexer-worker srw------- 1 root root 0 Sep 1 16:25 ipc srw-rw-rw- 1 root root 0 Sep 1 16:25 lmtp drwxr-x--- 2 root dovenull 4096 Sep 1 16:25 login - -rw------- 1 root root 6 Sep 1 16:25 master.pid srw------- 1 root root 0 Sep 1 16:25 stats prw------- 1 dovecot dovecot 0 Sep 1 16:25 stats-mail Ciao, luigi - -- / +--[Luigi Rosa]-- \ Zipple grelbnot horbnofg asirvnig fzouple! Or something like that. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk5flq8ACgkQ3kWu7Tfl6ZRQcQCeNbR0bBBf8Ux2pT4doiw912jO a3AAn3UPZu+xTqHXQ9XbCuxDPrrrd2vk =W99h -----END PGP SIGNATURE----- From tss at iki.fi Thu Sep 1 17:33:19 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 1 Sep 2011 17:33:19 +0300 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <4E5F96B3.8090709@luigirosa.com> References: <1314869252.27581.9.camel@hurina> (auto-added) <2AAA5E22-01A2-4405-922F-CA904F92EB12@iki.fi> <4E5F96B3.8090709@luigirosa.com> Message-ID: <5EDA8C12-D80B-48CD-B69A-A9969609617E@iki.fi> On 1.9.2011, at 17.29, Luigi Rosa wrote: >> Then you can use doveadm stats top/dump. > > did what you said, restarted dovecot, run (as root) doveadm stats top and got > this in dovecot log: > > Error: stats: open(/var/run/dovecot//stats-mail) failed: Permission denied Right, you'll also need to figure out proper permissions for this (or simply set mode to 0666): service stats { fifo_listener stats-mail { user = something mode = 0600 } } From stephan at rename-it.nl Thu Sep 1 17:34:09 2011 From: stephan at rename-it.nl (Stephan Bosch) Date: Thu, 01 Sep 2011 16:34:09 +0200 Subject: [Dovecot] v2.1.alpha1 released; automatic Debian repository for Dovecot v2.1 now available In-Reply-To: <1314869252.27581.9.camel@hurina> References: <1314869252.27581.9.camel@hurina> Message-ID: <4E5F97E1.5070308@rename-it.nl> Op 1-9-2011 11:27, Timo Sirainen schreef: > http://dovecot.org/releases/2.1/alpha/dovecot-2.1.alpha1.tar.gz > http://dovecot.org/releases/2.1/alpha/dovecot-2.1.alpha1.tar.gz.sig > > So it's time for the first alpha version of Dovecot v2.1. There are no > huge intrusive changes, so I expect v2.1.0 to be released this year > (maybe even in a few months?) I've started an automatic Debian package builder for Dovecot v2.1. It is now also documented in the wiki: http://wiki2.dovecot.org/PrebuiltBinaries#Automatically_Built_Packages Regards, Stephan. From lists at luigirosa.com Thu Sep 1 17:41:20 2011 From: lists at luigirosa.com (Luigi Rosa) Date: Thu, 01 Sep 2011 16:41:20 +0200 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <5EDA8C12-D80B-48CD-B69A-A9969609617E@iki.fi> References: <1314869252.27581.9.camel@hurina> (auto-added) <2AAA5E22-01A2-4405-922F-CA904F92EB12@iki.fi> <4E5F96B3.8090709@luigirosa.com> <5EDA8C12-D80B-48CD-B69A-A9969609617E@iki.fi> Message-ID: <4E5F9990.6060806@luigirosa.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Timo Sirainen said the following on 01/09/11 16:33: > Right, you'll also need to figure out proper permissions for this (or simply set mode to 0666): > > service stats { > fifo_listener stats-mail { > user = something > mode = 0600 > } > } > Works, thanks! For initial tests, I put 0666 But I got this: Sep 1 16:39:43 mail dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank Sep 1 16:39:51 mail dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank Sep 1 16:40:01 mail dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank Ciao, luigi - -- / +--[Luigi Rosa]-- \ A species that enslaves other beings is hardly superior, mentally or otherwise. --James Kirk, "The Gamesters of Triskelion" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk5fmY0ACgkQ3kWu7Tfl6ZSHwQCeM50dTX6RdKBKUkfCrPJcOdRz Aa8An07wqRjwYdgYsFqL04B1ZcMKWem2 =C3vb -----END PGP SIGNATURE----- From tss at iki.fi Thu Sep 1 17:53:26 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 1 Sep 2011 17:53:26 +0300 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <4E5F9990.6060806@luigirosa.com> References: <1314869252.27581.9.camel@hurina> (auto-added) <2AAA5E22-01A2-4405-922F-CA904F92EB12@iki.fi> <4E5F96B3.8090709@luigirosa.com> <5EDA8C12-D80B-48CD-B69A-A9969609617E@iki.fi> <4E5F9990.6060806@luigirosa.com> Message-ID: <32D56AC3-9213-4459-A231-3C41C1C2C18D@iki.fi> On 1.9.2011, at 17.41, Luigi Rosa wrote: > Sep 1 16:39:43 mail dovecot: stats: Error: Mail server input error: > UPDATE-SESSION: stats shrank Oh.. What OS is this? See what it logs with http://hg.dovecot.org/dovecot-2.1/rev/1c2d8da38a06 From lists at luigirosa.com Thu Sep 1 17:55:34 2011 From: lists at luigirosa.com (Luigi Rosa) Date: Thu, 01 Sep 2011 16:55:34 +0200 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <32D56AC3-9213-4459-A231-3C41C1C2C18D@iki.fi> References: <1314869252.27581.9.camel@hurina> (auto-added) <2AAA5E22-01A2-4405-922F-CA904F92EB12@iki.fi> <4E5F96B3.8090709@luigirosa.com> <5EDA8C12-D80B-48CD-B69A-A9969609617E@iki.fi> <4E5F9990.6060806@luigirosa.com> <32D56AC3-9213-4459-A231-3C41C1C2C18D@iki.fi> Message-ID: <4E5F9CE6.3020805@luigirosa.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Timo Sirainen said the following on 01/09/11 16:53: >> Sep 1 16:39:43 mail dovecot: stats: Error: Mail server input error: >> UPDATE-SESSION: stats shrank > > Oh.. What OS is this? See what it logs with http://hg.dovecot.org/dovecot-2.1/rev/1c2d8da38a06 > Linux mail.hypertrek.info 2.6.18-238.19.1.el5.centos.plus #1 SMP Mon Jul 18 10:05:09 EDT 2011 x86_64 x86_64 x86_64 GNU/Linux Compiled with ./configure --with-mysql --with-ssl=openssl --sysconfdir=/etc --localstatedir=/var I'm leaving and I'll be back this evening. Will do further checks later Ciao, luigi - -- / +--[Luigi Rosa]-- \ You know you've landed gear-up when it takes full power to taxi. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk5fnOIACgkQ3kWu7Tfl6ZQIAwCgt411k13mnhYsMS64P+1YOUmQ hEoAoJA16LYtzlbRn5MOu61f02X9/SuX =CVfU -----END PGP SIGNATURE----- From shopik at inblock.ru Thu Sep 1 18:40:01 2011 From: shopik at inblock.ru (Nikolay Shopik) Date: Thu, 01 Sep 2011 19:40:01 +0400 Subject: [Dovecot] [Solved] Kerberos GSSAPI - proper item name in keytab In-Reply-To: <4E5F8E60.9040701@yandex.ru> References: <4E5B9682.1040408@yandex.ru> <4E5F8E60.9040701@yandex.ru> Message-ID: On 01.09.2011 17:53, Stanislav Klinkov wrote: > Can there be a way to continue using this crafty venet interface, but > force krb5 libs to look up for desired IP ? Thanks for sharing solved problem. But I think this question better to forward to Kerberos mailing list. You probably find more explicit answer there, maybe this is even some kind of bug in krb5 libs :) From dmiller at amfes.com Thu Sep 1 19:48:05 2011 From: dmiller at amfes.com (Daniel L. Miller) Date: Thu, 01 Sep 2011 09:48:05 -0700 Subject: [Dovecot] OT - small hd recommendation In-Reply-To: <4E5E8E5F.4050204@nybeta.com> References: <4E5D5985.6040103@amfes.com> <4E5E8E5F.4050204@nybeta.com> Message-ID: On 8/31/2011 12:41 PM, Thomas Harold wrote: > On 8/30/2011 5:43 PM, Daniel L. Miller wrote: >> A little OT - but I've seen a few opinions voiced here by various admins >> and I'd like to benefit. > > RAID-10 is fine (note that the default mdadm RAID10 isn't actually > RAID10, but it works well enough). RAID-6 won't be faster (and will > probably be worse) although RAID-6 does do a bit better in a > double-drive failure over RAID-10. The only way to get more > performance out of (4) drives is to switch to 10k or 15k SAS (or SSDs). > > [...] > > (Take a look at /dev/disk/by-id, /dev/disk/by-uuid, etc. Export a copy > of that information on a daily/weekly basis off of the machine. In a > software RAID environment, it gives you better information about which > drive serial # failed rather then relying on lights.) > > Our mail server is 3-way RAID1 (triple mirror) for the OS and mail > queue with a 5-disk RAID-10 (4+spare) for mail storage. Given my extensive requirements - I haven't yet filled my existing 320GB - size isn't a big deal. Am I actually deriving much benefit from 4-disk RAID10 using 160GB discs - vs a 2-4 disc 1TB RAID1 array? -- Daniel From lampacz at gmail.com Thu Sep 1 21:34:40 2011 From: lampacz at gmail.com (Lampa) Date: Thu, 1 Sep 2011 20:34:40 +0200 Subject: [Dovecot] sieve vacation problem (discarding) Message-ID: Hello, i'm using 1.2.15 version on debian. I'm getting "discarding vacation response for message implicitly delivered to " I have domain domain.com which has alias do-main.com. When sending email to main domain (domain.com) seems to be ok, but for aliased domain getting discard ;( I tried "scary things" from http://www.dovecot.org/list/dovecot/2009-August/042360.html require ["vacation", "variables", "envelope"]; if envelope :matches "to" "*" { set "envto" "${1}"; vacation :days 1 :addresses ["${envto}"] :subject "Out of order..." "Body message"; } Is implemented :addresses ["*"] in later 1.2 version ? Where is problem? What i must to do to get this thing working ? Upgrading to version 2.x isn't solution for me now. Thank you for advices and help. -- Lampa From frank at moltke28.B.Shuttle.DE Thu Sep 1 22:09:55 2011 From: frank at moltke28.B.Shuttle.DE (Frank Elsner) Date: Thu, 1 Sep 2011 21:09:55 +0200 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <2AAA5E22-01A2-4405-922F-CA904F92EB12@iki.fi> References: <1314869252.27581.9.camel@hurina> <2AAA5E22-01A2-4405-922F-CA904F92EB12@iki.fi> Message-ID: On Thu, 1 Sep 2011 17:05:56 +0300 Timo Sirainen wrote: > On 1.9.2011, at 16.57, Frank Elsner wrote: > > >> + Statistics tracking via stats service. Exported via doveadm stats. > > > > My 2.0.13 configuration works perfect with dovecot-2.1.alpha1. > > What must I add to my configuration to enable the stats service? > > mail_plugins = $mail_plugins stats > protocol imap { > mail_plugins = $mail_plugins imap_stats > } > plugin { > stats_refresh = 10s > stats_track_cmds = yes > } > > Then you can use doveadm stats top/dump. Ok, works. But when I stop dovecot I get Sep 1 17:08:17 seymour dovecot: master: Warning: Killed with signal 15 (by pid=7896 uid=0 code=kill) Sep 1 17:08:17 seymour dovecot: anvil: Panic: file master-service.c: line 584 (master_service_client_connection_de stroyed): assertion failed: (service->total_available_count > 0) Sep 1 17:08:17 seymour dovecot: auth: Error: read(anvil-auth-penalty) failed: EOF Sep 1 17:08:17 seymour dovecot: auth: Error: net_connect_unix(anvil-auth-penalty) failed: Permission denied --Frank Elsner From kwebb at teradactyl.com Thu Sep 1 22:22:28 2011 From: kwebb at teradactyl.com (Kristen J. Webb) Date: Thu, 01 Sep 2011 13:22:28 -0600 Subject: [Dovecot] thunderbird and subscriptions with sieve In-Reply-To: References: <4E5E9E36.8020904@teradactyl.com> Message-ID: <4E5FDB74.3020002@teradactyl.com> Hi All, Thanks for all the responses! While I like the idea of moving to dovecot 2.x for new features, it is not part of the ubuntu packages, so I'm going to wait. In the end, I found deliver -s in postfix master.cf did the trick. Still the problem with thunderbird not seeing the new folder until restart, but hey, mail client independence is what I'm after anyway ;) Kris On 8/31/11 7:32 PM, Timo Sirainen wrote: > On 31.8.2011, at 23.48, Kristen J. Webb wrote: > >> Is there any way to automatically add folders created by sieve >> (GNU Mailutils 2.1) to the subscriptions file for a user? > > You mean you're using Mailutils Sieve, not Dovecot Sieve? The only reasonable solution I can think of is: > > Mailutils Sieve would have to subscribe to newly created folders itself, maybe by patching it or if it supports running some script then doing it that way. With Dovecot v2.0 it could run "doveadm mailbox subscribe $folder", but with v1.2 you'd have to write your own script. > > Any other solution would basically require always subscribing to all folders, which kind of defeats their whole purpose. > > -- Mr. Kristen J. Webb Teradactyl LLC. PHONE: 1-505-242-1091 EMAIL: kwebb at teradactyl.com VISIT: http://www.teradactyl.com Home of the True incremental Backup System From gfinch at ldmltd.ca Thu Sep 1 23:33:57 2011 From: gfinch at ldmltd.ca (Gregory Finch) Date: Thu, 01 Sep 2011 13:33:57 -0700 Subject: [Dovecot] thunderbird and subscriptions with sieve In-Reply-To: <4E5FDB74.3020002@teradactyl.com> References: <4E5E9E36.8020904@teradactyl.com> <4E5FDB74.3020002@teradactyl.com> Message-ID: <4E5FEC35.9080805@ldmltd.ca> The only time I've seen thunderbird issue a LIST or LSUB command is on startup, or when you open the "Subscribe..." dialog. I believe with the IMAP protocol that is only way to find out about new and newly subscribed folders (I'm not an IMAP guru though...), so with thunderbird, that is by design. -Greg On 2011-09-01 12:22 PM, Kristen J. Webb wrote: > Hi All, > > Thanks for all the responses! While I like the idea > of moving to dovecot 2.x for new features, it is > not part of the ubuntu packages, so I'm going to > wait. In the end, I found deliver -s in postfix master.cf > did the trick. Still the problem with thunderbird not seeing > the new folder until restart, but hey, mail client independence > is what I'm after anyway ;) > > Kris > > On 8/31/11 7:32 PM, Timo Sirainen wrote: >> On 31.8.2011, at 23.48, Kristen J. Webb wrote: >> >>> Is there any way to automatically add folders created by sieve >>> (GNU Mailutils 2.1) to the subscriptions file for a user? >> >> You mean you're using Mailutils Sieve, not Dovecot Sieve? The only >> reasonable solution I can think of is: >> >> Mailutils Sieve would have to subscribe to newly created folders >> itself, maybe by patching it or if it supports running some script >> then doing it that way. With Dovecot v2.0 it could run "doveadm >> mailbox subscribe $folder", but with v1.2 you'd have to write your >> own script. >> >> Any other solution would basically require always subscribing to all >> folders, which kind of defeats their whole purpose. >> >> > -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 260 bytes Desc: OpenPGP digital signature URL: From thomas-lists at nybeta.com Fri Sep 2 03:23:45 2011 From: thomas-lists at nybeta.com (Thomas Harold) Date: Thu, 01 Sep 2011 20:23:45 -0400 Subject: [Dovecot] OT - small hd recommendation In-Reply-To: References: <4E5D5985.6040103@amfes.com> <4E5E8E5F.4050204@nybeta.com> Message-ID: <4E602211.2010800@nybeta.com> On 9/1/2011 12:48 PM, Daniel L. Miller wrote: > > Given my extensive requirements - I haven't yet filled my existing 320GB > - size isn't a big deal. Am I actually deriving much benefit from 4-disk > RAID10 using 160GB discs - vs a 2-4 disc 1TB RAID1 array? > A pair of RAID-1 mirrors: - easy to deal with - you can attempt to manually balance load between the two arrays (storage on one pair, indexes and mail queue on other pair) - disks can be pulled and taken to another machine and read one by one - slightly harder to screw up (but both setups die if the wrong 2 disks fail) RAID-10 over 4 disks: - generally faster seeks - generally faster read/write speeds due to striping - generally the better choice for performance - a bit harder to bury the disks vs a pair of mirrors - lets you have a bigger partition - all the eggs in a single array If you're having performance problems on the existing RAID-10, your only real choices are to throw more spindles at it (move to a 6 or 8 disk RAID-10 w/ a hot-spare disk), throw faster spindles at it (10k/15k SAS), or move to SSD. So, if you think you can manually balance the needs of the system, you could try a pair of independent mirrors. But if you want less hassle, stick with the RAID-10. (And look into a tool like "atop" which can be run in the terminal and does a decent job of showing you whether the CPU/DISK is overly busy.) From thomas-lists at nybeta.com Fri Sep 2 03:30:14 2011 From: thomas-lists at nybeta.com (Thomas Harold) Date: Thu, 01 Sep 2011 20:30:14 -0400 Subject: [Dovecot] sieve vacation problem (discarding) In-Reply-To: References: Message-ID: <4E602396.6080508@nybeta.com> On 9/1/2011 2:34 PM, Lampa wrote: > Hello, > > i'm using 1.2.15 version on debian. > > I'm getting "discarding vacation response for message implicitly > delivered to" > > I have domain domain.com which has alias do-main.com. > > When sending email to main domain (domain.com) seems to be ok, but for > aliased domain getting discard ;( > On our older Dovecot v1 installation, we use the :addresses tag and just put the addresses in (with all the variations). Which may not be as clever as you wanted due to manually listing the recipient addresses, but seems to work for us. require ["vacation"]; vacation :days 1 :subject "Out of office reply" :addresses ["user at example.com", "user at example.net", "user at example.org"] " Body text "; From dyd281 at gmail.com Fri Sep 2 05:34:29 2011 From: dyd281 at gmail.com (Dong Ding) Date: Fri, 2 Sep 2011 10:34:29 +0800 Subject: [Dovecot] Can't got mail by OUTLOOK for a half million mails account Message-ID: Hi, I used postfix always_bcc to backup mail. And up to now the backup account has half million mails in cur/, when I first time tried to receive the mail by outlook, it failed , no responds. Does any one has some good idea to deal with this problem? Thanks From dlie76 at yahoo.com.au Fri Sep 2 07:54:13 2011 From: dlie76 at yahoo.com.au (Daminto Lie) Date: Thu, 1 Sep 2011 21:54:13 -0700 (PDT) Subject: [Dovecot] dovecot imap permission denied In-Reply-To: <1314857277.11811.YahooMailNeo@web113409.mail.gq1.yahoo.com> References: <1314763772.49414.YahooMailNeo@web113404.mail.gq1.yahoo.com> <1314766974.8787.26.camel@hurina> <1314773266.74037.YahooMailNeo@web113409.mail.gq1.yahoo.com> <69D3650A-1B43-42C7-8FBD-C921F80C5D5F@iki.fi> <1314857277.11811.YahooMailNeo@web113409.mail.gq1.yahoo.com> Message-ID: <1314939253.9918.YahooMailNeo@web113413.mail.gq1.yahoo.com> Hi again, I tried it again. This time, I could manage to get rid of the pam_authentication issue (see below). But I still get the invalid credential. I do not understand because based on the article I found at http:// wiki.dovecot.org/AuthDatabase/LDAP/AuthBinds, it does not authenticate by the use of password, unless I miss out on something. It's really frustrating because I feel like I'm that close but not quite there yet. Sep? 2 14:32:01 server1 dovecot: auth(default): client in: AUTH#0111#011PLAIN#011service=imap#011secured#011lip=127.0.0.1#011rip=127.0.0.1#011lport=143#011rport=54128#011resp=AG1pa2VfbGVlAGRsaWUzMjA1 Sep? 2 14:32:01 server1 dovecot: auth(default): ldap(mike_lee,127.0.0.1): invalid credentials (given password: secrets) Sep? 2 14:32:01 server1 dovecot: auth(default): new auth connection: pid=4380 Sep? 2 14:32:03 server1 dovecot: auth(default): client out: FAIL#0111#011user=mike_lee Sep? 2 14:32:08 server1 dovecot: imap-login: Aborted login (auth failed, 1 attempts): user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured Any help is greatly appreciated. Thanks ________________________________ From: Daminto Lie To: Timo Sirainen Cc: "dovecot at dovecot.org" Sent: Thursday, 1 September 2011 4:07 PM Subject: Re: [Dovecot] dovecot imap permission denied Thanks Timo for your reply. It now works fine with Passdb LDAP with password lookups. Users can now login with no problem.? However, when trying to do LDAP authentication with Authentication binds, I received the following errors from mail.log Sep? 1 15:34:22 server1 dovecot: auth(default): client in: AUTH#0111#011PLAIN#011service=imap#011secured#011lip=127.0.0.1#011rip=127.0.0.1#011lport=143#011rport=34719#011resp=AG1pa2VfbGVlAGRsaWUzMjA1 Sep? 1 15:34:22 server1 dovecot: auth-worker(default): pam(mike_lee,127.0.0.1): lookup service=dovecot Sep? 1 15:34:22 server1 dovecot: auth-worker(default): pam(mike_lee,127.0.0.1): #1/1 style=1 msg=Password: Sep? 1 15:34:22 server1 dovecot: auth(default): new auth connection: pid=1947 Sep? 1 15:34:24 server1 dovecot: auth-worker(default): pam(mike_lee,127.0.0.1): pam_authenticate() failed: Authentication failure (password mismatch?) (given password: secrets) Sep? 1 15:34:24 server1 dovecot: auth(default): passwd(mike_lee,127.0.0.1): lookup Sep? 1 15:34:24 server1 dovecot: auth(default): passwd(mike_lee,127.0.0.1): unknown user Sep? 1 15:34:24 server1 dovecot: auth(default): ldap(mike_lee,127.0.0.1): invalid credentials (given password: secrets) Sep? 1 15:34:26 server1 dovecot: auth(default): client out: FAIL#0111#011user=mike_lee Sep? 1 15:34:31 server1 dovecot: imap-login: Aborted login (auth failed, 1 attempts): user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured I do not understand why I am getting pam() authentication issue when I deliberately chose not to use it. The following is the setting I have in dovecot-ldap.conf hosts = localhost #uris = dn = uid=dovecot,ou=accounts,dc=companyexample,dc=com,dc=au dnpass = helloworld #sasl_bind = no #sasl_mech = #sasl_realm = #sasl_authz_id = #tls = no #tls_ca_cert_file = #tls_ca_cert_dir = #tls_cert_file = #tls_key_file = #tls_cipher_suite = #tls_require_cert = #ldaprc_path = #debug_level = 0 auth_bind = yes auth_bind_userdn = cn=%u,ou=accounts,dc=companyexample,dc=com,dc=au ldap_version = 3 base = ou=accounts,dc=companyexample,dc=com,dc=au deref = never scope = subtree user_attrs = homeDirectory=home user_filter = (&(objectClass=posixAccount)(uid=%u)) #pass_attrs = uid=user,userPassword=password pass_filter = (&(objectClass=posixAccount)(uid=%u)) default_pass_scheme = PLAIN This is what I have in dovecot.conf base_dir = /var/run/dovecot protocols = imap ?? protocol imap { ???? listen = *:143 ?? } #?? protocol pop3 { #???? listen = *:10100 #???? .. #?? } #?? protocol managesieve { #???? listen = *:12000 #???? .. #?? } #listen = * disable_plaintext_auth = no log_timestamp = "%Y-%m-%d %H:%M:%S " #ssl_listen = ssl = no #ssl_cert_file = /etc/ssl/certs/dovecot.pem #ssl_key_file = /etc/ssl/private/dovecot.pem #ssl_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem #ssl_key_file = /etc/ssl/private/ssl-cert-snakeoil.key #ssl_key_password = #ssl_ca_file = #ssl_verify_client_cert = no #ssl_cert_username_field = commonName #ssl_parameters_regenerate = 168 #ssl_cipher_list = ALL:!LOW:!SSLv2 #verbose_ssl = no login_dir = /var/run/dovecot/login login_chroot = yes login_user = dovecot #login_process_size = 64 #login_process_per_connection = yes #login_processes_count = 3 #login_max_processes_count = 128 #login_max_connections = 256 #login_greeting = Dovecot ready. #login_trusted_networks = #login_log_format_elements = user=<%u> method=%m rip=%r lip=%l %c #login_log_format = %$: %s mail_location = maildir:/home/%u/Maildir mail_uid = 3000 mail_gid = 8 mail_privileged_group = mail #mail_access_groups = #mail_full_filesystem_access = no #mail_debug = no #mail_log_max_lines_per_sec = 10 #mmap_disable = no #dotlock_use_excl = yes #fsync_disable = no #mail_nfs_index = no #lock_method = fcntl #mail_drop_priv_before_exec = no verbose_proctitle = yes first_valid_uid = 3000 last_valid_uid = 3000 first_valid_gid = 8 last_valid_gid = 8 #max_mail_processes = 512 #mail_process_size = 256 #mail_max_keyword_length = 50 #valid_chroot_dirs = #mail_chroot = #mail_cache_min_mail_count = 0 #mailbox_idle_check_interval = 30 mail_save_crlf = no #maildir_stat_dirs = no maildir_copy_with_hardlinks = yes #maildir_copy_preserve_filename = no #maildir_very_dirty_syncs = no protocol imap { ? #login_executable = /usr/lib/dovecot/imap-login ? #mail_executable = /usr/lib/dovecot/imap ? #imap_max_line_length = 65536 ? #mail_max_userip_connections = 10 ? #mail_plugin_dir = /usr/lib/dovecot/modules/imap ? #imap_logout_format = bytes=%i/%o ? #imap_capability = ? #imap_idle_notify_interval = 120 ? #imap_id_send = ? #imap_id_log = ? imap_client_workarounds = outlook-idle delay-newmail netscape-eoh tb-extra-mailbox-sep oe6-fetch-no-newmail } protocol pop3 { ? pop3_uidl_format = %08Xu%08Xv } protocol managesieve { } #auth_executable = /usr/lib/dovecot/dovecot-auth #auth_process_size = 256 #auth_cache_size = 0 #auth_cache_ttl = 3600 #auth_cache_negative_ttl = 3600 #auth_realms = #auth_default_realm = #auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@ #auth_username_translation = #auth_username_format = #auth_master_user_separator = #auth_anonymous_username = anonymous auth_verbose = yes auth_debug = yes auth_debug_passwords = yes #auth_worker_max_count = 30 #auth_gssapi_hostname = #auth_krb5_keytab = #auth_use_winbind = no #auth_winbind_helper_path = /usr/bin/ntlm_auth #auth_failure_delay = 2 auth default { ? mechanisms = plain ? passdb pam { ? } ? passdb passwd { ? } ? passdb ldap { ??? args = /etc/dovecot/dovecot-ldap.conf ? } ? userdb passwd { ??? args = /etc/dovecot/dovecot-ldap-userdb.conf ? } ? userdb ldap { ??? args = /etc/dovecot/dovecot-ldap.conf ? } ? user = root ? #user = dovecot-auth??? ? #chroot = ? #count = 1 ? #ssl_require_client_cert = no ? #ssl_username_from_cert = no ? socket listen { ??? client { ????? path = /var/spool/postfix/private/auth ????? mode = 0660 ????? user = postfix ????? group = postfix ??? } ? } ? !include_try /etc/dovecot/auth.d/*.auth } plugin { } # Config files can also be included. deliver doesn't support them currently. #!include /etc/dovecot/conf.d/*.conf # Optional configurations, don't give an error if it's not found: !include_try /etc/dovecot/conf.d/*.conf #!include_try /etc/dovecot/extra.conf I wonder where I did it wrong. I did not set pam authentication. Any help would be appreciated. Thank you ________________________________ From: Timo Sirainen To: Daminto Lie Cc: "dovecot at dovecot.org" Sent: Wednesday, 31 August 2011 4:52 PM Subject: Re: [Dovecot] dovecot imap permission denied On 31.8.2011, at 9.47, Daminto Lie wrote: > Thanks a lot Timo, > > Creating directories for new users is not an issue. It's the permission that makes me headache. The error message you showed said that the user's home directory didn't exist, and the permission problem came only because it didn't exist and Dovecot tried to create it. > I tried the following > > sudo chmod o-r /home/$USER > sudo chmod g+rw /home/$USER > > It did not work until I did chmod 777 /home. Right, because only then did it have enough permissions to create the home dir. > Is it safe to make home directory with permission 777? No. From stsiol at yahoo.co.uk Fri Sep 2 08:55:26 2011 From: stsiol at yahoo.co.uk (Spyros Tsiolis) Date: Fri, 2 Sep 2011 06:55:26 +0100 (BST) Subject: [Dovecot] OT - small hd recommendation In-Reply-To: <4E602211.2010800@nybeta.com> References: <4E5D5985.6040103@amfes.com> <4E5E8E5F.4050204@nybeta.com> <4E602211.2010800@nybeta.com> Message-ID: <1314942926.69208.YahooMailNeo@web27208.mail.ukl.yahoo.com> Ditto, Don't know anything on RAID 10 with four disks, but I agree with the two-disk scenario. s. ? ---- "I merely function as a channel that filters music through the chaos of noise" - Vangelis ________________________________ From: Thomas Harold To: dovecot at dovecot.org Sent: Friday, 2 September 2011, 3:23 Subject: Re: [Dovecot] OT - small hd recommendation On 9/1/2011 12:48 PM, Daniel L. Miller wrote: > > Given my extensive requirements - I haven't yet filled my existing 320GB > - size isn't a big deal. Am I actually deriving much benefit from 4-disk > RAID10 using 160GB discs - vs a 2-4 disc 1TB RAID1 array? > A pair of RAID-1 mirrors: - easy to deal with - you can attempt to manually balance load between the two arrays (storage on one pair, indexes and mail queue on other pair) - disks can be pulled and taken to another machine and read one by one - slightly harder to screw up (but both setups die if the wrong 2 disks fail) RAID-10 over 4 disks: - generally faster seeks - generally faster read/write speeds due to striping - generally the better choice for performance - a bit harder to bury the disks vs a pair of mirrors - lets you have a bigger partition - all the eggs in a single array If you're having performance problems on the existing RAID-10, your only real choices are to throw more spindles at it (move to a 6 or 8 disk RAID-10 w/ a hot-spare disk), throw faster spindles at it (10k/15k SAS), or move to SSD. So, if you think you can manually balance the needs of the system, you could try a pair of independent mirrors.? But if you want less hassle, stick with the RAID-10. (And look into a tool like "atop" which can be run in the terminal and does a decent job of showing you whether the CPU/DISK is overly busy.) From robert at schetterer.org Fri Sep 2 10:04:07 2011 From: robert at schetterer.org (Robert Schetterer) Date: Fri, 02 Sep 2011 09:04:07 +0200 Subject: [Dovecot] thunderbird and subscriptions with sieve In-Reply-To: <4E5FDB74.3020002@teradactyl.com> References: <4E5E9E36.8020904@teradactyl.com> <4E5FDB74.3020002@teradactyl.com> Message-ID: <4E607FE7.8030103@schetterer.org> Am 01.09.2011 21:22, schrieb Kristen J. Webb: > Hi All, > > Thanks for all the responses! While I like the idea > of moving to dovecot 2.x for new features, it is > not part of the ubuntu packages, search list archive, there are ubuntu packs dove 2.x out there in some repositories i i.e recompile stuff from here http://xi.rename-it.nl/debian/ on lucid works like charme so I'm going to > wait. In the end, I found deliver -s in postfix master.cf > did the trick. Still the problem with thunderbird not seeing > the new folder until restart, but hey, mail client independence > is what I'm after anyway ;) > > Kris > > On 8/31/11 7:32 PM, Timo Sirainen wrote: >> On 31.8.2011, at 23.48, Kristen J. Webb wrote: >> >>> Is there any way to automatically add folders created by sieve >>> (GNU Mailutils 2.1) to the subscriptions file for a user? >> >> You mean you're using Mailutils Sieve, not Dovecot Sieve? The only >> reasonable solution I can think of is: >> >> Mailutils Sieve would have to subscribe to newly created folders >> itself, maybe by patching it or if it supports running some script >> then doing it that way. With Dovecot v2.0 it could run "doveadm >> mailbox subscribe $folder", but with v1.2 you'd have to write your own >> script. >> >> Any other solution would basically require always subscribing to all >> folders, which kind of defeats their whole purpose. >> >> > -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria From kerem.erciyes at gmail.com Fri Sep 2 10:17:29 2011 From: kerem.erciyes at gmail.com (Kerem Erciyes) Date: Fri, 2 Sep 2011 10:17:29 +0300 Subject: [Dovecot] OT - small hd recommendation In-Reply-To: <1314942926.69208.YahooMailNeo@web27208.mail.ukl.yahoo.com> References: <4E5D5985.6040103@amfes.com> <4E5E8E5F.4050204@nybeta.com> <4E602211.2010800@nybeta.com> <1314942926.69208.YahooMailNeo@web27208.mail.ukl.yahoo.com> Message-ID: Hi, At least, rather than Seagate AS series or some "green" series try using Seagate ST.SV series SATA HDDs, the 10$ difference is woth it. They are certified for 7/24 operation and will not fail on you as quickly. And they perform a little bit faster. Regards, Kerem On Fri, Sep 2, 2011 at 8:55 AM, Spyros Tsiolis wrote: > Ditto, > > Don't know anything on RAID 10 with four disks, but I agree with the two-disk scenario. > > s. > > > > ---- > "I merely function as a channel that filters > music through the chaos of noise" > - Vangelis > > > ________________________________ > From: Thomas Harold > To: dovecot at dovecot.org > Sent: Friday, 2 September 2011, 3:23 > Subject: Re: [Dovecot] OT - small hd recommendation > > On 9/1/2011 12:48 PM, Daniel L. Miller wrote: >> >> Given my extensive requirements - I haven't yet filled my existing 320GB >> - size isn't a big deal. Am I actually deriving much benefit from 4-disk >> RAID10 using 160GB discs - vs a 2-4 disc 1TB RAID1 array? >> > > A pair of RAID-1 mirrors: > > - easy to deal with > - you can attempt to manually balance load between the two arrays (storage on one pair, indexes and mail queue on other pair) > - disks can be pulled and taken to another machine and read one by one > - slightly harder to screw up (but both setups die if the wrong 2 disks fail) > > RAID-10 over 4 disks: > > - generally faster seeks > - generally faster read/write speeds due to striping > - generally the better choice for performance > - a bit harder to bury the disks vs a pair of mirrors > - lets you have a bigger partition > - all the eggs in a single array > > If you're having performance problems on the existing RAID-10, your only real choices are to throw more spindles at it (move to a 6 or 8 disk RAID-10 w/ a hot-spare disk), throw faster spindles at it (10k/15k SAS), or move to SSD. > > So, if you think you can manually balance the needs of the system, you could try a pair of independent mirrors.? But if you want less hassle, stick with the RAID-10. > > (And look into a tool like "atop" which can be run in the terminal and does a decent job of showing you whether the CPU/DISK is overly busy.) -- Kerem Erciyes - Sistem Danismani http://keremerciyes.com From centos.admin at gmail.com Fri Sep 2 11:55:16 2011 From: centos.admin at gmail.com (Emmanuel Noobadmin) Date: Fri, 2 Sep 2011 16:55:16 +0800 Subject: [Dovecot] OT - small hd recommendation In-Reply-To: References: Message-ID: On 8/31/11, Daniel L. Miller wrote: > I'm seeing some warnings & errors in my logs & dmesg - and Google tells > me this can the result of several factors, including the hard drives. I > haven't seen any SMART warnings as yet - but I am getting a little > nervous and thinking about upgrading the storage. Possible to post some of those error messages? > As part of the potential upgrade, I'm considering changing to RAID6 - > seems a bit more efficient use of space. I see no reason for SSD - I It might be more efficient but you'll take a 3x IOPS penalty for writes vs RAID 1/10. Depending on your exact workload, it is most likely going to be a bad idea since you mention that you don't actually need more space. > think a set of reasonable 7200rpm drives should be just fine. What I > don't know is, compared to my current 4 drive RAID10 with SATA 1.5, > would even a single SATA 3 drive be comparable in terms of seek > performance? Should I stick with the RAID-10? Seek performance is largely a matter of I/O latency, SATA 3 only gives you more bandwidth to play with. A SATA 3 4200RPM HDD will seek slower than a SATA 1 7200RPM HDD. For random I/O, more spindles/drives are usually the way to deal with it, like others suggested, splitting your drives into RAID 1 nodes and balancing different workloads on each node is probably your best bet if you don't mind doing it manually. From lists at luigirosa.com Fri Sep 2 12:05:10 2011 From: lists at luigirosa.com (Luigi Rosa) Date: Fri, 02 Sep 2011 11:05:10 +0200 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <32D56AC3-9213-4459-A231-3C41C1C2C18D@iki.fi> References: <1314869252.27581.9.camel@hurina> (auto-added) <2AAA5E22-01A2-4405-922F-CA904F92EB12@iki.fi> <4E5F96B3.8090709@luigirosa.com> <5EDA8C12-D80B-48CD-B69A-A9969609617E@iki.fi> <4E5F9990.6060806@luigirosa.com> <32D56AC3-9213-4459-A231-3C41C1C2C18D@iki.fi> Message-ID: <4E609C46.9010306@luigirosa.com> Timo Sirainen said the following on 01/09/11 16:53: >> Sep 1 16:39:43 mail dovecot: stats: Error: Mail server input error: >> UPDATE-SESSION: stats shrank > Oh.. What OS is this? See what it logs with http://hg.dovecot.org/dovecot-2.1/rev/1c2d8da38a06 Sorry for the delay... Sep 2 11:03:11 mail dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: ucpu 0.5999 < 0.9000 Sep 2 11:03:21 mail dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: ucpu 0.5999 < 0.9000 Sep 2 11:03:42 mail dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: ucpu 0.9998 < 0.15997 Sep 2 11:03:42 mail dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: ucpu 0.3999 < 0.8997 Sep 2 11:03:43 mail dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: ucpu 0.1999 < 0.3999 Sep 2 11:03:45 mail dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: ucpu 0.6998 < 0.6999 Sep 2 11:03:52 mail dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: ucpu 0.3999 < 0.8997 Sep 2 11:03:54 mail dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: ucpu 0.10998 < 0.18997 Sep 2 11:03:54 mail dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: ucpu 0.5999 < 0.10000 Sep 2 11:03:55 mail dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: ucpu 0.6998 < 0.6999 Ciao, luigi -- / +--[Luigi Rosa]-- \ I don't think we have the right or the wisdom to interfere, however a planet is evolving. --James Kirk, "The Omega Glory" From lists at luigirosa.com Fri Sep 2 12:46:25 2011 From: lists at luigirosa.com (Luigi Rosa) Date: Fri, 02 Sep 2011 11:46:25 +0200 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <32D56AC3-9213-4459-A231-3C41C1C2C18D@iki.fi> References: <1314869252.27581.9.camel@hurina> (auto-added) <2AAA5E22-01A2-4405-922F-CA904F92EB12@iki.fi> <4E5F96B3.8090709@luigirosa.com> <5EDA8C12-D80B-48CD-B69A-A9969609617E@iki.fi> <4E5F9990.6060806@luigirosa.com> <32D56AC3-9213-4459-A231-3C41C1C2C18D@iki.fi> Message-ID: <4E60A5F1.8000401@luigirosa.com> Timo Sirainen said the following on 01/09/11 16:53: > Oh.. What OS is this? See what it logs with http://hg.dovecot.org/dovecot-2.1/rev/1c2d8da38a06 Between a lot of ucpu events logged there are some like: Sep 2 11:41:52 mail dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: minflt 787 < 790 Sep 2 11:42:02 mail dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: minflt 787 < 790 Sep 2 11:43:42 mail dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: diskout 140735698723992 < 167507184 Sep 2 11:43:52 mail dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: diskout 140735698723992 < 167507184 Ciao, luigi -- / +--[Luigi Rosa]-- \ A beer delayed is a beer denied. From tlx at leuxner.net Fri Sep 2 13:21:33 2011 From: tlx at leuxner.net (Thomas Leuxner) Date: Fri, 2 Sep 2011 12:21:33 +0200 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <1314869252.27581.9.camel@hurina> References: <1314869252.27581.9.camel@hurina> Message-ID: <20110902102133.GA6623@nihlus.leuxner.net> Hi, any idea why STARTTLS would not work after replacing 2.0.14 with the alpha? When STARTTLS is not requested by the client it can connect. Config is unaltered working 2.0.14 one. Regards Thomas -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: Digital signature URL: From dovecot.user at seibercom.net Fri Sep 2 13:43:33 2011 From: dovecot.user at seibercom.net (Jerry) Date: Fri, 2 Sep 2011 06:43:33 -0400 Subject: [Dovecot] Can't got mail by OUTLOOK for a half million mails account In-Reply-To: References: Message-ID: <20110902064333.728fb20e@scorpio> On Fri, 2 Sep 2011 10:34:29 +0800 Dong Ding articulated: > Hi, > > I used postfix always_bcc to backup mail. And up to now the backup > account has half million mails in cur/, when I first time tried to > receive the mail by outlook, it failed , no responds. > > Does any one has some good idea to deal with this problem? You have got to supply some info. The output of "dovecot -n", "postfix -n" and any log files created would be a good start. In addition, the output from "Outlook" would be invaluable. Specifying the versions of all the applications involved would be a plus also. No one here has a crystal ball, or at least I don't. -- Jerry ? Dovecot.user at seibercom.net Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __________________________________________________________________ According to all the latest reports, there was no truth in any of the earlier reports. From klinkov at yandex.ru Fri Sep 2 14:26:10 2011 From: klinkov at yandex.ru (Stanislav Klinkov) Date: Fri, 02 Sep 2011 15:26:10 +0400 Subject: [Dovecot] [Solved] Kerberos GSSAPI - proper item name in keytab In-Reply-To: References: <4E5B9682.1040408@yandex.ru> <4E5F8E60.9040701@yandex.ru> Message-ID: <4E60BD52.7090706@yandex.ru> > Thanks for sharing solved problem. Thanks for participation too. > But I think this question better to forward to Kerberos mailing list. Unfortunately, I have difficulties with making a competent wording of my question. Source codes of KRB5 libs explode my brain. I cant understand them deeply and find the exact function that is directly dependent on network configuration. So, if someone would give me a hint, I'll try to continue my "investigation" to get to the truth. :) From gfinch at ldmltd.ca Fri Sep 2 18:01:25 2011 From: gfinch at ldmltd.ca (Gregory Finch) Date: Fri, 02 Sep 2011 08:01:25 -0700 Subject: [Dovecot] Can't got mail by OUTLOOK for a half million mails account In-Reply-To: References: Message-ID: <4E60EFC5.7050103@ldmltd.ca> Depending on Outlook pst format, I know the old (outlook 2000) format can't have more than 16383 or 32767 (can't remember which) messages in a single folder. Ran into this problem at our office once. Best solution was to use sieve to split the mail archive into folders by year and by month. This makes it easier to copy the archive offline as well. -Greg On 2011-09-01 7:34 PM, Dong Ding wrote: > Hi, > > I used postfix always_bcc to backup mail. And up to now the backup account > has half million mails in cur/, when I first time tried to receive the mail > by outlook, it failed , no responds. > > Does any one has some good idea to deal with this problem? > > > Thanks > -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 260 bytes Desc: OpenPGP digital signature URL: From stephan at rename-it.nl Fri Sep 2 20:25:18 2011 From: stephan at rename-it.nl (Stephan Bosch) Date: Fri, 02 Sep 2011 19:25:18 +0200 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <20110902102133.GA6623@nihlus.leuxner.net> References: <1314869252.27581.9.camel@hurina> <20110902102133.GA6623@nihlus.leuxner.net> Message-ID: <4E61117E.1030902@rename-it.nl> On 9/2/2011 12:21 PM, Thomas Leuxner wrote: > Hi, > > any idea why STARTTLS would not work after replacing 2.0.14 with the > alpha? When STARTTLS is not requested by the client it can connect. Config > is unaltered working 2.0.14 one. Are you perhaps using the automated Debian packages? Regards, Stephan. From tlx at leuxner.net Fri Sep 2 20:48:30 2011 From: tlx at leuxner.net (Thomas Leuxner) Date: Fri, 2 Sep 2011 19:48:30 +0200 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <4E61117E.1030902@rename-it.nl> References: <1314869252.27581.9.camel@hurina> <20110902102133.GA6623@nihlus.leuxner.net> <4E61117E.1030902@rename-it.nl> Message-ID: Am 02.09.2011 um 19:25 schrieb Stephan Bosch: > Are you perhaps using the automated Debian packages? > > Regards, > > Stephan. Indeed I am. Guilty... From thomas-lists at nybeta.com Fri Sep 2 21:29:47 2011 From: thomas-lists at nybeta.com (Thomas Harold) Date: Fri, 02 Sep 2011 14:29:47 -0400 Subject: [Dovecot] Can't got mail by OUTLOOK for a half million mails account In-Reply-To: References: Message-ID: <4E61209B.5090305@nybeta.com> On 9/1/2011 10:34 PM, Dong Ding wrote: > > I used postfix always_bcc to backup mail. And up to now the backup account > has half million mails in cur/, when I first time tried to receive the mail > by outlook, it failed , no responds. > > Does any one has some good idea to deal with this problem? > If it's IMAP, you may have to try Thunderbird or some other IMAP client. But most are going to horribly die past 100k messages in a single folder (and some will die much sooner). There's also the brute force method of moving 90% of the messages to some other temporary folder on the file system, grabbing the 50k that are left. Then moving messages back into the new/ folder in batches of 50k or so. I'll echo Gregory's comment that you really need to setup some sort of Sieve rules to split out messages to sub-folders on-the-fly going forward. From stephan at rename-it.nl Fri Sep 2 21:35:25 2011 From: stephan at rename-it.nl (Stephan Bosch) Date: Fri, 02 Sep 2011 20:35:25 +0200 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: References: <1314869252.27581.9.camel@hurina> <20110902102133.GA6623@nihlus.leuxner.net> <4E61117E.1030902@rename-it.nl> Message-ID: <4E6121ED.5020204@rename-it.nl> On 9/2/2011 7:48 PM, Thomas Leuxner wrote: > Am 02.09.2011 um 19:25 schrieb Stephan Bosch: > >> Are you perhaps using the automated Debian packages? >> >> Regards, >> >> Stephan. > Indeed I am. Guilty... Then, it actually is my fault. The v2.1 packages also involve a login patch of mine, which apparently broke STARTTLS. I've fixed it and a new set of packages is available within the hour. Regards, Stephan. From tlx at leuxner.net Fri Sep 2 21:38:05 2011 From: tlx at leuxner.net (Thomas Leuxner) Date: Fri, 2 Sep 2011 20:38:05 +0200 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <4E6121ED.5020204@rename-it.nl> References: <1314869252.27581.9.camel@hurina> <20110902102133.GA6623@nihlus.leuxner.net> <4E61117E.1030902@rename-it.nl> <4E6121ED.5020204@rename-it.nl> Message-ID: <3C903640-F45B-4BEE-ADEF-077D4592B796@leuxner.net> Am 02.09.2011 um 20:35 schrieb Stephan Bosch: > > Then, it actually is my fault. The v2.1 packages also involve a login patch of mine, which apparently broke STARTTLS. I've fixed it and a new set of packages is available within the hour. > > Regards, > > Stephan. I shall then rebuild as suggested. Thanks Stephan and guilty you :) From stephan at rename-it.nl Sat Sep 3 00:15:27 2011 From: stephan at rename-it.nl (Stephan Bosch) Date: Fri, 02 Sep 2011 23:15:27 +0200 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <3C903640-F45B-4BEE-ADEF-077D4592B796@leuxner.net> References: <1314869252.27581.9.camel@hurina> <20110902102133.GA6623@nihlus.leuxner.net> <4E61117E.1030902@rename-it.nl> <4E6121ED.5020204@rename-it.nl> <3C903640-F45B-4BEE-ADEF-077D4592B796@leuxner.net> Message-ID: <4E61476F.9090601@rename-it.nl> On 9/2/2011 8:38 PM, Thomas Leuxner wrote: > Am 02.09.2011 um 20:35 schrieb Stephan Bosch: >> Then, it actually is my fault. The v2.1 packages also involve a login patch of mine, which apparently broke STARTTLS. I've fixed it and a new set of packages is available within the hour. >> >> Regards, >> >> Stephan. > I shall then rebuild as suggested. Thanks Stephan and guilty you :) D'oh, builder did not update from patch repositories. Starting build now... Regards, Stephan. From kwebb at teradactyl.com Sat Sep 3 01:46:56 2011 From: kwebb at teradactyl.com (Kristen J. Webb) Date: Fri, 02 Sep 2011 16:46:56 -0600 Subject: [Dovecot] Control of \Seen flags dovecot 1.2.9 Message-ID: <4E615CE0.6080209@teradactyl.com> Hi All, I have public mailboxes working with ACL's now, and I'm testing the ACL behavior. I've added lrws to two users so they can check off the messages they have read. I'm using CONTROL and INDEX in the location parameter for the namespace. It appears that if one user marks a message as read, all users see that message read. Is there any way to configure dovecot, so that each user maintains their own view of read messages? Relevant config (i think): namespace private { separator = / prefix = location = maildir:/home/vmail/%d/%n/Maildir:LAYOUT=fs inbox = yes } namespace public { separator = / prefix = Public/ location = maildir:/home/vmail/Public:LAYOUT=fs:CONTROL=/home/vmail/%d/%n/Maildir/Public:INDEX=/home/vmail/%d/%n/Maildir/Public subscriptions = no } -- Mr. Kristen J. Webb Teradactyl LLC. PHONE: 1-505-242-1091 EMAIL: kwebb at teradactyl.com VISIT: http://www.teradactyl.com Home of the True incremental Backup System From kwebb at teradactyl.com Sat Sep 3 03:38:19 2011 From: kwebb at teradactyl.com (Kristen J. Webb) Date: Fri, 02 Sep 2011 18:38:19 -0600 Subject: [Dovecot] Control of \Seen flags dovecot 1.2.9 In-Reply-To: <4E615CE0.6080209@teradactyl.com> References: <4E615CE0.6080209@teradactyl.com> Message-ID: <4E6176FB.4090001@teradactyl.com> Sorry, I cleaned out all of my Maildirs and public folders and started over. Also changed ACL to lrs, and so far, everything is working as expected. Kris On 9/2/11 4:46 PM, Kristen J. Webb wrote: > Hi All, > > I have public mailboxes working with ACL's now, and I'm testing the ACL > behavior. I've added lrws to two users so they can check off the messages > they have read. I'm using CONTROL and INDEX in the location parameter for > the namespace. It appears that if one user marks a message as read, > all users see that message read. > > Is there any way to configure dovecot, so that each user maintains their > own view of read messages? > > > Relevant config (i think): > > namespace private { > separator = / > prefix = > location = maildir:/home/vmail/%d/%n/Maildir:LAYOUT=fs > inbox = yes > } > > namespace public { > separator = / > prefix = Public/ > location = > maildir:/home/vmail/Public:LAYOUT=fs:CONTROL=/home/vmail/%d/%n/Maildir/Public:INDEX=/home/vmail/%d/%n/Maildir/Public > > subscriptions = no > } > -- Mr. Kristen J. Webb Teradactyl LLC. PHONE: 1-505-242-1091 EMAIL: kwebb at teradactyl.com VISIT: http://www.teradactyl.com Home of the True incremental Backup System From kuizhang at gmail.com Sat Sep 3 06:06:18 2011 From: kuizhang at gmail.com (Kui Zhang) Date: Fri, 2 Sep 2011 20:06:18 -0700 Subject: [Dovecot] Possible signed/unsigned bug in libdovecot-storage (2:2.0.14 ) Message-ID: Hello We are getting following errors when moving mail from inbox to any folder. "Message has been copied too many times (32767+1)" lazy_expunge is enabled. Error messages seems to be from libdovecot-storage. Any one can confirm the bug? or knows of a work around? Thanks K.Z From tlx at leuxner.net Sat Sep 3 08:07:17 2011 From: tlx at leuxner.net (Thomas Leuxner) Date: Sat, 3 Sep 2011 07:07:17 +0200 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <4E61476F.9090601@rename-it.nl> References: <1314869252.27581.9.camel@hurina> <20110902102133.GA6623@nihlus.leuxner.net> <4E61117E.1030902@rename-it.nl> <4E6121ED.5020204@rename-it.nl> <3C903640-F45B-4BEE-ADEF-077D4592B796@leuxner.net> <4E61476F.9090601@rename-it.nl> Message-ID: Am 02.09.2011 um 23:15 schrieb Stephan Bosch: > D'oh, builder did not update from patch repositories. Starting build now... > > Regards, > > Stephan. Working now :) Minor glitch I noticed for the build: Appears 'libpq5' is required by 'dovecot-common' even if no SQL package is installed? Wonder if that works as designed. dpkg: dependency problems prevent configuration of dovecot-common: dovecot-common depends on libpq5 (>= 8.4~0cvs20090328); however: Package libpq5 is not installed. dpkg: error processing dovecot-common (--install): dependency problems - leaving unconfigured From tss at iki.fi Sat Sep 3 08:36:09 2011 From: tss at iki.fi (Timo Sirainen) Date: Sat, 3 Sep 2011 08:36:09 +0300 Subject: [Dovecot] Possible signed/unsigned bug in libdovecot-storage (2:2.0.14 ) In-Reply-To: References: Message-ID: <08CD5CF9-B82B-4F16-9729-C522C12BEE34@iki.fi> On 3.9.2011, at 6.06, Kui Zhang wrote: > We are getting following errors when moving mail from inbox to any folder. > > "Message has been copied too many times (32767+1)" mdbox? Is it actually copied that many times? From dovecot-ml at makomi.de Sat Sep 3 09:33:43 2011 From: dovecot-ml at makomi.de (=?iso-8859-1?Q?Michael_K=F6hler?=) Date: Sat, 3 Sep 2011 08:33:43 +0200 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <4E61117E.1030902@rename-it.nl> References: <1314869252.27581.9.camel@hurina> <20110902102133.GA6623@nihlus.leuxner.net> <4E61117E.1030902@rename-it.nl> Message-ID: <6B523955-CA60-4F3E-A89A-8EF12E7F280C@makomi.de> Hello Stephan, Am 02.09.2011 um 19:25 schrieb Stephan Bosch: > Are you perhaps using the automated Debian packages? I?m also upgraded to latest Debian version and I?ve got the following errors: Preparing to replace dovecot-managesieved 2:2.0.13-0~auto+71 (using .../dovecot-managesieved_2%3a2.0.14-0~auto+4_amd64.deb) ... Stopping IMAP/POP3 mail server: dovecot. Unpacking replacement dovecot-managesieved ... doveconf: Error: Module is for different version 2.0.14: /usr/lib/dovecot/modules/settings/libmanagesieve_login_settings.so doveconf: Error: Module is for different version 2.0.14: /usr/lib/dovecot/modules/settings/libmanagesieve_settings.so doveconf: Error: service(managesieve-login): executable is empty doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf: service(managesieve-login): executable is empty Starting IMAP/POP3 mail server: dovecotdoveconf: Error: Module is for different version 2.0.14: /usr/lib/dovecot/modules/settings/libmanagesieve_login_settings.so doveconf: Error: Module is for different version 2.0.14: /usr/lib/dovecot/modules/settings/libmanagesieve_settings.so doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf: service(managesieve-login): executable is empty Preparing to replace dovecot-sieve 2:2.0.13-0~auto+71 (using .../dovecot-sieve_2%3a2.0.14-0~auto+4_amd64.deb) ... Unpacking replacement dovecot-sieve ... doveconf: Error: Module is for different version 2.0.14: /usr/lib/dovecot/modules/settings/libmanagesieve_login_settings.so doveconf: Error: Module is for different version 2.0.14: /usr/lib/dovecot/modules/settings/libmanagesieve_settings.so doveconf: Error: service(managesieve-login): executable is empty doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf: service(managesieve-login): executable is empty Starting IMAP/POP3 mail server: dovecotdoveconf: Error: Module is for different version 2.0.14: /usr/lib/dovecot/modules/settings/libmanagesieve_login_settings.so doveconf: Error: Module is for different version 2.0.14: /usr/lib/dovecot/modules/settings/libmanagesieve_settings.so doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf: service(managesieve-login): executable is empty Preparing to replace dovecot-lmtpd 2:2.0.13-0~auto+71 (using .../dovecot-lmtpd_2%3a2.0.14-0~auto+4_amd64.deb) ... doveconf: Error: Module is for different version 2.0.14: /usr/lib/dovecot/modules/settings/libmanagesieve_login_settings.so doveconf: Error: Module is for different version 2.0.14: /usr/lib/dovecot/modules/settings/libmanagesieve_settings.so doveconf: Error: service(managesieve-login): executable is empty doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf: service(managesieve-login): executable is empty Stopping IMAP/POP3 mail server: dovecot. Unpacking replacement dovecot-lmtpd ... doveconf: Error: Module is for different version 2.0.14: /usr/lib/dovecot/modules/settings/libmanagesieve_login_settings.so doveconf: Error: Module is for different version 2.0.14: /usr/lib/dovecot/modules/settings/libmanagesieve_settings.so doveconf: Error: service(managesieve-login): executable is empty doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf: service(managesieve-login): executable is empty Starting IMAP/POP3 mail server: dovecotdoveconf: Error: Module is for different version 2.0.14: /usr/lib/dovecot/modules/settings/libmanagesieve_login_settings.so doveconf: Error: Module is for different version 2.0.14: /usr/lib/dovecot/modules/settings/libmanagesieve_settings.so doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf: service(managesieve-login): executable is empty Preparing to replace dovecot-common 2:2.0.13-0~auto+71 (using .../dovecot-common_2%3a2.0.14-0~auto+4_amd64.deb) ... doveconf: Error: Module is for different version 2.0.14: /usr/lib/dovecot/modules/settings/libmanagesieve_login_settings.so doveconf: Error: Module is for different version 2.0.14: /usr/lib/dovecot/modules/settings/libmanagesieve_settings.so doveconf: Error: service(managesieve-login): executable is empty doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf: service(managesieve-login): executable is empty Stopping IMAP/POP3 mail server: dovecot. Or isn?t it a problem? At this time I don?t use sieve. Greetings, Michael From stephan at rename-it.nl Sat Sep 3 11:04:00 2011 From: stephan at rename-it.nl (Stephan Bosch) Date: Sat, 03 Sep 2011 10:04:00 +0200 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <6B523955-CA60-4F3E-A89A-8EF12E7F280C@makomi.de> References: <1314869252.27581.9.camel@hurina> <20110902102133.GA6623@nihlus.leuxner.net> <4E61117E.1030902@rename-it.nl> <6B523955-CA60-4F3E-A89A-8EF12E7F280C@makomi.de> Message-ID: <4E61DF70.5090309@rename-it.nl> On 9/3/2011 8:33 AM, Michael K?hler wrote: > Hello Stephan, > > Am 02.09.2011 um 19:25 schrieb Stephan Bosch: >> Are you perhaps using the automated Debian packages? > I?m also upgraded to latest Debian version and I?ve got the following errors: > > Preparing to replace dovecot-managesieved 2:2.0.13-0~auto+71 (using .../dovecot-managesieved_2%3a2.0.14-0~auto+4_amd64.deb) ... > Stopping IMAP/POP3 mail server: dovecot. > Unpacking replacement dovecot-managesieved ... > doveconf: Error: Module is for different version 2.0.14: /usr/lib/dovecot/modules/settings/libmanagesieve_login_settings.so > doveconf: Error: Module is for different version 2.0.14: /usr/lib/dovecot/modules/settings/libmanagesieve_settings.so > doveconf: Error: service(managesieve-login): executable is empty > doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf: service(managesieve-login): executable is empty > [...] > > Or isn?t it a problem? At this time I don?t use sieve. I've seen this the first time too and it disappeared on the second update. Not sure why this happens like this, but I have a feeling it will return at the upgrade to alpha2. Regards, Stephan. From stephan at rename-it.nl Sat Sep 3 11:56:58 2011 From: stephan at rename-it.nl (Stephan Bosch) Date: Sat, 03 Sep 2011 10:56:58 +0200 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: References: <1314869252.27581.9.camel@hurina> <20110902102133.GA6623@nihlus.leuxner.net> <4E61117E.1030902@rename-it.nl> <4E6121ED.5020204@rename-it.nl> <3C903640-F45B-4BEE-ADEF-077D4592B796@leuxner.net> <4E61476F.9090601@rename-it.nl> Message-ID: <4E61EBDA.20906@rename-it.nl> On 9/3/2011 7:07 AM, Thomas Leuxner wrote: > Am 02.09.2011 um 23:15 schrieb Stephan Bosch: > >> D'oh, builder did not update from patch repositories. Starting build now... >> >> Regards, >> >> Stephan. > Working now :) Minor glitch I noticed for the build: Appears 'libpq5' is required by 'dovecot-common' even if no SQL package is installed? Wonder if that works as designed. > > dpkg: dependency problems prevent configuration of dovecot-common: > dovecot-common depends on libpq5 (>= 8.4~0cvs20090328); however: > Package libpq5 is not installed. > dpkg: error processing dovecot-common (--install): > dependency problems - leaving unconfigured Those dependencies are added automatically and are probably caused by the following: For dovecot-2.0: $ ldd .libs/libdovecot-sql.so linux-vdso.so.1 => (0x00007fff03dc3000) libdl.so.2 => /lib/libdl.so.2 (0x00007f981d3a9000) librt.so.1 => /lib/librt.so.1 (0x00007f981d1a1000) libc.so.6 => /lib/libc.so.6 (0x00007f981ce3f000) /lib64/ld-linux-x86-64.so.2 (0x00007f981d7bf000) libpthread.so.0 => /lib/libpthread.so.0 (0x00007f981cc23000) For dovecot-2.1: $ ldd .libs/libdovecot-sql.so linux-vdso.so.1 => (0x00007fffc5549000) libdovecot.so.0 => dovecot-2.1/src/lib-dovecot/.libs/libdovecot.so.0 (0x00007f0372414000) libmysqlclient.so.16 => /usr/lib/libmysqlclient.so.16 (0x00007f0371fe9000) libpq.so.5 => /usr/lib/libpq.so.5 (0x00007f0371dc0000) libsqlite3.so.0 => /usr/lib/libsqlite3.so.0 (0x00007f0371b29000) [lots more ...] As you can see, libdovecot-sql.so now has dependencies on mysql, pgsql and sqlite. I am not sure why. The following change seems to be the cause: --- dovecot-2.0/src/lib-sql/Makefile.am 2011-04-16 22:02:06.000000000 +0200 +++ dovecot-2.1/src/lib-sql/Makefile.am 2011-08-25 23:16:57.000000000 +0200 @@ -66,7 +72,11 @@ pkglib_LTLIBRARIES = libdovecot-sql.la libdovecot_sql_la_SOURCES = -libdovecot_sql_la_LIBADD = libsql.la $(MODULE_LIBS) +libdovecot_sql_la_LIBADD = libsql.la $(deplibs) \ + $(MYSQL_LIBS) \ + $(PGSQL_LIBS) \ + $(SQLITE_LIBS) \ + $(MODULE_LIBS) libdovecot_sql_la_DEPENDENCIES = libsql.la libdovecot_sql_la_LDFLAGS = -export-dynamic Timo, any ideas? Regards, Stephan. From tss at iki.fi Sat Sep 3 12:05:31 2011 From: tss at iki.fi (Timo Sirainen) Date: Sat, 3 Sep 2011 12:05:31 +0300 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <4E61EBDA.20906@rename-it.nl> References: <1314869252.27581.9.camel@hurina> <20110902102133.GA6623@nihlus.leuxner.net> <4E61117E.1030902@rename-it.nl> <4E6121ED.5020204@rename-it.nl> <3C903640-F45B-4BEE-ADEF-077D4592B796@leuxner.net> <4E61476F.9090601@rename-it.nl> <4E61EBDA.20906@rename-it.nl> Message-ID: <7F458A22-E5FD-4E53-8039-3FC5F035AD60@iki.fi> On 3.9.2011, at 11.56, Stephan Bosch wrote: > As you can see, libdovecot-sql.so now has dependencies on mysql, pgsql and sqlite. I am not sure why. The following change seems to be the cause: > > --- dovecot-2.0/src/lib-sql/Makefile.am 2011-04-16 22:02:06.000000000 +0200 > +++ dovecot-2.1/src/lib-sql/Makefile.am 2011-08-25 23:16:57.000000000 +0200 > @@ -66,7 +72,11 @@ > > pkglib_LTLIBRARIES = libdovecot-sql.la > libdovecot_sql_la_SOURCES = > -libdovecot_sql_la_LIBADD = libsql.la $(MODULE_LIBS) > +libdovecot_sql_la_LIBADD = libsql.la $(deplibs) \ > + $(MYSQL_LIBS) \ > + $(PGSQL_LIBS) \ > + $(SQLITE_LIBS) \ > + $(MODULE_LIBS) > libdovecot_sql_la_DEPENDENCIES = libsql.la > libdovecot_sql_la_LDFLAGS = -export-dynamic > > Timo, any ideas? http://hg.dovecot.org/dovecot-2.1/rev/d2b27eae9221 probably helps? From kuizhang at gmail.com Sat Sep 3 12:29:07 2011 From: kuizhang at gmail.com (Kui Zhang) Date: Sat, 3 Sep 2011 02:29:07 -0700 Subject: [Dovecot] Possible signed/unsigned bug in libdovecot-storage (2:2.0.14 ) In-Reply-To: <08CD5CF9-B82B-4F16-9729-C522C12BEE34@iki.fi> References: <08CD5CF9-B82B-4F16-9729-C522C12BEE34@iki.fi> Message-ID: it is mdbox, file size 10M I dont know if the message was ever copy that many times. I dont know any way to tell. I was able to trigger the error message with following. a uid copy 726974 inbox_2 epoll_wait(5, {{EPOLLIN, {u32=39151008, u64=39151008}}}, 3, 18653) = 1 read(0, "a uid copy 726974 Inbox_2\n", 7545) = 26 stat("/home/user_name/mdbox/mailboxes/Inbox_2/dbox-Mails", {st_dev=makedev(9, 3), st_ino=44696357, st_mode=S_IFDIR|0700, st_nlink=2, st_uid=1000, st_gid=1000, st_blksize=4096, st_blocks=8, st_size=4096, st_atime=2011/09/02-19:27:08, st_mtime=2011/09/03-00:05:26, st_ctime=2011/09/03-00:05:26}) = 0 stat("/home/user_name/mdbox/mailboxes/Inbox_2/dbox-Mails", {st_dev=makedev(9, 3), st_ino=44696357, st_mode=S_IFDIR|0700, st_nlink=2, st_uid=1000, st_gid=1000, st_blksize=4096, st_blocks=8, st_size=4096, st_atime=2011/09/02-19:27:08, st_mtime=2011/09/03-00:05:26, st_ctime=2011/09/03-00:05:26}) = 0 stat("/home/user_name/mdbox/mailboxes/Inbox_2", {st_dev=makedev(9, 3), st_ino=44696356, st_mode=S_IFDIR|0700, st_nlink=3, st_uid=1000, st_gid=1000, st_blksize=4096, st_blocks=8, st_size=4096, st_atime=2011/09/02-19:27:08, st_mtime=2011/09/02-19:27:08, st_ctime=2011/09/02-19:27:08}) = 0 stat("/home/user_name/mdbox/mailboxes/Inbox_2", {st_dev=makedev(9, 3), st_ino=44696356, st_mode=S_IFDIR|0700, st_nlink=3, st_uid=1000, st_gid=1000, st_blksize=4096, st_blocks=8, st_size=4096, st_atime=2011/09/02-19:27:08, st_mtime=2011/09/02-19:27:08, st_ctime=2011/09/02-19:27:08}) = 0 stat("/home/user_name/mdbox/mailboxes/Inbox_2/dbox-Mails", {st_dev=makedev(9, 3), st_ino=44696357, st_mode=S_IFDIR|0700, st_nlink=2, st_uid=1000, st_gid=1000, st_blksize=4096, st_blocks=8, st_size=4096, st_atime=2011/09/02-19:27:08, st_mtime=2011/09/03-00:05:26, st_ctime=2011/09/03-00:05:26}) = 0 open("/home/user_name/mdbox/mailboxes/Inbox_2/dbox-Mails/dovecot.index.log", O_RDWR) = 11 fstat(11, {st_dev=makedev(9, 3), st_ino=44696360, st_mode=S_IFREG|0600, st_nlink=1, st_uid=1000, st_gid=1000, st_blksize=4096, st_blocks=40, st_size=16404, st_atime=2011/09/02-19:32:11, st_mtime=2011/09/03-00:05:26, st_ctime=2011/09/03-00:05:26}) = 0 pread(11, "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx") open("/home/user_name/mdbox/mailboxes/Inbox_2/dbox-Mails/dovecot.index", O_RDWR) = 12 alarm(120) = 0 fcntl(12, F_SETLKW, {type=F_RDLCK, whence=SEEK_SET, start=0, len=0}) = 0 alarm(0) = 120 fstat(12, {st_dev=makedev(9, 3), st_ino=44696353, st_mode=S_IFREG|0600, st_nlink=1, st_uid=1000, st_gid=1000, st_blksize=4096, st_blocks=72, st_size=33504, st_atime=2011/09/03-00:05:26, st_mtime=2011/09/03-00:05:26, st_ctime=2011/09/03-00:05:26}) = 0 pread(12, "xxxxxxxxxxxxxxxxxxxxxxxxxx") pread(12, "xxxxxxxxxxxxxxxxxxxxxxxxxx") fcntl(12, F_SETLK, {type=F_UNLCK, whence=SEEK_SET, start=0, len=0}) = 0 fstat(11, {st_dev=makedev(9, 3), st_ino=44696360, st_mode=S_IFREG|0600, st_nlink=1, st_uid=1000, st_gid=1000, st_blksize=4096, st_blocks=40, st_size=16404, st_atime=2011/09/02-19:32:11, st_mtime=2011/09/03-00:05:26, st_ctime=2011/09/03-00:05:26}) = 0 pread(11, "", 8192, 16404) = 0 stat("/home/user_name/mdbox/storage/dovecot.map.index.log", {st_dev=makedev(9, 3), st_ino=42730409, st_mode=S_IFREG|0600, st_nlink=1, st_uid=1000, st_gid=1000, st_blksize=4096, st_blocks=56, st_size=22356, st_atime=2011/09/02-19:31:53, st_mtime=2011/09/03-01:48:40, st_ctime=2011/09/03-01:48:40}) = 0 fstat(9, {st_dev=makedev(9, 3), st_ino=42730409, st_mode=S_IFREG|0600, st_nlink=1, st_uid=1000, st_gid=1000, st_blksize=4096, st_blocks=56, st_size=22356, st_atime=2011/09/02-19:31:53, st_mtime=2011/09/03-01:48:40, st_ctime=2011/09/03-01:48:40}) = 0 fstat(9, {st_dev=makedev(9, 3), st_ino=42730409, st_mode=S_IFREG|0600, st_nlink=1, st_uid=1000, st_gid=1000, st_blksize=4096, st_blocks=56, st_size=22356, st_atime=2011/09/02-19:31:53, st_mtime=2011/09/03-01:48:40, st_ctime=2011/09/03-01:48:40}) = 0 open("/home/user_name/mdbox/mailboxes/Inbox_2/dbox-Mails/dovecot.index.cache", O_RDWR) = 13 fstat(13, {st_dev=makedev(9, 3), st_ino=44696366, st_mode=S_IFREG|0600, st_nlink=1, st_uid=1000, st_gid=1000, st_blksize=4096, st_blocks=1608, st_size=818176, st_atime=2011/09/02-19:28:48, st_mtime=2011/09/02-20:11:59, st_ctime=2011/09/02-20:11:59}) = 0 mmap(NULL, 818176, PROT_READ, MAP_SHARED, 13, 0) = 0x7f8d081f2000 pread(14, "xxxxxxxxxxxxxxxxxxxxxxxxx") pread(14, "xxxxxxxxxxxxxxxxxxxxxxxxx") fstat(14, {st_dev=makedev(9, 3), st_ino=42731774, st_mode=S_IFREG|0600, st_nlink=1, st_uid=1000, st_gid=1000, st_blksize=4096, st_blocks=20480, st_size=10484876, st_atime=2011/09/02-19:26:41, st_mtime=2011/09/02-19:26:43, st_ctime=2011/09/02-19:26:43}) = 0 stat("/home/user_name/mdbox", {st_dev=makedev(9, 3), st_ino=42729592, st_mode=S_IFDIR|0700, st_nlink=5, st_uid=1000, st_gid=1000, st_blksize=4096, st_blocks=8, st_size=4096, st_atime=2011/04/07-09:30:08, st_mtime=2011/09/03-01:57:47, st_ctime=2011/09/03-01:58:08}) = 0 chown("/home/user_name/mdbox", 1000, 4294967295) = 0 stat("/home/user_name/mdbox/dovecot-quota", {st_dev=makedev(9, 3), st_ino=42730175, st_mode=S_IFREG|0600, st_nlink=1, st_uid=1000, st_gid=1000, st_blksize=4096, st_blocks=8, st_size=59, st_atime=2011/09/03-01:48:40, st_mtime=2011/09/03-01:48:40, st_ctime=2011/09/03-01:48:40}) = 0 fstat(15, {st_dev=makedev(9, 3), st_ino=42730175, st_mode=S_IFREG|0600, st_nlink=1, st_uid=1000, st_gid=1000, st_blksize=4096, st_blocks=8, st_size=59, st_atime=2011/09/03-01:48:40, st_mtime=2011/09/03-01:48:40, st_ctime=2011/09/03-01:48:40}) = 0 alarm(180) = 0 fcntl(9, F_SETLKW, {type=F_WRLCK, whence=SEEK_SET, start=0, len=0}) = 0 alarm(0) = 180 stat("/home/user_name/mdbox/storage/dovecot.map.index.log", {st_dev=makedev(9, 3), st_ino=42730409, st_mode=S_IFREG|0600, st_nlink=1, st_uid=1000, st_gid=1000, st_blksize=4096, st_blocks=56, st_size=22356, st_atime=2011/09/02-19:31:53, st_mtime=2011/09/03-01:48:40, st_ctime=2011/09/03-01:48:40}) = 0 fstat(9, {st_dev=makedev(9, 3), st_ino=42730409, st_mode=S_IFREG|0600, st_nlink=1, st_uid=1000, st_gid=1000, st_blksize=4096, st_blocks=56, st_size=22356, st_atime=2011/09/02-19:31:53, st_mtime=2011/09/03-01:48:40, st_ctime=2011/09/03-01:48:40}) = 0 stat("/home/user_name/mdbox/mailboxes/Inbox_2/dbox-Mails/dovecot.index.log.2", {st_dev=makedev(9, 3), st_ino=44696358, st_mode=S_IFREG|0600, st_nlink=1, st_uid=1000, st_gid=1000, st_blksize=4096, st_blocks=144, st_size=66812, st_atime=2011/09/02-19:27:08, st_mtime=2011/09/02-19:32:11, st_ctime=2011/09/02-19:32:11}) = 0 alarm(180) = 0 fcntl(11, F_SETLKW, {type=F_WRLCK, whence=SEEK_SET, start=0, len=0}) = 0 alarm(0) = 180 stat("/home/user_name/mdbox/mailboxes/Inbox_2/dbox-Mails/dovecot.index.log", {st_dev=makedev(9, 3), st_ino=44696360, st_mode=S_IFREG|0600, st_nlink=1, st_uid=1000, st_gid=1000, st_blksize=4096, st_blocks=40, st_size=16404, st_atime=2011/09/02-19:32:11, st_mtime=2011/09/03-00:05:26, st_ctime=2011/09/03-00:05:26}) = 0 fstat(11, {st_dev=makedev(9, 3), st_ino=44696360, st_mode=S_IFREG|0600, st_nlink=1, st_uid=1000, st_gid=1000, st_blksize=4096, st_blocks=40, st_size=16404, st_atime=2011/09/02-19:32:11, st_mtime=2011/09/03-00:05:26, st_ctime=2011/09/03-00:05:26}) = 0 fcntl(9, F_SETLK, {type=F_UNLCK, whence=SEEK_SET, start=0, len=0}) = 0 fcntl(11, F_SETLK, {type=F_UNLCK, whence=SEEK_SET, start=0, len=0}) = 0 write(1, "a NO [CANNOT] Message has been copied too many times (32767 + 1)\r\n", 66) = 66 epoll_wait(5, {}, 3, 5000) = 0 epoll_wait(5, {}, 3, 4) = 0 15642 timeout_reset(0x25565c0, 0x254632a, 3, 32704, 0x203a2961632e79) = 1 15642 i_stream_read(0x2556300, 0x2999108, 0, 0x25565c0, 8) = 26 15642 o_stream_ref(0x25564b8, 0x2559e0d, 0, 26, 8) = 26 15642 o_stream_cork(0x25564b8, 0x2559e0d, 0, 26, 8) = 1 15642 t_push(0x2555ed0, 1, 0x2556440, 26, 8) = 3 15642 i_stream_get_data(0x2556300, 0x7fffb16662c0, 4, 32704, 8) = 0x2559e0d 15642 buffer_create_dynamic(0x2556620, 40, 0x2556600, 1856, 8) = 0x25566c0 15642 imap_parser_read_word(0x25557a0, 0x2555ef8, 0x2556600, 1760, 8) = 0x255bd08 15642 p_strdup(0x2556620, 0x255bd08, 0, 97, 8) = 0x2556720 15642 imap_parser_read_word(0x25557a0, 0x255bd0a, 0, 97, 0x255bd08) = 0x255bd10 15642 p_strdup(0x2556620, 0x255bd10, 0, 25705, 0x255bd08) = 0x2556728 15642 t_str_new(128, 0x255bd14, 0, 0x646975, 0x255bd10) = 0x2523088 15642 str_append_c(0x2523088, 91, 0, 98, 128) = 0x25230c0 15642 str_append(0x2523088, 0x254c420, 1, 91, 128) = 0x25230c1 15642 str_len(0x2523088, 0x254c431, 0, 0x6f6840736e6f726f, 0x61632e7961777473) = 18 15642 str_append_c(0x2523088, 32, 0, 0x6f6840736e6f726f, 0x61632e7961777473) = 0x25230d2 15642 str_append(0x2523088, 0x2556728, 0, 32, 0x61632e7961777473) = 0x25230d3 15642 str_append_c(0x2523088, 93, 0, 25705, 0x2556728) = 0x25230d6 15642 str_c(0x2523088, 0x7fffb166624d, 0, 93, 0x2556728) = 0x25230c0 15642 process_title_set(0x25230c0, 0x7fffb166624d, 0, 93, 0x2556728) = 0x7fffb1666bc0 15642 array_bsearch_i(0x61feb0, 0x2556728, 0x411510, 0x5d6469752061632e, 0x746f6365766f642f 15642 strcasecmp("uid", "NOOP") = 7 15642 strcasecmp("uid", "UID COPY") = -32 15642 strcasecmp("uid", "STATUS") = 2 15642 strcasecmp("uid", "THREAD") = 1 15642 strcasecmp("uid", "UID") = 0 15642 <... array_bsearch_i resumed> ) = 0x252ca98 15642 imap_parser_read_word(0x25557a0, 0x41bd4e, 0, 0, 0) = 0x255bd18 15642 t_strconcat(0x41b57d, 0x255bd18, 0, 0x79706f63, 0) = 0x2523170 15642 array_bsearch_i(0x61feb0, 0x2523170, 0x411510, 32432, 0x255bd18 15642 strcasecmp("UID copy", "NOOP") = 7 15642 strcasecmp("UID copy", "UID COPY") = 0 15642 <... array_bsearch_i resumed> ) = 0x252cab0 15642 p_strconcat(0x2556620, 0x41b57d, 0x255bd18, 0, 0) = 0x2556730 15642 imap_parser_read_args(0x25557a0, 2, 0, 0x7fffb16660d8, 0x255bd18) = 2 15642 t_str_new(256, 0, 0, 146, 32) = 0x2523198 15642 imap_write_args(0x2523198, 0x255bc28, 0, 0, 0) = 0x25231d7 15642 str_c(0x2523198, 0x255bd2f, 0, 0x325f786f, 0x255bd28) = 0x25231d0 15642 p_strdup(0x2556620, 0x25231d0, 0, 0x325f786f, 0x255bd28) = 0x2556740 15642 imap_arg_get_astring(0x255bc28, 0x7fffb16660d0, 24, 0x325f786f626e49, 0x25231d0) = 1 15642 imap_arg_get_astring(0x255bc48, 0x7fffb16660d0, 32, 0x325f786f626e49, 0x25231d0) = 1 15642 mail_search_build_init(0x2556640, 0x255bd20, 1, 0x7fffb16661f0, 0x25231d0) = 0x2568920 15642 buffer_create_dynamic(0x2568900, 128, 0x25688e0, 3840, 8) = 0x25689e0 15642 imap_seq_set_parse(0x255bd20, 0x2568968, 0x25688e0, 3656, 8) = 0 15642 mail_search_args_init(0x2568920, 0x2556e50, 1, 0x2555fb0, 0x7fffb1666068) = 4 15642 mail_namespace_find(0x2550340, 0x7fffb1666108, 0x7fffb16661d8, 0x7fffb166620c, 8) = 0x2550340 15642 strlen("Inbox_2") = 7 15642 strlen("Inbox_2") = 7 15642 mailbox_list_get_mailbox_name_status(0x2552930, 0x255bd28, 0x7fffb166620c, 47, 0x255bd28) = 0 15642 mailbox_get_namespace(0x2556e50, 0x2550340, 0x255bd28, 0, 0) = 0x2550340 15642 mailbox_get_name(0x2556e50, 0x2550340, 0x2550340, 0, 0) = 0x25570c0 15642 strcmp("INBOX", "Inbox_2") = -32 15642 strcasecmp("INBOX", "INBOX") = 0 15642 strcasecmp("Inbox_2", "INBOX") = 95 15642 mailbox_alloc(0x2552930, 0x255bd28, 10, 0, 95) = 0x2569930 15642 mailbox_open(0x2569930, 0, 2, 32024, 104) = 0 15642 mailbox_transaction_begin(0x2569930, 6, 0x7f8d0e5aa560, 32024, 0) = 0x299cb20 15642 t_str_new(256, 0x7fffb1666120, 0, 0x299cc00, 0x7f8d0df1aeb8) = 0x25235f8 15642 mailbox_transaction_begin(0x2556e50, 0, 0, 0, 0) = 0x256c590 15642 mailbox_search_init(0x256c590, 0x2568920, 0, 0x256dc20, 0x7f8d0df1aeb8) = 0x256dc50 15642 mail_alloc(0x256c590, 0, 0, 3, 32) = 0x256e440 15642 mailbox_search_next(0x256dc50, 0x256e440, 0x7f8d0e5aa560, 30976, 88) = 1 15642 mailbox_save_alloc(0x299cb20, 726974, 0, 0x256dd30, 0) = 0x256dee0 15642 mailbox_save_copy_flags(0x256dee0, 0x256e440, -1, 0, 0) = 12 15642 mailbox_copy(0x7fffb16661c0, 0x256e440, 44, 0x2902410, 726974) = 0 15642 mailbox_search_next(0x256dc50, 0x256e440, 0, 0xffffffff, 0x7f8d0df19580) = 0 15642 mail_free(0x7fffb16661b8, 40, 0, 0x7fffb1666080, 0x7f8d0df19580) = 2065 15642 str_printfa(0x25235f8, 0x41bd53, 726974, 726974, 48) = 130 15642 mailbox_search_deinit(0x7fffb16661d0, 6, 0x2523636, 0x41bd55, 0) = 0 15642 mailbox_transaction_commit(0x7fffb16661c8, 2, 0x256de00, 132976, 0) = 0 15642 str_c(0x25235f8, 0, 0x256d3b0, 132976, 56) = 0x2523630 15642 mail_search_args_unref(0x7fffb16661f0, 0, 0x256d3b0, 132976, 56) = 4113 15642 t_str_new(256, 0, 0x2996cb0, 132976, 120) = 0x2523758 15642 mailbox_transaction_commit_get_changes(0x7fffb16661f8, 0x7fffb1666170, 0, 0, 0) = 0xffffffff 15642 mailbox_get_storage(0x2569930, 0, 0x7f8d0e5aa560, 30624, 48) = 0x2553140 15642 mailbox_free(0x7fffb1666200, 0, 0x7f8d0e5aa560, 0x2569930, 48) = 7201 15642 mailbox_is_inconsistent(0x2556e50, 0x2553140, 0x299cc80, 132976, 8) = 0 15642 mail_storage_get_last_error(0x2553140, 0x7fffb166612c, 0x4d9de690, 132976, 8) = 0x2573bf0 15642 t_strdup_printf(0x41b1d7, 0x41b19d, 0x2573bf0, 132976, 8) = 0x2523890 15642 o_stream_send_str(0x25564b8, 0x2556720, 0x2523010, 30560, 0) = 1 15642 o_stream_send(0x25564b8, 0x419dd1, 1, 97, 0x2556720) = 1 15642 o_stream_send_str(0x25564b8, 0x2523890, 0, 32, 0x2556720) = 62 15642 o_stream_send(0x25564b8, 0x41b5cf, 2, 0x3233282073656d69, 0x2931202b20373637) = 2 15642 timeout_reset(0x25565c0, 0x41b5d1, 0, 2573, 0x2931202b20373637) = 2 15642 imap_parser_reset(0x25557a0, 0x29999d8, 0, 0x25565c0, 8) = 0x25557d0 15642 t_str_new(128, 0, 0, -5, 16) = 0x25238e8 15642 str_append_c(0x25238e8, 91, 0, 98, 128) = 0x2523920 15642 str_append(0x25238e8, 0x254c420, 1, 91, 128) = 0x2523921 15642 str_append_c(0x25238e8, 93, 0, 0x6f6840736e6f726f, 0x61632e7961777473) = 0x2523932 15642 str_c(0x25238e8, 0x7fffb166621d, 0, 93, 0x61632e7961777473) = 0x2523920 15642 process_title_set(0x2523920, 0x7fffb166621d, 0, 93, 0x61632e7961777473) = 0x7fffb1666beb 15642 t_pop_check(0x7fffb16662cc, 171, 0xabababababababab, 414, 4) = 3 15642 t_push(0x7fffb16662cc, 171, 0x7f8d0e5aa560, 32704, 4) = 3 15642 i_stream_get_data(0x2556300, 0x7fffb16662b8, 4, 32704, 4) = 0x2559e26 15642 i_stream_skip(0x2556300, 1, 1, 1, 4) = 1 15642 i_stream_get_data(0x2556300, 0x7fffb16662c0, 647, 0x25562a0, 4) = 0 15642 t_pop_check(0x7fffb16662cc, 0x7fffb16662c0, 0x25562a0, 647, 4) = 3 15642 mailbox_transaction_get_count(0x2556e50, 0x7fffb16662c0, 0x7f8d0e5aa560, 32704, 4) = 0 15642 o_stream_uncork(0x25564b8, 0, 0x7f8d0e5aa560, 32704, 4) = 0 15642 o_stream_unref(0x7fffb1666310, 0, 66, 0, 4) = 1 15642 i_stream_get_data(0x2556300, 0x7fffb16662e8, 66, 0, 4) = 0 Thanks for checking KuiZ On Fri, Sep 2, 2011 at 10:36 PM, Timo Sirainen wrote: > On 3.9.2011, at 6.06, Kui Zhang wrote: > >> We are getting following errors when moving mail from inbox to any folder. >> >> "Message has been copied too many times (32767+1)" > > mdbox? Is it actually copied that many times? > > From tlx at leuxner.net Sat Sep 3 14:02:25 2011 From: tlx at leuxner.net (Thomas Leuxner) Date: Sat, 3 Sep 2011 13:02:25 +0200 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <7F458A22-E5FD-4E53-8039-3FC5F035AD60@iki.fi> References: <1314869252.27581.9.camel@hurina> <20110902102133.GA6623@nihlus.leuxner.net> <4E61117E.1030902@rename-it.nl> <4E6121ED.5020204@rename-it.nl> <3C903640-F45B-4BEE-ADEF-077D4592B796@leuxner.net> <4E61476F.9090601@rename-it.nl> <4E61EBDA.20906@rename-it.nl> <7F458A22-E5FD-4E53-8039-3FC5F035AD60@iki.fi> Message-ID: <2FF2E9E9-EDC0-4961-8392-E9A8DE9C4422@leuxner.net> Am 03.09.2011 um 11:05 schrieb Timo Sirainen: > On 3.9.2011, at 11.56, Stephan Bosch wrote: > >> As you can see, libdovecot-sql.so now has dependencies on mysql, pgsql and sqlite. I am not sure why. The following change seems to be the cause: >> >> --- dovecot-2.0/src/lib-sql/Makefile.am 2011-04-16 22:02:06.000000000 +0200 >> +++ dovecot-2.1/src/lib-sql/Makefile.am 2011-08-25 23:16:57.000000000 +0200 >> @@ -66,7 +72,11 @@ >> >> pkglib_LTLIBRARIES = libdovecot-sql.la >> libdovecot_sql_la_SOURCES = >> -libdovecot_sql_la_LIBADD = libsql.la $(MODULE_LIBS) >> +libdovecot_sql_la_LIBADD = libsql.la $(deplibs) \ >> + $(MYSQL_LIBS) \ >> + $(PGSQL_LIBS) \ >> + $(SQLITE_LIBS) \ >> + $(MODULE_LIBS) >> libdovecot_sql_la_DEPENDENCIES = libsql.la >> libdovecot_sql_la_LDFLAGS = -export-dynamic >> >> Timo, any ideas? > > http://hg.dovecot.org/dovecot-2.1/rev/d2b27eae9221 probably helps? > Looks good now, dependency gone. Thanks to both of you. From lists at wildgooses.com Sat Sep 3 16:03:39 2011 From: lists at wildgooses.com (Ed W) Date: Sat, 03 Sep 2011 14:03:39 +0100 Subject: [Dovecot] Thunderbird caching problem In-Reply-To: <4E5E91F0.3020608@bunbun.be> References: <20110831185948.GG4353@ref.nmedia.net> <4E5E8E8D.3090406@neurotica.com> <20110831194953.GN4353@ref.nmedia.net> <4E5E91F0.3020608@bunbun.be> Message-ID: <4E6225AB.7090407@wildgooses.com> On 31/08/2011 20:56, Nick Rosier wrote: > Chris Cappuccio wrote: >> Dave McGuire [mcguire at neurotica.com] wrote: >> >> Interesting..How do I know that I really should be announcing all of >> these capabilities given my current dovecot version and config? >> >> With the config I posted, here's what I send out now >> >> * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE >> IDLE STARTTLS AUTH=PLAIN AUTH=DIGEST-MD5 AUTH=CRAM-MD5] Blahfart >> > This is before login, you need to verify after login. Dovecot changes > the capabilities it advertises after login. Remove CONDSTORE and > QRESYNC; the CONDSTORE is the one messing it up for you. QRESYNC also > implies CONDSTORE so you need to disable this one as well. > > N. What you are doing is disabling CONDSTORE. You can do this on a machine by machine basis by going into the Thunderbird advanced configuration page and toggling: mail.server.default.use_condstore Note, others have reported NOT having problems when using Cyrus..? For me it happens: - Using the same username to login to the same inboxes from separate machines - Both users behind the same NAT (nat timeouts and missed messages a possibility) - Rarely Possibly: - The user that gets affected has been idle for a while (see NAT idea above) - That user is either viewing the affected folder, or recently viewed the folder. Someone needs to catch this thing in the act and get a network trace so that we can put this thing to bed. It happens so rarely for me (and in such large folders) that it's not practical to get a trace. Also note that for me it's mainly a case that I see messages marked unread, when someone else marked them read. This is often fixed by restarting TB (possibly a clue). I don't think I ever need to force a re-download of all messages? Good luck Ed W From tss at iki.fi Sun Sep 4 18:33:48 2011 From: tss at iki.fi (Timo Sirainen) Date: Sun, 04 Sep 2011 18:33:48 +0300 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <4E609C46.9010306@luigirosa.com> References: <1314869252.27581.9.camel@hurina> (auto-added) <2AAA5E22-01A2-4405-922F-CA904F92EB12@iki.fi> <4E5F96B3.8090709@luigirosa.com> <5EDA8C12-D80B-48CD-B69A-A9969609617E@iki.fi> <4E5F9990.6060806@luigirosa.com> <32D56AC3-9213-4459-A231-3C41C1C2C18D@iki.fi> <4E609C46.9010306@luigirosa.com> Message-ID: <1315150429.21981.0.camel@hurina> On Fri, 2011-09-02 at 11:05 +0200, Luigi Rosa wrote: > Sep 2 11:03:11 mail dovecot: stats: Error: Mail server input error: > UPDATE-SESSION: stats shrank: ucpu 0.5999 < 0.9000 http://hg.dovecot.org/dovecot-2.1/rev/9434093229aa should fix this. From tss at iki.fi Sun Sep 4 18:34:13 2011 From: tss at iki.fi (Timo Sirainen) Date: Sun, 04 Sep 2011 18:34:13 +0300 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: References: <1314869252.27581.9.camel@hurina> <2AAA5E22-01A2-4405-922F-CA904F92EB12@iki.fi> Message-ID: <1315150453.21981.1.camel@hurina> On Thu, 2011-09-01 at 21:09 +0200, Frank Elsner wrote: > But when I stop dovecot I get > > Sep 1 17:08:17 seymour dovecot: master: Warning: Killed with signal 15 (by pid=7896 uid=0 code=kill) > Sep 1 17:08:17 seymour dovecot: anvil: Panic: file master-service.c: line 584 (master_service_client_connection_de > stroyed): assertion failed: (service->total_available_count > 0) http://hg.dovecot.org/dovecot-2.1/rev/66453d942761 should fix this. From tss at iki.fi Sun Sep 4 18:45:49 2011 From: tss at iki.fi (Timo Sirainen) Date: Sun, 04 Sep 2011 18:45:49 +0300 Subject: [Dovecot] Possible signed/unsigned bug in libdovecot-storage (2:2.0.14 ) In-Reply-To: References: <08CD5CF9-B82B-4F16-9729-C522C12BEE34@iki.fi> Message-ID: <1315151149.21981.8.camel@hurina> On Sat, 2011-09-03 at 02:29 -0700, Kui Zhang wrote: > > >> "Message has been copied too many times (32767+1)" > it is mdbox, file size 10M > > I dont know if the message was ever copy that many times. I dont know > any way to tell. I'm pretty sure the message has been copied that many times. Possibly related to some lazy-expunge bug.. You could check this manually by: > I was able to trigger the error message with following. > a uid copy 726974 inbox_2 > First you'll need to find "map_uid" of the message: > map_uid=`doveadm dump ~/mdbox/mailboxes/INBOX/dbox-Mails/|grep -A 10 uid=726974|grep -w map_uid|awk '{print $4}'` Next you can check that the reference count for the message really is 32767: doveadm dump ~/mdbox/storage|grep -A 5 uid=$map_uid | grep -w ref And finally check where that message has actually been copied to: printf '#!/bin/sh\necho $1;doveadm dump $1 | grep "map_uid.*\\b$2\\$" | wc -l\n' > /tmp/find.sh find ~/mdbox -name dbox-Mails -exec /tmp/find.sh {} $map_uid \; From lists at luigirosa.com Sun Sep 4 19:10:48 2011 From: lists at luigirosa.com (Luigi Rosa) Date: Sun, 04 Sep 2011 18:10:48 +0200 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <1315150429.21981.0.camel@hurina> References: <1314869252.27581.9.camel@hurina> (auto-added) <2AAA5E22-01A2-4405-922F-CA904F92EB12@iki.fi> <4E5F96B3.8090709@luigirosa.com> <5EDA8C12-D80B-48CD-B69A-A9969609617E@iki.fi> <4E5F9990.6060806@luigirosa.com> <32D56AC3-9213-4459-A231-3C41C1C2C18D@iki.fi> <4E609C46.9010306@luigirosa.com> <1315150429.21981.0.camel@hurina> Message-ID: <4E63A308.4050900@luigirosa.com> Timo Sirainen said the following on 04/09/11 17:33: >> Sep 2 11:03:11 mail dovecot: stats: Error: Mail server input error: >> UPDATE-SESSION: stats shrank: ucpu 0.5999< 0.9000 > > http://hg.dovecot.org/dovecot-2.1/rev/9434093229aa should fix this. Confirmed! Ciao, luigi -- / +--[Luigi Rosa]-- \ Cheap recursion jokes are my favorite kind of cheap recursion jokes. From tss at iki.fi Sun Sep 4 21:15:04 2011 From: tss at iki.fi (Timo Sirainen) Date: Sun, 04 Sep 2011 21:15:04 +0300 Subject: [Dovecot] v2.1 stats documentation Message-ID: <1315160105.21981.34.camel@hurina> http://wiki2.dovecot.org/Statistics From kyle at averageurl.com Sun Sep 4 22:10:02 2011 From: kyle at averageurl.com (Kyle Brantley) Date: Sun, 04 Sep 2011 13:10:02 -0600 Subject: [Dovecot] Quotas not recalculating Message-ID: <4E63CD0A.50500@averageurl.com> Hello all -- I have an interesting issue, where the quotas are refusing the recalculate for anyone on my server. # doveadm quota get -u kyle at averageurl.com Quota name Type Value Limit % storage=540672 STORAGE 0 - 0 storage=540672 MESSAGE 0 - 0 # doveadm quota recalc -u kyle at averageurl.com # doveadm quota get -u kyle at averageurl.com Quota name Type Value Limit % storage=540672 STORAGE 0 - 0 storage=540672 MESSAGE 0 - 0 # du -sh /var/mail/vhosts/averageurl.com/kyle 512M /var/mail/vhosts/averageurl.com/kyle The IMAP client (Thunderbird) state that the user has no quotas in place at all. Now, if I copy the maildirsize file from another user to this user account, the quotas display in the IMAP client. At this point, however, trying to recalc the quota does nothing. Any help with this would be appreciated, config below... --Kyle # doveconf -n # 2.0.beta6 (3156315704ef): /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-71.29.1.el6.x86_64 x86_64 CentOS Linux release 6.0 (Final) ext4 auth_gssapi_hostname = imap.mail.averageurl.com auth_krb5_keytab = /etc/dovecot/krb5.keytab auth_mechanisms = plain login gssapi digest-md5 cram-md5 first_valid_uid = 502 last_valid_uid = 502 mail_debug = yes mail_location = maildir:/var/mail/vhosts/%d/%n mail_plugins = $mail_plugins quota mbox_write_locks = fcntl passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { quota = maildir:Quota sieve = /var/mail/vhosts/%d/%n/.sieve sieve_dir = /var/mail/vhosts/%d/%n/sieve/ } protocols = imap lmtp sieve service auth { unix_listener auth-userdb { group = mailstore mode = 0660 } } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } } service imap { process_limit = 128 } service lmtp { unix_listener lmtp { mode = 0666 } } service managesieve-login { inet_listener sieve { port = 4190 } process_min_avail = 0 service_count = 1 } ssl_ca = password= dbname= user_query = SELECT 502 AS uid, 502 AS gid, "/var/mail/vhosts/%d/%n" AS home, concat("maildir:storage=", floor(m.quota/1024)) AS quota FROM vmailboxes m, vhosts h WHERE `m`.`username` = '%n' AND `m`.`domain` = `h`.`UUID` AND `h`.`vhost` = '%d' default_pass_scheme = PLAIN password_query = SELECT aes_decrypt(`m`.`password`, ) AS password FROM vmailboxes m, vhosts h WHERE `m`.`username` = '%n' AND `m`.`domain` = `h`.`UUID` AND `h`.`vhost` = '%d' From kyle at averageurl.com Mon Sep 5 04:28:21 2011 From: kyle at averageurl.com (Kyle Brantley) Date: Sun, 04 Sep 2011 19:28:21 -0600 Subject: [Dovecot] Quotas not recalculating In-Reply-To: <4E63CD0A.50500@averageurl.com> References: <4E63CD0A.50500@averageurl.com> Message-ID: <4E6425B5.3080305@averageurl.com> On 9/4/2011 1:10 PM, Kyle Brantley wrote: > Hello all -- > > I have an interesting issue, where the quotas are refusing the > recalculate for anyone on my server. > > # doveadm quota get -u kyle at averageurl.com > Quota name Type Value Limit % > storage=540672 STORAGE 0 - 0 > storage=540672 MESSAGE 0 - 0 > # doveadm quota recalc -u kyle at averageurl.com > # doveadm quota get -u kyle at averageurl.com > Quota name Type Value Limit % > storage=540672 STORAGE 0 - 0 > storage=540672 MESSAGE 0 - 0 > # du -sh /var/mail/vhosts/averageurl.com/kyle > 512M /var/mail/vhosts/averageurl.com/kyle > > The IMAP client (Thunderbird) state that the user has no quotas in > place at all. Now, if I copy the maildirsize file from another user to > this user account, the quotas display in the IMAP client. At this > point, however, trying to recalc the quota does nothing. > > Any help with this would be appreciated, config below... > > --Kyle > > > Okay, something else isn't cooperating with this at all. I reconfigured it to use dirsize just to test (quota = dirsize:User quota in 90-quota.conf instead of quota = maildir:User quota), and it is still trying to use maildir quotas: Sep 5 01:24:22 serenity dovecot: imap(kyle at averageurl.com): Debug: Effective uid=502, gid=502, home=/var/mail/vhosts/averageurl.com/kyle Sep 5 01:24:22 serenity dovecot: imap(kyle at averageurl.com): Debug: Quota root: name=storage=540672 backend=maildir args= Relevant `postconf -n` changes: plugin { quota = dirsize:User quota sieve = /var/mail/vhosts/%d/%n/.sieve sieve_dir = /var/mail/vhosts/%d/%n/sieve/ } Any ideas what is going on would be great. --Kyle From tss at iki.fi Mon Sep 5 08:39:39 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 5 Sep 2011 08:39:39 +0300 Subject: [Dovecot] Quotas not recalculating In-Reply-To: <4E6425B5.3080305@averageurl.com> References: <4E63CD0A.50500@averageurl.com> <4E6425B5.3080305@averageurl.com> Message-ID: <19DE1FB3-E4F7-44B2-AD44-B5AFD7E813E2@iki.fi> On 5.9.2011, at 4.28, Kyle Brantley wrote: > Okay, something else isn't cooperating with this at all. I reconfigured it to use dirsize just to test (quota = dirsize:User quota in 90-quota.conf instead of quota = maildir:User quota), and it is still trying to use maildir quotas: Your user_query in dovecot-sql.conf overrides the quota setting. From aydin.demirel at endersys.com Mon Sep 5 09:42:46 2011 From: aydin.demirel at endersys.com (=?UTF-8?B?QXlkxLFuIERlbWlyZWw=?=) Date: Mon, 05 Sep 2011 09:42:46 +0300 Subject: [Dovecot] Trash Plugin In-Reply-To: <1313355199.10421.1288.camel@hurina> References: <1313355199.10421.1288.camel@hurina> Message-ID: <4E646F66.3080207@endersys.com> Hi; Sorry for delay; if both qmail quota settings are enabled, and storage is enabled in the dovecot config; Which will be active? ie, both the user quotas will be different Regards.. On Tue, 2011-08-09 at 14:34 +0300, Ayd?n Demirel wrote: > Hi; > > I have a question about trash plugin. I added following lines into > dovecot.conf: > > quota_rule = *:storage=2048000 > quota_rule2 = Trash:storage=1MB > quota_rule3 = SPAM:ignore That looks like simply a quota plugin setting. You haven't shown anything settings about trash plugin. Which one do you really mean? > When I set *:storage line as default quota_rule , There is no problem.. > > But when I removed this line and set Trash:storage as default > quota_rule, plugin is not working.. > > That I said, Do I have to add *:storage line as first default line in > config line? You need a *:storage rule in any case. I don't know what you'd want to happen if it didn't exist. -- *Ayd?n Demirel Endersys Ltd. Sistem Destek M?hendisi/ System Support Engineer* * *<> Phone : +90 216 470 9423 | GSM : +90 530 401 8203 Fax : +90 216 470 9508 | Web : http://www.endersys.com Blog : http://blog.endersys.com Twitter : http://www.twitter.com/endersys LPI : The #1 Linux Certification for IT Professionals LPI (Linux Professional Institute) Turkey http://www.lpi-turkey.com From janfrode at tanso.net Mon Sep 5 12:05:41 2011 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Mon, 5 Sep 2011 11:05:41 +0200 Subject: [Dovecot] limit number of simultaneous lmtp deliveries ? Message-ID: <20110905090541.GA8709@oc1046828364.ibm.com> We have quite a few frontend mail gateways that deliver incoming email trough our dovecot director (lmtp proxy) to the backend lmtp servers, and are seeing this logged on the frontend mail gateways: Sep 5 10:51:56 mailgw1 postfix/lmtp[23443]: 0E2F41C01A: to=, relay=loadbalancers.example.com[192.168.42.15]:24, delay=61, delays=0.02/0.3/31/30, dsn=4.4.0, status=deferred (host loadbalancers.example.com[192.168.42.15] said: 451 4.4.0 Remote server not answering (DATA output timeout) (in reply to end of DATA command)) It's a bit unclear to me if this leads to duplicate deliveries, or just delayed deliveries, but -- is there any way to limit the number of simultanous deliveries on either the dovecot director or the backend lmtp-servers ? Will "process_limit=10" work for "service lmtp"? -jf From stsiol at yahoo.co.uk Mon Sep 5 12:37:13 2011 From: stsiol at yahoo.co.uk (Spyros Tsiolis) Date: Mon, 5 Sep 2011 10:37:13 +0100 (BST) Subject: [Dovecot] User tries to move folder, then looses it Message-ID: <1315215433.4874.YahooMailNeo@web27202.mail.ukl.yahoo.com> Hello, Well, this is kind of difficult to explain. I have this user that keeps making mistakes on his pc and sometimes I don't know if I should believe her or not. Anywhoo, this time round, she managed to loose? a whole folder on Thunderbird. She claims she tried to move the folder from a tree directory structure (see : sub-sub-folder) she created for herself to another place underneath "root". Additionaly, she managed to mangle things up since she used on TB characters like "/"? "\" and "&" . So thunderbird refuses to access those sub-folders on the folder tree and I cannot rename them (in order to have later access). Here's dovecot info : -------------------------------------------------------------------------- # 1.2.16: /etc/dovecot/dovecot.conf # OS: Linux 2.6.18-194.17.4.el5 i686 CentOS release 5.5 (Final) ext3 base_dir: /var/run/dovecot/ log_path: /var/log/dovecot/dovecot.log info_log_path: /var/log/dovecot/dovecot-info.log ssl_parameters_regenerate: 48 verbose_ssl: yes login_dir: /var/run/dovecot//login login_executable: /usr/local/dovecot/libexec/dovecot/imap-login login_greeting: * Dovecot ready * login_max_processes_count: 64 mail_location: maildir:/var/MailRoot/domains/%d/%n/Maildir mail_plugins: zlib auth default: ? verbose: yes ? debug: yes ? debug_passwords: yes ? passdb: ??? driver: passwd-file ??? args: /etc/dovecot/passwd ? passdb: ??? driver: pam ? userdb: ??? driver: static ??? args: uid=vmail gid=vmail home=/home/vmail/%u ? userdb: ??? driver: passwd -------------------------------------------------------------------------- TIA, s. ? ---- "I merely function as a channel that filters music through the chaos of noise" - Vangelis From kuizhang at gmail.com Mon Sep 5 13:11:48 2011 From: kuizhang at gmail.com (Kui Zhang) Date: Mon, 5 Sep 2011 03:11:48 -0700 Subject: [Dovecot] Possible signed/unsigned bug in libdovecot-storage (2:2.0.14 ) In-Reply-To: <1315151149.21981.8.camel@hurina> References: <08CD5CF9-B82B-4F16-9729-C522C12BEE34@iki.fi> <1315151149.21981.8.camel@hurina> Message-ID: On Sun, Sep 4, 2011 at 8:45 AM, Timo Sirainen wrote: > On Sat, 2011-09-03 at 02:29 -0700, Kui Zhang wrote: >> > >> "Message has been copied too many times (32767+1)" >> it is mdbox, file size 10M >> >> I dont know if the message was ever copy that many times. I dont know >> any way to tell. > > I'm pretty sure the message has been copied that many times. Possibly > related to some lazy-expunge bug.. You could check this manually by: > >> I was able to trigger the error message with following. >> a uid copy 726974 inbox_2 >> > First you'll need to find "map_uid" of the message: >> > map_uid=`doveadm dump ~/mdbox/mailboxes/INBOX/dbox-Mails/|grep -A 10 uid=726974|grep -w map_uid|awk '{print $4}'` > > Next you can check that the reference count for the message really is > 32767: > The ref counter was 32767. > doveadm dump ~/mdbox/storage|grep -A 5 uid=$map_uid | grep -w ref > > And finally check where that message has actually been copied to: > > printf '#!/bin/sh\necho $1;doveadm dump $1 | grep "map_uid.*\\b$2\\$" | wc -l\n' > /tmp/find.sh > find ~/mdbox -name dbox-Mails -exec /tmp/find.sh {} $map_uid \; > > The message was copied to a secondary folder. The action match one of the client side filter rules. I found 3k other messages with same problem. They all have delete flag. I upgraded dovecot the night before. I seen plugin errors during upgrade, in the pass. Do you think client made multiple copies during plugin upgrade? I will turn on debug logging for next upgrade. What else can I do, in order to track down the problem? thanks KuiZ > From tss at iki.fi Mon Sep 5 13:17:38 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 5 Sep 2011 13:17:38 +0300 Subject: [Dovecot] Possible signed/unsigned bug in libdovecot-storage (2:2.0.14 ) In-Reply-To: References: <08CD5CF9-B82B-4F16-9729-C522C12BEE34@iki.fi> <1315151149.21981.8.camel@hurina> Message-ID: <5EC91BA7-262C-4EFB-A91E-C3C03E37645C@iki.fi> On 5.9.2011, at 13.11, Kui Zhang wrote: >> First you'll need to find "map_uid" of the message: >>> >> map_uid=`doveadm dump ~/mdbox/mailboxes/INBOX/dbox-Mails/|grep -A 10 uid=726974|grep -w map_uid|awk '{print $4}'` >> >> Next you can check that the reference count for the message really is >> 32767: > > The ref counter was 32767. Well, see what happens if you try to rebuild the dbox indexes. Does the counter shrink or is it the same? If it stays the same, the message was actually copied 32767 times somewhere.. doveadm force-resync -u user at domain INBOX > I upgraded dovecot the night before. I seen plugin errors during > upgrade, in the pass. Do you think client made multiple copies during > plugin upgrade? I will turn on debug logging for next upgrade. Having 32767 copies of the message is a bit strange. Debug logging won't show anything, but you could enable mail_log plugin and it'll log about each copy operation. From Frank.Elsner at Spamfence.NET Mon Sep 5 14:53:55 2011 From: Frank.Elsner at Spamfence.NET (Frank Elsner) Date: Mon, 5 Sep 2011 13:53:55 +0200 Subject: [Dovecot] v2.1.alpha1 released In-Reply-To: <1315150453.21981.1.camel@hurina> References: <1314869252.27581.9.camel@hurina> <2AAA5E22-01A2-4405-922F-CA904F92EB12@iki.fi> <1315150453.21981.1.camel@hurina> Message-ID: (auto-added) On Sun, 04 Sep 2011 18:34:13 +0300 Timo Sirainen wrote: > On Thu, 2011-09-01 at 21:09 +0200, Frank Elsner wrote: > > But when I stop dovecot I get > > > > Sep 1 17:08:17 seymour dovecot: master: Warning: Killed with signal 15 (by pid=7896 uid=0 code=kill) > > Sep 1 17:08:17 seymour dovecot: anvil: Panic: file master-service.c: line 584 (master_service_client_connection_de > > stroyed): assertion failed: (service->total_available_count > 0) > > http://hg.dovecot.org/dovecot-2.1/rev/66453d942761 should fix this. Works. --Frank Elsner From Lutz.Pressler at SerNet.DE Mon Sep 5 17:00:00 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Mon, 5 Sep 2011 16:00:00 +0200 Subject: [Dovecot] 2.1.alpha1: SIGSEGV on EXPUNGE Message-ID: Hi, I upgraded my test installation from Debian lenny with latest 2.0.14 auto builds to squeeze with v2.1.alpha1 (amd64) auto builds. (From /var/log/mail.log: Sep 5 12:34:45 pressler dovecot: master: Dovecot v2.1.alpha1 starting up (core dumps disabled) No hg hash tag in log output anymore?) Now the imap processes segfault on every EXPUNGE command: Excerpt from telnet session: 0 store 1585:1585 flags \Deleted * 1585 FETCH (FLAGS (\Deleted)) 0 OK Store completed. 0 expunge Log output: Sep 5 15:40:59 pressler dovecot: imap(2580, lpmail): delete: box=INBOX, uid=34722, msgid=, size=1980, vsize=2031, from=Lutz Pressler , flags=(\Deleted) Sep 5 15:41:22 pressler dovecot: imap(2580, lpmail): expunge: box=INBOX, uid=34722, msgid=, size=1980, vsize=2031, from=Lutz Pressler , flags=(\Deleted) Sep 5 15:41:22 pressler dovecot: master: Error: service(imap): child 2580 killed with signal 11 (core dumps disabled) Also happens with mail_log plugin disabled. Any idea? Configuration on request (or tests with core dumps enabled). Regards, Lutz -- Lutz Pre?ler http://www.SerNet.DE/ SerNet Service Network GmbH, Bahnhofsallee 1b, D-37081 G?ttingen Tel.: +49-551-370000-2, FAX: +49-551-370000-9 AG G?ttingen, HRB 2816, GF: Dr. Johannes Loxen From tss at iki.fi Mon Sep 5 19:40:51 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 5 Sep 2011 19:40:51 +0300 Subject: [Dovecot] 2.1.alpha1: SIGSEGV on EXPUNGE In-Reply-To: References: Message-ID: <1BA84716-C1F5-4DA0-9E84-362983665865@iki.fi> On 5.9.2011, at 17.00, Lutz Pre?ler wrote: > (From /var/log/mail.log: > Sep 5 12:34:45 pressler dovecot: master: Dovecot v2.1.alpha1 starting up (core dumps disabled) > No hg hash tag in log output anymore?) You have exactly the alpha1 version without any further commits. > Sep 5 15:41:22 pressler dovecot: master: Error: service(imap): child 2580 killed with signal 11 (core dumps disabled) > > Any idea? Configuration on request (or tests with core dumps enabled). gdb backtrace is always very helpful in figuring out crashes. http://dovecot.org/bugreport.html From tss at iki.fi Mon Sep 5 19:50:20 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 05 Sep 2011 19:50:20 +0300 Subject: [Dovecot] limit number of simultaneous lmtp deliveries ? In-Reply-To: <20110905090541.GA8709@oc1046828364.ibm.com> References: <20110905090541.GA8709@oc1046828364.ibm.com> Message-ID: <1315241421.21981.57.camel@hurina> On Mon, 2011-09-05 at 11:05 +0200, Jan-Frode Myklebust wrote: > We have quite a few frontend mail gateways that deliver incoming > email trough our dovecot director (lmtp proxy) to the backend lmtp > servers, and are seeing this logged on the frontend mail gateways: > > Sep 5 10:51:56 mailgw1 postfix/lmtp[23443]: 0E2F41C01A: to=, relay=loadbalancers.example.com[192.168.42.15]:24, delay=61, delays=0.02/0.3/31/30, dsn=4.4.0, status=deferred (host loadbalancers.example.com[192.168.42.15] said: 451 4.4.0 Remote server not answering (DATA output timeout) (in reply to end of DATA command)) > > It's a bit unclear to me if this leads to duplicate deliveries, or just > delayed deliveries, Possibly randomly either one. I'll need to start looking into these LMTP proxy bugs some day.. Although for 2.0.14 I improved the error messages a little. Is this from 2.0.14 or earlier? > but -- is there any way to limit the number of > simultanous deliveries on either the dovecot director or the backend > lmtp-servers ? > > Will "process_limit=10" work for "service lmtp"? It'll work for both directory and backend, yes. Although each lmtp process can also handle multiple clients. So you might also want to set client_limit=1. Actually that could be a good idea to try in any case to see if it helps with these problems. From knute2011 at knutejohnson.com Mon Sep 5 20:52:20 2011 From: knute2011 at knutejohnson.com (Knute Johnson) Date: Mon, 05 Sep 2011 10:52:20 -0700 Subject: [Dovecot] Mail files? Message-ID: <4E650C54.4030309@knutejohnson.com> I have a Ubuntu server running dovecot 1.2.9 with mail in mbox. There are mail files in /var/mail/user and there are mail files in /home/user/mail that correspond to the IMAP folders. In the config file details below it shows mail_location: mbox:~/mail:INBOX=/var/mail/%u, does that put the INBOX in /var/mail? Is INBOX in /var/mail/user to allow local delivery or something? If I was using POP3 instead would all the mail be in the INBOX? Can I backup these files by just copying and if a file is destroyed, copy them back? # 1.2.9: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-33-generic i686 Ubuntu 10.04.3 LTS log_timestamp: %Y-%m-%d %H:%M:%S protocols: imaps ssl_cert_file: /etc/ssl/certs/ssl-cert-snakeoil.pem ssl_key_file: /etc/ssl/private/ssl-cert-snakeoil.key login_dir: /var/run/dovecot/login login_executable: /usr/lib/dovecot/imap-login mail_max_userip_connections: 16 mail_privileged_group: mail mail_location: mbox:~/mail:INBOX=/var/mail/%u mbox_write_locks: fcntl dotlock imap_capability: IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS auth default: passdb: driver: pam userdb: driver: passwd Thanks, -- Knute Johnson knute2011 at knutejohnson.com From jc at info-systems.de Mon Sep 5 20:59:53 2011 From: jc at info-systems.de (Jakob Curdes) Date: Mon, 05 Sep 2011 19:59:53 +0200 Subject: [Dovecot] Mail files? In-Reply-To: <4E650C54.4030309@knutejohnson.com> References: <4E650C54.4030309@knutejohnson.com> Message-ID: <4E650E19.3070400@info-systems.de> Am 05.09.2011 19:52, schrieb Knute Johnson: > I have a Ubuntu server running dovecot 1.2.9 with mail in mbox. There > are mail files in /var/mail/user and there are mail files in > /home/user/mail that correspond to the IMAP folders. In the config > file details below it shows mail_location: > mbox:~/mail:INBOX=/var/mail/%u, does that put the INBOX in /var/mail? yes. > Is INBOX in /var/mail/user to allow local delivery or something? If > I was using POP3 instead would all the mail be in the INBOX? .. or on your local PC. If you do not want the /var/mail delivery, why not just change the mail_location to point to the home dir only? > > Can I backup these files by just copying and if a file is destroyed, > copy them back? Yes, as they are plain mbox format. cheers jc > > # 1.2.9: /etc/dovecot/dovecot.conf > # OS: Linux 2.6.32-33-generic i686 Ubuntu 10.04.3 LTS > log_timestamp: %Y-%m-%d %H:%M:%S > protocols: imaps > ssl_cert_file: /etc/ssl/certs/ssl-cert-snakeoil.pem > ssl_key_file: /etc/ssl/private/ssl-cert-snakeoil.key > login_dir: /var/run/dovecot/login > login_executable: /usr/lib/dovecot/imap-login > mail_max_userip_connections: 16 > mail_privileged_group: mail > mail_location: mbox:~/mail:INBOX=/var/mail/%u > mbox_write_locks: fcntl dotlock > imap_capability: IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE > IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND > UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 ESEARCH > ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS > auth default: > passdb: > driver: pam > userdb: > driver: passwd > > Thanks, > From dovecot at knutejohnson.com Mon Sep 5 23:21:11 2011 From: dovecot at knutejohnson.com (Knute Johnson) Date: Mon, 05 Sep 2011 13:21:11 -0700 Subject: [Dovecot] Mail files? In-Reply-To: <4E650E19.3070400@info-systems.de> References: <4E650C54.4030309@knutejohnson.com> <4E650E19.3070400@info-systems.de> Message-ID: <4E652F37.3080108@knutejohnson.com> On 9/5/2011 10:59 AM, Jakob Curdes wrote: >> Is INBOX in /var/mail/user to allow local delivery or something? If I >> was using POP3 instead would all the mail be in the INBOX? > .. or on your local PC. If you do not want the /var/mail delivery, why > not just change the mail_location to point to the home dir only? I would also have to change where the program that sendmail uses to deliver mail delivers the mail, correct? Thanks very much, -- Knute Johnson From jc at info-systems.de Mon Sep 5 23:31:45 2011 From: jc at info-systems.de (Jakob Curdes) Date: Mon, 05 Sep 2011 22:31:45 +0200 Subject: [Dovecot] Mail files? In-Reply-To: <4E652F37.3080108@knutejohnson.com> References: <4E650C54.4030309@knutejohnson.com><4E650E19.3070400@info-systems.de> <4E652F37.3080108@knutejohnson.com> Message-ID: <4E6531B1.1000009@info-systems.de> .. or on your local PC. If you do not want the /var/mail delivery, why >> not just change the mail_location to point to the home dir only? > > I would also have to change where the program that sendmail uses to > deliver mail delivers the mail, correct? Yes, often this is procmail. You can set this in the respective config file with MAILDIR=$HOME Attention: "Maildir" here just is the mailbox location, procmail assumes the mbox format by default. If you actually use the "Maildir" _/format/_, you must specify MAILDIR=$HOME/ HTH, Jakob Curdes From dovecot at knutejohnson.com Mon Sep 5 23:59:44 2011 From: dovecot at knutejohnson.com (Knute Johnson) Date: Mon, 05 Sep 2011 13:59:44 -0700 Subject: [Dovecot] Mail files? In-Reply-To: <4E6531B1.1000009@info-systems.de> References: <4E650C54.4030309@knutejohnson.com><4E650E19.3070400@info-systems.de> <4E652F37.3080108@knutejohnson.com> <4E6531B1.1000009@info-systems.de> Message-ID: <4E653840.6040407@knutejohnson.com> On 9/5/2011 1:31 PM, Jakob Curdes wrote: > .. or on your local PC. If you do not want the /var/mail delivery, why >>> not just change the mail_location to point to the home dir only? >> >> I would also have to change where the program that sendmail uses to >> deliver mail delivers the mail, correct? > Yes, often this is procmail. > > You can set this in the respective config file with > > MAILDIR=$HOME > > Attention: "Maildir" here just is the mailbox location, procmail assumes > the mbox format by default. If you actually use the "Maildir" _/format/_, > you must specify > > MAILDIR=$HOME/ > > > > HTH, > Jakob Curdes > > Thanks very much Jakob. I'm still trying to figure out what program is actually doing the local delivery. I'll post results when I figure that one out. Thanks again, -- Knute Johnson From compconsultant at yahoo.com Tue Sep 6 08:25:43 2011 From: compconsultant at yahoo.com (Steve Fatula) Date: Mon, 5 Sep 2011 22:25:43 -0700 (PDT) Subject: [Dovecot] Extdata plugin, MySQL Message-ID: <1315286743.6198.YahooMailNeo@web39413.mail.mud.yahoo.com> Does someone have an example of configuring the Pigeonhole Sieve Extdata plugin with MySQL dict? Particularly, the map and what key might be used in this? The doc in the wiki isn;t clear at all to me when one wants to use MySQL store. The file in the doc folder of the mercurial repository is basically what I want to do, in that RFC, it's bascially looking for a discard_spam setting, I presume by user whose Sieve script is running. So, what would the sql mapping file look like? What lookup key is used? I can't really find any map documentation for the syntax, can a special key be used, perhaps, I need to append a value to the user if that is the key? Can this data be accessed via the dictionary proxy to make access more efficient? While I don't want to discard spam based on the setting in the database, I DO want to not move to the spam folder based on a setting stored in an existing MySQL database. So, very similar idea. I want to use an existing database, but, the key is username + a certain constant value for another field. Am hoping this can be mapped as well. ? Steve From listas.correo at yahoo.es Tue Sep 6 14:27:36 2011 From: listas.correo at yahoo.es (mailing lists) Date: Tue, 6 Sep 2011 12:27:36 +0100 (BST) Subject: [Dovecot] Shared Mailboxes with VirtualUsers and mail_location retrieved from ldap Message-ID: <1315308456.64827.YahooMailNeo@web29115.mail.ird.yahoo.com> Hello, I spend a couple of days configurating a new installation of dovecot 2.0.14 with virtual accounts and NFS storage for maildir home/mail directories. At this point I need shared mailboxes but since user mail/home locations are ldap attributes, how is it supposed I must configure this for shared mailboxes? for the users' mail/home directories I set this line: user_attrs = mailbox=mail=maildir:/var/maildir/%$,homeFilter=home creating a namespace like the below one for shared mbx throw a lot of errors: namespace { ? type = shared ? separator = / ? prefix = shared/%%u/ ? subscriptions = no ? list = children ? #location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u ? location = mailbox=mail=maildir:/var/maildir/%$ } I would like to hear if anyone has this configuration running. Thank you. ???? /--------------/ uris = ldap://ldap.example.com dn = cn=user,ou=People,dc=example,dc=com dnpass = secret sasl_bind = no tls = no auth_bind = yes ldap_version = 3 base = dc=example,dc=com deref = never scope = subtree user_attrs = mailbox=mail=maildir:/var/maildir/%$,homeFilter=home user_filter = (&(objectClass=CourierMailAccount)(uid=%u)) pass_filter = (&(objectClass=CourierMailAccount)(uid=%u)) # dovecot -n # 2.0.14: /etc/dovecot/dovecot.conf # OS: Linux 2.6.34.7-0.7-xen x86_64 openSUSE 11.3 (x86_64) auth_debug = yes auth_debug_passwords = yes auth_verbose = yes auth_verbose_passwords = plain base_dir = /var/run/dovecot/ disable_plaintext_auth = no mail_debug = yes mail_fsync = always mail_gid = 5000 mail_nfs_index = yes mail_nfs_storage = yes mail_plugins = acl mail_uid = 5000 managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date mmap_disable = yes namespace { ? list = children ? location = mailbox=mail=maildir:/var/maildir/%$ ? prefix = shared/%%u/ ? separator = / ? subscriptions = no ? type = shared } namespace { ? inbox = yes ? location = ? prefix = INBOX. ? separator = . } passdb { ? args = /etc/dovecot/dovecot-ldap.conf.ext ? driver = ldap } plugin { ? acl = vfile ? sieve = ~/.dovecot.sieve ? sieve_dir = ~/sieve } protocols = imap ssl = no userdb { ? args = /etc/dovecot/dovecot-ldap.conf.ext ? driver = ldap } verbose_proctitle = yes protocol imap { ? mail_max_userip_connections = 100 ? mail_plugins = acl imap_acl autocreate } From pit11 at ukr.net Tue Sep 6 15:11:53 2011 From: pit11 at ukr.net (Peter Ignatov) Date: Tue, 6 Sep 2011 15:11:53 +0300 Subject: [Dovecot] Quota fs (ignore mount) Message-ID: Hi, I set "quota: fs:INBOX:noenforcing:mount=/var/spool/mail", but receive: "fs quota add storage dir = /home/pit/mail"... Why ? In fstab: /dev/mapper/mpath1p1 /var/spool/mail ext2 usrquota 0 0 In dovecot.log: Sep 06 15:02:00 pop3-login: Info: Login: user=, method=PLAIN, rip=192.168.3.10, lip=192.168.6.3, TLS Sep 06 15:02:00 POP3(pit): Info: Loading modules from directory: /usr/lib64/dovecot/pop3 Sep 06 15:02:00 POP3(pit): Info: Module loaded: /usr/lib64/dovecot/pop3/lib10_quota_plugin.so Sep 06 15:02:00 POP3(pit): Info: Effective uid=500, gid=500, home=/home/pit Sep 06 15:02:00 POP3(pit): Info: Quota root: name=INBOX backend=fs args=noenforcing:mount=/var/spool/mail Sep 06 15:02:00 POP3(pit): Info: Quota rule: root=INBOX mailbox=* bytes=10485760 messages=0 Sep 06 15:02:00 POP3(pit): Info: Quota warning: bytes=9961472 (95%) messages=0 command=/usr/local/bin/quota-warning.sh 95 Sep 06 15:02:00 POP3(pit): Info: mbox: data=~/mail:INBOX=/var/spool/mail/pit Sep 06 15:02:00 POP3(pit): Info: fs: root=/home/pit/mail, index=, control=, inbox=/var/spool/mail/pit Sep 06 15:02:00 POP3(pit): Info: fs quota add storage dir = /home/pit/mail Sep 06 15:02:00 POP3(pit): Info: fs quota block device = /dev/cciss/c0d0p3 Sep 06 15:02:00 POP3(pit): Info: fs quota mount point = / Sep 06 15:02:00 POP3(pit): Info: fs quota mount type = ext3 Sep 06 15:02:01 POP3(pit): Info: Disconnected: Logged out top=0/0, retr=0/0, del=0/2, size=1249 dovecot --version 1.2.17 dovecot -n # 1.2.17: /etc/dovecot.conf # OS: Linux 2.6.18-274.el5.asp121 x86_64 Red Hat Enterprise Linux Server release 5.6 (Tikanga) log_path: /var/log/dovecot.log protocols: pop3 pop3s listen: * login_dir: /var/run/dovecot/login login_executable: /usr/libexec/dovecot/pop3-login verbose_proctitle: yes mail_location: mbox:~/mail:INBOX=/var/spool/mail/%u mail_debug: yes mail_executable: /usr/libexec/dovecot/pop3 mail_plugins: quota mail_plugin_dir: /usr/lib64/dovecot/pop3 auth default: passdb: driver: pam userdb: driver: passwd plugin: quota: fs:INBOX:noenforcing:mount=/var/spool/mail quota_rule: *:storage=10240 quota_warning: storage=95%% /usr/local/bin/quota-warning.sh 95 From tom at whyscream.net Tue Sep 6 22:11:49 2011 From: tom at whyscream.net (Tom Hendrikx) Date: Tue, 06 Sep 2011 21:11:49 +0200 Subject: [Dovecot] Sieve "header :value" test does not work Message-ID: <4E667075.1080003@whyscream.net> hi, After following some examples and searching for sieve samples in this ml history, I'm quite sure that the following sieve snippet should give no surprises: if header :value "ge" :comparator "i;ascii-numeric" "X-Header-Name" "0.99" { /* do something */ } However the Pigeonhole Sieve 0.2.3 on dovecot 2.0.14 gives me following error: test: line 3: error: unknown tagged argument ':value' for the header test (reported only once at first occurence). test: error: validation failed. What obvious mistake am I failing to see here? -- Tom From tom at whyscream.net Tue Sep 6 22:21:57 2011 From: tom at whyscream.net (Tom Hendrikx) Date: Tue, 06 Sep 2011 21:21:57 +0200 Subject: [Dovecot] Sieve "header :value" test does not work In-Reply-To: <4E667075.1080003@whyscream.net> References: <4E667075.1080003@whyscream.net> Message-ID: <4E6672D5.6020506@whyscream.net> On 06/09/11 21:11, Tom Hendrikx wrote: > hi, > > After following some examples and searching for sieve samples in this ml > history, I'm quite sure that the following sieve snippet should give no > surprises: > > if header :value "ge" :comparator "i;ascii-numeric" "X-Header-Name" > "0.99" { /* do something */ } > > However the Pigeonhole Sieve 0.2.3 on dovecot 2.0.14 gives me following > error: > > test: line 3: error: unknown tagged argument ':value' for the header > test (reported only once at first occurence). > test: error: validation failed. > > What obvious mistake am I failing to see here? > To answer my own question (which was found by grepping through /usr/share/doc/dovecot-2.0.14/sieve/rfc/*bz2): including the "relational" extension in the "require" statement adds support for this test. Sorry for the noise :/ -- Tom From hoogendyk at bio.umass.edu Tue Sep 6 22:35:28 2011 From: hoogendyk at bio.umass.edu (Chris Hoogendyk) Date: Tue, 06 Sep 2011 15:35:28 -0400 Subject: [Dovecot] error in logs, but system appears to work Message-ID: <4E667600.1090400@bio.umass.edu> I'm bringing up a system with dovecot that has been running for years with uw-imap. In making the switch, I put a tail on the log file, made the switch, and sent a test mail and received it. I was able to receive mail with no apparent difficulties, but the log file was disconcerting. A number of users connected during the few minutes I had it running, and for each of them there was an error, e.g., "chown ~user/mail/.imap/INBOX failed: Operation not permitted" and "mkdir ~user/mail/.imap/INBOX failed: not owner". But those directories and files appeared to have been made. The first of those errors finishes with "group based on /var/mail/user". That makes no sense. I'm hoping someone can give me an idea what might cause this. Here are the log entries in debug mode and the directories for one such user: Sep 2 17:31:33 eclogite dovecot: [ID 583609 local2.info] auth(default): new auth connection: pid=7248 Sep 2 17:31:43 eclogite dovecot: [ID 583609 local2.info] auth(default): client in: AUTH 1 PLAIN service=pop3 secured lip=128.119.45.20 rip=128.119.45.9 lport=995 rport=53865 resp=AGVicmFkbGV5AFJvd2luZzEzKg== Sep 2 17:31:43 eclogite dovecot: [ID 583609 local2.info] auth(default): shadow(ebradley,128.119.45.9): lookup Sep 2 17:31:43 eclogite dovecot: [ID 583609 local2.info] auth(default): client out: OK 1 user=ebradley Sep 2 17:31:43 eclogite dovecot: [ID 583609 local2.info] auth(default): master in: REQUEST 37 7248 1 Sep 2 17:31:43 eclogite dovecot: [ID 583609 local2.info] auth(default): passwd(ebradley,128.119.45.9): lookup Sep 2 17:31:43 eclogite dovecot: [ID 583609 local2.info] auth(default): master out: USER 37 ebradley system_groups_user=ebradley uid=6633 gid=100 home=/u1/home/grad/ebradley Sep 2 17:31:43 eclogite dovecot: [ID 583609 local2.info] POP3(ebradley): Effective uid=6633, gid=100, home=/u1/home/grad/ebradley Sep 2 17:31:43 eclogite dovecot: [ID 583609 local2.info] POP3(ebradley): mbox: data=~/mail:INBOX=/var/mail/ebradley Sep 2 17:31:43 eclogite dovecot: [ID 583609 local2.info] POP3(ebradley): fs: root=/u1/home/grad/ebradley/mail, index=, control=, inbox=/var/mail/ebradley Sep 2 17:31:43 eclogite dovecot: [ID 583609 local2.info] POP3(ebradley): Namespace : Using permissions from /u1/home/grad/ebradley/mail: mode=0700 gid=-1 Sep 2 17:31:43 eclogite dovecot: [ID 583609 local2.error] POP3(ebradley): chown(/u1/home/grad/ebradley/mail/.imap/INBOX, -1, 6(mail)) failed: Operation not permitted (egid=100(geolgrad), group based on /var/mail/ebradley) Sep 2 17:31:43 eclogite dovecot: [ID 583609 local2.error] POP3(ebradley): mkdir(/u1/home/grad/ebradley/mail/.imap/INBOX) failed: Not owner Sep 2 17:31:43 eclogite dovecot: [ID 583609 local2.info] pop3-login: Login: user=, method=PLAIN, rip=128.119.45.9, lip=128.119.45.20, TLS When I looked at their home directory, I found: drwx------ 4 ebradley geolgrad 512 Jul 28 2009 /u1/home/grad/ebradley drwx------ 4 ebradley geolgrad 512 Sep 2 17:31 /u1/home/grad/ebradley/mail drwx------ 3 ebradley geolgrad 512 Sep 2 17:31 /u1/home/grad/ebradley/mail/.imap drwxrwx--- 2 ebradley geolgrad 512 Sep 2 17:31 /u1/home/grad/ebradley/mail/.imap/INBOX -rw-rw---- 1 ebradley mail 9484323 Sep 6 15:16 /var/mail/ebradley My dovecot configuration is at the end. The other pieces are sendmail, milter-greylist, mimedefang, etc. -- --------------- Chris Hoogendyk - O__ ---- Systems Administrator c/ /'_ --- Biology& Geology Departments (*) \(*) -- 140 Morrill Science Center ~~~~~~~~~~ - University of Massachusetts, Amherst --------------- Erd?s 4 # dovecot -a # 1.2.17: /usr/local/etc/dovecot.conf Warning: fd limit 256 is lower than what Dovecot can use under full load (more than 768). Either grow the limit or change login_max_processes_count and max_mail_processes settings # OS: SunOS 5.9 sun4u base_dir: /var/run/dovecot/ log_path: info_log_path: log_timestamp: %b %d %H:%M:%S syslog_facility: local2 protocols: imaps pop3s listen: * ssl_listen: * ssl: required ssl_ca_file: /etc/mail/certs/ca-bundle.crt ssl_cert_file: /etc/mail/certs/sendmail.pem ssl_key_file: /etc/mail/certs/sendmail.pem ssl_key_password: ssl_parameters_regenerate: 168 ssl_cipher_list: ssl_cert_username_field: commonName ssl_verify_client_cert: no disable_plaintext_auth: yes verbose_ssl: no shutdown_clients: yes nfs_check: yes version_ignore: no login_dir: /var/run/dovecot/login login_executable(default): /usr/local/libexec/dovecot/imap-login login_executable(imap): /usr/local/libexec/dovecot/imap-login login_executable(pop3): /usr/local/libexec/dovecot/pop3-login login_user: dovecot login_greeting: ready. login_log_format_elements: user=<%u> method=%m rip=%r lip=%l %c login_log_format: %$: %s login_process_per_connection: yes login_chroot: yes login_trusted_networks: login_process_size: 64 login_processes_count: 3 login_max_processes_count: 128 login_max_connections: 256 valid_chroot_dirs: mail_chroot: max_mail_processes: 512 mail_max_userip_connections(default): 10 mail_max_userip_connections(imap): 10 mail_max_userip_connections(pop3): 3 verbose_proctitle: no first_valid_uid: 1000 last_valid_uid: 0 first_valid_gid: 98 last_valid_gid: 0 mail_access_groups: mail_privileged_group: mail mail_uid: mail_gid: mail_location: mbox:~/mail:INBOX=/var/mail/%u mail_cache_fields: mail_never_cache_fields: imap.envelope mail_cache_min_mail_count: 0 mailbox_idle_check_interval: 30 mail_debug: yes mail_full_filesystem_access: no mail_max_keyword_length: 50 mail_save_crlf: no mmap_disable: no dotlock_use_excl: yes fsync_disable: no mail_nfs_storage: no mail_nfs_index: no mailbox_list_index_disable: yes lock_method: fcntl maildir_stat_dirs: no maildir_copy_with_hardlinks: yes maildir_copy_preserve_filename: no maildir_very_dirty_syncs: no mbox_read_locks: fcntl mbox_write_locks: dotlock fcntl mbox_lock_timeout: 300 mbox_dotlock_change_timeout: 120 mbox_min_index_size: 0 mbox_dirty_syncs: yes mbox_very_dirty_syncs: no mbox_lazy_writes: yes dbox_rotate_size: 2048 dbox_rotate_min_size: 16 dbox_rotate_days: 1 mail_drop_priv_before_exec: no mail_executable(default): /usr/local/libexec/dovecot/imap mail_executable(imap): /usr/local/libexec/dovecot/imap mail_executable(pop3): /usr/local/libexec/dovecot/pop3 mail_process_size: 256 mail_plugins: mail_plugin_dir(default): /usr/local/lib/dovecot/imap mail_plugin_dir(imap): /usr/local/lib/dovecot/imap mail_plugin_dir(pop3): /usr/local/lib/dovecot/pop3 mail_log_prefix: %Us(%u): mail_log_max_lines_per_sec: 10 imap_max_line_length: 65536 imap_capability: imap_client_workarounds: imap_logout_format: bytes=%i/%o imap_id_send: imap_id_log: imap_idle_notify_interval: 120 pop3_no_flag_updates: no pop3_enable_last: no pop3_reuse_xuidl(default): no pop3_reuse_xuidl(imap): no pop3_reuse_xuidl(pop3): yes pop3_save_uidl: no pop3_lock_session: no pop3_uidl_format(default): %08Xu%08Xv pop3_uidl_format(imap): %08Xu%08Xv pop3_uidl_format(pop3): %08Xv%08Xu pop3_client_workarounds(default): pop3_client_workarounds(imap): pop3_client_workarounds(pop3): outlook-no-nuls oe-ns-eoh pop3_logout_format: top=%t/%p, retr=%r/%b, del=%d/%m, size=%s dict_db_config: dict_process_count: 1 auth default: mechanisms: plain realms: default_realm: cache_size: 0 cache_ttl: 3600 cache_negative_ttl: 3600 executable: /usr/local/libexec/dovecot/dovecot-auth user: root chroot: username_chars: abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_ username_translation: username_format: master_user_separator: anonymous_username: anonymous krb5_keytab: gssapi_hostname: winbind_helper_path: /usr/bin/ntlm_auth failure_delay: 2 verbose: yes debug: yes debug_passwords: yes ssl_require_client_cert: no ssl_username_from_cert: no use_winbind: no count: 1 worker_max_count: 30 process_size: 256 passdb: driver: shadow args: deny: no pass: no master: no userdb: driver: passwd args: # From tss at iki.fi Tue Sep 6 22:51:35 2011 From: tss at iki.fi (Timo Sirainen) Date: Tue, 6 Sep 2011 22:51:35 +0300 Subject: [Dovecot] error in logs, but system appears to work In-Reply-To: <4E667600.1090400@bio.umass.edu> References: <4E667600.1090400@bio.umass.edu> Message-ID: On 6.9.2011, at 22.35, Chris Hoogendyk wrote: > -rw-rw---- 1 ebradley mail 9484323 Sep 6 15:16 /var/mail/ebradley Is there any reason for this to be 0660? Most likely not, so your problem goes away simply with chmod 0600 /var/mail/* and at the same time makes your system more secure. From tobias at hachmer.de Tue Sep 6 23:01:55 2011 From: tobias at hachmer.de (Tobias Hachmer) Date: Tue, 06 Sep 2011 22:01:55 +0200 Subject: [Dovecot] Quotas not recalculating In-Reply-To: <19DE1FB3-E4F7-44B2-AD44-B5AFD7E813E2@iki.fi> References: <4E63CD0A.50500@averageurl.com> <4E6425B5.3080305@averageurl.com> <19DE1FB3-E4F7-44B2-AD44-B5AFD7E813E2@iki.fi> Message-ID: On Mon, 5 Sep 2011 08:39:39 +0300, Timo Sirainen wrote: > On 5.9.2011, at 4.28, Kyle Brantley wrote: > >> Okay, something else isn't cooperating with this at all. I >> reconfigured it to use dirsize just to test (quota = dirsize:User >> quota in 90-quota.conf instead of quota = maildir:User quota), and it >> is still trying to use maildir quotas: > > Your user_query in dovecot-sql.conf overrides the quota setting. Same problem here. But how can I use maildirsize quota && user_query in dovecot-slq.conf ? I want to manage my users in a sql table and use maildirsize quota. Greetz, Tobias From tss at iki.fi Tue Sep 6 23:08:37 2011 From: tss at iki.fi (Timo Sirainen) Date: Tue, 6 Sep 2011 23:08:37 +0300 Subject: [Dovecot] Quotas not recalculating In-Reply-To: References: <4E63CD0A.50500@averageurl.com> <4E6425B5.3080305@averageurl.com> <19DE1FB3-E4F7-44B2-AD44-B5AFD7E813E2@iki.fi> Message-ID: On 6.9.2011, at 23.01, Tobias Hachmer wrote: > On Mon, 5 Sep 2011 08:39:39 +0300, Timo Sirainen wrote: >> On 5.9.2011, at 4.28, Kyle Brantley wrote: >> >>> Okay, something else isn't cooperating with this at all. I reconfigured it to use dirsize just to test (quota = dirsize:User quota in 90-quota.conf instead of quota = maildir:User quota), and it is still trying to use maildir quotas: >> >> Your user_query in dovecot-sql.conf overrides the quota setting. > > Same problem here. > But how can I use maildirsize quota && user_query in dovecot-slq.conf ? > > I want to manage my users in a sql table and use maildirsize quota. There's nothing special in that. Just about all the examples in wiki assume you want to do that. http://wiki2.dovecot.org/Quota/Configuration#Per-user_quota From hoogendyk at bio.umass.edu Tue Sep 6 23:09:09 2011 From: hoogendyk at bio.umass.edu (Chris Hoogendyk) Date: Tue, 06 Sep 2011 16:09:09 -0400 Subject: [Dovecot] error in logs, but system appears to work In-Reply-To: References: <4E667600.1090400@bio.umass.edu> Message-ID: <4E667DE5.3090803@bio.umass.edu> On 9/6/11 3:51 PM, Timo Sirainen wrote: > On 6.9.2011, at 22.35, Chris Hoogendyk wrote: > >> -rw-rw---- 1 ebradley mail 9484323 Sep 6 15:16 /var/mail/ebradley > Is there any reason for this to be 0660? Most likely not, so your problem goes away simply with chmod 0600 /var/mail/* and at the same time makes your system more secure. So, looking at my other system that has been running dovecot for over a year, I see that the entries are mostly 0600, but there are a few 0660. The system I was just implementing has mostly 0660, but some 0600. We had seen occasional similar errors on the other system. If I change both systems so that all the directories in /var/mail are 0600, then everything will be happy? -- --------------- Chris Hoogendyk - O__ ---- Systems Administrator c/ /'_ --- Biology& Geology Departments (*) \(*) -- 140 Morrill Science Center ~~~~~~~~~~ - University of Massachusetts, Amherst --------------- Erd?s 4 From tss at iki.fi Tue Sep 6 23:14:48 2011 From: tss at iki.fi (Timo Sirainen) Date: Tue, 6 Sep 2011 23:14:48 +0300 Subject: [Dovecot] error in logs, but system appears to work In-Reply-To: <4E667DE5.3090803@bio.umass.edu> References: <4E667600.1090400@bio.umass.edu> <4E667DE5.3090803@bio.umass.edu> Message-ID: <2A848160-2EF7-4EF9-87B5-73A3DF5530A5@iki.fi> On 6.9.2011, at 23.09, Chris Hoogendyk wrote: > > > On 9/6/11 3:51 PM, Timo Sirainen wrote: >> On 6.9.2011, at 22.35, Chris Hoogendyk wrote: >> >>> -rw-rw---- 1 ebradley mail 9484323 Sep 6 15:16 /var/mail/ebradley >> Is there any reason for this to be 0660? Most likely not, so your problem goes away simply with chmod 0600 /var/mail/* and at the same time makes your system more secure. > > So, looking at my other system that has been running dovecot for over a year, I see that the entries are mostly 0600, but there are a few 0660. The system I was just implementing has mostly 0660, but some 0600. We had seen occasional similar errors on the other system. > > If I change both systems so that all the directories in /var/mail are 0600, then everything will be happy? Yep. Basically the problem is that Dovecot thinks they are shared mailboxes and the "mail" group is supposed to have access to them, so it tries to use the mail group for the index files as well, but the process doesn't belong to mail group so it fails. From tobias at hachmer.de Tue Sep 6 23:17:49 2011 From: tobias at hachmer.de (Tobias Hachmer) Date: Tue, 06 Sep 2011 22:17:49 +0200 Subject: [Dovecot] Quotas not recalculating In-Reply-To: References: <4E63CD0A.50500@averageurl.com> <4E6425B5.3080305@averageurl.com> <19DE1FB3-E4F7-44B2-AD44-B5AFD7E813E2@iki.fi> Message-ID: <811c9c72bffbccebb864705ca8935e8b@hachmer.de> On Tue, 6 Sep 2011 23:08:37 +0300, Timo Sirainen wrote: > On 6.9.2011, at 23.01, Tobias Hachmer wrote: > >> On Mon, 5 Sep 2011 08:39:39 +0300, Timo Sirainen wrote: >>> On 5.9.2011, at 4.28, Kyle Brantley wrote: >>> >>>> Okay, something else isn't cooperating with this at all. I >>>> reconfigured it to use dirsize just to test (quota = dirsize:User >>>> quota in 90-quota.conf instead of quota = maildir:User quota), and >>>> it is still trying to use maildir quotas: >>> >>> Your user_query in dovecot-sql.conf overrides the quota setting. >> >> Same problem here. >> But how can I use maildirsize quota && user_query in >> dovecot-slq.conf ? >> >> I want to manage my users in a sql table and use maildirsize quota. > > There's nothing special in that. Just about all the examples in wiki > assume you want to do that. > http://wiki2.dovecot.org/Quota/Configuration#Per-user_quota OK, thanks. Removing "CONCAT('*:bytes=', CAST(quota AS CHAR)) AS userdb_quota_rule" from user_query as well as from password_query in dovecot-sql.conf worked for me. Greetz, Tobias From voytek at sbt.net.au Tue Sep 6 23:54:23 2011 From: voytek at sbt.net.au (Voytek) Date: Wed, 7 Sep 2011 07:54:23 +1100 Subject: [Dovecot] dumb Q: how to search for email hack attempts ? Message-ID: <4dc1ead7e05d6a85b2401a1ecadf7d95.squirrel@sbt.net.au> one of the users thinks someone hacked his email, I don't have time this morning to analyze mail logs in detail, but does some one has some tips to simply searching mail logs for multiple log in attempts, etc, I'd appreciate some grepping for failed logins show give some clues ? From rick at havokmon.com Wed Sep 7 00:14:26 2011 From: rick at havokmon.com (Rick Romero) Date: Tue, 06 Sep 2011 16:14:26 -0500 Subject: [Dovecot] dumb Q: how to search for email hack attempts ? In-Reply-To: <4dc1ead7e05d6a85b2401a1ecadf7d95.squirrel@sbt.net.au> References: <4dc1ead7e05d6a85b2401a1ecadf7d95.squirrel@sbt.net.au> Message-ID: <20110906161426.Horde.GNbzHG2tkQ9OZo0yGCBxWUA@beta.vfemail.net> Quoting Voytek : > one of the users thinks someone hacked his email, I don't have time this > morning to analyze mail logs in detail, but does some one has some tips to > simply searching mail logs for multiple log in attempts, etc, I'd > appreciate some > > grepping for failed logins show give some clues ? # - one of these IPs is not like the others.. grep $username /var/log/maillog | grep -v "no auth|failed" | awk '{print $13}' |sort |uniq Rick From kyle at averageurl.com Wed Sep 7 03:01:26 2011 From: kyle at averageurl.com (Kyle Brantley) Date: Tue, 06 Sep 2011 18:01:26 -0600 Subject: [Dovecot] Quotas not recalculating In-Reply-To: <811c9c72bffbccebb864705ca8935e8b@hachmer.de> References: <4E63CD0A.50500@averageurl.com> <4E6425B5.3080305@averageurl.com> <19DE1FB3-E4F7-44B2-AD44-B5AFD7E813E2@iki.fi> <811c9c72bffbccebb864705ca8935e8b@hachmer.de> Message-ID: <4E66B456.6070707@averageurl.com> On 9/6/2011 2:17 PM, Tobias Hachmer wrote: > On Tue, 6 Sep 2011 23:08:37 +0300, Timo Sirainen wrote: >> On 6.9.2011, at 23.01, Tobias Hachmer wrote: >> >>> On Mon, 5 Sep 2011 08:39:39 +0300, Timo Sirainen wrote: >>>> On 5.9.2011, at 4.28, Kyle Brantley wrote: >>>> >>>>> Okay, something else isn't cooperating with this at all. I >>>>> reconfigured it to use dirsize just to test (quota = dirsize:User >>>>> quota in 90-quota.conf instead of quota = maildir:User quota), and >>>>> it is still trying to use maildir quotas: >>>> >>>> Your user_query in dovecot-sql.conf overrides the quota setting. >>> >>> Same problem here. >>> But how can I use maildirsize quota && user_query in dovecot-slq.conf ? >>> >>> I want to manage my users in a sql table and use maildirsize quota. >> >> There's nothing special in that. Just about all the examples in wiki >> assume you want to do that. >> http://wiki2.dovecot.org/Quota/Configuration#Per-user_quota > > OK, thanks. Removing "CONCAT('*:bytes=', CAST(quota AS CHAR)) AS > userdb_quota_rule" from user_query as well as from password_query in > dovecot-sql.conf worked for me. > > Greetz, Tobias I was migrating from 1.x to 2.x and manually rebuilt everything with respect to the configs... except for my queries. In my case, luckily, it was as easy as changing the column returned from "quota" to "quota_rule" and replacing the "maildir:storage=" with "*:storage=." Thanks for the help, all. --Kyle From jtam.home at gmail.com Wed Sep 7 04:59:27 2011 From: jtam.home at gmail.com (Joseph Tam) Date: Tue, 6 Sep 2011 18:59:27 -0700 (PDT) Subject: [Dovecot] error in logs, but system appears to work In-Reply-To: References: Message-ID: Chris Hoogendyk writes: > So, looking at my other system that has been running dovecot for over a > year, I see that the entries are mostly 0600, but there are a few 0660. > The system I was just implementing has mostly 0660, but some 0600. We > had seen occasional similar errors on the other system. Been there, done that. Timo already gave an explanation of why 0600 gets rid of the problem. I'll add a reminder that you'll need to track down the reason why mailboxes are created user:mail/0660 in the first place. It's usually done by the LDA when creating a brand new mailbox (for example, Solaris's mail.local). If you've replaced your LDA with Dovecot's deliver, then this won't be a problem anymore. You may also have to scour your userbase's personal mail collection for mailboxes that has 1) mode 0660, and 2) group membership the user is not a part of, and fix up the permissions. Such a thing could happen if you've reassigned a user's GID. Joseph Tam From janfrode at tanso.net Wed Sep 7 10:09:44 2011 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Wed, 7 Sep 2011 09:09:44 +0200 Subject: [Dovecot] limit number of simultaneous lmtp deliveries ? In-Reply-To: <1315241421.21981.57.camel@hurina> References: <20110905090541.GA8709@oc1046828364.ibm.com> <1315241421.21981.57.camel@hurina> Message-ID: <20110907070944.GA5222@oc1046828364.ibm.com> On Mon, Sep 05, 2011 at 07:50:20PM +0300, Timo Sirainen wrote: > > Possibly randomly either one. I'll need to start looking into these LMTP > proxy bugs some day.. Although for 2.0.14 I improved the error messages > a little. Is this from 2.0.14 or earlier? It's with v2.0.14 on both director and backend lmtp servers. > > > Will "process_limit=10" work for "service lmtp"? > > It'll work for both directory and backend, yes. Although each lmtp > process can also handle multiple clients. So you might also want to set > client_limit=1. Actually that could be a good idea to try in any case to > see if it helps with these problems. I now tested with: process_limit=10 client_limit=1 on both directors and backend lmtp servers, but I'm still getting these same failures. Since you're hinting about "lmtp proxy bugs", I think I'll try if it works better to skip the director/proxy and just have postfix deliver directly to backend lmtp-servers directly. -jf From listas.correo at yahoo.es Wed Sep 7 13:26:28 2011 From: listas.correo at yahoo.es (mailing lists) Date: Wed, 7 Sep 2011 11:26:28 +0100 (BST) Subject: [Dovecot] is it necessary lmtp and director to avoid index corruption in mail delivery? Message-ID: <1315391188.87744.YahooMailNeo@web29112.mail.ird.yahoo.com> Hello all, If I have several postfix/dovecot-lda boxes with shared nfs storage, how director helps in this scenario? is it necesary to use lmtp instead of dovecot-lda? With postfix/dovecot-lda boxes incoming mail happens at the smtp layer but director redirects are working in the lmtp/imap/pop3 layer. From janfrode at tanso.net Wed Sep 7 13:59:18 2011 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Wed, 7 Sep 2011 12:59:18 +0200 Subject: [Dovecot] is it necessary lmtp and director to avoid index corruption in mail delivery? In-Reply-To: <1315391188.87744.YahooMailNeo@web29112.mail.ird.yahoo.com> References: <1315391188.87744.YahooMailNeo@web29112.mail.ird.yahoo.com> Message-ID: <20110907105918.GA9780@oc1046828364.ibm.com> On Wed, Sep 07, 2011 at 11:26:28AM +0100, mailing lists wrote: > Hello all, > If I have several postfix/dovecot-lda boxes with shared nfs storage, > how director helps in this scenario? The director can help by directing each unique user to the same backend server for each delivery, which should give you better performance (indexes cached in memory on only one machine instead of on all, inotify will work for IMAP NOTIFY), and also avoid some apparent race conditions that has lead to index corruption when several nodes are writing to the same mailbox at the same time. > is it necesary to use lmtp instead of dovecot-lda? Yes. > With postfix/dovecot-lda boxes incoming mail happens at the smtp layer > but director redirects are working in the lmtp/imap/pop3 layer. Right. With LMTP you can have dovecot listening on the network (port 24/tcp) for incoming mail. No need for postfix on the backend mailstorage servers. Our setups has been: Mailgw[1-14] ---smtp--> dovecot-server[1-5] (postfix + dovecot/lda) and used MX priorities to make all deliveries go to the same dovecot-server with the others as backup. $ dig mx deliver.example.com +short 10 dove2.example.com. 15 dove3.example.com. 20 dove4.example.com. 25 dove5.example.com. 5 dove1.example.com. Now I'm moving towards: Mailgw[1-14] ---lmtp--> dovecot-server[1-5] (dovecot/lmtp) but worry that the index corruption might hit me again.. Ideally I want: Mailgw[1-14] ---lmtp--> directors --lmtp--> dovecot-server[1-5] (dovecot/lmtp) but lmtp-proxying seems to have bugs (ref: my latest mails to this list). -jf From tom at whyscream.net Wed Sep 7 15:40:09 2011 From: tom at whyscream.net (Tom Hendrikx) Date: Wed, 07 Sep 2011 14:40:09 +0200 Subject: [Dovecot] Sieve "header :value" test does not work In-Reply-To: <4E6672D5.6020506@whyscream.net> References: <4E667075.1080003@whyscream.net> <4E6672D5.6020506@whyscream.net> Message-ID: <4E676629.9000108@whyscream.net> On 06/09/11 21:21, Tom Hendrikx wrote: > On 06/09/11 21:11, Tom Hendrikx wrote: >> hi, >> >> After following some examples and searching for sieve samples in this ml >> history, I'm quite sure that the following sieve snippet should give no >> surprises: >> >> if header :value "ge" :comparator "i;ascii-numeric" "X-Header-Name" >> "0.99" { /* do something */ } >> >> However the Pigeonhole Sieve 0.2.3 on dovecot 2.0.14 gives me following >> error: >> >> test: line 3: error: unknown tagged argument ':value' for the header >> test (reported only once at first occurence). >> test: error: validation failed. >> >> What obvious mistake am I failing to see here? >> > > To answer my own question (which was found by grepping through > /usr/share/doc/dovecot-2.0.14/sieve/rfc/*bz2): including the > "relational" extension in the "require" statement adds support for this > test. > > Sorry for the noise :/ > -- > Tom > The above snippet poses some other issue that I cannot easily solve: the ascii-numeric comparator only handles integer values. All 0.xxxx header values are truncated to 0 by the comparator, just like the sieve script value "0.95". After comparision, this results in true for all cases. I don't really see a way to interact with floats in sieve, other than using regular expressions. However this gets clumsy/hairy quite fast when you're matching a hypothetical header value >=0.73 in stead of >=0.99. Any ideas? -- Regards, Tom From stephan at rename-it.nl Wed Sep 7 16:48:04 2011 From: stephan at rename-it.nl (Stephan Bosch) Date: Wed, 07 Sep 2011 15:48:04 +0200 Subject: [Dovecot] Sieve "header :value" test does not work In-Reply-To: <4E676629.9000108@whyscream.net> References: <4E667075.1080003@whyscream.net> <4E6672D5.6020506@whyscream.net> <4E676629.9000108@whyscream.net> Message-ID: <4E677614.70504@rename-it.nl> On 9/7/2011 2:40 PM, Tom Hendrikx wrote: > The above snippet poses some other issue that I cannot easily solve: the > ascii-numeric comparator only handles integer values. > > All 0.xxxx header values are truncated to 0 by the comparator, just like > the sieve script value "0.95". After comparision, this results in true > for all cases. > > I don't really see a way to interact with floats in sieve, other than > using regular expressions. However this gets clumsy/hairy quite fast > when you're matching a hypothetical header value>=0.73 in stead of>=0.99. > > Any ideas? Yes. This can be a problem. However, the usual application for this is matching against a spam header. If it is, you can use the spamtest extension instead. Then you can configure the gory details in the background (http://wiki2.dovecot.org/Pigeonhole/Sieve/Extensions/SpamtestVirustest). Otherwise, things indeed tend to get hairy. I've puzzled a bit and came up with the following: ==== require "variables"; require "relational"; require "comparator-i;ascii-numeric"; require "regex"; # Extract integer and fractional part separately: set "val_int" "0"; set "val_frac" "0"; if header :regex "X-Header-Name" "([0-9]+)\\.([0-9]+)" { set "val_int" "${1}"; set "val_frac" "${2}"; } if allof ( /* Compare the integer part */ string :comparator "i;ascii-numeric" :value "ge" "${val_int}" "5", /* Compare the fractional part */ string :value "ge" "${val_frac}" "34" ) { discard; } ==== As you can see, the integer and fractional parts of the fractional number are extracted separately using a :regex match. Then the comparison is performed. The integer part is compared using i;ascii-numeric. Quite counter-intuitively, the fractional part is compared using a normal string comparison. The earlier regex match made sure that the ${val_frac} variable only contains digits. The string comparison makes sure that the length of the fractional part does not matter (much) and that the comparison works as expected. A length difference will only have an effect when there are spurious trailing zeros and all the preceeding digits are equal, thereby causing the longer string to have higher value, which is not strictly correct. The above certainly does not deserve an award for beauty, it does not handle negative numbers (can be added), and it is not tested very well. So, use this with caution. Unfortunately, there is no i;ascii-fractional (or whatever) collation and afaik nothing like that is in the works at the IETF. Regards, Stephan. From tom at whyscream.net Wed Sep 7 17:17:33 2011 From: tom at whyscream.net (Tom Hendrikx) Date: Wed, 07 Sep 2011 16:17:33 +0200 Subject: [Dovecot] Sieve "header :value" test does not work In-Reply-To: <4E677614.70504@rename-it.nl> References: <4E667075.1080003@whyscream.net> <4E6672D5.6020506@whyscream.net> <4E676629.9000108@whyscream.net> <4E677614.70504@rename-it.nl> Message-ID: <4E677CFD.4000705@whyscream.net> On 07/09/11 15:48, Stephan Bosch wrote: > On 9/7/2011 2:40 PM, Tom Hendrikx wrote: >> The above snippet poses some other issue that I cannot easily solve: the >> ascii-numeric comparator only handles integer values. >> >> All 0.xxxx header values are truncated to 0 by the comparator, just like >> the sieve script value "0.95". After comparision, this results in true >> for all cases. >> >> I don't really see a way to interact with floats in sieve, other than >> using regular expressions. However this gets clumsy/hairy quite fast >> when you're matching a hypothetical header value>=0.73 in stead of>=0.99. >> >> Any ideas? > > Yes. This can be a problem. However, the usual application for this is > matching against a spam header. If it is, you can use the spamtest > extension instead. Then you can configure the gory details in the > background > (http://wiki2.dovecot.org/Pigeonhole/Sieve/Extensions/SpamtestVirustest). > > Otherwise, things indeed tend to get hairy. I've puzzled a bit and came > up with the following: > > ==== > require "variables"; > require "relational"; > require "comparator-i;ascii-numeric"; > require "regex"; > > # Extract integer and fractional part separately: > set "val_int" "0"; > set "val_frac" "0"; > if header :regex "X-Header-Name" "([0-9]+)\\.([0-9]+)" { > set "val_int" "${1}"; > set "val_frac" "${2}"; > } > > if allof ( > /* Compare the integer part */ > string :comparator "i;ascii-numeric" :value "ge" "${val_int}" "5", > /* Compare the fractional part */ > string :value "ge" "${val_frac}" "34" ) { > discard; > } > ==== > > As you can see, the integer and fractional parts of the fractional > number are extracted separately using a :regex match. Then the > comparison is performed. The integer part is compared using > i;ascii-numeric. Quite counter-intuitively, the fractional part is > compared using a normal string comparison. The earlier regex match made > sure that the ${val_frac} variable only contains digits. The string > comparison makes sure that the length of the fractional part does not > matter (much) and that the comparison works as expected. A length > difference will only have an effect when there are spurious trailing > zeros and all the preceeding digits are equal, thereby causing the > longer string to have higher value, which is not strictly correct. > > The above certainly does not deserve an award for beauty, it does not > handle negative numbers (can be added), and it is not tested very well. > So, use this with caution. Unfortunately, there is no i;ascii-fractional > (or whatever) collation and afaik nothing like that is in the works at > the IETF. > Thanks for the idea :) My first alternative way of thinking was to put the header value in a variable, then multiply it by 10000 (in my actual issue, the fraction always has 4 characters), then handle it as an int. However, doing a calculation is also not supported. I was trying to do some nifty stuff with DSPAM headers, which adds header that indicates "Spam" or "Innocent", and a fractional value between 0 and 1 that indicates the confidence that the filter has in its own classification: X-DSPAM-Result: Spam X-DSPAM-Confidence: 0.9456 ==> quite sure it is spam X-DSPAM-Result: Innocent X-DSPAM-Confidence: 0.9889 ==> even more sure that it is not spam Based on these headers, I wanted to do something with messages that the filter was really sure about, like pushing them to spamcop. Combining these headers in the sieve spamtest configuration to create a sliding scale between 1 and 10 is not really possible. -- Regards, Tom From marcin at mejor.pl Wed Sep 7 17:42:19 2011 From: marcin at mejor.pl (=?UTF-8?B?TWFyY2luIE1pcm9zxYJhdw==?=) Date: Wed, 07 Sep 2011 16:42:19 +0200 Subject: [Dovecot] Problem with configuring dovecot to take namespaces from database Message-ID: <4E6782CB.1060803@mejor.pl> Hello! I'd like to set up dovecot to keep namespaces in database, keep more than one namespace per user. I try to create the simplest rule (even without tuple in db table) to get new namespace, unfortunately it doesn't work. My user_query is: SELECT '/dane/domeny/%d/mail/%n/' as home, dovecot_typ_skrzynki ||':'|| '/dane/domeny/%d/mail/%n/' ||'.'|| dovecot_typ_skrzynki as mail_location, '*:bytes='||quota_mb||'M' as quota_rule , 'test33/location=mdbox:~/.mdbox/test33/' as "namespace/test3/prefix" In debug log i'm getting: Debug: master out: USER#0111#011user at examle.com#011home=/dane/domeny/mejor.pl/mail/marcin/#011mail_location=maildir:/dane/domeny/mejor.pl/mail/marcin/.maildir#011quota_rule=*:bytes=0M#011namespace/test3/prefix=test33/location=mdbox:~/.mdbox/test33/ If i knew how it should look like the line in auth debug log for working configuration it could be easier for me to write correct sql query. May i please for advice? From tss at iki.fi Wed Sep 7 17:50:56 2011 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Sep 2011 17:50:56 +0300 Subject: [Dovecot] Problem with configuring dovecot to take namespaces from database In-Reply-To: <4E6782CB.1060803@mejor.pl> References: <4E6782CB.1060803@mejor.pl> Message-ID: <04EE142A-25EF-4018-A8AB-C3A35CDF7B4E@iki.fi> dovecot -n output (with version number)? On 7.9.2011, at 17.42, Marcin Miros?aw wrote: > Hello! > I'd like to set up dovecot to keep namespaces in database, keep more than one namespace per user. > > I try to create the simplest rule (even without tuple in db table) to get new namespace, unfortunately it doesn't work. > > My user_query is: > SELECT '/dane/domeny/%d/mail/%n/' as home, dovecot_typ_skrzynki ||':'|| '/dane/domeny/%d/mail/%n/' ||'.'|| dovecot_typ_skrzynki as mail_location, '*:bytes='||quota_mb||'M' as quota_rule , 'test33/location=mdbox:~/.mdbox/test33/' as "namespace/test3/prefix" > > In debug log i'm getting: > Debug: master out: USER#0111#011user at examle.com#011home=/dane/domeny/mejor.pl/mail/marcin/#011mail_location=maildir:/dane/domeny/mejor.pl/mail/marcin/.maildir#011quota_rule=*:bytes=0M#011namespace/test3/prefix=test33/location=mdbox:~/.mdbox/test33/ > > If i knew how it should look like the line in auth debug log for working configuration it could be easier for me to write correct sql query. > May i please for advice? > From marcin at mejor.pl Wed Sep 7 17:59:27 2011 From: marcin at mejor.pl (=?UTF-8?B?TWFyY2luIE1pcm9zxYJhdw==?=) Date: Wed, 07 Sep 2011 16:59:27 +0200 Subject: [Dovecot] Problem with configuring dovecot to take namespaces from database In-Reply-To: <04EE142A-25EF-4018-A8AB-C3A35CDF7B4E@iki.fi> References: <4E6782CB.1060803@mejor.pl> <04EE142A-25EF-4018-A8AB-C3A35CDF7B4E@iki.fi> Message-ID: <4E6786CF.2020102@mejor.pl> W dniu 07.09.2011 16:50, Timo Sirainen pisze: > dovecot -n output (with version number)? Argh, i've forgot about it:( Dovecot-2.0.14 # 2.0.14: /etc/dovecot/dovecot.conf # OS: Linux 3.1.0-rc4-git2 x86_64 Gentoo Base System release 2.0.3 auth_cache_size = 1 k auth_debug = yes auth_mechanisms = login digest-md5 cram-md5 plain default_vsz_limit = 32 M deliver_log_format = msgid=%m: from=%f: phys=%p: virt=%w %$ dict { quota = pgsql:/etc/dovecot/dovecot-dict-sql.conf.ext } first_valid_uid = 8 last_valid_uid = 8 lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes mail_attachment_dir = /dane/domeny/zalaczniki mail_attachment_min_size = 64000 k mail_cache_min_mail_count = 20 mail_gid = mail mail_plugins = autocreate quota fts fts_squat notify mail_log zlib mail_privileged_group = mail mail_uid = mail maildir_stat_dirs = yes managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include var iables body enotify environment mailbox date mdbox_rotate_interval = 60 days mdbox_rotate_size = 50 M namespace { inbox = yes list = yes location = prefix = separator = . subscriptions = yes type = private } passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { autocreate = Trash autocreate2 = Spam autocreate3 = Sent autocreate4 = Drafts autosubscribe = Trash autosubscribe2 = Spam autosubscribe3 = Sent autosubscribe4 = Drafts fts = squat fts_squat = partial=4 full=10 quota = dict:User quota::proxy::quota quota_exceeded_message = Quota exceeded / Skrzynka odbiorcy jest przepelniona, wiadomosc nie zostala dostarczona sieve = /dane/domeny/%d/mail/%n/.maildir/.dovecot.sieve sieve_dir = /dane/domeny/%d/mail/%n/.maildir/sieve zlib_save = bz2 } postmaster_address = forspam at kolekcja.mejor.pl protocols = imap pop3 sieve service auth { unix_listener auth-userdb { group = mail mode = 0660 user = root } } service dict { unix_listener dict { user = mail } } service managesieve-login { inet_listener sieve_deprecated { port = 2000 } vsz_limit = 4 M } ssl_cert = References: <4E667075.1080003@whyscream.net> <4E6672D5.6020506@whyscream.net> <4E676629.9000108@whyscream.net> <4E677614.70504@rename-it.nl> <4E677CFD.4000705@whyscream.net> Message-ID: <4E67888A.8010505@rename-it.nl> On 9/7/2011 4:17 PM, Tom Hendrikx wrote: > Thanks for the idea :) > My first alternative way of thinking was to put the header value in a > variable, then multiply it by 10000 (in my actual issue, the fraction > always has 4 characters), then handle it as an int. However, doing a > calculation is also not supported. > > I was trying to do some nifty stuff with DSPAM headers, which adds > header that indicates "Spam" or "Innocent", and a fractional value > between 0 and 1 that indicates the confidence that the filter has in its > own classification: > > X-DSPAM-Result: Spam > X-DSPAM-Confidence: 0.9456 > ==> quite sure it is spam > > X-DSPAM-Result: Innocent > X-DSPAM-Confidence: 0.9889 > ==> even more sure that it is not spam > > Based on these headers, I wanted to do something with messages that the > filter was really sure about, like pushing them to spamcop. > > Combining these headers in the sieve spamtest configuration to create a > sliding scale between 1 and 10 is not really possible. > Not with the current implementation, no. But I could incorporate this new type of specification in the configuration capabilities. Using the spamtest :percent test, this could for instance map as follows: Result=Innocent; Confidence=0.0000 - 1.0000 => spamtest :percent yields 50 - 0 Result=Spam; Confidence=0.0000 - 1.0000 => spamtest :percent yields 50 - 100 Other mappings are possible of course. Regards, Stephan. From tss at iki.fi Wed Sep 7 18:09:35 2011 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Sep 2011 18:09:35 +0300 Subject: [Dovecot] Problem with configuring dovecot to take namespaces from database In-Reply-To: <4E6786CF.2020102@mejor.pl> References: <4E6782CB.1060803@mejor.pl> <04EE142A-25EF-4018-A8AB-C3A35CDF7B4E@iki.fi> <4E6786CF.2020102@mejor.pl> Message-ID: On 7.9.2011, at 17.59, Marcin Miros?aw wrote: > namespace { > inbox = yes > list = yes > location = > prefix = > separator = . > subscriptions = yes > type = private > } You want to modify this namespace, or add a completely new namespace? I don't think you can add new ones via userdb lookup.. You'll basically have to have a template in the config file first, like: namespace newspace { } Then you can add settings to it via e.g. 'namespace/newspace/location'. If all users don't have a namespace, you can set the defaults so it's invisible: namespace newspace { list = no hidden = yes } From marcin at mejor.pl Wed Sep 7 18:19:02 2011 From: marcin at mejor.pl (=?UTF-8?B?TWFyY2luIE1pcm9zxYJhdw==?=) Date: Wed, 07 Sep 2011 17:19:02 +0200 Subject: [Dovecot] Problem with configuring dovecot to take namespaces from database In-Reply-To: References: <4E6782CB.1060803@mejor.pl> <04EE142A-25EF-4018-A8AB-C3A35CDF7B4E@iki.fi> <4E6786CF.2020102@mejor.pl> Message-ID: <4E678B66.60602@mejor.pl> W dniu 07.09.2011 17:09, Timo Sirainen pisze: > On 7.9.2011, at 17.59, Marcin Miros?aw wrote: > >> namespace { >> inbox = yes >> list = yes >> location = >> prefix = >> separator = . >> subscriptions = yes >> type = private >> } > > You want to modify this namespace, or add a completely new namespace? I want to add completely new. > I don't think you can add new ones via userdb lookup.. You'll basically have to have a template in the config file first, like: > > namespace newspace { > } Hmm, it doesn't looks flexible ;) But probably should be enough for my purposes. Is feature "namespace from db" in your plans or it's too rarely needed to spend time on it? From tss at iki.fi Wed Sep 7 18:24:41 2011 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Sep 2011 18:24:41 +0300 Subject: [Dovecot] Problem with configuring dovecot to take namespaces from database In-Reply-To: <4E678B66.60602@mejor.pl> References: <4E6782CB.1060803@mejor.pl> <04EE142A-25EF-4018-A8AB-C3A35CDF7B4E@iki.fi> <4E6786CF.2020102@mejor.pl> <4E678B66.60602@mejor.pl> Message-ID: <8F07F485-4BC4-40E5-A520-7F59C87A7863@iki.fi> On 7.9.2011, at 18.19, Marcin Miros?aw wrote: >> I don't think you can add new ones via userdb lookup.. You'll basically have to have a template in the config file first, like: >> >> namespace newspace { >> } > > Hmm, it doesn't looks flexible ;) But probably should be enough for my purposes. Is feature "namespace from db" in your plans or it's too rarely needed to spend time on it? Actually I'm not completely sure if this is needed. Get it working first with this template, and then see if it continues working after removing the template. > 'test33/location=mdbox:~/.mdbox/test33/' as "namespace/test3/prefix" This is wrong in any case. It should be something like: 'mdbox:~/.mdbox/test33' as 'namespace/test33/location', 'test33.' as 'namespace/test33/prefix' From tss at iki.fi Wed Sep 7 20:17:01 2011 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Sep 2011 20:17:01 +0300 Subject: [Dovecot] Quota fs (ignore mount) In-Reply-To: References: Message-ID: On 6.9.2011, at 15.11, Peter Ignatov wrote: > I set "quota: fs:INBOX:noenforcing:mount=/var/spool/mail", but receive: "fs quota add storage dir = /home/pit/mail"... > Why ? Well .. I'm not entirely sure if the current behavior is good or not, but what you need to do to get it working is to add two quota roots. One for /home/pit/mail (i.e. without specifying mount=) and another for the INBOX's /var/spool/mail. From tss at iki.fi Wed Sep 7 20:22:46 2011 From: tss at iki.fi (Timo Sirainen) Date: Wed, 7 Sep 2011 20:22:46 +0300 Subject: [Dovecot] Shared Mailboxes with VirtualUsers and mail_location retrieved from ldap In-Reply-To: <1315308456.64827.YahooMailNeo@web29115.mail.ird.yahoo.com> References: <1315308456.64827.YahooMailNeo@web29115.mail.ird.yahoo.com> Message-ID: On 6.9.2011, at 14.27, mailing lists wrote: > I spend a couple of days configurating a new installation of dovecot 2.0.14 with virtual accounts and NFS storage for maildir home/mail directories. > > > At this point I need shared mailboxes but since user mail/home locations are ldap attributes, how is it supposed I must configure this for shared mailboxes? > > for the users' mail/home directories I set this line: > > user_attrs = mailbox=mail=maildir:/var/maildir/%$,homeFilter=home Are home dirs and mail dirs related in any way? The only way you can get it working is by using home dirs, e.g.: user_attrs = mailbox=home=/var/maildir/%$ Then in dovecot.conf: mail_location = maildir:~/ > namespace { > type = shared > separator = / > prefix = shared/%%u/ > subscriptions = no > list = children location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u Of course, if you're already now using separate home dirs for some stuff, this won't really work. From mathog at caltech.edu Thu Sep 8 02:39:07 2011 From: mathog at caltech.edu (mathog) Date: Wed, 07 Sep 2011 16:39:07 -0700 Subject: [Dovecot] copy and empty userA folder1, append to /var/mail/userB Message-ID: <3ee33c7814e8f3834a9210706fa3a36c@saf.bio.caltech.edu> Dovecot 2.0.13 on a 64 bit linux. We have an archiver account on one machine. Most mailing lists that handles go directly to it and everything is fine. However, there is one campus list that will only send to real people. So for that one I subscribed. When one of these messages comes in, which is 1-2x per week, I copy it to an export folder and then manually run a script which does: cat ~me/mail/export >>/var/mail/archiver echo "" > ~me/mail/export That worked fine on our last system, but dovecot doesn't like it. It leaves the imap indices for the export mailbox in an inconsistent state, so that roundcube (through dovecot) refuses to drop messages into it. The error message roundcube emits is: ServerError: Mailbox isn't a valid mbox file. Presumably the second half is from dovecot. I need a supported way to go about this, so that the next time one comes in I can copy to that folder again. The export mailbox is always completely emptied. It would suffice if there was some way to force dovecot to create "empty"" .imap/export: dovecot.index.cache dovecot.index.log files. Note this isn't a problem for the archiver itself, since it doesn't have any imap indexed files. Suggestions? Thank you, David Mathog mathog at caltech.edu Manager, Sequence Analysis Facility, Biology Division, Caltech From karol at babioch.de Thu Sep 8 02:41:58 2011 From: karol at babioch.de (Karol Babioch) Date: Thu, 08 Sep 2011 01:41:58 +0200 Subject: [Dovecot] ManageSieve with SSL/TLS only Message-ID: <4E680146.8040107@babioch.de> Hi, I'm quite new to Dovecot and ManageSieve, so probably I've missed something, although I couldn't find any hints in the wiki. I'm interested in running ManageSieve with SSL/TLS only. So is there any way to reject any non encrypted connections? I couldn't find any parameter for this purpose. I'm currently using dovecot 1.2.15 provided with Debian Squeeze, but I couldn't find any parameter in the 2.0 branch neither. Best regards, Karol Babioch -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 898 bytes Desc: OpenPGP digital signature URL: From tss at iki.fi Thu Sep 8 10:20:57 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 08 Sep 2011 10:20:57 +0300 Subject: [Dovecot] ManageSieve with SSL/TLS only In-Reply-To: <4E680146.8040107@babioch.de> References: <4E680146.8040107@babioch.de> Message-ID: <1315466458.3876.18.camel@hurina> On Thu, 2011-09-08 at 01:41 +0200, Karol Babioch wrote: > Hi, > > I'm quite new to Dovecot and ManageSieve, so probably I've missed > something, although I couldn't find any hints in the wiki. I'm > interested in running ManageSieve with SSL/TLS only. So is there any way > to reject any non encrypted connections? I couldn't find any parameter > for this purpose. > > I'm currently using dovecot 1.2.15 provided with Debian Squeeze, but I > couldn't find any parameter in the 2.0 branch neither. a) disable_plaintext_auth=yes (default) b) ssl=required They are equivalent if you've only enabled plaintext authentication mechanisms. http://wiki.dovecot.org/SSL/DovecotConfiguration and http://wiki.dovecot.org/SSL explain more. From tss at iki.fi Thu Sep 8 10:24:27 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 08 Sep 2011 10:24:27 +0300 Subject: [Dovecot] copy and empty userA folder1, append to /var/mail/userB In-Reply-To: <3ee33c7814e8f3834a9210706fa3a36c@saf.bio.caltech.edu> References: <3ee33c7814e8f3834a9210706fa3a36c@saf.bio.caltech.edu> Message-ID: <1315466667.3876.20.camel@hurina> On Wed, 2011-09-07 at 16:39 -0700, mathog wrote: > Dovecot 2.0.13 on a 64 bit linux. > > echo "" > ~me/mail/export > > That worked fine on our last system, but dovecot doesn't like it. It > leaves the imap indices for the > export mailbox in an inconsistent state, so that roundcube (through > dovecot) refuses to drop > messages into it. The error message roundcube emits is: > > ServerError: Mailbox isn't a valid mbox file. You change the "export" mbox to be one byte size containing LF. It should instead be completely zero size. For example echo -n > ~me/mail/export Alternative could be to simply rm it? From janfrode at tanso.net Thu Sep 8 10:56:20 2011 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Thu, 8 Sep 2011 09:56:20 +0200 Subject: [Dovecot] lmtp -- save failed to INBOX: BUG: Unknown internal error Message-ID: <20110908075620.GA27139@oc1046828364.ibm.com> I've had 18 instances of this error the last 24 hours: Sep 8 08:56:00 popimap1 dovecot:: lmtp(10529, first.last at example.om): mGdAOtdlaE4hKQAAg/aw4w: msgid=: save failed to INBOX: BUG: Unknown internal error 17 on lmtp-server A, and one on lmtp-server B. On server A it was a message with 55 recepients, where 17 failed initially -- and the was then successfully delivered. lmtp pid 10529, 08:55:57-08:56:01 - 11 successfull deliveries, 17 BUGs lmtp pid 10609, 08:56:00 - 1 successfull deliveries lmtp pid 31291, 08:56:06 - 2 successfull deliveries lmtp pid 10482, 08:56:04-06 - 3 successfull deliveries lmtp pid 6738, 08:56:06 - 1 successfull deliveries lmtp pid 24488, 08:56:06-07 - 5 successfull deliveries lmtp pid 7101, 08:56:01-07 - 19 successfull deliveries lmtp pid 21330, 08:56:08 - 1 successfull deliveries lmtp pid 2177, 08:56:09 - 3 successfull deliveries lmtp pid 7085, 08:56:10 - 3 successfull deliveries lmtp pid 6633, 08:56:08-10 - 6 successfull deliveries The one on lmtp-server B was a different msgid from A, and also had several recepients (6). It was successfully delivered to the recepient that initially failed the same second. Config here: # 2.0.14: /etc/dovecot/dovecot.conf # OS: Linux 2.6.18-194.26.1.el5 x86_64 Red Hat Enterprise Linux Server release 5.5 (Tikanga) auth_verbose = yes auth_verbose_passwords = sha1 disable_plaintext_auth = no mail_gid = 3000 mail_location = maildir:~/:INDEX=/indexes/%1u/%1.1u/%u mail_plugins = quota mail_uid = 3000 mmap_disable = yes namespace { inbox = yes location = prefix = INBOX. type = private } passdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } plugin { quota = maildir:User quota } service auth-worker { user = $default_internal_user } service auth { client_limit = 4396 } service imap-login { inet_listener imap { address = * port = 143 } } service imap { executable = /usr/local/sbin/imap-wrapper.sh process_limit = 2048 } service lmtp { client_limit = 1 inet_listener lmtp { address = * port = 24 } process_limit = 25 } service pop3-login { inet_listener pop3 { address = * port = 110 } } service pop3 { executable = /usr/local/sbin/pop-wrapper.sh process_limit = 2048 } ssl = no userdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } protocol lmtp { mail_plugins = quota } protocol imap { imap_client_workarounds = delay-newmail mail_plugins = quota imap_quota } protocol pop3 { mail_plugins = quota pop3_client_workarounds = outlook-no-nuls oe-ns-eoh pop3_uidl_format = UID%u-%v } -jf From tss at iki.fi Thu Sep 8 11:53:26 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 08 Sep 2011 11:53:26 +0300 Subject: [Dovecot] lmtp -- save failed to INBOX: BUG: Unknown internal error In-Reply-To: <20110908075620.GA27139@oc1046828364.ibm.com> References: <20110908075620.GA27139@oc1046828364.ibm.com> Message-ID: <1315472006.3876.22.camel@hurina> On Thu, 2011-09-08 at 09:56 +0200, Jan-Frode Myklebust wrote: > I've had 18 instances of this error the last 24 hours: > > Sep 8 08:56:00 popimap1 dovecot:: lmtp(10529, first.last at example.om): mGdAOtdlaE4hKQAAg/aw4w: msgid=: save failed to INBOX: BUG: Unknown internal error Hmm. These are pretty annoying to find. I looked through the sources and.. Well, found one possible reason for it. Try applying these patches and see what it says then: http://hg.dovecot.org/dovecot-2.0/raw-rev/858298eb101f http://hg.dovecot.org/dovecot-2.0/raw-rev/323ab62983b6 Or were there any actual errors logged before this message? From adrian.stoica at dacris.net Thu Sep 8 12:00:58 2011 From: adrian.stoica at dacris.net (Adrian Stoica) Date: Thu, 08 Sep 2011 12:00:58 +0300 Subject: [Dovecot] test Message-ID: <4E68844A.7040907@dacris.net> Hello i use dovecot 2.0.14 , with exim 4.76 using dovecot-lda. We have the following problem: when I receive mail from the site http://www.transfer.ro, which is a file transfer site, most emails appear to be empty. Empty rows appear in email body slipped through the existing, and this makemy mail client to show me an empty mail. You can see the content only by viewing the message source. instead of "- np4e68592849da7 Content-type: text / plain, charset = utf-8 " appear "- np4e68592849da7 Content-type: text / plain, charset = utf-8 " , and that blank line spoil everything. You can check if there is somethingwrong ? -------------- next part -------------- A non-text attachment was scrubbed... Name: adrian_stoica.vcf Type: text/x-vcard Size: 195 bytes Desc: not available URL: From marcin at mejor.pl Thu Sep 8 12:26:00 2011 From: marcin at mejor.pl (=?UTF-8?B?TWFyY2luIE1pcm9zxYJhdw==?=) Date: Thu, 08 Sep 2011 11:26:00 +0200 Subject: [Dovecot] Problem with configuring dovecot to take namespaces from database In-Reply-To: <8F07F485-4BC4-40E5-A520-7F59C87A7863@iki.fi> References: <4E6782CB.1060803@mejor.pl> <04EE142A-25EF-4018-A8AB-C3A35CDF7B4E@iki.fi> <4E6786CF.2020102@mejor.pl> <4E678B66.60602@mejor.pl> <8F07F485-4BC4-40E5-A520-7F59C87A7863@iki.fi> Message-ID: <4E688A28.1090800@mejor.pl> W dniu 07.09.2011 17:24, Timo Sirainen pisze: > On 7.9.2011, at 18.19, Marcin Miros?aw wrote: > Actually I'm not completely sure if this is needed. Get it working first with this template, and then see if it continues working after removing the template. I did namespace template: namespace test33 { separator = . # without this i got error: Initialization #failed: namespace configuration error: list=yes requires #prefix=test33. to end with separator } I've change sql query to get data from table. For other user which doesn't have configured namespace in db i've got error: Initialization failed: namespace configuration error: Duplicate namespace prefix: "" So there is something which i should fix. Thanks From tss at iki.fi Thu Sep 8 12:40:08 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 08 Sep 2011 12:40:08 +0300 Subject: [Dovecot] Problem with configuring dovecot to take namespaces from database In-Reply-To: <4E688A28.1090800@mejor.pl> References: <4E6782CB.1060803@mejor.pl> <04EE142A-25EF-4018-A8AB-C3A35CDF7B4E@iki.fi> <4E6786CF.2020102@mejor.pl> <4E678B66.60602@mejor.pl> <8F07F485-4BC4-40E5-A520-7F59C87A7863@iki.fi> <4E688A28.1090800@mejor.pl> Message-ID: <1315474812.3876.23.camel@hurina> On Thu, 2011-09-08 at 11:26 +0200, Marcin Miros?aw wrote: > W dniu 07.09.2011 17:24, Timo Sirainen pisze: > > On 7.9.2011, at 18.19, Marcin Miros?aw wrote: > > Actually I'm not completely sure if this is needed. Get it working first with this template, and then see if it continues working after removing the template. > > I did namespace template: > namespace test33 { > separator = . # without this i got error: Initialization > #failed: namespace configuration error: list=yes requires > #prefix=test33. to end with separator > } > > I've change sql query to get data from table. For other user which > doesn't have configured namespace in db i've got error: > Initialization failed: namespace configuration error: Duplicate > namespace prefix: "" You can't have two namespaces with prefix="". So for example add: namespace test33 { prefix = test33. } From tss at iki.fi Thu Sep 8 12:41:58 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 08 Sep 2011 12:41:58 +0300 Subject: [Dovecot] test In-Reply-To: <4E68844A.7040907@dacris.net> References: <4E68844A.7040907@dacris.net> Message-ID: <1315474919.3876.25.camel@hurina> On Thu, 2011-09-08 at 12:00 +0300, Adrian Stoica wrote: > Hello > i use dovecot 2.0.14 , with exim 4.76 using dovecot-lda. > > We have the following problem: when I receive mail from the site > http://www.transfer.ro, which is a file transfer site, most emails > appear to be empty. > Empty rows appear in email body slipped through the existing, and this > makemy mail client to show me an empty mail. You can see the content > only by viewing the message source. > > instead of > "- np4e68592849da7 > Content-type: text / plain, charset = utf-8 > " > appear > > "- np4e68592849da7 > > Content-type: text / plain, charset = utf-8 " , and that blank line > spoil everything. > > You can check if there is somethingwrong ? I'm not aware of any such bugs ever existing in dovecot-lda. You could check this by having Exim internally deliver mails from that site to some other maildir/mbox file, and check if the empty line exists there also. I don't know the specifics of how to configure Exim this way. From tss at iki.fi Thu Sep 8 12:45:31 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 08 Sep 2011 12:45:31 +0300 Subject: [Dovecot] test In-Reply-To: <1315474919.3876.25.camel@hurina> References: <4E68844A.7040907@dacris.net> <1315474919.3876.25.camel@hurina> Message-ID: <1315475131.3876.28.camel@hurina> On Thu, 2011-09-08 at 12:41 +0300, Timo Sirainen wrote: > I'm not aware of any such bugs ever existing in dovecot-lda. You could > check this by having Exim internally deliver mails from that site to > some other maildir/mbox file, and check if the empty line exists there > also. I don't know the specifics of how to configure Exim this way. Oh, or another possibility: instead of executing dovecot-lda directly, execute dovecot-lda.sh which contains something like (warning: totally untested): #!/bin/sh tmpfile=`mktemp` cat > $tmpfile if grep -q ^From.*transfer.ro; then cp $tmpfile /tmp/transfer.ro.`date +%s` fi /usr/local/libexec/dovecot/dovecot-lda "$@" < $tmpfile ret=$? rm -f $tmpfile exit $ret From janfrode at tanso.net Thu Sep 8 13:28:52 2011 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Thu, 8 Sep 2011 12:28:52 +0200 Subject: [Dovecot] lmtp -- save failed to INBOX: BUG: Unknown internal error In-Reply-To: <1315472006.3876.22.camel@hurina> References: <20110908075620.GA27139@oc1046828364.ibm.com> <1315472006.3876.22.camel@hurina> Message-ID: <20110908102852.GA30317@oc1046828364.ibm.com> On Thu, Sep 08, 2011 at 11:53:26AM +0300, Timo Sirainen wrote: > > Hmm. These are pretty annoying to find. I looked through the sources > and.. Well, found one possible reason for it. Try applying these patches > and see what it says then: > > http://hg.dovecot.org/dovecot-2.0/raw-rev/858298eb101f > http://hg.dovecot.org/dovecot-2.0/raw-rev/323ab62983b6 Thanks, applied.. Will let you know if/when it happens again. > > Or were there any actual errors logged before this message? I couldn't find any.. but these BUG:-messages were logged as debug or info level syslog messages, which quickly drowns in everything else on busy pop/imap-servers. -jf From tss at iki.fi Thu Sep 8 13:31:22 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 8 Sep 2011 13:31:22 +0300 Subject: [Dovecot] lmtp -- save failed to INBOX: BUG: Unknown internal error In-Reply-To: <20110908102852.GA30317@oc1046828364.ibm.com> References: <20110908075620.GA27139@oc1046828364.ibm.com> <1315472006.3876.22.camel@hurina> <20110908102852.GA30317@oc1046828364.ibm.com> Message-ID: <4A95E89D-FE64-42AC-8A35-3EDBF0B97986@iki.fi> On 8.9.2011, at 13.28, Jan-Frode Myklebust wrote: > I couldn't find any.. but these BUG:-messages were logged as > debug or info level syslog messages, which quickly drowns in everything > else on busy pop/imap-servers. That's why I prefer logging errors and warnings to separate logs. Those errors logs should always stay empty. You can do this either by configuring syslog or just setting e.g.: log_path = /var/log/dovecot-errors.log info_log_path = syslog From tss at iki.fi Thu Sep 8 13:42:16 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 8 Sep 2011 13:42:16 +0300 Subject: [Dovecot] limit number of simultaneous lmtp deliveries ? In-Reply-To: <20110905090541.GA8709@oc1046828364.ibm.com> References: <20110905090541.GA8709@oc1046828364.ibm.com> Message-ID: <1A3544DD-2754-4658-9AFD-CF5DD9A675F4@iki.fi> On 5.9.2011, at 12.05, Jan-Frode Myklebust wrote: > Sep 5 10:51:56 mailgw1 postfix/lmtp[23443]: 0E2F41C01A: to=, relay=loadbalancers.example.com[192.168.42.15]:24, delay=61, delays=0.02/0.3/31/30, dsn=4.4.0, status=deferred (host loadbalancers.example.com[192.168.42.15] said: 451 4.4.0 Remote server not answering (DATA output timeout) (in reply to end of DATA command)) Well, I added even more debugging output for this message: http://hg.dovecot.org/dovecot-2.0/raw-rev/8de8752b2e94 Would be interesting to know what it logs with that. From janfrode at tanso.net Thu Sep 8 13:44:19 2011 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Thu, 8 Sep 2011 12:44:19 +0200 Subject: [Dovecot] lmtp -- save failed to INBOX: BUG: Unknown internal error In-Reply-To: <4A95E89D-FE64-42AC-8A35-3EDBF0B97986@iki.fi> References: <20110908075620.GA27139@oc1046828364.ibm.com> <1315472006.3876.22.camel@hurina> <20110908102852.GA30317@oc1046828364.ibm.com> <4A95E89D-FE64-42AC-8A35-3EDBF0B97986@iki.fi> Message-ID: <20110908104419.GA31437@oc1046828364.ibm.com> On Thu, Sep 08, 2011 at 01:31:22PM +0300, Timo Sirainen wrote: > > > I couldn't find any.. but these BUG:-messages were logged as > > debug or info level syslog messages, which quickly drowns in everything > > else on busy pop/imap-servers. > > That's why I prefer logging errors and warnings to separate logs. Those errors logs should always stay empty. You can do this either by configuring syslog or just setting e.g.: > > log_path = /var/log/dovecot-errors.log > info_log_path = syslog We have that trough syslog: mail.debug -/var/log/maillog.debug mail.* -/var/log/maillog mail.warning -/var/log/maillog.warning mail.err -/var/log/maillog.errors mail.crit -/var/log/maillog.crit but these BUG-messages only ended up in /var/log/maillog and /var/log/maillog.debug, so I think they were logged with wrong severity. But "those errors logs should always stay empty" isn't quite true for us.., since every failed ldap bind() authentication is logged as an error: $ sudo wc -l maillog.errors 2063 maillog.errors $ sudo head -1 maillog.errors ; sudo tail -1 maillog.errors Sep 8 04:02:43 popimap1 dovecot: auth: Error: ldap(user2,192.168.42.15): ldap_bind() failed: No such object Sep 8 12:39:46 popimap1 dovecot: auth: Error: ldap(user1,192.168.42.15): ldap_bind() failed: No such object -jf From marcin at mejor.pl Thu Sep 8 14:00:48 2011 From: marcin at mejor.pl (=?UTF-8?B?TWFyY2luIE1pcm9zxYJhdw==?=) Date: Thu, 08 Sep 2011 13:00:48 +0200 Subject: [Dovecot] Problem with configuring dovecot to take namespaces from database In-Reply-To: <1315474812.3876.23.camel@hurina> References: <4E6782CB.1060803@mejor.pl> <04EE142A-25EF-4018-A8AB-C3A35CDF7B4E@iki.fi> <4E6786CF.2020102@mejor.pl> <4E678B66.60602@mejor.pl> <8F07F485-4BC4-40E5-A520-7F59C87A7863@iki.fi> <4E688A28.1090800@mejor.pl> <1315474812.3876.23.camel@hurina> Message-ID: <4E68A060.8090306@mejor.pl> W dniu 08.09.2011 11:40, Timo Sirainen pisze: > You can't have two namespaces with prefix="". So for example add: > > namespace test33 { > prefix = test33. > } I admit that I slightly lost me. Let me try to summarize: - i can't use db to keep completely definition of namespace(s) -- e.g. user X has no additional namespace, user Y has 3 additonal namespaces with location Y1, Y2, Y3 - if user Z wants new namespace i have to define it in config and user_db query should return list=no and hidden=yes for users diffrent than Z. I can get from db "location" for such namespace used by user Z. This is how i understood all our talk. I hope i didn't missed too much :) Thank you. From listas.correo at yahoo.es Thu Sep 8 14:14:20 2011 From: listas.correo at yahoo.es (mailing lists) Date: Thu, 8 Sep 2011 12:14:20 +0100 (BST) Subject: [Dovecot] Shared Mailboxes with VirtualUsers and mail_location retrieved from ldap Message-ID: <1315480460.20728.YahooMailNeo@web29111.mail.ird.yahoo.com> Hello, On 09/07/2011 07:22 PM, Timo Sirainen wrote: > On 6.9.2011, at 14.27, mailing lists wrote: >> At this point I need shared mailboxes but since user mail/home locations are ldap attributes, how is it supposed I must configure this for shared mailboxes? >> >> for the users' mail/home directories I set this line: >> >> user_attrs = mailbox=mail=maildir:/var/maildir/%$,homeFilter=home > > Are home dirs and mail dirs related in any way? The only way you can get it working is by using home dirs, e.g.: > > user_attrs = mailbox=home=/var/maildir/%$ yes, my virtual users have separate directories for home and mail. Their locations are stored in ldap attributes (with random generated paths), so a flat scheme like /var/maildr/%%u isn't valid. for typical (virtual) users the location returned looks like: Sep? 8 12:48:33 imap1 dovecot: auth: Debug: ldap(user012,::1): result: mailbox(mail=maildir:/var/maildir/%$)=vol06/1/15/user012 homeFilter(home)=/var/mailfilter/vol06/1/15/user012 ... Sep? 8 12:54:50 imap1 dovecot: imap(user012): Debug: maildir++: root=/var/maildir/vol06/1/15/user012, index=, control=, inbox=/var/maildir/vol06/1/15/user012, alt= ? > Then in dovecot.conf: > > mail_location = maildir:~/ > >> namespace { >>??? type = shared >>??? separator = / >>??? prefix = shared/%%u/ >>??? subscriptions = no >>??? list = children > > location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u this is that I see in? logs and not shared folders are seen by imap clients: Sep? 8 12:57:11 imap1 dovecot: imap(user012): Debug: Namespace : type=shared, prefix=shared.%u., sep=., inbox=no, hidden=no, list=children, subscriptions=no location=maildir:%h/Maildir:INDEX=~/Maildir/shared/%u Sep? 8 12:57:11 imap1 dovecot: imap(user012): Debug: shared: root=/var/run/dovecot/, index=, control=, inbox=, alt= Sep? 8 12:57:11 imap1 dovecot: imap(user012): Debug: acl: initializing backend with data: vfile I fail to understand how %%u is retrieved from ldap... ? /----------/ # dovecot -n # 2.0.14: /etc/dovecot/dovecot.conf # OS: Linux 2.6.34.7-0.7-xen x86_64 openSUSE 11.3 (x86_64) auth_debug = yes auth_debug_passwords = yes auth_verbose = yes auth_verbose_passwords = plain base_dir = /var/run/dovecot/ disable_plaintext_auth = no mail_debug = yes mail_fsync = always mail_gid = 5000 mail_location = maildir:~/ mail_nfs_index = yes mail_nfs_storage = yes mail_plugins = acl mail_uid = 5000 managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date mmap_disable = yes namespace { ? inbox = yes ? location = ? prefix = INBOX. ? separator = . } namespace { ? list = children ? location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u ? prefix = shared.%%u. ? separator = . ? subscriptions = no ? type = shared } passdb { ? args = /etc/dovecot/dovecot-ldap.conf.ext ? driver = ldap } plugin { ? acl = vfile ? acl_shared_dict = file:/var/maildir/shared-mailboxes ? sieve = ~/.dovecot.sieve ? sieve_dir = ~/sieve } protocols = imap ssl = no userdb { ? args = /etc/dovecot/dovecot-ldap.conf.ext ? driver = ldap } verbose_proctitle = yes protocol imap { ? mail_max_userip_connections = 100 ? mail_plugins = acl imap_acl autocreate } From janfrode at tanso.net Thu Sep 8 14:22:01 2011 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Thu, 8 Sep 2011 13:22:01 +0200 Subject: [Dovecot] limit number of simultaneous lmtp deliveries ? In-Reply-To: <1A3544DD-2754-4658-9AFD-CF5DD9A675F4@iki.fi> References: <20110905090541.GA8709@oc1046828364.ibm.com> <1A3544DD-2754-4658-9AFD-CF5DD9A675F4@iki.fi> Message-ID: <20110908112201.GA708@oc1046828364.ibm.com> On Thu, Sep 08, 2011 at 01:42:16PM +0300, Timo Sirainen wrote: > > Well, I added even more debugging output for this message: http://hg.dovecot.org/dovecot-2.0/raw-rev/8de8752b2e94 > > Would be interesting to know what it logs with that. > Postfix logs: Sep 8 13:14:28 asav7 postfix/lmtp[22024]: 5ADD454030: host loadbalancers.example.com[192.168.42.15] said: 451 4.4.0 Remote server not answering (DATA output stalled for 30 secs, 36742B sent, 0B buffered) (in reply to end of DATA command) Sep 8 13:17:51 asav7 postfix/lmtp[22759]: 1981954011: host loadbalancers.example.com[192.168.42.17] said: 451 4.4.0 Remote server not answering (DATA output stalled for 30 secs, 38629B sent, 0B buffered) (in reply to end of DATA command) -jf From listas.correo at yahoo.es Thu Sep 8 14:25:08 2011 From: listas.correo at yahoo.es (mailing lists) Date: Thu, 8 Sep 2011 12:25:08 +0100 (BST) Subject: [Dovecot] is it necessary lmtp and director to avoid index corruption in mail delivery? Message-ID: <1315481108.60265.YahooMailNeo@web29117.mail.ird.yahoo.com> JF, thank you for the reply. I'm just curious how to big players fix this problem, which seems impact systems with shared storage. Have a nice day. On 09/07/2011 12:59 PM, Jan-Frode Myklebust wrote: > On Wed, Sep 07, 2011 at 11:26:28AM +0100, mailing lists wrote: >> Hello all, >> If I have several postfix/dovecot-lda boxes with shared nfs storage, >> how director helps in this scenario? > > The director can help by directing each unique user to the same backend > server for each delivery, which should give you better performance > (indexes cached in memory on only one machine instead of on all, > inotify will work for IMAP NOTIFY), and also avoid some apparent race > conditions that has lead to index corruption when several nodes are > writing to the same mailbox at the same time. > >> is it necesary to use lmtp instead of dovecot-lda? > > Yes. > > >> With postfix/dovecot-lda boxes incoming mail happens at the smtp layer >> but director redirects are working in the lmtp/imap/pop3 layer. > > Right. > > With LMTP you can have dovecot listening on the network (port 24/tcp) > for incoming mail. No need for postfix on the backend mailstorage > servers. > > Our setups has been: > > ??? Mailgw[1-14] ---smtp-->? dovecot-server[1-5] (postfix + dovecot/lda) > > and used MX priorities to make all deliveries go to the same > dovecot-server with the others as backup. > > ??? $ dig mx deliver.example.com +short > ??? 10 dove2.example.com. > ??? 15 dove3.example.com. > ??? 20 dove4.example.com. > ??? 25 dove5.example.com. > ??? 5 dove1.example.com. > > > Now I'm moving towards: > > ??? Mailgw[1-14] ---lmtp-->? dovecot-server[1-5] (dovecot/lmtp) > > but worry that the index corruption might hit me again.. Ideally > I want: > > ??? Mailgw[1-14] ---lmtp-->? directors --lmtp-->? dovecot-server[1-5] (dovecot/lmtp) > > but lmtp-proxying seems to have bugs (ref: my latest mails to this > list). > > >??? -jf From tss at iki.fi Thu Sep 8 16:03:58 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 08 Sep 2011 16:03:58 +0300 Subject: [Dovecot] lmtp -- save failed to INBOX: BUG: Unknown internal error In-Reply-To: <20110908104419.GA31437@oc1046828364.ibm.com> References: <20110908075620.GA27139@oc1046828364.ibm.com> <1315472006.3876.22.camel@hurina> <20110908102852.GA30317@oc1046828364.ibm.com> <4A95E89D-FE64-42AC-8A35-3EDBF0B97986@iki.fi> <20110908104419.GA31437@oc1046828364.ibm.com> Message-ID: <1315487039.3876.35.camel@hurina> On Thu, 2011-09-08 at 12:44 +0200, Jan-Frode Myklebust wrote: > Sep 8 08:56:00 popimap1 dovecot:: lmtp(10529, first.last at example.om): mGdAOtdlaE4hKQAAg/aw4w: msgid=: save failed to INBOX: BUG: Unknown internal error .. > but these BUG-messages only ended up in /var/log/maillog and > /var/log/maillog.debug, so I think they were logged with wrong severity. The message is logged with info-level, because it's the "what happened to the message" line. It's basically the same message that gets logged every time, regardless of what happened to the message. What should have happened above was: Error: something bad happened to your message Info: save failed to INBOX: Internal error occurred. So you should have gotten one error and one info message, but because of some bug you didn't get any error. > But "those errors logs should always stay empty" isn't quite true for us.., > since every failed ldap bind() authentication is logged as an error: > > $ sudo wc -l maillog.errors > 2063 maillog.errors > $ sudo head -1 maillog.errors ; sudo tail -1 maillog.errors > Sep 8 04:02:43 popimap1 dovecot: auth: Error: ldap(user2,192.168.42.15): ldap_bind() failed: No such object > Sep 8 12:39:46 popimap1 dovecot: auth: Error: ldap(user1,192.168.42.15): ldap_bind() failed: No such object It shouldn't be behaving like that.. Are you saying that all "unknown user" failures are logged as those errors? I get without auth_bind_userdn: Sep 08 15:56:08 auth: Info: ldap(foo,127.0.0.1): unknown user With auth_bind_userdn: Sep 08 16:00:12 auth: Info: ldap(foo,127.0.0.1): invalid credentials So the "No such object" isn't expected.. Maybe different LDAP servers work in different ways?.. Yours appears to give out the difference between "user doesn't exist" and "wrong password"? Does the attached patch change these to "unknown user" messages? -------------- next part -------------- A non-text attachment was scrubbed... Name: diff Type: text/x-patch Size: 573 bytes Desc: not available URL: From tss at iki.fi Thu Sep 8 16:07:04 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 08 Sep 2011 16:07:04 +0300 Subject: [Dovecot] Shared Mailboxes with VirtualUsers and mail_location retrieved from ldap In-Reply-To: <1315480460.20728.YahooMailNeo@web29111.mail.ird.yahoo.com> References: <1315480460.20728.YahooMailNeo@web29111.mail.ird.yahoo.com> Message-ID: <1315487225.3876.37.camel@hurina> On Thu, 2011-09-08 at 12:14 +0100, mailing lists wrote: > yes, my virtual users have separate directories for home and mail. > Their locations are stored in ldap attributes (with random generated > paths), so a flat scheme like /var/maildr/%%u isn't valid. Sorry, you're out of luck with that kind of a setup. Only the %%h can look up a home directory from LDAP. Maybe some day in future there will be other variables that can be looked up. From tss at iki.fi Thu Sep 8 16:18:41 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 08 Sep 2011 16:18:41 +0300 Subject: [Dovecot] Problem with configuring dovecot to take namespaces from database In-Reply-To: <4E68A060.8090306@mejor.pl> References: <4E6782CB.1060803@mejor.pl> <04EE142A-25EF-4018-A8AB-C3A35CDF7B4E@iki.fi> <4E6786CF.2020102@mejor.pl> <4E678B66.60602@mejor.pl> <8F07F485-4BC4-40E5-A520-7F59C87A7863@iki.fi> <4E688A28.1090800@mejor.pl> <1315474812.3876.23.camel@hurina> <4E68A060.8090306@mejor.pl> Message-ID: <1315487921.3876.40.camel@hurina> On Thu, 2011-09-08 at 13:00 +0200, Marcin Miros?aw wrote: > W dniu 08.09.2011 11:40, Timo Sirainen pisze: > > You can't have two namespaces with prefix="". So for example add: > > > > namespace test33 { > > prefix = test33. > > } > > I admit that I slightly lost me. Let me try to summarize: > - i can't use db to keep completely definition of namespace(s) > -- e.g. user X has no additional namespace, user Y has 3 additonal > namespaces with location Y1, Y2, Y3 > - if user Z wants new namespace i have to define it in config and > user_db query should return list=no and hidden=yes for users diffrent > than Z. I can get from db "location" for such namespace used by user Z. Forget all of that. I just tried a few ways and looks like you can add more namespaces by returning e.g. these fields (from SQL): namespace=nsname namespace/nsname/prefix=prefix/ namespace/nsname/location=maildir:/elsewhere namespace/nsname/separator=/ Where nsname is some unique name for the namespace. If you want more than one namespace, I think you can do it by adding another name to "namespace" field, e.g.: namespace=nsname nsname2 nsname3 From janfrode at tanso.net Thu Sep 8 16:21:52 2011 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Thu, 8 Sep 2011 15:21:52 +0200 Subject: [Dovecot] lmtp -- save failed to INBOX: BUG: Unknown internal error In-Reply-To: <1315487039.3876.35.camel@hurina> References: <20110908075620.GA27139@oc1046828364.ibm.com> <1315472006.3876.22.camel@hurina> <20110908102852.GA30317@oc1046828364.ibm.com> <4A95E89D-FE64-42AC-8A35-3EDBF0B97986@iki.fi> <20110908104419.GA31437@oc1046828364.ibm.com> <1315487039.3876.35.camel@hurina> Message-ID: <20110908132152.GA4450@oc1046828364.ibm.com> On Thu, Sep 08, 2011 at 04:03:58PM +0300, Timo Sirainen wrote: > > It shouldn't be behaving like that.. Are you saying that all "unknown > user" failures are logged as those errors? Seems so yes. > > I get without auth_bind_userdn: > > Sep 08 15:56:08 auth: Info: ldap(foo,127.0.0.1): unknown user > > With auth_bind_userdn: > > Sep 08 16:00:12 auth: Info: ldap(foo,127.0.0.1): invalid credentials > > So the "No such object" isn't expected.. Maybe different LDAP servers > work in different ways?.. We're using centos directory server - aka - red hat directory server - aka - 389ds. With: auth_verbose = yes auth_verbose_passwords = sha1 (which doesn't work) userdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } hosts = ldapm1.example.net:389 ldapm2.example.net:389 auth_bind = yes auth_bind_userdn = uid=%n,ou=people,o=%d,o=ISP,o=example,c=NO base = ou=people,o=%d,o=ISP,o=example,c=NO deref = never scope = onelevel user_attrs = mailMessageStore=home, mailLocation=mail, mailQuota=mailQuota=quota_rule=*:storage=%$ user_filter = (&(objectClass=examplePerson)(uid=%n)) Could maybe also be the user_filter or auth_bind_userdn that's turning it into an error ? > Yours appears to give out the difference > between "user doesn't exist" and "wrong password"? Does the attached > patch change these to "unknown user" messages? > diff -r 8de8752b2e94 src/auth/passdb-ldap.c > --- a/src/auth/passdb-ldap.c Thu Sep 08 13:41:20 2011 +0300 > +++ b/src/auth/passdb-ldap.c Thu Sep 08 16:03:21 2011 +0300 > @@ -157,6 +157,10 @@ > } > auth_request_log_info(auth_request, "ldap", "%s", str); > passdb_result = PASSDB_RESULT_PASSWORD_MISMATCH; > + } else if (ret == LDAP_NO_SUCH_OBJECT) { > + passdb_result = PASSDB_RESULT_USER_UNKNOWN; > + auth_request_log_info(auth_request, "ldap", > + "unknown user"); > } else { > auth_request_log_error(auth_request, "ldap", > "ldap_bind() failed: %s", I've done a bit too many unscheduled changes today... will see if I can sneak this in tomorrow :-) -jf From mathog at caltech.edu Thu Sep 8 18:05:33 2011 From: mathog at caltech.edu (mathog) Date: Thu, 08 Sep 2011 08:05:33 -0700 Subject: [Dovecot] copy and empty userA folder1, append to /var/mail/userB In-Reply-To: <1315466667.3876.20.camel@hurina> References: <3ee33c7814e8f3834a9210706fa3a36c@saf.bio.caltech.edu> <1315466667.3876.20.camel@hurina> Message-ID: <529647020022fb96e9bda2440c1b73ea@saf.bio.caltech.edu> On Thu, 08 Sep 2011 10:24:27 +0300, Timo Sirainen wrote: > On Wed, 2011-09-07 at 16:39 -0700, mathog wrote: >> Dovecot 2.0.13 on a 64 bit linux. >> >> echo "" > ~me/mail/export >> >> That worked fine on our last system, but dovecot doesn't like it. >> It >> leaves the imap indices for the >> export mailbox in an inconsistent state, so that roundcube (through >> dovecot) refuses to drop >> messages into it. The error message roundcube emits is: >> >> ServerError: Mailbox isn't a valid mbox file. > > You change the "export" mbox to be one byte size containing LF. It > should instead be completely zero size that was it. Changed the script that does the move to use cat >~me/mail/export < I'll try and break up my questions the other day about extdata that went unanswered into pieces in the hopes it will be more specific and clear. In general, I am trying to figure out the syntax of the map statement and what is allowed in that statement. So, by map statement, I mean for example perhaps the?dovecot-dict-expire.conf.ext file as shown in the doc. Is the syntax the same for the various types of files (quota vs expire)? Is there syntax to allow the specification of a different key? If so, where is this documented. I have an existing table I want to use, not the table shown in the doc. The reason I am asking is I have seen web pages that reference all sorts of statements within the map statement, and I have no idea where they are documented. Specifically, I see an example here (which is LDAP), look in section 3: http://dovecot.org/patches/1.2/ldap/HOWTO_dictldap+extdata.txt You will see lots of statements, not sure which ones can be used for MySQL (instead of LDAP). So, would like to find a list of ALL valid syntax within the map. From =?utf-8?B?0JrQvtGB0YLRi9GA0LXQsiDQkNC70LXQutGB0LDQvdC00YAg0JDQu9C10LrRgQ==?= Fri Sep 9 05:30:54 2011 From: =?utf-8?B?0JrQvtGB0YLRi9GA0LXQsiDQkNC70LXQutGB0LDQvdC00YAg0JDQu9C10LrRgQ==?= (=?utf-8?B?0JrQvtGB0YLRi9GA0LXQsiDQkNC70LXQutGB0LDQvdC00YAg0JDQu9C10LrRgQ==?=) Date: Fri, 9 Sep 2011 13:30:54 +1100 Subject: [Dovecot] debug user's message retrieval Message-ID: <213B51F00051AE48A9F0E112880177178F9F88@Delta.sc.local> Hi there! Is there any method to log user's activity with pop3 service? I'll try to explain situation: In maillog I saw that my dovecot lmtp saved four letters in user's mailbox. After a while I got a call from that user saying that he received nothing. Is there any method to log that that user RETR every single letter, maybe with full names of letter's id or something like that? From =?utf-8?B?0JrQvtGB0YLRi9GA0LXQsiDQkNC70LXQutGB0LDQvdC00YAg0JDQu9C10LrRgQ==?= Fri Sep 9 05:36:13 2011 From: =?utf-8?B?0JrQvtGB0YLRi9GA0LXQsiDQkNC70LXQutGB0LDQvdC00YAg0JDQu9C10LrRgQ==?= (=?utf-8?B?0JrQvtGB0YLRi9GA0LXQsiDQkNC70LXQutGB0LDQvdC00YAg0JDQu9C10LrRgQ==?=) Date: Fri, 9 Sep 2011 13:36:13 +1100 Subject: [Dovecot] debug user's message retrieval References: <213B51F00051AE48A9F0E112880177178F9F88@Delta.sc.local> Message-ID: <213B51F00051AE48A9F0E112880177178F9F89@Delta.sc.local> I forgot to mention that when I go to user's directory there's no letters at all. On Fri, 2011-09-09 at 13:30 +1100, ???????? ????????? ?????????? wrote: > Hi there! > > Is there any method to log user's activity with pop3 service? > > I'll try to explain situation: > > In maillog I saw that my dovecot lmtp saved four letters in user's > mailbox. > After a while I got a call from that user saying that he received > nothing. > > Is there any method to log that that user RETR every single letter, > maybe with full names of letter's id or something like that? > -- ? ?????????, ???????? ????????? ????????? ????????????? ??? "??????-?????" ???.: (423) 262-02-62 (???. 2037) ????: (423) 262-02-10 a.kostyrev at serverc.ru www.serverc.ru icq: 404-198-497 From bind at enas.net Fri Sep 9 09:29:35 2011 From: bind at enas.net (Urban Loesch) Date: Fri, 09 Sep 2011 08:29:35 +0200 Subject: [Dovecot] debug user's message retrieval In-Reply-To: <213B51F00051AE48A9F0E112880177178F9F89@Delta.sc.local> References: <213B51F00051AE48A9F0E112880177178F9F88@Delta.sc.local> <213B51F00051AE48A9F0E112880177178F9F89@Delta.sc.local> Message-ID: <4E69B24F.7070501@enas.net> Hi, perhaps the "mail_log" plugin can help you. .... # mail_log plugin provides more event logging for mail processes. plugin { # Events to log. Also available: flag_change append mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename # Group events within a transaction to one line. mail_log_group_events = no # Available fields: uid, box, msgid, from, subject, size, vsize, flags # size and vsize are available only for expunge and copy events. mail_log_fields = uid box msgid size from } ... Regards Urban ???????? ????????? ?????????? wrote: > I forgot to mention that when I go to user's directory there's no > letters at all. > > On Fri, 2011-09-09 at 13:30 +1100, ???????? ????????? ?????????? wrote: >> Hi there! >> >> Is there any method to log user's activity with pop3 service? >> >> I'll try to explain situation: >> >> In maillog I saw that my dovecot lmtp saved four letters in user's >> mailbox. >> After a while I got a call from that user saying that he received >> nothing. >> >> Is there any method to log that that user RETR every single letter, >> maybe with full names of letter's id or something like that? >> > From janfrode at tanso.net Fri Sep 9 09:54:00 2011 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Fri, 9 Sep 2011 08:54:00 +0200 Subject: [Dovecot] lmtp -- save failed to INBOX: BUG: Unknown internal error In-Reply-To: <1315487039.3876.35.camel@hurina> References: <20110908075620.GA27139@oc1046828364.ibm.com> <1315472006.3876.22.camel@hurina> <20110908102852.GA30317@oc1046828364.ibm.com> <4A95E89D-FE64-42AC-8A35-3EDBF0B97986@iki.fi> <20110908104419.GA31437@oc1046828364.ibm.com> <1315487039.3876.35.camel@hurina> Message-ID: <20110909065400.GA21187@oc1046828364.ibm.com> On Thu, Sep 08, 2011 at 04:03:58PM +0300, Timo Sirainen wrote: > > So the "No such object" isn't expected.. Maybe different LDAP servers > work in different ways?.. Yours appears to give out the difference > between "user doesn't exist" and "wrong password"? Does the attached > patch change these to "unknown user" messages? Yes it does. Before patch: Sep 9 08:46:43 popimap2 dovecot: auth: Error: ldap(user at example.co,192.168.11.16): ldap_bind() failed: No such object after patch: Sep 9 08:50:50 popimap2 dovecot: auth: ldap(user at example.co,192.168.42.15): unknown user -jf From listas.correo at yahoo.es Fri Sep 9 10:18:40 2011 From: listas.correo at yahoo.es (mailing lists) Date: Fri, 9 Sep 2011 08:18:40 +0100 (BST) Subject: [Dovecot] Shared Mailboxes with VirtualUsers and mail_location retrieved from ldap Message-ID: <1315552720.25012.YahooMailNeo@web29117.mail.ird.yahoo.com> On 09/08/2011 03:07 PM, Timo Sirainen wrote: > On Thu, 2011-09-08 at 12:14 +0100, mailing lists wrote: > >> yes, my virtual users have separate directories for home and mail. >> Their locations are stored in ldap attributes (with random generated >> paths), so a flat scheme like /var/maildr/%%u isn't valid. > > Sorry, you're out of luck with that kind of a setup. Only the %%h can > look up a home directory from LDAP. Maybe some day in future there will > be other variables that can be looked up. and how to I might configure dovecot to use the mail directory as a subdirectory of the home directory? this way all lookups for home (with %%h fetched from ldap) will return the correct locationand mail will be in (i.e.) ~/mailSubDir is this configuration possible? From janfrode at tanso.net Fri Sep 9 11:04:35 2011 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Fri, 9 Sep 2011 10:04:35 +0200 Subject: [Dovecot] Shared Mailboxes with VirtualUsers and mail_location retrieved from ldap In-Reply-To: <1315552720.25012.YahooMailNeo@web29117.mail.ird.yahoo.com> References: <1315552720.25012.YahooMailNeo@web29117.mail.ird.yahoo.com> Message-ID: <20110909080435.GA23158@oc1046828364.ibm.com> On Fri, Sep 09, 2011 at 08:18:40AM +0100, mailing lists wrote: > > and how to I might configure dovecot to use the mail directory as a subdirectory of the home directory? > > this way all lookups for home (with %%h fetched from ldap) will return the correct locationand mail will be in (i.e.) ~/mailSubDir > > is this configuration possible? In the main dovecot.conf: mail_location = maildir:~/mailSubDir In the ldap-config: user_attrs = homeFilter=home -jf From joseba.torre at ehu.es Fri Sep 9 11:37:37 2011 From: joseba.torre at ehu.es (Joseba Torre) Date: Fri, 9 Sep 2011 10:37:37 +0200 Subject: [Dovecot] debug user's message retrieval In-Reply-To: <213B51F00051AE48A9F0E112880177178F9F89@Delta.sc.local> References: <213B51F00051AE48A9F0E112880177178F9F88@Delta.sc.local> <213B51F00051AE48A9F0E112880177178F9F89@Delta.sc.local> Message-ID: <201109091037.37289.joseba.torre@ehu.es> On Viernes 09 Septiembre 2011 04:36:13 ???????? ????????? ?????????? escribi?: > I forgot to mention that when I go to user's directory there's no > letters at all. > > On Fri, 2011-09-09 at 13:30 +1100, ???????? ????????? ?????????? wrote: > > Hi there! > > > > Is there any method to log user's activity with pop3 service? > > > > I'll try to explain situation: > > > > In maillog I saw that my dovecot lmtp saved four letters in user's > > mailbox. > > After a while I got a call from that user saying that he received > > nothing. > > > > Is there any method to log that that user RETR every single letter, > > maybe with full names of letter's id or something like that? The default pop3 log is enough for me: Sep 9 05:46:37 server1 dovecot: POP3(user1): Disconnected: Logged out top=0/0, retr=1/41706, del=1/1, size=41685 This means that user1 received 1 message, deleted 1 message, and total downloaded size was 41685. Don't you have a similar line for your user? -- Joseba Torre. Vicegerencia de TICs, ?rea de Explotaci?n From Lutz.Pressler at SerNet.DE Fri Sep 9 13:01:49 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Fri, 9 Sep 2011 12:01:49 +0200 Subject: [Dovecot] 2.1: imapc LIST problem / usage question Message-ID: ----- Forwarded message from SerNet Support Lutz Pre?ler ----- From: SerNet Support Lutz Pre?ler Subject: 2.1: imapc LIST problem / usage question To: dovecot at dovecot.org Date: Fri, 9 Sep 2011 12:00:46 +0200 Organization: SerNet Service Network GmbH Hello, 2.1.alpha1 (latest Debian auto build on amd64) As a test, namespace for gmail integration set up by userdb with userdb_namespace=gmail userdb_namespace/gmail/list=yes userdb_namespace/gmail/subscriptions=no userdb_namespace/gmail/separator=. userdb_namespace/gmail/prefix=INBOX.gmail. userdb_namespace/gmail/location=imapc: userdb_imapc_host=imap.gmail.com userdb_imapc_user=ixxxxx at gmail.com userdb_imapc_password=xxxxx userdb_imapc_ssl=imaps userdb_imapc_ssl_ca_dir=/etc/ssl/certs userdb_imapc_port=993 (but having the namespace set up in config file makes no difference). This works in principle. I can e.g. 0 select "INBOX.gmail.[Gmail].Alle Nachrichten" * FLAGS (\Answered \Flagged \Deleted \Seen \Draft) * OK [PERMANENTFLAGS (\Answered \Flagged \Deleted \Seen \Draft \*)] Flags permitted. * 31 EXISTS * 0 RECENT * OK [UNSEEN 1] First unseen. * OK [UIDVALIDITY 1] UIDs valid * OK [UIDNEXT 19689] Predicted next UID * OK [NOMODSEQ] No permanent modsequences 0 OK [READ-WRITE] Select completed. and even use the gmail mailboxes within dovecot-virtual files! But: LIST seems broken: 0 list "" "*" * LIST (\HasChildren) "." "INBOX" * LIST (\HasNoChildren) "." "INBOX.privat" * LIST (\HasChildren) "." "INBOX.test" * LIST (\HasNoChildren) "." "INBOX.test.test2" * LIST (\HasNoChildren) "." "INBOX.Trash" * LIST (\HasNoChildren) "." "INBOX.in2009" [...] * LIST (\Noselect \HasChildren) "." "INBOX.gmail" * LIST (\HasNoChildren) "." "Arbeit" * LIST (\HasNoChildren) "." "Belege" * LIST (\HasNoChildren) "." "Privat" * LIST (\HasNoChildren) "." "Reisen" * LIST (\Noselect \HasNoChildren) "." "[Gmail]" * LIST (\HasNoChildren) "." "[Gmail]/Alle Nachrichten" * LIST (\HasNoChildren) "." "[Gmail]/Entw&-APw-rfe" * LIST (\HasNoChildren) "." "[Gmail]/Gesendet" * LIST (\HasNoChildren) "." "[Gmail]/Markiert" * LIST (\HasNoChildren) "." "[Gmail]/Papierkorb" * LIST (\HasNoChildren) "." "[Gmail]/Spam" * LIST (\HasNoChildren) "." "[Gmail]/Wichtig" * LIST (\HasChildren) "." "INBOX.virtual" * LIST (\HasNoChildren) "." "INBOX.virtual.week" * LIST (\HasNoChildren) "." "INBOX.virtual.sent" * LIST (\HasNoChildren) "." "INBOX.virtual.allin" 0 OK List completed. For the Gmail mailboxe the INBOX.gmail prefix is missing and / is used as separator. Second question: Is there a way to include multiple imapc instances/ namespaces with e.g. different destinations servers? I don't see how because imapc_* parameters seem to be global (now), but it would be a very useful feature. Greetings, Lutz From tss at iki.fi Fri Sep 9 13:16:52 2011 From: tss at iki.fi (Timo Sirainen) Date: Fri, 09 Sep 2011 13:16:52 +0300 Subject: [Dovecot] 2.1: imapc LIST problem / usage question In-Reply-To: References: Message-ID: <1315563414.3876.50.camel@hurina> On Fri, 2011-09-09 at 12:01 +0200, Lutz Pre?ler wrote: > As a test, namespace for gmail integration set up by userdb > with > userdb_namespace=gmail userdb_namespace/gmail/list=yes userdb_namespace/gmail/subscriptions=no userdb_namespace/gmail/separator=. userdb_namespace/gmail/prefix=INBOX.gmail. userdb_namespace/gmail/location=imapc: userdb_imapc_host=imap.gmail.com userdb_imapc_user=ixxxxx at gmail.com userdb_imapc_password=xxxxx userdb_imapc_ssl=imaps userdb_imapc_ssl_ca_dir=/etc/ssl/certs userdb_imapc_port=993 > > For the Gmail mailboxe the INBOX.gmail prefix is missing and / is used > as separator. Fixed in hg. > Second question: Is there a way to include multiple imapc instances/ > namespaces with e.g. different destinations servers? I don't see how > because imapc_* parameters seem to be global (now), but it would be a very > useful feature. I don't really understand. You're already returning per-user imapc namespace from userdb. What's missing? From Lutz.Pressler at SerNet.DE Fri Sep 9 13:21:28 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Fri, 9 Sep 2011 12:21:28 +0200 Subject: [Dovecot] 2.1: imapc LIST problem / usage question In-Reply-To: <1315563414.3876.50.camel@hurina> References: <1315563414.3876.50.camel@hurina> Message-ID: On Fr, 09 Sep 2011, Timo Sirainen wrote: > On Fri, 2011-09-09 at 12:01 +0200, Lutz Pre?ler wrote: [...] > > For the Gmail mailboxe the INBOX.gmail prefix is missing and / is used > > as separator. > > Fixed in hg. Thanks. > > > Second question: Is there a way to include multiple imapc instances/ > > namespaces with e.g. different destinations servers? I don't see how > > because imapc_* parameters seem to be global (now), but it would be a very > > useful feature. > > I don't really understand. You're already returning per-user imapc > namespace from userdb. What's missing? One local dovecot user, multiple remote IMAP servers included in different namespaces. Lutz From listas.correo at yahoo.es Fri Sep 9 13:49:18 2011 From: listas.correo at yahoo.es (mailing lists) Date: Fri, 9 Sep 2011 11:49:18 +0100 (BST) Subject: [Dovecot] Shared Mailboxes with VirtualUsers and mail_location retrieved from ldap Message-ID: <1315565358.33243.YahooMailNeo@web29115.mail.ird.yahoo.com> (I'm sorry for breaking the thread with each mail) On 09/09/2011 10:04 AM, Jan-Frode Myklebust wrote: > On Fri, Sep 09, 2011 at 08:18:40AM +0100, mailing lists wrote: >> >> and how to I might configure dovecot to use the mail directory as a subdirectory of the home directory? >> >> this way all lookups for home (with %%h fetched from ldap) will return the correct locationand mail will be in (i.e.) ~/mailSubDir >> >> is this configuration possible? > > In the main dovecot.conf: > > ??? mail_location = maildir:~/mailSubDir > > In the ldap-config: > > ??? user_attrs = homeFilter=home and which is the value for the location directive in namespace declaration ?? namespace { ? list = children ? location = maildir:%%h/mailSubDir:INDEX=~/mailSubDIr/shared/%%u ? prefix = shared.%%u. ? separator = . ? subscriptions = no ? type = shared } with the above conf. no shared folders are seen by tests users and afaik %%h is retrieved from ldap. this is that I had done until now: # telnet localhost 143 Trying ::1... Connected to localhost. Escape character is '^]'. * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN] Dovecot ready. . login user001 secret . OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT CHILDREN NAME . create INBOX.docs-user001 . OK Create completed. . setacl INBOX.docs-user001 user002 lr . OK Setacl complete. . logout * BYE Logging out . OK Logout completed. Connection closed by foreign host. # telnet localhost 143 Trying ::1... Connected to localhost. Escape character is '^]'. * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN] Dovecot ready. . login user002 secret . OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT CHILDREN NAME . create INBOX.docs-user002 . OK Create completed. . setacl INBOX.docs-user002 user001 lr . OK Setacl complete. . logout * BYE Logging out . OK Logout completed. Connection closed by foreign host. ?# cat /var/maildir/shared-mailboxes shared/shared-boxes/user/user002/user001 1 shared/shared-boxes/user/user002/user002 1 shared/shared-boxes/user/user001/user001 1 shared/shared-boxes/user/user001/user002 1 # cat /var/maildir/vol04/4/46/user001/.docs-user001/dovecot-acl user=user002 lr # cat /var/maildir/vol05/4/40/user002/.docs-user002/dovecot-acl user=user001 lr # telnet localhost 143 Trying ::1... Connected to localhost. Escape character is '^]'. * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN] Dovecot ready. . login user001 secret . OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS ACL RIGHTS=texk] Logged in . namespace * NAMESPACE (("INBOX." ".")) (("shared." ".")) NIL . OK Namespace completed. . list "shared." "*" . OK List completed. ? /--------------/ # grep? ^[^#] /etc/dovecot/dovecot-ldap.conf.ext uris = ldap://ldap.example.com dn = cn=testuser,dc=example,dc=com dnpass = secret sasl_bind = no tls = no auth_bind = yes ldap_version = 3 base = dc=example,dc=com deref = never scope = subtree user_attrs = mailbox=mail=maildir:/var/maildir/%$,homeFilter=home user_filter = (&(objectClass=CourierMailAccount)(uid=%u)) pass_filter = (&(objectClass=CourierMailAccount)(uid=%u)) # dovecot -n # 2.0.14: /etc/dovecot/dovecot.conf # OS: Linux 2.6.34.7-0.7-xen x86_64 openSUSE 11.3 (x86_64) auth_debug = yes auth_debug_passwords = yes auth_verbose = yes auth_verbose_passwords = plain base_dir = /var/run/dovecot/ disable_plaintext_auth = no mail_debug = yes mail_fsync = always mail_gid = 5000 mail_location = maildir:~/mailSubDir mail_nfs_index = yes mail_nfs_storage = yes mail_plugins = acl mail_uid = 5000 managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date mmap_disable = yes namespace { ? inbox = yes ? location = ? prefix = INBOX. ? separator = . } namespace { ? list = children ? location = maildir:%%h/mailSubDir:INDEX=~/mailSubDir/shared/%%u ? prefix = shared.%%u. ? separator = . ? subscriptions = no ? type = shared } passdb { ? args = /etc/dovecot/dovecot-ldap.conf.ext ? driver = ldap } plugin { ? acl = vfile ? acl_shared_dict = file:/var/maildir/shared-mailboxes ? sieve = ~/.dovecot.sieve ? sieve_dir = ~/sieve } protocols = imap lmtp service lmtp { ? inet_listener lmtp { ??? port = 24 ? } ? unix_listener lmtp { ??? user = vmail ? } } ssl = no userdb { ? args = /etc/dovecot/dovecot-ldap.conf.ext ? driver = ldap } verbose_proctitle = yes protocol lmtp { ? mail_plugins = acl } protocol lda { ? mail_plugins = acl } protocol imap { ? mail_max_userip_connections = 100 ? mail_plugins = acl imap_acl autocreate } From marcin at mejor.pl Fri Sep 9 14:24:08 2011 From: marcin at mejor.pl (=?UTF-8?B?TWFyY2luIE1pcm9zxYJhdw==?=) Date: Fri, 09 Sep 2011 13:24:08 +0200 Subject: [Dovecot] Problem with configuring dovecot to take namespaces from database In-Reply-To: <1315487921.3876.40.camel@hurina> References: <4E6782CB.1060803@mejor.pl> <04EE142A-25EF-4018-A8AB-C3A35CDF7B4E@iki.fi> <4E6786CF.2020102@mejor.pl> <4E678B66.60602@mejor.pl> <8F07F485-4BC4-40E5-A520-7F59C87A7863@iki.fi> <4E688A28.1090800@mejor.pl> <1315474812.3876.23.camel@hurina> <4E68A060.8090306@mejor.pl> <1315487921.3876.40.camel@hurina> Message-ID: <4E69F758.8050008@mejor.pl> W dniu 08.09.2011 15:18, Timo Sirainen pisze: > Forget all of that. I just tried a few ways and looks like you can add > more namespaces by returning e.g. these fields (from SQL): > > namespace=nsname > namespace/nsname/prefix=prefix/ > namespace/nsname/location=maildir:/elsewhere > namespace/nsname/separator=/ > > Where nsname is some unique name for the namespace. If you want more > than one namespace, I think you can do it by adding another name to > "namespace" field, e.g.: > > namespace=nsname nsname2 nsname3 select .... "test1 test2" AS namespace works, it gives me two namespaces. It's nice. Now i've another problem, how to configure them usinq sql. I can't do "recursive sql query" , sql can't create variable number of output columns depended on values in table. E.g: I imagine such table: -------------------------------------------------------------- |user_id | namespace | prefix | location | -------------------------------------------------------------- | 648 | test1 | test1. | mdbox:~/test1/.mdbox | -------------------------------------------------------------- | 648 | test2 | test2. | maildir:~/test2/.maildir | -------------------------------------------------------------- etc... In query i have to know all namespaces names to mention them in query: select ... as "namespace/test1/prefix" but i don't know if there is "test1" namespace untill i fetch record from table. Ok, maybe could it be possible to do it in other way: -------------------------------------------------------------------- |user_id | namespace_full_definition | -------------------------------------------------------------------- | 7684 | /name=test1/prefix=test1./location=mdbox:~/test1/.mdbox/ name=test2/prefix=test2/location=... | -------------------------------------------------------------------- but this isn't supported by dovecot as i know. Maybe something like "user_namespace" query could be usefull? Query could be very easy: select ... namespace_name, namespace_prefix, namespace_location where user='somuser' (and table schema like in first example). Maybe there i other, way to do it by i can't see it now. Btw, i can see dovecot 2.1 can proxy imap connections. It's a great idea! Thanks. From zaharovr at inbox.ru Fri Sep 9 14:24:32 2011 From: zaharovr at inbox.ru (=?UTF-8?B?0KDQvtC80LDQvSDQl9Cw0YXRgNC+0LI=?=) Date: Fri, 09 Sep 2011 15:24:32 +0400 Subject: [Dovecot] =?utf-8?q?dovecot_2=2E0=2E12=3A_mdbox_=26__quota=3Ddirs?= =?utf-8?q?ize?= Message-ID: #doveconf -v ...................... ? quota = dirsize:User quota ? quota_debug = yes ? quota_exceeded_message = message ? quota_warning = storage=95%% quota-warning 95 %u ? quota_warning2 = storage=80%% quota-warning 80 %u ............................? # du --max-depth=1 -h 311M??? ./storage 20K???? ./sieve 7,8M??? ./mailboxes 319M??? . # doveadm quota get -u myuser Quota name????????????????????????????????????????????????????????????? Type???? Value? Limit? % User quota????????????????????????????????????????????????????????????? STORAGE 7948 399360 2 #? then i change ./dovecot-2.0.12/src/plugins/quota?/quota-dirsize.c 165--?????????????????????????????? path = mailbox_list_get_path(namespaces[i]->list, NULL,? 166-- ??????????????????????????????????????????????????????????????? MAILBOX_LIST_PATH_TYPE_MAILBOX?); 165++???????????????????????????? path = mailbox_list_get_path(namespaces[i]->list, NULL, 166++????????????????????????????????????????????????????????????????????? MAILBOX_LIST_PATH_TYPE_DIR);?? # doveadm quota get -u myuser? Quota name????????????????????????????????????????????????????????????? Type???? Value? Limit? % User quota????????????????????????????????????????????????????????????? STORAGE 325885 399360 81 #? From listas.correo at yahoo.es Fri Sep 9 14:25:58 2011 From: listas.correo at yahoo.es (mailing lists) Date: Fri, 9 Sep 2011 12:25:58 +0100 (BST) Subject: [Dovecot] Shared Mailboxes with VirtualUsers and mail_location retrieved from ldap Message-ID: <1315567558.65773.YahooMailNeo@web29119.mail.ird.yahoo.com> and for the time that user001 execute the imap 'list' command, this is the log trace in dovecot: Sep? 9 13:09:12 imap1 dovecot: imap(user001): Debug: Namespace : type=shared, prefix=shared.%u., sep=., inbox=no, hidden=no, list=children, subscriptions=no location=maildir:%h/mailSubDir:INDEX=~/mailSubDir/shared/%u Sep? 9 13:09:12 imap1 dovecot: imap(user001): Debug: shared: root=/var/run/dovecot/, index=, control=, inbox=, alt= [...] Sep? 9 13:10:44 imap1 dovecot: auth: Debug: master in: USER?? 1?????? user002 service=lib-storage Sep? 9 13:10:44 imap1 dovecot: auth: Debug: ldap(user002): user search: base=dc=example,dc=com scope=subtree filter=(&(objectClass=CourierMailAccount)(uid=user002)) fields=mailbox,homeFilter Sep? 9 13:10:44 imap1 dovecot: auth: Debug: ldap(user002): result: mailbox(mail=maildir:/var/maildir/%$)=vol05/4/40/user002 homeFilter(home)=/var/mailfilter/vol05/4/40/user002 Sep? 9 13:10:44 imap1 dovecot: auth: Debug: master out: USER? 1?????? user002 mail=maildir:/var/maildir/vol05/4/40/user002??? home=/var/mailfilter/vol05/4/40/user002 Sep? 9 13:10:44 imap1 dovecot: imap(user001): Debug: auth input: user002 mail=maildir:/var/maildir/vol05/4/40/user002 home=/var/mailfilter/vol05/4/40/user002 Sep? 9 13:10:44 imap1 dovecot: imap(user001): Debug: maildir++: root=/var/mailfilter/vol05/4/40/user002/mailSubDir, index=/var/mailfilter/vol04/4/46/user001/mailSubDir/shared/user002, control=, inbox=/var/mailfilter/vol05/4/40/user002/mailSubDir, alt= Sep? 9 13:10:44 imap1 dovecot: imap(user001): Debug: acl: initializing backend with data: vfile Sep? 9 13:10:44 imap1 dovecot: imap(user001): Debug: acl: acl username = user001 Sep? 9 13:10:44 imap1 dovecot: imap(user001): Debug: acl: owner = 0 Sep? 9 13:10:44 imap1 dovecot: imap(user001): Debug: acl vfile: Global ACL directory: (none) Sep? 9 13:10:44 imap1 dovecot: imap(user001): Debug: acl: Mailbox not in dovecot-acl-list: shared.user002.INBOX From ramon.frontera at uib.es Fri Sep 9 15:19:38 2011 From: ramon.frontera at uib.es (=?iso-8859-1?Q?Ram=F3n_Frontera?=) Date: Fri, 9 Sep 2011 14:19:38 +0200 Subject: [Dovecot] problem migrating from maildir to dbox Message-ID: <95E776CC-912A-4BD4-A99E-AA930E5CCBFB@uib.es> Hello, we want to migrate Mail folders from Maildir to dbox without downtime. We change the mail_location to dbox in 10-mail.conf and restart dovecot. After that we use dsync -u user mirror maildir:~/Maildir. The problem is that if INBOX exists the dsync create a new folder with name like b5893c0a93ff694e551200002dfa3112 Can I migrate to the existing INBOX? or How can I merge the 2 INBOX folders? Thanks for your help! Regards, -- Ramon From tobias at hachmer.de Fri Sep 9 16:14:26 2011 From: tobias at hachmer.de (Tobias Hachmer) Date: Fri, 09 Sep 2011 15:14:26 +0200 Subject: [Dovecot] BestPractice to migrate imap mailbox from one machine to another Message-ID: <8c63a852f1cdf3633ecfe820a17bd158@hachmer.de> Hi list, currently I use dovecot v1.2.15 with maildir++ mailboxes. (Debian Squeeze) I want to set up a different server with dovecot v2, also maildir++ mailboxes. (also Debian Squeeze) What is the best way to copy the existing mailboxes from the older machine running dovecot v1.2.15 to the new naked machine? Greetz, Tobias From robert at schetterer.org Fri Sep 9 16:22:54 2011 From: robert at schetterer.org (Robert Schetterer) Date: Fri, 09 Sep 2011 15:22:54 +0200 Subject: [Dovecot] BestPractice to migrate imap mailbox from one machine to another In-Reply-To: <8c63a852f1cdf3633ecfe820a17bd158@hachmer.de> References: <8c63a852f1cdf3633ecfe820a17bd158@hachmer.de> Message-ID: <4E6A132E.9080206@schetterer.org> Am 09.09.2011 15:14, schrieb Tobias Hachmer: > Hi list, > > currently I use dovecot v1.2.15 with maildir++ mailboxes. (Debian Squeeze) > I want to set up a different server with dovecot v2, also maildir++ > mailboxes. (also Debian Squeeze) > > What is the best way to copy the existing mailboxes from the older > machine running dovecot v1.2.15 to the new naked machine? > > Greetz, Tobias i used imapsync in a bash script http://ks.lamiral.info/imapsync/ at a massive migration -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria From zaharovr at inbox.ru Fri Sep 9 16:26:59 2011 From: zaharovr at inbox.ru (=?UTF-8?B?0JfQsNGF0LDRgNC+0LIg0KDQvtC80LDQvQ==?=) Date: Fri, 09 Sep 2011 17:26:59 +0400 Subject: [Dovecot] problem migrating from maildir to dbox In-Reply-To: <95E776CC-912A-4BD4-A99E-AA930E5CCBFB@uib.es> References: <95E776CC-912A-4BD4-A99E-AA930E5CCBFB@uib.es> Message-ID: <4E6A1423.9010406@inbox.ru> 09.09.2011 16:19, Ram?n Frontera ?????: > Hello, > we want to migrate Mail folders from Maildir to dbox without downtime. > We change the mail_location to dbox in 10-mail.conf and restart dovecot. > After that we use dsync -u user mirror maildir:~/Maildir. > The problem is that if INBOX exists the dsync create a new folder with name like b5893c0a93ff694e551200002dfa3112 > Can I migrate to the existing INBOX? or How can I merge the 2 INBOX folders? > Thanks for your help! > Regards, > > -- > Ramon > > > My transition from maildir to mdbox occurred so: /Maildir - an old place of mail /Mailbox - new mail_location=%h # set home for all users maildir:/Maildir/user_name script: for i in `echo "select name from user|$sql` do res=$(dsync -u $i backup mdbox:/Mailbox/$i) if [ $res -eq 0 ];then echo "update user set home=\"mdbox:/Mailbox/$i\" where name=$i"|$sql echo "$i migrated" >> $log fi done From zaharovr at inbox.ru Fri Sep 9 16:30:27 2011 From: zaharovr at inbox.ru (=?UTF-8?B?0JfQsNGF0LDRgNC+0LIg0KDQvtC80LDQvQ==?=) Date: Fri, 09 Sep 2011 17:30:27 +0400 Subject: [Dovecot] problem migrating from maildir to dbox In-Reply-To: <95E776CC-912A-4BD4-A99E-AA930E5CCBFB@uib.es> References: <95E776CC-912A-4BD4-A99E-AA930E5CCBFB@uib.es> Message-ID: <4E6A14F3.4080803@inbox.ru> 09.09.2011 16:19, Ram?n Frontera ?????: > Hello, > we want to migrate Mail folders from Maildir to dbox without downtime. > We change the mail_location to dbox in 10-mail.conf and restart dovecot. > After that we use dsync -u user mirror maildir:~/Maildir. > The problem is that if INBOX exists the dsync create a new folder with name like b5893c0a93ff694e551200002dfa3112 > Can I migrate to the existing INBOX? or How can I merge the 2 INBOX folders? > Thanks for your help! > Regards, > > -- > Ramon > > > My transition from maildir to mdbox occurred so: /Maildir - an old place of mail /Mailbox - new mail_location=%h # set home for all users maildir:/Maildir/user_name script: for i in `echo "select name from user|$sql` do res=$(dsync -u $i backup mdbox:/Mailbox/$i) if [ $res -eq 0 ];then echo "update user set home=\"mdbox:/Mailbox/$i\" where name=$i"|$sql echo "$i migrated" >> $log fi done From tobias at hachmer.de Fri Sep 9 16:34:25 2011 From: tobias at hachmer.de (Tobias Hachmer) Date: Fri, 09 Sep 2011 15:34:25 +0200 Subject: [Dovecot] BestPractice to migrate imap mailbox from one machine to another In-Reply-To: <4E6A132E.9080206@schetterer.org> References: <8c63a852f1cdf3633ecfe820a17bd158@hachmer.de> <4E6A132E.9080206@schetterer.org> Message-ID: On Fri, 09 Sep 2011 15:22:54 +0200, Robert Schetterer wrote: > Am 09.09.2011 15:14, schrieb Tobias Hachmer: >> What is the best way to copy the existing mailboxes from the older >> machine running dovecot v1.2.15 to the new naked machine? > > i used imapsync in a bash script > http://ks.lamiral.info/imapsync/ > at a massive migration ok, but this tool is not free of charge. Are there any known problems just copying the mailboxes with scp or rsync? Tobias From pit11 at ukr.net Fri Sep 9 16:35:24 2011 From: pit11 at ukr.net (Peter Ignatov) Date: Fri, 9 Sep 2011 16:35:24 +0300 Subject: [Dovecot] Quota fs (ignore mount) Message-ID: <41158249D4DC4A7FA9ACFDFAB6C709E5@port.odessa.ua> > I set "quota: fs:INBOX:noenforcing:mount=/var/spool/mail", but receive: "fs quota add storage dir = /home/pit/mail"... > Why ? Well .. I'm not entirely sure if the current behavior is good or not, but what you need to do to get it working is to add two quota roots. One for /home/pit/mail (i.e. without specifying mount=) and another for the INBOX's /var/spool/mail. Don't work... :-( # dovecot -n # 1.2.17: /etc/dovecot.conf # OS: Linux 2.6.18-274.el5.asp121 x86_64 Red Hat Enterprise Linux Server release 5.6 (Tikanga) log_path: /var/log/dovecot.log protocols: pop3 pop3s listen: * login_dir: /var/run/dovecot/login login_executable: /usr/libexec/dovecot/pop3-login verbose_proctitle: yes mail_location: mbox:~/mail:INBOX=/var/spool/mail/%u mail_debug: yes mail_executable: /usr/libexec/dovecot/pop3 mail_plugins: quota mail_plugin_dir: /usr/lib64/dovecot/pop3 auth default: passdb: driver: pam userdb: driver: passwd plugin: quota: fs:INBOX:noenforcing quota2: fs:boxes:noenforcing:mount=/var/spool/mail quota_rule: *:storage=10240 quota_rule2: *:storage=15000 dovecot.log: ------------ Sep 09 16:13:46 pop3-login: Info: Login: user=, method=PLAIN, rip=192.168.3.10, lip=192.168.6.3, TLS Sep 09 16:13:46 POP3(pit): Info: Loading modules from directory: /usr/lib64/dovecot/pop3 Sep 09 16:13:46 POP3(pit): Info: Module loaded: /usr/lib64/dovecot/pop3/lib10_quota_plugin.so Sep 09 16:13:46 POP3(pit): Info: Effective uid=500, gid=500, home=/home/pit Sep 09 16:13:46 POP3(pit): Info: Quota root: name=INBOX backend=fs args=noenforcing Sep 09 16:13:46 POP3(pit): Info: Quota rule: root=INBOX mailbox=* bytes=10485760 messages=0 Sep 09 16:13:46 POP3(pit): Info: Quota rule: root=INBOX mailbox=* bytes=15360000 messages=0 Sep 09 16:13:46 POP3(pit): Info: Quota root: name=boxes backend=fs args=noenforcing:mount=/var/spool/mail Sep 09 16:13:46 POP3(pit): Info: mbox: data=~/mail:INBOX=/var/spool/mail/pit Sep 09 16:13:46 POP3(pit): Info: fs: root=/home/pit/mail, index=, control=, inbox=/var/spool/mail/pit Sep 09 16:13:46 POP3(pit): Info: fs quota add storage dir = /home/pit/mail Sep 09 16:13:46 POP3(pit): Info: fs quota block device = /dev/cciss/c0d0p3 Sep 09 16:13:46 POP3(pit): Info: fs quota mount point = / Sep 09 16:13:46 POP3(pit): Info: fs quota mount type = ext3 Sep 09 16:13:46 POP3(pit): Info: Disconnected: Logged out top=0/0, retr=0/0, del=0/2, size=1249 From giulio at dsi.unimi.it Fri Sep 9 16:42:57 2011 From: giulio at dsi.unimi.it (Giulio Casella) Date: Fri, 09 Sep 2011 15:42:57 +0200 Subject: [Dovecot] BestPractice to migrate imap mailbox from one machine to another In-Reply-To: References: <8c63a852f1cdf3633ecfe820a17bd158@hachmer.de> <4E6A132E.9080206@schetterer.org> Message-ID: <4E6A17E1.4000004@dsi.unimi.it> Have you tried dsync (part of dovecot)? I don't know if it works for migration to a different (major) version of dovecot, but it's a nice tool. And it works also over ssh. Giulio Hope this helps. Il 09/09/2011 15.34, Tobias Hachmer ha scritto: > On Fri, 09 Sep 2011 15:22:54 +0200, Robert Schetterer wrote: >> Am 09.09.2011 15:14, schrieb Tobias Hachmer: >>> What is the best way to copy the existing mailboxes from the older >>> machine running dovecot v1.2.15 to the new naked machine? >> >> i used imapsync in a bash script >> http://ks.lamiral.info/imapsync/ >> at a massive migration > > ok, but this tool is not free of charge. > Are there any known problems just copying the mailboxes with scp or rsync? > > Tobias > > -- Giulio Casella giulio at dsi.unimi.it System and network manager Computer Science Dept. - University of Milano From tobias at hachmer.de Fri Sep 9 16:50:49 2011 From: tobias at hachmer.de (Tobias Hachmer) Date: Fri, 09 Sep 2011 15:50:49 +0200 Subject: [Dovecot] BestPractice to migrate imap mailbox from one machine to another In-Reply-To: <4E6A17E1.4000004@dsi.unimi.it> References: <8c63a852f1cdf3633ecfe820a17bd158@hachmer.de> <4E6A132E.9080206@schetterer.org> <4E6A17E1.4000004@dsi.unimi.it> Message-ID: On Fri, 09 Sep 2011 15:42:57 +0200, Giulio Casella wrote: > Have you tried dsync (part of dovecot)? I don't know if it works for > migration to a different (major) version of dovecot, but it's a nice > tool. And it works also over ssh. Yeah, I read the sections in the dovecot v2 wiki, but I don't get how to use for migration. As far as I understood it's to keep several dovecot server at a unique data bank. An well, can I use it between dovecot v1.2 and v2? Tobias From joh.hendriks at gmail.com Fri Sep 9 17:26:37 2011 From: joh.hendriks at gmail.com (Johan Hendriks) Date: Fri, 09 Sep 2011 16:26:37 +0200 Subject: [Dovecot] BestPractice to migrate imap mailbox from one machine to another In-Reply-To: <8c63a852f1cdf3633ecfe820a17bd158@hachmer.de> References: <8c63a852f1cdf3633ecfe820a17bd158@hachmer.de> Message-ID: <4E6A221D.7060805@gmail.com> Tobias Hachmer schreef: > Hi list, > > currently I use dovecot v1.2.15 with maildir++ mailboxes. (Debian > Squeeze) > I want to set up a different server with dovecot v2, also maildir++ > mailboxes. (also Debian Squeeze) > > What is the best way to copy the existing mailboxes from the older > machine running dovecot v1.2.15 to the new naked machine? > > Greetz, Tobias I did the same thing, with no know issues so far. My old server was running dovecot 1.2.x and i coppied the whole maildir structure to the other machine. Then started Dovecot 2.x and all was fine. Should be the same as instlling 2.0 over the old 1.2.x version, then it uses the old maildir also. Well test it i would say. Just do the copy, and try if everything works. then do it for a final migration. Gr Johan Hendriks From Lutz.Pressler at SerNet.DE Fri Sep 9 17:43:49 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Fri, 9 Sep 2011 16:43:49 +0200 Subject: [Dovecot] 2.1: imapc LIST problem / usage question In-Reply-To: <20110909102128.GA762256@gabi.sernet.de> References: <1315563414.3876.50.camel@hurina> <20110909102128.GA762256@gabi.sernet.de> Message-ID: On Fr, 09 Sep 2011, Lutz Pre?ler wrote: > On Fr, 09 Sep 2011, Timo Sirainen wrote: > > > On Fri, 2011-09-09 at 12:01 +0200, Lutz Pre?ler wrote: > [...] > > > For the Gmail mailboxe the INBOX.gmail prefix is missing and / is used > > > as separator. > > > > Fixed in hg. > Thanks. LIST is now working correctly in my setup, but SUBSCRIBE ist not. With subscriptions=no, as written (but same behaviour with subscriptions=yes), SUBSCRIBE INBOX.gmail.INBOX (or others) yields 0 NO [SERVERBUG] Internal error occurred. Refer to server log for more information. [2011-09-09 16:39:40] logging (with mail_debug=yes) only Sep 9 16:39:40 host dovecot: imap(1143, user): Error: stat((null)) failed: Bad address Lutz From giulio at dsi.unimi.it Fri Sep 9 18:16:57 2011 From: giulio at dsi.unimi.it (Giulio Casella) Date: Fri, 09 Sep 2011 17:16:57 +0200 Subject: [Dovecot] BestPractice to migrate imap mailbox from one machine to another In-Reply-To: References: Message-ID: <4E6A2DE9.1060806@dsi.unimi.it> This is working for me: root at oldserver # dsync -v -D -u $user backup ssh newserver dsync -u $user where $user is a username. oldserver and newserver can also have different mailbox format (in my case was mbox -> maildir) Regards, gc -------- Messaggio originale -------- Oggetto: Re: [Dovecot] BestPractice to migrate imap mailbox from one machine to another Data: Fri, 09 Sep 2011 15:50:49 +0200 Mittente: Tobias Hachmer A: On Fri, 09 Sep 2011 15:42:57 +0200, Giulio Casella wrote: > Have you tried dsync (part of dovecot)? I don't know if it works for > migration to a different (major) version of dovecot, but it's a nice > tool. And it works also over ssh. Yeah, I read the sections in the dovecot v2 wiki, but I don't get how to use for migration. As far as I understood it's to keep several dovecot server at a unique data bank. An well, can I use it between dovecot v1.2 and v2? Tobias -- Giulio Casella giulio at dsi.unimi.it System and network manager Computer Science Dept. - University of Milano From stsiol at yahoo.co.uk Fri Sep 9 18:22:04 2011 From: stsiol at yahoo.co.uk (Spyros Tsiolis) Date: Fri, 9 Sep 2011 16:22:04 +0100 (BST) Subject: [Dovecot] How to get rid of sub-folders ? Message-ID: <1315581724.65256.YahooMailNeo@web27201.mail.ukl.yahoo.com> Hello, OK, no answers on my previous e-mail. I'll rephrase it. How can I get rid of subfolders on a users' tree-like structure on dovecot ? Which file must I "touch" ? TIA, s. ? ---- "I merely function as a channel that filters music through the chaos of noise" - Vangelis From tobias at hachmer.de Fri Sep 9 20:05:08 2011 From: tobias at hachmer.de (Tobias Hachmer) Date: Fri, 09 Sep 2011 19:05:08 +0200 Subject: [Dovecot] BestPractice to migrate imap mailbox from one machine to another In-Reply-To: <4E6A2DE9.1060806@dsi.unimi.it> References: <4E6A2DE9.1060806@dsi.unimi.it> Message-ID: On Fri, 09 Sep 2011 17:16:57 +0200, Giulio Casella wrote: > This is working for me: > > root at oldserver # dsync -v -D -u $user backup ssh newserver dsync -u > $user > > where $user is a username. oldserver and newserver can also have > different mailbox format (in my case was mbox -> maildir) Thanks for your replies, I will test first the simple copy of the maildirs when the new server is set up. So thanks a lot. Greetz, Tobias From simon.brereton at buongiorno.com Fri Sep 9 20:07:54 2011 From: simon.brereton at buongiorno.com (Simon Brereton) Date: Fri, 9 Sep 2011 13:07:54 -0400 Subject: [Dovecot] Mails repopping Message-ID: <004b01cc6f13$04a166d0$0de43470$@brereton@buongiorno.com> HI I don't know if this is a dovecot issue or a client one. But as Dovecot is the most recent change, I'll start here. I have a server that's been running Courier for about 6 years and in all that time I think I've only ever had 1 issues where an entire mail box was repopped by a webmail client. However, since moving to a new server and dovecot 4 weeks ago, I've now had the webmail client repop this account 4 times (there are about 230 mails in the account). Is there a setting I need to tighten to prevent/remedy this? I have no idea if it's happening on other accounts, but this is one that I see. The format is maildir. There has been no changes to the webmail client. Thanks. Simon From robert at schetterer.org Fri Sep 9 21:26:59 2011 From: robert at schetterer.org (Robert Schetterer) Date: Fri, 09 Sep 2011 20:26:59 +0200 Subject: [Dovecot] BestPractice to migrate imap mailbox from one machine to another In-Reply-To: References: <8c63a852f1cdf3633ecfe820a17bd158@hachmer.de> <4E6A132E.9080206@schetterer.org> Message-ID: <4E6A5A73.4050403@schetterer.org> Am 09.09.2011 15:34, schrieb Tobias Hachmer: > On Fri, 09 Sep 2011 15:22:54 +0200, Robert Schetterer wrote: >> Am 09.09.2011 15:14, schrieb Tobias Hachmer: >>> What is the best way to copy the existing mailboxes from the older >>> machine running dovecot v1.2.15 to the new naked machine? >> >> i used imapsync in a bash script >> http://ks.lamiral.info/imapsync/ >> at a massive migration > > ok, but this tool is not free of charge. ? you should donate but you can use it without too, i.e its part of ubuntu > Are there any known problems just copying the mailboxes with scp or rsync? may work too, with few problems depending on your setup, but its no real way if you make migration on the fly in my eyes better setup the new server, do tests, make imapsync > > Tobias > > > -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria From robert at schetterer.org Fri Sep 9 21:28:35 2011 From: robert at schetterer.org (Robert Schetterer) Date: Fri, 09 Sep 2011 20:28:35 +0200 Subject: [Dovecot] BestPractice to migrate imap mailbox from one machine to another In-Reply-To: <4E6A2DE9.1060806@dsi.unimi.it> References: <4E6A2DE9.1060806@dsi.unimi.it> Message-ID: <4E6A5AD3.3010802@schetterer.org> Am 09.09.2011 17:16, schrieb Giulio Casella: > This is working for me: > > root at oldserver # dsync -v -D -u $user backup ssh newserver dsync -u $user > > where $user is a username. oldserver and newserver can also have > different mailbox format (in my case was mbox -> maildir) > > Regards, > gc yes, dsync should work too, but never tested it > > -------- Messaggio originale -------- > Oggetto: Re: [Dovecot] BestPractice to migrate imap mailbox from one > machine to another > Data: Fri, 09 Sep 2011 15:50:49 +0200 > Mittente: Tobias Hachmer > A: > > On Fri, 09 Sep 2011 15:42:57 +0200, Giulio Casella wrote: >> Have you tried dsync (part of dovecot)? I don't know if it works for >> migration to a different (major) version of dovecot, but it's a nice >> tool. And it works also over ssh. > > Yeah, I read the sections in the dovecot v2 wiki, but I don't get how > to use for migration. > As far as I understood it's to keep several dovecot server at a unique > data bank. An well, can I use it between dovecot v1.2 and v2? > > Tobias > -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria From tobias at hachmer.de Fri Sep 9 22:17:35 2011 From: tobias at hachmer.de (Tobias Hachmer) Date: Fri, 09 Sep 2011 21:17:35 +0200 Subject: [Dovecot] BestPractice to migrate imap mailbox from one machine to another In-Reply-To: <4E6A5A73.4050403@schetterer.org> References: <8c63a852f1cdf3633ecfe820a17bd158@hachmer.de> <4E6A132E.9080206@schetterer.org> <4E6A5A73.4050403@schetterer.org> Message-ID: <4b0910624105abb6709a382467b4f6b1@hachmer.de> On Fri, 09 Sep 2011 20:26:59 +0200, Robert Schetterer wrote: >>> i used imapsync in a bash script >>> http://ks.lamiral.info/imapsync/ >>> at a massive migration >> >> ok, but this tool is not free of charge. > > ? you should donate > but you can use it without too, i.e its part of ubuntu Oh, cool, thanks for the hint. Yes, I will test simple copy, imapsnc and dsync. Thanks a lot. Tobias From simon.brereton at buongiorno.com Fri Sep 9 22:46:05 2011 From: simon.brereton at buongiorno.com (Simon Brereton) Date: Fri, 9 Sep 2011 15:46:05 -0400 Subject: [Dovecot] Mails repopping In-Reply-To: <4E6A6021.3000109@Media-Brokers.com> References: <004b01cc6f13$04a166d0$0de43470$@brereton@buongiorno.com> <4E6A6021.3000109@Media-Brokers.com> Message-ID: <000001cc6f29$1d950730$58bf1590$@brereton@buongiorno.com> > -----Original Message----- > From: Charles Marcus [mailto:CMarcus at Media-Brokers.com] > Sent: Friday, September 09, 2011 2:51 PM > On 2011-09-09 1:07 PM, Simon Brereton > wrote: > > I have a server that's been running Courier for about 6 years and > in > > all that time I think I've only ever had 1 issues where an entire > mail > > box was repopped by a webmail client. > > I don't understand... > > Webmail doesn't speak 'pop' (that I've ever heard of)... so how does > a webmail client 'repop' emails? What webmail is this? It's Horde webmail. Webmail does pop. Yahoo and Gmail do it too. When I first set up the server, it did it on first login - obviously because the server had changed but it's doing it once a week now (and in fact, it did it twice today). It's not fatal, no one will die. It is a PITA though. Simon From micah at riseup.net Fri Sep 9 23:05:21 2011 From: micah at riseup.net (Micah Anderson) Date: Fri, 09 Sep 2011 16:05:21 -0400 Subject: [Dovecot] quota percents Message-ID: <87sjo5wkfy.fsf@algae.riseup.net> I've noticed that http://wiki2.dovecot.org/Quota/Configuration is out of date, it says: plugin { quota = maildir:User quota quota_rule = *:storage=1GB # 10% of 1GB = 100MB quota_rule2 = Trash:storage=10%% # 20% of 1GB = 200MB quota_rule3 = Spam:storage=20%% } but if you use the '10%%' notation, dovecot complains, and *also* incorrectly: dovecot: imap(test at example.net): Warning: quota root mail quota rule Trash:bytes=10%: obsolete configuration for rule 'bytes=10%' should be changed to 'bytes=+10%' its incorrect because if you change it to what it suggests ('+10%') it wont work because that wont be 10% more, rather, it is set to bytes=+10: dovecot: imap(test at example.net): Debug: Quota rule: root=mail quota mailbox=Trash bytes=+10 messages=0 clearly, that isn't right... so I guess it needs to be changed to '+10%%', setting that provides: dovecot: imap(test at example.net): Debug: Quota rule: root=mail quota mailbox=* bytes=2211724 messages=0 dovecot: imap(test at example.net): Debug: Quota rule: root=mail quota mailbox=Trash bytes=+221172 (10%) messages=0 that seems ok, its saying the Trash mailbox is set to have 221172bytes (215 kilobytes) of quota. So, clearly http://wiki2.dovecot.org/Quota/Configuration needs to be updated. However, it doesn't seem to work in practice, because I have a user that is at 99% of quota, with nothing in the Trash who cannot move a 77KB message into the Trash without getting the quota_exceeded message and refusing to move it. so... how do I get this to work? thanks! micah -- -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 835 bytes Desc: not available URL: From npap at ecs.com.gr Sat Sep 10 00:45:26 2011 From: npap at ecs.com.gr (Nikos Papadopoulos) Date: Sat, 10 Sep 2011 00:45:26 +0300 Subject: [Dovecot] Attacking Dovecot Message-ID: <201109092145.p89LjQLb017904@panas.otenet.gr> Hello, I am using Dovecot ver.1.0.7 on an x86 server with RedHat Linux Enterprise 5 and the following configuration: # 1.0.7: /etc/dovecot.conf protocols: pop3 login_dir: /var/run/dovecot/login login_executable: /usr/libexec/dovecot/pop3-login mail_location: mbox:~/mail:INBOX=/var/mail/%u mail_executable: /usr/libexec/dovecot/pop3 mail_plugin_dir: /usr/lib/dovecot/pop3 pop3_client_workarounds: outlook-no-nuls oe-ns-eoh auth default: passdb: driver: pam userdb: driver: passwd It seems that my mail server is being attacked by someone who tries to retrieve users' credentials. Please read below an output of logwatch. dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user sandra dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user tanya dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user tanya dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user dark dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user dark dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user gibson dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user frank dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user frank Besides, some of the local users receive "spam" emails, which seem to be sent by another local user. Please assist me on how to prevent the aforementioned attack. Best Regards, Nikos From christian at siebenbergen.de Sat Sep 10 00:58:55 2011 From: christian at siebenbergen.de (Christian Schmidt) Date: Fri, 9 Sep 2011 23:58:55 +0200 Subject: [Dovecot] userdb static & Quota from LDAP? Message-ID: <20110909215855.GA4680@chemie.uni-hamburg.de> Hi all, I just configured Dovecot 2.0.14 for "virtual" (i.e. non-system-) users: passdb { driver = ldap args = /etc/dovecot/conf.d/ldap-passdb.ext } userdb { driver = static args = uid=vmail gid=vmail home=/var/maildir/%u } Works fine so far - thanks for this great piece of software, Timo!!! Now I'd like to add per-user quotas that will also be stored in the LDAP directory, and I'm not sure how to put things together. IMHO quota is the only "userdb information" requested from LDAP, and I'd like to leave all the other "userdb pieces" as the are. I changed the userdb definition to: userdb { driver = ldap args = /etc/dovecot/conf.d/ldap-userdb.ext } My /etc/dovecot/conf.d/ldap-userdb.ext contains (along other lines): user_attrs = uid=vmail,gid=vmail,home=/var/maildir/%u,mailQuota=quota=quota_rule=*:storage=%$ My quota configuration looks like this: plugin { quota = maildir:Mailbox-Quota quota_rule = *:storage=1G quota_warning = storage=80%% /usr/local/bin/quotawarn.sh 80 %u quota_warning2 = storage=95%% /usr/local/bin/quotawarn.sh 95 %u } Using this setup, "doveadm quota get -u username" doesn't reveal any quota information (except from the "headings"). Instead, dovecot logs: doveadm(username): Fatal: GID 0 isn't permitted When switching back to userdb static, I receive the correct (but also) static quota information. What am I doing wrong? Thank you very much, Christian Schmidt -- question = ( to ) ? be : ! be; -- Wm. Shakespeare From tim at bishnet.net Fri Sep 9 22:44:33 2011 From: tim at bishnet.net (Tim Bishop) Date: Fri, 9 Sep 2011 20:44:33 +0100 Subject: [Dovecot] Read-only mbox files Message-ID: <20110909194433.GB1243@carrick-users.bishnet.net> Hi all, I'm using Dovecot 1.2.16 (I can upgrade to 2.0 if need be) and I'm having trouble stopping Dovecot from modifying mbox files. The setup is that my main namespace points at my Maildir mail folders. In addition to this I have a second namespace that points at some old archived mbox folders. I rarely need to access these folders, but when I do Dovecot modifies the files (adding UID headers, etc). What I'd like to do is make it so that Dovecot can't change these files. I thought there might be a setting to mark a mail_location as read-only, but I can't find anything like that. I've looked at ACLs too, but they seem to be more about user access that what Dovecot can do to files. I could just do this at the filesystem level, but I'd feel a bit happier about working with Dovecot rather than trying to work around it. Does anyone have any suggestions? Thank you for reading. Tim. -- Tim Bishop http://www.bishnet.net/tim/ PGP Key: 0x5AE7D984 From =?utf-8?B?0JrQvtGB0YLRi9GA0LXQsiDQkNC70LXQutGB0LDQvdC00YAg0JDQu9C10LrRgQ==?= Sat Sep 10 04:21:12 2011 From: =?utf-8?B?0JrQvtGB0YLRi9GA0LXQsiDQkNC70LXQutGB0LDQvdC00YAg0JDQu9C10LrRgQ==?= (=?utf-8?B?0JrQvtGB0YLRi9GA0LXQsiDQkNC70LXQutGB0LDQvdC00YAg0JDQu9C10LrRgQ==?=) Date: Sat, 10 Sep 2011 12:21:12 +1100 Subject: [Dovecot] debug user's message retrieval References: <213B51F00051AE48A9F0E112880177178F9F88@Delta.sc.local><213B51F00051AE48A9F0E112880177178F9F89@Delta.sc.local> <4E69B24F.7070501@enas.net> Message-ID: <213B51F00051AE48A9F0E112880177178F77EE@Delta.sc.local> It seems like it?s what I looked for. Many thanks! -- -----Original Message----- From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On Behalf Of Urban Loesch Sent: Friday, September 09, 2011 5:30 PM To: Dovecot Mailing List Subject: Re: [Dovecot] debug user's message retrieval Hi, perhaps the "mail_log" plugin can help you. .... # mail_log plugin provides more event logging for mail processes. plugin { # Events to log. Also available: flag_change append mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename # Group events within a transaction to one line. mail_log_group_events = no # Available fields: uid, box, msgid, from, subject, size, vsize, flags # size and vsize are available only for expunge and copy events. mail_log_fields = uid box msgid size from } ... Regards Urban ???????? ????????? ?????????? wrote: > I forgot to mention that when I go to user's directory there's no > letters at all. > > On Fri, 2011-09-09 at 13:30 +1100, ???????? ????????? ?????????? wrote: >> Hi there! >> >> Is there any method to log user's activity with pop3 service? >> >> I'll try to explain situation: >> >> In maillog I saw that my dovecot lmtp saved four letters in user's >> mailbox. >> After a while I got a call from that user saying that he received >> nothing. >> >> Is there any method to log that that user RETR every single letter, >> maybe with full names of letter's id or something like that? >> > From =?utf-8?B?0JrQvtGB0YLRi9GA0LXQsiDQkNC70LXQutGB0LDQvdC00YAg0JDQu9C10LrRgQ==?= Sat Sep 10 04:23:29 2011 From: =?utf-8?B?0JrQvtGB0YLRi9GA0LXQsiDQkNC70LXQutGB0LDQvdC00YAg0JDQu9C10LrRgQ==?= (=?utf-8?B?0JrQvtGB0YLRi9GA0LXQsiDQkNC70LXQutGB0LDQvdC00YAg0JDQu9C10LrRgQ==?=) Date: Sat, 10 Sep 2011 12:23:29 +1100 Subject: [Dovecot] debug user's message retrieval References: <213B51F00051AE48A9F0E112880177178F9F88@Delta.sc.local><213B51F00051AE48A9F0E112880177178F9F89@Delta.sc.local> <201109091037.37289.joseba.torre@ehu.es> Message-ID: <213B51F00051AE48A9F0E112880177178F77EF@Delta.sc.local> Yep, I do have info like that but I need more cowbell) -----Original Message----- From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On Behalf Of Joseba Torre Sent: Friday, September 09, 2011 7:38 PM To: dovecot at dovecot.org Subject: Re: [Dovecot] debug user's message retrieval On Viernes 09 Septiembre 2011 04:36:13 ???????? ????????? ?????????? escribi?: > I forgot to mention that when I go to user's directory there's no > letters at all. > > On Fri, 2011-09-09 at 13:30 +1100, ???????? ????????? ?????????? wrote: > > Hi there! > > > > Is there any method to log user's activity with pop3 service? > > > > I'll try to explain situation: > > > > In maillog I saw that my dovecot lmtp saved four letters in user's > > mailbox. > > After a while I got a call from that user saying that he received > > nothing. > > > > Is there any method to log that that user RETR every single letter, > > maybe with full names of letter's id or something like that? The default pop3 log is enough for me: Sep 9 05:46:37 server1 dovecot: POP3(user1): Disconnected: Logged out top=0/0, retr=1/41706, del=1/1, size=41685 This means that user1 received 1 message, deleted 1 message, and total downloaded size was 41685. Don't you have a similar line for your user? -- Joseba Torre. Vicegerencia de TICs, ?rea de Explotaci?n From henson at acm.org Sat Sep 10 05:33:16 2011 From: henson at acm.org (Paul B. Henson) Date: Fri, 09 Sep 2011 19:33:16 -0700 Subject: [Dovecot] mysql auth failover failing Message-ID: <4E6ACC6C.6020200@acm.org> We are running dovecot to provide authentication for postfix, using two mysql servers in a multi-master replication set as the password source: ---------------------------------------- # 2.0.13: /etc/dovecot/dovecot.conf # OS: Linux 2.6.37-gentoo-r4 x86_64 Gentoo Base System release 2.0.2 auth_mechanisms = plain login digest-md5 cram-md5 auth_verbose = yes passdb { args = /etc/dovecot/dovecot-sql.conf driver = sql } protocols = none service auth-worker { unix_listener auth-worker { user = postfix } user = $default_internal_user } service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } user = postfix } ssl = no userdb { driver = passwd } --------------------------------------- With an sql config of: ------------------------- driver = mysql connect = host=mysql-1.unx.csupomona.edu host=mysql-2.unx.csupomona.edu dbname=idmgmt user=postfix password=XXXXXXX default_pass_scheme = PLAIN password_query = XXXXXXXXX ------------------------- According to the sample SQL configuration file "HA / round-robin load-balancing is supported by giving multiple host settings, like: host=sql1.host.org host=sql2.host.org". However, as far as I can tell dovecot only connects to the first listed host, and processes all queries through it, there does not appear to be any load-balancing going on. That's not necessarily a dealbreaker; however, high-availability does not appear to be working either. If I shutdown the first mysql server, dovecot starts to log connection failures: Sep 9 15:47:34 tweak dovecot: auth: Error: mysql(mysql-1.unx.csupomona.edu): Connect failed to database (idmgmt): Can't connect to MySQL server on 'mysql-1.unx.csupomona.edu' (111) - waiting for 1 seconds before retry Sep 9 15:47:39 tweak dovecot: auth: Error: mysql(mysql-1.unx.csupomona.edu): Connect failed to database (idmgmt): Can't connect to MySQL server on 'mysql-1.unx.csupomona.edu' (111) - waiting for 25 seconds before retry And postfix starts to fail authentications: Sep 9 15:47:35 tweak postfix/smtpd[5119]: warning: bender.iitsys.csupomona.edu[134.71.250.134]: SASL DIGEST-MD5 authentication failed: Connection lost to authentication server Now and again the authentication process dies: Sep 9 15:47:39 tweak dovecot: auth: Panic: file auth-request-handler.c: line 697 (auth_request_handler_flush_failures): assertion failed: (auth_request->state == AUTH_REQUEST_STATE_FINISHED) Sep 9 15:47:39 tweak dovecot: auth: Error: Raw backtrace: /usr/lib64/dovecot/libdovecot.so.0(+0x3f71a) [0x7f25822ca71a] -> /usr/lib64/dovecot/libdovecot.so.0(+0x3f766) [0x7f25822ca766] -> /usr/lib64/dovecot/libdovecot.so.0(+0x198ca) [0x7f25822a48ca] -> dovecot/auth() [0x4137f4] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_handle_timeouts+0xd4) [0x7f25822d5fe4] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_handler_run+0x5b) [0x7f25822d6bcb] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_run+0x28) [0x7f25822d5c48] -> /usr/lib64/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7f25822c3de3] -> dovecot/auth(main+0x2be) [0x4179de] -> /lib64/libc.so.6(__libc_start_main+0xfd) [0x7f2581898bbd] -> dovecot/auth() [0x40bdc9] Sep 9 15:47:39 tweak dovecot: master: Error: service(auth): child 4154 killed with signal 6 (core dumps disabled) Requests start to pile up: Sep 9 15:51:46 tweak dovecot: auth: Warning: auth workers: Auth request was queued for 25 seconds, 45 left in queue Lookups time out: Sep 9 15:57:22 tweak dovecot: auth: Error: auth worker: Aborted request: Lookup timed out This occasionally pops up: Sep 9 15:58:38 tweak dovecot: auth: Fatal: net_connect_unix(auth-worker) failed: Resource temporarily unavailable And sometimes the auth process gets temporarily disabled: Sep 9 15:58:57 tweak dovecot: master: Error: service(auth): command startup failed, throttling Resulting in more postfix authentication failures: Sep 9 15:58:57 tweak postfix/smtpd[6531]: warning: bender.iitsys.csupomona.edu[134.71.250.134]: SASL DIGEST-MD5 authentication failed: Sep 9 15:59:08 tweak postfix/smtpd[6551]: fatal: no SASL authentication mechanisms To the point where postfix also temporarily throttles smtpd: Sep 9 15:59:21 tweak postfix/master[6526]: warning: /usr/lib64/postfix/smtpd: bad command startup -- throttling Resulting in a complete unavailability of smtp service, not just unavailability of authenticated services. I don't think all authentications fail during the scenario, but I think the majority do. Based on the network traffic, dovecot is almost continuously trying to connect to the first listed server. It sometimes connects to the second listed server, but when it does, the connection does not persist, it goes away almost immediately. Ideally, I would like no authentications to fail if one of the MySQL servers is unavailable. If a few fail just when the server dies, that would be undesirable but acceptable as long as they do not continuously fail while the server is down. Am I doing something wrong? Does the example sql config have incorrect information? We were previously running dovecot 1.2.11, we just recently upgraded to 2. In the previous version, we actually had two different passdb's configured, each one listing only one of the mysql servers. I seem to recall that was the recommendation at the time for high-availability. When that configuration did not seem to work under version 2, I found an updated recommendation to list both servers in the same passdb, which also does not appear to work correctly. I actually went back and tested the older version, and determined it seemed to work okay in the case where the server was up but the service was down, and connections were refused, but also failed a large number of authentication attempts when the server was completely down and connections were timing out. Thanks much... -- Paul B. Henson | (909) 979-6361 | http://www.csupomona.edu/~henson/ Operating Systems and Network Analyst | henson at csupomona.edu California State Polytechnic University | Pomona CA 91768 From noel.butler at ausics.net Sat Sep 10 06:02:57 2011 From: noel.butler at ausics.net (Noel Butler) Date: Sat, 10 Sep 2011 13:02:57 +1000 Subject: [Dovecot] mysql auth failover failing In-Reply-To: <4E6ACC6C.6020200@acm.org> References: <4E6ACC6C.6020200@acm.org> Message-ID: <1315623777.5820.21.camel@tardis> On Fri, 2011-09-09 at 19:33 -0700, Paul B. Henson wrote: > default_pass_scheme = PLAIN Uhg i'll pretend I didnt see that :) > > According to the sample SQL configuration file "HA / round-robin > load-balancing is supported by giving multiple host settings, like: > host=sql1.host.org host=sql2.host.org". > > However, as far as I can tell dovecot only connects to the first listed > host, and processes all queries through it, there does not appear to be > any load-balancing going on. > I suspect the wording here is incorrect, its just a failover AFAIK, it only hits the first entry failing to second if no response. HA would be like running a mysql slave on all the front ends failing over to the master on your CRM server etc, which is what I do and suggest, having just one master server, after all, dovecot and postfix just need to read, not alter/update/insert etc. > That's not necessarily a dealbreaker; however, high-availability does > not appear to be working either. > > If I shutdown the first mysql server, dovecot starts to log connection > failures: > > Sep 9 15:47:34 tweak dovecot: auth: Error: > mysql(mysql-1.unx.csupomona.edu): Connect failed to database (idmgmt): > Can't connect to MySQL server on 'mysql-1.unx.csupomona.edu' (111) - > waiting for 1 seconds before retry > > Sep 9 15:47:39 tweak dovecot: auth: Error: > mysql(mysql-1.unx.csupomona.edu): Connect failed to database (idmgmt): > Can't connect to MySQL server on 'mysql-1.unx.csupomona.edu' (111) - > waiting for 25 seconds before retry > yep thats correct because it has " gone away" but it still uses the second host immediately, thats just dovecot trying to re-establish its link with primary > And postfix starts to fail authentications: > err postfix is not dovecot, you need to also add failover in postfix's sql lookup commands hosts = unix:/var/run/mysql/mysql.sock 10.10.10.2 (assuming .2 is your master sql server) > > Resulting in a complete unavailability of smtp service, not just > unavailability of authenticated services. > You could have a higher sec mx smtp box that uses postfix for virtual transport for cases of if dovecot is unavailable, this of course means storing partial paths in your mail db, for use only by that one non-behind-load-balancer separated sec mx, of course this wont solve users issue of sending unless you have multiple smtp behind a load balancer, but allows for inbound still, depends on how big your setup (and budget) is or can be :) (note: I talk of load balancer as in real hardware device, not as in pretend LB's as in software) > Does the example sql config have incorrect > information? > I suspect so. -------------- next part -------------- A non-text attachment was scrubbed... Name: face-smile.png Type: image/png Size: 873 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 490 bytes Desc: This is a digitally signed message part URL: From henson at acm.org Sat Sep 10 06:16:17 2011 From: henson at acm.org (Paul B. Henson) Date: Fri, 9 Sep 2011 20:16:17 -0700 Subject: [Dovecot] mysql auth failover failing In-Reply-To: <1315623777.5820.21.camel@tardis> References: <4E6ACC6C.6020200@acm.org> <1315623777.5820.21.camel@tardis> Message-ID: <20110910031616.GN32704@bender.csupomona.edu> On Fri, Sep 09, 2011 at 08:02:57PM -0700, Noel Butler wrote: > Uhg i'll pretend I didnt see that :) We only use dovecot to provide sasl authentication to postfix smtp clients, using a separate password just for that purpose. Storing it in plaintext is the only way to support all authentication types. > I suspect the wording here is incorrect, its just a failover AFAIK, it > only hits the first entry failing to second if no response. Hmm, that would work for me, if it worked ;). > suggest, having just one master server, after all, dovecot and postfix > just need to read, not alter/update/insert etc. True; but the pieces that are altering/updating/inserting the data that postfix/dovecot need to read need redundancy as well :). > yep thats correct because it has " gone away" but it still uses the > second host immediately, thats just dovecot trying to re-establish its > link with primary Based on my testing, it doesn't use the second host immediately, but only sporadically, with most of the authentications failing. > err postfix is not dovecot, you need to also add failover in postfix's > sql lookup commands postfix relies on dovecot for authentication, this postfix error message is the result of dovecot not successfully processing an authentication request. postfix itself handles mysql failure well, it both load balances queries across both servers and also continues to function when one isn't available. > (note: I talk of load balancer as in real hardware device, not as in > pretend LB's as in software) We actually have a hardware load balancer, and I've considered just sticking the mysql servers behind it. But everything else using them handles failover ok, and initially I'd rather get dovecot doing the same before changing the current architecture. Thanks for the reply... -- Paul B. Henson | (909) 979-6361 | http://www.csupomona.edu/~henson/ Operating Systems and Network Analyst | henson at csupomona.edu California State Polytechnic University | Pomona CA 91768 From Jim at themailshack.com Sat Sep 10 06:23:45 2011 From: Jim at themailshack.com (Jim) Date: Fri, 9 Sep 2011 22:23:45 -0500 Subject: [Dovecot] Attacking Dovecot In-Reply-To: <201109092145.p89LjQLb017904@panas.otenet.gr> References: <201109092145.p89LjQLb017904@panas.otenet.gr> Message-ID: <5CD2AED2-E342-4811-B5F3-5D05091569E1@themailshack.com> There isn't enough information presented to assist, you'll want to refer to the wiki to increase your logging to get more detail: http://wiki.dovecot.org/Logging What you need is the system IP that's connecting as these users, if it's local, you should be able to track that system down easily. If it's remote, block it via a firewall to lock it out. Regarding the spam emails, they may or may not be coming from this same system, once you have more logging, you'll be able to verify that. Jim On Sep 9, 2011, at 4:45 PM, Nikos Papadopoulos wrote: > I am using Dovecot ver.1.0.7 on an x86 server with RedHat Linux Enterprise 5 > It seems that my mail server is being attacked by someone who tries to > retrieve users' credentials. > Besides, some of the local users receive "spam" emails, which seem to be > sent by another local user. From jana1972 at centrum.cz Sat Sep 10 11:04:36 2011 From: jana1972 at centrum.cz (jana1972 at centrum.cz) Date: Sat, 10 Sep 2011 10:04:36 +0200 Subject: [Dovecot] Why can NOT login as root Message-ID: <4E6B3634.18171.51F73FE@jana1972.centrum.cz> Hi i use Dovecot and it works ok for users except for root user. It is impossible to login as root Here is a log Sep 10 10:15:44 auth: Debug: Loading modules from directory: /usr/local/lib/dovecot/auth Sep 10 10:15:44 auth: Debug: auth client connected (pid=18077) Sep 10 10:15:44 auth: Debug: client in: AUTH 1 PLAIN service=imap secured lip=212.97.133.82 rip=212.97.133.82 lport=143 rport=34645 resp= Sep 10 10:15:44 auth: Debug: Loading modules from directory: /usr/local/lib/dovecot/auth Sep 10 10:15:44 auth: Debug: pam(root,212.97.133.82): lookup service=dovecot Sep 10 10:15:44 auth: Debug: pam(root,212.97.133.82): #1/1 style=1 msg=Password: Sep 10 10:15:44 auth: Debug: client out: OK 1 user=root Sep 10 10:15:44 auth: Debug: master in: REQUEST 2889482241 18077 1 3500554cf70742dfc0515671c7671bbd Sep 10 10:15:44 auth: Debug: passwd(root,212.97.133.82): lookup Sep 10 10:15:44 auth: Debug: master out: USER 2889482241 root system_groups_user=root uid=0 gid=0 home=/root Sep 10 10:15:44 imap-login: Info: Login: user=, method=PLAIN, rip=212.97.133.82, lip=212.97.133.82, mpid=18082, secured Sep 10 10:15:44 imap: Error: user root: Invalid settings in userdb: userdb returned 0 as uid Sep 10 10:15:44 imap: Error: Invalid user settings. Refer to server log for more information. Can anyone help? Thanks LL. From user+dovecot at localhost.localdomain.org Sat Sep 10 11:18:53 2011 From: user+dovecot at localhost.localdomain.org (Pascal Volk) Date: Sat, 10 Sep 2011 10:18:53 +0200 Subject: [Dovecot] Why can NOT login as root In-Reply-To: <4E6B3634.18171.51F73FE@jana1972.centrum.cz> References: <4E6B3634.18171.51F73FE@jana1972.centrum.cz> Message-ID: <4E6B1D6D.4080609@localhost.localdomain.org> On 09/10/2011 10:04 AM jana1972 at centrum.cz wrote: > Hi i use Dovecot and it works ok for users except for root user. > It is impossible to login as root > Here is a log > ? > Sep 10 10:15:44 imap: Error: user root: Invalid settings in userdb: userdb > returned 0 as uid > Sep 10 10:15:44 imap: Error: Invalid user settings. Refer to server log for > more information. > > > Can anyone help? http://hg.dovecot.org/dovecot-1.2/file/02c2ac9ddf8c/dovecot-example.conf: 374 # Valid UID range for users, defaults to 500 and above. This is mostly 375 # to make sure that users can't log in as daemons or other system users. 376 # Note that denying root logins is hardcoded to dovecot binary and can't 377 # be done even if first_valid_uid is set to 0. Regards, Pascal -- The trapper recommends today: cafebabe.1125310 at localdomain.org From ionic at ionic.de Sat Sep 10 05:36:57 2011 From: ionic at ionic.de (Mihai Moldovan) Date: Sat, 10 Sep 2011 04:36:57 +0200 Subject: [Dovecot] Annoying "feature" in dovecot/pidgeonhole - include depth limitation Message-ID: <4E6ACD49.6090406@ionic.de> Hi all, I'm using dovecot 2.0.14 build on Debian. The maintainers obviously patch the dovecot source so that it uses the pidgeonhole sieve system. Today I ran into a very annoying issue: I created several sieve scripts and interlinked via the include command, only to find dovecot spewing this error message at me: SWREG Newsletter: line 14: error: cannot nest includes deeper than 10 levels. As far as I could see this limitation is hardcoded to a depth of 10 and can only be changed at compile time. Why is it in place? I understand that you CAN create loops via the include command and limiting the inclusion depth is a way to circumvent loops - but ten is a very low value and the fact that you can't change it via a config file or sorta is even worse. My "fix" so far has been ignoring this, i.e. not returning false. I'm pretty sure that's not the best way to do it but it seems to be working so far. I'd really like to hear your opinion on this issue. Best regards, Mihai ** -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 4369 bytes Desc: S/MIME Cryptographic Signature URL: From noel.butler at ausics.net Sat Sep 10 11:49:59 2011 From: noel.butler at ausics.net (Noel Butler) Date: Sat, 10 Sep 2011 18:49:59 +1000 Subject: [Dovecot] mysql auth failover failing In-Reply-To: <20110910031616.GN32704@bender.csupomona.edu> References: <4E6ACC6C.6020200@acm.org> <1315623777.5820.21.camel@tardis> <20110910031616.GN32704@bender.csupomona.edu> Message-ID: <1315644599.5471.12.camel@tardis> On Fri, 2011-09-09 at 20:16 -0700, Paul B. Henson wrote: > On Fri, Sep 09, 2011 at 08:02:57PM -0700, Noel Butler wrote: > > suggest, having just one master server, after all, dovecot and postfix > > just need to read, not alter/update/insert etc. > > True; but the pieces that are altering/updating/inserting the data that > postfix/dovecot need to read need redundancy as well :). > Yep, depends on your network design I suppose, I rather leave the front ends to be just that, with all interactions with master DB server and the NAS done via second interface on a dedicated private LAN so those nasty bored teenagers out there can't get near it :) > > yep thats correct because it has " gone away" but it still uses the > > second host immediately, thats just dovecot trying to re-establish its > > link with primary > > Based on my testing, it doesn't use the second host immediately, but > only sporadically, with most of the authentications failing. Sounds like you have bigger issues, maybe relating as to why the primary fails? > > > err postfix is not dovecot, you need to also add failover in postfix's > > sql lookup commands > > postfix relies on dovecot for authentication, this postfix error message > is the result of dovecot not successfully processing an authentication > request. postfix itself handles mysql failure well, it both load > balances queries across both servers and also continues to function when > one isn't available. > my bad, I did see that and it is as how I do it (i'm not all there at present, had the flu for a week grrrr) but I never had a situation where primary (local slave copy) has gone away unless I'm deliberately upgrading mysql ) when doing so (tested) it hits the master server (as in secondary host=) right away, no auth failures. Cheers -------------- next part -------------- A non-text attachment was scrubbed... Name: face-smile.png Type: image/png Size: 873 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 490 bytes Desc: This is a digitally signed message part URL: From david at davidfavor.com Sat Sep 10 21:36:06 2011 From: david at davidfavor.com (David Favor) Date: Sat, 10 Sep 2011 13:36:06 -0500 Subject: [Dovecot] BestPractice to migrate imap mailbox from one machineto another In-Reply-To: <4E6A221D.7060805@gmail.com> References: <8c63a852f1cdf3633ecfe820a17bd158@hachmer.de> <4E6A221D.7060805@gmail.com> Message-ID: <4E6BAE16.90805@davidfavor.com> Johan Hendriks wrote: > Tobias Hachmer schreef: >> Hi list, >> >> currently I use dovecot v1.2.15 with maildir++ mailboxes. (Debian >> Squeeze) >> I want to set up a different server with dovecot v2, also maildir++ >> mailboxes. (also Debian Squeeze) >> >> What is the best way to copy the existing mailboxes from the older >> machine running dovecot v1.2.15 to the new naked machine? >> >> Greetz, Tobias > I did the same thing, with no know issues so far. > > My old server was running dovecot 1.2.x and i coppied the whole maildir > structure to the other machine. > Then started Dovecot 2.x and all was fine. > > Should be the same as instlling 2.0 over the old 1.2.x version, then it > uses the old maildir also. > > Well test it i would say. > Just do the copy, and try if everything works. > then do it for a final migration. > > Gr > Johan Hendriks Yes. So long as you're using same file structure, just tar + compress your Maildir hierarchy + scp it to your new machine + untar/uncompress... You'll be good to go. -- Love feeling your best ever, all day, every day? Click http://RadicalHealth.com for the easy way! From michael at orlitzky.com Sat Sep 10 21:36:58 2011 From: michael at orlitzky.com (Michael Orlitzky) Date: Sat, 10 Sep 2011 14:36:58 -0400 Subject: [Dovecot] BestPractice to migrate imap mailbox from one machine to another In-Reply-To: References: <8c63a852f1cdf3633ecfe820a17bd158@hachmer.de> <4E6A132E.9080206@schetterer.org> Message-ID: <4E6BAE4A.2080805@orlitzky.com> On 09/09/11 09:34, Tobias Hachmer wrote: > On Fri, 09 Sep 2011 15:22:54 +0200, Robert Schetterer wrote: >> Am 09.09.2011 15:14, schrieb Tobias Hachmer: >>> What is the best way to copy the existing mailboxes from the older >>> machine running dovecot v1.2.15 to the new naked machine? >> >> i used imapsync in a bash script >> http://ks.lamiral.info/imapsync/ >> at a massive migration > > ok, but this tool is not free of charge. > Are there any known problems just copying the mailboxes with scp or > rsync? > https://fedorahosted.org/released/imapsync/ From dnewman at networktest.com Sat Sep 10 22:49:39 2011 From: dnewman at networktest.com (David Newman) Date: Sat, 10 Sep 2011 12:49:39 -0700 Subject: [Dovecot] sieve and pattern matching Message-ID: <4E6BBF53.3010607@networktest.com> Dovecot 1.2.17 What is the sieve syntax for matching text somewhere in a subject line, but not at the beginning of the line? Background: Multiple machines each send a message with the subject of " operations run" to a mail server. The value is different for each sender. This sieve filter does not match any message: require ["fileinto","envelope","reject","vacation","imapflags","relational","co mparator-i;ascii-numeric","regex","notify"]; require ["body", "fileinto", "regex"]; # currentops reports if header :contains "Subject" ".* operations run" { fileinto "currentops"; stop; } However, a similar filter will match if, and only if, the string occurs at the beginning of the subject line. The various sieve help pages I've found suggest that pattern matching anywhere in the subject line should work, not just at the beginning. How to achieve this? TIA dn From compconsultant at yahoo.com Sat Sep 10 23:23:52 2011 From: compconsultant at yahoo.com (Steve Fatula) Date: Sat, 10 Sep 2011 13:23:52 -0700 (PDT) Subject: [Dovecot] MySQL, map files In-Reply-To: <1315525950.915.YahooMailNeo@web39420.mail.mud.yahoo.com> References: <1315525950.915.YahooMailNeo@web39420.mail.mud.yahoo.com> Message-ID: <1315686232.19193.YahooMailNeo@web39412.mail.mud.yahoo.com> ----- Original Message ----- > From: Steve Fatula > To: Dovecot List > Cc: > Sent: Thursday, September 8, 2011 6:52 PM > Subject: [Dovecot] MySQL, map files > > I'll try and break up my questions the other day about extdata that went > unanswered into pieces in the hopes it will be more specific and clear. > > In general, I am trying to figure out the syntax of the map statement and what > is allowed in that statement. So, by map statement, I mean for example perhaps > the?dovecot-dict-expire.conf.ext file as shown in the doc. Is the syntax the > same for the various types of files (quota vs expire)? Is there syntax to allow > the specification of a different key? If so, where is this documented. I have an > existing table I want to use, not the table shown in the doc. > > The reason I am asking is I have seen web pages that reference all sorts of > statements within the map statement, and I have no idea where they are > documented. Specifically, I see an example here (which is LDAP), look in section > 3: > > http://dovecot.org/patches/1.2/ldap/HOWTO_dictldap+extdata.txt > > > You will see lots of statements, not sure which ones can be used for MySQL > (instead of LDAP). So, would like to find a list of ALL valid syntax within the > map. > I am guessing no one knows the answer then. Oh well, will have to give up on it then as it is un-documented. From compconsultant at yahoo.com Sat Sep 10 23:36:55 2011 From: compconsultant at yahoo.com (Steve Fatula) Date: Sat, 10 Sep 2011 13:36:55 -0700 (PDT) Subject: [Dovecot] Sieve, before script - Can it include "personal" scripts? Message-ID: <1315687015.24912.YahooMailNeo@web39415.mail.mud.yahoo.com> Using sieve_before, can the script it references include a file from the personal space? I want to set some parameters (by user using the variables extension) there to control what the before script does, so, every user would have the file in their personal include space. If not, is there another way? Can the sieve_before and sieve_global_path be set from userdb extra fields? From allen at vo.lu Sun Sep 11 00:36:18 2011 From: allen at vo.lu (John Allen) Date: Sat, 10 Sep 2011 23:36:18 +0200 Subject: [Dovecot] Why can NOT login as root In-Reply-To: <4E6B3634.18171.51F73FE@jana1972.centrum.cz> References: <4E6B3634.18171.51F73FE@jana1972.centrum.cz> Message-ID: <4E6BD852.5000306@vo.lu> As far as I recall, IMAP servers generally don't allow access to root. According to the Dovecot wiki, this is hard-coded in the binary: http://wiki.dovecot.org/MainConfig see under "first_valid_uid" If the root user is receiving emails, these need to be redirected to another user so they can be read via IMAP. John On 10/09/2011 10:04, jana1972 at centrum.cz wrote: > Hi i use Dovecot and it works ok for users except for root user. > It is impossible to login as root > Here is a log > > > Sep 10 10:15:44 auth: Debug: Loading modules from directory: > /usr/local/lib/dovecot/auth > Sep 10 10:15:44 auth: Debug: auth client connected (pid=18077) > Sep 10 10:15:44 auth: Debug: client in: AUTH 1 PLAIN service=imap > secured lip=212.97.133.82 rip=212.97.133.82 lport=143 > rport=34645 resp= > Sep 10 10:15:44 auth: Debug: Loading modules from directory: > /usr/local/lib/dovecot/auth > Sep 10 10:15:44 auth: Debug: pam(root,212.97.133.82): lookup service=dovecot > Sep 10 10:15:44 auth: Debug: pam(root,212.97.133.82): #1/1 style=1 > msg=Password: > Sep 10 10:15:44 auth: Debug: client out: OK 1 user=root > Sep 10 10:15:44 auth: Debug: master in: REQUEST 2889482241 18077 1 > 3500554cf70742dfc0515671c7671bbd > Sep 10 10:15:44 auth: Debug: passwd(root,212.97.133.82): lookup > Sep 10 10:15:44 auth: Debug: master out: USER 2889482241 root > system_groups_user=root uid=0 gid=0 home=/root > Sep 10 10:15:44 imap-login: Info: Login: user=, method=PLAIN, > rip=212.97.133.82, lip=212.97.133.82, mpid=18082, secured > Sep 10 10:15:44 imap: Error: user root: Invalid settings in userdb: userdb > returned 0 as uid > Sep 10 10:15:44 imap: Error: Invalid user settings. Refer to server log for > more information. > > > Can anyone help? > Thanks > LL. From stephan at rename-it.nl Sun Sep 11 13:01:57 2011 From: stephan at rename-it.nl (Stephan Bosch) Date: Sun, 11 Sep 2011 12:01:57 +0200 Subject: [Dovecot] Annoying "feature" in dovecot/pidgeonhole - include depth limitation In-Reply-To: <4E6ACD49.6090406@ionic.de> References: <4E6ACD49.6090406@ionic.de> Message-ID: <4E6C8715.6060803@rename-it.nl> On 9/10/2011 4:36 AM, Mihai Moldovan wrote: > Hi all, > > I'm using dovecot 2.0.14 build on Debian. > > The maintainers obviously patch the dovecot source so that it uses the > pidgeonhole sieve system. > > Today I ran into a very annoying issue: I created several sieve scripts > and interlinked via the include command, only to find dovecot spewing > this error message at me: > SWREG Newsletter: line 14: error: cannot nest includes deeper than 10 > levels. > > As far as I could see this limitation is hardcoded to a depth of 10 and > can only be changed at compile time. Yes, it is. > Why is it in place? I understand that you CAN create loops via the > include command and limiting the inclusion depth is a way to circumvent > loops - but ten is a very low value and the fact that you can't change > it via a config file or sorta is even worse. True. This is one of those typical 'this aught to be enough for every one' issues. Up until now, this was true :) > My "fix" so far has been ignoring this, i.e. not returning false. I'm > pretty sure that's not the best way to do it but it seems to be working > so far. > > I'd really like to hear your opinion on this issue. I've made the limits for the include extension configurable now. This will be included in the next release. Regards, Stephan. From tss at iki.fi Sun Sep 11 13:07:00 2011 From: tss at iki.fi (Timo Sirainen) Date: Sun, 11 Sep 2011 13:07:00 +0300 Subject: [Dovecot] Annoying "feature" in dovecot/pidgeonhole - include depth limitation In-Reply-To: <4E6C8715.6060803@rename-it.nl> References: <4E6ACD49.6090406@ionic.de> <4E6C8715.6060803@rename-it.nl> Message-ID: <55C16496-EE9A-4985-B45E-86A99426A551@iki.fi> On 11.9.2011, at 13.01, Stephan Bosch wrote: > I've made the limits for the include extension configurable now. This will be included in the next release. Is there really a need for such a limit? Isn't it mainly to avoid infinite loops, which could also be detected by seeing if there are any actual include loops? From stephan at rename-it.nl Sun Sep 11 13:13:24 2011 From: stephan at rename-it.nl (Stephan Bosch) Date: Sun, 11 Sep 2011 12:13:24 +0200 Subject: [Dovecot] Sieve, before script - Can it include "personal" scripts? In-Reply-To: <1315687015.24912.YahooMailNeo@web39415.mail.mud.yahoo.com> References: <1315687015.24912.YahooMailNeo@web39415.mail.mud.yahoo.com> Message-ID: <4E6C89C4.7030606@rename-it.nl> On 9/10/2011 10:36 PM, Steve Fatula wrote: > Using sieve_before, can the script it references include a file from the personal space? Yes, that should work, however... > I want to set some parameters (by user using the variables extension) there to control what the before script does, so, every user would have the file in their personal include space. ... there is usually no way to guarantee that the user will have this script in place and that it does not produce any compile/run-time errors. This way, the user can break Sieve processing in the sieve_before stage. The first part can be mended with the new :optional tag recently added to the include extension's specification (not implemented in Pigeonhole so far). Unfortunately, there is no way to resolve the second part. > If not, is there another way? > > Can the sieve_before and sieve_global_path be set from userdb extra fields? Yes. Regards, Stephan. From stephan at rename-it.nl Sun Sep 11 13:29:40 2011 From: stephan at rename-it.nl (Stephan Bosch) Date: Sun, 11 Sep 2011 12:29:40 +0200 Subject: [Dovecot] Annoying "feature" in dovecot/pidgeonhole - include depth limitation In-Reply-To: <55C16496-EE9A-4985-B45E-86A99426A551@iki.fi> References: <4E6ACD49.6090406@ionic.de> <4E6C8715.6060803@rename-it.nl> <55C16496-EE9A-4985-B45E-86A99426A551@iki.fi> Message-ID: <4E6C8D94.7030308@rename-it.nl> On 9/11/2011 12:07 PM, Timo Sirainen wrote: > On 11.9.2011, at 13.01, Stephan Bosch wrote: > >> I've made the limits for the include extension configurable now. This will be included in the next release. > Is there really a need for such a limit? Isn't it mainly to avoid infinite loops, which could also be detected by seeing if there are any actual include loops? The detection of actual include loops is already in place, so the depth limit could be a bit of overkill indeed. The existence of this limit probably has something to do with the fact that code generation for the include extension is still a recursive process (whereas runtime interpretation is not). This means that (very) deep nesting could cause stack overflow at compile time. Once the include extension goes RFC I'll fix this along with implementing the new :optional tag. Regards, Stephan. From stephan at rename-it.nl Sun Sep 11 18:06:48 2011 From: stephan at rename-it.nl (Stephan Bosch) Date: Sun, 11 Sep 2011 17:06:48 +0200 Subject: [Dovecot] sieve and pattern matching In-Reply-To: <4E6BBF53.3010607@networktest.com> References: <4E6BBF53.3010607@networktest.com> Message-ID: <4E6CCE88.9050307@rename-it.nl> On 9/10/2011 9:49 PM, David Newman wrote: > Dovecot 1.2.17 > > What is the sieve syntax for matching text somewhere in a subject line, > but not at the beginning of the line? > > Background: Multiple machines each send a message with the subject of > " operations run" to a mail server. The value is > different for each sender. If I understand your question correctly, the following is the easiest answer: if header :matches "subject" "* operations run" { } > This sieve filter does not match any message: > > require > ["fileinto","envelope","reject","vacation","imapflags","relational","co > mparator-i;ascii-numeric","regex","notify"]; > require ["body", "fileinto", "regex"]; > > # currentops reports > if header :contains "Subject" ".* operations run" > { > fileinto "currentops"; > stop; > } Right, because that is not how :contains works. Check http://tools.ietf.org/html/rfc5228#section-2.7.1 for more info. Regards, Stephan. From lists at kokelnet.de Sun Sep 11 19:40:44 2011 From: lists at kokelnet.de (Tobias Hachmer) Date: Sun, 11 Sep 2011 18:40:44 +0200 Subject: [Dovecot] setacl on complete mailbox Message-ID: <344f5f741af038d8ae8aaab40b4267fa@kokelnet.de> Hi List, how can I grant a user full control on another mailbox (the complete mailbox with all folder and subfolders). With the setacl command I could do this but first I have to list all folders and then I have to do one setacl command for each folder. Is there a command to this in one line? Also for new created folders? Greetz, Tobias From dnewman at networktest.com Sun Sep 11 20:01:36 2011 From: dnewman at networktest.com (David Newman) Date: Sun, 11 Sep 2011 10:01:36 -0700 Subject: [Dovecot] sieve and pattern matching In-Reply-To: <4E6CCE88.9050307@rename-it.nl> References: <4E6BBF53.3010607@networktest.com> <4E6CCE88.9050307@rename-it.nl> Message-ID: <4E6CE970.9000105@networktest.com> On 9/11/11 8:06 AM, Stephan Bosch wrote: >> What is the sieve syntax for matching text somewhere in a subject line, >> but not at the beginning of the line? >> >> Background: Multiple machines each send a message with the subject of >> " operations run" to a mail server. The value is >> different for each sender. > > If I understand your question correctly, the following is the easiest > answer: > > if header :matches "subject" "* operations run" { > } Bingo! Thanks. > Right, because that is not how :contains works. > > Check http://tools.ietf.org/html/rfc5228#section-2.7.1 for more info. Thanks too for this pointer. I hadn't understood the difference between :contains and :matches. dn From Lutz.Pressler at SerNet.DE Sun Sep 11 22:22:29 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Sun, 11 Sep 2011 21:22:29 +0200 Subject: [Dovecot] 2.1: problems compiling fts-lucene - CLucene git version necessary? Message-ID: Hello! I have problems recompiling the Debian squeeze auto build packages with "--with-lecene". Is the git (2.3) version of CLucene necessary? Debian includes 0.9.21b, which does not work. Lutz From a.a.moraru at gmail.com Sun Sep 11 22:30:59 2011 From: a.a.moraru at gmail.com (Andriy Moraru) Date: Sun, 11 Sep 2011 22:30:59 +0300 Subject: [Dovecot] Filter Mail to Pipe to External Program Message-ID: Hello all! How do I add a filter that would pipe the mail message (containing a certain "To:" field) to some other program? I am running Dovecot 1.0.15. Thanks! From tss at iki.fi Sun Sep 11 22:45:56 2011 From: tss at iki.fi (Timo Sirainen) Date: Sun, 11 Sep 2011 22:45:56 +0300 Subject: [Dovecot] Filter Mail to Pipe to External Program In-Reply-To: References: Message-ID: <76872554-D3C6-4263-9A73-B4430BD0CDCC@iki.fi> On 11.9.2011, at 22.30, Andriy Moraru wrote: > How do I add a filter that would pipe the mail message (containing a > certain "To:" field) to some other program? Pipe it when? When it's delivered? Probably better to do it in MTA instead of Dovecot. From tss at iki.fi Sun Sep 11 22:46:42 2011 From: tss at iki.fi (Timo Sirainen) Date: Sun, 11 Sep 2011 22:46:42 +0300 Subject: [Dovecot] 2.1: problems compiling fts-lucene - CLucene git version necessary? In-Reply-To: References: Message-ID: <7C9B9C67-A1FD-472B-8514-BC54F1B01D00@iki.fi> On 11.9.2011, at 22.22, Lutz Pre?ler wrote: > I have problems recompiling the Debian squeeze auto build packages > with "--with-lecene". Is the git (2.3) version of CLucene necessary? Yes. > Debian includes 0.9.21b, which does not work. Right, it doesn't. From Lutz.Pressler at SerNet.DE Sun Sep 11 22:50:50 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Sun, 11 Sep 2011 21:50:50 +0200 Subject: [Dovecot] 2.1: imapc SUBSCRIBE problem In-Reply-To: <20110909144349.GA846637@gabi.sernet.de> References: <1315563414.3876.50.camel@hurina> <20110909102128.GA762256@gabi.sernet.de> <20110909144349.GA846637@gabi.sernet.de> Message-ID: On Fri, 09 Sep 2011, Lutz Pre?ler wrote: > LIST is now working correctly in my setup, but SUBSCRIBE ist not. > With subscriptions=no, as written (but same behaviour with subscriptions=yes), > SUBSCRIBE INBOX.gmail.INBOX (or others) yields > 0 NO [SERVERBUG] Internal error occurred. Refer to server log for more information. [2011-09-09 16:39:40] > logging (with mail_debug=yes) only > Sep 9 16:39:40 host dovecot: imap(1143, user): Error: stat((null)) failed: Bad address After putting (with subscriptions=no) an entry manually into the root subscriptions file, everything including UNSUBSCRIBE works fine. Lutz From al-dovecot at none.at Sun Sep 11 23:35:00 2011 From: al-dovecot at none.at (Aleksandar Lazic) Date: Sun, 11 Sep 2011 22:35:00 +0200 Subject: [Dovecot] Sieve envelope :detail "to" "xxx" does not deliver to fileinto destination Message-ID: <20110911203500.GA22889@none.at> Dear Listmember. I try to migrate from my current courier-mta setup fo postfix dovecot setup. I use the following scirpt to filter to the destination mailbox. ### /var/vmail/none.at/al/sieve/lists.sieve require ["fileinto", "subaddress", "envelope" ]; if envelope :detail "to" "pdnsusers" { fileinto "Lists.pdnsusers"; } ### postfix/master ### dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop} -a ${original_recipient} # flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop} -m ${extension} -a ${original_recipient} ### Log ### Sep 11 21:47:48 lvps46-163-74-15 postfix/smtpd[7788]: connect from Sep 11 21:48:12 lvps46-163-74-15 postfix/smtpd[7788]: 495EF9FECAF9: Sep 11 21:48:27 lvps46-163-74-15 postfix/cleanup[7795]: 495EF9FECAF9: message-id=<> Sep 11 21:48:27 lvps46-163-74-15 postfix/qmgr[7785]: 495EF9FECAF9: from=, size=268, nrcpt=1 (queue active) Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda: Debug: Loading modules from directory: /usr/lib/dovecot/modules Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda: Debug: Module loaded: /usr/lib/dovecot/modules/lib90_sieve_plugin.so Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda: Debug: auth input: al at none.at uid=5000 gid=5000 home=/var/vmail/none.at/al Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: Effective uid=5000, gid=5000, home=/var/vmail/none.at/al Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: maildir: root exists (/var/vmail/none.at/al/Maildir) Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: maildir++: root=/var/vmail/none.at/al/Maildir, index=, control=, inbox=/var/vmail/none.at/al/Maildir, alt= Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: none: root=, index=, control=, inbox=, alt= Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: Destination address: al-pdnsuser at none.at (source: -a parameter) Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: sieve: using sieve path for user's script: /var/vmail/none.at/al/.dovecot.sieve Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: sieve: opening script /var/vmail/none.at/al/.dovecot.sieve Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: sieve: script binary /var/vmail/none.at/al/.dovecot.svbin successfully loaded Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: sieve: binary save: not saving binary /var/vmail/none.at/al/.dovecot.svbin, because it is already stored Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: sieve: executing script from /var/vmail/none.at/al/.dovecot.svbin Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): sieve: msgid=unspecified: stored mail into mailbox 'INBOX' Sep 11 21:48:27 lvps46-163-74-15 postfix/pipe[7797]: 495EF9FECAF9: to=, relay=dovecot, delay=28, delays=28/0.02/0/0.22, dsn=2.0.0, status=sent (delivered via dovecot service) Sep 11 21:48:27 lvps46-163-74-15 postfix/qmgr[7785]: 495EF9FECAF9: removed Sep 11 21:48:28 lvps46-163-74-15 postfix/smtpd[7788]: disconnect from xxx ### dovecot -n => attachment dovecot_-n Due to the fact that I'am new to dovecot and sieve I hope anybody can help the solve this issue. My target is to filter the mailinglists based on address extention or is it better to filter on to header? Is there a 'log' or 'print' command in the sieve filter or how can I write a message to the log file? Many thanks for your help BR Aleks -------------- next part -------------- # 2.0.14: /etc/dovecot/dovecot.conf # OS: Linux 2.6.18-028stab092.1 x86_64 Ubuntu 10.04.3 LTS auth_mechanisms = plain login digest-md5 cram-md5 disable_plaintext_auth = no log_timestamp = "%Y-%m-%d %H:%M:%S " mail_debug = yes mail_privileged_group = mail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date passdb { args = /etc/dovecot/dovecot-sql.conf driver = sql } protocols = imap recipient_delimiter = - service auth { unix_listener auth-userdb { group = vmail mode = 0755 user = vmail } user = root } ssl_cert = References: <4E6ACC6C.6020200@acm.org> <1315623777.5820.21.camel@tardis> <20110910031616.GN32704@bender.csupomona.edu> <1315644599.5471.12.camel@tardis> Message-ID: <20110911220504.GD27941@bender.csupomona.edu> On Sat, Sep 10, 2011 at 01:49:59AM -0700, Noel Butler wrote: > Sounds like you have bigger issues, maybe relating as to why the primary > fails? For testing purposes, it fails because I stick a firewall rule in place preventing access to it ;). In production, it came to our attention because a hardware failure required downtime on one of the mysql servers to replace parts, and we received complaints of failed authentications while it was down. In general, both are up, but things using them need to be able to survive when one is down. > primary (local slave copy) has gone away unless I'm deliberately > upgrading mysql ) when doing so (tested) it hits the master server (as > in secondary host=) right away, no auth failures. Hmm, what version of dovecot are you using? In version 1 failover seems to work if the primary returns connection refused (which your scenario would). In version 2, it seems flaky for both connection refused and connection timed out. Unless I've got something misconfigured, but there doesn't seem to be that much to it... -- Paul B. Henson | (909) 979-6361 | http://www.csupomona.edu/~henson/ Operating Systems and Network Analyst | henson at csupomona.edu California State Polytechnic University | Pomona CA 91768 From listas.correo at yahoo.es Mon Sep 12 11:14:03 2011 From: listas.correo at yahoo.es (mailing lists) Date: Mon, 12 Sep 2011 09:14:03 +0100 (BST) Subject: [Dovecot] NO Unknown subscription namespace. Message-ID: <1315815243.20177.YahooMailNeo@web29114.mail.ird.yahoo.com> Hello, what this message means? "NO Unknown subscription namespace." the shared namespace is visible and I can fetch messages from it, but subscription fails with the above message. (user002 is sharing the folder named docs-users002 with user user001) # telnet localhost 143 Trying ::1... Connected to localhost. Escape character is '^]'. * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN] Dovecot ready. . login user001 secret . OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS ACL RIGHTS=texk] Logged in . list "shared." "*" * LIST (\Noselect \HasChildren) "." "shared.user002" . OK List completed. . list "shared.user002." "*" * LIST (\HasNoChildren) "." "shared.user002.docs-user002" . OK List completed. . list "shared.user002.docs-user002." "*" . OK List completed. . select "shared.user002.docs-user002" * FLAGS (\Answered \Flagged \Deleted \Seen \Draft) * OK [PERMANENTFLAGS (\Answered \Flagged \Deleted \Seen \Draft)] Flags permitted. * 2 EXISTS * 0 RECENT * OK [UIDVALIDITY 1315765265] UIDs valid * OK [UIDNEXT 3] Predicted next UID * OK [HIGHESTMODSEQ 3] Highest . OK [READ-WRITE] Select completed. . fetch 1 all * 1 FETCH (FLAGS (\Seen) INTERNALDATE "24-Nov-2009 11:58:34 +0100" RFC822.SIZE 3734 ENVELOPE ("Tue, 24 Nov 2009 07:58:34 -0400 (AST)" "Thank you for registering for the Red Hat Virtual Experience" (("support at virtualevents365.com" NIL "support" "virtualevents365.com")) (("support at virtualevents365.com" NIL "support" "virtualevents365.com")) (("support at virtualevents365.com" NIL "support" "virtualevents365.com")) (("damocles- at hotmail.com" NIL "damocles-" "hotmail.com")) NIL NIL NIL "<6955854.2731259063914762.JavaMail.root at app130.vs.int.cgsinc.ca>")) . OK Fetch completed. . subscribe "shared.user002.docs-user002" . NO Unknown subscription namespace. . logout * BYE Logging out . OK Logout completed. Connection closed by foreign host. ???? /----------------/ namespace { ? inbox = yes ? location = ? prefix = INBOX. ? separator = . ? subscriptions = yes } namespace { ? list = yes ? location = maildir:/var/virtual-maildir/%%n ? prefix = shared.%%n. ? separator = . ? subscriptions = no ? type = shared } From mike at skew.org Mon Sep 12 11:55:22 2011 From: mike at skew.org (Mike Brown) Date: Mon, 12 Sep 2011 02:55:22 -0600 Subject: [Dovecot] signal 11 crash, sometimes, during mbox bz2 decompression In-Reply-To: <1314121664.10421.1314.camel@hurina> References: <201108161100.p7GB0P3R073897@chilled.skew.org> <1314121664.10421.1314.camel@hurina> Message-ID: <4E6DC8FA.2050709@skew.org> On 8/23/2011 11:47 AM, Timo Sirainen wrote: > On Tue, 2011-08-16 at 05:00 -0600, Mike Brown wrote: > >> I'm running dovecot 1.2.16 from the ports collection on FreeBSD 8.1-STABLE, >> amd64. > .. Thanks for the reply. Since you recommended updating to dovecot2, I'm now testing dovecot 2.0.14 from the ports collection on a different machine. Hopefully I got the configuration right. # dovecot -n # 2.0.14: /usr/local/etc/dovecot/dovecot.conf # OS: FreeBSD 8.2-RELEASE-p2 i386 mail_location = mbox:~/mail:INBOX=/var/mail/%u mail_plugins = " zlib" passdb { args = %s driver = pam } plugin { zlib_save = bz2 zlib_save_level = 9 } protocols = imap ssl_cert = >> Well .. I'm not entirely sure if the current behavior is good or not, but what you need to do to get it working is to add two quota roots. One for /home/pit/mail (i.e. without specifying mount=) and another for the INBOX's /var/spool/mail. > Don't work... :-( After I installed version 2.0.13 - mount is correct: # doveadm -Dv quota get -u pit doveadm(pit): Debug: auth input: pit system_groups_user=pit uid=500 gid=500 home=/home/pit doveadm(pit): Debug: Effective uid=500, gid=500, home=/home/pit doveadm(pit): Debug: Quota root: name=INBOX backend=fs args=mount=/var/spool/mail doveadm(pit): Debug: Quota rule: root=INBOX mailbox=* bytes=19922944 messages=0 doveadm(pit): Debug: Quota warning: bytes=3984588 (20%) messages=0 reverse=no command=quota-warning 20 pit doveadm(pit): Debug: fs: root=/home/pit/mail, index=, control=, inbox=/var/spool/mail/pit doveadm(pit): Debug: fs quota add mailbox dir = /var/spool/mail doveadm(pit): Debug: fs quota block device = /dev/mapper/mpath1p1 doveadm(pit): Debug: fs quota mount point = /var/spool/mail doveadm(pit): Debug: fs quota mount type = ext2 Quota name Type Value Limit % INBOX STORAGE 4824 19456 24 But now don't work script quota-warning.sh: #!/bin/sh PERCENT=$1 USER=$2 cat << EOF | /usr/libexec/dovecot/dovecot-lda -d $USER -o "plugin/quota=fs:INBOX:mount=/var/spool/mail:noenforcing" From: postmaster at domen.org Subject: quota warning Your mailbox is now $PERCENT% full. EOF #dovecot -n # 2.0.13: /etc/dovecot/dovecot.conf # OS: Linux 2.6.18-274.3.1.el5.asp121 x86_64 Red Hat Enterprise Linux Server release 5.6 (Tikanga) disable_plaintext_auth = no listen = * log_path = /var/log/dovecot.log mail_debug = yes mail_location = mbox:~/mail:INBOX=/var/spool/mail/%u mail_plugins = quota mail_privileged_group = mail mbox_write_locks = fcntl passdb { driver = pam } plugin { quota = fs:INBOX:mount=/var/spool/mail quota_rule = *:storage=19456 quota_warning = storage=20%% quota-warning 20 %u } protocols = pop3 service quota-warning { executable = script /usr/local/bin/quota-warning.sh unix_listener quota-warning { mode = 0666 } user = root } ssl_cert = References: <1315563414.3876.50.camel@hurina> <20110909102128.GA762256@gabi.sernet.de> <20110909144349.GA846637@gabi.sernet.de> Message-ID: <1315822557.7326.0.camel@hurina> On Sun, 2011-09-11 at 21:50 +0200, Lutz Pre?ler wrote: > On Fri, 09 Sep 2011, Lutz Pre?ler wrote: > > LIST is now working correctly in my setup, but SUBSCRIBE ist not. > > With subscriptions=no, as written (but same behaviour with subscriptions=yes), > > SUBSCRIBE INBOX.gmail.INBOX (or others) yields > > 0 NO [SERVERBUG] Internal error occurred. Refer to server log for more information. [2011-09-09 16:39:40] > > logging (with mail_debug=yes) only > > Sep 9 16:39:40 host dovecot: imap(1143, user): Error: stat((null)) failed: Bad address > After putting (with subscriptions=no) an entry manually into the root > subscriptions file, everything including UNSUBSCRIBE works fine. Yeah, but then remote subscriptions don't work. I think the imapc subscription problems and namespace prefix problems are now fixed in hg. From tss at iki.fi Mon Sep 12 13:17:21 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 13:17:21 +0300 Subject: [Dovecot] 2.1: imapc LIST problem / usage question In-Reply-To: References: <1315563414.3876.50.camel@hurina> Message-ID: <1315822641.7326.2.camel@hurina> On Fri, 2011-09-09 at 12:21 +0200, Lutz Pre?ler wrote: > > > Second question: Is there a way to include multiple imapc instances/ > > > namespaces with e.g. different destinations servers? I don't see how > > > because imapc_* parameters seem to be global (now), but it would be a very > > > useful feature. > > > > I don't really understand. You're already returning per-user imapc > > namespace from userdb. What's missing? > One local dovecot user, multiple remote IMAP servers included in different > namespaces. I think you should be able to return e.g. "namespace=ns1 ns2" and then return namespaces for namespace/ns1/* and namespace/ns2/*. From tss at iki.fi Mon Sep 12 13:21:58 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 13:21:58 +0300 Subject: [Dovecot] Problem with configuring dovecot to take namespaces from database In-Reply-To: <4E69F758.8050008@mejor.pl> References: <4E6782CB.1060803@mejor.pl> <04EE142A-25EF-4018-A8AB-C3A35CDF7B4E@iki.fi> <4E6786CF.2020102@mejor.pl> <4E678B66.60602@mejor.pl> <8F07F485-4BC4-40E5-A520-7F59C87A7863@iki.fi> <4E688A28.1090800@mejor.pl> <1315474812.3876.23.camel@hurina> <4E68A060.8090306@mejor.pl> <1315487921.3876.40.camel@hurina> <4E69F758.8050008@mejor.pl> Message-ID: <1315822918.7326.5.camel@hurina> On Fri, 2011-09-09 at 13:24 +0200, Marcin Miros?aw wrote: > Ok, maybe could it be possible to do it in other way: > -------------------------------------------------------------------- > |user_id | namespace_full_definition | > -------------------------------------------------------------------- > | 7684 | /name=test1/prefix=test1./location=mdbox:~/test1/.mdbox/ > name=test2/prefix=test2/location=... | > -------------------------------------------------------------------- > > but this isn't supported by dovecot as i know. Not exactly like that, but you should be able to have a field called "userdb_import" that contains data like: namespace=n1 n2namespace/n1/prefix=blah.etc. other fields The s would of course have to be actual tab characters. From tss at iki.fi Mon Sep 12 13:25:02 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 13:25:02 +0300 Subject: [Dovecot] NO Unknown subscription namespace. In-Reply-To: <1315815243.20177.YahooMailNeo@web29114.mail.ird.yahoo.com> References: <1315815243.20177.YahooMailNeo@web29114.mail.ird.yahoo.com> Message-ID: <1315823103.7326.8.camel@hurina> On Mon, 2011-09-12 at 09:14 +0100, mailing lists wrote: > Hello, > > what this message means? > > "NO Unknown subscription namespace." It means that the namespace itself has subscriptions=no, and there are no "parent namespaces" with subscriptions=yes. > namespace { > inbox = yes > location = > prefix = INBOX. > separator = . > subscriptions = yes > } > namespace { > list = yes > location = maildir:/var/virtual-maildir/%%n > prefix = shared.%%n. > separator = . > subscriptions = no > type = shared > } I guess you'd want INBOX. namespace to handle the subscriptions here, but it doesn't work like that because in some configuration it could be ambiguous which namespace to use.. You'll need to create a prefix="" namespace to handle the subscriptions. For example: namespace { prefix = list = no hidden = yes } From tss at iki.fi Mon Sep 12 13:28:18 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 13:28:18 +0300 Subject: [Dovecot] setacl on complete mailbox In-Reply-To: <344f5f741af038d8ae8aaab40b4267fa@kokelnet.de> References: <344f5f741af038d8ae8aaab40b4267fa@kokelnet.de> Message-ID: <1315823298.7326.10.camel@hurina> On Sun, 2011-09-11 at 18:40 +0200, Tobias Hachmer wrote: > Hi List, > > how can I grant a user full control on another mailbox (the complete > mailbox with all folder and subfolders). > With the setacl command I could do this but first I have to list all > folders and then I have to do one setacl command for each folder. > > Is there a command to this in one line? Not currently. I guess doveadm acl commands could be modified to support wildcards quite easily. > Also for new created folders? Newly created folders' ACLs are copied from their parent at the create time. From tss at iki.fi Mon Sep 12 13:31:03 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 13:31:03 +0300 Subject: [Dovecot] Read-only mbox files In-Reply-To: <20110909194433.GB1243@carrick-users.bishnet.net> References: <20110909194433.GB1243@carrick-users.bishnet.net> Message-ID: <1315823464.7326.12.camel@hurina> On Fri, 2011-09-09 at 20:44 +0100, Tim Bishop wrote: > The setup is that my main namespace points at my Maildir mail folders. > In addition to this I have a second namespace that points at some old > archived mbox folders. I rarely need to access these folders, but when I > do Dovecot modifies the files (adding UID headers, etc). > > What I'd like to do is make it so that Dovecot can't change these files. > I thought there might be a setting to mark a mail_location as read-only, > but I can't find anything like that. I've looked at ACLs too, but they > seem to be more about user access that what Dovecot can do to files. Not possible without modifying Dovecot code, and seems like such a rarely wanted feature that it's not really worth the trouble, especially because..: > I could just do this at the filesystem level, but I'd feel a bit happier > about working with Dovecot rather than trying to work around it. Yeah, just chmod a-w them and that'll work. You don't want anything modifying them anyway, right? So seems like a pretty clean solution to me. From tss at iki.fi Mon Sep 12 13:33:27 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 13:33:27 +0300 Subject: [Dovecot] userdb static & Quota from LDAP? In-Reply-To: <20110909215855.GA4680@chemie.uni-hamburg.de> References: <20110909215855.GA4680@chemie.uni-hamburg.de> Message-ID: <1315823607.7326.14.camel@hurina> On Fri, 2011-09-09 at 23:58 +0200, Christian Schmidt wrote: > userdb { > driver = static > args = uid=vmail gid=vmail home=/var/maildir/%u > } These can be replaced with global settings: mail_uid = vmail mail_gid = vmail mail_home = /var/maildir/%u > Now I'd like to add per-user quotas that will also be stored in the > LDAP directory, and I'm not sure how to put things together. > IMHO quota is the only "userdb information" requested from LDAP, and > I'd like to leave all the other "userdb pieces" as the are. I changed > the userdb definition to: > userdb { > driver = ldap > args = /etc/dovecot/conf.d/ldap-userdb.ext > } > > My /etc/dovecot/conf.d/ldap-userdb.ext contains (along other lines): > > user_attrs = uid=vmail,gid=vmail,home=/var/maildir/%u,mailQuota=quota=quota_rule=*:storage=%$ Just set those global settings and drop uid/gid/home from here. Or you could get them working here too, but the syntax is slightly wrong: user_attrs = =uid=vmail, =gid=vmail, .. (With the above settings you're telling Dovecot that LDAP "uid" field will be assigned to Dovecot's "vmail" field, and the "gid" field immediately overrides it, and LDAP "home" field's value is set to Dovecot's "/var/maildir/%u" field.) From tss at iki.fi Mon Sep 12 13:37:26 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 13:37:26 +0300 Subject: [Dovecot] Mails repopping In-Reply-To: <004b01cc6f13$04a166d0$0de43470$@brereton@buongiorno.com> References: <004b01cc6f13$04a166d0$0de43470$@brereton@buongiorno.com> Message-ID: <1315823847.7326.17.camel@hurina> On Fri, 2011-09-09 at 13:07 -0400, Simon Brereton wrote: > I have a server that's been running Courier for about 6 years and in > all that time I think I've only ever had 1 issues where an entire mail > box was repopped by a webmail client. However, since moving to a new > server and dovecot 4 weeks ago, I've now had the webmail client repop > this account 4 times (there are about 230 mails in the account). > > Is there a setting I need to tighten to prevent/remedy this? I have > no idea if it's happening on other accounts, but this is one that I > see. The format is maildir. There has been no changes to the webmail > client. dovecot -n output would have been nice. Also do you see anything in error logs? If you're using the default pop3_uidl_format it'll rely on IMAP UIDs to stay the same, and I guess it's possible that due to some other problem they change (that should be logged as an error/warning though). You could try setting pop3_uidl_format=%f, but it will cause everyone to redownload mails. With newer Dovecot versions you could set pop3_save_uidl=yes and when you think everyone's downloaded mails once you can safely change the pop3_uidl_format. From tss at iki.fi Mon Sep 12 13:40:12 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 13:40:12 +0300 Subject: [Dovecot] How to get rid of sub-folders ? In-Reply-To: <1315581724.65256.YahooMailNeo@web27201.mail.ukl.yahoo.com> References: <1315581724.65256.YahooMailNeo@web27201.mail.ukl.yahoo.com> Message-ID: <1315824012.7326.19.camel@hurina> On Fri, 2011-09-09 at 16:22 +0100, Spyros Tsiolis wrote: > OK, no answers on my previous e-mail. I'll rephrase it. > How can I get rid of subfolders on a users' tree-like structure on dovecot ? > Which file must I "touch" ? This still isn't very understandable. You can delete subfolders with either IMAP client (= IMAP DELETE command) or simply rm -rf in the filesystem. Or do you mean moving the subfolders to be root level folders? Again IMAP client should be able to do this, or in filesystem level (assuming Maildir++) you'd do something like: mv ~/Maildir/.root.subfolder ~/Maildir/.subfolder From tss at iki.fi Mon Sep 12 13:43:28 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 13:43:28 +0300 Subject: [Dovecot] quota percents In-Reply-To: <87sjo5wkfy.fsf@algae.riseup.net> References: <87sjo5wkfy.fsf@algae.riseup.net> Message-ID: <1315824208.7326.21.camel@hurina> On Fri, 2011-09-09 at 16:05 -0400, Micah Anderson wrote: > I've noticed that http://wiki2.dovecot.org/Quota/Configuration is out of > date, it says: > > plugin { > quota = maildir:User quota > quota_rule = *:storage=1GB > # 10% of 1GB = 100MB > quota_rule2 = Trash:storage=10%% > # 20% of 1GB = 200MB > quota_rule3 = Spam:storage=20%% > } > > but if you use the '10%%' notation, dovecot complains, and *also* incorrectly: > > dovecot: imap(test at example.net): Warning: quota root mail quota rule Trash:bytes=10%: obsolete configuration for rule 'bytes=10%' should be changed to 'bytes=+10%' Right, fixed in wiki. Although this was only a warning, so it still worked. > its incorrect because if you change it to what it suggests ('+10%') it > wont work because that wont be 10% more, rather, it is set to bytes=+10: Well, that's a more complex problem. The %% escaping needs to be done in dovecot.conf, but it doesn't need to be done elsewhere. If this said that "use +10%%" and someone gives that in SQL user_query, it will break. So I'm not changing the warning. > However, it doesn't seem to work in practice, because I have a user that > is at 99% of quota, with nothing in the Trash who cannot move a 77KB > message into the Trash without getting the quota_exceeded message and > refusing to move it. dovecot -n output? From tss at iki.fi Mon Sep 12 13:44:34 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 13:44:34 +0300 Subject: [Dovecot] problem migrating from maildir to dbox In-Reply-To: <95E776CC-912A-4BD4-A99E-AA930E5CCBFB@uib.es> References: <95E776CC-912A-4BD4-A99E-AA930E5CCBFB@uib.es> Message-ID: <1315824275.7326.22.camel@hurina> On Fri, 2011-09-09 at 14:19 +0200, Ram?n Frontera wrote: > Hello, > we want to migrate Mail folders from Maildir to dbox without downtime. > We change the mail_location to dbox in 10-mail.conf and restart dovecot. > After that we use dsync -u user mirror maildir:~/Maildir. > The problem is that if INBOX exists the dsync create a new folder with name like b5893c0a93ff694e551200002dfa3112 > Can I migrate to the existing INBOX? or How can I merge the 2 INBOX folders? dovecot -n output? From dick at fouter.net Mon Sep 12 14:03:07 2011 From: dick at fouter.net (Dick Middleton) Date: Mon, 12 Sep 2011 12:03:07 +0100 Subject: [Dovecot] Dsync and hidden files Message-ID: <4E6DE6EB.3080000@fouter.net> Hi, I'm in the process of changing from Dovecot v1 to v2 and changing to mdbox in the process. I've come across a little problem which I was hoping there would be a workaround for. There are sieve config files in the home directories which are hidden files. Dsync croaks when it finds one of these because they are not mbox format. It would be nice if they were ignored (or copied unchanged). Is there another way to deal with them other than by deleting thm? Dick From tss at iki.fi Mon Sep 12 14:04:16 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 14:04:16 +0300 Subject: [Dovecot] dovecot 2.0.12: mdbox & quota=dirsize In-Reply-To: References: Message-ID: <1315825456.7326.26.camel@hurina> On Fri, 2011-09-09 at 15:24 +0400, ????? ?????? wrote: > #doveconf -v > ...................... > quota = dirsize:User quota > quota_debug = yes There's no such setting as quota_debug. > then i change ./dovecot-2.0.12/src/plugins/quota?/quota-dirsize.c > 165-- path = mailbox_list_get_path(namespaces[i]->list, NULL,? > 166-- MAILBOX_LIST_PATH_TYPE_MAILBOX?); > 165++ path = mailbox_list_get_path(namespaces[i]->list, NULL, > 166++ MAILBOX_LIST_PATH_TYPE_DIR);?? Well.. Hmm. I suppose that's ok. Done: http://hg.dovecot.org/dovecot-2.0/rev/9ea79795088d (Looks like hg web doesn't like UTF-8 in your name.) From Lutz.Pressler at SerNet.DE Mon Sep 12 14:20:06 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Mon, 12 Sep 2011 13:20:06 +0200 Subject: [Dovecot] multiple "imapc namespaces" Re: 2.1: imapc LIST problem / usage question In-Reply-To: <1315822641.7326.2.camel@hurina> References: <1315563414.3876.50.camel@hurina> <1315822641.7326.2.camel@hurina> Message-ID: On Mo, 12 Sep 2011, Timo Sirainen wrote: > On Fri, 2011-09-09 at 12:21 +0200, Lutz Pre?ler wrote: > > > > > Second question: Is there a way to include multiple imapc instances/ > > > > namespaces with e.g. different destinations servers? I don't see how > > > > because imapc_* parameters seem to be global (now), but it would be a very > > > > useful feature. > > > > > > I don't really understand. You're already returning per-user imapc > > > namespace from userdb. What's missing? > > One local dovecot user, multiple remote IMAP servers included in different > > namespaces. > > I think you should be able to return e.g. "namespace=ns1 ns2" and then > return namespaces for namespace/ns1/* and namespace/ns2/*. Now _I_ don't really understand ;-). This is necessary, yes, but how do I set different remote parameters (imapc_host, imapc_user, ...) for each one? Lutz From tss at iki.fi Mon Sep 12 14:28:52 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 14:28:52 +0300 Subject: [Dovecot] signal 11 crash, sometimes, during mbox bz2 decompression In-Reply-To: <4E6DC8FA.2050709@skew.org> References: <201108161100.p7GB0P3R073897@chilled.skew.org> <1314121664.10421.1314.camel@hurina> <4E6DC8FA.2050709@skew.org> Message-ID: <1315826932.7326.27.camel@hurina> On Mon, 2011-09-12 at 02:55 -0600, Mike Brown wrote: > On this system, I have the same setup with bz2-compressed mbox files. > They're still inaccessible from Thunderbird, but dovecot isn't crashing > with signal 11 anymore. Instead, the maillog says this for every > compressed box it tries to check: > > Sep 12 02:37:14 chilled dovecot: imap(mike): Error: > read(/home/mike/mail/old/sent-1999-07.bz2) failed: Invalid argument (uid=2) > Sep 12 02:37:14 chilled dovecot: imap(mike): Disconnected: Internal > error occurred. Refer to server log for more information. [2011-09-12 > 02:37:14] bytes=5492/2664368 > Sep 12 02:37:14 chilled dovecot: imap(mike): Error: Next message > unexpectedly lost from mbox file /home/mike/mail/old/sent-1999-07.bz2 at > 536 (cached) Oh, wonder why no one else has complained about that. Fixed: http://hg.dovecot.org/dovecot-2.0/rev/a930318a74a1 From tss at iki.fi Mon Sep 12 14:30:21 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 14:30:21 +0300 Subject: [Dovecot] multiple "imapc namespaces" Re: 2.1: imapc LIST problem / usage question In-Reply-To: References: <1315563414.3876.50.camel@hurina> <1315822641.7326.2.camel@hurina> Message-ID: <1315827025.7326.29.camel@hurina> On Mon, 2011-09-12 at 13:20 +0200, Lutz Pre?ler wrote: > > I think you should be able to return e.g. "namespace=ns1 ns2" and then > > return namespaces for namespace/ns1/* and namespace/ns2/*. > Now _I_ don't really understand ;-). This is necessary, yes, but how > do I set different remote parameters (imapc_host, imapc_user, ...) > for each one? Oh, yeah, didn't think about that :) I was considering making those settings per-namespace though.. Then you could change namespace/ns1/imapc_* settings. I guess most mail-related settings could be made per-namespace. I'll see if I can manage to do it easily. :) From ramon.frontera at uib.es Mon Sep 12 14:52:01 2011 From: ramon.frontera at uib.es (=?iso-8859-1?Q?Ram=F3n_Frontera?=) Date: Mon, 12 Sep 2011 13:52:01 +0200 Subject: [Dovecot] problem migrating from maildir to dbox In-Reply-To: <1315824275.7326.22.camel@hurina> References: <95E776CC-912A-4BD4-A99E-AA930E5CCBFB@uib.es> <1315824275.7326.22.camel@hurina> Message-ID: <16C8C54C-F9E5-4786-B52F-44E27CF7DD54@uib.es> hello, thanks in advance! Regards, $ dovecot -n # 2.0.13: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-131.6.1.el6.x86_64 x86_64 Red Hat Enterprise Linux Server release 6.1 (Santiago) nfs base_dir = /var/run/dovecot/ first_valid_uid = 96 listen = 10.80.82.21 log_path = /var/log/dovecot.log mail_gid = 97 mail_location = sdbox:/vmail/0/%u/dbox mail_plugins = acl quota mail_log notify mail_uid = 97 managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date mbox_write_locks = fcntl mmap_disable = yes namespace { hidden = no inbox = yes list = yes location = prefix = separator = / subscriptions = yes type = private } namespace { hidden = no inbox = no list = children location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%n prefix = shared/%%n/ separator = / subscriptions = no type = shared } passdb { driver = pam } passdb { args = /etc/dovecot/dovecot-ldap-pass.conf.ext.local driver = ldap } passdb { args = scheme=plain username_format=%u /etc/dovecot/imap.passwd driver = passwd-file } plugin { acl = vfile acl_shared_dict = file:/vmail/1/dovecot/shared-mailboxes quota = maildir:User quota quota_rule = *:storage=2500M quota_rule2 = Trash:storage=+500M quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=80%% quota-warning 80 %u } postmaster_address = xavier.pons at uib.es protocols = imap pop3 lmtp sieve service auth { unix_listener auth-userdb { group = vmail mode = 0660 } } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } } service lmtp { inet_listener lmtp { port = 30025 } } service pop3-login { inet_listener pop3 { port = 110 } inet_listener pop3s { port = 995 ssl = yes } } service quota-warning { executable = script /usr/local/bin/quota-warning.sh unix_listener quota-warning { user = vmail } user = dovecot } ssl = required ssl_cert = On Fri, 2011-09-09 at 14:19 +0200, Ram?n Frontera wrote: >> Hello, >> we want to migrate Mail folders from Maildir to dbox without downtime. >> We change the mail_location to dbox in 10-mail.conf and restart dovecot. >> After that we use dsync -u user mirror maildir:~/Maildir. >> The problem is that if INBOX exists the dsync create a new folder with name like b5893c0a93ff694e551200002dfa3112 >> Can I migrate to the existing INBOX? or How can I merge the 2 INBOX folders? > > dovecot -n output? > > From tss at iki.fi Mon Sep 12 14:52:19 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 14:52:19 +0300 Subject: [Dovecot] MySQL, map files In-Reply-To: <1315525950.915.YahooMailNeo@web39420.mail.mud.yahoo.com> References: <1315525950.915.YahooMailNeo@web39420.mail.mud.yahoo.com> Message-ID: <1315828341.7326.35.camel@hurina> On Thu, 2011-09-08 at 16:52 -0700, Steve Fatula wrote: > I'll try and break up my questions the other day about extdata that > went unanswered into pieces in the hopes it will be more specific and > clear. > > In general, I am trying to figure out the syntax of the map statement > and what is allowed in that statement. So, by map statement, I mean > for example perhaps the dovecot-dict-expire.conf.ext file as shown in > the doc. Is the syntax the same for the various types of files (quota > vs expire)? Is there syntax to allow the specification of a different > key? If so, where is this documented. I have an existing table I want > to use, not the table shown in the doc. They aren't really documented anywhere. Also I'm kind of hoping one day to replace the files anyway with a new syntax that allows mixed configuration of sql/file/other backends. The dict configuration itself is anyway generic and works basically the same for expire/quota/others, except they use different keys (=different patterns when matching). I'm not sure if there is any useful way to even explain how it works now. There is the example SQL configuration for expire and quota. Somewhere in wiki is example flat file config for them. There's really not much else you can do with them. > The reason I am asking is I have seen web pages that reference all > sorts of statements within the map statement, and I have no idea where > they are documented. Specifically, I see an example here (which is > LDAP), look in section 3: > > http://dovecot.org/patches/1.2/ldap/HOWTO_dictldap+extdata.txt > > > You will see lots of statements, not sure which ones can be used for > MySQL (instead of LDAP). That patch's mapping references to Pigeonhole's extdata plugin. If you install that plugin you can use SQL or flat file for the same maps. > So, would like to find a list of ALL valid syntax within the map. Plugins can always add more maps. From tss at iki.fi Mon Sep 12 15:06:44 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 15:06:44 +0300 Subject: [Dovecot] problem migrating from maildir to dbox In-Reply-To: <16C8C54C-F9E5-4786-B52F-44E27CF7DD54@uib.es> References: <95E776CC-912A-4BD4-A99E-AA930E5CCBFB@uib.es> <1315824275.7326.22.camel@hurina> <16C8C54C-F9E5-4786-B52F-44E27CF7DD54@uib.es> Message-ID: <1315829204.7326.38.camel@hurina> On Mon, 2011-09-12 at 13:52 +0200, Ram?n Frontera wrote: > >> After that we use dsync -u user mirror maildir:~/Maildir. > >> The problem is that if INBOX exists the dsync create a new folder with name like b5893c0a93ff694e551200002dfa3112 > >> Can I migrate to the existing INBOX? or How can I merge the 2 INBOX folders? Have you created the dbox directory before running dsync? And opened it with some tool? I tried with your config and it worked fine. The reason why these duplicate INBOXes happen is when INBOX exists both in source and in destination when dsync is run. Typically this means that you've created the destination INBOX already by e.g. logging in or delivering a mail there or something.. From ajb2 at mssl.ucl.ac.uk Mon Sep 12 15:11:16 2011 From: ajb2 at mssl.ucl.ac.uk (Alan Brown) Date: Mon, 12 Sep 2011 13:11:16 +0100 Subject: [Dovecot] general advice sought Message-ID: <4E6DF6E4.2070102@mssl.ucl.ac.uk> I'd like to hear the thoughts of list members on which type of storage method seems "best" for inboxes and for folders. The filesystem is GFS2 and for various reasons I can't change it. Inboxes - currently Mbox format. Some users have upwards of 5000 messages in there (the largest is about 18k entries) and thanks to attachments some inboxes are 40-200Mb with a few sitting at 2-3Gb. (Suicidal, I know but enforcing rules is politik-laden and getting academics to behave sensibly is like herding cats) Folders: Mdir format. Thanks to GFS2 filesystem limitations(*) I'm currently enforcing a limit of 4000 messages/folder. It'd be nice to have a "better" way of storing these which doesn't drive up backup loads tremendously. The mail spool has around 6 million files in the folders, covering about 400Gb. GFS2 filesystem limitations are painful. While there are no hard limits, It really doesn't cope well with a lot of files in any given directory thanks to limitations in the way that cluster locking is propagated, There are marked slowdowns about 100 files, this becomes awful above 1000 and effectively unusable above about 8000 entries as the entire IO system gets halted momentarily when such directories are opened and the directory may take up to 5 minutes to return a "ls" result. Some users had upwards of 80k files in their mail folders (~40k messages) and accessing these brought the entire system to a halt. If I migrate to other formats (eg mdbox), then it needs to be able to be done on the fly. (Taking the mailservers down for a day won't go down well, even an hour raises howls). Any suggestions? From tss at iki.fi Mon Sep 12 15:30:45 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 15:30:45 +0300 Subject: [Dovecot] mysql auth failover failing In-Reply-To: <4E6ACC6C.6020200@acm.org> References: <4E6ACC6C.6020200@acm.org> Message-ID: <1315830646.7326.46.camel@hurina> On Fri, 2011-09-09 at 19:33 -0700, Paul B. Henson wrote: > According to the sample SQL configuration file "HA / round-robin > load-balancing is supported by giving multiple host settings, like: > host=sql1.host.org host=sql2.host.org". > > However, as far as I can tell dovecot only connects to the first listed > host, and processes all queries through it, there does not appear to be > any load-balancing going on. The current code creates connection to the second server only when the first connection is already busy with an SQL query, or when it's not working. Once there are more connections, it starts doing round robin lookups. This works okay enough with PostgreSQL because it does asynchronous lookups, so two simultaneous lookups create a second connection. MySQL does synchronous lookups though, so the second connection is normally never created. I suppose the fix to this would be to always connect to all SQL servers at startup. > That's not necessarily a dealbreaker; however, high-availability does > not appear to be working either. > > If I shutdown the first mysql server, dovecot starts to log connection > failures: > > Sep 9 15:47:34 tweak dovecot: auth: Error: > mysql(mysql-1.unx.csupomona.edu): Connect failed to database (idmgmt): > Can't connect to MySQL server on 'mysql-1.unx.csupomona.edu' (111) - > waiting for 1 seconds before retry > > Sep 9 15:47:39 tweak dovecot: auth: Error: > mysql(mysql-1.unx.csupomona.edu): Connect failed to database (idmgmt): > Can't connect to MySQL server on 'mysql-1.unx.csupomona.edu' (111) - > waiting for 25 seconds before retry Those are intentional. > And postfix starts to fail authentications: > > Sep 9 15:47:35 tweak postfix/smtpd[5119]: warning: > bender.iitsys.csupomona.edu[134.71.250.134]: SASL DIGEST-MD5 > authentication failed: Connection lost to authentication server It should have created the second connection here and not fail.. > Now and again the authentication process dies: > > Sep 9 15:47:39 tweak dovecot: auth: Panic: file auth-request-handler.c: > line 697 (auth_request_handler_flush_failures): assertion failed: > (auth_request->state == AUTH_REQUEST_STATE_FINISHED) And this of course shouldn't happen either. > Requests start to pile up: > > Sep 9 15:51:46 tweak dovecot: auth: Warning: auth workers: Auth request > was queued for 25 seconds, 45 left in queue > > Lookups time out: > > Sep 9 15:57:22 tweak dovecot: auth: Error: auth worker: Aborted > request: Lookup timed out These are the result of the previous failures. > This occasionally pops up: > > Sep 9 15:58:38 tweak dovecot: auth: Fatal: > net_connect_unix(auth-worker) failed: Resource temporarily unavailable Probably this too. > And sometimes the auth process gets temporarily disabled: > > Sep 9 15:58:57 tweak dovecot: master: Error: service(auth): command > startup failed, throttling Most likely related to the crash, although I think this still shouldn't have happened. > I don't think all authentications fail during the scenario, but I think > the majority do. Based on the network traffic, dovecot is almost > continuously trying to connect to the first listed server. It sometimes > connects to the second listed server, but when it does, the connection > does not persist, it goes away almost immediately. There are multiple auth-worker processes, each one having their own internal MySQL connections with separate retry counters. I'll try to debug this soon. From tss at iki.fi Mon Sep 12 15:34:07 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 15:34:07 +0300 Subject: [Dovecot] general advice sought In-Reply-To: <4E6DF6E4.2070102@mssl.ucl.ac.uk> References: <4E6DF6E4.2070102@mssl.ucl.ac.uk> Message-ID: <1315830847.7326.48.camel@hurina> On Mon, 2011-09-12 at 13:11 +0100, Alan Brown wrote: > I'd like to hear the thoughts of list members on which type of storage > method seems "best" for inboxes and for folders. > > The filesystem is GFS2 and for various reasons I can't change it. .. > If I migrate to other formats (eg mdbox), then it needs to be able to be > done on the fly. (Taking the mailservers down for a day won't go down > well, even an hour raises howls). Have you had any trouble with Dovecot's index files in your current setup? Any errors at all? If not, I'd think mdbox will work fine. You can do it incrementally per-user (and you really should try it first with only a few users). http://wiki2.dovecot.org/Tools/Dsync explains how to do it on the fly. From tss at iki.fi Mon Sep 12 16:32:48 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 16:32:48 +0300 Subject: [Dovecot] Dsync and hidden files In-Reply-To: <4E6DE6EB.3080000@fouter.net> References: <4E6DE6EB.3080000@fouter.net> Message-ID: <1315834368.7326.55.camel@hurina> On Mon, 2011-09-12 at 12:03 +0100, Dick Middleton wrote: > I'm in the process of changing from Dovecot v1 to v2 and changing to mdbox in > the process. I've come across a little problem which I was hoping there would > be a workaround for. > > There are sieve config files in the home directories which are hidden files. > Dsync croaks when it finds one of these because they are not mbox format. > > It would be nice if they were ignored (or copied unchanged). Is there another > way to deal with them other than by deleting thm? Here: http://hg.dovecot.org/dovecot-2.0/raw-rev/3c8b44bb1974 From ramon.frontera at uib.es Mon Sep 12 16:38:00 2011 From: ramon.frontera at uib.es (=?iso-8859-1?Q?Ram=F3n_Frontera?=) Date: Mon, 12 Sep 2011 15:38:00 +0200 Subject: [Dovecot] problem migrating from maildir to dbox In-Reply-To: <1315829204.7326.38.camel@hurina> References: <95E776CC-912A-4BD4-A99E-AA930E5CCBFB@uib.es> <1315824275.7326.22.camel@hurina> <16C8C54C-F9E5-4786-B52F-44E27CF7DD54@uib.es> <1315829204.7326.38.camel@hurina> Message-ID: <055A7E98-5B9A-4140-AF3E-90EA34F5E271@uib.es> While the dovecot is running with the new mail_location to dbox, I try to migrate the maildir content. This is the reason because INBOX already exists. -- ------------------------------------------ Ramon Frontera Gallardo Centre de Tecnologies de la Informaci? Universitat de les Illes Balears Ctra. Valldemossa km 7,5 07122 Palma de Mallorca El 12/09/2011, a las 14:06, Timo Sirainen escribi?: > On Mon, 2011-09-12 at 13:52 +0200, Ram?n Frontera wrote: >>>> After that we use dsync -u user mirror maildir:~/Maildir. >>>> The problem is that if INBOX exists the dsync create a new folder with name like b5893c0a93ff694e551200002dfa3112 >>>> Can I migrate to the existing INBOX? or How can I merge the 2 INBOX folders? > > Have you created the dbox directory before running dsync? And opened it > with some tool? I tried with your config and it worked fine. > > The reason why these duplicate INBOXes happen is when INBOX exists both > in source and in destination when dsync is run. Typically this means > that you've created the destination INBOX already by e.g. logging in or > delivering a mail there or something.. > > From tss at iki.fi Mon Sep 12 17:09:57 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 17:09:57 +0300 Subject: [Dovecot] problem migrating from maildir to dbox In-Reply-To: <055A7E98-5B9A-4140-AF3E-90EA34F5E271@uib.es> References: <95E776CC-912A-4BD4-A99E-AA930E5CCBFB@uib.es> <1315824275.7326.22.camel@hurina> <16C8C54C-F9E5-4786-B52F-44E27CF7DD54@uib.es> <1315829204.7326.38.camel@hurina> <055A7E98-5B9A-4140-AF3E-90EA34F5E271@uib.es> Message-ID: <1315836597.7326.74.camel@hurina> You changed the mail_location globally to dbox? You should instead do it one user at a time, like explained in http://wiki2.dovecot.org/Tools/Dsync (with initial dsync done before user's mail_location is ever changed). Otherwise you'll get these duplicate INBOXes and you'll need to somehow manually figure out how to merge them. There are "doveadm move" and "doveadm mailbox delete" commands for example. On Mon, 2011-09-12 at 15:38 +0200, Ram?n Frontera wrote: > While the dovecot is running with the new mail_location to dbox, I try to migrate the maildir content. > This is the reason because INBOX already exists. > > -- > ------------------------------------------ > Ramon Frontera Gallardo > Centre de Tecnologies de la Informaci? > Universitat de les Illes Balears > Ctra. Valldemossa km 7,5 > 07122 Palma de Mallorca > > > > > El 12/09/2011, a las 14:06, Timo Sirainen escribi?: > > > On Mon, 2011-09-12 at 13:52 +0200, Ram?n Frontera wrote: > >>>> After that we use dsync -u user mirror maildir:~/Maildir. > >>>> The problem is that if INBOX exists the dsync create a new folder with name like b5893c0a93ff694e551200002dfa3112 > >>>> Can I migrate to the existing INBOX? or How can I merge the 2 INBOX folders? > > > > Have you created the dbox directory before running dsync? And opened it > > with some tool? I tried with your config and it worked fine. > > > > The reason why these duplicate INBOXes happen is when INBOX exists both > > in source and in destination when dsync is run. Typically this means > > that you've created the destination INBOX already by e.g. logging in or > > delivering a mail there or something.. > > > > > From dick at fouter.net Mon Sep 12 17:53:18 2011 From: dick at fouter.net (Dick Middleton) Date: Mon, 12 Sep 2011 15:53:18 +0100 Subject: [Dovecot] Dsync and hidden files In-Reply-To: <1315834368.7326.55.camel@hurina> References: <4E6DE6EB.3080000@fouter.net> <1315834368.7326.55.camel@hurina> Message-ID: <4E6E1CDE.3090300@fouter.net> On 09/12/11 14:32, Timo Sirainen wrote: > On Mon, 2011-09-12 at 12:03 +0100, Dick Middleton wrote: >> It would be nice if they were ignored (or copied unchanged). Is there another >> way to deal with them other than by deleting thm? > > Here: http://hg.dovecot.org/dovecot-2.0/raw-rev/3c8b44bb1974 Did you just do that? For me? Wow, I'm flattered. Many thanks. Dick From simon.brereton at buongiorno.com Mon Sep 12 18:02:33 2011 From: simon.brereton at buongiorno.com (Simon Brereton) Date: Mon, 12 Sep 2011 11:02:33 -0400 Subject: [Dovecot] Mails repopping In-Reply-To: <1315823847.7326.17.camel@hurina> References: <004b01cc6f13$04a166d0$0de43470$@brereton@buongiorno.com> <1315823847.7326.17.camel@hurina> Message-ID: <021d01cc715d$015f9400$041ebc00$@brereton@buongiorno.com> > -----Original Message----- > From: Timo Sirainen [mailto:tss at iki.fi] > On Fri, 2011-09-09 at 13:07 -0400, Simon Brereton wrote: > > > I have a server that's been running Courier for about 6 years and > in > > all that time I think I've only ever had 1 issues where an entire > mail > > box was repopped by a webmail client. However, since moving to a > new > > server and dovecot 4 weeks ago, I've now had the webmail client > repop > > this account 4 times (there are about 230 mails in the account). > > > > Is there a setting I need to tighten to prevent/remedy this? I > have > > no idea if it's happening on other accounts, but this is one that I > > see. The format is maildir. There has been no changes to the > webmail > > client. > > dovecot -n output would have been nice. Also do you see anything in > error logs? Ah. My apologies of course. Here it is.. mail:~# dovecot -n # 1.2.15: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.2 ext3 log_timestamp: %Y-%m-%d %H:%M:%S protocols: imap imaps pop3 pop3s ssl_ca_file: /etc/ssl/keys/rhodes-ca.crt ssl_cert_file: /etc/ssl/keys/mail.domain.net.crt ssl_key_file: /etc/ssl/private/mail.domain.net.key disable_plaintext_auth: no login_dir: /var/run/dovecot/login login_executable(default): /usr/lib/dovecot/imap-login login_executable(imap): /usr/lib/dovecot/imap-login login_executable(pop3): /usr/lib/dovecot/pop3-login mail_privileged_group: mailsystem mail_location: maildir:/var/spool/mail/virtual/%d/%n maildir_very_dirty_syncs: yes mbox_write_locks: fcntl dotlock mail_executable(default): /usr/lib/dovecot/imap mail_executable(imap): /usr/lib/dovecot/imap mail_executable(pop3): /usr/lib/dovecot/pop3 mail_plugins(default): quota imap_quota mail_plugins(imap): quota imap_quota mail_plugins(pop3): quota mail_plugin_dir(default): /usr/lib/dovecot/modules/imap mail_plugin_dir(imap): /usr/lib/dovecot/modules/imap mail_plugin_dir(pop3): /usr/lib/dovecot/modules/pop3 imap_client_workarounds(default): outlook-idle delay-newmail imap_client_workarounds(imap): outlook-idle delay-newmail imap_client_workarounds(pop3): pop3_client_workarounds(default): pop3_client_workarounds(imap): pop3_client_workarounds(pop3): outlook-no-nuls oe-ns-eoh lda: postmaster_address: postmaster at domain.net mail_plugins: quota log_path: info_log_path: deliver_log_format: msgid=%m: %f: %$ auth default: mechanisms: plain login user: mailsystem verbose: yes passdb: driver: sql args: /etc/dovecot/dovecot-sql.conf userdb: driver: prefetch userdb: driver: static args: uid=999 gid=115 home=/var/spool/mail/virtual/%d/%n allow_all_users=yes socket: type: listen client: path: /var/spool/postfix/private/auth mode: 432 user: postfix group: mailsystem master: path: /var/run/dovecot/auth-master mode: 432 user: mailsystem group: mailsystem plugin: quota: maildir Could you make dovecot -n munge the certificate and postmaster email addresses? I'm not comfortable with that floating on the internet.. The only thing I have in the logs is 2 sessions where mail was popped (note, it doesn't even add up to the 183 messages in the mail box). But those sessions are vastly longer than the regular ones (tens of minutes compared to a few seconds). Since both IPs are on the back-bone, that's quite a while to download 100 mails (none of which are over Sep 11 21:36:25 mail dovecot: pop3-login: Login: user=, method=PLAIN, rip=64.88.168.84, lip=83.170.65.xxx, TLS Sep 11 21:36:34 mail dovecot: POP3(user at domain.com): Disconnected: Logged out top=0/0, retr=0/0, del=0/183, size=14025971 Sep 11 21:43:44 mail dovecot: pop3-login: Login: user=, method=PLAIN, rip=64.88.168.84, lip=83.170.65.xxx, TLS Sep 11 21:44:54 mail dovecot: POP3(user at domain.com): Disconnected: Logged out top=0/0, retr=0/0, del=0/183, size=14025971 Sep 11 21:52:31 mail dovecot: pop3-login: Login: user=, method=PLAIN, rip=64.88.168.84, lip=83.170.65.xxx, TLS Sep 11 22:56:01 mail dovecot: POP3(user at domain.com): Disconnected: Logged out top=0/0, retr=100/9182678, del=0/183, size=14025971 Sep 11 23:08:58 mail dovecot: pop3-login: Login: user=, method=PLAIN, rip=64.88.168.84, lip=83.170.65.xxx, TLS Sep 11 23:37:57 mail dovecot: POP3(user at domain.com): Disconnected: Logged out top=0/0, retr=75/4748674, del=0/183, size=14025971 Sep 12 00:04:11 mail dovecot: pop3-login: Login: user=, method=PLAIN, rip=64.88.168.84, lip=83.170.65.xxx, TLS Sep 12 00:04:26 mail dovecot: POP3(user at domain.com): Disconnected: Logged out top=0/0, retr=0/0, del=0/183, size=14025971 Sep 12 00:07:40 mail dovecot: pop3-login: Login: user=, method=PLAIN, rip=64.88.168.84, lip=83.170.65.xxx, TLS Sep 12 00:07:53 mail dovecot: POP3(user at domain.com): Disconnected: Logged out top=0/0, retr=0/0, del=0/183, size=14025971 > If you're using the default pop3_uidl_format it'll rely on IMAP UIDs > to stay the same, and I guess it's possible that due to some other > problem they change (that should be logged as an error/warning > though). > > You could try setting pop3_uidl_format=%f, but it will cause everyone > to redownload mails. With newer Dovecot versions you could set > pop3_save_uidl=yes and when you think everyone's downloaded mails > once you can safely change the pop3_uidl_format. Sorry, I'm very new to dovecot and I'm not sure I understand. I presume because neither of those keys are in the dovecot -n output that they are as the defaults, yes? The account is indeed accessed by IMAP as well (from a mobile device mostly), but I don't see anything fishy there either. How could I see if the IMAP UIDs have changed? Sep 11 21:20:32 mail dovecot: IMAP(user at domain.com): Connection closed bytes=1095/8292 Sep 11 21:26:03 mail dovecot: imap-login: Login: user=, method=PLAIN, rip=174.252.83.244, lip=83.170.65.xxx, TLS Sep 11 22:11:20 mail dovecot: IMAP(user at domain.com): Disconnected for inactivity bytes=725/5638 Sep 11 22:17:10 mail dovecot: imap-login: Login: user=, method=PLAIN, rip=174.252.83.244, lip=83.170.65.xxx, TLS Sep 11 23:12:06 mail dovecot: IMAP(user at domain.com): Disconnected for inactivity bytes=1471/11025 Sep 11 23:23:22 mail dovecot: imap-login: Login: user=, method=PLAIN, rip=174.252.83.244, lip=83.170.65.xxx, TLS Sep 11 23:52:52 mail dovecot: IMAP(user at domain.com): Connection closed bytes=1841/13679 Sep 12 00:08:47 mail dovecot: imap-login: Login: user=, method=PLAIN, rip=174.252.83.244, lip=83.170.65.xxx, TLS Sep 12 01:19:05 mail dovecot: imap-login: Login: user=, method=PLAIN, rip=174.252.83.244, lip=83.170.65.xxx, TLS Sep 12 02:57:01 mail dovecot: IMAP(user at domain.com): Connection closed bytes=2713/60026 Sep 12 02:57:01 mail dovecot: IMAP(user at domain.com): Connection closed bytes=2688/18635 There are no errors or warnings in the mail log (I have one shared log file for postfix, amavis and dovecot). Reading the notes for pop3_save_uidl it doesn't seem to be a dangerous option - should I turn that on? Why will it force everyone to redownload mails (there's nothing about it on the wiki)? Thanks! Simon From simon.brereton at buongiorno.com Mon Sep 12 18:21:14 2011 From: simon.brereton at buongiorno.com (Simon Brereton) Date: Mon, 12 Sep 2011 11:21:14 -0400 Subject: [Dovecot] Mails repopping In-Reply-To: <021d01cc715d$015f9400$041ebc00$@brereton@buongiorno.com> References: <004b01cc6f13$04a166d0$0de43470$@brereton@buongiorno.com> <1315823847.7326.17.camel@hurina> <021d01cc715d$015f9400$041ebc00$@brereton@buongiorno.com> Message-ID: <022801cc715f$9d2e49b0$d78add10$@brereton@buongiorno.com> > -----Original Message----- > From: dovecot-bounces at dovecot.org [mailto:dovecot- > bounces at dovecot.org] On Behalf Of Simon Brereton > > -----Original Message----- > > From: Timo Sirainen [mailto:tss at iki.fi] On Fri, 2011-09-09 at 13:07 > > -0400, Simon Brereton wrote: > > > > > I have a server that's been running Courier for about 6 years and > > in > > > all that time I think I've only ever had 1 issues where an entire > > mail > > > box was repopped by a webmail client. However, since moving to a > > new > > > server and dovecot 4 weeks ago, I've now had the webmail client > > repop > > > this account 4 times (there are about 230 mails in the account). > > > > > > Is there a setting I need to tighten to prevent/remedy this? I > > have > > > no idea if it's happening on other accounts, but this is one that > I > > > see. The format is maildir. There has been no changes to the > > webmail > > > client. > > > > dovecot -n output would have been nice. Also do you see anything in > > error logs? > > Ah. My apologies of course. Here it is.. > > mail:~# dovecot -n > # 1.2.15: /etc/dovecot/dovecot.conf > # OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.2 ext3 I've only just noticed that installing from apt-get on Debian 64-bit installs Dovecot 1.2 - does anyone know when 2.x will be available via apt? Simon From zaharovr at inbox.ru Mon Sep 12 18:24:41 2011 From: zaharovr at inbox.ru (Roman Zakharov) Date: Mon, 12 Sep 2011 19:24:41 +0400 Subject: [Dovecot] dovecot 2.0.12: mdbox & quota=dirsize In-Reply-To: <1315825456.7326.26.camel@hurina> References: <1315825456.7326.26.camel@hurina> Message-ID: <4E6E2439.3080109@inbox.ru> 12.09.2011 15:04, Timo Sirainen ?????: > On Fri, 2011-09-09 at 15:24 +0400, ????? ?????? wrote: >> #doveconf -v >> ...................... >> quota = dirsize:User quota >> quota_debug = yes > There's no such setting as quota_debug. Yes, really, not used adjustment, but doesn't cause errors :) > >> then i change ./dovecot-2.0.12/src/plugins/quota?/quota-dirsize.c >> 165--path = mailbox_list_get_path(namespaces[i]->list, NULL,? >> 166-- MAILBOX_LIST_PATH_TYPE_MAILBOX?); >> 165++path = mailbox_list_get_path(namespaces[i]->list, NULL, >> 166++ MAILBOX_LIST_PATH_TYPE_DIR);?? > Well.. Hmm. I suppose that's ok. Done: > http://hg.dovecot.org/dovecot-2.0/rev/9ea79795088d > (Looks like hg web doesn't like UTF-8 in your name.) > > Roman Zakharov, it is not important, i think From ka at pacific.net Mon Sep 12 18:49:11 2011 From: ka at pacific.net (Ken A) Date: Mon, 12 Sep 2011 10:49:11 -0500 Subject: [Dovecot] Attacking Dovecot In-Reply-To: <201109092145.p89LjQLb017904@panas.otenet.gr> References: <201109092145.p89LjQLb017904@panas.otenet.gr> Message-ID: <4E6E29F7.90401@pacific.net> That's all normal activity (failed logins) for any internet facing machine. They may be dictionary attacks, or not... If they get on your nerves, block them. Strong passwords will help more. Also, it's likely that you have forged mail coming in from outside, and not really "spam from local users" ? If it is really locally generated, then disable the account. Ken On 9/9/2011 4:45 PM, Nikos Papadopoulos wrote: > Hello, > > > > I am using Dovecot ver.1.0.7 on an x86 server with RedHat Linux Enterprise 5 > and the following configuration: > > > > # 1.0.7: /etc/dovecot.conf > > protocols: pop3 > > login_dir: /var/run/dovecot/login > > login_executable: /usr/libexec/dovecot/pop3-login > > mail_location: mbox:~/mail:INBOX=/var/mail/%u > > mail_executable: /usr/libexec/dovecot/pop3 > > mail_plugin_dir: /usr/lib/dovecot/pop3 > > pop3_client_workarounds: outlook-no-nuls oe-ns-eoh > > auth default: > > passdb: > > driver: pam > > userdb: > > driver: passwd > > > > > > It seems that my mail server is being attacked by someone who tries to > retrieve users' credentials. Please read below an output of logwatch. > > > > dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information > about > > user sandra > > dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information > about > > user tanya > > dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information > about > > user tanya > > dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information > about > > user dark > > dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information > about > > user dark > > dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information > about > > user gibson > > dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information > about > > user frank > > dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information > about > > user frank > > > > > > > > Besides, some of the local users receive "spam" emails, which seem to be > sent by another local user. > > > > Please assist me on how to prevent the aforementioned attack. > > > > Best Regards, > > > > Nikos > > > > -- Ken Anderson Pacific Internet - http://www.pacific.net Latest Pacific.Net Status - http://twitter.com/pacnetstatus From listas.correo at yahoo.es Mon Sep 12 18:55:51 2011 From: listas.correo at yahoo.es (mailing lists) Date: Mon, 12 Sep 2011 16:55:51 +0100 (BST) Subject: [Dovecot] director ignoring director_mail_servers for lmtp connections Message-ID: <1315842951.89437.YahooMailNeo@web29120.mail.ird.yahoo.com> Hello, Following Jan-Frode's advise I am trying this configuration: {postfix} ---lmtp---> {director} ---lmtp---> {dovecot} so I have two dovecot instances for director/proxy and lmtp delivery on ports 1024 and 24 respectively. whilst for imap connections I can specify a pool of imap backend servers via 'director_mail_servers' it seems is not possible with lmtp. Sep 12 17:14:13 imap1 dovecot: auth: Debug: master in: PASS?? 1?????? user001 at example.com ?? service=lmtp??? lip=::1 lport=1024????? rip=::1 rpor5 Sep 12 17:14:13 imap1 dovecot: auth: Debug: static(user001 at example.com,::1): lookup Sep 12 17:14:13 imap1 dovecot: auth: Debug: password(user001 at eexample.com,::1): Credentials: Sep 12 17:14:13 imap1 dovecot: auth: Debug: master out: PASS? 1?????? user=user001 at example.com?????? proxy?? port=24 Sep 12 17:14:13 imap1 dovecot: lmtp(25682): Debug: auth input: user=user001 at example.com proxy port=24 Sep 12 17:14:13 imap1 dovecot: lmtp(25682): Error: proxy: host not given Sep 12 17:14:13 imap1 dovecot: lmtp(25682): Debug: Loading modules from directory: /usr/lib64/dovecot/modules Sep 12 17:14:13 imap1 dovecot: lmtp(25682): Debug: Module loaded: /usr/lib64/dovecot/modules/lib01_acl_plugin.so Sep 12 17:14:13 imap1 dovecot: auth: Debug: master in: USER?? 2?????? user001 at example.com??? service=lmtp??? lip=::1 rip=::1 Sep 12 17:14:13 imap1 dovecot: auth: Debug: static(user001 at example.com,::1): lookup Sep 12 17:14:13 imap1 dovecot: auth: Debug: password(user001 at example.com,::1): Credentials: Sep 12 17:14:13 imap1 dovecot: auth: Debug: master out: USER? 2?????? user001 at example.com Sep 12 17:14:13 imap1 dovecot: lmtp(25682): Debug: auth input: user001 at example.com Sep 12 17:14:43 imap1 dovecot: lmtp(25682): Disconnect from ::1: Client quit (in RCPT TO) how I can redirect incoming lmtp request to backend lmtp servers (and not just one)? what I'm missing here? ??? /----------/ # dovecot -c /etc/dovecot-director/dovecot.conf -n # 2.0.14: /etc/dovecot-director/dovecot.conf # OS: Linux 2.6.34.7-0.7-xen x86_64 openSUSE 11.3 (x86_64) auth_debug = yes auth_debug_passwords = yes auth_verbose = yes auth_verbose_passwords = plain base_dir = /var/run/dovecot-director/ director_mail_servers = 101.180.245.101 director_servers = 101.180.245.101 disable_plaintext_auth = no lmtp_proxy = yes mail_debug = yes mail_fsync = always mail_gid = 5000 mail_nfs_index = yes mail_nfs_storage = yes mail_plugins = acl mail_uid = 5000 managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date mmap_disable = yes passdb { ? args = proxy=y nopassword=y ? driver = static } plugin { ? acl = vfile ? sieve = ~/.dovecot.sieve ? sieve_dir = ~/sieve } protocols = imap lmtp service auth { ? unix_listener auth-userdb { ??? group = vmail ??? mode = 0666 ??? user = vmail ? } } service director { ? fifo_listener login/proxy-notify { ??? mode = 0666 ? } ? inet_listener { ??? port = 9090 ? } ? unix_listener director-userdb { ??? mode = 0666 ? } ? unix_listener login/director { ??? mode = 0666 ? } } service imap-login { ? executable = imap-login director ? inet_listener imap { ??? port = 10143 ? } } service lmtp { ? inet_listener lmtp { ??? port = 1024 ? } } ssl = no verbose_proctitle = yes protocol lmtp { ? passdb { ??? args = proxy=y nopassword=y port=24 ??? driver = static ? } } protocol imap { ? mail_max_userip_connections = 100 } From Christian.Schmidt at chemie.uni-hamburg.de Mon Sep 12 19:03:35 2011 From: Christian.Schmidt at chemie.uni-hamburg.de (Christian Schmidt) Date: Mon, 12 Sep 2011 18:03:35 +0200 Subject: [Dovecot] userdb static & Quota from LDAP? In-Reply-To: <1315823607.7326.14.camel@hurina> References: <20110909215855.GA4680@chemie.uni-hamburg.de> <1315823607.7326.14.camel@hurina> Message-ID: <20110912160335.GG16271@chemie.uni-hamburg.de> Hello Timo, Timo Sirainen, 12.09.2011 (d.m.y): > On Fri, 2011-09-09 at 23:58 +0200, Christian Schmidt wrote: > > userdb { > > driver = static > > args = uid=vmail gid=vmail home=/var/maildir/%u > > } > > These can be replaced with global settings: > > mail_uid = vmail > mail_gid = vmail > mail_home = /var/maildir/%u > > > Now I'd like to add per-user quotas that will also be stored in the > > LDAP directory, and I'm not sure how to put things together. > > IMHO quota is the only "userdb information" requested from LDAP, and > > I'd like to leave all the other "userdb pieces" as the are. I changed > > the userdb definition to: > > userdb { > > driver = ldap > > args = /etc/dovecot/conf.d/ldap-userdb.ext > > } > > > > My /etc/dovecot/conf.d/ldap-userdb.ext contains (along other lines): > > > > user_attrs = uid=vmail,gid=vmail,home=/var/maildir/%u,mailQuota=quota=quota_rule=*:storage=%$ > > Just set those global settings and drop uid/gid/home from here. Or you > could get them working here too, but the syntax is slightly wrong: > > user_attrs = =uid=vmail, =gid=vmail, .. > > (With the above settings you're telling Dovecot that LDAP "uid" field > will be assigned to Dovecot's "vmail" field, and the "gid" field > immediately overrides it, and LDAP "home" field's value is set to > Dovecot's "/var/maildir/%u" field.) This is working now: user_attrs = mailQuota=quota_rule=*:bytes=%$ Thank you, Timo! Gruss/Regards, Christian Schmidt -- You're at the end of the road again. From dave.stubbs at utoronto.ca Mon Sep 12 19:10:46 2011 From: dave.stubbs at utoronto.ca (Dave Stubbs) Date: Mon, 12 Sep 2011 12:10:46 -0400 Subject: [Dovecot] Possible to Customize File Naming Scheme? Message-ID: <4E6E2F06.6000507@utoronto.ca> Hello all, [Sorry if this has been covered already - I searched back a little way in the archive and didn't find anything recent on the topic.] I'm wondering if it is possible to customize the way dovecot creates or modifies filenames in the maildir directories? I'm watching how my mail system works, and I see that procmail creates a new file in the /new directory, each time an email is received. This file is some complex combination of UIDs and things, suffixed by the server name. So far, the filename has alphanumerics, a couple underscores, and a dot or two only. But once dovecot gets it's hands on the file and moves it to the /cur directory, it starts doing "terrible" things to the file name. Now, the filename starts to have "evil" things in it, like colons and commas. Is there a way to change this? I'm asking this primarily because I use dovecot as a massive long-term email archiving system. One of the things one needs to be able to do when running a long-term archive like this is keep things as simple and accessible as possible. The reason I use maildir is that I totally buy into the "one email, one file" idea - it means I don't have to store messages in big consolidated database files that are changeable with each new version of the vendor's software release (such as exchange DBs or Outlook PST files) or that are horrible performers (such as mbox). One of the nice things about the maildir "each email is a separate file" idea is that you are not limited to maildir or dovecot or any other piece of software to handle, read, and process the files. For instance, I would like to backup my maildir by using rsync to synchronize my dovecot-managed maildir to a Windows server running NFS. From there the files are synchronized via Windows DFS ( to which there is no open source solution that is even close) to several other servers around the continent. Only thing: The evil commas and colons in the filenames are anathema to Windows. So instead I tar the maildir folders to tgz files on the windows server, and the tgz's are synchronized to other DR sites. If I could do without the need for tar (mandated solely because of the colons and commas in the dovecot filename scheme) I could minimize the time to backup (only synchronizing changes) and suddenly I would have a lot of other benefits opened up. One simple one would be that if I could configure dovecot to append the .eml extension to the end of every file (technically each file in a maildir is an eml file regardless of the extension being present or not - eml is just a raw mail file just like what you'd find in a maildir) I would have instant access to them using Search Server Express, which can read eml files but strongly prefers to use extentions to recognize files as such. To be clear: I'm not requesting that dovecot's file naming convention be changed to match my quirky requirements - I'm just asking if it could be made configurable, so I could change it to match my needs and others could change it to match theirs. In the interests of REALLY being able to use the elegantly simple idea of each mail being a separate file, I'm trying to get more out of that great pile of folders and files I'm amassing in my mail archive server. The more use I can make of them with other software other than dovecot (i.e. data crawling, indexing, easy recovery in a catastrophe, etc) the more valuable this format is. Is this possible? From micah at riseup.net Mon Sep 12 19:17:09 2011 From: micah at riseup.net (Micah Anderson) Date: Mon, 12 Sep 2011 12:17:09 -0400 Subject: [Dovecot] quota percents References: <87sjo5wkfy.fsf@algae.riseup.net> <1315824208.7326.21.camel@hurina> Message-ID: <8739g1ka62.fsf@algae.riseup.net> Timo Sirainen writes: > On Fri, 2011-09-09 at 16:05 -0400, Micah Anderson wrote: > >> its incorrect because if you change it to what it suggests ('+10%') it >> wont work because that wont be 10% more, rather, it is set to bytes=+10: > > Well, that's a more complex problem. The %% escaping needs to be done in > dovecot.conf, but it doesn't need to be done elsewhere. If this said > that "use +10%%" and someone gives that in SQL user_query, it will > break. So I'm not changing the warning. Ok, that makes sense. >> However, it doesn't seem to work in practice, because I have a user that >> is at 99% of quota, with nothing in the Trash who cannot move a 77KB >> message into the Trash without getting the quota_exceeded message and >> refusing to move it. > > dovecot -n output? NOTE: i turned off the quota plugins while this is sorted, so you wont see them enabled below. # 2.0.13: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.2 auth_default_realm = example.net auth_verbose = yes default_process_limit = 256 default_vsz_limit = 512 M dict { expire = mysql:/etc/dovecot/dovecot-dict-sql.conf quota = mysql:/etc/dovecot/dovecot-dict-sql.conf } disable_plaintext_auth = no first_valid_gid = 8 first_valid_uid = 8 last_valid_gid = 8 last_valid_uid = 8 listen = * login_greeting = howdy, ready. mail_location = mdbox:~/mdbox mail_plugins = expire maildir_very_dirty_syncs = yes namespace { inbox = yes location = prefix = separator = . } namespace { hidden = yes inbox = no list = no location = prefix = INBOX. separator = . } passdb { args = /etc/dovecot/dovecot-sql.conf driver = sql } plugin { expire = Trash expire2 = Trash/* expire3 = Spam expire_dict = proxy::expire quota = dict:Your mail quota::proxy::quota quota_exceeded_message = You are over quota. To avoid losing mail, immediately empty your Trash and Sent folders and delete emails with large attachments. quota_rule = *:bytes=24117248 quota_rule2 = Trash:bytes=+50%% quota_rule3 = Spam:bytes=+20%% } postmaster_address = postmaster at example.net protocols = imap pop3 service dict { unix_listener dict { group = mail mode = 0600 user = mail } } service imap-login { process_min_avail = 10 service_count = 0 vsz_limit = 512 M } service imap-postlogin { executable = script-login /maildir/postlogin_imap user = $default_internal_user } service pop3-postlogin { executable = script-login /maildir/postlogin_pop user = $default_internal_user } ssl_cert = References: <4E6E2F06.6000507@utoronto.ca> Message-ID: <20110912131803.Horde.lV3aUMm_qOVObjC720uXbjA@mail.kalinowski.com.br> On Seg, 12 Set 2011, Dave Stubbs wrote: > Hello all, > > I'm watching how my mail system works, and I see that procmail > creates a new file in the /new directory, each time an email > is received. This file is some complex combination of UIDs and > things, suffixed by the server name. So far, the filename has > alphanumerics, a couple underscores, and a dot or two only. > > But once dovecot gets it's hands on the file and moves it to the > /cur directory, it starts doing "terrible" things to the > file name. Now, the filename starts to have "evil" things in it, > like colons and commas. The colon and commas are part of the Maildir spec[0], so no, it can't be changed. [0]http://cr.yp.to/proto/maildir.html -- If you want to read about love and marriage you've got to buy two separate books. -- Alan King Eduardo M KALINOWSKI eduardo at kalinowski.com.br From tss at iki.fi Mon Sep 12 19:22:23 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 19:22:23 +0300 Subject: [Dovecot] Possible to Customize File Naming Scheme? In-Reply-To: <4E6E2F06.6000507@utoronto.ca> References: <4E6E2F06.6000507@utoronto.ca> Message-ID: <94C2EC27-49CF-49EE-B778-7C09ED3A6B0A@iki.fi> On 12.9.2011, at 19.10, Dave Stubbs wrote: > I'm watching how my mail system works, and I see that procmail creates a new file in the /new directory, each time an email is received. This file is some complex combination of UIDs and things, suffixed by the server name. So far, the filename has alphanumerics, a couple underscores, and a dot or two only. > > But once dovecot gets it's hands on the file and moves it to the /cur directory, it starts doing "terrible" things to the file name. Now, the filename starts to have "evil" things in it, like colons and commas. Is there a way to change this? That's how Maildir works to store message flags. If you don't like it, use something else. > I'm asking this primarily because I use dovecot as a massive long-term email archiving system. One of the things one needs to be able to do when running a long-term archive like this is keep things as simple and accessible as possible. The reason I use maildir is that I totally buy into the "one email, one file" idea - it means I don't have to store messages in big consolidated database files that are changeable with each new version of the vendor's software release (such as exchange DBs or Outlook PST files) or that are horrible performers (such as mbox). Dovecot v2.0's sdbox format could work for you. > One of the nice things about the maildir "each email is a separate file" idea is that you are not limited to maildir or dovecot or any other piece of software to handle, read, and process the files. Well, sdbox isn't good for that then anymore. Cydir backend could possibly work, although it is missing some features that dbox has and was mainly intended as an example code for super simple mailbox format. > For instance, I would like to backup my maildir by using rsync to synchronize my dovecot-managed maildir to a Windows server running NFS. From there the files are synchronized via Windows DFS ( to which there is no open source solution that is even close) to several other servers around the continent. Only thing: The evil commas and colons in the filenames are anathema to Windows. So instead I tar the maildir folders to tgz files on the windows server, and the tgz's are synchronized to other DR sites. You could patch Dovecot's maildir code to use something else than commas and colons in maildir-storage.h: #define MAILDIR_INFO_SEP ':' #define MAILDIR_EXTRA_SEP ',' #define MAILDIR_FLAGS_SEP ',' #define MAILDIR_INFO_SEP_S ":" #define MAILDIR_EXTRA_SEP_S "," #define MAILDIR_FLAGS_SEP_S "," > If I could do without the need for tar (mandated solely because of the colons and commas in the dovecot filename scheme) I could minimize the time to backup (only synchronizing changes) and suddenly I would have a lot of other benefits opened up. One simple one would be that if I could configure dovecot to append the .eml extension to the end of every file (technically each file in a maildir is an eml file regardless of the extension being present or not - eml is just a raw mail file just like what you'd find in a maildir) I would have instant access to them using Search Server Express, which can read eml files but strongly prefers to use extentions to recognize files as such. The message flags should still be stored somewhere if not in the filename. dbox and cydir stores them in Dovecot's index files. > To be clear: I'm not requesting that dovecot's file naming convention be changed to match my quirky requirements - I'm just asking if it could be made configurable, so I could change it to match my needs and others could change it to match theirs. In the interests of REALLY being able to use the elegantly simple idea of each mail being a separate file, I'm trying to get more out of that great pile of folders and files I'm amassing in my mail archive server. The more use I can make of them with other software other than dovecot (i.e. data crawling, indexing, easy recovery in a catastrophe, etc) the more valuable this format is. > > Is this possible? One last possibility is to create your own mailbox format that works exactly like you want. From al-dovecot at none.at Mon Sep 12 20:14:48 2011 From: al-dovecot at none.at (Aleksandar Lazic) Date: Mon, 12 Sep 2011 19:14:48 +0200 Subject: [Dovecot] Sieve envelope :detail "to" "extention" does not deliver to fileinto destination Message-ID: <20110912171448.GB320@none.at> Dear Listmember. I resend this with different Subject so that the spamfilter does not drop the mail, I hope ;-) I try to migrate from my current courier-mta setup fo postfix dovecot setup. I use the following scirpt to filter to the destination mailbox. ### /var/vmail/none.at/al/.dovecot.sieve # from http://wiki.dovecot.org/LDA/Sieve require ["fileinto", "envelope", "subaddress", "include"]; include "lists.sieve"; if envelope :detail "to" "work" { fileinto "INBOX.work"; } ### ### /var/vmail/none.at/al/sieve/lists.sieve require ["fileinto", "subaddress", "envelope" ]; if envelope :detail "to" "pdnsusers" { fileinto "Lists.pdnsusers"; } ### postfix/master ### dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop} -a ${original_recipient} # flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop} -m ${extension} -a ${original_recipient} ### Log ### Sep 11 21:47:48 lvps46-163-74-15 postfix/smtpd[7788]: connect from Sep 11 21:48:12 lvps46-163-74-15 postfix/smtpd[7788]: 495EF9FECAF9: Sep 11 21:48:27 lvps46-163-74-15 postfix/cleanup[7795]: 495EF9FECAF9: message-id=<> Sep 11 21:48:27 lvps46-163-74-15 postfix/qmgr[7785]: 495EF9FECAF9: from=, size=268, nrcpt=1 (queue active) Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda: Debug: Loading modules from directory: /usr/lib/dovecot/modules Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda: Debug: Module loaded: /usr/lib/dovecot/modules/lib90_sieve_plugin.so Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda: Debug: auth input: al at none.at uid=5000 gid=5000 home=/var/vmail/none.at/al Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: Effective uid=5000, gid=5000, home=/var/vmail/none.at/al Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: maildir: root exists (/var/vmail/none.at/al/Maildir) Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: maildir++: root=/var/vmail/none.at/al/Maildir, index=, control=, inbox=/var/vmail/none.at/al/Maildir, alt= Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: none: root=, index=, control=, inbox=, alt= Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: Destination address: al-pdnsuser at none.at (source: -a parameter) Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: sieve: using sieve path for user's script: /var/vmail/none.at/al/.dovecot.sieve Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: sieve: opening script /var/vmail/none.at/al/.dovecot.sieve Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: sieve: script binary /var/vmail/none.at/al/.dovecot.svbin successfully loaded Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: sieve: binary save: not saving binary /var/vmail/none.at/al/.dovecot.svbin, because it is already stored Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: sieve: executing script from /var/vmail/none.at/al/.dovecot.svbin Sep 11 21:48:27 lvps46-163-74-15 dovecot: lda(al at none.at): sieve: msgid=unspecified: stored mail into mailbox 'INBOX' Sep 11 21:48:27 lvps46-163-74-15 postfix/pipe[7797]: 495EF9FECAF9: to=, relay=dovecot, delay=28, delays=28/0.02/0/0.22, dsn=2.0.0, status=sent (delivered via dovecot service) Sep 11 21:48:27 lvps46-163-74-15 postfix/qmgr[7785]: 495EF9FECAF9: removed Sep 11 21:48:28 lvps46-163-74-15 postfix/smtpd[7788]: disconnect from xxx ### dovecot -n => attachment dovecot_-n ~#: egrep -v '^(#|$)' /etc/dovecot/dovecot-sql.conf #### driver = mysql connect = host=127.0.0.1 dbname=mailserver user=$USER \ password=$PASSWORD default_pass_scheme = PLAIN-MD5 password_query = SELECT user_email AS user, \ user_password AS password \ FROM virtual_users WHERE user_email='%u'; #### Due to the fact that I'am new to dovecot and sieve I hope anybody can help the solve this issue. My target is to filter the mailinglists based on address extention or is it better to filter on to header? Is there a 'log' or 'print' command in the sieve filter or how can I write a message to the log file? Many thanks for your help BR Aleks -------------- next part -------------- # 2.0.14: /etc/dovecot/dovecot.conf # OS: Linux 2.6.18-028stab092.1 x86_64 Ubuntu 10.04.3 LTS auth_mechanisms = plain login digest-md5 cram-md5 disable_plaintext_auth = no log_timestamp = "%Y-%m-%d %H:%M:%S " mail_debug = yes mail_privileged_group = mail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date passdb { args = /etc/dovecot/dovecot-sql.conf driver = sql } protocols = imap recipient_delimiter = - service auth { unix_listener auth-userdb { group = vmail mode = 0755 user = vmail } user = root } ssl_cert = References: <1315581724.65256.YahooMailNeo@web27201.mail.ukl.yahoo.com> <1315824012.7326.19.camel@hurina> Message-ID: <1315850294.2049.YahooMailNeo@web27201.mail.ukl.yahoo.com> On Fri, 2011-09-09 at 16:22 +0100, Spyros Tsiolis wrote: > OK, no answers on my previous e-mail. I'll rephrase it. > How can I get rid of subfolders on a users' tree-like structure on dovecot ? > Which file must I "touch" ? This still isn't very understandable. You can delete subfolders with either IMAP client (= IMAP DELETE command) or simply rm -rf in the filesystem. Or do you mean moving the subfolders to be root level folders? Again IMAP client should be able to do this, or in filesystem level (assuming Maildir++) you'd do something like: mv ~/Maildir/.root.subfolder ~/Maildir/.subfolder ________________________________ Timo, thank you kindly for your time and patience, It's a weird scenario where the user uses Thunderbird and managed to create folders underneath the subscribers' (her) root folder with symbols that are not accepted by thunderbird. Hence, the trouble of not being able to get rid of these folders. Thanks for the pointer. I'll have to look more closely to the help pages for the IMAP protocol. Best Regards, spyros ? ---- "I merely function as a channel that filters music through the chaos of noise" - Vangelis From dave.stubbs at utoronto.ca Mon Sep 12 21:00:49 2011 From: dave.stubbs at utoronto.ca (Dave Stubbs) Date: Mon, 12 Sep 2011 14:00:49 -0400 Subject: [Dovecot] Possible to Customize File Naming Scheme? In-Reply-To: <94C2EC27-49CF-49EE-B778-7C09ED3A6B0A@iki.fi> References: <4E6E2F06.6000507@utoronto.ca> <94C2EC27-49CF-49EE-B778-7C09ED3A6B0A@iki.fi> Message-ID: <4E6E48D1.3040802@utoronto.ca> On 9/12/2011 12:22 PM, Timo Sirainen wrote: > On 12.9.2011, at 19.10, Dave Stubbs wrote: > >> I'm watching how my mail system works, and I see that procmail creates a new file in the/new directory, each time an email is received. This file is some complex combination of UIDs and things, suffixed by the server name. So far, the filename has alphanumerics, a couple underscores, and a dot or two only. >> >> But once dovecot gets it's hands on the file and moves it to the/cur directory, it starts doing "terrible" things to the file name. Now, the filename starts to have "evil" things in it, like colons and commas. Is there a way to change this? > That's how Maildir works to store message flags. If you don't like it, use something else. Fair enough > >> I'm asking this primarily because I use dovecot as a massive long-term email archiving system. One of the things one needs to be able to do when running a long-term archive like this is keep things as simple and accessible as possible. The reason I use maildir is that I totally buy into the "one email, one file" idea - it means I don't have to store messages in big consolidated database files that are changeable with each new version of the vendor's software release (such as exchange DBs or Outlook PST files) or that are horrible performers (such as mbox). > Dovecot v2.0's sdbox format could work for you. > >> One of the nice things about the maildir "each email is a separate file" idea is that you are not limited to maildir or dovecot or any other piece of software to handle, read, and process the files. > Well, sdbox isn't good for that then anymore. Cydir backend could possibly work, although it is missing some features that dbox has and was mainly intended as an example code for super simple mailbox format. Well, maybe sdbox could still work. Just a quick question - what is the format of the u.* file? Is it still a raw (possibly partially) mime-encoded file that contains the all-important From: line, just like a mail file in a maildir folder? If so, I could sync the sdbox files elsewhere and index them if I could convince dovecot to use the filename scheme u.*.eml instead of u.* Possible? Or is the sdbox file format different? From tss at iki.fi Mon Sep 12 21:07:28 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 21:07:28 +0300 Subject: [Dovecot] Possible to Customize File Naming Scheme? In-Reply-To: <4E6E48D1.3040802@utoronto.ca> References: <4E6E2F06.6000507@utoronto.ca> <94C2EC27-49CF-49EE-B778-7C09ED3A6B0A@iki.fi> <4E6E48D1.3040802@utoronto.ca> Message-ID: On 12.9.2011, at 21.00, Dave Stubbs wrote: >>> One of the nice things about the maildir "each email is a separate file" idea is that you are not limited to maildir or dovecot or any other piece of software to handle, read, and process the files. >> Well, sdbox isn't good for that then anymore. Cydir backend could possibly work, although it is missing some features that dbox has and was mainly intended as an example code for super simple mailbox format. > Well, maybe sdbox could still work. Just a quick question - what is the format of the u.* file? Is it still a raw (possibly partially) mime-encoded file that contains the all-important From: line, just like a mail file in a maildir folder? If so, I could sync the sdbox files elsewhere and index them if I could convince dovecot to use the filename scheme u.*.eml instead of u.* sdbox begins with a small dbox header, followed by the message text and finally a dbox metadata footer. Something like: 2 M1e C4e327f7d ^A^BN 0000000000000906 ^A^C R4e327f7d V94e G39670b147d7f324e0e1d000074ccac23 dbox-file.h describes the headers and lists the metadata characters and what they mean. Because of this extra metadata I don't really know if it would be a good idea to name them *.eml. Yes, you could copy specific sdbox files elsewhere and run "doveadm force-resync" on them. All message flags would be lost though, since they're stored only in Dovecot's index files. From tss at iki.fi Mon Sep 12 21:10:38 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 21:10:38 +0300 Subject: [Dovecot] quota percents In-Reply-To: <8739g1ka62.fsf@algae.riseup.net> References: <87sjo5wkfy.fsf@algae.riseup.net> <1315824208.7326.21.camel@hurina> <8739g1ka62.fsf@algae.riseup.net> Message-ID: On 12.9.2011, at 19.17, Micah Anderson wrote: >>> However, it doesn't seem to work in practice, because I have a user that >>> is at 99% of quota, with nothing in the Trash who cannot move a 77KB >>> message into the Trash without getting the quota_exceeded message and >>> refusing to move it. >> >> dovecot -n output? > > namespace { > inbox = yes > location = > prefix = > separator = . > } > namespace { > hidden = yes > inbox = no > list = no > location = > prefix = INBOX. > separator = . > } Maybe the client is using the INBOX. namespace and trying to copy to INBOX.Trash instead of Trash? You could try adding another quota rule for INBOX.Trash. I should probably also change the quota code to follow "alias_for" directives. Then you could have only a single Trash, if you add "alias_for = " to the INBOX. namespace. From nhelauro at gmail.com Mon Sep 12 21:10:56 2011 From: nhelauro at gmail.com (Lauro C.) Date: Mon, 12 Sep 2011 15:10:56 -0300 Subject: [Dovecot] Custom error messages. Message-ID: I am using Dovecot 1.2.9. Is it possible to have custom error messages? I want to translate some of the messages (for instance mailbox full), so it can be more user friendly. I already use the quota warning feature. But I need to translate the messages anyways, is it possible? Lauro From Lutz.Pressler at SerNet.DE Mon Sep 12 21:15:08 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Mon, 12 Sep 2011 20:15:08 +0200 Subject: [Dovecot] 2.1: imapc SUBSCRIBE problem In-Reply-To: <1315822557.7326.0.camel@hurina> References: <1315563414.3876.50.camel@hurina> <20110909102128.GA762256@gabi.sernet.de> <20110909144349.GA846637@gabi.sernet.de> <1315822557.7326.0.camel@hurina> Message-ID: On Mon, 12 Sep 2011, Timo Sirainen wrote: > On Sun, 2011-09-11 at 21:50 +0200, Lutz Pre?ler wrote: > > On Fri, 09 Sep 2011, Lutz Pre?ler wrote: > > > LIST is now working correctly in my setup, but SUBSCRIBE ist not. > > > With subscriptions=no, as written (but same behaviour with subscriptions=yes), > > > SUBSCRIBE INBOX.gmail.INBOX (or others) yields > > > 0 NO [SERVERBUG] Internal error occurred. Refer to server log for more information. [2011-09-09 16:39:40] > > > logging (with mail_debug=yes) only > > > Sep 9 16:39:40 host dovecot: imap(1143, user): Error: stat((null)) failed: Bad address > > After putting (with subscriptions=no) an entry manually into the root > > subscriptions file, everything including UNSUBSCRIBE works fine. > > Yeah, but then remote subscriptions don't work. I think the imapc > subscription problems and namespace prefix problems are now fixed in hg. Not really. No error on SUBSCRIBE anymore, but it does not work permanently: 0 lsub "" "*" * LSUB () "." "INBOX.test.test2" [... further entries ...] 0 OK Lsub completed. 0 subscribe "INBOX.gmail.[Gmail].Spam" 0 OK Subscribe completed. <--- now subscriptions file includes "gmail.[Gmail]/Spam" 0 lsub "" "*" * LSUB () "." "INBOX.test.test2" [... further entries, but NOT INBOX.gmail.[Gmail].Spam ...] 0 OK Lsub completed. <--- now the "gmail.[Gmail]/Spam" line is gone from subscriptions file again! The same happens with INBOX.gmail.INBOX, so it's not the "[]" characters. I have to test with debugging turned on later. Lutz From tss at iki.fi Mon Sep 12 21:16:34 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 21:16:34 +0300 Subject: [Dovecot] Custom error messages. In-Reply-To: References: Message-ID: On 12.9.2011, at 21.10, Lauro C. wrote: > Is it possible to have custom error messages? I want to translate some of > the messages (for instance mailbox full), so it can be more user friendly. I > already use the quota warning feature. But I need to translate the messages > anyways, is it possible? For "mailbox full", yes: http://wiki2.dovecot.org/Quota/Configuration#Custom_Quota_Exceeded_Message Anything else: no. Do you have specific examples of anything else you'd want to change? From tss at iki.fi Mon Sep 12 21:18:12 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 12 Sep 2011 21:18:12 +0300 Subject: [Dovecot] 2.1: imapc SUBSCRIBE problem In-Reply-To: References: <1315563414.3876.50.camel@hurina> <20110909102128.GA762256@gabi.sernet.de> <20110909144349.GA846637@gabi.sernet.de> <1315822557.7326.0.camel@hurina> Message-ID: On 12.9.2011, at 21.15, Lutz Pre?ler wrote: >> Yeah, but then remote subscriptions don't work. I think the imapc >> subscription problems and namespace prefix problems are now fixed in hg. > Not really. No error on SUBSCRIBE anymore, but it does not work > permanently: > > 0 lsub "" "*" > * LSUB () "." "INBOX.test.test2" > [... further entries ...] > 0 OK Lsub completed. > 0 subscribe "INBOX.gmail.[Gmail].Spam" > 0 OK Subscribe completed. > <--- now subscriptions file includes > "gmail.[Gmail]/Spam" There shouldn't be any changes to subscriptions file! The subscriptions are stored on remote IMAP server. What exactly have you set to your namespaces now? From dovecot.user at seibercom.net Mon Sep 12 21:22:39 2011 From: dovecot.user at seibercom.net (Jerry) Date: Mon, 12 Sep 2011 14:22:39 -0400 Subject: [Dovecot] Sieve envelope :detail "to" "extention" does not deliver to fileinto destination In-Reply-To: <20110912171448.GB320@none.at> References: <20110912171448.GB320@none.at> Message-ID: <20110912142239.7ec8eb49@scorpio> On Mon, 12 Sep 2011 19:14:48 +0200 Aleksandar Lazic articulated: > dovecot unix - n n - - pipe > flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f > ${sender} -d ${user}@${nexthop} -a ${original_recipient} > # flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f > ${sender} -d ${user}@${nexthop} -m ${extension} -a > ${original_recipient} I use plus addressing and this is the entry in the master.cf file from Postfix: dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/usr/local/libexec/dovecot/deliver -f ${sender} -d ${user}@${nexthop} -a ${recipient} The "argv" could be different on your system; however the rest should be the same as mine I would assume. If you do make a change, you will have to restart Postfix for it to take effect. -- Jerry ? Dovecot.user at seibercom.net Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __________________________________________________________________ From compconsultant at yahoo.com Mon Sep 12 21:23:35 2011 From: compconsultant at yahoo.com (Steve Fatula) Date: Mon, 12 Sep 2011 11:23:35 -0700 (PDT) Subject: [Dovecot] MySQL, map files In-Reply-To: <1315828341.7326.35.camel@hurina> References: <1315525950.915.YahooMailNeo@web39420.mail.mud.yahoo.com> <1315828341.7326.35.camel@hurina> Message-ID: <1315851815.71073.YahooMailNeo@web39415.mail.mud.yahoo.com> ----- Original Message ----- > From: Timo Sirainen > To: Steve Fatula > Cc: Dovecot List > Sent: Monday, September 12, 2011 6:52 AM > Subject: Re: [Dovecot] MySQL, map files > >> The reason I am asking is I have seen web pages that reference all >> sorts of statements within the map statement, and I have no idea where >> they are documented. Specifically, I see an example here (which is >> LDAP), look in section 3: >> >> http://dovecot.org/patches/1.2/ldap/HOWTO_dictldap+extdata.txt >> >> >> You will see lots of statements, not sure which ones can be used for >> MySQL (instead of LDAP). > > That patch's mapping references to Pigeonhole's extdata plugin. If you > install that plugin you can use SQL or flat file for the same maps. > Ok, so, now we get to the issue. What syntax can be used for the extdata plugin?? If I have an existing MySQL table with the structure: username preference value Username would be the dovecot user name. preference would be a constant, and, value is the variable I want to set via the extdata plugin. The primary key is username + preference (constant, in this case, say it's set to "POP3"). I want to use extdata to retrieve that value. Can it be done using extdata and MySQL map syntax, and if so, can you provide an example? Can I specify the query itself (i.e., select value from table t, another table at where....) From henson at acm.org Mon Sep 12 23:26:17 2011 From: henson at acm.org (Paul B. Henson) Date: Mon, 12 Sep 2011 13:26:17 -0700 Subject: [Dovecot] mysql auth failover failing In-Reply-To: <1315830646.7326.46.camel@hurina> References: <4E6ACC6C.6020200@acm.org> <1315830646.7326.46.camel@hurina> Message-ID: <4E6E6AE9.6040105@acm.org> On 9/12/2011 5:30 AM, Timo Sirainen wrote: > This works okay enough with PostgreSQL because it does asynchronous > lookups, so two simultaneous lookups create a second connection. > MySQL does synchronous lookups though, so the second connection is > normally never created. If I could, I think I'd rather run postgres; but so many things only support mysql you can't really get away with running only postgres, and it's not worth the effort to run two separate sql services . > I suppose the fix to this would be to always connect to all SQL > servers at startup. Perhaps it could be an option, either load balancing between all available servers, or only using later listed servers when the earlier listed ones are failing. For my purposes, either way is fine, as long as authentications don't fail :). The other contributor to this thread, who has a local mysql replica listed first and the central master listed second probably wouldn't want the load balanced between them. > It should have created the second connection here and not fail.. Based on the network traffic, it is really pounding the primary trying to connect, and occasionally connecting to the secondary only to immediately disconnect after either only one or very few queries. > I'll try to debug this soon. Thanks; let me know if there's anything I could do to help, or if there are any potential fixes you would like tested. -- Paul B. Henson | (909) 979-6361 | http://www.csupomona.edu/~henson/ Operating Systems and Network Analyst | henson at csupomona.edu California State Polytechnic University | Pomona CA 91768 From Lutz.Pressler at SerNet.DE Tue Sep 13 01:10:54 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Tue, 13 Sep 2011 00:10:54 +0200 Subject: [Dovecot] 2.1: imapc SUBSCRIBE problem In-Reply-To: References: <1315563414.3876.50.camel@hurina> <20110909102128.GA762256@gabi.sernet.de> <20110909144349.GA846637@gabi.sernet.de> <1315822557.7326.0.camel@hurina> Message-ID: On Mo, 12 Sep 2011, Timo Sirainen wrote: > On 12.9.2011, at 21.15, Lutz Pre?ler wrote: > > Not really. No error on SUBSCRIBE anymore, but it does not work > > permanently: > > > > 0 lsub "" "*" > > * LSUB () "." "INBOX.test.test2" > > [... further entries ...] > > 0 OK Lsub completed. > > 0 subscribe "INBOX.gmail.[Gmail].Spam" > > 0 OK Subscribe completed. > > <--- now subscriptions file includes > > "gmail.[Gmail]/Spam" The problem seems to be the different separators (I missed the "/" earlier). First level mailboxes on gmail do work (I mixed it up... INBOX.gmail.INBOX is fine, as is INBOX.gmail.test). > > There shouldn't be any changes to subscriptions file! The subscriptions are stored on remote IMAP server. Why? With subscriptions=no I would expect the local subscriptions file beeing used (and this is useful!) > What exactly have you set to your namespaces now? The imapc namespace has subscriptions=no. I also tested subscriptions=yes now. That works as expected. (Some glitch with "INBOX.gmail.[Gmail]" not beeing UNSUBSCRIBEbable when \Noselect, but that's probably a Gmail IMAP problem). Lutz From al-dovecot at none.at Tue Sep 13 01:42:44 2011 From: al-dovecot at none.at (Aleksandar Lazic) Date: Tue, 13 Sep 2011 00:42:44 +0200 Subject: [Dovecot] Sieve envelope :detail "to" "extention" does not deliver to fileinto destination In-Reply-To: <20110912142239.7ec8eb49@scorpio> References: <20110912171448.GB320@none.at> <20110912142239.7ec8eb49@scorpio> Message-ID: <20110912224244.GA27446@none.at> Dear Jerry, On Mon 12.09.2011 14:22, Jerry wrote: >On Mon, 12 Sep 2011 19:14:48 +0200 >Aleksandar Lazic articulated: > > > >> dovecot unix - n n - - pipe >> flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f >> ${sender} -d ${user}@${nexthop} -a ${original_recipient} >> # flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f >> ${sender} -d ${user}@${nexthop} -m ${extension} -a >> ${original_recipient} > >I use plus addressing and this is the entry in the master.cf file from >Postfix: > >dovecot unix - n n - - pipe > flags=DRhu user=vmail:vmail argv=/usr/local/libexec/dovecot/deliver -f ${sender} > -d ${user}@${nexthop} -a ${recipient} > >The "argv" could be different on your system; however the rest should >be the same as mine I would assume. If you do make a change, you will >have to restart Postfix for it to take effect. thanks for your info. I have changed the -a to recipient but nothing changed. I have now changed the if statement to ### if header :contains "Delivered-To" "pdnsusers" { ### this works, but the best would be to be able to use ### if envelope :contains :detail "to" "pdnsusers" { ### Is there a command like 'print envelope' or something else to see what variables and envelope deliver have? Here is the log, maybe you can see more the I ;-) ### Sep 13 00:33:18 lvps46-163-74-15 postfix/smtpd[6011]: connect from localhost.localdomain[127.0.0.1] Sep 13 00:33:52 lvps46-163-74-15 postfix/smtpd[6011]: B1EFE9FECC15: client=localhost.localdomain[127.0.0.1] Sep 13 00:34:12 lvps46-163-74-15 postfix/cleanup[5999]: B1EFE9FECC15: message-id=<20110912223352.B1EFE9FECC15 at external.non e.at> Sep 13 00:34:12 lvps46-163-74-15 postfix/qmgr[22260]: B1EFE9FECC15: from=, size=357, nrcpt=1 (queue active) Sep 13 00:34:12 lvps46-163-74-15 dovecot: lda: Debug: Loading modules from directory: /usr/lib/dovecot/modules Sep 13 00:34:12 lvps46-163-74-15 dovecot: lda: Debug: Module loaded: /usr/lib/dovecot/modules/lib15_notify_plugin.so Sep 13 00:34:12 lvps46-163-74-15 dovecot: lda: Debug: Module loaded: /usr/lib/dovecot/modules/lib20_mail_log_plugin.so Sep 13 00:34:12 lvps46-163-74-15 dovecot: lda: Debug: Module loaded: /usr/lib/dovecot/modules/lib90_sieve_plugin.so Sep 13 00:34:12 lvps46-163-74-15 dovecot: lda: Debug: auth input: al at none.at uid=5000 gid=5000 home=/var/vmail/none.at/al Sep 13 00:34:12 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: Effective uid=5000, gid=5000, home=/var/vmail/none.at/al Sep 13 00:34:12 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: maildir: root exists (/var/vmail/none.at/al/Maildir) Sep 13 00:34:12 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: maildir++: root=/var/vmail/none.at/al/Maildir, index=, control=, inbox=/var/vmail/none.at/al/Maildir, alt= Sep 13 00:34:12 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: none: root=, index=, control=, inbox=, alt= Sep 13 00:34:12 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: Destination address: al-pdnsusers at none.at (source: -a parameter) Sep 13 00:34:12 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: sieve: using sieve path for user's script: /var/vmail/none.at/al/.dovecot.sieve Sep 13 00:34:12 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: sieve: opening script /var/vmail/none.at/al/.dovecot.sieve Sep 13 00:34:12 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: sieve: script binary /var/vmail/none.at/al/.dovecot.svbin successfully loaded Sep 13 00:34:12 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: sieve: binary save: not saving binary /var/vmail/none.at/al/.dovecot.svbin, because it is already stored Sep 13 00:34:12 lvps46-163-74-15 dovecot: lda(al at none.at): Debug: sieve: executing script from /var/vmail/none.at/al/.dovecot.svbin Sep 13 00:34:12 lvps46-163-74-15 dovecot: lda(al at none.at): save: box=INBOX, uid=61, msgid=<20110912223352.B1EFE9FECC15 at external.none.at>, size=412 Sep 13 00:34:12 lvps46-163-74-15 dovecot: lda(al at none.at): sieve: msgid=<20110912223352.B1EFE9FECC15 at external.none.at>: stored mail into mailbox 'INBOX' Sep 13 00:34:12 lvps46-163-74-15 postfix/pipe[6001]: B1EFE9FECC15: to=, relay=dovecot, delay=28, delays=28/0/0/0.02, dsn=2.0.0, status=sent (delivered via dovecot service) Sep 13 00:34:12 lvps46-163-74-15 postfix/qmgr[22260]: B1EFE9FECC15: removed Sep 13 00:34:14 lvps46-163-74-15 postfix/smtpd[6011]: disconnect from localhost.localdomain[127.0.0.1] ### From michael.abbott at apple.com Tue Sep 13 02:00:51 2011 From: michael.abbott at apple.com (Mike Abbott) Date: Mon, 12 Sep 2011 18:00:51 -0500 Subject: [Dovecot] two little fixes for 2.0.14 Message-ID: --- a/dovecot/src/lib-index/mail-index-view.c +++ b/dovecot/src/lib-index/mail-index-view.c @@ -9,7 +9,7 @@ void mail_index_view_clone(struct mail_index_view *dest, const struct mail_index_view *src) { - memset(dest, 0, sizeof(dest)); + memset(dest, 0, sizeof(*dest)); dest->refcount = 1; dest->v = src->v; dest->index = src->index; --- a/dovecot/src/lib-storage/mail-storage-service.c +++ b/dovecot/src/lib-storage/mail-storage-service.c @@ -870,7 +870,7 @@ } user = p_new(user_pool, struct mail_storage_service_user, 1); - memset(user_r, 0, sizeof(user_r)); + memset(user_r, 0, sizeof(*user_r)); user->pool = user_pool; user->input = *input; user->input.userdb_fields = NULL; From tss at iki.fi Tue Sep 13 02:10:29 2011 From: tss at iki.fi (Timo Sirainen) Date: Tue, 13 Sep 2011 02:10:29 +0300 Subject: [Dovecot] two little fixes for 2.0.14 In-Reply-To: References: Message-ID: <19B9A715-148B-4FCC-897F-D9F8CD5ECD77@iki.fi> On 13.9.2011, at 2.00, Mike Abbott wrote: > --- a/dovecot/src/lib-index/mail-index-view.c > +++ b/dovecot/src/lib-index/mail-index-view.c > @@ -9,7 +9,7 @@ > void mail_index_view_clone(struct mail_index_view *dest, > const struct mail_index_view *src) > { > - memset(dest, 0, sizeof(dest)); > + memset(dest, 0, sizeof(*dest)); > dest->refcount = 1; > dest->v = src->v; > dest->index = src->index; Luckily the only caller had it already cleared. Fixed anyway. > --- a/dovecot/src/lib-storage/mail-storage-service.c > +++ b/dovecot/src/lib-storage/mail-storage-service.c > @@ -870,7 +870,7 @@ > } > > user = p_new(user_pool, struct mail_storage_service_user, 1); > - memset(user_r, 0, sizeof(user_r)); > + memset(user_r, 0, sizeof(*user_r)); > user->pool = user_pool; > user->input = *input; > user->input.userdb_fields = NULL; Here the sizeof() is the same in both cases, but the entire memset() is rather pointless, so removed it. Did you find these with some tool, or grepping manually? :) From dovecot.user at seibercom.net Tue Sep 13 02:17:07 2011 From: dovecot.user at seibercom.net (Jerry) Date: Mon, 12 Sep 2011 19:17:07 -0400 Subject: [Dovecot] Sieve envelope :detail "to" "extention" does not deliver to fileinto destination In-Reply-To: <20110912224244.GA27446@none.at> References: <20110912171448.GB320@none.at> <20110912142239.7ec8eb49@scorpio> <20110912224244.GA27446@none.at> Message-ID: <20110912191707.42127757@scorpio> On Tue, 13 Sep 2011 00:42:44 +0200 Aleksandar Lazic articulated: > Dear Jerry, > > On Mon 12.09.2011 14:22, Jerry wrote: > >On Mon, 12 Sep 2011 19:14:48 +0200 > >Aleksandar Lazic articulated: > > > > > > > >> dovecot unix - n n - - pipe > >> flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f > >> ${sender} -d ${user}@${nexthop} -a ${original_recipient} > >> # flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f > >> ${sender} -d ${user}@${nexthop} -m ${extension} -a > >> ${original_recipient} > > > >I use plus addressing and this is the entry in the master.cf file > >from Postfix: > > > >dovecot unix - n n - - pipe > > flags=DRhu user=vmail:vmail > > argv=/usr/local/libexec/dovecot/deliver -f ${sender} -d > > ${user}@${nexthop} -a ${recipient} > > > >The "argv" could be different on your system; however the rest should > >be the same as mine I would assume. If you do make a change, you will > >have to restart Postfix for it to take effect. > > thanks for your info. > I have changed the -a to recipient but nothing changed. > > I have now changed the if statement to > > ### > if header :contains "Delivered-To" "pdnsusers" { > ### > > this works, but the best would be to be able to use > > ### > if envelope :contains :detail "to" "pdnsusers" { > ### > > Is there a command like 'print envelope' or something else to see what > variables and envelope deliver have? This is what I use, and it works fine. The example is something I use for FreeBSD. Example address: user+fbsd at example.com This is my sieve recipe: if envelope :detail "To" "fbsd" {fileinto "FreeBSD"; stop;} I hope this helps. -- Jerry ? Dovecot.user at seibercom.net Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __________________________________________________________________ Quidquid latine dictum sit, altum viditur. (Whatever is said in Latin sounds profound.) From mike at skew.org Tue Sep 13 05:55:34 2011 From: mike at skew.org (Mike Brown) Date: Mon, 12 Sep 2011 20:55:34 -0600 Subject: [Dovecot] signal 11 crash, sometimes, during mbox bz2 decompression In-Reply-To: <1315826932.7326.27.camel@hurina> References: <201108161100.p7GB0P3R073897@chilled.skew.org> <1314121664.10421.1314.camel@hurina> <4E6DC8FA.2050709@skew.org> <1315826932.7326.27.camel@hurina> Message-ID: <4E6EC626.2040305@skew.org> On 9/12/2011 5:28 AM, Timo Sirainen wrote: > Oh, wonder why no one else has complained about that. Fixed: > http://hg.dovecot.org/dovecot-2.0/rev/a930318a74a1 I tested this patch, and it's working like a charm. Thanks! From janfrode at tanso.net Tue Sep 13 09:34:12 2011 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Tue, 13 Sep 2011 08:34:12 +0200 Subject: [Dovecot] director ignoring director_mail_servers for lmtp connections In-Reply-To: <1315842951.89437.YahooMailNeo@web29120.mail.ird.yahoo.com> References: <1315842951.89437.YahooMailNeo@web29120.mail.ird.yahoo.com> Message-ID: <20110913063412.GA24399@oc1046828364.ibm.com> On Mon, Sep 12, 2011 at 04:55:51PM +0100, mailing lists wrote: > > how I can redirect incoming lmtp request to backend lmtp servers (and not just one)? what I'm missing here? > > director_mail_servers = 101.180.245.101 > director_servers = 101.180.245.101 Is this a loop maybe? director_mail_servers should list all your backend dovecot servers, space separated. Here's mine: director_mail_servers = 192.168.42.7 192.168.42.8 192.168.42.9 192.168.42.10 192.168.42.11 192.168.42.28 192.168.42.29 and director_servers should list all your director servers so that they can share info on where to direct each user, like: director_servers = 192.168.42.15 192.168.42.17 Then, if this is configured correctly "doveadm director status" should list your backend director_mail_servers: $ sudo doveadm director status mail server ip vhosts users 192.168.42.28 100 5220 192.168.42.29 100 4733 $ sudo doveadm director status janfrode at tanso.net Current: 192.168.42.28 (expires 2011-09-13 08:46:42) Hashed: 192.168.42.28 Initial config: 192.168.42.11 -jf From listas.correo at yahoo.es Tue Sep 13 10:45:34 2011 From: listas.correo at yahoo.es (mailing lists) Date: Tue, 13 Sep 2011 08:45:34 +0100 (BST) Subject: [Dovecot] director ignoring director_mail_servers for lmtp connections Message-ID: <1315899934.22565.YahooMailNeo@web29117.mail.ird.yahoo.com> On 09/13/2011 08:34 AM, Jan-Frode Myklebust wrote: > On Mon, Sep 12, 2011 at 04:55:51PM +0100, mailing lists wrote: >> >> director_mail_servers = 101.180.245.101 >> director_servers = 101.180.245.101 it works with imap connections, so I assumed it also would do it for lmtp. Sep 13 09:04:03 imap1 dovecot: imap-login: proxy(user001): started proxying to 10.180.245.101:143: user=, method=PLAIN, rip=::1, lip=:??? :1, secured > Is this a loop maybe?? director_mail_servers should list all > your backend dovecot servers, space separated. Here's mine: > > ??? director_mail_servers = 192.168.42.7 192.168.42.8 192.168.42.9 192.168.42.10 192.168.42.11 192.168.42.28 192.168.42.29 using only one director and backend would be fine for tests purposes (as it was with imap and not loops were formed) What I don't understand is why director insists in providing a proxy host from passdb when all it needs to do is pick the ones in director_mail_servers ?? Sep 12 17:14:13 imap1 dovecot: lmtp(25682): Error: proxy: host not given please could you post you lmtp configuration?? From pit11 at ukr.net Tue Sep 13 11:06:23 2011 From: pit11 at ukr.net (Peter Ignatov) Date: Tue, 13 Sep 2011 11:06:23 +0300 Subject: [Dovecot] Quota fs (don't start script quota-warning.sh) Message-ID: Hi, # doveadm -Dv quota get -u pit doveadm(pit): Debug: auth input: pit system_groups_user=pit uid=500 gid=500 home=/home/pit doveadm(pit): Debug: Effective uid=500, gid=500, home=/home/pit doveadm(pit): Debug: Quota root: name=INBOX backend=fs args=mount=/var/spool/mail doveadm(pit): Debug: Quota rule: root=INBOX mailbox=* bytes=19922944 messages=0 doveadm(pit): Debug: Quota warning: bytes=3984588 (20%) messages=0 reverse=no command=quota-warning 20 pit doveadm(pit): Debug: fs: root=/home/pit/mail, index=, control=, inbox=/var/spool/mail/pit doveadm(pit): Debug: fs quota add mailbox dir = /var/spool/mail doveadm(pit): Debug: fs quota block device = /dev/mapper/mpath1p1 doveadm(pit): Debug: fs quota mount point = /var/spool/mail doveadm(pit): Debug: fs quota mount type = ext2 Quota name Type Value Limit % INBOX STORAGE 4824 19456 24 But don't start script quota-warning.sh: #!/bin/sh PERCENT=$1 USER=$2 cat << EOF | /usr/libexec/dovecot/dovecot-lda -d $USER -o "plugin/quota=fs:INBOX:mount=/var/spool/mail:noenforcing" From: postmaster at domen.org Subject: quota warning Your mailbox is now $PERCENT% full. EOF #dovecot -n # 2.0.13: /etc/dovecot/dovecot.conf # OS: Linux 2.6.18-274.3.1.el5.asp121 x86_64 Red Hat Enterprise Linux Server release 5.6 (Tikanga) disable_plaintext_auth = no listen = * log_path = /var/log/dovecot.log mail_debug = yes mail_location = mbox:~/mail:INBOX=/var/spool/mail/%u mail_plugins = quota mail_privileged_group = mail mbox_write_locks = fcntl passdb { driver = pam } plugin { quota = fs:INBOX:mount=/var/spool/mail quota_rule = *:storage=19456 quota_warning = storage=20%% quota-warning 20 %u } protocols = pop3 service quota-warning { executable = script /usr/local/bin/quota-warning.sh unix_listener quota-warning { mode = 0666 } user = root } ssl_cert = References: Message-ID: <1315901546.10952.3.camel@hurina> On Tue, 2011-09-13 at 11:06 +0300, Peter Ignatov wrote: > Hi, > > # doveadm -Dv quota get -u pit > doveadm(pit): Debug: auth input: pit system_groups_user=pit uid=500 gid=500 home=/home/pit > doveadm(pit): Debug: Effective uid=500, gid=500, home=/home/pit > doveadm(pit): Debug: Quota root: name=INBOX backend=fs args=mount=/var/spool/mail > doveadm(pit): Debug: Quota rule: root=INBOX mailbox=* bytes=19922944 messages=0 > doveadm(pit): Debug: Quota warning: bytes=3984588 (20%) messages=0 reverse=no command=quota-warning 20 pit > Quota name Type Value Limit % > INBOX STORAGE 4824 19456 24 > > But don't start script quota-warning.sh: Have you read (and understood) when the quota warning gets run? Just because you're over quota now doesn't mean that the script is going to be run. http://wiki2.dovecot.org/Quota/Configuration#Quota_warnings (It's possible that there's a bug here with FS quota since no one's probably tried it before, but it's a lot of trouble for me to actually test that..) From listas.correo at yahoo.es Tue Sep 13 11:34:22 2011 From: listas.correo at yahoo.es (mailing lists) Date: Tue, 13 Sep 2011 09:34:22 +0100 (BST) Subject: [Dovecot] director ignoring director_mail_servers for lmtp connections Message-ID: <1315902862.4818.YahooMailNeo@web29104.mail.ird.yahoo.com> Hello, it works!! I was missing this line "auth_socket_path = director-userdb" Sep 13 10:26:12 imap1 dovecot: auth: Debug: master in: PASS?? 1?????? user001 at example.com ?? service=lmtp??? lip=100.180.245.101????? lport=1024? 8 Sep 13 10:26:12 imap1 dovecot: auth: Debug: static(user001 at example.com,100.180.242.38): lookup Sep 13 10:26:12 imap1 dovecot: auth: Debug: password(user001 at example.com,100.180.242.38): Credentials: Sep 13 10:26:12 imap1 dovecot: auth: Debug: master out: PASS? 1?????? user=user001 at example.com ????? proxy?? port=24 Sep 13 10:26:12 imap1 dovecot: lmtp(29659): Debug: auth input: user=user001 at example.com proxy port=24 host=100.180.245.101 proxy_refresh=450 Sep 13 10:26:12 imap1 dovecot: lmtp(29658): Debug: none: root=, index=, control=, inbox=, alt= Sep 13 10:26:12 imap1 dovecot: lmtp(29658): Connect from 100.180.245.101 full config for the archives: # dovecot? -c /etc/dovecot-director/dovecot.conf -n # 2.0.14: /etc/dovecot-director/dovecot.conf # OS: Linux 2.6.34.7-0.7-xen x86_64 openSUSE 11.3 (x86_64) auth_debug = yes auth_debug_passwords = yes auth_verbose = yes auth_verbose_passwords = plain base_dir = /var/run/dovecot-director/ director_mail_servers = 100.180.245.101 director_servers = 100.180.245.101 disable_plaintext_auth = no lmtp_proxy = yes mail_debug = yes mail_fsync = always mail_gid = 5000 mail_nfs_index = yes mail_nfs_storage = yes mail_plugins = acl mail_uid = 5000 managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy ine mmap_disable = yes passdb { ? args = proxy=y nopassword=y ? driver = static } plugin { ? acl = vfile ? sieve = ~/.dovecot.sieve ? sieve_dir = ~/sieve } protocols = imap lmtp service auth { ? unix_listener auth-userdb { ??? group = vmail ??? mode = 0666 ??? user = vmail ? } } service director { ? fifo_listener login/proxy-notify { ??? mode = 0666 ? } ? inet_listener { ??? port = 9090 ? } ? unix_listener director-userdb { ??? mode = 0666 ? } ? unix_listener login/director { ??? mode = 0666 ? } } service imap-login { ? executable = imap-login director ? inet_listener imap { ??? port = 10143 ? } } service lmtp { ? inet_listener lmtp { ??? port = 1024 ? } } ssl = no verbose_proctitle = yes protocol lmtp { ? auth_socket_path = director-userdb ? passdb { ??? args = proxy=y nopassword=y port=24 ??? driver = static ? } } protocol imap { ? mail_max_userip_connections = 100 } From tss at iki.fi Tue Sep 13 11:39:37 2011 From: tss at iki.fi (Timo Sirainen) Date: Tue, 13 Sep 2011 11:39:37 +0300 Subject: [Dovecot] 2.1: imapc SUBSCRIBE problem In-Reply-To: References: <1315563414.3876.50.camel@hurina> <20110909102128.GA762256@gabi.sernet.de> <20110909144349.GA846637@gabi.sernet.de> <1315822557.7326.0.camel@hurina> Message-ID: <1315903179.10952.4.camel@hurina> On Tue, 2011-09-13 at 00:10 +0200, Lutz Pre?ler wrote: > On Mo, 12 Sep 2011, Timo Sirainen wrote: > > On 12.9.2011, at 21.15, Lutz Pre?ler wrote: > > > Not really. No error on SUBSCRIBE anymore, but it does not work > > > permanently: > > > > > > 0 lsub "" "*" > > > * LSUB () "." "INBOX.test.test2" > > > [... further entries ...] > > > 0 OK Lsub completed. > > > 0 subscribe "INBOX.gmail.[Gmail].Spam" > > > 0 OK Subscribe completed. > > > <--- now subscriptions file includes > > > "gmail.[Gmail]/Spam" > The problem seems to be the different separators (I missed the "/" > earlier). First level mailboxes on gmail do work (I mixed it up... > INBOX.gmail.INBOX is fine, as is INBOX.gmail.test). Fixed: http://hg.dovecot.org/dovecot-2.1/rev/f3eb6cc4b627 > I also tested subscriptions=yes now. That works as expected. (Some glitch > with "INBOX.gmail.[Gmail]" not beeing UNSUBSCRIBEbable when \Noselect, > but that's probably a Gmail IMAP problem). Fixed: http://hg.dovecot.org/dovecot-2.1/rev/50d0906b556f From cgregoir99 at yahoo.com Tue Sep 13 11:59:08 2011 From: cgregoir99 at yahoo.com (Christian Gregoire) Date: Tue, 13 Sep 2011 09:59:08 +0100 (BST) Subject: [Dovecot] Dovecot and Lustre FS Message-ID: <1315904348.54893.YahooMailNeo@web29004.mail.ird.yahoo.com> Hello, Right now, I'm using Exim and a customized version of an old?(10 years old)?Atmail POP3 server written in Perl, with ~10000 mailboxes located on a?Lustre file system.?So far so good. Though, I plan to migrate from Atmail to Dovecot, to provide our customers with IMAP support. Has anyone any experience with Dovecot on Lustre FS ? Thanks Christian ? From tss at iki.fi Tue Sep 13 12:04:43 2011 From: tss at iki.fi (Timo Sirainen) Date: Tue, 13 Sep 2011 12:04:43 +0300 Subject: [Dovecot] Dovecot and Lustre FS In-Reply-To: <1315904348.54893.YahooMailNeo@web29004.mail.ird.yahoo.com> References: <1315904348.54893.YahooMailNeo@web29004.mail.ird.yahoo.com> Message-ID: <1315904688.10952.6.camel@hurina> On Tue, 2011-09-13 at 09:59 +0100, Christian Gregoire wrote: > Right now, I'm using Exim and a customized version of an old (10 years > old) Atmail POP3 server written in Perl, with ~10000 mailboxes located > on a Lustre file system. So far so good. > > Though, I plan to migrate from Atmail to Dovecot, to provide our > customers with IMAP support. Has anyone any experience with Dovecot on > Lustre FS ? If there's just one Dovecot server accessing mails, there shouldn't be any problems. If there are more, you should read http://wiki2.dovecot.org/MailLocation/SharedDisk and stress test the same mailbox at the same time from 2+ servers using http://imapwiki.org/ImapTest From tss at iki.fi Tue Sep 13 12:11:04 2011 From: tss at iki.fi (Timo Sirainen) Date: Tue, 13 Sep 2011 12:11:04 +0300 Subject: [Dovecot] MySQL, map files In-Reply-To: <1315851815.71073.YahooMailNeo@web39415.mail.mud.yahoo.com> References: <1315525950.915.YahooMailNeo@web39420.mail.mud.yahoo.com> <1315828341.7326.35.camel@hurina> <1315851815.71073.YahooMailNeo@web39415.mail.mud.yahoo.com> Message-ID: <1315905064.10952.10.camel@hurina> On Mon, 2011-09-12 at 11:23 -0700, Steve Fatula wrote: > >> http://dovecot.org/patches/1.2/ldap/HOWTO_dictldap+extdata.txt > >> > >> > >> You will see lots of statements, not sure which ones can be used for > >> MySQL (instead of LDAP). > > > > That patch's mapping references to Pigeonhole's extdata plugin. If you > > install that plugin you can use SQL or flat file for the same maps. > > > > > Ok, so, now we get to the issue. What syntax can be used for the extdata plugin? > > If I have an existing MySQL table with the structure: > > username > preference > value > > Username would be the dovecot user name. preference would be a constant, and, value is the variable I want to set via the extdata plugin. The primary key is username + preference (constant, in this case, say it's set to "POP3"). I want to use extdata to retrieve that value. Can it be done using extdata and MySQL map syntax, and if so, can you provide an example? Can I specify the query itself (i.e., select value from table t, another table at where....) Well, there are two fields that you need to map: responder_mode and responder_text (explained in the .txt file). Lets assume you have those two fields in an SQL table named responders. The maps would then be: map { pattern = priv/responder_mode table = responders username_field = username value_field = responder_mode } map { pattern = priv/responder_text table = responders username_field = username value_field = responder_text } You can change anything above except the patterns. From tss at iki.fi Tue Sep 13 12:45:26 2011 From: tss at iki.fi (Timo Sirainen) Date: Tue, 13 Sep 2011 12:45:26 +0300 Subject: [Dovecot] mysql auth failover failing In-Reply-To: <4E6E6AE9.6040105@acm.org> References: <4E6ACC6C.6020200@acm.org> <1315830646.7326.46.camel@hurina> <4E6E6AE9.6040105@acm.org> Message-ID: <1315907129.10952.12.camel@hurina> On Mon, 2011-09-12 at 13:26 -0700, Paul B. Henson wrote: > > I'll try to debug this soon. > > Thanks; let me know if there's anything I could do to help, or if there > are any potential fixes you would like tested. I can't seem to be able to reproduce this. It always connects to the second MySQL without any user visible errors. What does it log with the attached debug patch? -------------- next part -------------- A non-text attachment was scrubbed... Name: diff Type: text/x-patch Size: 3408 bytes Desc: not available URL: From ibrahim.harrani at gmail.com Tue Sep 13 13:53:59 2011 From: ibrahim.harrani at gmail.com (Ibrahim Harrani) Date: Tue, 13 Sep 2011 13:53:59 +0300 Subject: [Dovecot] "Waiting for authentication process to respond" for invalid users with auth_dovecot Message-ID: Hi, I am testing dovecot 2.0.13 and 2.0.14 with qmail-ldap and auth_dovecot patch. If i login to dovecot (pop3/imap) with correct user and password. no problem, I can login immediately. but if I try with nonexistant user, dovecot does not immediate answer, wait for a while and says "Waiting for authentication process to respond." auth_dovecot process remains working in the background. How can I avoid this situation? # telnet 0 143 Trying 0.0.0.0... Connected to 0. Escape character is '^]'. * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS AUTH=PLAIN] Dovecot ready. o login validuser validpass o OK [CAPABILITY IMAP4rev1 LITERAL+ SASL o login validuser wrongpass o NO [UNAVAILABLE] Temporary authentication failure. o login non-existant anypass * OK Waiting for authentication process to respond.. Here is output of dovecot -n # OS: Linux 2.6.32-71.el6.x86_64 x86_64 CentOS Linux release 6.0 (Final) auth_debug = yes auth_verbose = yes base_dir = /var/run/dovecot disable_plaintext_auth = no first_valid_gid = 100 last_valid_gid = 65000 last_valid_uid = 65000 listen = * log_path = /var/log/dovecot mail_debug = yes mail_location = maildir:~/Maildir passdb { args =/opt/qmail/smtp/bin/auth_dovecot ./Maildir/ driver = checkpassword } plugin { mechanisms = plain login quota = maildir } protocols = imap pop3 service imap-login { inet_listener imaps { port = 993 ssl = yes } process_min_avail = 1 } service imap-postlogin { executable = script-login /opt/qmail/scripts/dovecotpostlogin.sh } service imap { executable = imap imap-postlogin } service pop3-login { inet_listener pop3s { port = 995 ssl = yes } process_min_avail = 1 } ssl_cert = References: <1315904348.54893.YahooMailNeo@web29004.mail.ird.yahoo.com> Message-ID: <4E6F4EAE.30303@iinet.com.au> Hi Gregoire, > [..] with ~10000 mailboxes located on a Lustre file system. So far so good. This may be a bit off topic but... I thought that a lustre filesystem was not designed to store a lot of small files (e.g: due to MDS inodes) Can you tell us more about your experience ? Thomas From marcin at mejor.pl Tue Sep 13 16:42:16 2011 From: marcin at mejor.pl (=?UTF-8?B?TWFyY2luIE1pcm9zxYJhdw==?=) Date: Tue, 13 Sep 2011 15:42:16 +0200 Subject: [Dovecot] Problem with configuring dovecot to take namespaces from database In-Reply-To: <1315822918.7326.5.camel@hurina> References: <4E6782CB.1060803@mejor.pl> <04EE142A-25EF-4018-A8AB-C3A35CDF7B4E@iki.fi> <4E6786CF.2020102@mejor.pl> <4E678B66.60602@mejor.pl> <8F07F485-4BC4-40E5-A520-7F59C87A7863@iki.fi> <4E688A28.1090800@mejor.pl> <1315474812.3876.23.camel@hurina> <4E68A060.8090306@mejor.pl> <1315487921.3876.40.camel@hurina> <4E69F758.8050008@mejor.pl> <1315822918.7326.5.camel@hurina> Message-ID: <4E6F5DB8.60201@mejor.pl> W dniu 12.09.2011 12:21, Timo Sirainen pisze: > Not exactly like that, but you should be able to have a field called > "userdb_import" that contains data like: > > namespace=n1 n2namespace/n1/prefix=blah.etc. other fields > > Thes would of course have to be actual tab characters. Cool. I've changed field separator in db to more visible for human eyes, next i do replace in sql to tab and works good. Thank you for help! Regards, Marcin From cgregoir99 at yahoo.com Tue Sep 13 16:58:24 2011 From: cgregoir99 at yahoo.com (Christian Gregoire) Date: Tue, 13 Sep 2011 14:58:24 +0100 (BST) Subject: [Dovecot] Re : Dovecot and Lustre FS In-Reply-To: <4E6F4EAE.30303@iinet.com.au> References: <1315904348.54893.YahooMailNeo@web29004.mail.ird.yahoo.com> <4E6F4EAE.30303@iinet.com.au> Message-ID: <1315922304.12541.YahooMailNeo@web29005.mail.ird.yahoo.com> >> [..] with ~10000 mailboxes located on a Lustre file system. So far so good. >This may be a bit off topic but... I thought that a lustre filesystem was not designed to store a lot of small files (e.g: due to MDS inodes) >Can you tell us more about your experience ? Hi Thomas, We've developped our own MDA, and customized the POP server, thus for a given email, headers are stored in a MySQL database and the whole message (headers+body, mbox format) in the Lustre FS, in a directory based on the last 3 digits of its internal id (MySQL autoincrement) : 000 ?\_986544000 <- one email ?\_852125000 ??[...] 001 ?\_780284001 ?\_986545001 ??[...] [...] 999 ?\_489288999 ?\_326541999 ??[...] As we only provide POP support, we reach a maximum of 2500 files per directory. Lustre version is 1.4, with one MDS and 3 OST. We have 9 SMTP/POP servers connected to the LFS. Indeed, I have many concerns about IMAP+Lustre. For example,?should I use mbox or maildir ? I'd go with the second one but really don't know how Lustre would behave with potentially tens of thousands of files in one directory (according to the Lustre FAQ, it should perform fine :?http://wiki.lustre.org/index.php/FAQ_-_Sizing), but ... I've been through some previous posts (http://dovecot.org/list/dovecot/2010-January/046106.html and?http://www.dovecot.org/list/dovecot/2010-March/047673.html) and I'm also wondering whether I should switch to another FS. Any advice ? What is the most widely used clustered FS with Dovecot ?? Thanks in avance for sharing your experience. Christian From tss at iki.fi Tue Sep 13 17:06:20 2011 From: tss at iki.fi (Timo Sirainen) Date: Tue, 13 Sep 2011 17:06:20 +0300 Subject: [Dovecot] Re : Dovecot and Lustre FS In-Reply-To: <1315922304.12541.YahooMailNeo@web29005.mail.ird.yahoo.com> References: <1315904348.54893.YahooMailNeo@web29004.mail.ird.yahoo.com> <4E6F4EAE.30303@iinet.com.au> <1315922304.12541.YahooMailNeo@web29005.mail.ird.yahoo.com> Message-ID: <0621D64A-1E76-41AE-A1A6-9D6ECBF2299A@iki.fi> On 13.9.2011, at 16.58, Christian Gregoire wrote: > Indeed, I have many concerns about IMAP+Lustre. For example, should I use mbox or maildir ? I'd go with the second one but really don't know how Lustre would behave with potentially tens of thousands of files in one directory (according to the Lustre FAQ, it should perform fine : http://wiki.lustre.org/index.php/FAQ_-_Sizing), but ... You should try Dovecot's mdbox format. From Lutz.Pressler at SerNet.DE Tue Sep 13 19:12:37 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Tue, 13 Sep 2011 18:12:37 +0200 Subject: [Dovecot] imapc and imap_acl Message-ID: Hello (Timo), yes, I know... maybe it's a bit far fetched, but I do have a use case. Would it be (reasonably easily) possible to implement IMAP ACL support for "imported" imapc namespaces/mailboxes? There is no local directory (like with the virtual plugin) yet... Greetings, Lutz -- Lutz Pre?ler http://www.SerNet.DE/ SerNet Service Network GmbH, Bahnhofsallee 1b, D-37081 G?ttingen Tel.: +49-551-370000-2, FAX: +49-551-370000-9 AG G?ttingen, HRB 2816, GF: Dr. Johannes Loxen From tss at iki.fi Tue Sep 13 19:22:03 2011 From: tss at iki.fi (Timo Sirainen) Date: Tue, 13 Sep 2011 19:22:03 +0300 Subject: [Dovecot] imapc and imap_acl In-Reply-To: References: Message-ID: <57674CC7-1F64-4131-98C6-45CF8B54F23B@iki.fi> On 13.9.2011, at 19.12, Lutz Pre?ler wrote: > yes, I know... maybe it's a bit far fetched, but I do have a use case. > Would it be (reasonably easily) possible to implement IMAP ACL > support for "imported" imapc namespaces/mailboxes? > There is no local directory (like with the virtual plugin) yet... You mean you'd want local ACLs that apply to imapc mailboxes? I think that should work. For example if you set: mail_location = imapc:~/imapc Then for mailbox foo/bar the ACL file should be in ~/imapc/.foo.bar/dovecot-acl "Proxying" remote IMAP ACLs isn't possible and I'm not sure how that could be nicely implemented. From Lutz.Pressler at SerNet.DE Tue Sep 13 19:46:31 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Tue, 13 Sep 2011 18:46:31 +0200 Subject: [Dovecot] imapc and imap_acl In-Reply-To: <57674CC7-1F64-4131-98C6-45CF8B54F23B@iki.fi> References: <57674CC7-1F64-4131-98C6-45CF8B54F23B@iki.fi> Message-ID: On Di, 13 Sep 2011, Timo Sirainen wrote: > On 13.9.2011, at 19.12, Lutz Pre?ler wrote: > > > yes, I know... maybe it's a bit far fetched, but I do have a use case. > > Would it be (reasonably easily) possible to implement IMAP ACL > > support for "imported" imapc namespaces/mailboxes? > > There is no local directory (like with the virtual plugin) yet... > > You mean you'd want local ACLs that apply to imapc mailboxes? Yes, exactly. Great for "integrating" legacy IMAP servers without e.g. ACL support. > I think that should work. For example if you set: > > mail_location = imapc:~/imapc Oh, had not realized that a path argument is possible for imapc:. There are even index file then... > > Then for mailbox foo/bar the ACL file should be in ~/imapc/.foo.bar/dovecot-acl It almost works: Sep 13 18:37:58 hhh dovecot: imap(4482, uuu): Error: file_dotlock_open(/home/uuu/Maildir/gmail/.[Gmail].Alle Nachrichten /dovecot-acl) failed: No such file or directory After manually creating the ".[Gmail].Alle Nachrichten" directory, SETACL succeeds. > > "Proxying" remote IMAP ACLs isn't possible and I'm not sure how that could be nicely implemented. Would surely have it's use, too (but not here at the moment). Thanks, Lutz From Lutz.Pressler at SerNet.DE Tue Sep 13 19:58:31 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Tue, 13 Sep 2011 18:58:31 +0200 Subject: [Dovecot] multiple "imapc namespaces" Re: imapc and imap_acl In-Reply-To: <20110913164631.GA1874905@gabi.sernet.de> References: <57674CC7-1F64-4131-98C6-45CF8B54F23B@iki.fi> <20110913164631.GA1874905@gabi.sernet.de> Message-ID: On Tue, 13 Sep 2011, Lutz Pre?ler wrote: > On Di, 13 Sep 2011, Timo Sirainen wrote: > > mail_location = imapc:~/imapc > Oh, had not realized that a path argument is possible for imapc:. There are > even index file then... What about taking imapc parameters/credentials optionally from a file in this directory (like dovecot-virtual)? Lutz From al-dovecot at none.at Tue Sep 13 20:07:10 2011 From: al-dovecot at none.at (Aleksandar Lazic) Date: Tue, 13 Sep 2011 19:07:10 +0200 Subject: [Dovecot] Sieve envelope :detail "to" "extention" does not deliver to fileinto destination In-Reply-To: <20110912191707.42127757@scorpio> References: <20110912171448.GB320@none.at> <20110912142239.7ec8eb49@scorpio> <20110912224244.GA27446@none.at> <20110912191707.42127757@scorpio> Message-ID: <20110913170709.GA31770@none.at> On Mon 12.09.2011 19:17, Jerry wrote: >On Tue, 13 Sep 2011 00:42:44 +0200 >Aleksandar Lazic articulated: [snip] >> ### >> if envelope :contains :detail "to" "pdnsusers" { >> ### >> >> Is there a command like 'print envelope' or something else to see >> what variables and envelope deliver have? > >This is what I use, and it works fine. The example is something I use >for FreeBSD. > >Example address: user+fbsd at example.com > >This is my sieve recipe: > >if envelope :detail "To" "fbsd" {fileinto "FreeBSD"; stop;} > >I hope this helps. Thanks for you help. I haven't solved the issue, I moved to if header :contains "to" "pdnsusers" { fileinto "Lists.pdnsusers"; } Cheers Aleks From james.r.carr at gmail.com Tue Sep 13 20:24:38 2011 From: james.r.carr at gmail.com (James Carr) Date: Tue, 13 Sep 2011 12:24:38 -0500 Subject: [Dovecot] Migrating a dovecot setup from one server to another Message-ID: Hi All, I have a server with a dovecot + postfix setup and unfortunately the server is EOL'd. I have built a new ubuntu server out and I'm in the process of migrating everything over. In migrating the dovecot setup over, this is the list of items I have done: install dovecot, postfix, etc on the new server copy configuration files over copy /var/spool and /var/mail over Is there anything else I need to consider before switching MX records to point to the new server? Thanks, James From niksfirefly at net2000.pl Tue Sep 13 20:34:35 2011 From: niksfirefly at net2000.pl (Maciek Jackowski) Date: Tue, 13 Sep 2011 19:34:35 +0200 Subject: [Dovecot] any drawbacks with using Mailbox sharing with symlinks??? Message-ID: are there any drawbacks with using Mailbox sharing with symlinks??? based on: http://wiki.dovecot.org/SharedMailboxes/Symlinks I got virtual users with same permission unix user/group and didnt noticed any drawbacks yet but i want to ask From micah at riseup.net Tue Sep 13 23:16:28 2011 From: micah at riseup.net (Micah Anderson) Date: Tue, 13 Sep 2011 16:16:28 -0400 Subject: [Dovecot] quota percents References: <87sjo5wkfy.fsf@algae.riseup.net> <1315824208.7326.21.camel@hurina> <8739g1ka62.fsf@algae.riseup.net> Message-ID: <87wrdcfbab.fsf@algae.riseup.net> Timo Sirainen writes: > On 12.9.2011, at 19.17, Micah Anderson wrote: > >>>> However, it doesn't seem to work in practice, because I have a user that >>>> is at 99% of quota, with nothing in the Trash who cannot move a 77KB >>>> message into the Trash without getting the quota_exceeded message and >>>> refusing to move it. >>> >>> dovecot -n output? >> >> namespace { >> inbox = yes >> location = >> prefix = >> separator = . >> } >> namespace { >> hidden = yes >> inbox = no >> list = no >> location = >> prefix = INBOX. >> separator = . >> } > > Maybe the client is using the INBOX. namespace and trying to copy to INBOX.Trash instead of Trash? You could try adding another quota rule for INBOX.Trash. I should probably also change the quota code to follow "alias_for" directives. Then you could have only a single Trash, if you add "alias_for = " to the INBOX. namespace. ok, I made an INBOX.Trash quota rule: 90-quota.conf: quota_rule = *:bytes=24117248 90-quota.conf: quota_rule2 = Trash:bytes=+10%% 90-quota.conf: quota_rule2 = INBOX.Trash:bytes=+10%% 90-quota.conf: quota_rule3 = INBOX.Spam:bytes=+20%% and that seemed to solve the problem! micah ps - its very annoying to test quota with thunderbird, it doesn't update the information very reliably. -- From stephan at rename-it.nl Tue Sep 13 23:56:09 2011 From: stephan at rename-it.nl (Stephan Bosch) Date: Tue, 13 Sep 2011 22:56:09 +0200 Subject: [Dovecot] Released Pigeonhole v0.2.4 for Dovecot v2.0.14 Message-ID: <4E6FC369.1090506@rename-it.nl> Hello Dovecot users, I release a new version of Pigeonhole tonight. This release extends the configuration capabilities of the include and vacation extensions, adds the ihave extension (RFC 5463), and fixes a few small other things. Judging by Timo's plans, this will be one of the last feature releases for Dovecot v2.0, since I'll be switching active development to Dovecot v2.1 once that matures a little more. Changelog v0.2.4: + Vacation extension: finally added support for using the original recipient in vacation address check. It is also possible to disable the recipient address check entirely. Check doc/vacation.txt for configuration information. + Include extension: made limits on the include depth and the total number of included scripts configurable. Check doc/include.txt for configuration information. + Implemented ihave extension. This allows checking for the availability of Sieve language extensions at 'runtime'. Actually, this is checked at compile time. At runtime the interpreter checks whether extensions that were not previously available are still unavailable. If the situation changed, the script is re-compiled and the ihave tests are evaluated again. + Sieve: optimized compilation of tests that yield constant results (i.e. known at compile tme), such as 'true' and 'false'. No code is produced anymore for script sections that are never executed. Also, semantics are not verified anymore in uncompiled script sections. + Made vnd.dovecot.debug extension available to the LDA plugin instead of only the command line tools. + Sieve: redirect action now adds X-Sieve-Redirected-From header (mainly for people using SPF/SRS). - Sieve: fixed bug in handling flags and keywords; in case of error an assertion was triggered. - Script storage: improved handling of unconfigured user home directory. Originally this would produce an unhelpful error message. - Imap4flags extension: prevent forcibly enabling imap4flags when imapflags is enabled. - Fixed various -Wunused-but-set-variable compiler warnings. - Include extension: forgot to check variable identifier syntax for 'global' command. - Sieve: fixed debug mode; no messages were logged in some situations. - sievec tool: forgot to enable -D (debug) parameter. The release is available as follows: http://www.rename-it.nl/dovecot/2.0/dovecot-2.0-pigeonhole-0.2.4.tar.gz http://www.rename-it.nl/dovecot/2.0/dovecot-2.0-pigeonhole-0.2.4.tar.gz.sig Refer to http://pigeonhole.dovecot.org and the Dovecot v2.0 wiki for more information. Have fun testing this new release and don't hesitate to notify me when there are any problems. Regards, -- Stephan Bosch stephan at rename-it.nl From simon.brereton at buongiorno.com Wed Sep 14 00:47:18 2011 From: simon.brereton at buongiorno.com (Simon Brereton) Date: Tue, 13 Sep 2011 17:47:18 -0400 Subject: [Dovecot] Mails repopping In-Reply-To: <021d01cc715d$015f9400$041ebc00$@brereton@buongiorno.com> References: <004b01cc6f13$04a166d0$0de43470$@brereton@buongiorno.com> <1315823847.7326.17.camel@hurina> <021d01cc715d$015f9400$041ebc00$@brereton@buongiorno.com> Message-ID: <03a601cc725e$b66bc470$23434d50$@brereton@buongiorno.com> > -----Original Message----- > From: dovecot-bounces at dovecot.org [mailto:dovecot- > bounces at dovecot.org] On Behalf Of Simon Brereton > > -----Original Message----- > > From: Timo Sirainen [mailto:tss at iki.fi] On Fri, 2011-09-09 at 13:07 > > -0400, Simon Brereton wrote: > > > > > I have a server that's been running Courier for about 6 years and > > in > > > all that time I think I've only ever had 1 issues where an entire > > mail > > > box was repopped by a webmail client. However, since moving to a > > new > > > server and dovecot 4 weeks ago, I've now had the webmail client > > repop > > > this account 4 times (there are about 230 mails in the account). > > > > > > Is there a setting I need to tighten to prevent/remedy this? I > > have > > > no idea if it's happening on other accounts, but this is one that > I > > > see. The format is maildir. There has been no changes to the > > webmail > > > client. > > > > dovecot -n output would have been nice. Also do you see anything in > > error logs? > > Ah. My apologies of course. Here it is.. > > mail:~# dovecot -n > # 1.2.15: /etc/dovecot/dovecot.conf > # OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.2 ext3 > log_timestamp: %Y-%m-%d %H:%M:%S > protocols: imap imaps pop3 pop3s > ssl_ca_file: /etc/ssl/keys/rhodes-ca.crt > ssl_cert_file: /etc/ssl/keys/mail.domain.net.crt > ssl_key_file: /etc/ssl/private/mail.domain.net.key > disable_plaintext_auth: no > login_dir: /var/run/dovecot/login > login_executable(default): /usr/lib/dovecot/imap-login > login_executable(imap): /usr/lib/dovecot/imap-login > login_executable(pop3): /usr/lib/dovecot/pop3-login > mail_privileged_group: mailsystem > mail_location: maildir:/var/spool/mail/virtual/%d/%n > maildir_very_dirty_syncs: yes > mbox_write_locks: fcntl dotlock > mail_executable(default): /usr/lib/dovecot/imap > mail_executable(imap): /usr/lib/dovecot/imap > mail_executable(pop3): /usr/lib/dovecot/pop3 > mail_plugins(default): quota imap_quota > mail_plugins(imap): quota imap_quota > mail_plugins(pop3): quota > mail_plugin_dir(default): /usr/lib/dovecot/modules/imap > mail_plugin_dir(imap): /usr/lib/dovecot/modules/imap > mail_plugin_dir(pop3): /usr/lib/dovecot/modules/pop3 > imap_client_workarounds(default): outlook-idle delay-newmail > imap_client_workarounds(imap): outlook-idle delay-newmail > imap_client_workarounds(pop3): > pop3_client_workarounds(default): > pop3_client_workarounds(imap): > pop3_client_workarounds(pop3): outlook-no-nuls oe-ns-eoh > lda: > postmaster_address: postmaster at domain.net > mail_plugins: quota > log_path: > info_log_path: > deliver_log_format: msgid=%m: %f: %$ > auth default: > mechanisms: plain login > user: mailsystem > verbose: yes > passdb: > driver: sql > args: /etc/dovecot/dovecot-sql.conf > userdb: > driver: prefetch > userdb: > driver: static > args: uid=999 gid=115 home=/var/spool/mail/virtual/%d/%n > allow_all_users=yes > socket: > type: listen > client: > path: /var/spool/postfix/private/auth > mode: 432 > user: postfix > group: mailsystem > master: > path: /var/run/dovecot/auth-master > mode: 432 > user: mailsystem > group: mailsystem > plugin: > quota: maildir > > Could you make dovecot -n munge the certificate and postmaster email > addresses? I'm not comfortable with that floating on the internet.. > > The only thing I have in the logs is 2 sessions where mail was popped > (note, it doesn't even add up to the 183 messages in the mail box). > But those sessions are vastly longer than the regular ones (tens of > minutes compared to a few seconds). Since both IPs are on the back- > bone, that's quite a while to download 100 mails (none of which are > over > > Sep 11 21:36:25 mail dovecot: pop3-login: Login: > user=, method=PLAIN, rip=64.88.168.84, > lip=83.170.65.xxx, TLS Sep 11 21:36:34 mail dovecot: > POP3(user at domain.com): Disconnected: Logged out top=0/0, retr=0/0, > del=0/183, size=14025971 Sep 11 21:43:44 mail dovecot: pop3-login: > Login: user=, method=PLAIN, rip=64.88.168.84, > lip=83.170.65.xxx, TLS Sep 11 21:44:54 mail dovecot: > POP3(user at domain.com): Disconnected: Logged out top=0/0, retr=0/0, > del=0/183, size=14025971 Sep 11 21:52:31 mail dovecot: pop3-login: > Login: user=, method=PLAIN, rip=64.88.168.84, > lip=83.170.65.xxx, TLS Sep 11 22:56:01 mail dovecot: > POP3(user at domain.com): Disconnected: Logged out top=0/0, > retr=100/9182678, del=0/183, size=14025971 Sep 11 23:08:58 mail > dovecot: pop3-login: Login: user=, method=PLAIN, > rip=64.88.168.84, lip=83.170.65.xxx, TLS Sep 11 23:37:57 mail > dovecot: POP3(user at domain.com): Disconnected: Logged out top=0/0, > retr=75/4748674, del=0/183, size=14025971 Sep 12 00:04:11 mail > dovecot: pop3-login: Login: user=, method=PLAIN, > rip=64.88.168.84, lip=83.170.65.xxx, TLS Sep 12 00:04:26 mail > dovecot: POP3(user at domain.com): Disconnected: Logged out top=0/0, > retr=0/0, del=0/183, size=14025971 Sep 12 00:07:40 mail dovecot: > pop3-login: Login: user=, method=PLAIN, > rip=64.88.168.84, lip=83.170.65.xxx, TLS Sep 12 00:07:53 mail > dovecot: POP3(user at domain.com): Disconnected: Logged out top=0/0, > retr=0/0, del=0/183, size=14025971 > > > > If you're using the default pop3_uidl_format it'll rely on IMAP > UIDs > > to stay the same, and I guess it's possible that due to some other > > problem they change (that should be logged as an error/warning > > though). > > > > You could try setting pop3_uidl_format=%f, but it will cause > everyone > > to redownload mails. With newer Dovecot versions you could set > > pop3_save_uidl=yes and when you think everyone's downloaded mails > once > > you can safely change the pop3_uidl_format. > > Sorry, I'm very new to dovecot and I'm not sure I understand. I > presume because neither of those keys are in the dovecot -n output > that they are as the defaults, yes? The account is indeed accessed > by IMAP as well (from a mobile device mostly), but I don't see > anything fishy there either. How could I see if the IMAP UIDs have > changed? > > Sep 11 21:20:32 mail dovecot: IMAP(user at domain.com): Connection > closed bytes=1095/8292 > > Sep 11 21:26:03 mail dovecot: imap-login: Login: > user=, method=PLAIN, rip=174.252.83.244, > lip=83.170.65.xxx, TLS Sep 11 22:11:20 mail dovecot: > IMAP(user at domain.com): Disconnected for inactivity bytes=725/5638 Sep > 11 22:17:10 mail dovecot: imap-login: Login: user=, > method=PLAIN, rip=174.252.83.244, lip=83.170.65.xxx, TLS Sep 11 > 23:12:06 mail dovecot: IMAP(user at domain.com): Disconnected for > inactivity bytes=1471/11025 Sep 11 23:23:22 mail dovecot: imap-login: > Login: user=, method=PLAIN, rip=174.252.83.244, > lip=83.170.65.xxx, TLS Sep 11 23:52:52 mail dovecot: > IMAP(user at domain.com): Connection closed bytes=1841/13679 Sep 12 > 00:08:47 mail dovecot: imap-login: Login: user=, > method=PLAIN, rip=174.252.83.244, lip=83.170.65.xxx, TLS Sep 12 > 01:19:05 mail dovecot: imap-login: Login: user=, > method=PLAIN, rip=174.252.83.244, lip=83.170.65.xxx, TLS Sep 12 > 02:57:01 mail dovecot: IMAP(user at domain.com): Connection closed > bytes=2713/60026 Sep 12 02:57:01 mail dovecot: IMAP(user at domain.com): > Connection closed bytes=2688/18635 > > > There are no errors or warnings in the mail log (I have one shared > log file for postfix, amavis and dovecot). Reading the notes for > pop3_save_uidl it doesn't seem to be a dangerous option - should I > turn that on? Why will it force everyone to redownload mails > (there's nothing about it on the wiki)? > > Thanks! > > Simon Any help would be appreciated. Thanks. Simon From stephan at rename-it.nl Wed Sep 14 01:14:24 2011 From: stephan at rename-it.nl (Stephan Bosch) Date: Wed, 14 Sep 2011 00:14:24 +0200 Subject: [Dovecot] New plugin for Pigeonhole Sieve: sieve_pipe Message-ID: <4E6FD5C0.5050304@rename-it.nl> Hello, I've finished up work on a new plugin for Pigeonhole Sieve: sieve_pipe. It adds a new Sieve extension (vnd.dovecot.pipe) providing a new action command that provides the possibility to pipe messages to external programs (e.g. shell scripts). The programs available to this command are explicitly limited and subject to administrator configuration. The plugin can currently only be downloaded from the Mercurial repository: http://hg.rename-it.nl/pigeonhole-0.2-sieve-pipe Check the README/INSTALL files in the repository or the new wiki page for more information: http://hg.rename-it.nl/pigeonhole-0.2-sieve-pipe/raw-file/tip/README http://hg.rename-it.nl/pigeonhole-0.2-sieve-pipe/raw-file/tip/INSTALL http://master.wiki2.dovecot.org/Pigeonhole/Sieve/Plugins/Pipe The specification of the vnd.dovecot.pipe extension can be found here: http://hg.rename-it.nl/pigeonhole-0.2-sieve-pipe/raw-file/tip/doc/rfc/spec-bosch-sieve-pipe.txt I'd still call this thing very much experimental, so be sure to test it extensively first. Don't hesitate to notify me when there are any problems. Regards, Stephan. From slusarz at curecanti.org Wed Sep 14 01:15:36 2011 From: slusarz at curecanti.org (Michael M Slusarz) Date: Tue, 13 Sep 2011 16:15:36 -0600 Subject: [Dovecot] Mails repopping Message-ID: <20110913161536.Horde.smZyNoF5lbhOb9YIt_IE8WA@bigworm.curecanti.org> Quoting Simon Brereton : >> -----Original Message----- >> From: dovecot-bounces at dovecot.org [mailto:dovecot- >> bounces at dovecot.org] On Behalf Of Simon Brereton >> > -----Original Message----- >> > From: Timo Sirainen [mailto:tss at iki.fi] On Fri, 2011-09-09 at 13:07 >> > -0400, Simon Brereton wrote: >> > >> > > I have a server that's been running Courier for about 6 years and >> > in >> > > all that time I think I've only ever had 1 issues where an entire >> > mail >> > > box was repopped by a webmail client. However, since moving to a >> > new >> > > server and dovecot 4 weeks ago, I've now had the webmail client >> > repop >> > > this account 4 times (there are about 230 mails in the account). >> > > >> > > Is there a setting I need to tighten to prevent/remedy this? I >> > have >> > > no idea if it's happening on other accounts, but this is one that >> I >> > > see. The format is maildir. There has been no changes to the >> > webmail >> > > client. >> > >> > dovecot -n output would have been nice. Also do you see anything in >> > error logs? >> >> Ah. My apologies of course. Here it is.. >> >> mail:~# dovecot -n >> # 1.2.15: /etc/dovecot/dovecot.conf >> # OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.2 ext3 >> log_timestamp: %Y-%m-%d %H:%M:%S >> protocols: imap imaps pop3 pop3s >> ssl_ca_file: /etc/ssl/keys/rhodes-ca.crt >> ssl_cert_file: /etc/ssl/keys/mail.domain.net.crt >> ssl_key_file: /etc/ssl/private/mail.domain.net.key >> disable_plaintext_auth: no >> login_dir: /var/run/dovecot/login >> login_executable(default): /usr/lib/dovecot/imap-login >> login_executable(imap): /usr/lib/dovecot/imap-login >> login_executable(pop3): /usr/lib/dovecot/pop3-login >> mail_privileged_group: mailsystem >> mail_location: maildir:/var/spool/mail/virtual/%d/%n >> maildir_very_dirty_syncs: yes >> mbox_write_locks: fcntl dotlock >> mail_executable(default): /usr/lib/dovecot/imap >> mail_executable(imap): /usr/lib/dovecot/imap >> mail_executable(pop3): /usr/lib/dovecot/pop3 >> mail_plugins(default): quota imap_quota >> mail_plugins(imap): quota imap_quota >> mail_plugins(pop3): quota >> mail_plugin_dir(default): /usr/lib/dovecot/modules/imap >> mail_plugin_dir(imap): /usr/lib/dovecot/modules/imap >> mail_plugin_dir(pop3): /usr/lib/dovecot/modules/pop3 >> imap_client_workarounds(default): outlook-idle delay-newmail >> imap_client_workarounds(imap): outlook-idle delay-newmail >> imap_client_workarounds(pop3): >> pop3_client_workarounds(default): >> pop3_client_workarounds(imap): >> pop3_client_workarounds(pop3): outlook-no-nuls oe-ns-eoh >> lda: >> postmaster_address: postmaster at domain.net >> mail_plugins: quota >> log_path: >> info_log_path: >> deliver_log_format: msgid=%m: %f: %$ >> auth default: >> mechanisms: plain login >> user: mailsystem >> verbose: yes >> passdb: >> driver: sql >> args: /etc/dovecot/dovecot-sql.conf >> userdb: >> driver: prefetch >> userdb: >> driver: static >> args: uid=999 gid=115 home=/var/spool/mail/virtual/%d/%n >> allow_all_users=yes >> socket: >> type: listen >> client: >> path: /var/spool/postfix/private/auth >> mode: 432 >> user: postfix >> group: mailsystem >> master: >> path: /var/run/dovecot/auth-master >> mode: 432 >> user: mailsystem >> group: mailsystem >> plugin: >> quota: maildir >> >> Could you make dovecot -n munge the certificate and postmaster email >> addresses? I'm not comfortable with that floating on the internet.. >> >> The only thing I have in the logs is 2 sessions where mail was popped >> (note, it doesn't even add up to the 183 messages in the mail box). >> But those sessions are vastly longer than the regular ones (tens of >> minutes compared to a few seconds). Since both IPs are on the back- >> bone, that's quite a while to download 100 mails (none of which are >> over >> >> Sep 11 21:36:25 mail dovecot: pop3-login: Login: >> user=, method=PLAIN, rip=64.88.168.84, >> lip=83.170.65.xxx, TLS Sep 11 21:36:34 mail dovecot: >> POP3(user at domain.com): Disconnected: Logged out top=0/0, retr=0/0, >> del=0/183, size=14025971 Sep 11 21:43:44 mail dovecot: pop3-login: >> Login: user=, method=PLAIN, rip=64.88.168.84, >> lip=83.170.65.xxx, TLS Sep 11 21:44:54 mail dovecot: >> POP3(user at domain.com): Disconnected: Logged out top=0/0, retr=0/0, >> del=0/183, size=14025971 Sep 11 21:52:31 mail dovecot: pop3-login: >> Login: user=, method=PLAIN, rip=64.88.168.84, >> lip=83.170.65.xxx, TLS Sep 11 22:56:01 mail dovecot: >> POP3(user at domain.com): Disconnected: Logged out top=0/0, >> retr=100/9182678, del=0/183, size=14025971 Sep 11 23:08:58 mail >> dovecot: pop3-login: Login: user=, method=PLAIN, >> rip=64.88.168.84, lip=83.170.65.xxx, TLS Sep 11 23:37:57 mail >> dovecot: POP3(user at domain.com): Disconnected: Logged out top=0/0, >> retr=75/4748674, del=0/183, size=14025971 Sep 12 00:04:11 mail >> dovecot: pop3-login: Login: user=, method=PLAIN, >> rip=64.88.168.84, lip=83.170.65.xxx, TLS Sep 12 00:04:26 mail >> dovecot: POP3(user at domain.com): Disconnected: Logged out top=0/0, >> retr=0/0, del=0/183, size=14025971 Sep 12 00:07:40 mail dovecot: >> pop3-login: Login: user=, method=PLAIN, >> rip=64.88.168.84, lip=83.170.65.xxx, TLS Sep 12 00:07:53 mail >> dovecot: POP3(user at domain.com): Disconnected: Logged out top=0/0, >> retr=0/0, del=0/183, size=14025971 >> >> >> > If you're using the default pop3_uidl_format it'll rely on IMAP >> UIDs >> > to stay the same, and I guess it's possible that due to some other >> > problem they change (that should be logged as an error/warning >> > though). >> > >> > You could try setting pop3_uidl_format=%f, but it will cause >> everyone >> > to redownload mails. With newer Dovecot versions you could set >> > pop3_save_uidl=yes and when you think everyone's downloaded mails >> once >> > you can safely change the pop3_uidl_format. >> >> Sorry, I'm very new to dovecot and I'm not sure I understand. I >> presume because neither of those keys are in the dovecot -n output >> that they are as the defaults, yes? The account is indeed accessed >> by IMAP as well (from a mobile device mostly), but I don't see >> anything fishy there either. How could I see if the IMAP UIDs have >> changed? >> >> Sep 11 21:20:32 mail dovecot: IMAP(user at domain.com): Connection >> closed bytes=1095/8292 >> >> Sep 11 21:26:03 mail dovecot: imap-login: Login: >> user=, method=PLAIN, rip=174.252.83.244, >> lip=83.170.65.xxx, TLS Sep 11 22:11:20 mail dovecot: >> IMAP(user at domain.com): Disconnected for inactivity bytes=725/5638 Sep >> 11 22:17:10 mail dovecot: imap-login: Login: user=, >> method=PLAIN, rip=174.252.83.244, lip=83.170.65.xxx, TLS Sep 11 >> 23:12:06 mail dovecot: IMAP(user at domain.com): Disconnected for >> inactivity bytes=1471/11025 Sep 11 23:23:22 mail dovecot: imap-login: >> Login: user=, method=PLAIN, rip=174.252.83.244, >> lip=83.170.65.xxx, TLS Sep 11 23:52:52 mail dovecot: >> IMAP(user at domain.com): Connection closed bytes=1841/13679 Sep 12 >> 00:08:47 mail dovecot: imap-login: Login: user=, >> method=PLAIN, rip=174.252.83.244, lip=83.170.65.xxx, TLS Sep 12 >> 01:19:05 mail dovecot: imap-login: Login: user=, >> method=PLAIN, rip=174.252.83.244, lip=83.170.65.xxx, TLS Sep 12 >> 02:57:01 mail dovecot: IMAP(user at domain.com): Connection closed >> bytes=2713/60026 Sep 12 02:57:01 mail dovecot: IMAP(user at domain.com): >> Connection closed bytes=2688/18635 >> >> >> There are no errors or warnings in the mail log (I have one shared >> log file for postfix, amavis and dovecot). Reading the notes for >> pop3_save_uidl it doesn't seem to be a dangerous option - should I >> turn that on? Why will it force everyone to redownload mails >> (there's nothing about it on the wiki)? >> >> Thanks! >> >> Simon > > Any help would be appreciated. What do you mean by "repopped"? You mean downloading the entire data of the messages from the POP3 server? This is expected behavior when using a stateless (e.g. webmail) client. Kind of the whole reason you don't use POP3 in the first place. Although caching can help. e.g., Here's what the first connection to the server looks like (this is using IMP 5 on a mailstore with 82 messages): S (1315951197.4976): +OK Dovecot ready. C (1315951197.513): [AUTH PLAIN Command - username: slusarz] S (1315951197.5319): +OK Logged in. C (1315951197.5325): STAT S (1315951197.5328): +OK 82 482351 C (1315951197.5348): UIDL S (1315951197.5354): +OK S (1315951197.5354): 1 000000014935d409 S (1315951197.5354): 2 000000024935d409 S (1315951197.5354): 3 000000114935d409 [...] S (1315951197.5363): 82 000000824935d409 S (1315951197.5363): . C (1315951197.9582): TOP 1 0 S (1315951198.0411): From user at domain.com Thu Jun 22 11:16:26 2006 [...] S (1315951198.0416): . [...] C (1315951199.0607): LIST S (1315951199.061): +OK 82 messages: S (1315951199.061): 1 118630 [...] S (1315951199.0619): . We need to grab all headers so we can build the envelope information (needed to produce the mailbox listing). And the LIST command grabs the size information (also used in the mailbox listing). But remember that the full headers will need to be redownloaded *EVERY* time you reload the page unless some sort of caching is enabled in the client. That's just the nature of POP3. (IMAP has the same sort of issues - if the stateless client does not cache, the envelope information must be downloaded on every access. However, with IMAP, the network traffic is reduced - you can download only the needed information, not all header text - and IMAP servers have the ability to cache this information behind the scenes due to the abstraction of the API.). This is where caching is pretty much essential on the webmail side. If caching is enabled, the best-case scenario is that the the webmail server only needs to grab the list of UIDLs on every POP3 server access going forward - if the UIDL list has not changed, we know the mailbox hasn't changed and the cached information is still valid. (CONDSTORE/QRESYNC extensions for IMAP make this synchronization check even more efficient in IMAP) michael From janfrode at tanso.net Wed Sep 14 10:12:52 2011 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Wed, 14 Sep 2011 09:12:52 +0200 Subject: [Dovecot] Warning: Subscriptions file .. Removing invalid entry: Message-ID: <20110914071252.GA13849@oc1046828364.ibm.com> One of our dovecot-servers (v2.0.14) got a bit too busy last evening: Sep 13 20:39:18 popimap1 dovecot: master: Warning: service(pop3-login): process_limit reached, client connections are being dropped then logged a few: Sep 13 20:39:20 popimap1 dovecot: pop3(XXXXXXXXX at YYYYY.YY): Warning: I/O leak: 0x3829233d20 (10) Sep 13 20:39:20 popimap1 dovecot: pop3(XXXXXXXXX at YYYYY.YY): Warning: Timeout leak: 0x3829233ce0 Sep 13 20:39:20 popimap1 dovecot: pop3(ZZZZZ.ZZZZZ at ZZZZZZ.ZZ): Warning: I/O leak: 0x3829233d20 (10) Sep 13 20:39:20 popimap1 dovecot: pop3(ZZZZZ.ZZZZZ at ZZZZZZ.ZZ): Warning: Timeout leak: 0x3829233ce0 Sep 13 20:39:20 popimap1 dovecot: pop3(YYYYYYY at YYYY.YYY): Warning: I/O leak: 0x3829233d20 (10) Sep 13 20:39:20 popimap1 dovecot: pop3(YYYYYYY at YYYY.YYY): Warning: Timeout leak: 0x3829233ce0 Sep 13 20:39:20 popimap1 dovecot: pop3-postlogin: Error: Fatal: fd_send() failed: Broken pipe Sep 13 20:39:20 popimap1 dovecot: pop3-postlogin: Error: Fatal: fd_send() failed: Broken pipe and: Error: net_connect_unix(/var/run/dovecot/pop3-postlogin) failed: Resource temporarily unavailable but what has me a bit worried is these: imap(user at xxx.xxx): Warning: Subscriptions file /path/to/user at xxx.xxx/subscriptions: Removing invalid entry: .Sent imap(user at xxx.xxx): Warning: Subscriptions file /path/to/user at xxx.xxx/subscriptions: Removing invalid entry: .Spam imap(user at xxx.xxx): Warning: Subscriptions file /path/to/user at xxx.xxx/subscriptions: Removing invalid entry: .Drafts imap(user at xxx.xxx): Warning: Subscriptions file /path/to/user at xxx.xxx/subscriptions: Removing invalid entry: .Trash which happened for a two users during this high load periode. Looking at their mail directory I can't see why these should be invalid? They're there, has sane permissions and contains messages.. -jf From janfrode at tanso.net Wed Sep 14 10:34:21 2011 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Wed, 14 Sep 2011 09:34:21 +0200 Subject: [Dovecot] Warning: Subscriptions file .. Removing invalid entry: In-Reply-To: <20110914071252.GA13849@oc1046828364.ibm.com> References: <20110914071252.GA13849@oc1046828364.ibm.com> Message-ID: <20110914073421.GA14411@oc1046828364.ibm.com> On Wed, Sep 14, 2011 at 09:12:52AM +0200, Jan-Frode Myklebust wrote: > but what has me a bit worried is these: > > imap(user at xxx.xxx): Warning: Subscriptions file /path/to/user at xxx.xxx/subscriptions: Removing invalid entry: .Sent > imap(user at xxx.xxx): Warning: Subscriptions file /path/to/user at xxx.xxx/subscriptions: Removing invalid entry: .Spam > imap(user at xxx.xxx): Warning: Subscriptions file /path/to/user at xxx.xxx/subscriptions: Removing invalid entry: .Drafts > imap(user at xxx.xxx): Warning: Subscriptions file /path/to/user at xxx.xxx/subscriptions: Removing invalid entry: .Trash > > which happened for a two users during this high load periode. Looking at > their mail directory I can't see why these should be invalid? They're there, > has sane permissions and contains messages.. I see now that this probably has nothing to do with the pop3 process_limit. It's been happening regularly since we upgraded from v1.2.16 to v2.0 on August 30. Initially 200+ times a day, but has dropped down to 30-50 times a day for the last few days. Probably because of subscription files getting emptied for the imap-users. Is this a problem with our namespace: namespace { inbox = yes location = prefix = INBOX. type = private } which for v1.2.x was defined as: namespace private { prefix = INBOX. inbox = yes } -jf From isolderj at webmail.co.za Wed Sep 14 08:48:28 2011 From: isolderj at webmail.co.za (James isolder) Date: Wed, 14 Sep 2011 07:48:28 +0200 Subject: [Dovecot] IMAP delete logs Message-ID: Version - 1.2.17 Is there a way to include message or folder deletion logs in the dovecot log files. Thanks in advance. ____________________________________________________________ South Africas premier free email service - www.webmail.co.za For super low premiums, click here. http://www.dialdirect.co.za/?vdn=15828 From bra at fsn.hu Wed Sep 14 14:32:09 2011 From: bra at fsn.hu (Attila Nagy) Date: Wed, 14 Sep 2011 13:32:09 +0200 Subject: [Dovecot] Maildir "locking" Message-ID: <4E7090B9.1000103@fsn.hu> Hello, I'm looking for the alternative of qmail's chmod -t (sticky bit on the maildir root) for Dovecot. What I'm trying to achieve with this lock: - Dovecot lmtp should give back a temporary error (so the email will be deferred and re-delivered later) - all other Dovecot daemons (pop, imap) should work as usual, but should not alter maildir contents (they can modify their own files, like indexes, logs etc) What is the best way to do this? If there is no such thing currently, would it be hard to implement the sticky bit checking on the root? Thanks, From Lutz.Pressler at SerNet.DE Wed Sep 14 14:40:00 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Wed, 14 Sep 2011 13:40:00 +0200 Subject: [Dovecot] imapc vs auth-userdb security Message-ID: Hello, with imapc settings coming from userdb (individual configuration necessary) there exists a security problem if access to auth-userdb socket is given to normal (shell) users: testuser at host:~$ doveadm user user1 userdb: lpmail uid : 1000 gid : 1111 home : /home/user1 namespace : gmail namespace/gmail/list: yes namespace/gmail/subscriptions: no namespace/gmail/separator: . namespace/gmail/prefix: INBOX.gmail. namespace/gmail/location: imapc:~/Maildir/gmail imapc_host: imap.gmail.com imapc_user: someuser at gmail.com imapc_password: cleartextpassword! imapc_ssl : imaps imapc_ssl_ca_dir: /etc/ssl/certs imapc_port: 993 Lutz From tss at iki.fi Wed Sep 14 14:46:26 2011 From: tss at iki.fi (Timo Sirainen) Date: Wed, 14 Sep 2011 14:46:26 +0300 Subject: [Dovecot] imapc vs auth-userdb security In-Reply-To: References: Message-ID: <346DECBE-B7F8-40A2-9485-EFF3B547C8ED@iki.fi> On 14.9.2011, at 14.40, Lutz Pre?ler wrote: > with imapc settings coming from userdb (individual configuration necessary) > there exists a security problem if access to auth-userdb socket is given > to normal (shell) users: So don't give it to them? :) Actually this should be pretty much solved with v2.1 defaults. If the auth-userdb socket is 0666 root:root (default now), it requires that the calling process either has root user/group privileges or its uid matches the one returned by userdb, otherwise it won't return any fields. From Lutz.Pressler at SerNet.DE Wed Sep 14 14:57:00 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Wed, 14 Sep 2011 13:57:00 +0200 Subject: [Dovecot] imapc vs auth-userdb security In-Reply-To: <346DECBE-B7F8-40A2-9485-EFF3B547C8ED@iki.fi> References: <346DECBE-B7F8-40A2-9485-EFF3B547C8ED@iki.fi> Message-ID: On Mi, 14 Sep 2011, Timo Sirainen wrote: > On 14.9.2011, at 14.40, Lutz Pre?ler wrote: > > > with imapc settings coming from userdb (individual configuration necessary) > > there exists a security problem if access to auth-userdb socket is given > > to normal (shell) users: > > So don't give it to them? :) Actually this should be pretty much solved with v2.1 defaults. If the auth-userdb socket is 0666 root:root (default now), it requires that the calling process either has root user/group privileges or its uid matches the one returned by userdb, otherwise it won't return any fields. I had to change that because of shared mailboxes and usage of %%h. Maybe one could return only home if uid does not match? Lutz From mailing at securitylabs.it Wed Sep 14 15:40:21 2011 From: mailing at securitylabs.it (mailing at securitylabs.it) Date: Wed, 14 Sep 2011 14:40:21 +0200 Subject: [Dovecot] IMAP delete logs In-Reply-To: References: Message-ID: <4E70A0B5.2060706@securitylabs.it> Il 14/09/2011 07:48, James isolder ha scritto: > Version - 1.2.17 > > Is there a way to include message or folder deletion logs in the dovecot log > files. > > Yes, you can use the mail logger plugin: http://wiki.dovecot.org/Plugins/MailLog From gjlama94 at gmail.com Wed Sep 14 14:14:15 2011 From: gjlama94 at gmail.com (Gerald LaMontagne) Date: Wed, 14 Sep 2011 07:14:15 -0400 Subject: [Dovecot] General IMAP Question Message-ID: <20110914111415.GA4866@stryder.lamafam.org> Hi- I'm developing an IMAP client library in lua and tried using a literal form of the STATUS command. Dovecot rejected the command. I was successfully able to use a literal form of the LOGIN command, so I have some confidence in my code working properly. Is this correct and, if so, is there a list of IMAP commands that don't support the literal form? I searched hi and lo for something, but have been unable to find an answer. Thanks for your time. Regards- Gerry LaMontagne -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 230 bytes Desc: Digital signature URL: From tss at iki.fi Wed Sep 14 16:23:23 2011 From: tss at iki.fi (Timo Sirainen) Date: Wed, 14 Sep 2011 16:23:23 +0300 Subject: [Dovecot] General IMAP Question In-Reply-To: <20110914111415.GA4866@stryder.lamafam.org> References: <20110914111415.GA4866@stryder.lamafam.org> Message-ID: <565DA56D-E2B7-4E42-9AE0-F2BED99E1D89@iki.fi> On 14.9.2011, at 14.14, Gerald LaMontagne wrote: > I'm developing an IMAP client library in lua and tried using a literal > form of the STATUS command. Dovecot rejected the command. I was > successfully able to use a literal form of the LOGIN command, so I > have some confidence in my code working properly. There are no "literal forms of commands". Individual parameters have literal forms. In LOGIN command the username and password can be literals. In STATUS the mailbox name can be a literal, which is followed by a list of atoms. > Is this correct and, if so, is there a list of IMAP commands that > don't support the literal form? I searched hi and lo for something, > but have been unable to find an answer. Read the ABNF rules from RFC 3501. They tell exactly what is allowed. From dovecot at lists.grepular.com Wed Sep 14 16:46:10 2011 From: dovecot at lists.grepular.com (Mike Cardwell) Date: Wed, 14 Sep 2011 14:46:10 +0100 Subject: [Dovecot] Shredding instead of deleting Message-ID: <4E70B022.3050502@lists.grepular.com> Hi, I have a wishlist item. Is there an appropriate place for me to post it? Basically, I would like to know that my email isn't recoverable from the local disk on the mail server after I delete it. So instead of just deleting the file from my Maildir, I'd like the option to exist for Dovecot to shred it.. Ie, overwrite the file with random data and/or null bytes before deletion. In the same way that GNU shred behaves: https://www.gnu.org/software/coreutils/manual/html_node/shred-invocation.html -- Mike Cardwell https://grepular.com/ https://twitter.com/mickeyc Professional http://cardwellit.com/ http://linkedin.com/in/mikecardwell PGP.mit.edu 0018461F/35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 455 bytes Desc: OpenPGP digital signature URL: From tss at iki.fi Wed Sep 14 17:06:33 2011 From: tss at iki.fi (Timo Sirainen) Date: Wed, 14 Sep 2011 17:06:33 +0300 Subject: [Dovecot] Shredding instead of deleting In-Reply-To: <4E70B022.3050502@lists.grepular.com> References: <4E70B022.3050502@lists.grepular.com> Message-ID: <30659D1F-80F3-40D5-A239-38D2BE963243@iki.fi> On 14.9.2011, at 16.46, Mike Cardwell wrote: > I have a wishlist item. Is there an appropriate place for me to post it? > Basically, I would like to know that my email isn't recoverable from the > local disk on the mail server after I delete it. So instead of just > deleting the file from my Maildir, I'd like the option to exist for > Dovecot to shred it.. Ie, overwrite the file with random data and/or > null bytes before deletion. In the same way that GNU shred behaves: Well, the choices are: a) Patch Dovecot sources b) Use a LD_PRELOAD library to override unlink() c) Use a FUSE filesystem that replaces unlinks with shredding d) Wait until I've finished making dbox code use lib-fs, and write a lib-fs wrapper plugin that replaces unlink() I'm not anyway planning on distributing any of these solutions with Dovecot. It won't even work with newer copy-on-write filesystems (ZFS, BTRFS, etc.) From dovecot at lists.grepular.com Wed Sep 14 17:15:35 2011 From: dovecot at lists.grepular.com (dovecot at lists.grepular.com) Date: Wed, 14 Sep 2011 15:15:35 +0100 Subject: [Dovecot] Shredding instead of deleting In-Reply-To: <30659D1F-80F3-40D5-A239-38D2BE963243@iki.fi> References: <4E70B022.3050502@lists.grepular.com> <30659D1F-80F3-40D5-A239-38D2BE963243@iki.fi> Message-ID: <4E70B707.4060200@lists.grepular.com> On 14/09/11 15:06, Timo Sirainen wrote: >> I have a wishlist item. Is there an appropriate place for me to post it? >> Basically, I would like to know that my email isn't recoverable from the >> local disk on the mail server after I delete it. So instead of just >> deleting the file from my Maildir, I'd like the option to exist for >> Dovecot to shred it.. Ie, overwrite the file with random data and/or >> null bytes before deletion. In the same way that GNU shred behaves: > > Well, the choices are: > > a) Patch Dovecot sources > > b) Use a LD_PRELOAD library to override unlink() > > c) Use a FUSE filesystem that replaces unlinks with shredding > > d) Wait until I've finished making dbox code use lib-fs, and write a lib-fs wrapper plugin that replaces unlink() > > I'm not anyway planning on distributing any of these solutions with Dovecot. It won't even work with newer copy-on-write filesystems (ZFS, BTRFS, etc.) Is there no general wishlist area for Dovecot then? I didn't necessarily expect the functionality to be packaged with Dovecot, but thought that somebody might pick up the idea and write a plugin for it if it was written down somewhere. From a privacy/security perspective, making sure deleted email isn't recoverable does have real value for some people. I did consider FUSE. I might tackle that one myself. I don't really have the expertise to modify Dovecot it's self though. -- Mike Cardwell https://grepular.com/ https://twitter.com/mickeyc Professional http://cardwellit.com/ http://linkedin.com/in/mikecardwell PGP.mit.edu 0018461F/35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 455 bytes Desc: OpenPGP digital signature URL: From smt at vgersoft.com Wed Sep 14 17:19:58 2011 From: smt at vgersoft.com (Steve Thompson) Date: Wed, 14 Sep 2011 10:19:58 -0400 (EDT) Subject: [Dovecot] Shredding instead of deleting In-Reply-To: <4E70B707.4060200@lists.grepular.com> References: <4E70B022.3050502@lists.grepular.com> <30659D1F-80F3-40D5-A239-38D2BE963243@iki.fi> <4E70B707.4060200@lists.grepular.com> Message-ID: On Wed, 14 Sep 2011, dovecot at lists.grepular.com wrote: > From a privacy/security perspective, making sure deleted email isn't > recoverable does have real value for some people. What would you do about backups? From simon.brereton at buongiorno.com Wed Sep 14 17:25:43 2011 From: simon.brereton at buongiorno.com (Simon Brereton) Date: Wed, 14 Sep 2011 10:25:43 -0400 Subject: [Dovecot] Mails repopping In-Reply-To: <20110913161536.Horde.smZyNoF5lbhOb9YIt_IE8WA@bigworm.curecanti.org> References: <20110913161536.Horde.smZyNoF5lbhOb9YIt_IE8WA@bigworm.curecanti.org> Message-ID: <04db01cc72ea$30612b90$912382b0$@brereton@buongiorno.com> > -----Original Message----- > From: dovecot-bounces at dovecot.org [mailto:dovecot- > bounces at dovecot.org] On Behalf Of Michael M Slusarz > Quoting Simon Brereton : > > >> -----Original Message----- > >> From: dovecot-bounces at dovecot.org [mailto:dovecot- > >> bounces at dovecot.org] On Behalf Of Simon Brereton > >> > -----Original Message----- > >> > From: Timo Sirainen [mailto:tss at iki.fi] On Fri, 2011-09-09 at > 13:07 > >> > -0400, Simon Brereton wrote: > >> > > >> > > I have a server that's been running Courier for about 6 years > and > >> > in > >> > > all that time I think I've only ever had 1 issues where an > entire > >> > mail > >> > > box was repopped by a webmail client. However, since moving > to a > >> > new > >> > > server and dovecot 4 weeks ago, I've now had the webmail > client > >> > repop > >> > > this account 4 times (there are about 230 mails in the > account). > >> > > > >> > > Is there a setting I need to tighten to prevent/remedy this? > I > >> > have > >> > > no idea if it's happening on other accounts, but this is one > that > >> I > >> > > see. The format is maildir. There has been no changes to the > >> > webmail > >> > > client. > >> > > >> > dovecot -n output would have been nice. Also do you see anything > in > >> > error logs? > >> > >> Ah. My apologies of course. Here it is.. > >> > >> mail:~# dovecot -n > >> # 1.2.15: /etc/dovecot/dovecot.conf > >> # OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.2 ext3 > >> log_timestamp: %Y-%m-%d %H:%M:%S > >> protocols: imap imaps pop3 pop3s > >> ssl_ca_file: /etc/ssl/keys/rhodes-ca.crt > >> ssl_cert_file: /etc/ssl/keys/mail.domain.net.crt > >> ssl_key_file: /etc/ssl/private/mail.domain.net.key > >> disable_plaintext_auth: no > >> login_dir: /var/run/dovecot/login > >> login_executable(default): /usr/lib/dovecot/imap-login > >> login_executable(imap): /usr/lib/dovecot/imap-login > >> login_executable(pop3): /usr/lib/dovecot/pop3-login > >> mail_privileged_group: mailsystem > >> mail_location: maildir:/var/spool/mail/virtual/%d/%n > >> maildir_very_dirty_syncs: yes > >> mbox_write_locks: fcntl dotlock > >> mail_executable(default): /usr/lib/dovecot/imap > >> mail_executable(imap): /usr/lib/dovecot/imap > >> mail_executable(pop3): /usr/lib/dovecot/pop3 > >> mail_plugins(default): quota imap_quota > >> mail_plugins(imap): quota imap_quota > >> mail_plugins(pop3): quota > >> mail_plugin_dir(default): /usr/lib/dovecot/modules/imap > >> mail_plugin_dir(imap): /usr/lib/dovecot/modules/imap > >> mail_plugin_dir(pop3): /usr/lib/dovecot/modules/pop3 > >> imap_client_workarounds(default): outlook-idle delay-newmail > >> imap_client_workarounds(imap): outlook-idle delay-newmail > >> imap_client_workarounds(pop3): > >> pop3_client_workarounds(default): > >> pop3_client_workarounds(imap): > >> pop3_client_workarounds(pop3): outlook-no-nuls oe-ns-eoh > >> lda: > >> postmaster_address: postmaster at domain.net > >> mail_plugins: quota > >> log_path: > >> info_log_path: > >> deliver_log_format: msgid=%m: %f: %$ auth default: > >> mechanisms: plain login > >> user: mailsystem > >> verbose: yes > >> passdb: > >> driver: sql > >> args: /etc/dovecot/dovecot-sql.conf > >> userdb: > >> driver: prefetch > >> userdb: > >> driver: static > >> args: uid=999 gid=115 home=/var/spool/mail/virtual/%d/%n > >> allow_all_users=yes > >> socket: > >> type: listen > >> client: > >> path: /var/spool/postfix/private/auth > >> mode: 432 > >> user: postfix > >> group: mailsystem > >> master: > >> path: /var/run/dovecot/auth-master > >> mode: 432 > >> user: mailsystem > >> group: mailsystem > >> plugin: > >> quota: maildir > >> > >> Could you make dovecot -n munge the certificate and postmaster > email > >> addresses? I'm not comfortable with that floating on the > internet.. > >> > >> The only thing I have in the logs is 2 sessions where mail was > popped > >> (note, it doesn't even add up to the 183 messages in the mail > box). > >> But those sessions are vastly longer than the regular ones (tens > of > >> minutes compared to a few seconds). Since both IPs are on the > back- > >> bone, that's quite a while to download 100 mails (none of which > are > >> over > >> > >> Sep 11 21:36:25 mail dovecot: pop3-login: Login: > >> user=, method=PLAIN, rip=64.88.168.84, > >> lip=83.170.65.xxx, TLS Sep 11 21:36:34 mail dovecot: > >> POP3(user at domain.com): Disconnected: Logged out top=0/0, retr=0/0, > >> del=0/183, size=14025971 Sep 11 21:43:44 mail dovecot: pop3-login: > >> Login: user=, method=PLAIN, rip=64.88.168.84, > >> lip=83.170.65.xxx, TLS Sep 11 21:44:54 mail dovecot: > >> POP3(user at domain.com): Disconnected: Logged out top=0/0, retr=0/0, > >> del=0/183, size=14025971 Sep 11 21:52:31 mail dovecot: pop3-login: > >> Login: user=, method=PLAIN, rip=64.88.168.84, > >> lip=83.170.65.xxx, TLS Sep 11 22:56:01 mail dovecot: > >> POP3(user at domain.com): Disconnected: Logged out top=0/0, > >> retr=100/9182678, del=0/183, size=14025971 Sep 11 23:08:58 mail > >> dovecot: pop3-login: Login: user=, method=PLAIN, > >> rip=64.88.168.84, lip=83.170.65.xxx, TLS Sep 11 23:37:57 mail > >> dovecot: POP3(user at domain.com): Disconnected: Logged out top=0/0, > >> retr=75/4748674, del=0/183, size=14025971 Sep 12 00:04:11 mail > >> dovecot: pop3-login: Login: user=, method=PLAIN, > >> rip=64.88.168.84, lip=83.170.65.xxx, TLS Sep 12 00:04:26 mail > >> dovecot: POP3(user at domain.com): Disconnected: Logged out top=0/0, > >> retr=0/0, del=0/183, size=14025971 Sep 12 00:07:40 mail dovecot: > >> pop3-login: Login: user=, method=PLAIN, > >> rip=64.88.168.84, lip=83.170.65.xxx, TLS Sep 12 00:07:53 mail > >> dovecot: POP3(user at domain.com): Disconnected: Logged out top=0/0, > >> retr=0/0, del=0/183, size=14025971 > >> > >> > >> > If you're using the default pop3_uidl_format it'll rely on IMAP > >> UIDs > >> > to stay the same, and I guess it's possible that due to some > other > >> > problem they change (that should be logged as an error/warning > >> > though). > >> > > >> > You could try setting pop3_uidl_format=%f, but it will cause > >> everyone > >> > to redownload mails. With newer Dovecot versions you could set > >> > pop3_save_uidl=yes and when you think everyone's downloaded > mails > >> once > >> > you can safely change the pop3_uidl_format. > >> > >> Sorry, I'm very new to dovecot and I'm not sure I understand. I > >> presume because neither of those keys are in the dovecot -n output > >> that they are as the defaults, yes? The account is indeed > accessed > >> by IMAP as well (from a mobile device mostly), but I don't see > >> anything fishy there either. How could I see if the IMAP UIDs > have > >> changed? > >> > >> Sep 11 21:20:32 mail dovecot: IMAP(user at domain.com): Connection > >> closed bytes=1095/8292 > >> > >> Sep 11 21:26:03 mail dovecot: imap-login: Login: > >> user=, method=PLAIN, rip=174.252.83.244, > >> lip=83.170.65.xxx, TLS Sep 11 22:11:20 mail dovecot: > >> IMAP(user at domain.com): Disconnected for inactivity bytes=725/5638 > Sep > >> 11 22:17:10 mail dovecot: imap-login: Login: > user=, > >> method=PLAIN, rip=174.252.83.244, lip=83.170.65.xxx, TLS Sep 11 > >> 23:12:06 mail dovecot: IMAP(user at domain.com): Disconnected for > >> inactivity bytes=1471/11025 Sep 11 23:23:22 mail dovecot: imap- > login: > >> Login: user=, method=PLAIN, rip=174.252.83.244, > >> lip=83.170.65.xxx, TLS Sep 11 23:52:52 mail dovecot: > >> IMAP(user at domain.com): Connection closed bytes=1841/13679 Sep 12 > >> 00:08:47 mail dovecot: imap-login: Login: user=, > >> method=PLAIN, rip=174.252.83.244, lip=83.170.65.xxx, TLS Sep 12 > >> 01:19:05 mail dovecot: imap-login: Login: user=, > >> method=PLAIN, rip=174.252.83.244, lip=83.170.65.xxx, TLS Sep 12 > >> 02:57:01 mail dovecot: IMAP(user at domain.com): Connection closed > >> bytes=2713/60026 Sep 12 02:57:01 mail dovecot: > IMAP(user at domain.com): > >> Connection closed bytes=2688/18635 > >> > >> > >> There are no errors or warnings in the mail log (I have one shared > >> log file for postfix, amavis and dovecot). Reading the notes for > >> pop3_save_uidl it doesn't seem to be a dangerous option - should > I > >> turn that on? Why will it force everyone to redownload mails > >> (there's nothing about it on the wiki)? > >> > >> Thanks! > >> > >> Simon > > > > Any help would be appreciated. > > What do you mean by "repopped"? You mean downloading the entire data > of the messages from the POP3 server? This is expected behavior when > using a stateless (e.g. webmail) client. Kind of the whole reason > you don't use POP3 in the first place. Michael - I use a spam filtering service, that uses Horde as the web-front end. Essentially, it pops all my mail accounts (that allow popping) one of which is the one I control and is now running Dovecot - though was previously running Courier. Until now, mails that the service has popped once have never been repopped. That is, I assume that when Horde does a RETR on the account it knows what it has already popped and what it new and only retrieves the new mails. Right now though, it's redownloaded them all 5 or 6 times in 4 weeks. I don't think this is a Horde issue (since that hasn't changed), which is why I didn't post there. Horde continues to be a fantastic project. >From my limited knowledge (meaning I didn't understand the rest of your mail :) I suspect that Dovecot is doing something with the IDs that Courier wasn't doing and that's causing Horde to see those old mails as new every now and again. Simon > Although caching can help. e.g., Here's what the first connection to > the server looks like (this is using IMP 5 on a mailstore with 82 > messages): > > S (1315951197.4976): +OK Dovecot ready. > C (1315951197.513): [AUTH PLAIN Command - username: slusarz] S > (1315951197.5319): +OK Logged in. > C (1315951197.5325): STAT > S (1315951197.5328): +OK 82 482351 > C (1315951197.5348): UIDL > S (1315951197.5354): +OK > S (1315951197.5354): 1 000000014935d409 > S (1315951197.5354): 2 000000024935d409 > S (1315951197.5354): 3 000000114935d409 > [...] > S (1315951197.5363): 82 000000824935d409 S (1315951197.5363): . > C (1315951197.9582): TOP 1 0 > S (1315951198.0411): From user at domain.com Thu Jun 22 11:16:26 2006 > [...] S (1315951198.0416): . > [...] > C (1315951199.0607): LIST > S (1315951199.061): +OK 82 messages: > S (1315951199.061): 1 118630 > [...] > S (1315951199.0619): . > > We need to grab all headers so we can build the envelope information > (needed to produce the mailbox listing). And the LIST command grabs > the size information (also used in the mailbox listing). > > But remember that the full headers will need to be redownloaded > *EVERY* time you reload the page unless some sort of caching is > enabled in the client. That's just the nature of POP3. (IMAP has > the same sort of issues - if the stateless client does not cache, the > envelope information must be downloaded on every access. However, > with IMAP, the network traffic is reduced - you can download only the > needed information, not all header text - and IMAP servers have the > ability to cache this information behind the scenes due to the > abstraction of the API.). > > This is where caching is pretty much essential on the webmail side. > If caching is enabled, the best-case scenario is that the the webmail > server only needs to grab the list of UIDLs on every POP3 server > access going forward - if the UIDL list has not changed, we know the > mailbox hasn't changed and the cached information is still valid. > (CONDSTORE/QRESYNC extensions for IMAP make this synchronization > check even more efficient in IMAP) > > michael From tss at iki.fi Wed Sep 14 17:26:44 2011 From: tss at iki.fi (Timo Sirainen) Date: Wed, 14 Sep 2011 17:26:44 +0300 Subject: [Dovecot] Shredding instead of deleting In-Reply-To: <4E70B707.4060200@lists.grepular.com> References: <4E70B022.3050502@lists.grepular.com> <30659D1F-80F3-40D5-A239-38D2BE963243@iki.fi> <4E70B707.4060200@lists.grepular.com> Message-ID: <25487043-CBC6-43AA-990B-1D15A1E30E8C@iki.fi> On 14.9.2011, at 17.15, dovecot at lists.grepular.com wrote: > On 14/09/11 15:06, Timo Sirainen wrote: > >>> I have a wishlist item. Is there an appropriate place for me to post it? >>> Basically, I would like to know that my email isn't recoverable from the >>> local disk on the mail server after I delete it. So instead of just >>> deleting the file from my Maildir, I'd like the option to exist for >>> Dovecot to shred it.. Ie, overwrite the file with random data and/or >>> null bytes before deletion. In the same way that GNU shred behaves: >> >> Well, the choices are: .. > Is there no general wishlist area for Dovecot then? There's my internal TODO list distributed with source code :) > I didn't necessarily > expect the functionality to be packaged with Dovecot, but thought that > somebody might pick up the idea and write a plugin for it if it was > written down somewhere. I guess some wishlist page could be added to wiki, but I don't know if it would be all that useful. Few people want to code features they don't want themselves, and things I want to add are already being added to my own TODO list. > From a privacy/security perspective, making sure > deleted email isn't recoverable does have real value for some people. I > did consider FUSE. I might tackle that one myself. I don't really have > the expertise to modify Dovecot it's self though. The LD_PRELOAD way would be simple. Probably 10-20 lines of C code for something that would replace unlink()s to mail files with fork+exec to /usr/bin/shred. From dovecot at lists.grepular.com Wed Sep 14 17:27:06 2011 From: dovecot at lists.grepular.com (dovecot at lists.grepular.com) Date: Wed, 14 Sep 2011 15:27:06 +0100 Subject: [Dovecot] Shredding instead of deleting In-Reply-To: References: <4E70B022.3050502@lists.grepular.com> <30659D1F-80F3-40D5-A239-38D2BE963243@iki.fi> <4E70B707.4060200@lists.grepular.com> Message-ID: <4E70B9BA.9020303@lists.grepular.com> On 14/09/11 15:19, Steve Thompson wrote: >> From a privacy/security perspective, making sure deleted email isn't >> recoverable does have real value for some people. > > What would you do about backups? I realise that there are lots of other areas where an email can be leaked. It only makes sense to address how Dovecot behaves on this list though. I also need to address this for my MTA's mail spool and client caches. I will address your backup question, but I'd prefer if people don't expand on this. I currently use some open source software called Duplicity, which allows me to perform incremental, gnupg encrypted backups. Also, all of my incoming email is automatically encrypted with my public GnuPG key as described here: https://grepular.com/Automatically_Encrypting_all_Incoming_Email Even though it is encrypted, I'd like the mail to be shredded on delete because the message headers are stored in plain text, even if the message bodies are encrypted. -- Mike Cardwell https://grepular.com/ https://twitter.com/mickeyc Professional http://cardwellit.com/ http://linkedin.com/in/mikecardwell PGP.mit.edu 0018461F/35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 455 bytes Desc: OpenPGP digital signature URL: From dovecot at lists.grepular.com Wed Sep 14 18:05:18 2011 From: dovecot at lists.grepular.com (dovecot at lists.grepular.com) Date: Wed, 14 Sep 2011 16:05:18 +0100 Subject: [Dovecot] Shredding instead of deleting In-Reply-To: <25487043-CBC6-43AA-990B-1D15A1E30E8C@iki.fi> References: <4E70B022.3050502@lists.grepular.com> <30659D1F-80F3-40D5-A239-38D2BE963243@iki.fi> <4E70B707.4060200@lists.grepular.com> <25487043-CBC6-43AA-990B-1D15A1E30E8C@iki.fi> Message-ID: <4E70C2AE.10900@lists.grepular.com> On 14/09/11 15:26, Timo Sirainen wrote: >> From a privacy/security perspective, making sure >> deleted email isn't recoverable does have real value for some people. I >> did consider FUSE. I might tackle that one myself. I don't really have >> the expertise to modify Dovecot it's self though. > > The LD_PRELOAD way would be simple. Probably 10-20 lines of C code for something that would replace unlink()s to mail files with fork+exec to /usr/bin/shred. Simple for somebody who can code in C you mean :) -- Mike Cardwell https://grepular.com/ https://twitter.com/mickeyc Professional http://cardwellit.com/ http://linkedin.com/in/mikecardwell PGP.mit.edu 0018461F/35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 455 bytes Desc: OpenPGP digital signature URL: From tss at iki.fi Wed Sep 14 18:19:06 2011 From: tss at iki.fi (Timo Sirainen) Date: Wed, 14 Sep 2011 18:19:06 +0300 Subject: [Dovecot] Shredding instead of deleting In-Reply-To: <4E70C2AE.10900@lists.grepular.com> References: <4E70B022.3050502@lists.grepular.com> <30659D1F-80F3-40D5-A239-38D2BE963243@iki.fi> <4E70B707.4060200@lists.grepular.com> <25487043-CBC6-43AA-990B-1D15A1E30E8C@iki.fi> <4E70C2AE.10900@lists.grepular.com> Message-ID: <35E08247-C7CB-47EE-936D-127DFE68CC02@iki.fi> On 14.9.2011, at 18.05, dovecot at lists.grepular.com wrote: >> The LD_PRELOAD way would be simple. Probably 10-20 lines of C code for something that would replace unlink()s to mail files with fork+exec to /usr/bin/shred. > > Simple for somebody who can code in C you mean :) I have no idea if this works (or even compiles), it's based on a web page I found: #define _GNU_SOURCE #include #include #include int unlink(const char *path) { static int (*libc_unlink)(const char *) = NULL; char *args[3]; int status; if (libc_unlink == NULL) *(void **)(&libc_unlink) = dlsym(RTLD_NEXT, "unlink"); if (strstr(path, "Maildir/") != NULL) { args[0] = "/usr/bin/shred"; args[1] = path; args[2] = NULL; switch (fork()) { case -1: return -1; case 0: execve(args[0], args); exit(99); default: if (wait(&status) < 0) return -1; } if (WIFEXITED(status) && WEXITSTATUS(status) == 0) return 0; errno = ENOENT; /* not really correct, should maybe check it properly */ return -1; } else { libc_unlink(path); } } From dovecot at lists.grepular.com Wed Sep 14 18:23:00 2011 From: dovecot at lists.grepular.com (dovecot at lists.grepular.com) Date: Wed, 14 Sep 2011 16:23:00 +0100 Subject: [Dovecot] Shredding instead of deleting In-Reply-To: <35E08247-C7CB-47EE-936D-127DFE68CC02@iki.fi> References: <4E70B022.3050502@lists.grepular.com> <30659D1F-80F3-40D5-A239-38D2BE963243@iki.fi> <4E70B707.4060200@lists.grepular.com> <25487043-CBC6-43AA-990B-1D15A1E30E8C@iki.fi> <4E70C2AE.10900@lists.grepular.com> <35E08247-C7CB-47EE-936D-127DFE68CC02@iki.fi> Message-ID: <4E70C6D4.5090605@lists.grepular.com> On 14/09/11 16:19, Timo Sirainen wrote: >>> The LD_PRELOAD way would be simple. Probably 10-20 lines of C code for something that would replace unlink()s to mail files with fork+exec to /usr/bin/shred. >> >> Simple for somebody who can code in C you mean :) > > I have no idea if this works (or even compiles), it's based on a web page I found: Thanks. That gives me an excellent starting point. I'll have a play with this code next week when I have some free time. -- Mike Cardwell https://grepular.com/ https://twitter.com/mickeyc Professional http://cardwellit.com/ http://linkedin.com/in/mikecardwell PGP.mit.edu 0018461F/35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 455 bytes Desc: OpenPGP digital signature URL: From asai at globalchangemusic.org Wed Sep 14 19:04:57 2011 From: asai at globalchangemusic.org (Asai) Date: Wed, 14 Sep 2011 09:04:57 -0700 Subject: [Dovecot] Dsync Permissions Issue Message-ID: <4E70D0A9.8060604@globalchangemusic.org> Greetings, I recently upgraded Dovecot from 1.2 to 2.0.14, for purposes of using Dsync to migrate emails from one server to another. I'm using MySQL for authentication. However I get this error message when I try to run Dsync, and after looking around for an answer, I'm at a bit of a loss: [root at triata ~]# dsync -v -u asai at globalchangemusic.org backup ssh -p22222 vmail at xx.xxx.xx.xxx dsync -u asai at globalchangemusic.org vmail at xx.xxx.xx.xxx's password: dsync(vmail): Error: userdb lookup: connect(/var/run/dovecot/auth-userdb) failed: Permission denied (euid=1001(vmail) egid=1001(vmail) missing +r perm: /var/run/dovecot/auth-userdb, euid is not dir owner) dsync(vmail): Fatal: User lookup failed: Internal error occurred. Refer to server log for more information. dsync-local(asai at globalchangemusic.org): Error: read() from worker server failed: EOF Config as follows: [root at triata ~]# doveconf -n # 2.0.14: /etc/dovecot/dovecot.conf # OS: Linux 2.6.18-92.1.10.el5.xs5.0.0.39xen x86_64 CentOS release 5 (Final) ext3 auth_mechanisms = plain login mail_home = /vmail/%d/%n/home mail_location = maildir:/vmail/%d/%n managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date namespace { inbox = yes location = prefix = separator = / type = private } passdb { args = /etc/dovecot-mysql.conf driver = sql } plugin { sieve = /vmail/%d/%n/sievescript } service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } unix_listener auth-master { group = vmail mode = 0660 user = vmail } unix_listener auth-userdb { group = vmail mode = 0666 user = vmail } user = root } ssl_cert = The dovecot lda panics with "Trying to sync mailbox INBOX with open transactions" if a user has no sieve script defined. Debugging shows: Sep 14 19:49:26 server dovecot: [ID 583609 local0.debug] lda(userxx): Debug: sieve: user's script path /home/grp/userxx/.dovecot.sieve doesn't exist (using global script path in stead) Sep 14 19:49:26 server dovecot: [ID 583609 local0.debug] lda(userxx): Debug: sieve: user has no valid personal script Sep 14 19:49:26 server dovecot: [ID 583609 local0.debug] lda(userxx): Debug: sieve: no scripts to execute: reverting to default delivery. Sep 14 19:49:26 server dovecot: [ID 583609 local0.crit] lda(userxx): Panic: Trying to sync mailbox INBOX with open transactions Sep 14 19:49:26 server dovecot: [ID 583609 local0.error] lda(userxx): Error: Raw backtrace: 0xff1cc2ac -> 0xff1cbb70 -> 0xff2a6474 -> 0xff2a668c -> 0xff2fa444 -> 0xff2a63c8 -> 0xff2668ec -> 0xff266f74 -> 0xff26741c -> 0x12720 -> 0x11948 I then did create an empty sieve script file with touch /home/grp/userxx/.dovecot.sieve and after that lda worked: Sep 14 19:50:55 server dovecot: [ID 583609 local0.debug] lda(userxx): Debug: sieve: using sieve path for user's script: /home/grp/userxx/.dovecot.sieve Sep 14 19:50:55 server dovecot: [ID 583609 local0.debug] lda(userxx): Debug: sieve: opening script /home/grp/userxx/.dovecot.sieve Sep 14 19:50:55 server dovecot: [ID 583609 local0.debug] lda(userxx): Debug: sieve: script /home/grp/userxx/.dovecot.sieve successfully compiled Sep 14 19:50:55 server dovecot: [ID 583609 local0.debug] lda(userxx): Debug: sieve: executing script from /home/grp/userxx/.dovecot.sieve Sep 14 19:50:56 server dovecot: [ID 583609 local0.info] lda(userxx): save: box=INBOX, uid=6, msgid=<201109141750.p8EHotbE015854 at server.hrz.uni-giessen.de>, size=1035 Sep 14 19:50:56 server dovecot: [ID 583609 local0.debug] lda(userxx): Debug: box=/var/mail/userxx mount=/var/mail match=yes Sep 14 19:50:56 server dovecot: [ID 583609 local0.info] lda(userxx): sieve: msgid=<201109141750.p8EHotbE015854 at server.hrz.uni-giessen.de>: stored mail into mailbox 'INBOX' I think the lda worked in previous releases without a sieve script file in the users home directory. dovecot -n output is: # 2.0.14: /opt/local/etc/dovecot/dovecot.conf # OS: SunOS 5.10 sun4v auth_debug = yes auth_debug_passwords = yes auth_verbose = yes disable_plaintext_auth = no listen = server.hrz.uni-giessen.de localhost mail_debug = yes mail_fsync = always mail_location = mbox:~/Mail:INBOX=/var/mail/%u mail_nfs_index = yes mail_nfs_storage = yes mail_plugins = mail_log notify quota mail_privileged_group = mail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mmap_disable = yes namespace { inbox = yes location = prefix = separator = / type = private } namespace { hidden = yes list = no location = prefix = Mail/ separator = / subscriptions = yes type = private } passdb { driver = pam } passdb { args = /opt/local/etc/dovecot/dovecot-ldap.conf.ext driver = ldap } plugin { autocreate = Trash autocreate2 = caughtspam autocreate3 = Sent autosubscribe = Trash autosubscribe2 = caughtspam autosubscribe3 = Sent mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename mail_log_fields = uid box msgid size quota = fs:Home-Verzeichnis:noenforcing quota2 = fs:INBOX:noenforcing:mount=/var/mail sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } postmaster_address = postmaster at hrz.uni-giessen.de protocols = imap pop3 lmtp sieve sendmail_path = /usr/lib/sendmail service auth { client_limit = 11120 } service imap-login { process_min_avail = 16 service_count = 0 vsz_limit = 640 M } service imap { process_limit = 4096 vsz_limit = 1 G } ssl_cert = Hi I'm a little confused as there are two repos for the dovecot-antispam plugin. Eugene's hg repo is explicitly labeled "for Dovecot 2", but the Johannes' git repo has commits later in date: hg: http://wiki2.dovecot.org/Plugins/Antispam git: http://git.sipsolutions.net/?p=dovecot-antispam.git I guess the unrelease hg code ist the one for Dovecot 2, but what is Eugene's 1.4 code for? Thanks! From compconsultant at yahoo.com Wed Sep 14 22:53:34 2011 From: compconsultant at yahoo.com (Steve Fatula) Date: Wed, 14 Sep 2011 12:53:34 -0700 (PDT) Subject: [Dovecot] Which dovecot-antispam with dovecot 2? In-Reply-To: References: Message-ID: <1316030014.84244.YahooMailNeo@web39424.mail.mud.yahoo.com> ----- Original Message ----- > From: Svoop > To: dovecot at dovecot.org > Cc: > Sent: Wednesday, September 14, 2011 2:06 PM > Subject: [Dovecot] Which dovecot-antispam with dovecot 2? > > Hi > > I'm a little confused as there are two repos for the dovecot-antispam > plugin. > Eugene's hg repo is explicitly labeled "for Dovecot 2", but the > Johannes' git > repo has commits later in date: > > hg:? http://wiki2.dovecot.org/Plugins/Antispam > git: http://git.sipsolutions.net/?p=dovecot-antispam.git > > I guess the unrelease hg code ist the one for Dovecot 2, but what is > Eugene's > 1.4 code for? Yes, the HG code works fine with Dovecot 2, am using it. The Berg site is for Dovecot 1. Dovecot 1 is in use in many distributions like Centos 5, etc. So, it still needs updates. From micah at riseup.net Thu Sep 15 06:17:50 2011 From: micah at riseup.net (Micah Anderson) Date: Wed, 14 Sep 2011 23:17:50 -0400 Subject: [Dovecot] movming mail out of alt storage Message-ID: <87sjnya3z5.fsf@algae.riseup.net> I moved some mail into the alt storage: doveadm altmove -u johnd at example.com seen savedbefore 1w and now I want to move it back to the regular INBOX, but I can't see how I can do that with either 'altmove' or 'mailbox move'. thanks! micah -- -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 835 bytes Desc: not available URL: From kjonca at o2.pl Thu Sep 15 09:48:55 2011 From: kjonca at o2.pl (Kamil =?iso-8859-2?Q?Jo=F1ca?=) Date: Thu, 15 Sep 2011 08:48:55 +0200 Subject: [Dovecot] compressed mboxes very slow References: <87iptnoans.fsf@alfa.kjonca> <1305041104.10421.131.camel@hurina> <87ipti8ffk.fsf@alfa.kjonca> <9DE1215A-F41F-4397-B24B-2282E54F523D@iki.fi> Message-ID: <877h5axpuw.fsf@alfa.kjonca> Timo Sirainen writes: > On 10.5.2011, at 23.32, Kamil Jo?ca wrote: > >> Timo Sirainen writes: >> >>> Here are some fixes: >>> >>> http://hg.dovecot.org/dovecot-2.0/rev/15a0687ec9d0 >>> http://hg.dovecot.org/dovecot-2.0/rev/66ec075a49d3 >> >> Hard to say, but I can't see any significant improvement after applying >> them :| > > Get strace -tt output of such slowness and send them to me. Some time ago I complained about very slow mbox. In the meantime I have no time to check it. But recently I have to use them (compressed mboxes) again. And no progress :( Under http://strony.aster.pl/kjonca/mbox.log.gz (WARN: ~170MB) is file with output of strace -tt when dovecot try to open rather huge bzipped mbox. And it took about four hours. Second open is a lot faster (about minute), but sometimes message fetching take about 30-60s KJ -- http://modnebzdury.wordpress.com/2009/10/01/niewiarygodny-list-prof-majewskiej-wprowadzenie/ Zanim wlaczysz komputer, zastanow sie: Czy jestes absolutnie pewien(na), ze nie jest podlaczany do wyrzutni rakiet? From tss at iki.fi Thu Sep 15 11:13:28 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 15 Sep 2011 11:13:28 +0300 Subject: [Dovecot] imapc vs auth-userdb security In-Reply-To: References: <346DECBE-B7F8-40A2-9485-EFF3B547C8ED@iki.fi> Message-ID: <1316074408.12936.1.camel@hurina> On Wed, 2011-09-14 at 13:57 +0200, Lutz Pre?ler wrote: > On Mi, 14 Sep 2011, Timo Sirainen wrote: > > > On 14.9.2011, at 14.40, Lutz Pre?ler wrote: > > > > > with imapc settings coming from userdb (individual configuration necessary) > > > there exists a security problem if access to auth-userdb socket is given > > > to normal (shell) users: > > > > So don't give it to them? :) Actually this should be pretty much solved with v2.1 defaults. If the auth-userdb socket is 0666 root:root (default now), it requires that the calling process either has root user/group privileges or its uid matches the one returned by userdb, otherwise it won't return any fields. > I had to change that because of shared mailboxes and usage of %%h. > Maybe one could return only home if uid does not match? Well, you could also solve it by making it 0660 with group=dovecot and then set mail_access_groups=dovecot. From tss at iki.fi Thu Sep 15 11:19:40 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 15 Sep 2011 11:19:40 +0300 Subject: [Dovecot] Maildir "locking" In-Reply-To: <4E7090B9.1000103@fsn.hu> References: <4E7090B9.1000103@fsn.hu> Message-ID: <1316074780.12936.5.camel@hurina> On Wed, 2011-09-14 at 13:32 +0200, Attila Nagy wrote: > Hello, > > I'm looking for the alternative of qmail's chmod -t (sticky bit on the > maildir root) for Dovecot. What I'm trying to achieve with this lock: > - Dovecot lmtp should give back a temporary error (so the email will be > deferred and re-delivered later) > - all other Dovecot daemons (pop, imap) should work as usual, but should > not alter maildir contents (they can modify their own files, like > indexes, logs etc) > > What is the best way to do this? If there is no such thing currently, > would it be hard to implement the sticky bit checking on the root? dovecot-uidlist.lock basically does this. Dovecot comes with maildirlock utility to properly create it. How long would your locks be? They are assumed stale after 2 minutes if you don't update the mtime. Readers will block and if they're still locked after 2 minutes they'll abort (if mtime has been changed). There's also mail_max_lock_timeout setting that changes this wait (you could e.g. lower it only with lmtp). From bra at fsn.hu Thu Sep 15 11:25:43 2011 From: bra at fsn.hu (Attila Nagy) Date: Thu, 15 Sep 2011 10:25:43 +0200 Subject: [Dovecot] Maildir "locking" In-Reply-To: <1316074780.12936.5.camel@hurina> References: <4E7090B9.1000103@fsn.hu> <1316074780.12936.5.camel@hurina> Message-ID: <4E71B687.10005@fsn.hu> On 09/15/11 10:19, Timo Sirainen wrote: > On Wed, 2011-09-14 at 13:32 +0200, Attila Nagy wrote: >> Hello, >> >> I'm looking for the alternative of qmail's chmod -t (sticky bit on the >> maildir root) for Dovecot. What I'm trying to achieve with this lock: >> - Dovecot lmtp should give back a temporary error (so the email will be >> deferred and re-delivered later) >> - all other Dovecot daemons (pop, imap) should work as usual, but should >> not alter maildir contents (they can modify their own files, like >> indexes, logs etc) >> >> What is the best way to do this? If there is no such thing currently, >> would it be hard to implement the sticky bit checking on the root? > dovecot-uidlist.lock basically does this. Dovecot comes with maildirlock > utility to properly create it. How long would your locks be? They are > assumed stale after 2 minutes if you don't update the mtime. Readers > will block and if they're still locked after 2 minutes they'll abort (if > mtime has been changed). There's also mail_max_lock_timeout setting that > changes this wait (you could e.g. lower it only with lmtp). > Well, basically "forever" in the sense that I would like to move the mailbox to a different machine, so if lmtp waits for the lock to disappear and that happens when the mailbox is deleted, and it will do the delivery, it's a bad thing. Before Dovecot, we've had the following process of mailbox moving: - set the sticky bit on the maildir, so qmail won't deliver into it (will give back 4XX) - start to sync/copy the mailbox to the other machine - if it's over, remove the directory on the source machine So what I'm looking for is a lock method, which makes the mailbox read only, so every modification should "soft" fail (no 500 errors on lmtp). What would be the best for this (moving mailboxes between machines)? BTW, the process can be time consuming, even tens of minutes (lots of mails). From tss at iki.fi Thu Sep 15 11:39:22 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 15 Sep 2011 11:39:22 +0300 Subject: [Dovecot] Maildir "locking" In-Reply-To: <4E71B687.10005@fsn.hu> References: <4E7090B9.1000103@fsn.hu> <1316074780.12936.5.camel@hurina> <4E71B687.10005@fsn.hu> Message-ID: <1316075963.12936.14.camel@hurina> On Thu, 2011-09-15 at 10:25 +0200, Attila Nagy wrote: > >> What is the best way to do this? If there is no such thing currently, > >> would it be hard to implement the sticky bit checking on the root? > > dovecot-uidlist.lock basically does this. Dovecot comes with maildirlock > > utility to properly create it. How long would your locks be? They are > > assumed stale after 2 minutes if you don't update the mtime. Readers > > will block and if they're still locked after 2 minutes they'll abort (if > > mtime has been changed). There's also mail_max_lock_timeout setting that > > changes this wait (you could e.g. lower it only with lmtp). > > > Well, basically "forever" in the sense that I would like to move the > mailbox to a different machine, So you have a proxy that decides what backend server the connections are redirected to? How about you do it completely without locking with dsync? Moving between servers works basically the same as converting a mailbox format, with the difference of "changing mail_location" you "change backend server". http://wiki2.dovecot.org/Tools/Dsync#example_converting From tss at iki.fi Thu Sep 15 11:58:53 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 15 Sep 2011 11:58:53 +0300 Subject: [Dovecot] movming mail out of alt storage In-Reply-To: <87sjnya3z5.fsf@algae.riseup.net> References: <87sjnya3z5.fsf@algae.riseup.net> Message-ID: <1316077133.12936.18.camel@hurina> On Wed, 2011-09-14 at 23:17 -0400, Micah Anderson wrote: > I moved some mail into the alt storage: > > doveadm altmove -u johnd at example.com seen savedbefore 1w > > and now I want to move it back to the regular INBOX, but I can't see how > I can do that with either 'altmove' or 'mailbox move'. Is this sdbox or mdbox? With sdbox you could simply "mv" the files. Or apply patch: http://hg.dovecot.org/dovecot-2.0/rev/1910c76a6cc9 From stephan at rename-it.nl Thu Sep 15 12:29:23 2011 From: stephan at rename-it.nl (Stephan Bosch) Date: Thu, 15 Sep 2011 11:29:23 +0200 Subject: [Dovecot] Sieve envelope :detail "to" "extention" does not deliver to fileinto destination In-Reply-To: <20110912171448.GB320@none.at> References: <20110912171448.GB320@none.at> Message-ID: <4E71C573.2040407@rename-it.nl> Op 12-9-2011 19:14, Aleksandar Lazic schreef: > Is there a 'log' or 'print' command in the sieve filter or how can I > write a message to the log file? With the latest Pigeonhole (0.2.4), you can use the vnd.dovecot.debug extension (which is not available by default and therefore needs to be added to sieve_extensions), e.g. === require "vnd.dovecot.debug"; require "envelope"; require "variables"; if envelope :matches "to" "*" { debug_log "envelope to `${1}'"; } === A message should be logged to the user's personal log file (typically ~/.dovecot.sieve.log), e.g: === sieve: info: started log at Sep 15 11:27:26. main_script: line 6: info: DEBUG: envelope to = `user at example.com'. info: msgid=3453453534r42 at example.com: stored mail into mailbox 'INBOX'. === Regards, Stephan. From tss at iki.fi Thu Sep 15 12:34:33 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 15 Sep 2011 12:34:33 +0300 Subject: [Dovecot] LDA panics without sieve script In-Reply-To: <20110914212225.20430xx3alpgxomo@webmail.hrz.uni-giessen.de> References: <20110914212225.20430xx3alpgxomo@webmail.hrz.uni-giessen.de> Message-ID: <1316079275.12936.21.camel@hurina> On Wed, 2011-09-14 at 21:22 +0200, J?rgen Obermann wrote: > The dovecot lda panics with "Trying to sync mailbox INBOX with open > transactions" if a user has no sieve script defined. Debugging shows: Fixed: http://hg.dovecot.org/dovecot-2.0/rev/0264ac68c770 From bra at fsn.hu Thu Sep 15 12:37:12 2011 From: bra at fsn.hu (Attila Nagy) Date: Thu, 15 Sep 2011 11:37:12 +0200 Subject: [Dovecot] Maildir "locking" In-Reply-To: <1316075963.12936.14.camel@hurina> References: <4E7090B9.1000103@fsn.hu> <1316074780.12936.5.camel@hurina> <4E71B687.10005@fsn.hu> <1316075963.12936.14.camel@hurina> Message-ID: <4E71C748.1080004@fsn.hu> On 09/15/11 10:39, Timo Sirainen wrote: > On Thu, 2011-09-15 at 10:25 +0200, Attila Nagy wrote: >>>> What is the best way to do this? If there is no such thing currently, >>>> would it be hard to implement the sticky bit checking on the root? >>> dovecot-uidlist.lock basically does this. Dovecot comes with maildirlock >>> utility to properly create it. How long would your locks be? They are >>> assumed stale after 2 minutes if you don't update the mtime. Readers >>> will block and if they're still locked after 2 minutes they'll abort (if >>> mtime has been changed). There's also mail_max_lock_timeout setting that >>> changes this wait (you could e.g. lower it only with lmtp). >>> >> Well, basically "forever" in the sense that I would like to move the >> mailbox to a different machine, > So you have a proxy that decides what backend server the connections are > redirected to? How about you do it completely without locking with > dsync? Moving between servers works basically the same as converting a > mailbox format, with the difference of "changing mail_location" you > "change backend server". > http://wiki2.dovecot.org/Tools/Dsync#example_converting > Yes, there is a proxy in front of the servers. Is dsync usable with 3rd party maildir programs? (not only Dovecot uses these mailboxes) From tss at iki.fi Thu Sep 15 12:43:56 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 15 Sep 2011 12:43:56 +0300 Subject: [Dovecot] Maildir "locking" In-Reply-To: <4E71C748.1080004@fsn.hu> References: <4E7090B9.1000103@fsn.hu> <1316074780.12936.5.camel@hurina> <4E71B687.10005@fsn.hu> <1316075963.12936.14.camel@hurina> <4E71C748.1080004@fsn.hu> Message-ID: <1316079836.12936.26.camel@hurina> On Thu, 2011-09-15 at 11:37 +0200, Attila Nagy wrote: > > So you have a proxy that decides what backend server the connections are > > redirected to? How about you do it completely without locking with > > dsync? Moving between servers works basically the same as converting a > > mailbox format, with the difference of "changing mail_location" you > > "change backend server". > > http://wiki2.dovecot.org/Tools/Dsync#example_converting > > > Yes, there is a proxy in front of the servers. Is dsync usable with 3rd > party maildir programs? (not only Dovecot uses these mailboxes) The problems with 3rd party maildir programs come if during the move they: - Expunge last message(s) from mailbox. (dsync can't know if it should add or expunge them, so it plays it safe and adds them back) - Delete a mailbox. (dsync can't know if it should add or delete it, so again it just adds it back.) - Remove subscriptions. (again pretty much the same reason.) It's probably quite unlikely that they do any of this during the move. You could even reduce the window by doing: 1. dsync backup 2. dsync backup 3. switch to new server 4. kill all existing connections 5. dsync mirror The 3-5 steps probably take only a few seconds. The "dsync backup" then guarantees that the destination server will look exactly like the source server. ("dsync mirror" is used in step 5, because between steps 3-4 either server can get changes.) From bra at fsn.hu Thu Sep 15 12:46:42 2011 From: bra at fsn.hu (Attila Nagy) Date: Thu, 15 Sep 2011 11:46:42 +0200 Subject: [Dovecot] Maildir "locking" In-Reply-To: <1316079836.12936.26.camel@hurina> References: <4E7090B9.1000103@fsn.hu> <1316074780.12936.5.camel@hurina> <4E71B687.10005@fsn.hu> <1316075963.12936.14.camel@hurina> <4E71C748.1080004@fsn.hu> <1316079836.12936.26.camel@hurina> Message-ID: <4E71C982.8080503@fsn.hu> On 09/15/11 11:43, Timo Sirainen wrote: > On Thu, 2011-09-15 at 11:37 +0200, Attila Nagy wrote: >>> So you have a proxy that decides what backend server the connections are >>> redirected to? How about you do it completely without locking with >>> dsync? Moving between servers works basically the same as converting a >>> mailbox format, with the difference of "changing mail_location" you >>> "change backend server". >>> http://wiki2.dovecot.org/Tools/Dsync#example_converting >>> >> Yes, there is a proxy in front of the servers. Is dsync usable with 3rd >> party maildir programs? (not only Dovecot uses these mailboxes) > The problems with 3rd party maildir programs come if during the move > they: > > - Expunge last message(s) from mailbox. (dsync can't know if it should > add or expunge them, so it plays it safe and adds them back) > > - Delete a mailbox. (dsync can't know if it should add or delete it, so > again it just adds it back.) > > - Remove subscriptions. (again pretty much the same reason.) > > It's probably quite unlikely that they do any of this during the move. > You could even reduce the window by doing: > > 1. dsync backup > 2. dsync backup > 3. switch to new server > 4. kill all existing connections > 5. dsync mirror > > The 3-5 steps probably take only a few seconds. The "dsync backup" then > guarantees that the destination server will look exactly like the source > server. ("dsync mirror" is used in step 5, because between steps 3-4 > either server can get changes.) > OK, thanks for the info, I will try it out. From Juergen.Obermann at hrz.uni-giessen.de Thu Sep 15 12:58:31 2011 From: Juergen.Obermann at hrz.uni-giessen.de (g033) Date: Thu, 15 Sep 2011 11:58:31 +0200 Subject: [Dovecot] LDA panics without sieve script In-Reply-To: <1316079275.12936.21.camel@hurina> References: <20110914212225.20430xx3alpgxomo@webmail.hrz.uni-giessen.de> <1316079275.12936.21.camel@hurina> Message-ID: <52d414697945a8554a6e4a598950d126@imapproxy.hrz> On Thu, 15 Sep 2011 12:34:33 +0300, Timo Sirainen wrote: > On Wed, 2011-09-14 at 21:22 +0200, J?rgen Obermann wrote: > >> The dovecot lda panics with "Trying to sync mailbox INBOX with open >> transactions" if a user has no sieve script defined. Debugging >> shows: > > Fixed: http://hg.dovecot.org/dovecot-2.0/rev/0264ac68c770 [1] Thank you, with this fix lda works now! J?rgen Obermann From Lutz.Pressler at SerNet.DE Thu Sep 15 13:46:41 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Thu, 15 Sep 2011 12:46:41 +0200 Subject: [Dovecot] sharing of non-INBOX namespaces? Re: imapc and imap_acl In-Reply-To: <20110913164631.GA1874905@gabi.sernet.de> References: <57674CC7-1F64-4131-98C6-45CF8B54F23B@iki.fi> <20110913164631.GA1874905@gabi.sernet.de> Message-ID: Hi, On Tue, 13 Sep 2011, Lutz Pre?ler wrote: > On Di, 13 Sep 2011, Timo Sirainen wrote: > > You mean you'd want local ACLs that apply to imapc mailboxes? > Yes, exactly. Great for "integrating" legacy IMAP servers without e.g. > ACL support. > > I think that should work. For example if you set: > > > > mail_location = imapc:~/imapc > Oh, had not realized that a path argument is possible for imapc:. There are > even index file then... > > > > Then for mailbox foo/bar the ACL file should be in ~/imapc/.foo.bar/dovecot-acl > It almost works: > Sep 13 18:37:58 hhh dovecot: imap(4482, uuu): Error: file_dotlock_open(/home/uuu/Maildir/gmail/.[Gmail].Alle Nachrichten > /dovecot-acl) failed: No such file or directory > After manually creating the ".[Gmail].Alle Nachrichten" directory, SETACL > succeeds. Ok, I thought I tested accessing the mailbox afterwards, too - but I probably had not. I have a more general problem now: shared mailboxes from any "non-INBOX" namespace are not available to other users. That's not only with virtual or imapc namespaces, but also tested with two Maildir ones: namespace personal { inbox = yes location = maildir:~/Maildir prefix = INBOX. type = private } namespace second { inbox = no location = maildir:~/Maildir2 prefix = INBOX.second. type = private } namespace others { type = shared separator = . prefix = INBOX.shared.%%u. location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u #location = maildir:/home/%%n/Maildir:INDEX=~/Maildir/shared/%%u subscriptions = no list = children } [...] I can as user1 SETACL INBOX.second.box ~user1/Maildir2/dovecot-acl-list contains "1316082286 box" ~user1/Maildir2/.box/dovecot-acl contains "user=testuser lrs" (as does ~user1/Maildir/.in2007/dovecot-acl) The shared mailboxes dict contains shared/shared-boxes/user/testuser/user1 1 But - as testuser - 0 list "" "*" * LIST (\HasChildren) "." "INBOX" * LIST (\HasNoChildren) "." "INBOX.test" * LIST (\HasNoChildren) "." "INBOX.second" * LIST (\Noselect \HasChildren) "." "INBOX.shared.user1" * LIST (\HasNoChildren) "." "INBOX.virtual" * LIST (\HasNoChildren) "." "INBOX.shared.user1.in2007" 0 OK List completed. INBOX.shared.user1.second.box is missing. Also 0 select INBOX.shared.user1.second.box * OK [CLOSED] Previous mailbox closed. 0 NO Mailbox doesn't exist: second.box Log shows then: Sep 15 12:39:48 host dovecot: imap(8796, testuser): Debug: acl vfile: file /etc/dovecot/global-acls/INBOX.shared.user1.second.box not found Sep 15 12:39:48 host dovecot: imap(8796, testuser): Debug: acl vfile: file /home/user1/Maildir/.second.box/dovecot-acl not found ... not searching for the acl file correctly. Thought I tested this with earlier (2.0) versions. Changed group set up inbetween, but this does not seem relevant. Regards, Lutz From tss at iki.fi Thu Sep 15 13:53:28 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 15 Sep 2011 13:53:28 +0300 Subject: [Dovecot] mysql auth failover failing In-Reply-To: <4E6ACC6C.6020200@acm.org> References: <4E6ACC6C.6020200@acm.org> Message-ID: <1316084011.12936.31.camel@hurina> On Fri, 2011-09-09 at 19:33 -0700, Paul B. Henson wrote: > Sep 9 15:47:34 tweak dovecot: auth: Error: > mysql(mysql-1.unx.csupomona.edu): Connect failed to database (idmgmt): > Can't connect to MySQL server on 'mysql-1.unx.csupomona.edu' (111) - > waiting for 1 seconds before retry I did several fixes related to this in v2.0 hg. > And postfix starts to fail authentications: > > Sep 9 15:47:35 tweak postfix/smtpd[5119]: warning: > bender.iitsys.csupomona.edu[134.71.250.134]: SASL DIGEST-MD5 > authentication failed: Connection lost to authentication server The reason why it kept failing with Postfix was because Dovecot had 10 second timeout for SQL connecting, and Postfix had 10 second timeout before failing authentication. So Postfix never waited long enough for Dovecot to attempt a second connection to the second MySQL server. I dropped Dovecot's SQL connect timeout to 5 seconds. > Now and again the authentication process dies: > > Sep 9 15:47:39 tweak dovecot: auth: Panic: file auth-request-handler.c: > line 697 (auth_request_handler_flush_failures): assertion failed: > (auth_request->state == AUTH_REQUEST_STATE_FINISHED) This happened only with non-plaintext authentication (e.g. DIGEST-MD5). Fixed also. From tss at iki.fi Thu Sep 15 14:12:18 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 15 Sep 2011 14:12:18 +0300 Subject: [Dovecot] sharing of non-INBOX namespaces? Re: imapc and imap_acl In-Reply-To: References: <57674CC7-1F64-4131-98C6-45CF8B54F23B@iki.fi> <20110913164631.GA1874905@gabi.sernet.de> Message-ID: <1316085138.12936.39.camel@hurina> On Thu, 2011-09-15 at 12:46 +0200, Lutz Pre?ler wrote: > I have a more general problem now: shared mailboxes from any "non-INBOX" > namespace are not available to other users. That's not only with virtual or > imapc namespaces, but also tested with two Maildir ones: > namespace others { > type = shared > separator = . > prefix = INBOX.shared.%%u. > location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u Right, because here you have configured a shared namespace for ~/Maildir. If you want to access also ~/Maildir2, you'd need to create a second shared namespace for it. Perhaps in future there could be some kind of automated detection of namespaces and putting them all under a single shared namespace. Configuration could probably be something like: namespace others { type = shared separator = . prefix = INBOX.shared.%%u. location = shared:INBOX.:INDEX=~/Maildir/shared/%%u } The above would then map "INBOX.shared.%%u." namespace to other user's "INBOX." namespace and also export any other private namespaces under it. From robert at schetterer.org Thu Sep 15 14:39:14 2011 From: robert at schetterer.org (Robert Schetterer) Date: Thu, 15 Sep 2011 13:39:14 +0200 Subject: [Dovecot] mysql auth failover failing In-Reply-To: <1316084011.12936.31.camel@hurina> References: <4E6ACC6C.6020200@acm.org> <1316084011.12936.31.camel@hurina> Message-ID: <4E71E3E2.1080600@schetterer.org> Am 15.09.2011 12:53, schrieb Timo Sirainen: > On Fri, 2011-09-09 at 19:33 -0700, Paul B. Henson wrote: > >> Sep 9 15:47:34 tweak dovecot: auth: Error: >> mysql(mysql-1.unx.csupomona.edu): Connect failed to database (idmgmt): >> Can't connect to MySQL server on 'mysql-1.unx.csupomona.edu' (111) - >> waiting for 1 seconds before retry > > I did several fixes related to this in v2.0 hg. > >> And postfix starts to fail authentications: >> >> Sep 9 15:47:35 tweak postfix/smtpd[5119]: warning: >> bender.iitsys.csupomona.edu[134.71.250.134]: SASL DIGEST-MD5 >> authentication failed: Connection lost to authentication server > > The reason why it kept failing with Postfix was because Dovecot had 10 > second timeout for SQL connecting, and Postfix had 10 second timeout > before failing authentication. So Postfix never waited long enough for > Dovecot to attempt a second connection to the second MySQL server. I > dropped Dovecot's SQL connect timeout to 5 seconds. > >> Now and again the authentication process dies: >> >> Sep 9 15:47:39 tweak dovecot: auth: Panic: file auth-request-handler.c: >> line 697 (auth_request_handler_flush_failures): assertion failed: >> (auth_request->state == AUTH_REQUEST_STATE_FINISHED) > > This happened only with non-plaintext authentication (e.g. DIGEST-MD5). > Fixed also. > Hi Timo, silly question is there really a native failover mysql in dovecot ? cant remember this , i only remember this as part of dovecot proxiing -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria From Lutz.Pressler at SerNet.DE Thu Sep 15 14:41:43 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Thu, 15 Sep 2011 13:41:43 +0200 Subject: [Dovecot] sharing of non-INBOX namespaces? Re: imapc and imap_acl In-Reply-To: <1316085138.12936.39.camel@hurina> References: <57674CC7-1F64-4131-98C6-45CF8B54F23B@iki.fi> <20110913164631.GA1874905@gabi.sernet.de> <1316085138.12936.39.camel@hurina> Message-ID: On Do, 15 Sep 2011, Timo Sirainen wrote: > On Thu, 2011-09-15 at 12:46 +0200, Lutz Pre?ler wrote: > > I have a more general problem now: shared mailboxes from any "non-INBOX" > > namespace are not available to other users. That's not only with virtual or > > imapc namespaces, but also tested with two Maildir ones: > > > namespace others { > > type = shared > > separator = . > > prefix = INBOX.shared.%%u. > > location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u > > Right, because here you have configured a shared namespace for > ~/Maildir. Uh, oh... of course. Stupid to expect it to work as your proposal for future extension already... but that would be the most flexible way, please implement :-). > If you want to access also ~/Maildir2, you'd need to create a > second shared namespace for it. Maybe I mess something up the second time today - but I cannot get it to work: namespace others { type = shared separator = . prefix = INBOX.shared.%%u. location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u subscriptions = no list = children } namespace otherssecond { type = shared separator = . prefix = INBOX.shared2.%%u. location = maildir:%%h/Maildir2:INDEX=~/Maildir/shared2/%%u subscriptions = no list = children } As testuser: 0 select INBOX.shared2.user1.box 0 NO Mailbox doesn't exist: shared2.user1.box with log: Sep 15 13:28:51 host dovecot: imap(17320, testuser): Debug: acl vfile: file /etc/dovecot/global-acls/INBOX.shared2.user1.box not found Sep 15 13:28:51 host dovecot: imap(17320, testuser): Debug: acl vfile: file /home/testuser/Maildir/.shared2.user1.box/dovecot-acl not found like the otherssecond namespace beeing ignored (yes, I've restarted dovecot). First I tried in otherssecond prefix = INBOX.shared.%%u.second. location = maildir:%%h/Maildir2:INDEX=~/Maildir/shared/%%u/second - don't know if this is even supposed to work, but both variants do not. Lutz From tss at iki.fi Thu Sep 15 14:43:04 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 15 Sep 2011 14:43:04 +0300 Subject: [Dovecot] mysql auth failover failing In-Reply-To: <4E71E3E2.1080600@schetterer.org> References: <4E6ACC6C.6020200@acm.org> <1316084011.12936.31.camel@hurina> <4E71E3E2.1080600@schetterer.org> Message-ID: <1316086984.12936.49.camel@hurina> On Thu, 2011-09-15 at 13:39 +0200, Robert Schetterer wrote: > > is there really a native failover mysql in dovecot ? > cant remember this , i only remember this as part of dovecot proxiing For SQL authentication it can use multiple SQL server hosts (with both MySQL and PostgreSQL) and do HA/load balancing. From tss at iki.fi Thu Sep 15 14:45:01 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 15 Sep 2011 14:45:01 +0300 Subject: [Dovecot] multiple "imapc namespaces" Re: imapc and imap_acl In-Reply-To: References: <57674CC7-1F64-4131-98C6-45CF8B54F23B@iki.fi> <20110913164631.GA1874905@gabi.sernet.de> Message-ID: <1316087101.12936.51.camel@hurina> On Tue, 2011-09-13 at 18:58 +0200, Lutz Pre?ler wrote: > On Tue, 13 Sep 2011, Lutz Pre?ler wrote: > > On Di, 13 Sep 2011, Timo Sirainen wrote: > > > mail_location = imapc:~/imapc > > Oh, had not realized that a path argument is possible for imapc:. There are > > even index file then... > What about taking imapc parameters/credentials optionally from > a file in this directory (like dovecot-virtual)? Hmm. I'd rather not implement something that gets obsolete later. If there were per-namespace imapc_ settings, this (and other things) could be implemented by having per-user configuration files. From tss at iki.fi Thu Sep 15 14:50:08 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 15 Sep 2011 14:50:08 +0300 Subject: [Dovecot] Warning: Subscriptions file .. Removing invalid entry: In-Reply-To: <20110914071252.GA13849@oc1046828364.ibm.com> References: <20110914071252.GA13849@oc1046828364.ibm.com> Message-ID: <1316087409.12936.55.camel@hurina> On Wed, 2011-09-14 at 09:12 +0200, Jan-Frode Myklebust wrote: > One of our dovecot-servers (v2.0.14) got a bit too busy last evening: > > Sep 13 20:39:18 popimap1 dovecot: master: Warning: service(pop3-login): process_limit reached, client connections are being dropped > > then logged a few: > > Sep 13 20:39:20 popimap1 dovecot: pop3(XXXXXXXXX at YYYYY.YY): Warning: I/O leak: 0x3829233d20 (10) > Sep 13 20:39:20 popimap1 dovecot: pop3(XXXXXXXXX at YYYYY.YY): Warning: Timeout leak: 0x3829233ce0 Could you show the output of: gdb /usr/local/libexec/dovecot/pop3 # or whatever path it is in x 0x3829233d20 x 0x3829233ce0 I guess the client isn't being destroyed properly for some reason.. > but what has me a bit worried is these: > > imap(user at xxx.xxx): Warning: Subscriptions file /path/to/user at xxx.xxx/subscriptions: Removing invalid entry: .Sent > imap(user at xxx.xxx): Warning: Subscriptions file /path/to/user at xxx.xxx/subscriptions: Removing invalid entry: .Spam > imap(user at xxx.xxx): Warning: Subscriptions file /path/to/user at xxx.xxx/subscriptions: Removing invalid entry: .Drafts > imap(user at xxx.xxx): Warning: Subscriptions file /path/to/user at xxx.xxx/subscriptions: Removing invalid entry: .Trash These are simply broken subscription entries that have never worked. They're not supposed to begin with a ".". In older Dovecot versions they were shown to clients, but I don't know what clients would have done with such broken entries. I guess some could have shown them "correctly", some could have shown them in a broken way and some could have just ignored them. From robert at schetterer.org Thu Sep 15 15:11:13 2011 From: robert at schetterer.org (Robert Schetterer) Date: Thu, 15 Sep 2011 14:11:13 +0200 Subject: [Dovecot] mysql auth failover failing In-Reply-To: <1316086984.12936.49.camel@hurina> References: <4E6ACC6C.6020200@acm.org> <1316084011.12936.31.camel@hurina> <4E71E3E2.1080600@schetterer.org> <1316086984.12936.49.camel@hurina> Message-ID: <4E71EB61.2090508@schetterer.org> Am 15.09.2011 13:43, schrieb Timo Sirainen: > On Thu, 2011-09-15 at 13:39 +0200, Robert Schetterer wrote: >> >> is there really a native failover mysql in dovecot ? >> cant remember this , i only remember this as part of dovecot proxiing > > For SQL authentication it can use multiple SQL server hosts (with both > MySQL and PostgreSQL) and do HA/load balancing. > > ok, i see, but i have nearly all possible parameters in mysql ( i use a mysql cluster ), thx anyway for answer -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria From janfrode at tanso.net Thu Sep 15 15:11:15 2011 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Thu, 15 Sep 2011 14:11:15 +0200 Subject: [Dovecot] Warning: Subscriptions file .. Removing invalid entry: In-Reply-To: <1316087409.12936.55.camel@hurina> References: <20110914071252.GA13849@oc1046828364.ibm.com> <1316087409.12936.55.camel@hurina> Message-ID: <20110915121115.GA10074@oc1046828364.ibm.com> On Thu, Sep 15, 2011 at 02:50:08PM +0300, Timo Sirainen wrote: > > Sep 13 20:39:20 popimap1 dovecot: pop3(XXXXXXXXX at YYYYY.YY): Warning: I/O leak: 0x3829233d20 (10) > > Sep 13 20:39:20 popimap1 dovecot: pop3(XXXXXXXXX at YYYYY.YY): Warning: Timeout leak: 0x3829233ce0 > > Could you show the output of: > > gdb /usr/local/libexec/dovecot/pop3 # or whatever path it is in > x 0x3829233d20 > x 0x3829233ce0 sorry, but I have no debugging enabled.. % gdb /usr/libexec/dovecot/pop3 Reading symbols from /usr/libexec/dovecot/pop3...(no debugging symbols found)...done. (gdb) x 0x3829233d20 0x3829233d20: Cannot access memory at address 0x3829233d20 (gdb) x 0x3829233ce0 0x3829233ce0: Cannot access memory at address 0x3829233ce0 (gdb) quit > > imap(user at xxx.xxx): Warning: Subscriptions file /path/to/user at xxx.xxx/subscriptions: Removing invalid entry: .Drafts > > imap(user at xxx.xxx): Warning: Subscriptions file /path/to/user at xxx.xxx/subscriptions: Removing invalid entry: .Trash > > These are simply broken subscription entries that have never worked. > They're not supposed to begin with a ".". In older Dovecot versions they > were shown to clients, but I don't know what clients would have done > with such broken entries. I guess some could have shown them > "correctly", some could have shown them in a broken way and some could > have just ignored them. Ok, thanks for the explanation. -jf From tom at elysium.ltd.uk Thu Sep 15 16:40:34 2011 From: tom at elysium.ltd.uk (Tom Clark) Date: Thu, 15 Sep 2011 14:40:34 +0100 Subject: [Dovecot] Shared folder not listing Message-ID: <005501cc73ad$0bc3cea0$234b6be0$@elysium.ltd.uk> Hi Timo, I've got a weird problem on our dovecot. We're trying to setup private shared folder access. I have 2 users. tom at mailbox.com and system at mailbox.com. I have set the ACL's on all the folders (and subfolders) on system at mailbox.com. However, I'm not getting any of them listed when I check tom at mailbox.com 's IMAP folders. Our configuration is below (we're migrating from Courier hence the INBOX.): In 10-mail.conf: namespace { type = private prefix = INBOX. separator = . inbox = yes list = yes hidden = yes } namespace { type = shared separator = . prefix = INBOX.Shared.%%u location = maildir:%%h/Maildir:INDEX=~/Maildir/Shared/%%u subscriptions = no list = children } mail_plugins = acl protocol imap { mail_plugins = $mail_plugins imap_acl } In 90-acl.conf: plugin { #acl = vfile:/etc/dovecot/acls:cache_secs=300 acl = vfile } # To let users LIST mailboxes shared by other users, Dovecot needs a # shared mailbox dictionary. For example: plugin { acl_shared_dict = file:/var/vpopmail/domains/%d/shared-mailboxes } Have I missed anthing!?!? Thanks in advance! Tom From CMarcus at Media-Brokers.com Thu Sep 15 17:23:10 2011 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Thu, 15 Sep 2011 10:23:10 -0400 Subject: [Dovecot] Shared folder not listing In-Reply-To: <005501cc73ad$0bc3cea0$234b6be0$@elysium.ltd.uk> References: <005501cc73ad$0bc3cea0$234b6be0$@elysium.ltd.uk> Message-ID: <4E720A4E.5050303@Media-Brokers.com> On 2011-09-15 9:40 AM, Tom Clark wrote: > Have I missed anthing!?!? Only to please not copy/paste from your config files, but post output of doveconf -n. This ensures that your settings really are what you think they are. -- Best regards, Charles From tom at elysium.ltd.uk Thu Sep 15 17:39:52 2011 From: tom at elysium.ltd.uk (Tom Clark) Date: Thu, 15 Sep 2011 15:39:52 +0100 Subject: [Dovecot] Shared folder not listing In-Reply-To: <4E720A4E.5050303@Media-Brokers.com> References: <005501cc73ad$0bc3cea0$234b6be0$@elysium.ltd.uk> <4E720A4E.5050303@Media-Brokers.com> Message-ID: <00a401cc73b5$543c6220$fcb52660$@elysium.ltd.uk> Fair enough. Here is output from doveconf -n # 2.0.13: /etc/dovecot/dovecot.conf # OS: Linux 2.6.35.6-45.fc14.x86_64 x86_64 Fedora release 14 (Laughlin) auth_debug_passwords = yes auth_verbose = yes auth_verbose_passwords = plain base_dir = /var/run/dovecot/ disable_plaintext_auth = no first_valid_uid = 1 login_greeting = Ready mail_debug = yes mail_location = maildir:~/Maildir mail_plugins = acl managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date mbox_write_locks = fcntl namespace { hidden = yes inbox = yes list = yes location = prefix = INBOX. separator = . type = private } namespace { list = children location = maildir:/var/vpopmail/domains/%d/%%n/Maildir:INDEX=~/Maildir/Shared/%d/%%u prefix = INBOX.Shared.%%u separator = . subscriptions = no type = shared } passdb { driver = vpopmail } plugin { acl = vfile acl_shared_dict = file:/var/vpopmail/domains/%d/shared-mailboxes sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } ssl_cert = wrote: > Have I missed anthing!?!? Only to please not copy/paste from your config files, but post output of doveconf -n. This ensures that your settings really are what you think they are. -- Best regards, Charles From ajb2 at mssl.ucl.ac.uk Thu Sep 15 17:39:52 2011 From: ajb2 at mssl.ucl.ac.uk (Alan Brown) Date: Thu, 15 Sep 2011 15:39:52 +0100 Subject: [Dovecot] dovecot Digest, Vol 101, Issue 26 In-Reply-To: References: Message-ID: <4E720E38.7040109@mssl.ucl.ac.uk> > From: Timo Sirainen > Subject: Re: [Dovecot] general advice sought > Message-ID: <1315830847.7326.48.camel at hurina> > Content-Type: text/plain; charset="ISO-8859-15" > > On Mon, 2011-09-12 at 13:11 +0100, Alan Brown wrote: >> I'd like to hear the thoughts of list members on which type of storage >> method seems "best" for inboxes and for folders. >> >> The filesystem is GFS2 and for various reasons I can't change it. > .. >> If I migrate to other formats (eg mdbox), then it needs to be able to be >> done on the fly. (Taking the mailservers down for a day won't go down >> well, even an hour raises howls). > > Have you had any trouble with Dovecot's index files in your current > setup? Any errors at all? Zero. The issues which have arisen are: 1: Really slow access to messages in large folders (GFS2 issue) 2: Users trashing their inbox then demanding we drop everything to restore "all my important mail" > If not, I'd think mdbox will work fine. You > can do it incrementally per-user (and you really should try it first > with only a few users). http://wiki2.dovecot.org/Tools/Dsync explains > how to do it on the fly. I thought so too, just wanted to hear opinions on doing it vs other approaches. :) From Lutz.Pressler at SerNet.DE Thu Sep 15 18:15:18 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Thu, 15 Sep 2011 17:15:18 +0200 Subject: [Dovecot] unexpected LSUB / LIST (SUBSCRIBED) output Re: Panic: file mailbox-list-subscriptions.c: line 66 (mailbox_list_subscription_fill_one): assertion failed: (ns!= NULL && (ns->flags & NAMESPACE_FLAG_AUTOCREATED) != 0) In-Reply-To: <1316078544.12936.20.camel@hurina> References: <1316078544.12936.20.camel@hurina> Message-ID: On Thu, 15 Sep 2011, Timo Sirainen wrote: > On Wed, 2011-09-14 at 12:10 +0200, Lutz Pre?ler wrote: > > imap(2717, testuser): Panic: file mailbox-list-subscriptions.c: line > > 66 (mailbox_list_subscription_fill_one): assertion failed: (ns!= NULL > > && (ns->flags & NAMESPACE_FLAG_AUTOCREATED) != 0) > > > Fixed: http://hg.dovecot.org/dovecot-2.1/rev/309a707c22c0 No assertion anymore. 0 login testuser password [...] 0 list "" "*" * LIST (\HasChildren) "." "INBOX" * LIST (\HasNoChildren) "." "INBOX.test" * LIST (\Noselect \HasChildren) "." "INBOX.shared.user1" * LIST (\HasNoChildren) "." "INBOX.virtual" * LIST (\HasNoChildren) "." "INBOX.shared.user1.in2007" 0 OK List completed. 0 lsub "" "*" * LSUB (\Noselect) "." "INBOX.shared.user1" 0 OK Lsub completed. 0 list (subscribed) "" "*" * LIST (\NonExistent) "." "INBOX.shared.user1" 0 OK List completed. >>> ~testuser/Maildir/subscription is empty here 0 subscribe INBOX.shared.user1.in2007 0 OK Subscribe completed. 0 lsub "" "*" * LSUB (\Noselect) "." "INBOX.shared.user1" * LSUB () "." "INBOX.shared.user1.in2007" 0 OK Lsub completed. 0 list (subscribed) "" "*" * LIST (\NonExistent) "." "INBOX.shared.user1" * LIST (\Subscribed) "." "INBOX.shared.user1.in2007" 0 OK List completed. >>> ~testuser/Maildir/subscription now contains "shared.user1.in2007" Is this "INBOX.shared.user1" LSUB/LIST output correct? Lutz From tom at elysium.ltd.uk Thu Sep 15 18:23:30 2011 From: tom at elysium.ltd.uk (Tom Clark) Date: Thu, 15 Sep 2011 16:23:30 +0100 Subject: [Dovecot] Shared folder not listing In-Reply-To: <00a401cc73b5$543c6220$fcb52660$@elysium.ltd.uk> References: <005501cc73ad$0bc3cea0$234b6be0$@elysium.ltd.uk> <4E720A4E.5050303@Media-Brokers.com> <00a401cc73b5$543c6220$fcb52660$@elysium.ltd.uk> Message-ID: <011201cc73bb$6d0626a0$471273e0$@elysium.ltd.uk> I have managed to sort this out myself. Initially I was missing the ending "." from the prefix. I also noted that %%d wasn't returning the domain correctly (mailbox instead of mailbox.com). I changed to using %d which worked fine (as I'm not sharing folders outside the domain). I'm not sure if this is a bug and whether it would have been fixed in a later version of Dovecot. Tom -----Original Message----- From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On Behalf Of Tom Clark Sent: 15 September 2011 3:40 PM To: 'Dovecot Mailing List' Subject: Re: [Dovecot] Shared folder not listing Fair enough. Here is output from doveconf -n # 2.0.13: /etc/dovecot/dovecot.conf # OS: Linux 2.6.35.6-45.fc14.x86_64 x86_64 Fedora release 14 (Laughlin) auth_debug_passwords = yes auth_verbose = yes auth_verbose_passwords = plain base_dir = /var/run/dovecot/ disable_plaintext_auth = no first_valid_uid = 1 login_greeting = Ready mail_debug = yes mail_location = maildir:~/Maildir mail_plugins = acl managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date mbox_write_locks = fcntl namespace { hidden = yes inbox = yes list = yes location = prefix = INBOX. separator = . type = private } namespace { list = children location = maildir:/var/vpopmail/domains/%d/%%n/Maildir:INDEX=~/Maildir/Shared/%d/%%u prefix = INBOX.Shared.%%u separator = . subscriptions = no type = shared } passdb { driver = vpopmail } plugin { acl = vfile acl_shared_dict = file:/var/vpopmail/domains/%d/shared-mailboxes sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } ssl_cert = wrote: > Have I missed anthing!?!? Only to please not copy/paste from your config files, but post output of doveconf -n. This ensures that your settings really are what you think they are. -- Best regards, Charles From micah at riseup.net Thu Sep 15 20:14:39 2011 From: micah at riseup.net (Micah Anderson) Date: Thu, 15 Sep 2011 13:14:39 -0400 Subject: [Dovecot] moving mail out of alt storage References: <87sjnya3z5.fsf@algae.riseup.net> <1316077133.12936.18.camel@hurina> Message-ID: <87obylafsw.fsf_-_@algae.riseup.net> Timo Sirainen writes: > On Wed, 2011-09-14 at 23:17 -0400, Micah Anderson wrote: >> I moved some mail into the alt storage: >> >> doveadm altmove -u johnd at example.com seen savedbefore 1w >> >> and now I want to move it back to the regular INBOX, but I can't see how >> I can do that with either 'altmove' or 'mailbox move'. > > Is this sdbox or mdbox? With sdbox you could simply "mv" the files. Or > apply patch: http://hg.dovecot.org/dovecot-2.0/rev/1910c76a6cc9 This is mdbox, which is why I am not sure how to operate because I am used to individual files as is with maildir. micah From al-dovecot at none.at Thu Sep 15 22:13:32 2011 From: al-dovecot at none.at (Aleksandar Lazic) Date: Thu, 15 Sep 2011 21:13:32 +0200 Subject: [Dovecot] Sieve envelope :detail "to" "extention" does not deliver to fileinto destination In-Reply-To: <4E71C573.2040407@rename-it.nl> References: <20110912171448.GB320@none.at> <4E71C573.2040407@rename-it.nl> Message-ID: <20110915191332.GA29568@none.at> Dear Stephan, On Don 15.09.2011 11:29, Stephan Bosch wrote: >Op 12-9-2011 19:14, Aleksandar Lazic schreef: >>Is there a 'log' or 'print' command in the sieve filter or how can I >>write a message to the log file? > >With the latest Pigeonhole (0.2.4), you can use the vnd.dovecot.debug >extension (which is not available by default and therefore needs to be >added to sieve_extensions), e.g. > >=== >require "vnd.dovecot.debug"; >require "envelope"; >require "variables"; > >if envelope :matches "to" "*" { debug_log "envelope to `${1}'"; } >=== [snipp] Thank you. debug_log "envelope to `${1}'"; debug_log "envelope to detail `${detail}'"; <= is this a default variable? I get === sieve: info: started log at Sep 15 21:07:07. lists.sieve: line 15: info: DEBUG: envelope to `al-pdnsusers at none.at'. lists.sieve: line 16: info: DEBUG: envelope to detail `'. info: msgid=<20110915190707.256ED9FECC31 at external.none.at>: stored mail into mailbox 'Lists.pdnsusers'. === Is there a possibility to print the :detail from the subaddress module? Maybe like Pseudocode: === set "detail" :detail if :detail not empty === Is there a possibility to dump all variables? Are there any default variables in variables module? What does I make wrong that I haven't the :detail from the subaddress?! BR Aleks From al-dovecot at none.at Thu Sep 15 22:15:24 2011 From: al-dovecot at none.at (Aleksandar Lazic) Date: Thu, 15 Sep 2011 21:15:24 +0200 Subject: [Dovecot] convert maildrop filter to sieve Message-ID: <20110915191524.GB29568@none.at> Dear list member, does anybody have a script which can convert maildrop filter to sive filter? BR Aleks From henson at acm.org Thu Sep 15 23:40:28 2011 From: henson at acm.org (Paul B. Henson) Date: Thu, 15 Sep 2011 13:40:28 -0700 Subject: [Dovecot] mysql auth failover failing In-Reply-To: <1316084011.12936.31.camel@hurina> References: <4E6ACC6C.6020200@acm.org> <1316084011.12936.31.camel@hurina> Message-ID: <4E7262BC.6070709@acm.org> On 9/15/2011 3:53 AM, Timo Sirainen wrote: > I did several fixes related to this in v2.0 hg. Cool, thanks. Any thoughts on when you'll release a new version including them? Looks like the relevant changesets are 0dffdc3bfad1, 3334c12a2b1a, c056bd23fdcc, 11273f581686, 1b829680dce4, 55552b4e8c65, 3955a5b2a917, and 20a901f1de31. I'll suck those down and try to make a patch for the current release version and give it a test. > The reason why it kept failing with Postfix was because Dovecot had 10 > second timeout for SQL connecting, and Postfix had 10 second timeout > before failing authentication. D'oh :). I thought about timeout issues, but there doesn't appear to be any way in dovecot or postfix to change them via the configuration file. -- Paul B. Henson | (909) 979-6361 | http://www.csupomona.edu/~henson/ Operating Systems and Network Analyst | henson at csupomona.edu California State Polytechnic University | Pomona CA 91768 From al-dovecot at none.at Fri Sep 16 01:02:46 2011 From: al-dovecot at none.at (Aleksandar Lazic) Date: Fri, 16 Sep 2011 00:02:46 +0200 Subject: [Dovecot] Detecting duplicate messages with sieve Message-ID: <20110915220246.GA17639@none.at> Dear Listmember, I use http://www.courier-mta.org/reformail.html for "Detecting duplicate messages" ### The -D option implements a simple way to delete duplicate messages in incoming mail. filename is a file that will be approximately 'len' bytes long. This file will be used by reformail to save message IDs seen in recent mail. reformail reads the message on standard input. If the message has a Message-ID: header that's already in the cache file, reformail terminates with the exit code set to 0. Otherwise, reformail terminates with the exit code set to 1. ### ### my entry in mailfilter `reformail -D 8192 $HOME/.msg.cache` if ($RETURNCODE == 0) { /^From: *!.*/ FROM1=${MATCH2} /^Subject: *!.*/ log "$FROM (${FROM1}) => Not Delivered duplicate MSG-ID. Subject ${MATCH2}\n" exit } ### Is there a similar feature in sieve or can I still use the upper setup? Another question is about to add this header line in every mail. xfilter "${REFORMAIL} -a\"Lines: $LINES\"" Thanks for your help. BR Aleks From serarien at baqs.net Fri Sep 16 01:58:30 2011 From: serarien at baqs.net (Pierre) Date: Fri, 16 Sep 2011 00:58:30 +0200 Subject: [Dovecot] dovecot-virtual folder configuration Message-ID: <2a82c4fe9e3aba3c621fe9eb2e530200@mail3.serarien.com> Hi all, Long story short, I'd like to configure a folder containing: INBOX (some other folders) -> unseen emails from these folders + all other emails (also seen) from the same thread -> seen emails from these folders, but only the recent ones + all other emails from the same thread I tried: # inthread refs (or (or recent unseen) recent ) inthread refs unseen # inthread refs (or unseen ( recent seen) ) # inthread refs recent unseen # inthread refs unseen #inthread refs recent (or unseen ) # inthread refs (recent seen (or unseen )) # (inthread refs (or unseen) recent seen) #( inthread refs (or (or recent unseen) flagged) ) without success. Where could I find proper,understandable doc for this? Could anybody help me on configuring such rule(s) ? Thanks a lot in adavance, Pierre From henson at acm.org Fri Sep 16 03:03:25 2011 From: henson at acm.org (Paul B. Henson) Date: Thu, 15 Sep 2011 17:03:25 -0700 Subject: [Dovecot] mysql auth failover failing In-Reply-To: <1316084011.12936.31.camel@hurina> References: <4E6ACC6C.6020200@acm.org> <1316084011.12936.31.camel@hurina> Message-ID: <4E72924D.8090709@acm.org> On 9/15/2011 3:53 AM, Timo Sirainen wrote: > I did several fixes related to this in v2.0 hg. I patched version 2.0.13 with these fixes and tested it out. As far as I can tell, it still doesn't do load balancing. When started, it only connects to the primary server, and as long as that server is available never seems to try and connect to the other one. However, the failover is much better. There are a few failed authentications when the primary server first becomes unavailable (seems to depend on load; under a light load, only a couple fail, the heavier the load, the more fail). After that blip though, authentications work fine. Thanks much for your help resolving this issue, I greatly appreciate it. -- Paul B. Henson | (909) 979-6361 | http://www.csupomona.edu/~henson/ Operating Systems and Network Analyst | henson at csupomona.edu California State Polytechnic University | Pomona CA 91768 From florob at babelmonkeys.de Fri Sep 16 03:47:56 2011 From: florob at babelmonkeys.de (Florian Zeitz) Date: Fri, 16 Sep 2011 02:47:56 +0200 Subject: [Dovecot] [PATCH] SCRAM-SHA-1 authentication Message-ID: <4E729CBC.5080600@babelmonkeys.de> Hy, over the last days I have implemented SCRAM-SHA-1 in Dovecot's 2.1 branch. It does not do SCRAM-SHA-1-PLUS, but should be extendable enough to introduce it later. There are some checks for the message format which (assuming the client acts correclty) are not strictly necessary during parsing. This is partially in the hope that it might aid client implementers, partially because it (IMHO) improves readability when checking against the RFC. Also errors found in this way could be sent to the client, this is however strictly OPTIONAL in the RFC, for now they are just logged. Some of the variable names are rather long. This is in order to have them match the terms introduced in the RFC, again I expect it to help readability (maybe my recent Objective-C programming showing though). I do feel somewhat insecure about my usage of some lib functions. Hopefully no API has been abused too much. I also note that there are a lot of fields in the scram_auth_request struct. I think they are all there for a reason, however feel free to prove me wrong. Attached is a hg export. It also includes a hmac-sha1 implementation, an adaption off of the hmac-md5 implementation already in Dovecot. I guess those should eventually be merged into a hash-independent hmac implementation, but I figured this would have to do for now. The implementation has been tested against GNU SASL and does appear to work fine. (The command line was `gsasl -m SCRAM-SHA-1 -a user -p pass --imap host` for those curious) Regards Florian "Florob" Zeitz -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: scram-sha-1.exp URL: From tss at iki.fi Fri Sep 16 12:21:36 2011 From: tss at iki.fi (Timo Sirainen) Date: Fri, 16 Sep 2011 12:21:36 +0300 Subject: [Dovecot] mysql auth failover failing In-Reply-To: <4E72924D.8090709@acm.org> References: <4E6ACC6C.6020200@acm.org> <1316084011.12936.31.camel@hurina> <4E72924D.8090709@acm.org> Message-ID: <1316164896.12936.57.camel@hurina> On Thu, 2011-09-15 at 17:03 -0700, Paul B. Henson wrote: > > I did several fixes related to this in v2.0 hg. > > I patched version 2.0.13 with these fixes and tested it out. > > As far as I can tell, it still doesn't do load balancing. Oh. http://hg.dovecot.org/dovecot-2.0/rev/327698228158 should finally fix it. :) From amateo at um.es Fri Sep 16 12:51:19 2011 From: amateo at um.es (Angel L. Mateo) Date: Fri, 16 Sep 2011 11:51:19 +0200 Subject: [Dovecot] Deleted mailboxes with lazy_expunge Message-ID: <4E731C17.5090305@um.es> Hello, I'm trying to configure lazy_expunge plugin (as a way to provide easy backup for mails). This is my configuration (as explained in dovecot wiki): # Default namespace namespace { prefix = separator = / inbox = yes } # namespaces for lazy_expunge plugin: namespace { prefix = .EXPUNGED/ separator = / location = maildir:~/Maildir/expunged } namespace { prefix = .DELETED/ separator = / location = maildir:~/Maildir/deleted } namespace { prefix = .DELETED/.EXPUNGED/ separator = / location = maildir:~/Maildir/deleted/expunged lazy_expunge = .EXPUNGED/ .DELETED/ .DELETED/.EXPUNGED/ I use just one namespace because I don't want to differentiate between deleting mails or deleting mailboxes, but I have the same problem using the 3 namespaces. With this configuration, when a user connects, if he doesn't have the expunged folder, dovecot logs: Sep 16 10:53:35 myotis30 dovecot: imap(angel.luis): Debug: Namespace : type=private, prefix=.EXPUNGED/, sep=/, inbox=no, hidden=no, list=yes, subscriptions=yes location=maildir:~/Maildir/expunged Sep 16 10:53:35 myotis30 dovecot: imap(angel.luis): Debug: maildir++: root=/home/alumnos/46/113246/Maildir/expunged, index=, control=, inbox= Sep 16 10:53:35 myotis30 dovecot: imap(angel.luis): Debug: Namespace .EXPUNGED/: Permission lookup failed from /home/alumnos/46/113246/Maildir/expunged Sep 16 10:53:35 myotis30 dovecot: imap(angel.luis): Debug: Namespace .EXPUNGED/: Using permissions from /home/alumnos/46/113246/Maildir/expunged: mode=0700 gid=-1 and the expunged folder is created (without the cur, new neither tmp folders). When I delete a message in the INBOX folder (for example), dovecot logs: Sep 16 10:57:19 myotis30 dovecot: imap(angel.luis): Debug: Namespace .EXPUNGED/: Permission lookup failed from /home/alumnos/46/113246/Maildir/expunged/.INBOX Sep 16 10:57:19 myotis30 dovecot: imap(angel.luis): Debug: Namespace .EXPUNGED/: Using permissions from /home/alumnos/46/113246/Maildir/expunged: mode=0700 gid=-1 Sep 16 10:57:19 myotis30 dovecot: imap(angel.luis): Debug: Namespace .EXPUNGED/: Permission lookup failed from /home/alumnos/46/113246/Maildir/expunged/.INBOX Sep 16 10:57:19 myotis30 dovecot: imap(angel.luis): Debug: Namespace .EXPUNGED/: Using permissions from /home/alumnos/46/113246/Maildir/expunged: mode=0700 gid=-1 and the message is stored in the expunge namespace (that is an imap INBOX folder is created in the namespace, with its cur, new and tmp, and the message is stored). But when I try to delete a whole imap folder (in the example I delete it from trash folder because I use thunderbird and it previously move the folder to trash), dovecot logs: Sep 16 11:45:46 myotis30 dovecot: imap(angel.luis): Debug: Namespace .DELETED/: Using permissions from /home/alumnos/46/113246/Maildir/deleted: mode=0700 gid=-1 Sep 16 11:45:46 myotis30 dovecot: imap(angel.luis): Debug: Namespace .DELETED/: Permission lookup failed from /home/alumnos/46/113246/Maildir/deleted/.Trash.kk-20110916-114546 Sep 16 11:45:46 myotis30 dovecot: imap(angel.luis): Debug: Namespace .DELETED/: Using permissions from /home/alumnos/46/113246/Maildir/deleted: mode=0700 gid=-1 Sep 16 11:45:46 myotis30 dovecot: imap(angel.luis): Debug: Namespace .DELETED/: Permission lookup failed from /home/alumnos/46/113246/Maildir/deleted/.Trash.kk-20110916-114546 Sep 16 11:45:46 myotis30 dovecot: imap(angel.luis): Debug: Namespace .DELETED/: Using permissions from /home/alumnos/46/113246/Maildir/deleted: mode=0700 gid=-1 and my mail client reports the error "[CANNOT] Can't rename mailboxes accross specified storages" and the mail folder isn't created in the DELETED namespace. Any idea? -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n _o) y las Comunicaciones Aplicadas (ATICA) / \\ http://www.um.es/atica _(___V Tfo: 868887590 Fax: 868888337 From tss at iki.fi Fri Sep 16 13:08:08 2011 From: tss at iki.fi (Timo Sirainen) Date: Fri, 16 Sep 2011 13:08:08 +0300 Subject: [Dovecot] Deleted mailboxes with lazy_expunge In-Reply-To: <4E731C17.5090305@um.es> References: <4E731C17.5090305@um.es> Message-ID: <1316167688.12936.61.camel@hurina> On Fri, 2011-09-16 at 11:51 +0200, Angel L. Mateo wrote: > Hello, > > I'm trying to configure lazy_expunge plugin (as a way to provide easy > backup for mails). This is my configuration (as explained in dovecot wiki): dovecot -n output would have been better. What do you use as mail_location? My guess is that you have specified INDEX or CONTROL path there, which isn't currently compatible with this.. > # Default namespace > namespace { > prefix = > separator = / > inbox = yes > } > > # namespaces for lazy_expunge plugin: > namespace { > prefix = .EXPUNGED/ > separator = / > location = maildir:~/Maildir/expunged > } > namespace { > prefix = .DELETED/ > separator = / > location = maildir:~/Maildir/deleted > } > namespace { > prefix = .DELETED/.EXPUNGED/ > separator = / > location = maildir:~/Maildir/deleted/expunged > > > lazy_expunge = .EXPUNGED/ .DELETED/ .DELETED/.EXPUNGED/ > > I use just one namespace because I don't want to differentiate between > deleting mails or deleting mailboxes, but I have the same problem using > the 3 namespaces. In above config you're using 3 namespaces, not 1. This problem shouldn't exist if you use just one namespace. > and my mail client reports the error "[CANNOT] Can't rename mailboxes > accross specified storages" and the mail folder isn't created in the > DELETED namespace. With http://hg.dovecot.org/dovecot-2.0/rev/e57bd3e2ec27 it'll now log the reason why it's not possible. From tss at iki.fi Fri Sep 16 13:18:41 2011 From: tss at iki.fi (Timo Sirainen) Date: Fri, 16 Sep 2011 13:18:41 +0300 Subject: [Dovecot] Shared folder not listing In-Reply-To: <011201cc73bb$6d0626a0$471273e0$@elysium.ltd.uk> References: <005501cc73ad$0bc3cea0$234b6be0$@elysium.ltd.uk> <4E720A4E.5050303@Media-Brokers.com> <00a401cc73b5$543c6220$fcb52660$@elysium.ltd.uk> <011201cc73bb$6d0626a0$471273e0$@elysium.ltd.uk> Message-ID: <1316168321.12936.65.camel@hurina> On Thu, 2011-09-15 at 16:23 +0100, Tom Clark wrote: > I have managed to sort this out myself. Initially I was missing the ending > "." from the prefix. It usually complains if that's missing, but looks like shared namespaces were a special case. Fixed: http://hg.dovecot.org/dovecot-2.0/rev/ea657df52a85 > I also noted that %%d wasn't returning the domain > correctly (mailbox instead of mailbox.com). I changed to using %d which > worked fine (as I'm not sharing folders outside the domain). > > I'm not sure if this is a bug and whether it would have been fixed in a > later version of Dovecot. Where were you using %%d? It's not in any config you posted here. But anyway "." is problematic, because you're also using it as hierarchy separator. I think you're going to run into trouble unless you change the separator. From amateo at um.es Fri Sep 16 13:34:16 2011 From: amateo at um.es (Angel L. Mateo) Date: Fri, 16 Sep 2011 12:34:16 +0200 Subject: [Dovecot] Deleted mailboxes with lazy_expunge In-Reply-To: <1316167688.12936.61.camel@hurina> References: <4E731C17.5090305@um.es> <1316167688.12936.61.camel@hurina> Message-ID: <4E732628.4000209@um.es> El 16/09/11 12:08, Timo Sirainen escribi?: > On Fri, 2011-09-16 at 11:51 +0200, Angel L. Mateo wrote: >> Hello, >> >> I'm trying to configure lazy_expunge plugin (as a way to provide easy >> backup for mails). This is my configuration (as explained in dovecot wiki): > > dovecot -n output would have been better. What do you use as Yes, I know but I forgot it :-(. You have now the config. > mail_location? My guess is that you have specified INDEX or CONTROL path > there, which isn't currently compatible with this.. > Yes, I'm using INDEX in mail_location >> I use just one namespace because I don't want to differentiate between >> deleting mails or deleting mailboxes, but I have the same problem using >> the 3 namespaces. > > In above config you're using 3 namespaces, not 1. This problem shouldn't > exist if you use just one namespace. I have tried with both configurations with the same problem. I have made another test, this time with 1 namespace and with thunderbird directly expunging messages (to avoid moving them to trash and then purging trash). With this, dovecot logs: Sep 16 12:26:48 myotis30 dovecot: imap(angel.luis): Debug: Namespace .EXPUNGED/: Using permissions from /home/alumnos/46/113246/Maildir/expunged: mode=0700 gid=-1 Sep 16 12:26:48 myotis30 dovecot: imap(angel.luis): Debug: Namespace .EXPUNGED/: Permission lookup failed from /home/alumnos/46/113246/Maildir/expunged/.kk Sep 16 12:26:48 myotis30 dovecot: imap(angel.luis): Debug: Namespace .EXPUNGED/: Using permissions from /home/alumnos/46/113246/Maildir/expunged: mode=0700 gid=-1 Sep 16 12:26:48 myotis30 dovecot: imap(angel.luis): Debug: Namespace .EXPUNGED/: Permission lookup failed from /home/alumnos/46/113246/Maildir/expunged/.kk Sep 16 12:26:48 myotis30 dovecot: imap(angel.luis): Debug: Namespace .EXPUNGED/: Using permissions from /home/alumnos/46/113246/Maildir/expunged: mode=0700 gid=-1 but "kk" mail folder isn't created in the expunge namespace. > >> and my mail client reports the error "[CANNOT] Can't rename mailboxes >> accross specified storages" and the mail folder isn't created in the >> DELETED namespace. > > With http://hg.dovecot.org/dovecot-2.0/rev/e57bd3e2ec27 it'll now log > the reason why it's not possible. > I'm going to try it... -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n _o) y las Comunicaciones Aplicadas (ATICA) / \\ http://www.um.es/atica _(___V Tfo: 868887590 Fax: 868888337 -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: doveconf.txt URL: From amateo at um.es Fri Sep 16 14:24:53 2011 From: amateo at um.es (Angel L. Mateo) Date: Fri, 16 Sep 2011 13:24:53 +0200 Subject: [Dovecot] Deleted mailboxes with lazy_expunge In-Reply-To: <1316167688.12936.61.camel@hurina> References: <4E731C17.5090305@um.es> <1316167688.12936.61.camel@hurina> Message-ID: <4E733205.5050406@um.es> El 16/09/11 12:08, Timo Sirainen escribi?: > > With http://hg.dovecot.org/dovecot-2.0/rev/e57bd3e2ec27 it'll now log > the reason why it's not possible. > These are the logs reported with this patch: ep 16 13:21:00 myotis30 dovecot: imap(angel.luis): Debug: Namespace .DELETED/: Using permissions from /home/alumnos/46/113246/Maildir/deleted: mode=0700 gid=-1 Sep 16 13:21:00 myotis30 dovecot: imap(angel.luis): Debug: Namespace .DELETED/: Permission lookup failed from /home/alumnos/46/113246/Maildir/deleted/.kk-20110916-132100 Sep 16 13:21:00 myotis30 dovecot: imap(angel.luis): Debug: Namespace .DELETED/: Using permissions from /home/alumnos/46/113246/Maildir/deleted: mode=0700 gid=-1 Sep 16 13:21:00 myotis30 dovecot: imap(angel.luis): Debug: Namespace .DELETED/: Permission lookup failed from /home/alumnos/46/113246/Maildir/deleted/.kk-20110916-132100 Sep 16 13:21:00 myotis30 dovecot: imap(angel.luis): Debug: Namespace .DELETED/: Using permissions from /home/alumnos/46/113246/Maildir/deleted: mode=0700 gid=-1 Sep 16 13:21:00 myotis30 dovecot: imap(angel.luis): Debug: Can't rename 'kk' to '.DELETED/kk-20110916-132100': index dirs don't match I have try to remove the same folder without INDEX in mail_location. Without this option it works. -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n _o) y las Comunicaciones Aplicadas (ATICA) / \\ http://www.um.es/atica _(___V Tfo: 868887590 Fax: 868888337 From leho at kraav.com Fri Sep 16 14:48:35 2011 From: leho at kraav.com (Leho Kraav) Date: Fri, 16 Sep 2011 14:48:35 +0300 Subject: [Dovecot] Plugins: virtuals vs acls Message-ID: <4E733793.3030304@kraav.com> Hi all dovecot-virtual: * all when dovecot-acl files restrict some subset of * for a user, does dovecot respect these ACLs when collecting messages for virtual folder? I'd like a confirmation about what I should be seeing when I start implementing this setup. From tss at iki.fi Fri Sep 16 14:53:39 2011 From: tss at iki.fi (Timo Sirainen) Date: Fri, 16 Sep 2011 14:53:39 +0300 Subject: [Dovecot] unexpected LSUB / LIST (SUBSCRIBED) output Re: Panic: file mailbox-list-subscriptions.c: line 66 (mailbox_list_subscription_fill_one): assertion failed: (ns!= NULL && (ns->flags & NAMESPACE_FLAG_AUTOCREATED) != 0) In-Reply-To: References: <1316078544.12936.20.camel@hurina> Message-ID: <1316174020.12936.66.camel@hurina> On Thu, 2011-09-15 at 17:15 +0200, Lutz Pre?ler wrote: > 0 lsub "" "*" > * LSUB (\Noselect) "." "INBOX.shared.user1" > 0 OK Lsub completed. > 0 list (subscribed) "" "*" > * LIST (\NonExistent) "." "INBOX.shared.user1" > 0 OK List completed. These shouldn't be here. > 0 lsub "" "*" > * LSUB (\Noselect) "." "INBOX.shared.user1" The above entry shouldn't be here. > * LSUB () "." "INBOX.shared.user1.in2007" > 0 OK Lsub completed. > 0 list (subscribed) "" "*" > * LIST (\NonExistent) "." "INBOX.shared.user1" > * LIST (\Subscribed) "." "INBOX.shared.user1.in2007" > 0 OK List completed. > > >>> ~testuser/Maildir/subscription now contains "shared.user1.in2007" > > Is this "INBOX.shared.user1" LSUB/LIST output correct? http://hg.dovecot.org/dovecot-2.1/rev/080c8f9521d2 should fix these and other related problems. From tss at iki.fi Fri Sep 16 15:01:11 2011 From: tss at iki.fi (Timo Sirainen) Date: Fri, 16 Sep 2011 15:01:11 +0300 Subject: [Dovecot] Deleted mailboxes with lazy_expunge In-Reply-To: <4E733205.5050406@um.es> References: <4E731C17.5090305@um.es> <1316167688.12936.61.camel@hurina> <4E733205.5050406@um.es> Message-ID: <1316174471.12936.70.camel@hurina> On Fri, 2011-09-16 at 13:24 +0200, Angel L. Mateo wrote: > > Sep 16 13:21:00 myotis30 dovecot: imap(angel.luis): Debug: Can't rename > 'kk' to '.DELETED/kk-20110916-132100': index dirs don't match > > I have try to remove the same folder without INDEX in mail_location. > Without this option it works. Alternatively you could add INDEX path to lazy_expunge namespaces and it would work. The important thing is that both source and destination either have or don't have INDEX path specified, but it can't be mixed. (Looks like I messed up those new debug messages - clarified them in hg now.) From tss at iki.fi Fri Sep 16 15:03:47 2011 From: tss at iki.fi (Timo Sirainen) Date: Fri, 16 Sep 2011 15:03:47 +0300 Subject: [Dovecot] Plugins: virtuals vs acls In-Reply-To: <4E733793.3030304@kraav.com> References: <4E733793.3030304@kraav.com> Message-ID: <1316174628.12936.72.camel@hurina> On Fri, 2011-09-16 at 14:48 +0300, Leho Kraav wrote: > dovecot-virtual: > * > all > > when dovecot-acl files restrict some subset of * for a user, does > dovecot respect these ACLs when collecting messages for virtual folder? If they aren't respected, it's a bug. From tss at iki.fi Fri Sep 16 15:08:23 2011 From: tss at iki.fi (Timo Sirainen) Date: Fri, 16 Sep 2011 15:08:23 +0300 Subject: [Dovecot] dovecot-virtual folder configuration In-Reply-To: <2a82c4fe9e3aba3c621fe9eb2e530200@mail3.serarien.com> References: <2a82c4fe9e3aba3c621fe9eb2e530200@mail3.serarien.com> Message-ID: <1316174903.12936.76.camel@hurina> On Fri, 2011-09-16 at 00:58 +0200, Pierre wrote: > Hi all, > > Long story short, I'd like to configure a folder containing: > > INBOX > (some other folders) > > -> unseen emails from these folders + all other emails (also seen) from > the same thread > -> seen emails from these folders, but only the recent ones + all other > emails from the same thread The "other mails from same thread" is still a bit problematic with virtual folders. From my TODO: - virtual: If last message matching INTHREAD rule gets expunged, the rest of the thread doesn't go away First you'll need to create a virtual folder that has all the mails that you would ever want to see in threads. For example: virtual/all/dovecot-virtual: ----- INBOX Sent some other folders all ----- Then based on that create the virtual mailbox you want: virtual/newstuff/dovecot-virtual: ----- virtual/all inthread refs or unseen recent ----- From tss at iki.fi Fri Sep 16 15:11:27 2011 From: tss at iki.fi (Timo Sirainen) Date: Fri, 16 Sep 2011 15:11:27 +0300 Subject: [Dovecot] Detecting duplicate messages with sieve In-Reply-To: <20110915220246.GA17639@none.at> References: <20110915220246.GA17639@none.at> Message-ID: <1316175087.12936.78.camel@hurina> On Fri, 2011-09-16 at 00:02 +0200, Aleksandar Lazic wrote: > "Detecting duplicate messages" .. > Is there a similar feature in sieve No. > or can I still use the upper setup? I think so. > Another question is about to add this header line in every mail. > > xfilter "${REFORMAIL} -a\"Lines: $LINES\"" What do you need it for? But nope, I don't think there's a way to do that with Sieve either. There's an extension to add headers, but it's not implemented yet. And I don't think there's a way to get the number of header lines. From tss at iki.fi Fri Sep 16 15:40:51 2011 From: tss at iki.fi (Timo Sirainen) Date: Fri, 16 Sep 2011 15:40:51 +0300 Subject: [Dovecot] [PATCH] SCRAM-SHA-1 authentication In-Reply-To: <4E729CBC.5080600@babelmonkeys.de> References: <4E729CBC.5080600@babelmonkeys.de> Message-ID: <1316176851.12936.91.camel@hurina> On Fri, 2011-09-16 at 02:47 +0200, Florian Zeitz wrote: > over the last days I have implemented SCRAM-SHA-1 in Dovecot's 2.1 > branch. It does not do SCRAM-SHA-1-PLUS, but should be extendable enough > to introduce it later. Looks pretty good. Below are a few things I noticed. I could fix these myself next week also, or you can do them during weekend if you want to. :) > I also note that there are a lot of fields in the scram_auth_request > struct. I think they are all there for a reason, however feel free to > prove me wrong. The username wouldn't necessarily have to be there. Also its name was confusing me for a while since I thought you were setting auth_request->user directly. > + snonce[i] = (snonce[i] % ('~' - '!')) + '!'; > + if (snonce[i] == ',') > + snonce[i] = '.'; Here '~' is actually never used. But a nice solution would be to simply replace ',' with '~' so '.' isn't more likely to occur than others. > + fields = t_strsplit((const char*)data, ","); Not safe. data isn't guaranteed to be NUL-terminated. One simple solution would be: t_strsplit(t_strndup(data, size), ",") And others: - Could be nicer if client->proof was stored base64-decoded, so its validity could be checked and also later there wouldn't be need to base64-encode signature when testing it. - There's no log message is authentication fails due to wrong password? - Doesn't verify_credentials() need to check the credentials in any way that it contains expected (sized) data? Anything is allowed? From tss at iki.fi Fri Sep 16 16:02:26 2011 From: tss at iki.fi (Timo Sirainen) Date: Fri, 16 Sep 2011 16:02:26 +0300 Subject: [Dovecot] sharing of non-INBOX namespaces? Re: imapc and imap_acl In-Reply-To: References: <57674CC7-1F64-4131-98C6-45CF8B54F23B@iki.fi> <20110913164631.GA1874905@gabi.sernet.de> <1316085138.12936.39.camel@hurina> Message-ID: <1316178147.12936.92.camel@hurina> On Thu, 2011-09-15 at 13:41 +0200, Lutz Pre?ler wrote: > > If you want to access also ~/Maildir2, you'd need to create a > > second shared namespace for it. > Maybe I mess something up the second time today - but I cannot get > it to work: Yeah, it didn't work. Fixed now in hg. From tss at iki.fi Fri Sep 16 16:09:23 2011 From: tss at iki.fi (Timo Sirainen) Date: Fri, 16 Sep 2011 16:09:23 +0300 Subject: [Dovecot] Dsync Permissions Issue In-Reply-To: <4E70D0A9.8060604@globalchangemusic.org> References: <4E70D0A9.8060604@globalchangemusic.org> Message-ID: <1316178563.12936.97.camel@hurina> On Wed, 2011-09-14 at 09:04 -0700, Asai wrote: > [root at triata ~]# dsync -v -u asai at globalchangemusic.org backup ssh > -p22222 vmail at xx.xxx.xx.xxx dsync -u asai at globalchangemusic.org > vmail at xx.xxx.xx.xxx's password: > dsync(vmail): Error: userdb lookup: > connect(/var/run/dovecot/auth-userdb) failed: Permission denied > (euid=1001(vmail) egid=1001(vmail) missing +r perm: > /var/run/dovecot/auth-userdb, euid is not dir owner) .. > service auth { > unix_listener auth-userdb { > group = vmail > mode = 0666 > user = vmail > } > user = root > } So clearly you've given more than necessary permissions in here. 0600 with user=vmail should be enough. But the permission problem isn't on the server where you ran this "doveconf -n". The problem is on your remote server's Dovecot config. BTW: > unix_listener auth-master { > group = vmail > mode = 0660 > user = vmail > } There's no reason to change this from defaults. From tss at iki.fi Fri Sep 16 16:11:11 2011 From: tss at iki.fi (Timo Sirainen) Date: Fri, 16 Sep 2011 16:11:11 +0300 Subject: [Dovecot] "Waiting for authentication process to respond" for invalid users with auth_dovecot In-Reply-To: References: Message-ID: <1316178672.12936.99.camel@hurina> On Tue, 2011-09-13 at 13:53 +0300, Ibrahim Harrani wrote: > I am testing dovecot 2.0.13 and 2.0.14 with qmail-ldap and > auth_dovecot patch. If i login to dovecot (pop3/imap) with correct > user and password. > no problem, I can login immediately. but if I try with nonexistant > user, dovecot does not immediate answer, wait for a while and says > "Waiting for authentication process to respond." > auth_dovecot process remains working in the background. > How can I avoid this situation? If auth_dovecot process keeps running, the bug is in auth_dovecot. I've never looked at it (or probably even heard of it). From micah at riseup.net Fri Sep 16 16:53:31 2011 From: micah at riseup.net (Micah Anderson) Date: Fri, 16 Sep 2011 09:53:31 -0400 Subject: [Dovecot] convert maildrop filter to sieve References: <20110915191524.GB29568@none.at> Message-ID: <87bouka90k.fsf@algae.riseup.net> Aleksandar Lazic writes: > Dear list member, > > does anybody have a script which can convert maildrop filter to sive > filter? I would also like this, but I'm afraid it may be too complicated due to the different possibilities. Moving to sieve from maildrop would be great, but in practice quite difficult to do when you have a large number of people with customized mailfilters. micah From tss at iki.fi Fri Sep 16 17:09:47 2011 From: tss at iki.fi (Timo Sirainen) Date: Fri, 16 Sep 2011 17:09:47 +0300 Subject: [Dovecot] v2.0.15 released Message-ID: <1316182189.12936.111.camel@hurina> http://dovecot.org/releases/2.0/dovecot-2.0.15.tar.gz http://dovecot.org/releases/2.0/dovecot-2.0.15.tar.gz.sig + doveadm altmove: Added -r parameter to move mails back to primary storage. - v2.0.14: Index reading could have eaten a lot of memory in some situations - doveadm index no longer affects future caching decisions - mbox: Fixed crash during mail delivery when mailbox didn't yet have GUID assigned to it. - zlib+mbox: Fetching last message from compressed mailboxes crashed. - lib-sql: Fixed load balancing and error handling when multiple hosts are used. From tss at iki.fi Fri Sep 16 17:11:11 2011 From: tss at iki.fi (Timo Sirainen) Date: Fri, 16 Sep 2011 17:11:11 +0300 Subject: [Dovecot] v2.1.alpha2 released Message-ID: <1316182272.12936.112.camel@hurina> http://dovecot.org/releases/2.1/alpha/dovecot-2.1.alpha2.tar.gz http://dovecot.org/releases/2.1/alpha/dovecot-2.1.alpha2.tar.gz.sig This is actually looking rather stable. I'm still calling it "alpha" in case I think of doing some more API changes, but I think the next one will be called "beta1", hopefully soon followed by "rc1". - Statistics gathering improvements (more fields) and fixes. - Lots of imapc fixes and improvements - Fixes to handling shared namespaces - Several other fixes From asai at globalchangemusic.org Fri Sep 16 18:17:12 2011 From: asai at globalchangemusic.org (Asai) Date: Fri, 16 Sep 2011 08:17:12 -0700 Subject: [Dovecot] Dsync Permissions Issue In-Reply-To: <1316178563.12936.97.camel@hurina> References: <4E70D0A9.8060604@globalchangemusic.org> <1316178563.12936.97.camel@hurina> Message-ID: <4E736878.5000103@globalchangemusic.org> Thank you for your assistance, I have changed permissions on the remote server and all is well. On 9/16/2011 6:09 AM, Timo Sirainen wrote: > On Wed, 2011-09-14 at 09:04 -0700, Asai wrote: > >> [root at triata ~]# dsync -v -u asai at globalchangemusic.org backup ssh >> -p22222 vmail at xx.xxx.xx.xxx dsync -u asai at globalchangemusic.org >> vmail at xx.xxx.xx.xxx's password: >> dsync(vmail): Error: userdb lookup: >> connect(/var/run/dovecot/auth-userdb) failed: Permission denied >> (euid=1001(vmail) egid=1001(vmail) missing +r perm: >> /var/run/dovecot/auth-userdb, euid is not dir owner) > .. >> service auth { >> unix_listener auth-userdb { >> group = vmail >> mode = 0666 >> user = vmail >> } >> user = root >> } > So clearly you've given more than necessary permissions in here. 0600 > with user=vmail should be enough. But the permission problem isn't on > the server where you ran this "doveconf -n". The problem is on your > remote server's Dovecot config. > > BTW: > >> unix_listener auth-master { >> group = vmail >> mode = 0660 >> user = vmail >> } > There's no reason to change this from defaults. > From simon.brereton at buongiorno.com Fri Sep 16 19:05:15 2011 From: simon.brereton at buongiorno.com (Simon Brereton) Date: Fri, 16 Sep 2011 12:05:15 -0400 Subject: [Dovecot] v2.0.15 released In-Reply-To: <1316182189.12936.111.camel@hurina> References: <1316182189.12936.111.camel@hurina> Message-ID: <001901cc748a$6cacbaf0$460630d0$@brereton@buongiorno.com> -----Original Message----- From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On Behalf Of Timo Sirainen http://dovecot.org/releases/2.0/dovecot-2.0.15.tar.gz http://dovecot.org/releases/2.0/dovecot-2.0.15.tar.gz.sig + doveadm altmove: Added -r parameter to move mails back to primary storage. - v2.0.14: Index reading could have eaten a lot of memory in some situations - doveadm index no longer affects future caching decisions - mbox: Fixed crash during mail delivery when mailbox didn't yet have GUID assigned to it. - zlib+mbox: Fetching last message from compressed mailboxes crashed. - lib-sql: Fixed load balancing and error handling when multiple hosts are used. ----------- I'll bite.. But it's probably not your concern. When will we be able to get stable 2.x packages for Debian? Apt installs 1.2.15-7 Thanks. Simon (Sorry about breaking the quotes) From odhiambo at gmail.com Fri Sep 16 19:08:24 2011 From: odhiambo at gmail.com (Odhiambo Washington) Date: Fri, 16 Sep 2011 19:08:24 +0300 Subject: [Dovecot] v2.1.alpha2 released In-Reply-To: <1316182272.12936.112.camel@hurina> References: <1316182272.12936.112.camel@hurina> Message-ID: On Fri, Sep 16, 2011 at 17:11, Timo Sirainen wrote: > http://dovecot.org/releases/2.1/alpha/dovecot-2.1.alpha2.tar.gz > http://dovecot.org/releases/2.1/alpha/dovecot-2.1.alpha2.tar.gz.sig > > This is actually looking rather stable. I'm still calling it "alpha" in > case I think of doing some more API changes, but I think the next one > will be called "beta1", hopefully soon followed by "rc1". > > - Statistics gathering improvements (more fields) and fixes. > - Lots of imapc fixes and improvements > - Fixes to handling shared namespaces > - Several other fixes > I am trying to compile on FreeBSD 8.2-STABLE with the following options: #!/bin/sh ./configure \ --prefix=/opt/dovecot2.1 \ --with-ioloop=kqueue \ --with-notify=kqueue \ --with-sql=yes \ --with-mysql \ --with-zlib \ --with-bzlib \ --with-ssl=openssl \ --with-storages="maildir mdbox sdbox cydir" And I get a failure, viz: jaribu# make make all-recursive Making all in . /bin/bash ./update-version.sh . . Making all in src Making all in lib-test Making all in lib make all-am Making all in lib-auth Making all in lib-charset Making all in lib-dns Making all in lib-fs Making all in lib-mail Making all in lib-imap Making all in lib-master Making all in lib-dict Making all in lib-settings Making all in lib-ssl-iostream /bin/bash ../../libtool --tag=CC --mode=link gcc -std=gnu99 -g -O2 -Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -Wstrict-aliasing=2 -export-dynamic -Wl,--as-needed -Wl,--no-undefined -o libdovecot-ssl.la-rpath /opt/dovecot2.1/lib/dovecot libssl_iostream.la ../lib/liblib.la -export-dynamic -lrt libtool: link: gcc -shared -fPIC -DPIC -Wl,--whole-archive ./.libs/libssl_iostream.a ../lib/.libs/liblib.a -Wl,--no-whole-archive -lssl -lcrypto -lrt -O2 -Wl,--as-needed -Wl,--no-undefined -Wl,-soname -Wl,libdovecot-ssl.so.0 -o .libs/libdovecot-ssl.so.0 ../lib/.libs/liblib.a(env-util.o)(.text+0x31): In function `env_get_environ_p': /usr/home/wash/Tools/Dovecot/dovecot-2.1.alpha2/src/lib/env-util.c:148: undefined reference to `environ' ../lib/.libs/liblib.a(env-util.o)(.text+0x1f8): In function `env_clean': /usr/home/wash/Tools/Dovecot/dovecot-2.1.alpha2/src/lib/env-util.c:71: undefined reference to `environ' *** Error code 1 Stop in /usr/home/wash/Tools/Dovecot/dovecot-2.1.alpha2/src/lib-ssl-iostream. *** Error code 1 Stop in /usr/home/wash/Tools/Dovecot/dovecot-2.1.alpha2/src. *** Error code 1 Stop in /usr/home/wash/Tools/Dovecot/dovecot-2.1.alpha2. *** Error code 1 Stop in /usr/home/wash/Tools/Dovecot/dovecot-2.1.alpha2. -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ I can't hear you -- I'm using the scrambler. Please consider the environment before printing this email. -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.png Type: image/png Size: 652 bytes Desc: not available URL: From odhiambo at gmail.com Fri Sep 16 19:09:47 2011 From: odhiambo at gmail.com (Odhiambo Washington) Date: Fri, 16 Sep 2011 19:09:47 +0300 Subject: [Dovecot] v2.0.15 released In-Reply-To: <4e7373ea.0a41df0a.7188.ffffcd51SMTPIN_ADDED@mx.google.com> References: <1316182189.12936.111.camel@hurina> <4e7373ea.0a41df0a.7188.ffffcd51SMTPIN_ADDED@mx.google.com> Message-ID: I think someone else is responsible for the Debianization of Dovecot, not Timo. On Fri, Sep 16, 2011 at 19:05, Simon Brereton wrote: > -----Original Message----- > From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On > Behalf Of Timo Sirainen > > http://dovecot.org/releases/2.0/dovecot-2.0.15.tar.gz > http://dovecot.org/releases/2.0/dovecot-2.0.15.tar.gz.sig > > + doveadm altmove: Added -r parameter to move mails back to primary > storage. > - v2.0.14: Index reading could have eaten a lot of memory in some > situations > - doveadm index no longer affects future caching decisions > - mbox: Fixed crash during mail delivery when mailbox didn't yet > have > GUID assigned to it. > - zlib+mbox: Fetching last message from compressed mailboxes > crashed. > - lib-sql: Fixed load balancing and error handling when multiple > hosts > are used. > > > ----------- > > I'll bite.. But it's probably not your concern. When will we be able to > get stable 2.x packages for Debian? Apt installs 1.2.15-7 > > Thanks. > > Simon > (Sorry about breaking the quotes) > > -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ I can't hear you -- I'm using the scrambler. Please consider the environment before printing this email. -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.png Type: image/png Size: 652 bytes Desc: not available URL: From eduardo at kalinowski.com.br Fri Sep 16 19:20:56 2011 From: eduardo at kalinowski.com.br (Eduardo M KALINOWSKI) Date: Fri, 16 Sep 2011 13:20:56 -0300 Subject: [Dovecot] v2.0.15 released In-Reply-To: <001901cc748a$6cacbaf0$460630d0$@brereton@buongiorno.com> References: <1316182189.12936.111.camel@hurina> <001901cc748a$6cacbaf0$460630d0$@brereton@buongiorno.com> Message-ID: <20110916132056.Horde.IMEjKcm_qOVOc3doMo93biA@mail.kalinowski.com.br> On Sex, 16 Set 2011, Simon Brereton wrote: > I'll bite.. But it's probably not your concern. When will we be > able to get stable 2.x packages for Debian? Apt installs 1.2.15-7 In Debian stable? Only when the next stable version (wheezy) is released. Not in squeeze. Though perhaps a backport might appear. -- Colors may fade in time. Eduardo M KALINOWSKI eduardo at kalinowski.com.br From kuizhang at gmail.com Fri Sep 16 21:10:25 2011 From: kuizhang at gmail.com (Kui Zhang) Date: Fri, 16 Sep 2011 11:10:25 -0700 Subject: [Dovecot] outlook 2007 very slow. Message-ID: Hello I have a user with 2500+ sub folders. Total mailboxes size is around 6G. (mdbox, dovecot 2:2.0.14) Syncing/Receiving appears to be slow, with outlook 2007. He does not want to switch to an alternative, due to various reasons. I did not find any error logs indicate issues. during idle, imap process appears to loop at adding inotify watches to all folders. I found outlook-idle in wiki, but it is obsolete. doveconf: Warning: Obsolete setting in /etc/dovecot/conf.d/20-imap.conf:55: imap_client_workarounds=outlook-idle is no longer necessary Any one else having similar issue? Anything else I should do to narrow down the issue? Thanks KuiZ From robert at schetterer.org Fri Sep 16 21:47:20 2011 From: robert at schetterer.org (Robert Schetterer) Date: Fri, 16 Sep 2011 20:47:20 +0200 Subject: [Dovecot] v2.0.15 released In-Reply-To: <20110916132056.Horde.IMEjKcm_qOVOc3doMo93biA@mail.kalinowski.com.br> References: <1316182189.12936.111.camel@hurina> <001901cc748a$6cacbaf0$460630d0$@brereton@buongiorno.com> <20110916132056.Horde.IMEjKcm_qOVOc3doMo93biA@mail.kalinowski.com.br> Message-ID: <4E7399B8.70904@schetterer.org> Am 16.09.2011 18:20, schrieb Eduardo M KALINOWSKI: > On Sex, 16 Set 2011, Simon Brereton wrote: >> I'll bite.. But it's probably not your concern. When will we be able >> to get stable 2.x packages for Debian? Apt installs 1.2.15-7 > > In Debian stable? Only when the next stable version (wheezy) is > released. Not in squeeze. Though perhaps a backport might appear. > > http://xi.rename-it.nl/debian has a up2date repository -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria From Lutz.Pressler at SerNet.DE Fri Sep 16 22:19:57 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Fri, 16 Sep 2011 21:19:57 +0200 Subject: [Dovecot] sharing of non-INBOX namespaces? Re: imapc and imap_acl In-Reply-To: <1316178147.12936.92.camel@hurina> References: <57674CC7-1F64-4131-98C6-45CF8B54F23B@iki.fi> <20110913164631.GA1874905@gabi.sernet.de> <1316085138.12936.39.camel@hurina> <1316178147.12936.92.camel@hurina> Message-ID: Timo, On Fri, 16 Sep 2011, Timo Sirainen wrote: > On Thu, 2011-09-15 at 13:41 +0200, Lutz Pre?ler wrote: > > > > If you want to access also ~/Maildir2, you'd need to create a > > > second shared namespace for it. > > Maybe I mess something up the second time today - but I cannot get > > it to work: > > Yeah, it didn't work. Fixed now in hg. multiple shared namespaces do work now, but: I retried to have in otherssecond prefix = INBOX.shared.%%u.second. location = maildir:%%h/Maildir2:INDEX=~/Maildir/shared/%%u/second This is found to be a configuration error: Sep 16 20:49:32 host dovecot: imap(5025, testuser): Error: user lpmail: Initialization failed: namespace configuration error: Dupl icate namespace prefix: "INBOX.shared." Sep 16 20:49:32 host dovecot: imap(5025, testuser): Error: Invalid user settings. Refer to server log for more information. I think the test is too strict, as in general "prefix = bla.%%u.blubb." does work for a shared namespace. Or is there some other problem with this attempt to manually map source to destination structure? Btw, I found a SIGSEGV when SELECTing INBOX.shared. I'll send it seperately. Have a nice weekend, Lutz From Lutz.Pressler at SerNet.DE Fri Sep 16 23:06:15 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Fri, 16 Sep 2011 22:06:15 +0200 Subject: [Dovecot] imapc and imap_acl In-Reply-To: <20110913164631.GA1874905@gabi.sernet.de> References: <57674CC7-1F64-4131-98C6-45CF8B54F23B@iki.fi> <20110913164631.GA1874905@gabi.sernet.de> Message-ID: On Tue, 13 Sep 2011, Lutz Pre?ler wrote: > On Di, 13 Sep 2011, Timo Sirainen wrote: > > You mean you'd want local ACLs that apply to imapc mailboxes? > Yes, exactly. Great for "integrating" legacy IMAP servers without e.g. > ACL support. ... but as long as imapc parameters are global that's of no real use, I just realized... > > I think that should work. For example if you set: > > > > mail_location = imapc:~/imapc > > Then for mailbox foo/bar the ACL file should be in ~/imapc/.foo.bar/dovecot-acl > It almost works: > Sep 13 18:37:58 hhh dovecot: imap(4482, uuu): Error: file_dotlock_open(/home/uuu/Maildir/gmail/.[Gmail].Alle Nachrichten > /dovecot-acl) failed: No such file or directory > After manually creating the ".[Gmail].Alle Nachrichten" directory, SETACL > succeeds. ... so this does not really matter yet. Lutz From tss at iki.fi Fri Sep 16 23:55:15 2011 From: tss at iki.fi (Timo Sirainen) Date: Fri, 16 Sep 2011 23:55:15 +0300 Subject: [Dovecot] v2.1.alpha2 released In-Reply-To: References: <1316182272.12936.112.camel@hurina> Message-ID: <2B96294B-2E59-45F0-B614-554D193CAAE2@iki.fi> On 16.9.2011, at 19.08, Odhiambo Washington wrote: > /usr/home/wash/Tools/Dovecot/dovecot-2.1.alpha2/src/lib/env-util.c:148: > undefined reference to `environ' Hmm. I suppose it works if you remove this line from configure: NOPLUGIN_LDFLAGS="-Wl,--as-needed -Wl,--no-undefined" and then re-configure + make. I wonder what's the difference to Linux.. From stephan at rename-it.nl Sat Sep 17 00:11:24 2011 From: stephan at rename-it.nl (Stephan Bosch) Date: Fri, 16 Sep 2011 23:11:24 +0200 Subject: [Dovecot] v2.0.15 released In-Reply-To: <4E7399B8.70904@schetterer.org> References: <1316182189.12936.111.camel@hurina> <001901cc748a$6cacbaf0$460630d0$@brereton@buongiorno.com> <20110916132056.Horde.IMEjKcm_qOVOc3doMo93biA@mail.kalinowski.com.br> <4E7399B8.70904@schetterer.org> Message-ID: <4E73BB7C.3050406@rename-it.nl> Op 16-9-2011 20:47, Robert Schetterer schreef: > http://xi.rename-it.nl/debian has a up2date repository Yes, extremely up-to-date. So, just don't forget to mention that this repository is not for production setups. Regards, Stephan. From stephan at rename-it.nl Sat Sep 17 00:35:40 2011 From: stephan at rename-it.nl (Stephan Bosch) Date: Fri, 16 Sep 2011 23:35:40 +0200 Subject: [Dovecot] Sieve envelope :detail "to" "extention" does not deliver to fileinto destination In-Reply-To: <20110915191332.GA29568@none.at> References: <20110912171448.GB320@none.at> <4E71C573.2040407@rename-it.nl> <20110915191332.GA29568@none.at> Message-ID: <4E73C12C.2050803@rename-it.nl> Hi Aleksandar, Op 15-9-2011 21:13, Aleksandar Lazic schreef: > Dear Stephan, > > [...] > debug_log "envelope to `${1}'"; > debug_log "envelope to detail `${detail}'"; <= is this a default > variable? Eh, no. > I get > === > sieve: info: started log at Sep 15 21:07:07. > lists.sieve: line 15: info: DEBUG: envelope to `al-pdnsusers at none.at'. > lists.sieve: line 16: info: DEBUG: envelope to detail `'. > info: msgid=<20110915190707.256ED9FECC31 at external.none.at>: stored mail > into mailbox 'Lists.pdnsusers'. > === > > Is there a possibility to print the :detail from the subaddress module? > Maybe like > > Pseudocode: > === > set "detail" :detail if :detail not empty > === Let's just print all relevant stuff: === require "vnd.dovecot.debug"; require "envelope"; require "variables"; require "subaddress"; if envelope :matches "to" "*" { debug_log "envelope to `${1}'"; } if envelope :localpart :matches "to" "*" { debug_log "envelope to; localpart `${1}'"; } if envelope :user :matches "to" "*" { debug_log "envelope to; user `${1}'"; } /* This will print nothing if there is no detail */ if envelope :detail :matches "to" "*" { debug_log "envelope to; detail `${1}'"; } === Yielding, e.g.: === main_script: line 6: info: DEBUG: envelope to `stephan-frop at rename-it.nl'. main_script: line 7: info: DEBUG: envelope to; localpart `stephan-frop'. main_script: line 8: info: DEBUG: envelope to; user `stephan'. main_script: line 9: info: DEBUG: envelope to; detail `frop'. info: msgid=unspecified: stored mail into mailbox 'INBOX'. === > Is there a possibility to dump all variables? > Are there any default variables in variables module? There are no variables defined other than those that you define (using the set command or implicitly for match values). > > What does I make wrong that I haven't the :detail from the subaddress?! My guess is that you need to add the recipient_delimiter setting to the plugin section also: plugin { recipient_delimiter = - } Matbe this should be unified somehow. Regards, Stephan. From stephan at rename-it.nl Sat Sep 17 02:30:23 2011 From: stephan at rename-it.nl (Stephan Bosch) Date: Sat, 17 Sep 2011 01:30:23 +0200 Subject: [Dovecot] Sieve envelope :detail "to" "extention" does not deliver to fileinto destination In-Reply-To: <4E73C12C.2050803@rename-it.nl> References: <20110912171448.GB320@none.at> <4E71C573.2040407@rename-it.nl> <20110915191332.GA29568@none.at> <4E73C12C.2050803@rename-it.nl> Message-ID: <4E73DC0F.6060903@rename-it.nl> Op 16-9-2011 23:35, Stephan Bosch schreef: > > My guess is that you need to add the recipient_delimiter setting to > the plugin section also: > > plugin { > recipient_delimiter = - > } > > Matbe this should be unified somehow. > This should be fixed in hg now. Regards, Stephan. From henson at acm.org Sat Sep 17 03:38:20 2011 From: henson at acm.org (Paul B. Henson) Date: Fri, 16 Sep 2011 17:38:20 -0700 Subject: [Dovecot] mysql auth failover failing In-Reply-To: <1316164896.12936.57.camel@hurina> References: <4E6ACC6C.6020200@acm.org> <1316084011.12936.31.camel@hurina> <4E72924D.8090709@acm.org> <1316164896.12936.57.camel@hurina> Message-ID: <4E73EBFC.3010409@acm.org> On 9/16/2011 2:21 AM, Timo Sirainen wrote: >> As far as I can tell, it still doesn't do load balancing. > > Oh. http://hg.dovecot.org/dovecot-2.0/rev/327698228158 should finally > fix it. :) I installed the new 2.0.15 release including this change, and can confirm it does now successfully load balance across my two servers. Not only that, but with this change, there are no failed authentications at all when one of the servers goes away :). I have it running on one of my three production mail servers now, and barring any unexpected issues will deploy it on the other two next week, and then we'll be sitting pretty ;). Thanks again... -- Paul B. Henson | (909) 979-6361 | http://www.csupomona.edu/~henson/ Operating Systems and Network Analyst | henson at csupomona.edu California State Polytechnic University | Pomona CA 91768 From robert at schetterer.org Sat Sep 17 10:46:15 2011 From: robert at schetterer.org (Robert Schetterer) Date: Sat, 17 Sep 2011 09:46:15 +0200 Subject: [Dovecot] v2.0.15 released In-Reply-To: <4E73BB7C.3050406@rename-it.nl> References: <1316182189.12936.111.camel@hurina> <001901cc748a$6cacbaf0$460630d0$@brereton@buongiorno.com> <20110916132056.Horde.IMEjKcm_qOVOc3doMo93biA@mail.kalinowski.com.br> <4E7399B8.70904@schetterer.org> <4E73BB7C.3050406@rename-it.nl> Message-ID: <4E745047.3010507@schetterer.org> Am 16.09.2011 23:11, schrieb Stephan Bosch: > Op 16-9-2011 20:47, Robert Schetterer schreef: >> http://xi.rename-it.nl/debian has a up2date repository > > Yes, extremely up-to-date. So, just don't forget to mention that this > repository is not for production setups. > > Regards, > > Stephan. anyway i used it in production, with small problems since ever so thx ! -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria From odhiambo at gmail.com Sat Sep 17 11:45:27 2011 From: odhiambo at gmail.com (Odhiambo Washington) Date: Sat, 17 Sep 2011 11:45:27 +0300 Subject: [Dovecot] v2.1.alpha2 released In-Reply-To: <2B96294B-2E59-45F0-B614-554D193CAAE2@iki.fi> References: <1316182272.12936.112.camel@hurina> <2B96294B-2E59-45F0-B614-554D193CAAE2@iki.fi> Message-ID: On Fri, Sep 16, 2011 at 23:55, Timo Sirainen wrote: > On 16.9.2011, at 19.08, Odhiambo Washington wrote: > > > /usr/home/wash/Tools/Dovecot/dovecot-2.1.alpha2/src/lib/env-util.c:148: > > undefined reference to `environ' > > Hmm. I suppose it works if you remove this line from configure: > > NOPLUGIN_LDFLAGS="-Wl,--as-needed -Wl,--no-undefined" > > and then re-configure + make. I wonder what's the difference to Linux.. > > Yes, that made it work. You are welcome to login to this box and spot the difference to Linux :-) -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ I can't hear you -- I'm using the scrambler. Please consider the environment before printing this email. -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.png Type: image/png Size: 652 bytes Desc: not available URL: From al-dovecot at none.at Sat Sep 17 13:52:08 2011 From: al-dovecot at none.at (Aleksandar Lazic) Date: Sat, 17 Sep 2011 12:52:08 +0200 Subject: [Dovecot] Sieve envelope :detail "to" "extention" does not deliver to fileinto destination In-Reply-To: <4E73DC0F.6060903@rename-it.nl> References: <20110912171448.GB320@none.at> <4E71C573.2040407@rename-it.nl> <20110915191332.GA29568@none.at> <4E73C12C.2050803@rename-it.nl> <4E73DC0F.6060903@rename-it.nl> Message-ID: <20110917105208.GA31187@none.at> Dear Stephan, On Sam 17.09.2011 01:30, Stephan Bosch wrote: >Op 16-9-2011 23:35, Stephan Bosch schreef: >> >>My guess is that you need to add the recipient_delimiter setting to >>the plugin section also: >> >>plugin { >>recipient_delimiter = - >>} >> >>Matbe this should be unified somehow. >> > >This should be fixed in hg now. Your guess was right, thanks. Thanks also that the next release will use the global recipient_delimiter. Aleks From al-dovecot at none.at Sat Sep 17 13:54:57 2011 From: al-dovecot at none.at (Aleksandar Lazic) Date: Sat, 17 Sep 2011 12:54:57 +0200 Subject: [Dovecot] Detecting duplicate messages with sieve In-Reply-To: <1316175087.12936.78.camel@hurina> References: <20110915220246.GA17639@none.at> <1316175087.12936.78.camel@hurina> Message-ID: <20110917105457.GB31187@none.at> On Fre 16.09.2011 15:11, Timo Sirainen wrote: >On Fri, 2011-09-16 at 00:02 +0200, Aleksandar Lazic wrote: > >> "Detecting duplicate messages" >.. >> Is there a similar feature in sieve > >No. > >> or can I still use the upper setup? > >I think so. Maybe I have overseen this possibiliy but how an I execute a shell command in LDA / Sieve? >> Another question is about to add this header line in every mail. >> >> xfilter "${REFORMAIL} -a\"Lines: $LINES\"" > >What do you need it for? But nope, I don't think there's a way to do >that with Sieve either. There's an extension to add headers, but it's >not implemented yet. And I don't think there's a way to get the number >of header lines. Well this was for the mutt mail client. Maildrop saves the whole line of a mail into LINES-ENV-Variable. It was just a question, maybe a feature request ;-) Cheers Aleks From zash at zash.se Sat Sep 17 15:30:48 2011 From: zash at zash.se (Kim Alvefur) Date: Sat, 17 Sep 2011 14:30:48 +0200 Subject: [Dovecot] Auth protocol and XMPP Message-ID: <1316262648.7480.37.camel@carcharodon> Hello. I've written an authentication backend for the XMPP server Prosody, which makes it use Dovecots auth socket and protocol, and letting the client use any SASL mechanism Dovecot offers. However, setups using the full user at domain as authnid won't work, due to most XMPP clients assuming that the authnid is the localpart. I want to avoid hardcoding it to PLAIN, or otherwise doing MITM/rewrites if possible. (There exists an older auth backend that does just that already) Ideas? -- Kim Alvefur From ef at math.uni-bonn.de Sat Sep 17 17:16:53 2011 From: ef at math.uni-bonn.de (=?iso-8859-1?Q?Edgar_Fu=DF?=) Date: Sat, 17 Sep 2011 16:16:53 +0200 Subject: [Dovecot] FreeBSD compilation issues (was: v2.1.alpha2 released) In-Reply-To: References: <1316182272.12936.112.camel@hurina> <2B96294B-2E59-45F0-B614-554D193CAAE2@iki.fi> Message-ID: <3A33324B-98AF-41B0-A591-6FFBA1A359CE@math.uni-bonn.de> > You are welcome to login to this box and spot the difference to Linux Could this be a problem similar to that mentioned in http://mail-index.NetBSD.org/tech-pkg/2011/09/05/msg007628.html and its follow-ups? From mr88talent at gmail.com Sun Sep 18 00:39:54 2011 From: mr88talent at gmail.com (Gary V) Date: Sat, 17 Sep 2011 15:39:54 -0600 Subject: [Dovecot] default_pass_scheme = PLAIN and blank password Message-ID: I'm using Dovecot 1.2.15 on Ubuntu, but I think this applies to other versions as well. I store user info and passwords in MySQL. It appears 'default_pass_scheme = PLAIN' allows blank passwords. My question is: Is this a bug or is this by design? If it is by design, is there a setting that I'm not aware of that changes this behavior? Of course let me know if you need additional info on the setup I'm using. Thank you, Gary V From florob at babelmonkeys.de Sun Sep 18 04:44:48 2011 From: florob at babelmonkeys.de (Florian Zeitz) Date: Sun, 18 Sep 2011 03:44:48 +0200 Subject: [Dovecot] [PATCH] SCRAM-SHA-1 authentication In-Reply-To: <1316176851.12936.91.camel@hurina> References: <4E729CBC.5080600@babelmonkeys.de> <1316176851.12936.91.camel@hurina> Message-ID: <4E754D10.5010404@babelmonkeys.de> Am 16.09.2011 14:40, schrieb Timo Sirainen: > On Fri, 2011-09-16 at 02:47 +0200, Florian Zeitz wrote: > > Looks pretty good. Below are a few things I noticed. I could fix these > myself next week also, or you can do them during weekend if you want > to. :) > I decided to do it myself, hope this fixes all issues. > - Could be nicer if client->proof was stored base64-decoded, so its > validity could be checked and also later there wouldn't be need to > base64-encode signature when testing it. > > - Doesn't verify_credentials() need to check the credentials in any way > that it contains expected (sized) data? Anything is allowed? > I don't think it needs to. The password read from the database can legitimately have any length and from the client it just takes a base64 encoded SHA-1 hash. The correct size of that was previously implicitly checked when comparing the base64 encoded data (strings of different length don't compare equal). It's now explicitly checked after base64 decoding the client proof. -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: scram-sha-1.exp URL: From Lutz.Pressler at SerNet.DE Sun Sep 18 14:27:54 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Sun, 18 Sep 2011 13:27:54 +0200 Subject: [Dovecot] 2.1: problems compiling fts-lucene - CLucene git version necessary? In-Reply-To: <7C9B9C67-A1FD-472B-8514-BC54F1B01D00@iki.fi> References: <7C9B9C67-A1FD-472B-8514-BC54F1B01D00@iki.fi> Message-ID: Hello, On So, 11 Sep 2011, Timo Sirainen wrote: > On 11.9.2011, at 22.22, Lutz Pre?ler wrote: > > I have problems recompiling the Debian squeeze auto build packages > > with "--with-lecene". Is the git (2.3) version of CLucene necessary? > Yes. Ok, I now tried to test with clucene-core-2.3.3.4. Quite unsucessfully... I built libclucene-core-static.a and libclucene-shared-static.a after changing the cmake option (BUILD_STATIC_LIBRARIES). But despite enabling BUILD_CONTRIBS, BUILD_CONTRIBS_LIB no snowball/libstemmer has been build. (I am quite unfamiliar with the cmake process. Timo, maybe you can document how you build clucene - if you do it youself.) Anyway, I then changed the Debian auto package source to configure --with-lucene (but not --with-stemmer), and added/changed include paths and the static library to get lib21_fts_lucene_plugin.so (and doveadm/lib20_doveadm_fts_lucene_plugin.so). Adding "fts and fts_lucene" to mail_plugins and "fts = lucene" in plugin section this loads fine. But: trying to use it with SEARCH yields dovecot: imap(...): Error: fts_lucene: default_language set, but Dovecot built without stemmer support (and 3 times Error: fts: Failed to initialize backend 'lucene': Invalid fts_lucene setting) In fts_lucene_plugin_init_settings (src/plugins/fts-lucene/fts-lucene-plugin.c) default_language is initally set to 'english', and I don't find a way to get it unset. Adding to plugin section fts_lucene = default_language= or fts_lucene = default_language="" does not work. Bug? I changed the source (set variable to NULL before interpreting the settings) to fix this. Now it's crashing though when trying a SEARCH. In crc32_str_more (crc=0, str=0x0) at crc32.c:87 87 for (; *p != '\0'; p++) (dovecot src/lib/crc32.c, not clucene). I'll send the full back trace seperately. Lutz From serarien at baqs.net Sun Sep 18 20:06:42 2011 From: serarien at baqs.net (Pierre) Date: Sun, 18 Sep 2011 19:06:42 +0200 Subject: [Dovecot] dovecot-virtual folder configuration In-Reply-To: <1316174903.12936.76.camel@hurina> References: <2a82c4fe9e3aba3c621fe9eb2e530200@mail3.serarien.com> <1316174903.12936.76.camel@hurina> Message-ID: <20110918170642.GA15868@mail3.serarien.com> Thanks for the tip Timo. I was trying to make this work, when I got stupid issue: I named my namespace "#virtual", but putting "#" at the beginning of dovecot-virtual line makes it be a comment. I tryed with '#", \#... without success Is there any method to make it work ? thx, Pierre On 16/sept. - 15:08, Timo Sirainen wrote: > On Fri, 2011-09-16 at 00:58 +0200, Pierre wrote: > > Hi all, > > > > Long story short, I'd like to configure a folder containing: > > > > INBOX > > (some other folders) > > > > -> unseen emails from these folders + all other emails (also seen) from > > the same thread > > -> seen emails from these folders, but only the recent ones + all other > > emails from the same thread > > The "other mails from same thread" is still a bit problematic with > virtual folders. From my TODO: > > - virtual: If last message matching INTHREAD rule gets expunged, the rest of > the thread doesn't go away > > First you'll need to create a virtual folder that has all the mails that > you would ever want to see in threads. For example: > > virtual/all/dovecot-virtual: > ----- > INBOX > Sent > some > other > folders > all > ----- > > Then based on that create the virtual mailbox you want: > > virtual/newstuff/dovecot-virtual: > ----- > virtual/all > inthread refs or unseen recent > ----- > From micah at riseup.net Mon Sep 19 01:27:10 2011 From: micah at riseup.net (Micah Anderson) Date: Sun, 18 Sep 2011 18:27:10 -0400 Subject: [Dovecot] v2.0.15 released References: <1316182189.12936.111.camel@hurina> <18462.520853109$1316189132@news.gmane.org> Message-ID: <87k4951o75.fsf@algae.riseup.net> "Simon Brereton" writes: > I'll bite.. But it's probably not your concern. When will we be able > to get stable 2.x packages for Debian? Apt installs 1.2.15-7 2.x packages are available in Debian Wheezy and Sid. A backport to Squeeze (stable) will be made once the 1.x transition packages make it into Wheezy (~10 days from now). micah From al-dovecot at none.at Mon Sep 19 04:24:18 2011 From: al-dovecot at none.at (Aleksandar Lazic) Date: Mon, 19 Sep 2011 03:24:18 +0200 Subject: [Dovecot] convert maildrop filter to sieve In-Reply-To: <87bouka90k.fsf@algae.riseup.net> References: <20110915191524.GB29568@none.at> <87bouka90k.fsf@algae.riseup.net> Message-ID: <20110919012417.GA30394@none.at> Hi Micah, On Fre 16.09.2011 09:53, Micah Anderson wrote: >Aleksandar Lazic writes: > >> Dear list member, >> >> does anybody have a script which can convert maildrop filter to sive >> filter? > >I would also like this, but I'm afraid it may be too complicated due to >the different possibilities. Moving to sieve from maildrop would be >great, but in practice quite difficult to do when you have a large >number of people with customized mailfilters. I have written a small script for me to convert my mailfilter into sieve. There are some manual fixes which I make after a script run but there are so less that I have decided to show it to the list ;-) Maybe someone can use it also for the migration. BR Aleks -------------- next part -------------- A non-text attachment was scrubbed... Name: convert_maildropfilter_sieve.pl Type: application/x-perl Size: 8254 bytes Desc: not available URL: From tom at elysium.ltd.uk Mon Sep 19 11:27:41 2011 From: tom at elysium.ltd.uk (Tom Clark) Date: Mon, 19 Sep 2011 09:27:41 +0100 Subject: [Dovecot] mail_max_userip_connections=10 Message-ID: <002d01cc76a5$ff88f970$fe9aec50$@elysium.ltd.uk> Hi, A couple of questions rather than a problem for once! We've got our Dovecot server running smoothly now apart from our MD. He's having problems with mail_max_userip_connections. He has 3 (Phone/Laptop/Tablet) items that all connect to the server at about the same time. Which means he's frequently running over the max_userip_connections. My questions are: Is there anyway of whitelisting an IP so that it can ignore mail_max_userip_connections=10? What should we set mail_max_userip_connections too realistically? 10 seems a bit low? Thanks Tom From amateo at um.es Mon Sep 19 12:07:51 2011 From: amateo at um.es (Angel L. Mateo) Date: Mon, 19 Sep 2011 11:07:51 +0200 Subject: [Dovecot] Deleted mailboxes with lazy_expunge In-Reply-To: <1316174471.12936.70.camel@hurina> References: <4E731C17.5090305@um.es> <1316167688.12936.61.camel@hurina> <4E733205.5050406@um.es> <1316174471.12936.70.camel@hurina> Message-ID: <4E770667.7060609@um.es> El 16/09/11 14:01, Timo Sirainen escribi?: > On Fri, 2011-09-16 at 13:24 +0200, Angel L. Mateo wrote: >> >> Sep 16 13:21:00 myotis30 dovecot: imap(angel.luis): Debug: Can't rename >> 'kk' to '.DELETED/kk-20110916-132100': index dirs don't match >> >> I have try to remove the same folder without INDEX in mail_location. >> Without this option it works. > > Alternatively you could add INDEX path to lazy_expunge namespaces and it > would work. The important thing is that both source and destination > either have or don't have INDEX path specified, but it can't be mixed. > (Looks like I messed up those new debug messages - clarified them in hg > now.) > > OK. I have configured all namespaces with the same INDEX path and the problem is solved. Thank you, Timo. -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n _o) y las Comunicaciones Aplicadas (ATICA) / \\ http://www.um.es/atica _(___V Tfo: 868887590 Fax: 868888337 From paulg at cse.yorku.ca Mon Sep 19 15:29:37 2011 From: paulg at cse.yorku.ca (Paul Griffith) Date: Mon, 19 Sep 2011 08:29:37 -0400 Subject: [Dovecot] mail_max_userip_connections=10 In-Reply-To: <002d01cc76a5$ff88f970$fe9aec50$@elysium.ltd.uk> References: <002d01cc76a5$ff88f970$fe9aec50$@elysium.ltd.uk> Message-ID: <4E7735B1.5000501@cse.yorku.ca> On 09/19/11 04:27, Tom Clark wrote: > Hi, > > > > A couple of questions rather than a problem for once! > > > > We've got our Dovecot server running smoothly now apart from our MD. He's > having problems with mail_max_userip_connections. He has 3 > (Phone/Laptop/Tablet) items that all connect to the server at about the same > time. Which means he's frequently running over the max_userip_connections. > > > > My questions are: > > > > Is there anyway of whitelisting an IP so that it can ignore > mail_max_userip_connections=10? > > > > What should we set mail_max_userip_connections too realistically? 10 seems a > bit low? > Hi Tom, The setting mail_max_userip_connections is per IP. from 20-imap.conf (version 2.0.13, the version we are running) # Maximum number of IMAP connections allowed for a user from each IP address. # NOTE: The username is compared case-sensitively. #mail_max_userip_connections = 10 I am going to assume he has a different IP for each device, in this case that would allow up to 30 connections. You need to post your 'doveconf -n' output! Cheers, Paul From tom at elysium.ltd.uk Mon Sep 19 15:36:53 2011 From: tom at elysium.ltd.uk (Tom Clark) Date: Mon, 19 Sep 2011 13:36:53 +0100 Subject: [Dovecot] mail_max_userip_connections=10 In-Reply-To: <4E7735B1.5000501@cse.yorku.ca> References: <002d01cc76a5$ff88f970$fe9aec50$@elysium.ltd.uk> <4E7735B1.5000501@cse.yorku.ca> Message-ID: <006e01cc76c8$cf849090$6e8db1b0$@elysium.ltd.uk> Hi Paul, It's coming from the same IP address through his ADSL. Hence he gets the problem with max_userip_connections. I think I tracked down the problem. He's been using K9 mail which seems to have a problem where it doesn't release a connection and has 1 connection per subscribed folder.... Ta, Tom -----Original Message----- From: Paul Griffith [mailto:paulg at cse.yorku.ca] Sent: 19 September 2011 1:30 PM To: Tom Clark Cc: dovecot at dovecot.org Subject: Re: [Dovecot] mail_max_userip_connections=10 On 09/19/11 04:27, Tom Clark wrote: > Hi, > > > > A couple of questions rather than a problem for once! > > > > We've got our Dovecot server running smoothly now apart from our MD. > He's having problems with mail_max_userip_connections. He has 3 > (Phone/Laptop/Tablet) items that all connect to the server at about > the same time. Which means he's frequently running over the max_userip_connections. > > > > My questions are: > > > > Is there anyway of whitelisting an IP so that it can ignore > mail_max_userip_connections=10? > > > > What should we set mail_max_userip_connections too realistically? 10 > seems a bit low? > Hi Tom, The setting mail_max_userip_connections is per IP. from 20-imap.conf (version 2.0.13, the version we are running) # Maximum number of IMAP connections allowed for a user from each IP address. # NOTE: The username is compared case-sensitively. #mail_max_userip_connections = 10 I am going to assume he has a different IP for each device, in this case that would allow up to 30 connections. You need to post your 'doveconf -n' output! Cheers, Paul From tss at iki.fi Mon Sep 19 18:35:40 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 19 Sep 2011 18:35:40 +0300 Subject: [Dovecot] 2.1: problems compiling fts-lucene - CLucene git version necessary? In-Reply-To: References: <7C9B9C67-A1FD-472B-8514-BC54F1B01D00@iki.fi> Message-ID: <1316446540.12936.114.camel@hurina> On Sun, 2011-09-18 at 13:27 +0200, Lutz Pre?ler wrote: > Hello, > On So, 11 Sep 2011, Timo Sirainen wrote: > > On 11.9.2011, at 22.22, Lutz Pre?ler wrote: > > > I have problems recompiling the Debian squeeze auto build packages > > > with "--with-lecene". Is the git (2.3) version of CLucene necessary? > > Yes. > Ok, I now tried to test with clucene-core-2.3.3.4. Quite unsucessfully... > I built libclucene-core-static.a and libclucene-shared-static.a after > changing the cmake option (BUILD_STATIC_LIBRARIES). But despite enabling > BUILD_CONTRIBS, BUILD_CONTRIBS_LIB no snowball/libstemmer has been build. You need to install libstemmer separately. I think I used http://snowball.tartarus.org/dist/libstemmer_c.tgz > dovecot: imap(...): Error: fts_lucene: default_language set, but Dovecot built without stemmer support Fixed: http://hg.dovecot.org/dovecot-2.1/rev/02c84406c661 From list at airstreamcomm.net Mon Sep 19 18:55:53 2011 From: list at airstreamcomm.net (list at airstreamcomm.net) Date: Mon, 19 Sep 2011 10:55:53 -0500 Subject: [Dovecot] ODBC support Message-ID: I was wondering if ODBC support was on the road map for Dovecot, or if it has ever been discussed? Thanks. From micah at riseup.net Mon Sep 19 20:19:07 2011 From: micah at riseup.net (Micah Anderson) Date: Mon, 19 Sep 2011 13:19:07 -0400 Subject: [Dovecot] dsync with quotas Message-ID: <8762kozbzo.fsf@algae.riseup.net> I have been working on converting people from courier maildir -> dovecot mdbox and during some of the dsync runs I'm seeing the quota_exceeded_message be printed as an Error: dsync(): Error: Can't save message to mailbox INBOX: You are over quota. To avoid losing mail, immediately empty your Trash and Sent folders and \ delete emails with large attachments. dsync(): Info: INBOX: Couldn't keep all uids^M Its possible the user was over quota on the originating courier side, but I would still like to migrate their mail proprely to mdbox, but it seems like being over quota is inhibiting that. Are the quota calculations including both the maildir files as well as the converted mdbox files, resulting in a double counting? I'm not entirely sure if the messages above indicate that the migration failed for that user or not, so I've been manually increasing their quota, then redoing the dsync mirror until it works properly. I wonder if it would be better if I turned off quota entirely during migration so I don't run into this problem? thanks, micah -- -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 835 bytes Desc: not available URL: From asai at globalchangemusic.org Mon Sep 19 20:43:57 2011 From: asai at globalchangemusic.org (Asai) Date: Mon, 19 Sep 2011 10:43:57 -0700 Subject: [Dovecot] mail_max_userip_connections=10 In-Reply-To: <006e01cc76c8$cf849090$6e8db1b0$@elysium.ltd.uk> References: <002d01cc76a5$ff88f970$fe9aec50$@elysium.ltd.uk> <4E7735B1.5000501@cse.yorku.ca> <006e01cc76c8$cf849090$6e8db1b0$@elysium.ltd.uk> Message-ID: <4E777F5D.7050006@globalchangemusic.org> On 9/19/2011 5:36 AM, Tom Clark wrote: > Hi Paul, > > It's coming from the same IP address through his ADSL. Hence he gets the > problem with max_userip_connections. > > I think I tracked down the problem. He's been using K9 mail which seems to > have a problem where it doesn't release a connection and has 1 connection > per subscribed folder.... > > Ta, > > Tom If you figure it out, please post the solution, because we're running into a similar issue right now with K9 mail where it's causing us to get this error:imap-login: Disconnected: Connection queue full From tss at iki.fi Mon Sep 19 21:12:24 2011 From: tss at iki.fi (Timo Sirainen) Date: Mon, 19 Sep 2011 21:12:24 +0300 Subject: [Dovecot] mail_max_userip_connections=10 In-Reply-To: <4E777F5D.7050006@globalchangemusic.org> References: <002d01cc76a5$ff88f970$fe9aec50$@elysium.ltd.uk> <4E7735B1.5000501@cse.yorku.ca> <006e01cc76c8$cf849090$6e8db1b0$@elysium.ltd.uk> <4E777F5D.7050006@globalchangemusic.org> Message-ID: <42D8EE74-351A-4508-99BC-626318016346@iki.fi> On 19.9.2011, at 20.43, Asai wrote: > If you figure it out, please post the solution, because we're running into a similar issue right now with K9 mail where it's causing us to get this error:imap-login: Disconnected: Connection queue full That's a different problem. You need to increase number of login processes / connections. http://wiki2.dovecot.org/LoginProcess From dovecot at tlinx.org Tue Sep 20 02:03:54 2011 From: dovecot at tlinx.org (Linda Walsh) Date: Mon, 19 Sep 2011 16:03:54 -0700 Subject: [Dovecot] outlook 2007 very slow. In-Reply-To: References: Message-ID: <4E77CA5A.6010506@tlinx.org> ` Kui Zhang wrote: > Hello > > I have a user with 2500+ sub folders. Total mailboxes size is around > 6G. (mdbox, dovecot 2:2.0.14) > > Syncing/Receiving appears to be slow, with outlook 2007. He does not > want to switch to an alternative, due to various reasons. > > Any one else having similar issue? > Anything else I should do to narrow down the issue? > ---- I can't speak for outlook 2007, but back in outlook 2000, as well as outlook 2002, it spoke a broken dialect of IMAP that would cause it to hang if you enabled it to read multiple mailboxes at one time. The only safe way I found to use it was to only let it use 1 connection at a time, and even then it wasn't impossible to cause to to fail. Perhaps MS limited outlook to only 1 connection to IMAP servers -- when I spoke to the engineer, they said that really had IMAP support at the lowest level, as it allowed the use of non-MS servers and mail servers -- and they only wanted to support Exchange (in order to get sites to buy exchange!)... The issue was reported broken in 2000, and they had not fixed it by 2002 (office XP), so I moved to thunderbird... I missed a few-several features, but I didn't miss the slowness and unreliability in everyday reading of email. Another problem -- AFAIK, outlook is only 32bit. My mom gets harassed, constantly to move things out of her primary .pst file and into 'archives', (where she can't easily access them and they don't have to be indexed...) because, the internal format became more strained as it got larger. With 6G of folders, indexing those, your user might be hitting outlook memory problems (not running out, but 'thrashing')... If possible, he might try unsubbing to older boxes on his main account, and setup an alternate account to 'go into the archives'...that way syncing only with currently active folders should go much faster)... Send him my condolences... -l > > Thanks > KuiZ > From dovecot at tlinx.org Tue Sep 20 02:22:34 2011 From: dovecot at tlinx.org (Linda Walsh) Date: Mon, 19 Sep 2011 16:22:34 -0700 Subject: [Dovecot] Why can NOT login as root In-Reply-To: <4E6BD852.5000306@vo.lu> References: <4E6B3634.18171.51F73FE@jana1972.centrum.cz> <4E6BD852.5000306@vo.lu> Message-ID: <4E77CEBA.8050603@tlinx.org> John Allen wrote: > As far as I recall, IMAP servers generally don't allow access to root. > > According to the Dovecot wiki, this is hard-coded in the binary: > http://wiki.dovecot.org/MainConfig see under "first_valid_uid" > > If the root user is receiving emails, these need to be redirected to > another user so they can be read via IMAP. --- I guess the source needs a patch. Why would dovecot choose to play nursemaid to people who want to read root email remotely via IMAPS? I can log in via SSH, so why not allow it with secure IMAP? I suppose really, if someone wants to run as root with no password dovecot should be **configurable** to allow this -- as we can't always understand the needs of end users. Example. You have a system on which root uid=0 means nothing (assigns no privs -- all assigned via privilege/capability bits). This means dovecot is hardcoded to lock out a user that may have no privileges, but has no prob permitting access to those with full Capability/priv sets. That is NOT remotely a secure design -- Not that it "allows login to those w/caps", but that it bogusly tries to invalidate site-security policies that it doesn't like Samba has done this and actually disparages people who don't use conventional security policies 'insecure', when those same people can point out a multitude of ways samba can be easily -- in the ways that the samba team, _recommend_, that samba can be accidentally or surreptitiously configured insecurely. When it is asked why alternate security policies are insecure -- they change the subject and agree grudgingly to re-allow 'banned' commands under options like "allow insecure XXXX"... Trying to 'play nursemaid' to users is a bad security policy -- since as soon you (like samba team leader said, "we had to make it impossible to configure samba insecurely", you are asking for trouble; cuz then users think they don't have to worry about how they config things, it will always be secure...and we know that is very untrue! From tss at iki.fi Tue Sep 20 02:50:32 2011 From: tss at iki.fi (Timo Sirainen) Date: Tue, 20 Sep 2011 02:50:32 +0300 Subject: [Dovecot] Why can NOT login as root In-Reply-To: <4E77CEBA.8050603@tlinx.org> References: <4E6B3634.18171.51F73FE@jana1972.centrum.cz> <4E6BD852.5000306@vo.lu> <4E77CEBA.8050603@tlinx.org> Message-ID: On 20.9.2011, at 2.22, Linda Walsh wrote: > I can log in via SSH, so why not allow it with secure IMAP? I suppose > really, if someone wants to run as root with no password dovecot should be > **configurable** to allow this -- as we can't always understand the needs > of end users. Because there's no good reason to read mails as root. If you can give me a good reason I might reconsider, but I highly doubt that's going to happen. Anyway it's mainly about making sure that in the case of some internal security hole (or misconfiguration) in Dovecot at least that security hole couldn't be leveraged to gain root privileges that would allow reading everyone's mails. > Example. You have a system on which root uid=0 means nothing (assigns no > privs -- all assigned via privilege/capability bits). > > This means dovecot is hardcoded to lock out a user that may have no > privileges, but has no prob permitting access to those with full > Capability/priv sets. Rare, and in such cases irrelevant. From user+dovecot at localhost.localdomain.org Tue Sep 20 02:53:32 2011 From: user+dovecot at localhost.localdomain.org (Pascal Volk) Date: Tue, 20 Sep 2011 01:53:32 +0200 Subject: [Dovecot] Why can NOT login as root In-Reply-To: <4E77CEBA.8050603@tlinx.org> References: <4E6B3634.18171.51F73FE@jana1972.centrum.cz> <4E6BD852.5000306@vo.lu> <4E77CEBA.8050603@tlinx.org> Message-ID: <4E77D5FC.5060608@localhost.localdomain.org> On 09/20/2011 01:22 AM Linda Walsh wrote: > I guess the source needs a patch. > > Why would dovecot choose to play nursemaid to people who want to read > root email remotely via IMAPS? > ? So, why do you not simply create and apply the patch? Dovecot is OSS. You are free to modify it in order to satisfy your special requirements. EOD Pascal -- The trapper recommends today: f007ba11.1126301 at localdomain.org From kuizhang at gmail.com Tue Sep 20 05:10:05 2011 From: kuizhang at gmail.com (Kui Zhang) Date: Mon, 19 Sep 2011 19:10:05 -0700 Subject: [Dovecot] outlook 2007 very slow. In-Reply-To: <4E77CA5A.6010506@tlinx.org> References: <4E77CA5A.6010506@tlinx.org> Message-ID: On Mon, Sep 19, 2011 at 4:03 PM, Linda Walsh wrote: > > > > ` Kui Zhang wrote: >> >> Hello >> >> I have a user with 2500+ sub folders. Total mailboxes size is around >> 6G. (mdbox, dovecot 2:2.0.14) >> >> Syncing/Receiving appears to be slow, with outlook 2007. He does not >> want to switch to an alternative, due to various reasons. >> >> Any one else having similar issue? >> Anything else I should do to narrow down the issue? >> > > ---- > ? I can't speak for outlook 2007, but back in outlook 2000, as well as > outlook 2002, it spoke a broken dialect of IMAP that would cause it to > hang if you enabled it to read multiple mailboxes at one time. > > The only safe way I found to use it was to only let it use 1 connection at > a time, and even then it wasn't impossible to cause to to fail. > > Perhaps MS limited outlook to only 1 connection to IMAP servers -- when I > spoke to the engineer, they said that really had IMAP support at the > lowest level, as it allowed the use of non-MS servers and mail servers -- > and they only wanted to support Exchange (in order to get sites to buy > exchange!)... > I thought it might have been something anti-competitive... We decided to give outlook 2k10 a try. Everything appears to work so far. It seems to be using only 1 connection... 2k7 was using 5 connections, with multiple connections in idle state(adding inotify watches) > ? The issue was reported broken in 2000, and they had not fixed it by > 2002 (office XP), so I moved to thunderbird... > thunderbird does not really work for us, due to amount of emails per mailbox. It was hogging all the memory + cpu. Trying out claw-mail. It is working really well. > ? I missed a few-several features, but I didn't miss the slowness and > unreliability in everyday reading of email. > > ? Another problem -- AFAIK, outlook is only 32bit. ?My mom gets > harassed, constantly to move things out of her primary .pst file and into > 'archives', (where she can't easily access them and they don't have to be > indexed...) because, the internal format became more strained as it got > larger. ? With 6G of folders, indexing those, your user might be hitting > outlook memory problems (not running out, but 'thrashing')... > > ? If possible, he might try unsubbing to older boxes on his main > account, and setup an alternate account to 'go into the archives'...that > way syncing only with currently active folders should go much faster)... > > Send him my condolences... > > > -l > > > > >> >> Thanks >> KuiZ >> > From other at ahhyes.net Tue Sep 20 06:49:23 2011 From: other at ahhyes.net (Alex) Date: Tue, 20 Sep 2011 13:49:23 +1000 Subject: [Dovecot] Why can NOT login as root In-Reply-To: References: <4E6B3634.18171.51F73FE@jana1972.centrum.cz> <4E6BD852.5000306@vo.lu> <4E77CEBA.8050603@tlinx.org> Message-ID: <308b79326740349f16af13f2077c1f62@ahhyes.net> On Tue, 20 Sep 2011 02:50:32 +0300, Timo Sirainen wrote: > On 20.9.2011, at 2.22, Linda Walsh wrote: > >> I can log in via SSH, so why not allow it with secure IMAP? I >> suppose >> really, if someone wants to run as root with no password dovecot >> should be >> **configurable** to allow this -- as we can't always understand the >> needs >> of end users. > > Because there's no good reason to read mails as root. If you can give > me a good reason I might reconsider, but I highly doubt that's going > to happen. > > Anyway it's mainly about making sure that in the case of some > internal security hole (or misconfiguration) in Dovecot at least that > security hole couldn't be leveraged to gain root privileges that > would > allow reading everyone's mails. > >> Example. You have a system on which root uid=0 means nothing >> (assigns no >> privs -- all assigned via privilege/capability bits). >> >> This means dovecot is hardcoded to lock out a user that may have no >> privileges, but has no prob permitting access to those with full >> Capability/priv sets. > > Rare, and in such cases irrelevant. From other at ahhyes.net Tue Sep 20 07:03:29 2011 From: other at ahhyes.net (Alex) Date: Tue, 20 Sep 2011 14:03:29 +1000 Subject: [Dovecot] Why can NOT login as root In-Reply-To: <308b79326740349f16af13f2077c1f62@ahhyes.net> References: <4E6B3634.18171.51F73FE@jana1972.centrum.cz> <4E6BD852.5000306@vo.lu> <4E77CEBA.8050603@tlinx.org> <308b79326740349f16af13f2077c1f62@ahhyes.net> Message-ID: <9dbaaa16a9731eefa05cef6c3c6a9dbf@ahhyes.net> On Tue, 20 Sep 2011 13:49:23 +1000, Alex wrote: > On Tue, 20 Sep 2011 02:50:32 +0300, Timo Sirainen wrote: >> On 20.9.2011, at 2.22, Linda Walsh wrote: >> >>> I can log in via SSH, so why not allow it with secure IMAP? I >>> suppose >>> really, if someone wants to run as root with no password dovecot >>> should be >>> **configurable** to allow this -- as we can't always understand >>> the needs >>> of end users. >> >> Because there's no good reason to read mails as root. If you can >> give >> me a good reason I might reconsider, but I highly doubt that's going >> to happen. >> >> Anyway it's mainly about making sure that in the case of some >> internal security hole (or misconfiguration) in Dovecot at least >> that >> security hole couldn't be leveraged to gain root privileges that >> would >> allow reading everyone's mails. >> >>> Example. You have a system on which root uid=0 means nothing >>> (assigns no >>> privs -- all assigned via privilege/capability bits). >>> >>> This means dovecot is hardcoded to lock out a user that may have no >>> privileges, but has no prob permitting access to those with full >>> Capability/priv sets. >> >> Rare, and in such cases irrelevant. From other at ahhyes.net Tue Sep 20 07:06:16 2011 From: other at ahhyes.net (Alex) Date: Tue, 20 Sep 2011 14:06:16 +1000 Subject: [Dovecot] Default permissions on newly created maildir Message-ID: Hi Guys, I am setting up SQL auth for mail. Auth works fine, I notice that if no maildir exists for the authenticated user, it is created automatically (depending on the homedir specified in the sql table entry). The problem is that it creates the dir with "700" permissions which is causing grief for my MTA when it comes time for it to try and drop mail there. If I chmod the dir to 770 things work fine. How do I change the default permissions that dovecot uses whenever it creates a new mail account? From Lutz.Pressler at SerNet.DE Tue Sep 20 10:12:45 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Tue, 20 Sep 2011 09:12:45 +0200 Subject: [Dovecot] 2.1: problems compiling fts-lucene - CLucene git version necessary? In-Reply-To: <1316446540.12936.114.camel@hurina> References: <7C9B9C67-A1FD-472B-8514-BC54F1B01D00@iki.fi> <1316446540.12936.114.camel@hurina> Message-ID: On Mo, 19 Sep 2011, Timo Sirainen wrote: > On Sun, 2011-09-18 at 13:27 +0200, Lutz Pre?ler wrote: > > Hello, > > On So, 11 Sep 2011, Timo Sirainen wrote: > > > On 11.9.2011, at 22.22, Lutz Pre?ler wrote: > > > > I have problems recompiling the Debian squeeze auto build packages > > > > with "--with-lecene". Is the git (2.3) version of CLucene necessary? > > > Yes. > > Ok, I now tried to test with clucene-core-2.3.3.4. Quite unsucessfully... > > I built libclucene-core-static.a and libclucene-shared-static.a after > > changing the cmake option (BUILD_STATIC_LIBRARIES). But despite enabling > > BUILD_CONTRIBS, BUILD_CONTRIBS_LIB no snowball/libstemmer has been build. > > You need to install libstemmer separately. I think I used > http://snowball.tartarus.org/dist/libstemmer_c.tgz Still having build problems --with-stemmer... libstemmer built and referenced seperately, libtextcat as Debian package, it's: lucene-wrapper.cc: In function 'lucene_index* lucene_index_init(const char*, mailbox_list*, const fts_lucene_settings*)': lucene-wrapper.cc:108: error: no matching function for call to 'lucene::analysis::snowball::SnowballAnalyzer::SnowballAnalyzer(const char*&)' ../../../../clucene-core-2.3.3.4/src/contribs-lib/CLucene/snowball/SnowballAnalyzer.h:32: note: candidates are: lucene::analysis::snowball::SnowballAnalyzer::SnowballAnalyzer(const TCHAR*, const TCHAR**) ../../../../clucene-core-2.3.3.4/src/contribs-lib/CLucene/snowball/SnowballAnalyzer.h:28: note: lucene::analysis::snowball::SnowballAnalyzer::SnowballAnalyzer(const TCHAR*) ../../../../clucene-core-2.3.3.4/src/contribs-lib/CLucene/snowball/SnowballAnalyzer.h:22: note: lucene::analysis::snowball::SnowballAnalyzer::SnowballAnalyzer(const lucene::analysis::snowball::SnowballAnalyzer&) index->set.default_language is char, but TCHAR is wchar_t but not char? > > > dovecot: imap(...): Error: fts_lucene: default_language set, but Dovecot built without stemmer support > > Fixed: http://hg.dovecot.org/dovecot-2.1/rev/02c84406c661 Without stemmer support it works nicely now though. One further question: Is fts indexing after delivery still on your TODO list? Lutz From tom at elysium.ltd.uk Tue Sep 20 11:15:01 2011 From: tom at elysium.ltd.uk (Tom Clark) Date: Tue, 20 Sep 2011 09:15:01 +0100 Subject: [Dovecot] mail_max_userip_connections=10 In-Reply-To: <42D8EE74-351A-4508-99BC-626318016346@iki.fi> References: <002d01cc76a5$ff88f970$fe9aec50$@elysium.ltd.uk> <4E7735B1.5000501@cse.yorku.ca> <006e01cc76c8$cf849090$6e8db1b0$@elysium.ltd.uk> <4E777F5D.7050006@globalchangemusic.org> <42D8EE74-351A-4508-99BC-626318016346@iki.fi> Message-ID: <000d01cc776d$653d5280$2fb7f780$@elysium.ltd.uk> If it is the same problem with K9 (although Timo doesn't think it is) we fixed it on the K9 machine by turning off PUSH mail folders. Tom -----Original Message----- From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On Behalf Of Timo Sirainen Sent: 19 September 2011 7:12 PM To: Asai Cc: Dovecot Mailing List Subject: Re: [Dovecot] mail_max_userip_connections=10 On 19.9.2011, at 20.43, Asai wrote: > If you figure it out, please post the solution, because we're running into a similar issue right now with K9 mail where it's causing us to get this error:imap-login: Disconnected: Connection queue full That's a different problem. You need to increase number of login processes / connections. http://wiki2.dovecot.org/LoginProcess From usuda at designet.co.jp Tue Sep 20 12:28:49 2011 From: usuda at designet.co.jp (USUDA Hisashi) Date: Tue, 20 Sep 2011 18:28:49 +0900 Subject: [Dovecot] DRAC plugin for Dovecot-2.x Message-ID: <4E785CD1.5030907@designet.co.jp> Hello All, I released the DRAC plugin for dovecot-2.x. http://sourceforge.jp/projects/dovecot2-drac/ It's based the plugin for dovecot-1.1: http://dovecot.org/patches/1.1/drac.c Please see README file for details. Best regards, -- mailto:usuda at designet.co.jp From CMarcus at Media-Brokers.com Tue Sep 20 13:21:50 2011 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Tue, 20 Sep 2011 06:21:50 -0400 Subject: [Dovecot] outlook 2007 very slow. In-Reply-To: <4E77CA5A.6010506@tlinx.org> References: <4E77CA5A.6010506@tlinx.org> Message-ID: <4E78693E.3080308@Media-Brokers.com> On 2011-09-19 7:03 PM, Linda Walsh wrote: > Another problem -- AFAIK, outlook is only 32bit. My mom gets > harassed, constantly to move things out of her primary .pst file and > into 'archives', (where she can't easily access them and they don't > have to be indexed...) because, the internal format became more > strained as it got larger. With 6G of folders, indexing those, your > user might be hitting outlook memory problems (not running out, but > 'thrashing')... Outlook < 2007 were limited to 2GB .pst files. > 2007 could use max of 20GB .pst files, although in my experience it gets slow/sluggish with more than 10GB (and keep good backups, .pst files can get corrupted if you look at them too hard)... IMAP support got much better in 2007, and is even better in 2010, but Outlook still only really shines as an Exchange client, and that is the way Microsoft wants it (and understandably so)... Personally, I would only use Outlook in an Exchange environment, never as a standalone email client, although it's calendar is much better than Thunderbird+Lightning I'm sad to say... -- Best regards, Charles From CMarcus at Media-Brokers.com Tue Sep 20 13:23:51 2011 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Tue, 20 Sep 2011 06:23:51 -0400 Subject: [Dovecot] Why can NOT login as root In-Reply-To: <4E77CEBA.8050603@tlinx.org> References: <4E6B3634.18171.51F73FE@jana1972.centrum.cz> <4E6BD852.5000306@vo.lu> <4E77CEBA.8050603@tlinx.org> Message-ID: <4E7869B7.4090209@Media-Brokers.com> On 2011-09-19 7:22 PM, Linda Walsh wrote: >> If the root user is receiving emails, these need to be redirected to >> another user so they can be read via IMAP. > I guess the source needs a patch. Only if you like wasting your time. > Why would dovecot choose to play nursemaid to people who want to read > root email remotely via IMAPS? It is generally considered 'standard procedure' to alias root to another user account for mail. That's one of the first things I do when setting up a new server, whether it is a mail server or other... -- Best regards, Charles From dovecot at lists.grepular.com Tue Sep 20 13:30:26 2011 From: dovecot at lists.grepular.com (dovecot at lists.grepular.com) Date: Tue, 20 Sep 2011 11:30:26 +0100 Subject: [Dovecot] outlook 2007 very slow. In-Reply-To: <4E78693E.3080308@Media-Brokers.com> References: <4E77CA5A.6010506@tlinx.org> <4E78693E.3080308@Media-Brokers.com> Message-ID: <4E786B42.8090706@lists.grepular.com> On 20/09/11 11:21, Charles Marcus wrote: > IMAP support got much better in 2007, How did it get better? They removed NAMESPACE support when moving from 2003 to 2007, which was a complete ball ache for us. > and is even better in 2010 Do they support ACL in 2010? They don't in 2007, which is really frustrating. What is better about 2010 IMAP support compared to 2007? I'm genuinely interested to know... -- Mike Cardwell https://grepular.com/ https://twitter.com/mickeyc Professional http://cardwellit.com/ http://linkedin.com/in/mikecardwell PGP.mit.edu 0018461F/35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 455 bytes Desc: OpenPGP digital signature URL: From CMarcus at Media-Brokers.com Tue Sep 20 13:46:17 2011 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Tue, 20 Sep 2011 06:46:17 -0400 Subject: [Dovecot] outlook 2007 very slow. In-Reply-To: <4E786B42.8090706@lists.grepular.com> References: <4E77CA5A.6010506@tlinx.org> <4E78693E.3080308@Media-Brokers.com> <4E786B42.8090706@lists.grepular.com> Message-ID: <4E786EF9.8090101@Media-Brokers.com> On 2011-09-20 6:30 AM, dovecot at lists.grepular.com wrote: > On 20/09/11 11:21, Charles Marcus wrote: > >> IMAP support got much better in 2007, > > How did it get better? They removed NAMESPACE support when moving from > 2003 to 2007, which was a complete ball ache for us. 2003 was basically unusable on large mail stores. 2007 actually became usable, in that it was much more responsive when working with mail, but my testing didn't really go beyond that, it was more curiosity than anything (and, I have ONE friend who insists on using Outlook because the Calendar is so much better than anything else out there). >> and is even better in 2010 > Do they support ACL in 2010? They don't in 2007, which is really > frustrating. What is better about 2010 IMAP support compared to 2007? > I'm genuinely interested to know... What do you mean by 'ACL support'? Do you mean the ability to create/edit them on shared folders? If so, then no, not natively, I don't think, but I didn't do any intensive testing, all I can tell you is it is much more responsive, especially on larger folders. -- Best regards, Charles From dovecot at lists.grepular.com Tue Sep 20 13:57:17 2011 From: dovecot at lists.grepular.com (Mike Cardwell) Date: Tue, 20 Sep 2011 11:57:17 +0100 Subject: [Dovecot] outlook 2007 very slow. In-Reply-To: <4E786EF9.8090101@Media-Brokers.com> References: <4E77CA5A.6010506@tlinx.org> <4E78693E.3080308@Media-Brokers.com> <4E786B42.8090706@lists.grepular.com> <4E786EF9.8090101@Media-Brokers.com> Message-ID: <4E78718D.6090400@lists.grepular.com> On 20/09/11 11:46, Charles Marcus wrote: >>> and is even better in 2010 > >> Do they support ACL in 2010? They don't in 2007, which is really >> frustrating. What is better about 2010 IMAP support compared to 2007? >> I'm genuinely interested to know... > > What do you mean by 'ACL support'? Do you mean the ability to > create/edit them on shared folders? Yes. Support for the IMAP ACL extension. > If so, then no, not natively, I > don't think, but I didn't do any intensive testing, all I can tell you > is it is much more responsive, especially on larger folders. This is a real shame. IMAP can do so much more than Exchange's IMAP implementation allows. -- Mike Cardwell https://grepular.com/ https://twitter.com/mickeyc Professional http://cardwellit.com/ http://linkedin.com/in/mikecardwell PGP.mit.edu 0018461F/35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 455 bytes Desc: OpenPGP digital signature URL: From stan at hardwarefreak.com Tue Sep 20 15:21:01 2011 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Tue, 20 Sep 2011 07:21:01 -0500 Subject: [Dovecot] mail_max_userip_connections=10 In-Reply-To: <006e01cc76c8$cf849090$6e8db1b0$@elysium.ltd.uk> References: <002d01cc76a5$ff88f970$fe9aec50$@elysium.ltd.uk> <4E7735B1.5000501@cse.yorku.ca> <006e01cc76c8$cf849090$6e8db1b0$@elysium.ltd.uk> Message-ID: <4E78852D.1070506@hardwarefreak.com> On 9/19/2011 7:36 AM, Tom Clark wrote: > Hi Paul, > > It's coming from the same IP address through his ADSL. Hence he gets the > problem with max_userip_connections. > > I think I tracked down the problem. He's been using K9 mail which seems to > have a problem where it doesn't release a connection and has 1 connection > per subscribed folder.... The reasoning behind the multiple socket communication design in the IMAP protocol is flawed, thus we end up with problems like yours, and others. It may have looked good on the white board but it doesn't seem to add benefit in production--only add problems. At least from an SA's perspective. Just about every other modern internet protocol gets by with a single socket, and many of those applications are more complex than IMAP. Multiple virtual channels are a good idea at the data link layer of WAN communications links, and work well there. They're a lousy idea at the application layer, however, as the IMAP protocol clearly demonstrates. Everything IMAP does over multiple sockets could have been accomplished over a single socket, with no noticeable decrease in performance, but with fewer SA headaches and fewer server resources consumed. I eagerly await a successor to the current version of IMAP, which will hopefully do away with this problematic, unnecessary, multiple socket nonsense. It may be a long wait, unfortunately... -- Stan From helge at monsternett.no Tue Sep 20 16:58:13 2011 From: helge at monsternett.no (Helge Milde) Date: Tue, 20 Sep 2011 15:58:13 +0200 Subject: [Dovecot] Trouble getting lda to gzip incomming mails (zlib plugin) Message-ID: <20110920135808.GB28582@monsternett.no> Hi! I've followed the guide at http://wiki2.dovecot.org/Plugins/Zlib to try to make Dovecot gzip incomming mails, but it doesn't seem to work. I've made pop/imap read gzipped files, and this seems to work perfectly, but LDA is still saving incomming mails in plain text. There's not too much information out there regarding the zlib module, so I'm not sure where to start debugging the problem, and was hoping someone could point me in the right direction. The only mention of zlib when LDA is delivering a file: Sep 20 15:51:19 mail dovecot: deliver(helgemil): Module loaded: /usr/lib/dovecot/modules/lda/lib20_zlib_plugin.so The most relevant lines from dovecot.conf: mail_debug = yes protocols = imap pop3 imaps pop3s mail_location = maildir:~/Maildir mail_privileged_group = mail max_mail_processes = 1024 mail_process_size = 512 protocol imap { mail_max_userip_connections = 50 mail_plugins = fts fts_squat zlib } protocol pop3 { pop3_uidl_format = %08Xu%08Xv mail_max_userip_connections = 50 mail_plugins = zlib } protocol lda { postmaster_address = postmaster at monsternett.no mail_plugins = sieve zlib mail_plugin_dir = /usr/lib/dovecot/modules/lda sieve_global_dir = /etc/dovecot/sieve/ sieve_global_path = /etc/dovecot/sieve/default.sieve } plugin { zlib_save_level = 6 zlib_save = gz fts = squat sieve = ~/dovecot.sieve sieve_dir = ~/ } -- Helge Milde, 69701808 www.monsternett.no From udo.lembke at albertbauer.com Tue Sep 20 18:36:47 2011 From: udo.lembke at albertbauer.com (Udo Lembke) Date: Tue, 20 Sep 2011 17:36:47 +0200 Subject: [Dovecot] how to disable quota for second namespace? Message-ID: <4E78B30F.7020000@albertbauer.com> Hi all, I have a second namespace as archive, where no quota should be active (work with type = shared). But if I change the type to private the quota will allways count. My dovecot version is the 2.0.13. I have tried things like this: plugin { quota_rule = *:storage=500M quota_rule2 = Trash:storage=+100M quota_rule3 = Sent:storage=+50M quota_rule4 = ns=archiv/%u/:ignore } It's also doesn't work with "quota_rule4 = archiv/%u/:ignore" The namespace: namespace { type = private separator = / prefix = "archiv/%u/" location = maildir:/var/data/archiv/%d/%n:INDEX=/var/data/indexes/archiv/%u:LAYOUT=fs inbox = no hidden = no subscriptions = no list = yes } Even if I define the namespace for quota I see the quota-value also in the "root": plugin { quota = maildir:User quota quota2 = maildir:Archiv quota:ns=archiv/%u/ } doveadm quota get -u test at example.com Quota name Type Value Limit % User quota STORAGE 1587135 512000 309 User quota MESSAGE 13346 - 0 Archiv quota STORAGE 1359379 - 0 Archiv quota MESSAGE 10577 - 0 du -ks /var/data/mail/example.com/test 234364 /var/data/mail/example.com/test du -ks /var/data/archiv/example.com/test 1383792 /var/data/archiv/example.com/test Now is the big question, how can I reach such an output? doveadm quota get -u test at example.com Quota name Type Value Limit % User quota STORAGE 227756 512000 44 User quota MESSAGE 2769 - 0 Archiv quota STORAGE 1359379 - 0 Archiv quota MESSAGE 10577 - 0 I can't believe that's only possible with a shared namespace, or? Any hints are welcome. Best regards Udo From patrickdk at patrickdk.com Tue Sep 20 18:54:21 2011 From: patrickdk at patrickdk.com (Patrick Domack) Date: Tue, 20 Sep 2011 11:54:21 -0400 Subject: [Dovecot] Trouble getting lda to gzip incomming mails (zlib plugin) In-Reply-To: <20110920135808.GB28582@monsternett.no> References: <20110920135808.GB28582@monsternett.no> Message-ID: <20110920115421.Horde.44HXTZLnE6FOeLctSTJCeHA@kishi.patrickdk.com> I thinking your mail_plugin_dir is not needed, I don't have it configured, and that path doesn't even exist on my system, maybe hangover from 1.x config? Quoting Helge Milde : > Hi! > I've followed the guide at http://wiki2.dovecot.org/Plugins/Zlib to > try to make Dovecot gzip incomming mails, but it doesn't seem to work. > I've made pop/imap read gzipped files, and this seems to work > perfectly, but LDA is still saving incomming mails in plain text. > There's not too much information out there regarding the zlib > module, so I'm not sure where to start debugging the problem, and > was hoping someone could point me in the right direction. > > The only mention of zlib when LDA is delivering a file: > Sep 20 15:51:19 mail dovecot: deliver(helgemil): Module loaded: > /usr/lib/dovecot/modules/lda/lib20_zlib_plugin.so The most > relevant lines from dovecot.conf: > mail_debug = yes > protocols = imap pop3 imaps pop3s > mail_location = maildir:~/Maildir > mail_privileged_group = mail > max_mail_processes = 1024 > mail_process_size = 512 > > protocol imap { > mail_max_userip_connections = 50 > mail_plugins = fts fts_squat zlib > } > > protocol pop3 { > pop3_uidl_format = %08Xu%08Xv > mail_max_userip_connections = 50 > mail_plugins = zlib > } > > protocol lda { > postmaster_address = postmaster at monsternett.no > mail_plugins = sieve zlib > mail_plugin_dir = /usr/lib/dovecot/modules/lda > sieve_global_dir = /etc/dovecot/sieve/ > sieve_global_path = /etc/dovecot/sieve/default.sieve > } > > plugin { > zlib_save_level = 6 > zlib_save = gz > fts = squat > sieve = ~/dovecot.sieve > sieve_dir = ~/ > } > > -- > Helge Milde, 69701808 > www.monsternett.no From helge at monsternett.no Tue Sep 20 19:22:53 2011 From: helge at monsternett.no (Helge Milde) Date: Tue, 20 Sep 2011 18:22:53 +0200 Subject: [Dovecot] Trouble getting lda to gzip incomming mails (zlib plugin) In-Reply-To: <20110920115421.Horde.44HXTZLnE6FOeLctSTJCeHA@kishi.patrickdk.com> References: <20110920135808.GB28582@monsternett.no> <20110920115421.Horde.44HXTZLnE6FOeLctSTJCeHA@kishi.patrickdk.com> Message-ID: <20110920162253.GC2939@monsternett.no> Well, I can't see why it would hurt either. The reason we're using that directory is that the sieve plugin is compiled into lda/ by default, I think. I will try to move the sieve files into dovecot/ and remove mail_plugin_dir tomorrow, but I don't think it will help since dovecot has no problems *loading* the library. On Tue, Sep 20, 2011 at 11:54:21AM -0400, Patrick Domack wrote: >I thinking your mail_plugin_dir is not needed, I don't have it >configured, and that path doesn't even exist on my system, maybe >hangover from 1.x config? > > >Quoting Helge Milde : > >>Hi! >>I've followed the guide at http://wiki2.dovecot.org/Plugins/Zlib to >>try to make Dovecot gzip incomming mails, but it doesn't seem to >>work. >>I've made pop/imap read gzipped files, and this seems to work >>perfectly, but LDA is still saving incomming mails in plain text. >>There's not too much information out there regarding the zlib >>module, so I'm not sure where to start debugging the problem, and >>was hoping someone could point me in the right direction. >> >>The only mention of zlib when LDA is delivering a file: >>Sep 20 15:51:19 mail dovecot: deliver(helgemil): Module loaded: >>/usr/lib/dovecot/modules/lda/lib20_zlib_plugin.so The most >>relevant lines from dovecot.conf: >>mail_debug = yes >>protocols = imap pop3 imaps pop3s >>mail_location = maildir:~/Maildir >>mail_privileged_group = mail >>max_mail_processes = 1024 >>mail_process_size = 512 >> >>protocol imap { >> mail_max_userip_connections = 50 >> mail_plugins = fts fts_squat zlib >>} >> >>protocol pop3 { >> pop3_uidl_format = %08Xu%08Xv >> mail_max_userip_connections = 50 >> mail_plugins = zlib >>} >> >>protocol lda { >> postmaster_address = postmaster at monsternett.no >> mail_plugins = sieve zlib >> mail_plugin_dir = /usr/lib/dovecot/modules/lda >> sieve_global_dir = /etc/dovecot/sieve/ >> sieve_global_path = /etc/dovecot/sieve/default.sieve >>} >> >>plugin { >> zlib_save_level = 6 >> zlib_save = gz >> fts = squat >> sieve = ~/dovecot.sieve >> sieve_dir = ~/ >>} >> >>-- >>Helge Milde, 69701808 >>www.monsternett.no > > > -- Helge Milde, 69701808 www.monsternett.no From asai at globalchangemusic.org Tue Sep 20 20:46:38 2011 From: asai at globalchangemusic.org (Asai) Date: Tue, 20 Sep 2011 10:46:38 -0700 Subject: [Dovecot] mail_max_userip_connections=10 In-Reply-To: <000d01cc776d$653d5280$2fb7f780$@elysium.ltd.uk> References: <002d01cc76a5$ff88f970$fe9aec50$@elysium.ltd.uk> <4E7735B1.5000501@cse.yorku.ca> <006e01cc76c8$cf849090$6e8db1b0$@elysium.ltd.uk> <4E777F5D.7050006@globalchangemusic.org> <42D8EE74-351A-4508-99BC-626318016346@iki.fi> <000d01cc776d$653d5280$2fb7f780$@elysium.ltd.uk> Message-ID: <4E78D17E.90607@globalchangemusic.org> Thanks for the insight, Tom. Yeah, it was a different problem, and we solved it. On 9/20/2011 1:15 AM, Tom Clark wrote: > If it is the same problem with K9 (although Timo doesn't think it is) we > fixed it on the K9 machine by turning off PUSH mail folders. > > Tom > > -----Original Message----- > From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On > Behalf Of Timo Sirainen > Sent: 19 September 2011 7:12 PM > To: Asai > Cc: Dovecot Mailing List > Subject: Re: [Dovecot] mail_max_userip_connections=10 > > On 19.9.2011, at 20.43, Asai wrote: > >> If you figure it out, please post the solution, because we're running into > a similar issue right now with K9 mail where it's causing us to get this > error:imap-login: Disconnected: Connection queue full > > That's a different problem. You need to increase number of login processes / > connections. http://wiki2.dovecot.org/LoginProcess > > From Anton.Aylward at antonaylward.com Tue Sep 20 23:03:39 2011 From: Anton.Aylward at antonaylward.com (Anton Aylward) Date: Tue, 20 Sep 2011 16:03:39 -0400 Subject: [Dovecot] About using Dovecot indexes with Thunderbird/kmail Message-ID: <4E78F19B.2070909@antonaylward.com> I have Dovecot running well on my Mandriva mail hub, handing out IMAP to the household LAN. This is 1.2.15. Eventually I'll upgrade the OS and get 2.x, but this is working fine. So this question is really about the mail readers I use and how they make use of Dovecot. I have Thunderbird on my laptop and KMail2 on my desktop. Dovecot indexes. GOOD! The trouble is that the mail readers want their own indexes :-( I wish that Thunderbird would NOT index mail on my laptop, but it does. I wish Kmail2 would not use nepomuk/akonadi to index the mail but it does. Why can't they both believe the indexes used by Dovecot? Is this an unreasonable request? -- "We stand behind all of our products, except for the manure spreader." -- Corporate motto of an equipment manufacturer From CMarcus at Media-Brokers.com Tue Sep 20 23:22:53 2011 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Tue, 20 Sep 2011 16:22:53 -0400 Subject: [Dovecot] About using Dovecot indexes with Thunderbird/kmail In-Reply-To: <4E78F19B.2070909@antonaylward.com> References: <4E78F19B.2070909@antonaylward.com> Message-ID: <4E78F61D.2050601@Media-Brokers.com> On 2011-09-20 4:03 PM, Anton Aylward wrote: > I wish that Thunderbird would NOT index mail on my laptop, but it does. So turn it (GLODA) off... -- Best regards, Charles From lists at necoro.eu Tue Sep 20 23:38:21 2011 From: lists at necoro.eu (=?UTF-8?B?UmVuw6kgTmV1bWFubg==?=) Date: Tue, 20 Sep 2011 22:38:21 +0200 Subject: [Dovecot] Sieve: Vacation, handle and variable Message-ID: <4E78F9BD.6090306@necoro.eu> Hi *, I am adding a generic way for vacation-replies in my sieve setup. There I set the handle and the reason using variables (see end of mail). My simple question now is: Though variable expansion is not done for subject and reason, is it done for the handle? Because else there seems no way in configuring the vacation action via variables. I tried to read the code for this extension, but ... well ... the whole sieve implementation is way more complicated then I figured ^^. Thus I take the question to the list. Thanks, Ren? ----- default.sieve ----- require [..., "include", "variables"]; # set this to the text you want to get included in the vacation-mail global ["vacation", "vhandle"]; set "vhandle" ""; set "vacation" ""; [...] include :personal "vacation"; ----- vacation.sieve ----- require ["variables", "include", "vacation"]; # this is set in the including script global ["vacation", "vhandle"]; if string :is "${vacation}" "" { return; } # ensure we have a handle if string :is "${vhandle}" "" { set "vhandle" "${vacation}"; } if header :matches "subject" "*" { set "sbj" "Out of office [was: ${1}]"; vacation :addresses [...] :from "..." :days 7 :handle "${vhandle}" :subject "${sbj}" "${vacation}"; } ------------------------- -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From Anton.Aylward at antonaylward.com Wed Sep 21 00:37:50 2011 From: Anton.Aylward at antonaylward.com (Anton Aylward) Date: Tue, 20 Sep 2011 17:37:50 -0400 Subject: [Dovecot] About using Dovecot indexes with Thunderbird/kmail In-Reply-To: <4E78F61D.2050601@Media-Brokers.com> References: <4E78F19B.2070909@antonaylward.com> <4E78F61D.2050601@Media-Brokers.com> Message-ID: <4E7907AE.2040809@antonaylward.com> Charles Marcus said the following on 09/20/2011 04:22 PM: > On 2011-09-20 4:03 PM, Anton Aylward wrote: >> I wish that Thunderbird would NOT index mail on my laptop, but it does. > > So turn it (GLODA) off... > Ah https://wiki.mozilla.org/Thunderbird:Using_Gloda Well it is off, but I still have these index files ... So perhaps its not index that taking all the space and gets rebuilt when T Bird says its downloading the headers and indexing ... And then there's nepomuk.... I'm coming to hate nepomuk! -- "Beware of bugs in the above code; I have only proved it correct, not tried it." -- Knuth From lists at necoro.eu Wed Sep 21 00:48:54 2011 From: lists at necoro.eu (=?UTF-8?B?UmVuw6kgTmV1bWFubg==?=) Date: Tue, 20 Sep 2011 23:48:54 +0200 Subject: [Dovecot] Sieve: Vacation, handle and variable In-Reply-To: <4E78F9BD.6090306@necoro.eu> References: <4E78F9BD.6090306@necoro.eu> Message-ID: <4E790A46.7020603@necoro.eu> Am 20.09.2011 22:38, schrieb Ren? Neumann: > Hi *, > > I am adding a generic way for vacation-replies in my sieve setup. There > I set the handle and the reason using variables (see end of mail). My > simple question now is: Though variable expansion is not done for > subject and reason, is it done for the handle? Because else there seems > no way in configuring the vacation action via variables. Ok. I just learned about sieve-test. And this shows me: * send vacation message: => seconds : 604800 => subject: FooSubj => from : ... => handle : ${vhandle} So the handle does not expand variables. Hence: Would it be possible to add for example a non-standard ":expand list" option to vacation, where 'list' contains the names of the options where it is safe to do variable-expansion? - Ren? -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From stephan at rename-it.nl Wed Sep 21 02:09:50 2011 From: stephan at rename-it.nl (Stephan Bosch) Date: Wed, 21 Sep 2011 01:09:50 +0200 Subject: [Dovecot] Sieve: Vacation, handle and variable In-Reply-To: <4E790A46.7020603@necoro.eu> References: <4E78F9BD.6090306@necoro.eu> <4E790A46.7020603@necoro.eu> Message-ID: <4E791D3E.1080009@rename-it.nl> Op 20-9-2011 23:48, Ren? Neumann schreef: > Am 20.09.2011 22:38, schrieb Ren? Neumann: >> Hi *, >> >> I am adding a generic way for vacation-replies in my sieve setup. There >> I set the handle and the reason using variables (see end of mail). My >> simple question now is: Though variable expansion is not done for >> subject and reason, is it done for the handle? Because else there seems >> no way in configuring the vacation action via variables. > Ok. I just learned about sieve-test. And this shows me: > > * send vacation message: > => seconds : 604800 > => subject: FooSubj > => from : ... > => handle : ${vhandle} > > So the handle does not expand variables. Hence: Would it be possible to > add for example a non-standard ":expand list" option to vacation, where > 'list' contains the names of the options where it is safe to do > variable-expansion? No need. This is a violation of the standard and it was actually a long standing FIXME already. Fortunately, it was quite simple to repair: http://hg.rename-it.nl/dovecot-2.0-pigeonhole/rev/fe6df3425850 This will be included in the next release. Regards, Stephan From wgillespie+dovecot at es2eng.com Wed Sep 21 06:35:43 2011 From: wgillespie+dovecot at es2eng.com (Willie Gillespie) Date: Tue, 20 Sep 2011 21:35:43 -0600 Subject: [Dovecot] About using Dovecot indexes with Thunderbird/kmail In-Reply-To: <4E7907AE.2040809@antonaylward.com> References: <4E78F19B.2070909@antonaylward.com> <4E78F61D.2050601@Media-Brokers.com> <4E7907AE.2040809@antonaylward.com> Message-ID: <4E795B8F.3070007@es2eng.com> On 09/20/2011 03:37 PM, Anton Aylward wrote: > https://wiki.mozilla.org/Thunderbird:Using_Gloda > Well it is off, but I still have these index files ... > > So perhaps its not index that taking all the space and gets rebuilt when > T Bird says its downloading the headers and indexing ... Just have to ask: Is "Keep messages for this account on this computer" checked under the Synchronization & Storage settings? From isolderj at webmail.co.za Wed Sep 21 08:59:58 2011 From: isolderj at webmail.co.za (James isolder) Date: Wed, 21 Sep 2011 07:59:58 +0200 Subject: [Dovecot] IMAP delete logs Message-ID: Since enabling the mail_plugins = mail_log. I now get an error. Is there anything else I need to check adn how I can put the dovecot into debug mode so I can get more info about where it is failing. dovecot not running? (check /var/run/dovecot//master.pid). Starting dovecot. Error: imap dump-capability process returned 1 Fkevent(EV_ADD, 0) failed: Operation not supported by device Fatal: Invalid configuration in /usr/local/etc/dovecot.conf # 1.2.17: /usr/local/etc/dovecot.conf # OS: FreeBSD 7.0-RELEASE i386 base_dir: /var/run/dovecot/ protocols: imap pop3 listen(default): *:1143 listen(imap): *:1143 listen(pop3): *:1110 ssl: no disable_plaintext_auth: no login_dir: /var/run/dovecot//login login_executable(default): /usr/local/libexec/dovecot/imap-login login_executable(imap): /usr/local/libexec/dovecot/imap-login login_executable(pop3): /usr/local/libexec/dovecot/pop3-login login_log_format_elements: pid=%p rsock=%r:%b lsock=%l:%a proto=%s user=%u auth_method=%m secure=%c login_log_format: role=proxy realm=test %$: %s login_process_per_connection: no login_processes_count: 50 login_max_processes_count: 5120 login_max_connections: 512 max_mail_processes: 6144 mail_max_userip_connections(imap): 8 mail_max_userip_connections(pop3): 10 verbose_proctitle: yes first_valid_uid: 1000 first_valid_gid: 1000 mail_privileged_group: mail mail_location: mbox:~/mail/:INBOX=/var/mail/%u mail_debug: yes maildir_copy_preserve_filename: yes mail_executable(default): /usr/local/libexec/dovecot/rawlog /usr/local/libexec/dovecot/imap mail_executable(imap): /usr/local/libexec/dovecot/rawlog /usr/local/libexec/dovecot/imap mail_executable(pop3): /usr/local/libexec/dovecot/rawlog /usr/local/libexec/dovecot/pop3 mail_plugins(default): mail_log mail_plugins(imap): mail_log mail_plugins(pop3): mail_plugin_dir: /usr/local/lib/dovecot/pop3 mail_log_max_lines_per_sec: 0 pop3_enable_last(default): yes pop3_enable_last(imap): yes pop3_enable_last(pop3): no pop3_client_workarounds(default): outlook-no-nuls oe-ns-eoh pop3_client_workarounds(imap): outlook-no-nuls oe-ns-eoh pop3_client_workarounds(pop3): auth default: mechanisms: plain login cache_ttl: 0 cache_negative_ttl: 0 worker_max_count: 60 process_size: 512 passdb: driver: sql args: /usr/local/etc/dovecot-proxy.sql socket: type: listen client: path: /var/run/dovecot/auth-client mode: 432 master: path: /var/run/dovecot/auth-master mode: 384 plugin: mail_log_events: delete undelete expunge copy mailbox_delete mailbox_rename On Wed, 14 Sep 2011 14:40:21 +0200 "mailing at securitylabs.it" wrote > Il 14/09/2011 07:48, James isolder ha scritto: > > Version - 1.2.17 > > > > Is there a way to include message or folder deletion logs in the dovecot > > log > > files. > > > > > > Yes, you can use the mail logger plugin: > > http://wiki.dovecot.org/Plugins/MailLog ____________________________________________________________ South Africas premier free email service - www.webmail.co.za For super low premiums, click here. http://www.dialdirect.co.za/?vdn=15828 From helge at monsternett.no Wed Sep 21 09:25:31 2011 From: helge at monsternett.no (Helge Milde) Date: Wed, 21 Sep 2011 08:25:31 +0200 Subject: [Dovecot] Trouble getting lda to gzip incomming mails (zlib plugin) In-Reply-To: <20110920162253.GC2939@monsternett.no> References: <20110920135808.GB28582@monsternett.no> <20110920115421.Horde.44HXTZLnE6FOeLctSTJCeHA@kishi.patrickdk.com> <20110920162253.GC2939@monsternett.no> Message-ID: <20110921062531.GB20799@monsternett.no> Nope. It didn't change anything. Tried delivering manually while tracing the process too, and the only mention of "zlib" is this: open("/usr/lib/dovecot/modules/lda/lib20_zlib_plugin.so", O_RDONLY) = 9 read(9, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\200\22\0\0\0\0\0\0@"..., 832) = 832 fstat(9, {st_mode=S_IFREG|0644, st_size=15080, ...}) = 0 mmap(NULL, 2110464, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 9, 0) = 0x7f1407f1a000 mprotect(0x7f1407f1d000, 2097152, PROT_NONE) = 0 mmap(0x7f140811d000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 9, 0x3000) = 0x7f140811d000 close(9) = 0 On Tue, Sep 20, 2011 at 06:22:53PM +0200, Helge Milde wrote: >Well, I can't see why it would hurt either. >The reason we're using that directory is that the sieve plugin is compiled into lda/ by default, I think. I will try to move the sieve files into dovecot/ and remove mail_plugin_dir tomorrow, but I don't think it will help since dovecot has no problems *loading* the library. > >On Tue, Sep 20, 2011 at 11:54:21AM -0400, Patrick Domack wrote: >>I thinking your mail_plugin_dir is not needed, I don't have it >>configured, and that path doesn't even exist on my system, maybe >>hangover from 1.x config? >> >> >>Quoting Helge Milde : >> >>>Hi! >>>I've followed the guide at http://wiki2.dovecot.org/Plugins/Zlib >>>to try to make Dovecot gzip incomming mails, but it doesn't seem >>>to work. >>>I've made pop/imap read gzipped files, and this seems to work >>>perfectly, but LDA is still saving incomming mails in plain text. >>>There's not too much information out there regarding the zlib >>>module, so I'm not sure where to start debugging the problem, and >>>was hoping someone could point me in the right direction. >>> >>>The only mention of zlib when LDA is delivering a file: >>>Sep 20 15:51:19 mail dovecot: deliver(helgemil): Module loaded: >>>/usr/lib/dovecot/modules/lda/lib20_zlib_plugin.so The most >>>relevant lines from dovecot.conf: >>>mail_debug = yes >>>protocols = imap pop3 imaps pop3s >>>mail_location = maildir:~/Maildir >>>mail_privileged_group = mail >>>max_mail_processes = 1024 >>>mail_process_size = 512 >>> >>>protocol imap { >>> mail_max_userip_connections = 50 >>> mail_plugins = fts fts_squat zlib >>>} >>> >>>protocol pop3 { >>> pop3_uidl_format = %08Xu%08Xv >>> mail_max_userip_connections = 50 >>> mail_plugins = zlib >>>} >>> >>>protocol lda { >>> postmaster_address = postmaster at monsternett.no >>> mail_plugins = sieve zlib >>> mail_plugin_dir = /usr/lib/dovecot/modules/lda >>> sieve_global_dir = /etc/dovecot/sieve/ >>> sieve_global_path = /etc/dovecot/sieve/default.sieve >>>} >>> >>>plugin { >>> zlib_save_level = 6 >>> zlib_save = gz >>> fts = squat >>> sieve = ~/dovecot.sieve >>> sieve_dir = ~/ >>>} >>> >>>-- >>>Helge Milde, 69701808 >>>www.monsternett.no >> >> >> > >-- >Helge Milde, 69701808 >www.monsternett.no -- Helge Milde, 69701808 www.monsternett.no From g.ankkit at gmail.com Wed Sep 21 09:37:09 2011 From: g.ankkit at gmail.com (Ankit Gupta) Date: Wed, 21 Sep 2011 12:07:09 +0530 Subject: [Dovecot] Login problem via webmail and outlook Message-ID: Hi Mentors, Please help, our users are not able to login into their mailbox account using either outlook or webmail. Please find logs from /var/log/maillog Jan 17 10:45:40 elct dovecot: imap-login: Aborted login: user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured Jan 17 10:49:17 elct dovecot: imap-login: Aborted login: user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured Jan 17 11:02:57 elct dovecot: imap-login: Aborted login: user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured Jan 17 11:03:03 elct dovecot: imap-login: Aborted login: user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured Jan 17 11:10:08 elct dovecot: imap-login: Aborted login: user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured Jan 17 11:10:14 elct dovecot: imap-login: Aborted login: user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured Please help it is urgent. -- Regards Ankit Gupta, Tel: | M: +91 - 9650594790 From lists at necoro.eu Wed Sep 21 09:52:45 2011 From: lists at necoro.eu (=?UTF-8?B?UmVuw6kgTmV1bWFubg==?=) Date: Wed, 21 Sep 2011 08:52:45 +0200 Subject: [Dovecot] Sieve: Vacation, handle and variable In-Reply-To: <4E791D3E.1080009@rename-it.nl> References: <4E78F9BD.6090306@necoro.eu> <4E790A46.7020603@necoro.eu> <4E791D3E.1080009@rename-it.nl> Message-ID: <4E7989BD.2080206@necoro.eu> Am 21.09.2011 01:09, schrieb Stephan Bosch: > Op 20-9-2011 23:48, Ren? Neumann schreef: >> Am 20.09.2011 22:38, schrieb Ren? Neumann: >>> Hi *, >>> >>> I am adding a generic way for vacation-replies in my sieve setup. There >>> I set the handle and the reason using variables (see end of mail). My >>> simple question now is: Though variable expansion is not done for >>> subject and reason, is it done for the handle? Because else there seems >>> no way in configuring the vacation action via variables. >> Ok. I just learned about sieve-test. And this shows me: >> >> * send vacation message: >> => seconds : 604800 >> => subject: FooSubj >> => from : ... >> => handle : ${vhandle} >> >> So the handle does not expand variables. Hence: Would it be possible to >> add for example a non-standard ":expand list" option to vacation, where >> 'list' contains the names of the options where it is safe to do >> variable-expansion? > > No need. This is a violation of the standard and it was actually a long > standing FIXME already. Fortunately, it was quite simple to repair: > > http://hg.rename-it.nl/dovecot-2.0-pigeonhole/rev/fe6df3425850 > > This will be included in the next release. > > Regards, > > Stephan > Thanks a lot. I'll try it out. - Ren? -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From serarien at baqs.net Wed Sep 21 15:02:52 2011 From: serarien at baqs.net (Pierre) Date: Wed, 21 Sep 2011 14:02:52 +0200 Subject: [Dovecot] dovecot-virtual folder configuration In-Reply-To: <20110918170642.GA15868@mail3.serarien.com> References: <2a82c4fe9e3aba3c621fe9eb2e530200@mail3.serarien.com> <1316174903.12936.76.camel@hurina> <20110918170642.GA15868@mail3.serarien.com> Message-ID: <20110921120250.GR32217@mail3.serarien.com> Ok, named this "VIRTUAL" at the moment... Strange behaviour: this unread folder does not get refreshed, even if I refresh 'all' folder. I read something about putting index file in memory which could solve the problem. Is this reliable ? Pierre On 18/sept. - 19:06, Pierre wrote: > Thanks for the tip Timo. > > I was trying to make this work, when I got stupid issue: > I named my namespace "#virtual", but putting "#" > at the beginning of dovecot-virtual line makes it be > a comment. > > I tryed with '#", \#... without success > > Is there any method to make it work ? > > thx, > Pierre > > On 16/sept. - 15:08, Timo Sirainen wrote: > > On Fri, 2011-09-16 at 00:58 +0200, Pierre wrote: > > > Hi all, > > > > > > Long story short, I'd like to configure a folder containing: > > > > > > INBOX > > > (some other folders) > > > > > > -> unseen emails from these folders + all other emails (also seen) from > > > the same thread > > > -> seen emails from these folders, but only the recent ones + all other > > > emails from the same thread > > > > The "other mails from same thread" is still a bit problematic with > > virtual folders. From my TODO: > > > > - virtual: If last message matching INTHREAD rule gets expunged, the rest of > > the thread doesn't go away > > > > First you'll need to create a virtual folder that has all the mails that > > you would ever want to see in threads. For example: > > > > virtual/all/dovecot-virtual: > > ----- > > INBOX > > Sent > > some > > other > > folders > > all > > ----- > > > > Then based on that create the virtual mailbox you want: > > > > virtual/newstuff/dovecot-virtual: > > ----- > > virtual/all > > inthread refs or unseen recent > > ----- > > From Anton.Aylward at antonaylward.com Wed Sep 21 15:01:23 2011 From: Anton.Aylward at antonaylward.com (Anton Aylward) Date: Wed, 21 Sep 2011 08:01:23 -0400 Subject: [Dovecot] About using Dovecot indexes with Thunderbird/kmail In-Reply-To: <4E795B8F.3070007@es2eng.com> References: <4E78F19B.2070909@antonaylward.com> <4E78F61D.2050601@Media-Brokers.com> <4E7907AE.2040809@antonaylward.com> <4E795B8F.3070007@es2eng.com> Message-ID: <4E79D213.6010401@antonaylward.com> Willie Gillespie said the following on 09/20/2011 11:35 PM: > On 09/20/2011 03:37 PM, Anton Aylward wrote: >> https://wiki.mozilla.org/Thunderbird:Using_Gloda >> Well it is off, but I still have these index files ... >> >> So perhaps its not index that taking all the space and gets rebuilt when >> T Bird says its downloading the headers and indexing ... > > Just have to ask: Is "Keep messages for this account on this computer" > checked under the Synchronization& Storage settings? :-) No, its not. I'm aware of that one. I've googled for GLODA and found some articles that makes me think its not as simple as one setting in the about:config It seems even with GLODA turned OFF (see earlier in this thread) that global-messages-db.sqlite keeps getting rebuilt - that is the index is being rebuilt. So there must be more to it. See https://developer.mozilla.org/en/Thunderbird/gloda under 'Data Storage'. Why am I making an issue of this? It seems pointless to me that I should run Dovecot on a server and let it do indexing and full text indexing "in the background" with the intent to offload this processing and storage from my laptop (and in due course netbook and 'Pad -- both of which will be underpowered and lacking in storage and memory compared to the mailhub server, when my preferred clients - Thunderbird and Kmail/nepomuk - are going to be doing the indexing over again. While it may not matter on a hefty laptop it is going to matter on the Asus eee and tablets. -- My definition of an expert in any field is a person who knows enough about what's really going on to be scared. P. J. Plauger, Computer Language, March 1983 From forumer at smartmobili.com Wed Sep 21 15:04:37 2011 From: forumer at smartmobili.com (forumer at smartmobili.com) Date: Wed, 21 Sep 2011 14:04:37 +0200 Subject: [Dovecot] Webmail architecture : questions about cache and storage backend Message-ID: <2f02a9d98f83399faa4c502fb9ef13ee@smartmobili.com> Hi, I have some questions about dovecot-2.1 and need some advice about software architecture. My company plans to develop a kind of Document Managing System (DMS) and one of its module is a webmail that is currently in a pre-alpha stage (if you are curious you can have a look here http://kairos.smartmobili.com/ but don't be surprised if it doesn't work and please do not use IE for now). From my personal analysis that I am sure is incomplete we have the following options to handle emails storage and cache: 1) Do not use a cache and rely on dovecot performance to retrieve email's header in real time. Actually don't know if it's that simple because we might need to have a transformed version of emails to be able to display them more easily in the webmail. In this case this option is not really possible. 2) Use new dovecot-2.1 imap backend and develop a kind of dummy imap server listening to a custom port and storing emails inside a mongoDB database. Advantage is it allow replication very easily. 3) Wait for dovecot2.x to implement a NoSQL storage. Will it happen soon ? If you have other suggestions or ideas I would be happy to hear them. Vincent R. From CMarcus at Media-Brokers.com Wed Sep 21 15:05:48 2011 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Wed, 21 Sep 2011 08:05:48 -0400 Subject: [Dovecot] About using Dovecot indexes with Thunderbird/kmail In-Reply-To: <4E7907AE.2040809@antonaylward.com> References: <4E78F19B.2070909@antonaylward.com> <4E78F61D.2050601@Media-Brokers.com> <4E7907AE.2040809@antonaylward.com> Message-ID: <4E79D31C.5030609@Media-Brokers.com> On 2011-09-20 5:37 PM, Anton Aylward wrote: > Charles Marcus said the following on 09/20/2011 04:22 PM: >> On 2011-09-20 4:03 PM, Anton Aylward wrote: >>> I wish that Thunderbird would NOT index mail on my laptop, but it does. >> So turn it (GLODA) off... > Ah > https://wiki.mozilla.org/Thunderbird:Using_Gloda > Well it is off, but I still have these index files ... You still have *what* index files? There is only one GLODA index file, and you have to manually delete it after disabling GLODA to make it go away. It will recreate itself, but it will be tiny, and remain static. > So perhaps its not index that taking all the space and gets rebuilt when > T Bird says its downloading the headers and indexing ... It will definitely say it is downloading headers, but it shouldn't say indexing, that is GLODA. Do you have it set to download *all* messages? That is the default, and I *hate* it. I always disable it globally, then set a few select folders to only download 'on demand' (offline use) (Inbox, Sent, and a few others). -- Best regards, Charles From CMarcus at Media-Brokers.com Wed Sep 21 15:11:45 2011 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Wed, 21 Sep 2011 08:11:45 -0400 Subject: [Dovecot] Login problem via webmail and outlook In-Reply-To: References: Message-ID: <4E79D481.1060008@Media-Brokers.com> You need to learn how to ask for help. You have provided very little information. How about saying what has changed on your system recently (dovecot update? system updates?)... Have you attempted to restart dovecot? Does it give any errors? Also, provide config info - like output of doveconf -n On 2011-09-21 2:37 AM, Ankit Gupta wrote: > Hi Mentors, > > Please help, our users are not able to login into their mailbox account > using either outlook or webmail. > > Please find logs from /var/log/maillog > > Jan 17 10:45:40 elct dovecot: imap-login: Aborted login: > user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured > Jan 17 10:49:17 elct dovecot: imap-login: Aborted login: > user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured > Jan 17 11:02:57 elct dovecot: imap-login: Aborted login: > user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured > Jan 17 11:03:03 elct dovecot: imap-login: Aborted login: > user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured > Jan 17 11:10:08 elct dovecot: imap-login: Aborted login: > user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured > Jan 17 11:10:14 elct dovecot: imap-login: Aborted login: > user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured > > > Please help it is urgent. > > -- Best regards, Charles Marcus I.T. Director Media Brokers International, Inc. 678.514.6200 x224 | 678.514.6299 fax From Anton.Aylward at antonaylward.com Wed Sep 21 15:25:27 2011 From: Anton.Aylward at antonaylward.com (Anton Aylward) Date: Wed, 21 Sep 2011 08:25:27 -0400 Subject: [Dovecot] About using Dovecot indexes with Thunderbird/kmail In-Reply-To: <4E79D31C.5030609@Media-Brokers.com> References: <4E78F19B.2070909@antonaylward.com> <4E78F61D.2050601@Media-Brokers.com> <4E7907AE.2040809@antonaylward.com> <4E79D31C.5030609@Media-Brokers.com> Message-ID: <4E79D7B7.7010805@antonaylward.com> Charles Marcus said the following on 09/21/2011 08:05 AM: > On 2011-09-20 5:37 PM, Anton Aylward wrote: >> Charles Marcus said the following on 09/20/2011 04:22 PM: >>> On 2011-09-20 4:03 PM, Anton Aylward wrote: >>>> I wish that Thunderbird would NOT index mail on my laptop, but it does. > >>> So turn it (GLODA) off... > >> Ah >> https://wiki.mozilla.org/Thunderbird:Using_Gloda >> Well it is off, but I still have these index files ... > > You still have *what* index files? There is only one GLODA index file, > and you have to manually delete it after disabling GLODA to make it go > away. It will recreate itself, but it will be tiny, and remain static. global-messages-db.sqlite No, it grows. I speculate it grows as I visit new folders but am still looking into that. >> So perhaps its not index that taking all the space and gets rebuilt when >> T Bird says its downloading the headers and indexing ... > > It will definitely say it is downloading headers, but it shouldn't say > indexing, that is GLODA. I can't say I like that but see its necessity: how else could it display them :-) But looking under ~/.thunderbird/1current/ I'm finding folders for each folder on the server that have the full text of the messages (but not in mbox format), as well as the XML styled header information. Occasionally I find binary blobs that 'strings' shows contain headers. I've deleted them but it doesn't seem to affect TBird. I'll go back and look to see if they get recreated :-( > Do you have it set to download *all* messages? That is the default, and > I *hate* it. NO I DO NOT! I NEVER HAVE AND I NEVER WILL That strikes me as such an obvious space-waster! > I always disable it globally, then set a few select folders to only > download 'on demand' (offline use) (Inbox, Sent, and a few others). Not even that. -- "Television is a medium because it is neither rare nor well done." -- Fred Friendly From tom at elysium.ltd.uk Wed Sep 21 15:50:26 2011 From: tom at elysium.ltd.uk (Tom Clark) Date: Wed, 21 Sep 2011 13:50:26 +0100 Subject: [Dovecot] Shared Namespace Message-ID: <012501cc785d$091fc370$1b5f4a50$@elysium.ltd.uk> Is there anyway of limiting a shared namespace to a domain? E.g. mailbox.com and mailbox2.com are setup with vpopmail. We've got a shared namespace but only want the ability on mailbox.com. Thanks, Tom From lists at necoro.eu Wed Sep 21 22:39:15 2011 From: lists at necoro.eu (=?UTF-8?B?UmVuw6kgTmV1bWFubg==?=) Date: Wed, 21 Sep 2011 21:39:15 +0200 Subject: [Dovecot] Sieve: Vacation, handle and variable In-Reply-To: <4E7989BD.2080206@necoro.eu> References: <4E78F9BD.6090306@necoro.eu> <4E790A46.7020603@necoro.eu> <4E791D3E.1080009@rename-it.nl> <4E7989BD.2080206@necoro.eu> Message-ID: <4E7A3D63.5040109@necoro.eu> Am 21.09.2011 08:52, schrieb Ren? Neumann: > Am 21.09.2011 01:09, schrieb Stephan Bosch: >> >> http://hg.rename-it.nl/dovecot-2.0-pigeonhole/rev/fe6df3425850 >> >> This will be included in the next release. >> >> Regards, >> >> Stephan >> > > Thanks a lot. I'll try it out. > > - Ren? > Ok ... seems to work like a charm :) (that is: pigeonhole-0.2.4 with the above patch applied). Thanks again, Ren? -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From asai at globalchangemusic.org Wed Sep 21 22:56:07 2011 From: asai at globalchangemusic.org (Asai) Date: Wed, 21 Sep 2011 12:56:07 -0700 Subject: [Dovecot] Using Dsync for Incremental Sync Message-ID: <4E7A4157.2080206@globalchangemusic.org> Greetings, We have about 26 GB of email which we're trying to sync nightly to a remote server, but what I just read from a post from Timo awhile back is that it's not possible because dsync relies on message GUIDs which aren't available in the IMAP protocol. It seems that this is still the case, is there anything on the horizon for this to change? -- *Asai* Global Change Multi-Media Internet Application Development IT and Networking Services 520-398-2542 From ar-dovecotlist at acrconsulting.co.uk Thu Sep 22 01:59:28 2011 From: ar-dovecotlist at acrconsulting.co.uk (Andrew Richards) Date: Wed, 21 Sep 2011 23:59:28 +0100 Subject: [Dovecot] Dovecot failing to parse some UTF-8 encoded attachment filenames, returning empty string instead Message-ID: Hi, I'm seeing a strange problem with some attachment filenames that are UTF-8 encoded. The problem seems to be related to spaces and/or unusual characters in filenames, like accented characters (or perhaps just to filenames if UTF-8 encoded; I've not explored that fully). These filenames are shown as empty strings in IMAP using Dovecot. I've attached a sample message that exhibits this problem, trimmed down to fairly bare essentials. By comparison I find that (for example) Courier happily returns the filename (still encoded). Although I suspect the problem lies within Dovecot, it may be an underlying Unicode or other component that's at the root of the problem. I can replicate this by putting the attached message in a mailbox (I'm using Maildir format mailboxes, so I just drop the raw file in Maildir/new and change the ownership of the file to match the mailbox owner). Then a pretend IMAP session to show the problem, $ telnet localhost 143 Trying ::1... Connected to localhost. Escape character is '^]'. * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN] Dovecot ready. 0 login some.one at test.domain password 0 OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS] Logged in 0 select inbox * FLAGS (\Answered \Flagged \Deleted \Seen \Draft) * OK [PERMANENTFLAGS (\Answered \Flagged \Deleted \Seen \Draft \*)] Flags permitted. * 4 EXISTS * 0 RECENT * OK [UNSEEN 1] First unseen. * OK [UIDVALIDITY 1316621730] UIDs valid * OK [UIDNEXT 8] Predicted next UID * OK [HIGHESTMODSEQ 1] Highest 0 OK [READ-WRITE] Select completed. 0 fetch 4 body * 4 FETCH (BODY (("text" "html" ("charset" "iso-8859-15") NIL NIL "base64" 278 5)("application" "octet-stream" ("name" "") NIL NIL "base64" 18) "mixed")) 0 OK Fetch completed. 0 logout * BYE Logging out 0 OK Logout completed. Connection closed by foreign host. $ especially note the ("name" "") part showing a supposedly empty filename. I've observed this behaviour on the following versions of Dovecot, - 1.2.9 on Ubuntu 10.04LTS (pre-compiled version) - 1.2.17 on Fedora 13 (pre-compiled version) - 2.0.15 on Fedora 13 (from source) I don't think the Dovecot configuration is relevant, but I've put it below for good measure for the 2.0.15 setup. Any ideas on what might be causing this? Best regards, Andrew. # dovecot -n # 2.0.15: /usr/local/etc/dovecot/dovecot.conf # OS: Linux 2.6.34.9-69.fc13.i686.PAE i686 Fedora release 13 (Goddard) auth_debug = yes default_login_user = nobody log_path = /var/log/dovecot.log passdb { args = /usr/local/bin/checkcdb driver = checkpassword } protocols = imap pop3 service auth { user = root } service imap-login { inet_listener imap { ssl = no } } service pop3-login { inet_listener pop3 { ssl = no } } ssl = no userdb { driver = prefetch } -------------- next part -------------- A non-text attachment was scrubbed... Name: troublesome-dovecot-message Type: application/octet-stream Size: 971 bytes Desc: not available URL: From tss at iki.fi Thu Sep 22 02:45:32 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 22 Sep 2011 02:45:32 +0300 Subject: [Dovecot] Dovecot failing to parse some UTF-8 encoded attachment filenames, returning empty string instead In-Reply-To: References: Message-ID: On 22.9.2011, at 1.59, Andrew Richards wrote: > I'm seeing a strange problem with some attachment filenames that are > UTF-8 encoded. The problem seems to be related to spaces and/or > unusual characters in filenames, like accented characters (or perhaps > just to filenames if UTF-8 encoded; I've not explored that fully). The problem is that the client sends it wrong: > Content-Type: application/octet-stream; > name==?UTF-8?B?dGhpc19mYWlscy50eHQ=?= > Content-Disposition: attachment; > filename==?UTF-8?B?dGhpc19mYWlscy50eHQ=?= These are both wrong. First of all they are illegal because they have = and ? characters, from RFC 2045: > parameter := attribute "=" value > value := token / quoted-string > token := 1* or tspecials> > tspecials := "(" / ")" / "<" / ">" / "@" / > "," / ";" / ":" / "\" / <"> > "/" / "[" / "]" / "?" / "=" > ; Must be in quoted-string, > ; to use within parameter values Also from RFC 2047 (encoded-word is the =?UTF-8?...?= thing): > + An 'encoded-word' MUST NOT be used in parameter of a MIME > Content-Type or Content-Disposition field, or in any structured > field body except within a 'comment' or 'phrase'. The proper way to do this would be to use RFC 2184, which looks something like this: > Content-Disposition: attachment; > filename*=iso-8859-1''p%E4%E4 Looks like Apple Mail also sends: > Content-Type: application/octet-stream; > name="=?iso-8859-1?Q?p=E4=E4?=" That is inside a quoted-string, so it's not broken, but clients aren't really supposed to decode that string in there either. Anyway .. I'll check tomorrow if I can easily add code to workaround your problem. If it's just a minor change I'll do it. From kuizhang at gmail.com Thu Sep 22 05:28:08 2011 From: kuizhang at gmail.com (Kui Zhang) Date: Wed, 21 Sep 2011 19:28:08 -0700 Subject: [Dovecot] global ACL inheritances Message-ID: Hello I am trying to prevent people from actively delete lazy expunged messages. ACL in following file does not appears to apply to existing or new mailboxes. dovecot/acls/.EXPUNGED/.DEFAULT owner lripk Am I missing something, or is it due to ACL inheritances support? mail_plugins = acl plugin { ... acl = vfile:/etc/dovecot/acls ... } Thank KuiZ From dovecot at knutejohnson.com Thu Sep 22 05:54:01 2011 From: dovecot at knutejohnson.com (Knute Johnson) Date: Wed, 21 Sep 2011 19:54:01 -0700 Subject: [Dovecot] Help restoring imap mail Message-ID: <4E7AA349.2080202@knutejohnson.com> My mailserver blew up today with a power hit. I've created a new server and have dovecot running and I want to restore my mail. I have a copy of the file that was in /var/mail. I set the new dovecot config up the same as the old one and copied the mail file over. I can see the INBOX mail but none of the rest of it. I'm running 1.2.15 under Ubuntu server 11.04. I'm using Thunderbird as my client running on XP. Any help would be greatly appreciated. Thanks, -- Knute Johnson From dovecot at knutejohnson.com Thu Sep 22 06:14:35 2011 From: dovecot at knutejohnson.com (Knute Johnson) Date: Wed, 21 Sep 2011 20:14:35 -0700 Subject: [Dovecot] Restoring mail Message-ID: <4E7AA81B.4000407@knutejohnson.com> I solved it myself, I forgot about the folders in the /home/user/mail directory. So kindly disregard my panicky message from before. -- Knute Johnson From Juergen.Obermann at hrz.uni-giessen.de Thu Sep 22 12:52:23 2011 From: Juergen.Obermann at hrz.uni-giessen.de (=?iso-8859-1?b?SvxyZ2Vu?= Obermann) Date: Thu, 22 Sep 2011 11:52:23 +0200 Subject: [Dovecot] doveadm mailbox list shows file system directories as mailboxes Message-ID: <20110922115223.73054v8up83ej0wg@webmail.hrz.uni-giessen.de> Hello. In our dovecvot we use mbox format with the default filesystem layout. Therefore it is not possible to have mailboxes which are subfolders of other mailboxes containing messages. The command "doveadm mailbox list" includes the file system directories, that contain only subfolders, as normal mailboxes in the output: archiv archiv/daemon archiv/dovecot Did I miss something in the dovecot configuration or is there a bug in the command "doveadm mailbox list"? # 2.0.13: /opt/local/etc/dovecot/dovecot.conf # OS: SunOS 5.10 sun4v auth_verbose = yes disable_plaintext_auth = no listen = imap.hrz.uni-giessen.de localhost mail_fsync = always mail_location = mbox:~/Mail:INBOX=/var/mail/%u mail_nfs_index = yes mail_nfs_storage = yes mail_plugins = mail_log notify managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date mmap_disable = yes namespace { inbox = yes location = prefix = separator = / type = private } namespace { hidden = yes list = no location = prefix = Mail/ separator = / subscriptions = yes type = private } Thanks, J?rgen -- Hochschulrechenzentrum der | Mail: Juergen.Obermann at hrz.uni-giessen.de Justus-Liebig-Universitaet | WWW: http://www.uni-giessen.de/obermann/ Heinrich-Buff-Ring 44 | Tel: 0641-99-13054 (0641-99-13001) D-35392 Giessen, Germany | Fax: 0641-99-13009 From tss at iki.fi Thu Sep 22 13:11:00 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 22 Sep 2011 13:11:00 +0300 Subject: [Dovecot] Dovecot failing to parse some UTF-8 encoded attachment filenames, returning empty string instead In-Reply-To: References: Message-ID: <1316686260.26085.6.camel@hurina> On Thu, 2011-09-22 at 02:45 +0300, Timo Sirainen wrote: > Anyway .. I'll check tomorrow if I can easily add code to workaround your problem. If it's just a minor change I'll do it. http://hg.dovecot.org/dovecot-2.0/rev/dc9028da338b From Lutz.Pressler at SerNet.DE Thu Sep 22 14:24:34 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Thu, 22 Sep 2011 13:24:34 +0200 Subject: [Dovecot] fts-lucene vs SEARCH header Re: 2.1: problems compiling fts-lucene - CLucene git version necessary? In-Reply-To: <20110920071245.GA3617217@gabi.sernet.de> References: <7C9B9C67-A1FD-472B-8514-BC54F1B01D00@iki.fi> <1316446540.12936.114.camel@hurina> <20110920071245.GA3617217@gabi.sernet.de> Message-ID: On Tue, 20 Sep 2011, Lutz Pre?ler wrote: > On Mo, 19 Sep 2011, Timo Sirainen wrote: > > > On Sun, 2011-09-18 at 13:27 +0200, Lutz Pre?ler wrote: > > > Hello, > > > On So, 11 Sep 2011, Timo Sirainen wrote: > > > dovecot: imap(...): Error: fts_lucene: default_language set, but Dovecot built without stemmer support > > > > Fixed: http://hg.dovecot.org/dovecot-2.1/rev/02c84406c661 > Without stemmer support it works nicely now though. Next problem :-) side effect: my test setup (some commits ago) with fts = lucene in plugin section (ftps_lucene plugin without stemmer support): SEARCH header is not working (empty result sets, no logging). Tested in different circumstances (and also happening with virtual folders). Simply disable fts option (while module is still loaded) or use fts=sqat to have header search working correctly again. Lutz From ar-dovecotlist at acrconsulting.co.uk Thu Sep 22 14:31:40 2011 From: ar-dovecotlist at acrconsulting.co.uk (Andrew Richards) Date: 22 Sep 2011 12:31:40 +0100 Subject: [Dovecot] Dovecot failing to parse some UTF-8 encoded attachment filenames, returning empty string instead In-Reply-To: References: Message-ID: <201109221231.40494.ar-dovecotlist@acrconsulting.co.uk> On Thursday 22 September 2011 00:45:32 Timo Sirainen wrote: > On 22.9.2011, at 1.59, Andrew Richards wrote: > > I'm seeing a strange problem with some attachment filenames that are > > UTF-8 encoded. The problem seems to be related to spaces and/or > > unusual characters in filenames, like accented characters (or perhaps > > just to filenames if UTF-8 encoded; I've not explored that fully). > > The problem is that the client sends it wrong: > > Content-Type: application/octet-stream; > > name==?UTF-8?B?dGhpc19mYWlscy50eHQ=?= > > Content-Disposition: attachment; > > filename==?UTF-8?B?dGhpc19mYWlscy50eHQ=?= > > These are both wrong. First of all they are illegal because they have = and ? characters, from RFC 2045: > ...snip... > Also from RFC 2047 (encoded-word is the =?UTF-8?...?= thing): > > + An 'encoded-word' MUST NOT be used in parameter of a MIME > > Content-Type or Content-Disposition field, or in any structured > > field body except within a 'comment' or 'phrase'. > ...snip... > Anyway .. I'll check tomorrow if I can easily add code to workaround your > problem. If it's just a minor change I'll do it. Wow - a very thorough response only 45 minutes after I'd posted the question, and in your follow up message you've already provided a suggested fix - a huge thank you! So in summary it's a "Garbage in -> Garbage out" issue... This also explains why I'm only getting this issue with one client after a Courier->Dovecot migration. I'll research which mail client program(s) are generating the faulty messages for completeness for this thread. I expect to test the fix later today or tomorrow, I'll update the thread accordingly when I've done so. Best regards, Andrew. From Lutz.Pressler at SerNet.DE Thu Sep 22 14:35:37 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Thu, 22 Sep 2011 13:35:37 +0200 Subject: [Dovecot] (2.1 recent:) fts_decoder Message-ID: Hello again, test setup as in previous messages. With fts = lucene, I enabled the adapted decode2text.sh (at least I tried...) as suggested in the comment section. On dovecot-start /var/run/dovecot/decode2text socket is created with sufficiant permissions (rw for anybody), but decode2text.sh is not started (it's rx for anybody). When creating lucene indexes, I cannot see it executed either (and no attachment-only content is findable afterwards). No errors with mail_debug - if I change fts_decoder to a nonexistant value, that's logged. Lutz From tss at iki.fi Thu Sep 22 14:53:17 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 22 Sep 2011 14:53:17 +0300 Subject: [Dovecot] Webmail architecture : questions about cache and storage backend In-Reply-To: <2f02a9d98f83399faa4c502fb9ef13ee@smartmobili.com> References: <2f02a9d98f83399faa4c502fb9ef13ee@smartmobili.com> Message-ID: <1316692397.21919.14.camel@hurina> On Wed, 2011-09-21 at 14:04 +0200, forumer at smartmobili.com wrote: > 1) Do not use a cache and rely on dovecot performance to retrieve > email's header in real time. > Actually don't know if it's that simple because we might need to > have a transformed version > of emails to be able to display them more easily in the webmail. In > this case this option is > not really possible. I'm not really sure what you mean by this. Dovecot can cache individual headers and make fetching them fast. > 2) Use new dovecot-2.1 imap backend and develop a kind of dummy imap > server listening to a custom port > and storing emails inside a mongoDB database. Advantage is it allow > replication very easily. I suppose that would be the easiest way to do it currently. But note that you can't get all of Dovecot's features to work through imapc backend. Especially the concept of message and mailbox GUIDs doesn't exist in IMAP protocol (some kind of a new X-DOVECOT extension could be added for those of course). Also implementing a bug-free IMAP server may not be as easy as you think, even though Dovecot uses only a small subset of IMAP commands. Be sure to stress test Dovecot using imaptest: http://imapwiki.org/ImapTest (I've noticed this week that Exchange totally screws up its internal IMAP state when stress testing.) > 3) Wait for dovecot2.x to implement a NoSQL storage. Will it happen > soon ? I hope so! :) But I can't really say when.. My priorities currently are: 1. Do whatever paying customers want (not that much currently) 2. Finish v2.1.0 (still quite a lot of small things to do) 3. Create v2.2 branch where lib-storage API is changed to support more asynchronous lookups, and modify imapc backend to use those (= support handling commands in parallel) 4. Probably change dbox code to use lib-fs, or maybe create a new backend using lib-fs 5. Implement NoSQL backend for lib-fs Actually 3 isn't really necessary for 4-5, but it improves the performance. From tss at iki.fi Thu Sep 22 16:41:19 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 22 Sep 2011 16:41:19 +0300 Subject: [Dovecot] Shared Namespace In-Reply-To: <012501cc785d$091fc370$1b5f4a50$@elysium.ltd.uk> References: <012501cc785d$091fc370$1b5f4a50$@elysium.ltd.uk> Message-ID: <695E7576-B3CD-4C31-BF9B-A8A2A810A270@iki.fi> On 21.9.2011, at 15.50, Tom Clark wrote: > Is there anyway of limiting a shared namespace to a domain? E.g. mailbox.com > and mailbox2.com are setup with vpopmail. We've got a shared namespace but > only want the ability on mailbox.com. Basically use %d instead of %%d in configuration. The client can't change it then. From tss at iki.fi Thu Sep 22 16:45:02 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 22 Sep 2011 16:45:02 +0300 Subject: [Dovecot] Trouble getting lda to gzip incomming mails (zlib plugin) In-Reply-To: <20110920135808.GB28582@monsternett.no> References: <20110920135808.GB28582@monsternett.no> Message-ID: On 20.9.2011, at 16.58, Helge Milde wrote: > plugin { > zlib_save_level = 6 > zlib_save = gz These are enough. You don't mention your Dovecot version. My guess is that your Dovecot version is too old and doesn't support saving mails with zlib. From tss at iki.fi Thu Sep 22 16:46:37 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 22 Sep 2011 16:46:37 +0300 Subject: [Dovecot] IMAP delete logs In-Reply-To: References: Message-ID: <9D9B4D05-DD78-4EFC-A473-CD3BBB7A88E9@iki.fi> On 21.9.2011, at 8.59, James isolder wrote: > Since enabling the mail_plugins = mail_log. I now get an error. Is there > anything else I need to check adn how I can put the dovecot into debug mode so > I can get more info about where it is failing. > > dovecot not running? (check /var/run/dovecot//master.pid). > Starting dovecot. > Error: imap dump-capability process returned 1 > Fkevent(EV_ADD, 0) failed: Operation not supported by device I don't really know why it's doing this, but the solutions are either a) Upgrade to v2.0. There's no more dump-capability or b) Set imap_capability setting explicitly so it doesn't dump capability. From tss at iki.fi Thu Sep 22 16:48:33 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 22 Sep 2011 16:48:33 +0300 Subject: [Dovecot] mail_max_userip_connections=10 In-Reply-To: <002d01cc76a5$ff88f970$fe9aec50$@elysium.ltd.uk> References: <002d01cc76a5$ff88f970$fe9aec50$@elysium.ltd.uk> Message-ID: <2ED64BFB-87F1-40B2-A489-226031A4633C@iki.fi> On 19.9.2011, at 11.27, Tom Clark wrote: > Is there anyway of whitelisting an IP so that it can ignore > mail_max_userip_connections=10? With v2.0 in theory: remote 1.2.3.4 { mail_max_userip_connections = 0 } I don't know if it actually works. > What should we set mail_max_userip_connections too realistically? 10 seems a > bit low? It's 10 because I thought it would be enough :) From andreas at kado-web.de Thu Sep 22 16:48:58 2011 From: andreas at kado-web.de (Andreas Cieslak) Date: Thu, 22 Sep 2011 15:48:58 +0200 Subject: [Dovecot] Create userdir on dovecot login Message-ID: <0LjODj-1Re8SF1oWF-00d1Yx@mrelayeu.kundenserver.de> Hi List, I am trying to set up automated userdir-creation on login via squirrelmail or email-client with a dovecot backend. The users are first imported on an openldap directory on the same server as the dovecot runs on. Authentication on the dovecot mail system via pam_ldap works properly. Tried already to integrate some advices from the dovecot wiki like Passdb { Driver = pam args = session=yes dovecot } But the homedir creation works only when the user logs onto the machine. When I try to log in via Squirrel on the dovecot no homedir is created and there is following message in the logs: auth: Error: pam(cieslak,193.175.157.121): pam_open_session() failed: Permission denied I think its something about the user rights, but dont really know where to search for the needle Here is the config of my environment root at server:/home# dovecot -n # 2.0.13: /usr/local/etc/dovecot/dovecot.conf # OS: Linux 2.6.32-5-686 i686 Debian 6.0.2 auth_debug = yes auth_mechanisms = login plain auth_verbose = yes first_valid_uid = 1000 hostname = server info_log_path = /var/log/dovecot-info last_valid_uid = 10000 listen = * log_path = /var/log/dovecot mail_access_groups = mail mail_debug = yes mail_full_filesystem_access = yes mail_location = maildir:~/Maildir mbox_write_locks = fcntl passdb { args = session=yes dovecot driver = pam } postmaster_address = mailaddress service auth-worker { group = shadow user = $default_internal_user } service auth { user = $default_internal_user } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } process_min_avail = 0 service_count = 0 vsz_limit = 256 M } service lmtp { unix_listener lmtp { mode = 0666 } } service pop3-login { inet_listener pop3s { port = 995 ssl = yes } } ssl_ca = References: <012501cc785d$091fc370$1b5f4a50$@elysium.ltd.uk> <695E7576-B3CD-4C31-BF9B-A8A2A810A270@iki.fi> Message-ID: <00be01cc792e$8fef1a50$afcd4ef0$@elysium.ltd.uk> Hi Timo, I'm using %d which is working great. However, mailbox2.com can still create shared folders. We just wanted to limit the ability to create shared folders only to mailbox.com Tom -----Original Message----- From: Timo Sirainen [mailto:tss at iki.fi] Sent: 22 September 2011 2:41 PM To: Tom Clark Cc: dovecot at dovecot.org Subject: Re: [Dovecot] Shared Namespace On 21.9.2011, at 15.50, Tom Clark wrote: > Is there anyway of limiting a shared namespace to a domain? E.g. > mailbox.com and mailbox2.com are setup with vpopmail. We've got a > shared namespace but only want the ability on mailbox.com. Basically use %d instead of %%d in configuration. The client can't change it then. From tom at elysium.ltd.uk Thu Sep 22 16:51:16 2011 From: tom at elysium.ltd.uk (Tom Clark) Date: Thu, 22 Sep 2011 14:51:16 +0100 Subject: [Dovecot] mail_max_userip_connections=10 In-Reply-To: <2ED64BFB-87F1-40B2-A489-226031A4633C@iki.fi> References: <002d01cc76a5$ff88f970$fe9aec50$@elysium.ltd.uk> <2ED64BFB-87F1-40B2-A489-226031A4633C@iki.fi> Message-ID: <00c001cc792e$b34546a0$19cfd3e0$@elysium.ltd.uk> Thanks Timo. I've been doing some investigation. Apart from K9 being fundamentally broken 10 is fine! I'll try the remote fix. -----Original Message----- From: Timo Sirainen [mailto:tss at iki.fi] Sent: 22 September 2011 2:49 PM To: Tom Clark Cc: dovecot at dovecot.org Subject: Re: [Dovecot] mail_max_userip_connections=10 On 19.9.2011, at 11.27, Tom Clark wrote: > Is there anyway of whitelisting an IP so that it can ignore > mail_max_userip_connections=10? With v2.0 in theory: remote 1.2.3.4 { mail_max_userip_connections = 0 } I don't know if it actually works. > What should we set mail_max_userip_connections too realistically? 10 > seems a bit low? It's 10 because I thought it would be enough :) From tss at iki.fi Thu Sep 22 16:55:06 2011 From: tss at iki.fi (Timo Sirainen) Date: Thu, 22 Sep 2011 16:55:06 +0300 Subject: [Dovecot] Shared Namespace In-Reply-To: <00be01cc792e$8fef1a50$afcd4ef0$@elysium.ltd.uk> References: <012501cc785d$091fc370$1b5f4a50$@elysium.ltd.uk> <695E7576-B3CD-4C31-BF9B-A8A2A810A270@iki.fi> <00be01cc792e$8fef1a50$afcd4ef0$@elysium.ltd.uk> Message-ID: <20828CC2-E90E-4D8D-90CB-001031AC44D2@iki.fi> By "create shared folders" I guess you basically mean "be able to use SETACL command", which you could do by limiting imap_acl plugin to be loaded only to mailbox.com domain. How to do this depends on your userdb and Dovecot version (with v2.0.14 you can just add mail_plugins+=imap_acl userdb extra field). On 22.9.2011, at 16.50, Tom Clark wrote: > Hi Timo, > > I'm using %d which is working great. However, mailbox2.com can still create > shared folders. We just wanted to limit the ability to create shared folders > only to mailbox.com > > Tom > > -----Original Message----- > From: Timo Sirainen [mailto:tss at iki.fi] > Sent: 22 September 2011 2:41 PM > To: Tom Clark > Cc: dovecot at dovecot.org > Subject: Re: [Dovecot] Shared Namespace > > On 21.9.2011, at 15.50, Tom Clark wrote: > >> Is there anyway of limiting a shared namespace to a domain? E.g. >> mailbox.com and mailbox2.com are setup with vpopmail. We've got a >> shared namespace but only want the ability on mailbox.com. > > Basically use %d instead of %%d in configuration. The client can't change it > then. > > From helge at monsternett.no Thu Sep 22 16:55:25 2011 From: helge at monsternett.no (Helge Milde) Date: Thu, 22 Sep 2011 15:55:25 +0200 Subject: [Dovecot] Trouble getting lda to gzip incomming mails (zlib plugin) In-Reply-To: References: <20110920135808.GB28582@monsternett.no> Message-ID: <20110922135524.GA2394@monsternett.no> My bad, you are correct. "v2.0+" slipped by my eyes when reading your v1.x documentation at http://wiki.dovecot.org/Plugins/Zlib. On Thu, Sep 22, 2011 at 04:45:02PM +0300, Timo Sirainen wrote: >On 20.9.2011, at 16.58, Helge Milde wrote: > >> plugin { >> zlib_save_level = 6 >> zlib_save = gz > >These are enough. You don't mention your Dovecot version. My guess is that your Dovecot version is too old and doesn't support saving mails with zlib. > -- Helge Milde, 69701808 www.monsternett.no From tom at elysium.ltd.uk Thu Sep 22 17:01:25 2011 From: tom at elysium.ltd.uk (Tom Clark) Date: Thu, 22 Sep 2011 15:01:25 +0100 Subject: [Dovecot] Shared Namespace In-Reply-To: <20828CC2-E90E-4D8D-90CB-001031AC44D2@iki.fi> References: <012501cc785d$091fc370$1b5f4a50$@elysium.ltd.uk> <695E7576-B3CD-4C31-BF9B-A8A2A810A270@iki.fi> <00be01cc792e$8fef1a50$afcd4ef0$@elysium.ltd.uk> <20828CC2-E90E-4D8D-90CB-001031AC44D2@iki.fi> Message-ID: <00d501cc7930$1de7bfa0$59b73ee0$@elysium.ltd.uk> Hi Timo, Ok great. I'll look into doing that then! Thanks, Tom -----Original Message----- From: Timo Sirainen [mailto:tss at iki.fi] Sent: 22 September 2011 2:55 PM To: Tom Clark Cc: dovecot at dovecot.org Subject: Re: [Dovecot] Shared Namespace By "create shared folders" I guess you basically mean "be able to use SETACL command", which you could do by limiting imap_acl plugin to be loaded only to mailbox.com domain. How to do this depends on your userdb and Dovecot version (with v2.0.14 you can just add mail_plugins+=imap_acl userdb extra field). On 22.9.2011, at 16.50, Tom Clark wrote: > Hi Timo, > > I'm using %d which is working great. However, mailbox2.com can still > create shared folders. We just wanted to limit the ability to create > shared folders only to mailbox.com > > Tom > > -----Original Message----- > From: Timo Sirainen [mailto:tss at iki.fi] > Sent: 22 September 2011 2:41 PM > To: Tom Clark > Cc: dovecot at dovecot.org > Subject: Re: [Dovecot] Shared Namespace > > On 21.9.2011, at 15.50, Tom Clark wrote: > >> Is there anyway of limiting a shared namespace to a domain? E.g. >> mailbox.com and mailbox2.com are setup with vpopmail. We've got a >> shared namespace but only want the ability on mailbox.com. > > Basically use %d instead of %%d in configuration. The client can't > change it then. > > From baartman at lin12.triumf.ca Mon Sep 19 20:05:47 2011 From: baartman at lin12.triumf.ca (Rick Baartman) Date: Mon, 19 Sep 2011 10:05:47 -0700 Subject: [Dovecot] 64.31.19.48 attempt to break into my computer Message-ID: <201109191705.p8JH5las016087@lin12.triumf.ca> >From my secure log: Sep 19 01:16:44 lin12 dovecot-auth: pam_unix(dovecot:auth): check pass; user unknown Sep 19 01:16:44 lin12 dovecot-auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser= rhost=::ffff:64.31.19.48 Sep 19 01:16:44 lin12 dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user aaron Sep 19 01:16:45 lin12 dovecot-auth: pam_unix(dovecot:auth): check pass; user unknown Sep 19 01:16:45 lin12 dovecot-auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser= rhost=::ffff:64.31.19.48 Sep 19 01:16:45 lin12 dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user abby etc. Literally, 30,000 user names attempted. -- rick baartman TRIUMF 4004 Wesbrook Mall Vancouver, BC V6T2A3 From andreas at kado-web.de Thu Sep 22 16:41:25 2011 From: andreas at kado-web.de (Andreas Cieslak) Date: Thu, 22 Sep 2011 15:41:25 +0200 Subject: [Dovecot] Create userdir on dovecot login Message-ID: <0M1dC2-1RLmLB2SUc-00t7Te@mrelayeu.kundenserver.de> Hi List, I am trying to set up automated userdir-creation on login via squirrelmail or email-client with a dovecot backend. The users are first imported on an openldap directory on the same server as the dovecot runs on. Authentication on the dovecot mail system via pam_ldap works properly. Tried already to integrate some advices from the dovecot wiki like Passdb { Driver = pam args = session=yes dovecot } But the homedir creation works only when the user logs onto the machine. When I try to log in via Squirrel on the dovecot no homedir is created and there is following message in the logs: auth: Error: pam(cieslak,193.175.157.121): pam_open_session() failed: Permission denied I think its something about the user rights, but dont really know where to search for the needle Here is the config of my environment root at server:/home# dovecot -n # 2.0.13: /usr/local/etc/dovecot/dovecot.conf # OS: Linux 2.6.32-5-686 i686 Debian 6.0.2 auth_debug = yes auth_mechanisms = login plain auth_verbose = yes first_valid_uid = 1000 hostname = server info_log_path = /var/log/dovecot-info last_valid_uid = 10000 listen = * log_path = /var/log/dovecot mail_access_groups = mail mail_debug = yes mail_full_filesystem_access = yes mail_location = maildir:~/Maildir mbox_write_locks = fcntl passdb { args = session=yes dovecot driver = pam } postmaster_address = mailaddress service auth-worker { group = shadow user = $default_internal_user } service auth { user = $default_internal_user } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } process_min_avail = 0 service_count = 0 vsz_limit = 256 M } service lmtp { unix_listener lmtp { mode = 0666 } } service pop3-login { inet_listener pop3s { port = 995 ssl = yes } } ssl_ca = References: <201109191705.p8JH5las016087@lin12.triumf.ca> Message-ID: <4E7B4148.2090902@Media-Brokers.com> On 2011-09-19 1:05 PM, Rick Baartman wrote: > From my secure log: > > Sep 19 01:16:44 lin12 dovecot-auth: pam_unix(dovecot:auth): check pass; user unknown > Sep 19 01:16:44 lin12 dovecot-auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser= rhost=::ffff:64.31.19.48 > Sep 19 01:16:44 lin12 dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user aaron > Sep 19 01:16:45 lin12 dovecot-auth: pam_unix(dovecot:auth): check pass; user unknown > Sep 19 01:16:45 lin12 dovecot-auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser= rhost=::ffff:64.31.19.48 > Sep 19 01:16:45 lin12 dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user abby > > etc. Literally, 30,000 user names attempted. Dictionaryt attacks are quite common, nothing new here... fail2ban is what I use, would have killed this one (since it's from the same IP) almost immediately... It doesn't work so well with sophisticated bots that can change IPs at will, but the secondary method of locking out an account after X number of failed auth attempts will eliminate the risk of a focused attack on a single account, so as long as you are using strong passwords, your system is secure (from these kinds of attacks, at least). The only attack I haven't figured out how to eliminate is the social/phishing attack, where $DumbUser gives out their username password voluntarily... although I have been considering faking a phishing attack on my own users, and flagging the ones who fall for it for training. -- Best regards, Charles From Ralf.Hildebrandt at charite.de Thu Sep 22 17:12:36 2011 From: Ralf.Hildebrandt at charite.de (Ralf Hildebrandt) Date: Thu, 22 Sep 2011 16:12:36 +0200 Subject: [Dovecot] 64.31.19.48 attempt to break into my computer In-Reply-To: <201109191705.p8JH5las016087@lin12.triumf.ca> References: <201109191705.p8JH5las016087@lin12.triumf.ca> Message-ID: <20110922141236.GO18064@charite.de> * Rick Baartman : > From my secure log: > > Sep 19 01:16:44 lin12 dovecot-auth: pam_unix(dovecot:auth): check pass; user unknown > Sep 19 01:16:44 lin12 dovecot-auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser= rhost=::ffff:64.31.19.48 > Sep 19 01:16:44 lin12 dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user aaron > Sep 19 01:16:45 lin12 dovecot-auth: pam_unix(dovecot:auth): check pass; user unknown > Sep 19 01:16:45 lin12 dovecot-auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser= rhost=::ffff:64.31.19.48 > Sep 19 01:16:45 lin12 dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user abby > > etc. Literally, 30,000 user names attempted. And? Any success? -- Ralf Hildebrandt Gesch?ftsbereich IT | Abteilung Netzwerk Charit? - Universit?tsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebrandt at charite.de | http://www.charite.de From john.alexander at preachain.org Thu Sep 22 17:13:43 2011 From: john.alexander at preachain.org (John Alexander) Date: Thu, 22 Sep 2011 07:13:43 -0700 Subject: [Dovecot] 64.31.19.48 attempt to break into my computer In-Reply-To: <201109191705.p8JH5las016087@lin12.triumf.ca> References: <201109191705.p8JH5las016087@lin12.triumf.ca> Message-ID: <20110922141258.M23185@preachain.org> Fail2Ban is an excellent tool to deal with this sort of thing. On Mon, 19 Sep 2011 10:05:47 -0700, Rick Baartman wrote > >From my secure log: > > Sep 19 01:16:44 lin12 dovecot-auth: pam_unix(dovecot:auth): check > pass; user unknown > Sep 19 01:16:44 lin12 dovecot-auth: pam_unix(dovecot:auth): > authentication failure; logname= uid=0 euid=0 tty=dovecot ruser= > rhost=::ffff:64.31.19.48 > Sep 19 01:16:44 lin12 dovecot-auth: pam_succeed_if(dovecot:auth): > error retrieving information about user aaron > Sep 19 01:16:45 lin12 dovecot-auth: pam_unix(dovecot:auth): check > pass; user unknown > Sep 19 01:16:45 lin12 dovecot-auth: pam_unix(dovecot:auth): > authentication failure; logname= uid=0 euid=0 tty=dovecot ruser= > rhost=::ffff:64.31.19.48 > Sep 19 01:16:45 lin12 dovecot-auth: pam_succeed_if(dovecot:auth): > error retrieving information about user abby > > etc. Literally, 30,000 user names attempted. > -- > rick baartman > > TRIUMF > 4004 Wesbrook Mall > Vancouver, BC > V6T2A3 ------------------------------------ I've stopped trying to catch up, I'm just trying to limit the rate at which I'm falling behind John Alexander From tomislav.mihalicek at gmail.com Thu Sep 22 17:16:59 2011 From: tomislav.mihalicek at gmail.com (Tomislav Mihalicek) Date: Thu, 22 Sep 2011 07:16:59 -0700 (PDT) Subject: [Dovecot] Dovecot 1.2, problem with SQL quota and mail aliases In-Reply-To: References: Message-ID: <32503821.post@talk.nabble.com> I have the same problem but with LDAP, how to fix this on LDAP backed? scope = subtree deref = never pass_attrs = userPassword=password base = ou=accounts,dc=globalnet,dc=hr user_filter = (&(|(objectClass=qmailUser)(objectClass=mailUser))(accountService=mail)(accountService=%Ls%Lc)(|(mail=%u)(mailAlternateAddress=%u))) pass_filter = (&(|(objectClass=qmailUser)(objectClass=mailUser))(accountService=mail)(accountService=%Ls%Lc)(|(mail=%u)(mailAlternateAddress=%u))) pass_attrs = userPassword=password default_pass_scheme = MD5 user_attrs = homeDirectory=home,mailQuotaSize=quota_rule=*:bytes=%$ Jacek Osiecki wrote: > > Hello, > > I have a small server running dovecot 1.2 (still not balsy enough to > switch to 2.0 - virtual sql accounts, managesieve etc.). There are no > local users - only ones defined in the SQL database, and everything else > (including quota) is defined in SQL db too. Dovecot is used as IMAP > daemon, and dovecot-lda is responsible for delivery (in order to make use > of sieve and managesieve). I know that my configuration might be a bit > ancient, but this is not referring to any bug (at least I think so) and > rather to errors I've made in configuration. > > Several users have reported, that they are running out of quota even > though their mailboxes are empty. I thought these were some single cases, > but recently I discovered that this situation occurs when: > - user john at domain.com has a mail alias, eg. john.smith at domain.com > - he logs in to the imap account (using MUA or webmail) using his alias > (john.smith at domain.com). > > In effect, all incoming emails for john at domain.com are increasing the > counters (both "bytes" and "messages"), but since user logs in using > john.smith at domain.com - anything he deletes from the mailbox decreases > the records for john.smith at domain.com. Finally, John has two records: > > +---------------------------+-----------+----------+ > | username | bytes | messages | > +---------------------------+-----------+----------+ > | john.smith at domain.com | -5488133 | -13 | > | john at domain.com | 341411029 | 1111 | > +---------------------------+-----------+----------+ > > The record for john at domain.com finaly reaches the quota limit - and even > removing all emails does not help. > > My /etc/dovecot/dovecot-dict-quota.conf looks like this: > > map { > pattern = priv/quota/storage > table = quota > username_field = username > value_field = bytes > } > map { > pattern = priv/quota/messages > table = quota > username_field = username > value_field = messages > } > > And my question is: what is used as "username"? Always the username given > wher user logs in? Is there a way to provide some dictionary to translate > all aliases to the real username? > > Best regards, > -- > Jacek Osiecki joshua at ceti.pl GG:3828944 > I don't want something I need. I want something I want. > > -- View this message in context: http://old.nabble.com/Dovecot-1.2%2C-problem-with-SQL-quota-and-mail-aliases-tp30949509p32503821.html Sent from the Dovecot mailing list archive at Nabble.com. From dovecot at lists.grepular.com Thu Sep 22 17:17:31 2011 From: dovecot at lists.grepular.com (Mike Cardwell) Date: Thu, 22 Sep 2011 15:17:31 +0100 Subject: [Dovecot] 64.31.19.48 attempt to break into my computer In-Reply-To: <4E7B4148.2090902@Media-Brokers.com> References: <201109191705.p8JH5las016087@lin12.triumf.ca> <4E7B4148.2090902@Media-Brokers.com> Message-ID: <4E7B437B.9030600@lists.grepular.com> On 22/09/11 15:08, Charles Marcus wrote: > The only attack I haven't figured out how to eliminate is the > social/phishing attack, where $DumbUser gives out their username > password voluntarily... although I have been considering faking a > phishing attack on my own users, and flagging the ones who fall for it > for training. The University I work at was suffering from this a *lot*. Phishers kept contacting our users pretending to be from our IT helpdesk asking users to reply with their login details so that their mailbox could be refreshed or so their quota could be fixed and other such things. So I developed an application that sits on our outgoing mail routers looking for login credentials inside emails. If it finds any, it blackholes the email and sends an autoresponse to the sender telling them to never ever send login details via email under any circumstances. It Cc's me in too, and it catches people emailing their logins around on a *daily* basis. Our usernames follow a very strict format, and we have a pretty strict password policy so what my program does is pull out a list of all the *possible* usernames and passwords and then attempts to authenticate against our AD using them. I built it into a framework so other people can use it: http://kochi.lboro.ac.uk/kochi1.html You need to know how to write Perl though in order to use it. It's not plug and play. We also added ratelimiting to our outgoing mail, and a system which alerts us whenever anyone hits the limit. If it takes a phisher 2000 spams to get access to one account, but that one account only allows the phisher to send 1000 spams, then it completely destroys the point of what they're doing. -- Mike Cardwell https://grepular.com/ https://twitter.com/mickeyc Professional http://cardwellit.com/ http://linkedin.com/in/mikecardwell PGP.mit.edu 0018461F/35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 455 bytes Desc: OpenPGP digital signature URL: From nighoo at googlemail.com Thu Sep 22 17:18:23 2011 From: nighoo at googlemail.com (Nighoo) Date: Thu, 22 Sep 2011 16:18:23 +0200 Subject: [Dovecot] 64.31.19.48 attempt to break into my computer In-Reply-To: <201109191705.p8JH5las016087@lin12.triumf.ca> References: <201109191705.p8JH5las016087@lin12.triumf.ca> Message-ID: <4E7B43AF.80203@gmail.com> Am 19.09.2011 19:05, schrieb Rick Baartman: > From my secure log: > > Sep 19 01:16:44 lin12 dovecot-auth: pam_unix(dovecot:auth): check pass; user unknown > Sep 19 01:16:44 lin12 dovecot-auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser= rhost=::ffff:64.31.19.48 > Sep 19 01:16:44 lin12 dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user aaron > Sep 19 01:16:45 lin12 dovecot-auth: pam_unix(dovecot:auth): check pass; user unknown > Sep 19 01:16:45 lin12 dovecot-auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser= rhost=::ffff:64.31.19.48 > Sep 19 01:16:45 lin12 dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user abby > > etc. Literally, 30,000 user names attempted. I can advice you to use Fail2Ban. This will block that Ip-Adresse after a customizable number of failed logins. In addition you can `whois` this ip adresse and send an email to his abuse at provider. From Ralf.Hildebrandt at charite.de Thu Sep 22 17:21:52 2011 From: Ralf.Hildebrandt at charite.de (Ralf Hildebrandt) Date: Thu, 22 Sep 2011 16:21:52 +0200 Subject: [Dovecot] 64.31.19.48 attempt to break into my computer In-Reply-To: <4E7B437B.9030600@lists.grepular.com> References: <201109191705.p8JH5las016087@lin12.triumf.ca> <4E7B4148.2090902@Media-Brokers.com> <4E7B437B.9030600@lists.grepular.com> Message-ID: <20110922142152.GQ18064@charite.de> * Mike Cardwell : > The University I work at was suffering from this a *lot*. Phishers kept > contacting our users pretending to be from our IT helpdesk asking users > to reply with their login details so that their mailbox could be > refreshed or so their quota could be fixed and other such things. Same here. > So I developed an application that sits on our outgoing mail routers > looking for login credentials inside emails. If it finds any, it > blackholes the email and sends an autoresponse to the sender telling > them to never ever send login details via email under any circumstances. > It Cc's me in too, and it catches people emailing their logins around on > a *daily* basis. clamav is supposed to be capable of that functionality > Our usernames follow a very strict format, and we have a pretty strict > password policy so what my program does is pull out a list of all the > *possible* usernames and passwords and then attempts to authenticate > against our AD using them. Ah! That's a nice idea. -- Ralf Hildebrandt Gesch?ftsbereich IT | Abteilung Netzwerk Charit? - Universit?tsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebrandt at charite.de | http://www.charite.de From dovecot at lists.grepular.com Thu Sep 22 17:27:25 2011 From: dovecot at lists.grepular.com (Mike Cardwell) Date: Thu, 22 Sep 2011 15:27:25 +0100 Subject: [Dovecot] 64.31.19.48 attempt to break into my computer In-Reply-To: <20110922142152.GQ18064@charite.de> References: <201109191705.p8JH5las016087@lin12.triumf.ca> <4E7B4148.2090902@Media-Brokers.com> <4E7B437B.9030600@lists.grepular.com> <20110922142152.GQ18064@charite.de> Message-ID: <4E7B45CD.5060904@lists.grepular.com> On 22/09/11 15:21, Ralf Hildebrandt wrote: >> The University I work at was suffering from this a *lot*. Phishers kept >> contacting our users pretending to be from our IT helpdesk asking users >> to reply with their login details so that their mailbox could be >> refreshed or so their quota could be fixed and other such things. > > Same here. > >> So I developed an application that sits on our outgoing mail routers >> looking for login credentials inside emails. If it finds any, it >> blackholes the email and sends an autoresponse to the sender telling >> them to never ever send login details via email under any circumstances. >> It Cc's me in too, and it catches people emailing their logins around on >> a *daily* basis. > > clamav is supposed to be capable of that functionality > >> Our usernames follow a very strict format, and we have a pretty strict >> password policy so what my program does is pull out a list of all the >> *possible* usernames and passwords and then attempts to authenticate >> against our AD using them. > > Ah! > That's a nice idea. Perhaps, if you have a list of the plain text passwords in advance you could use ClamAV. In our case, we don't as we're using an AD. I actually copied the ClamAV tcp and local interface API so that any MTA which can plug in to ClamAV is also able to plug into Kochi. That's one of the things the framework provides. -- Mike Cardwell https://grepular.com/ https://twitter.com/mickeyc Professional http://cardwellit.com/ http://linkedin.com/in/mikecardwell PGP.mit.edu 0018461F/35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 455 bytes Desc: OpenPGP digital signature URL: From Ralf.Hildebrandt at charite.de Thu Sep 22 17:30:50 2011 From: Ralf.Hildebrandt at charite.de (Ralf Hildebrandt) Date: Thu, 22 Sep 2011 16:30:50 +0200 Subject: [Dovecot] 64.31.19.48 attempt to break into my computer In-Reply-To: <4E7B45CD.5060904@lists.grepular.com> References: <201109191705.p8JH5las016087@lin12.triumf.ca> <4E7B4148.2090902@Media-Brokers.com> <4E7B437B.9030600@lists.grepular.com> <20110922142152.GQ18064@charite.de> <4E7B45CD.5060904@lists.grepular.com> Message-ID: <20110922143050.GT18064@charite.de> > Perhaps, if you have a list of the plain text passwords in advance you > could use ClamAV. No, clamav is supposed to find stuff that looks like "social security numbers". It's probably harder with usernames (especially if the username is by chance a real word) > In our case, we don't as we're using an AD. I actually copied the > ClamAV tcp and local interface API so that any MTA which can plug in to > ClamAV is also able to plug into Kochi. That's one of the things the > framework provides. WOW! -- Ralf Hildebrandt Gesch?ftsbereich IT | Abteilung Netzwerk Charit? - Universit?tsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebrandt at charite.de | http://www.charite.de From tomislav.mihalicek at gmail.com Thu Sep 22 17:33:31 2011 From: tomislav.mihalicek at gmail.com (Tomislav Mihalicek) Date: Thu, 22 Sep 2011 07:33:31 -0700 (PDT) Subject: [Dovecot] Dovecot 1.2, problem with SQL quota and mail aliases In-Reply-To: <32503821.post@talk.nabble.com> References: <32503821.post@talk.nabble.com> Message-ID: <32503822.post@talk.nabble.com> SOLVED add mail=user in user_attrs user_attrs = mail=user,homeDirectory=home,mailQuotaSize=quota_rule=*:bytes=%$ Tomislav Mihalicek wrote: > > I have the same problem but with LDAP, how to fix this on LDAP backed? > > scope = subtree > deref = never > pass_attrs = userPassword=password > base = ou=accounts,dc=globalnet,dc=hr > user_filter = > (&(|(objectClass=qmailUser)(objectClass=mailUser))(accountService=mail)(accountService=%Ls%Lc)(|(mail=%u)(mailAlternateAddress=%u))) > pass_filter = > (&(|(objectClass=qmailUser)(objectClass=mailUser))(accountService=mail)(accountService=%Ls%Lc)(|(mail=%u)(mailAlternateAddress=%u))) > pass_attrs = userPassword=password > default_pass_scheme = MD5 > user_attrs = homeDirectory=home,mailQuotaSize=quota_rule=*:bytes=%$ > > > > Jacek Osiecki wrote: >> >> Hello, >> >> I have a small server running dovecot 1.2 (still not balsy enough to >> switch to 2.0 - virtual sql accounts, managesieve etc.). There are no >> local users - only ones defined in the SQL database, and everything else >> (including quota) is defined in SQL db too. Dovecot is used as IMAP >> daemon, and dovecot-lda is responsible for delivery (in order to make use >> of sieve and managesieve). I know that my configuration might be a bit >> ancient, but this is not referring to any bug (at least I think so) and >> rather to errors I've made in configuration. >> >> Several users have reported, that they are running out of quota even >> though their mailboxes are empty. I thought these were some single cases, >> but recently I discovered that this situation occurs when: >> - user john at domain.com has a mail alias, eg. john.smith at domain.com >> - he logs in to the imap account (using MUA or webmail) using his alias >> (john.smith at domain.com). >> >> In effect, all incoming emails for john at domain.com are increasing the >> counters (both "bytes" and "messages"), but since user logs in using >> john.smith at domain.com - anything he deletes from the mailbox decreases >> the records for john.smith at domain.com. Finally, John has two records: >> >> +---------------------------+-----------+----------+ >> | username | bytes | messages | >> +---------------------------+-----------+----------+ >> | john.smith at domain.com | -5488133 | -13 | >> | john at domain.com | 341411029 | 1111 | >> +---------------------------+-----------+----------+ >> >> The record for john at domain.com finaly reaches the quota limit - and even >> removing all emails does not help. >> >> My /etc/dovecot/dovecot-dict-quota.conf looks like this: >> >> map { >> pattern = priv/quota/storage >> table = quota >> username_field = username >> value_field = bytes >> } >> map { >> pattern = priv/quota/messages >> table = quota >> username_field = username >> value_field = messages >> } >> >> And my question is: what is used as "username"? Always the username given >> wher user logs in? Is there a way to provide some dictionary to translate >> all aliases to the real username? >> >> Best regards, >> -- >> Jacek Osiecki joshua at ceti.pl GG:3828944 >> I don't want something I need. I want something I want. >> >> > > -- View this message in context: http://old.nabble.com/Dovecot-1.2%2C-problem-with-SQL-quota-and-mail-aliases-tp30949509p32503822.html Sent from the Dovecot mailing list archive at Nabble.com. From rick at havokmon.com Thu Sep 22 17:34:17 2011 From: rick at havokmon.com (Rick Romero) Date: Thu, 22 Sep 2011 09:34:17 -0500 Subject: [Dovecot] 64.31.19.48 attempt to break into my computer In-Reply-To: <4E7B45CD.5060904@lists.grepular.com> References: <201109191705.p8JH5las016087@lin12.triumf.ca> <4E7B4148.2090902@Media-Brokers.com> <4E7B437B.9030600@lists.grepular.com> <20110922142152.GQ18064@charite.de> <4E7B45CD.5060904@lists.grepular.com> Message-ID: <20110922093417.Horde.p1v6IqPBW7JOe0dpQ45kRsA@beta.vfemail.net> Quoting Mike Cardwell : > On 22/09/11 15:21, Ralf Hildebrandt wrote: > > > Perhaps, if you have a list of the plain text passwords in advance you > could use ClamAV. In our case, we don't as we're using an AD. I actually > copied the ClamAV tcp and local interface API so that any MTA which can > plug in to ClamAV is also able to plug into Kochi. That's one of the > things the framework provides. There are additional 'non-official' ClamAV signatures that are meant to detect phishing attempts. They do work, but aren't perfect. I'm fortunate enough to be on the phishing list, so I wrote a quickie perl script that will grep the logs for all the recipients and then scan their INBOX for the phishing email and remove it before they read it. Rick From Ralf.Hildebrandt at charite.de Thu Sep 22 17:36:58 2011 From: Ralf.Hildebrandt at charite.de (Ralf Hildebrandt) Date: Thu, 22 Sep 2011 16:36:58 +0200 Subject: [Dovecot] 64.31.19.48 attempt to break into my computer In-Reply-To: <20110922093417.Horde.p1v6IqPBW7JOe0dpQ45kRsA@beta.vfemail.net> References: <201109191705.p8JH5las016087@lin12.triumf.ca> <4E7B4148.2090902@Media-Brokers.com> <4E7B437B.9030600@lists.grepular.com> <20110922142152.GQ18064@charite.de> <4E7B45CD.5060904@lists.grepular.com> <20110922093417.Horde.p1v6IqPBW7JOe0dpQ45kRsA@beta.vfemail.net> Message-ID: <20110922143658.GV18064@charite.de> * Rick Romero : > There are additional 'non-official' ClamAV signatures that are meant > to detect phishing attempts. > They do work, but aren't perfect. Got a link? Or are you thinking of the SaneSecurity Signatures? > I'm fortunate enough to be on the phishing list, so I wrote a quickie > perl script that will grep the logs for all the recipients and then > scan their INBOX for the phishing email and remove it before they > read it. I usually use doveadm for this. -- Ralf Hildebrandt Gesch?ftsbereich IT | Abteilung Netzwerk Charit? - Universit?tsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebrandt at charite.de | http://www.charite.de From rick at havokmon.com Thu Sep 22 17:39:08 2011 From: rick at havokmon.com (Rick Romero) Date: Thu, 22 Sep 2011 09:39:08 -0500 Subject: [Dovecot] 64.31.19.48 attempt to break into my computer In-Reply-To: <20110922143658.GV18064@charite.de> References: <201109191705.p8JH5las016087@lin12.triumf.ca> <4E7B4148.2090902@Media-Brokers.com> <4E7B437B.9030600@lists.grepular.com> <20110922142152.GQ18064@charite.de> <4E7B45CD.5060904@lists.grepular.com> <20110922093417.Horde.p1v6IqPBW7JOe0dpQ45kRsA@beta.vfemail.net> <20110922143658.GV18064@charite.de> Message-ID: <20110922093908.Horde.aS3PC22tkQ9Oe0iMKQXrmnA@beta.vfemail.net> Quoting Ralf Hildebrandt : > * Rick Romero : > >> There are additional 'non-official' ClamAV signatures that are meant >> to detect phishing attempts. >> They do work, but aren't perfect. > > Got a link? Or are you thinking of the SaneSecurity Signatures? Yep. The SaneSecurity Sigs. > >> I'm fortunate enough to be on the phishing list, so I wrote a quickie >> perl script that will grep the logs for all the recipients and then >> scan their INBOX for the phishing email and remove it before they >> read it. > > I usually use doveadm for this. I'm slow to adopting new technology :) I would definitely do it if I wasn't still running plain old Maildir. Rick From Ralf.Hildebrandt at charite.de Thu Sep 22 17:40:37 2011 From: Ralf.Hildebrandt at charite.de (Ralf Hildebrandt) Date: Thu, 22 Sep 2011 16:40:37 +0200 Subject: [Dovecot] 64.31.19.48 attempt to break into my computer In-Reply-To: <20110922093908.Horde.aS3PC22tkQ9Oe0iMKQXrmnA@beta.vfemail.net> References: <201109191705.p8JH5las016087@lin12.triumf.ca> <4E7B4148.2090902@Media-Brokers.com> <4E7B437B.9030600@lists.grepular.com> <20110922142152.GQ18064@charite.de> <4E7B45CD.5060904@lists.grepular.com> <20110922093417.Horde.p1v6IqPBW7JOe0dpQ45kRsA@beta.vfemail.net> <20110922143658.GV18064@charite.de> <20110922093908.Horde.aS3PC22tkQ9Oe0iMKQXrmnA@beta.vfemail.net> Message-ID: <20110922144037.GW18064@charite.de> * Rick Romero : > >I usually use doveadm for this. > > I'm slow to adopting new technology :) I would definitely do it if > I wasn't still running plain old Maildir. It's working on plain old Maildir :) -- Ralf Hildebrandt Gesch?ftsbereich IT | Abteilung Netzwerk Charit? - Universit?tsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebrandt at charite.de | http://www.charite.de From robert at schetterer.org Thu Sep 22 17:42:43 2011 From: robert at schetterer.org (Robert Schetterer) Date: Thu, 22 Sep 2011 16:42:43 +0200 Subject: [Dovecot] 64.31.19.48 attempt to break into my computer In-Reply-To: <20110922143658.GV18064@charite.de> References: <201109191705.p8JH5las016087@lin12.triumf.ca> <4E7B4148.2090902@Media-Brokers.com> <4E7B437B.9030600@lists.grepular.com> <20110922142152.GQ18064@charite.de> <4E7B45CD.5060904@lists.grepular.com> <20110922093417.Horde.p1v6IqPBW7JOe0dpQ45kRsA@beta.vfemail.net> <20110922143658.GV18064@charite.de> Message-ID: <4E7B4963.80207@schetterer.org> Am 22.09.2011 16:36, schrieb Ralf Hildebrandt: > * Rick Romero : > >> There are additional 'non-official' ClamAV signatures that are meant >> to detect phishing attempts. >> They do work, but aren't perfect. > > Got a link? Or are you thinking of the SaneSecurity Signatures? > >> I'm fortunate enough to be on the phishing list, so I wrote a quickie >> perl script that will grep the logs for all the recipients and then >> scan their INBOX for the phishing email and remove it before they >> read it. > > I usually use doveadm for this. > why not simply use clamav-milter with sanesecurity sigs ( works like charme here ) so the stuff dont pass ever in mailboxes, if you dont like reject , then hold for manual human admin interaction -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria From dovecot at lists.grepular.com Thu Sep 22 17:42:44 2011 From: dovecot at lists.grepular.com (dovecot at lists.grepular.com) Date: Thu, 22 Sep 2011 15:42:44 +0100 Subject: [Dovecot] 64.31.19.48 attempt to break into my computer In-Reply-To: <20110922093908.Horde.aS3PC22tkQ9Oe0iMKQXrmnA@beta.vfemail.net> References: <201109191705.p8JH5las016087@lin12.triumf.ca> <4E7B4148.2090902@Media-Brokers.com> <4E7B437B.9030600@lists.grepular.com> <20110922142152.GQ18064@charite.de> <4E7B45CD.5060904@lists.grepular.com> <20110922093417.Horde.p1v6IqPBW7JOe0dpQ45kRsA@beta.vfemail.net> <20110922143658.GV18064@charite.de> <20110922093908.Horde.aS3PC22tkQ9Oe0iMKQXrmnA@beta.vfemail.net> Message-ID: <4E7B4964.4030603@lists.grepular.com> On 22/09/11 15:39, Rick Romero wrote: >>> There are additional 'non-official' ClamAV signatures that are meant >>> to detect phishing attempts. >>> They do work, but aren't perfect. >> >> Got a link? Or are you thinking of the SaneSecurity Signatures? > > Yep. The SaneSecurity Sigs. We do use ClamAV+SaneSecurity on incoming email, but these are *very* targetted phishing attacks, and lots of them manage to get through. The Kochi application that I brought up sits on the *outgoing* mail routers and prevents people sending out their login details once they've been tricked. -- Mike Cardwell https://grepular.com/ https://twitter.com/mickeyc Professional http://cardwellit.com/ http://linkedin.com/in/mikecardwell PGP.mit.edu 0018461F/35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 455 bytes Desc: OpenPGP digital signature URL: From Lutz.Pressler at SerNet.DE Thu Sep 22 17:44:30 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Thu, 22 Sep 2011 16:44:30 +0200 Subject: [Dovecot] zlib_save per namespace/mailbox? Message-ID: Hi, the zlib_save question reminds me of a wish: I think it's not possible to set zlib_save parameter per namespace (or even mailbox). Per namespace would be something for the wish list to get rid of the cron job method to compress archival mailboxes. And maybe an option to add a "Z" flag to compressed maildir message files as recommended in the wiki regarding compress crob job. Lutz From robert at schetterer.org Thu Sep 22 17:51:07 2011 From: robert at schetterer.org (Robert Schetterer) Date: Thu, 22 Sep 2011 16:51:07 +0200 Subject: [Dovecot] 64.31.19.48 attempt to break into my computer In-Reply-To: <4E7B4964.4030603@lists.grepular.com> References: <201109191705.p8JH5las016087@lin12.triumf.ca> <4E7B4148.2090902@Media-Brokers.com> <4E7B437B.9030600@lists.grepular.com> <20110922142152.GQ18064@charite.de> <4E7B45CD.5060904@lists.grepular.com> <20110922093417.Horde.p1v6IqPBW7JOe0dpQ45kRsA@beta.vfemail.net> <20110922143658.GV18064@charite.de> <20110922093908.Horde.aS3PC22tkQ9Oe0iMKQXrmnA@beta.vfemail.net> <4E7B4964.4030603@lists.grepular.com> Message-ID: <4E7B4B5B.5050104@schetterer.org> Am 22.09.2011 16:42, schrieb dovecot at lists.grepular.com: > On 22/09/11 15:39, Rick Romero wrote: > >>>> There are additional 'non-official' ClamAV signatures that are meant >>>> to detect phishing attempts. >>>> They do work, but aren't perfect. >>> >>> Got a link? Or are you thinking of the SaneSecurity Signatures? >> >> Yep. The SaneSecurity Sigs. > > We do use ClamAV+SaneSecurity on incoming email, but these are *very* > targetted phishing attacks, and lots of them manage to get through. The > Kochi application that I brought up sits on the *outgoing* mail routers > and prevents people sending out their login details once they've been > tricked. > yes youre right, after all this isnt really dovecot related wasnt the orginal topic about brute force pop/imap attack ? -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria From jeetendra.p at directi.com Thu Sep 22 18:26:01 2011 From: jeetendra.p at directi.com (Jeetu) Date: Thu, 22 Sep 2011 20:56:01 +0530 Subject: [Dovecot] Missing man page for doveadm move Message-ID: <4E7B5389.7050907@directi.com> Hi, i cant see man pages for doveadm-move, though the command "doveadm move ..." works on new version of dovecot. http://hg.dovecot.org/dovecot-2.0/rev/d7a02077d91f -- -Jeetu From lee at standen.id.au Thu Sep 22 18:55:02 2011 From: lee at standen.id.au (Lee Standen) Date: Thu, 22 Sep 2011 23:55:02 +0800 Subject: [Dovecot] Dovecot 1.x vs 2.x Message-ID: <6F135AF5-22B0-4E3D-97F0-C0F520FB4B6D@standen.id.au> Hi All, I'm currently in the planning stages for a technology refresh for a very large mail installation, and looking at using Dovecot with LDA/Sieve/FTS_Solr and a number of other plugins to give our users some great features. Currently, our standard distribution is Ubuntu Lucid, which has Dovecot 1.x included with it in pre-built packages, and Dovecot 2.x is in the upcoming Oneiric beta coming out next month. My question is, are there any compelling reasons why we should gravitate towards running Dovecot 2.x beyond the fact it's the "latest and greatest" version? What features would we miss that we're likely to want or need on a very large installation (i'm talking dozens of VM's, over 1 million mailboxes). Thanks From tgoguen at ilap.com Thu Sep 22 20:01:16 2011 From: tgoguen at ilap.com (Tristan Goguen) Date: Thu, 22 Sep 2011 13:01:16 -0400 Subject: [Dovecot] Duplicates when switching from Qpopper to Dovecot pop3 Message-ID: Hi All, Our test users re-download the mail they've left on the server when they switch from Qpopper to Dovecot. Qpopper includes the X-UIDL header - X-UIDL: X8V"!E)<"!58?"!"9C"! - on read messages. Any suggestions are appreciated. I've included my dovecot configuration. Thank you, Tristan --- Tristan Tristan Goguen CEO, ILAP? T: 416-250-5600 ext. 205 F: 416-250-6755 tgoguen at ilap.com www.ilap.com --- # 2.0.14: /etc/dovecot.conf # OS: SunOS 5.10 sun4v auth_cache_size = 1048575 B auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.+-_@ auth_username_format = %Ln auth_verbose = yes base_dir = /usr/local/var/run/dovecot/ disable_plaintext_auth = no first_valid_uid = 100 log_path = /var/log/dovecot.log login_greeting = mail_access_groups = mail mail_fsync = never mail_location = mbox:~/mail:INBOX=/var/mail/%1u/%1.1u/%u mbox_dotlock_change_timeout = 1 mins mbox_min_index_size = 1 B mbox_read_locks = dotlock mbox_write_locks = dotlock mmap_disable = yes passdb { driver = shadow } protocols = pop3 service pop3-login { client_limit = 10 inet_listener pop3 { address = 216.223.136.7 port = 110 } process_limit = 128 process_min_avail = 5 service_count = 0 vsz_limit = 512 M } shutdown_clients = no ssl = no userdb { args = blocking=yes driver = passwd } protocol pop3 { pop3_client_workarounds = outlook-no-nuls oe-ns-eoh pop3_enable_last = yes pop3_lock_session = yes pop3_reuse_xuidl = yes pop3_save_uidl = yes } From other at ahhyes.net Fri Sep 23 01:28:07 2011 From: other at ahhyes.net (Alex) Date: Fri, 23 Sep 2011 08:28:07 +1000 Subject: [Dovecot] =?utf-8?q?64=2E31=2E19=2E48_attempt_to_break_into_my_co?= =?utf-8?q?mputer?= Message-ID: It is a great tool. Unfortunately dovecot allows infinate incorrect logins during a single session. When fail2ban has firewalled the ip its pointless as the rule only affects new sessions, not established ones. I am disappointed that the author of dovecot has no interest in adding a feature that closes the session after x auth failures. It would certainly make tools like fail2ban more effective. ----- Reply message ----- From: "John Alexander" Date: Fri, Sep 23, 2011 00:13 Subject: [Dovecot] 64.31.19.48 attempt to break into my computer To: Fail2Ban is an excellent tool to deal with this sort of thing. On Mon, 19 Sep 2011 10:05:47 -0700, Rick Baartman wrote > >From my secure log: > > Sep 19 01:16:44 lin12 dovecot-auth: pam_unix(dovecot:auth): check > pass; user unknown > Sep 19 01:16:44 lin12 dovecot-auth: pam_unix(dovecot:auth): > authentication failure; logname= uid=0 euid=0 tty=dovecot ruser= > rhost=::ffff:64.31.19.48 > Sep 19 01:16:44 lin12 dovecot-auth: pam_succeed_if(dovecot:auth): > error retrieving information about user aaron From rick at havokmon.com Fri Sep 23 02:39:09 2011 From: rick at havokmon.com (Rick Romero) Date: Thu, 22 Sep 2011 18:39:09 -0500 Subject: [Dovecot] 64.31.19.48 attempt to break into my computer In-Reply-To: References: Message-ID: <20110922183909.Horde.LWfYRaPBW7JOe8cdbPhxKc0@beta.vfemail.net> Quoting Alex : > It [fail2ban] is a great tool. Unfortunately dovecot allows infinate > incorrect logins during a single session. When fail2ban has > firewalled the ip its pointless as the rule only affects new > sessions, not established ones. I am disappointed that the author of > dovecot has no interest in adding a feature that closes the session > after x auth failures. It would certainly make tools like fail2ban > more effective. If that is a big issue for you, you could always have fail2ban add a dummy route: For example: route add $IP gw 127.0.0.1 Rick From h.e at gmx.at Fri Sep 23 13:03:17 2011 From: h.e at gmx.at (Hannes Erven) Date: Fri, 23 Sep 2011 12:03:17 +0200 Subject: [Dovecot] 64.31.19.48 attempt to break into my computer In-Reply-To: <20110922183909.Horde.LWfYRaPBW7JOe8cdbPhxKc0@beta.vfemail.net> References: <20110922183909.Horde.LWfYRaPBW7JOe8cdbPhxKc0@beta.vfemail.net> Message-ID: <4E7C5965.4020101@gmx.at> Am 2011-09-23 01:39, schrieb Rick Romero: > > Quoting Alex : > >> It [fail2ban] is a great tool. Unfortunately dovecot allows infinate >> incorrect logins during a single session. When fail2ban has firewalled >> the ip its pointless as the rule only affects new sessions > [...] > If that is a big issue for you, you could always have fail2ban add a > dummy route: > For example: route add $IP gw 127.0.0.1 ... or configure the fail2ban actions so they apply to any traffic from the offending IP. My iptables ruleset has this action: actionban = iptables -I fail2ban- 1 -s -j DROP Of course, if you have users that are proxied behind the same address, just one of them would instantly kill everybody's sessions. So I agree with Alex, it would be great to limit the number of failed login attempts per connection. -hannes From busseniu at in.tum.de Fri Sep 23 15:13:36 2011 From: busseniu at in.tum.de (Christoph Bussenius) Date: Fri, 23 Sep 2011 14:13:36 +0200 Subject: [Dovecot] Strange behavior from shared namespaces and INBOX, probably a bug Message-ID: <20110923121329.GA13235@informatik.tu-muenchen.de> Hi, we have experienced some erratic behavior from Dovecot 2.0.15 if a user's INBOX is shared. Some folders of user1, including the INBOX, have been shared using these IMAP commands: . login user1 XXXXXX . setacl INBOX user2 lrwstiekx . setacl box-a user2 lrwstiekx Now if we use telnet to log in as user2 and select "shared/user1", it will contain the same mails as "shared/user1/INBOX". The really strange thing is that "SELECT"-ing "shared/user1" succeeds only if it is the first command afted logging in. If it not the first command (if e. g. the "LIST" or "SELECT" command has already been used), then dovecot will report that the mailbox does not exist. As a result, user agents like Thunderbird will behave very erratically in this setup. They may show both mailboxes ("shared/user1" and "shared/user1/INBOX") with the same mails, but will not always succeed to download mails for "shared/user1". We were able to reproduce this behavior with a quite simple configuration (see further below), so I doubt that the problem is in the configuration. So, is this a bug in Dovecot? I am not quite sure how exactly it should behave, but it definitely does not seem right this way. Below are the results from telnet: Sending: . login user2 XXXXXX . select shared/user1 Receiving: * FLAGS (\Answered \Flagged \Deleted \Seen \Draft) * OK [PERMANENTFLAGS (\Answered \Flagged \Deleted \Seen \Draft \*)] Flags permitted. * 5 EXISTS * 0 RECENT * OK [UNSEEN 1] First unseen. * OK [UIDVALIDITY 1316698162] UIDs valid * OK [UIDNEXT 6] Predicted next UID * OK [HIGHESTMODSEQ 1] Highest . OK [READ-WRITE] Select completed. Sending: . fetch 1:2 (internaldate rfc822.size) Receiving: * 1 FETCH (INTERNALDATE "25-Apr-2006 23:09:07 +0200" RFC822.SIZE 5660) * 2 FETCH (INTERNALDATE "25-Apr-2006 23:11:01 +0200" RFC822.SIZE 6612) . OK Fetch completed. Sending: . select shared/user1/INBOX Receiving: * OK [CLOSED] Previous mailbox closed. * FLAGS (\Answered \Flagged \Deleted \Seen \Draft) * OK [PERMANENTFLAGS (\Answered \Flagged \Deleted \Seen \Draft \*)] Flags permitted. * 5 EXISTS * 0 RECENT * OK [UNSEEN 1] First unseen. * OK [UIDVALIDITY 1316698162] UIDs valid * OK [UIDNEXT 6] Predicted next UID * OK [HIGHESTMODSEQ 1] Highest . OK [READ-WRITE] Select completed. Sending: . fetch 1:2 (internaldate rfc822.size) Receiving: (Note that these mails are the same as those above) * 1 FETCH (INTERNALDATE "25-Apr-2006 23:09:07 +0200" RFC822.SIZE 5660) * 2 FETCH (INTERNALDATE "25-Apr-2006 23:11:01 +0200" RFC822.SIZE 6612) . OK Fetch completed. Now we select the first mailbox again: Sending: . select shared/user1 Receiving: . NO Mailbox doesn't exist: shared/user1 * OK [CLOSED] Previous mailbox closed. The same command did not fail earlier. Listing the mailboxes shows the following: Sending: . list "" * Receiving: * LIST (\HasNoChildren) "/" "INBOX" * LIST (\Noselect \HasChildren) "/" "shared/user1" * LIST (\HasNoChildren) "/" "shared/user1/box-a" * LIST (\HasNoChildren) "/" "shared/user1/INBOX" . OK List completed. I can reproduce this behavior using the following setup: Virtual users on an ext4 filesystem in /mail/users/{user1,user2} configured in a passwd file (/usr/local/dovecot/etc/dovecot/users): user1:{plain}XXXXXX:::user1:/mail/users/user1:: user2:{plain}XXXXXX:::user2:/mail/users/user2:: Output of doveconf -n: # 2.0.15: /usr/local/dovecot/etc/dovecot/dovecot.conf # OS: Linux 2.6.32-33-server x86_64 Ubuntu 10.04.3 LTS disable_plaintext_auth = no mail_gid = vmail mail_plugins = acl mail_uid = vmail namespace { inbox = yes location = maildir:~/Maildir prefix = separator = / } namespace { list = children location = maildir:%%h/Maildir prefix = shared/%%u/ separator = / subscriptions = no type = shared } passdb { args = scheme=CRYPT username_format=%u /usr/local/dovecot/etc/dovecot/users driver = passwd-file } plugin { acl = vfile acl_shared_dict = file:/mail/shared-mailboxes } protocols = imap service auth { unix_listener auth-userdb { group = vmail mode = 0660 } } ssl_cert = Raum 00.05.055 <> Boltzmannstr. 3 <> Garching From stan at hardwarefreak.com Fri Sep 23 16:13:46 2011 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Fri, 23 Sep 2011 08:13:46 -0500 Subject: [Dovecot] 64.31.19.48 attempt to break into my computer In-Reply-To: <4E7B4963.80207@schetterer.org> References: <201109191705.p8JH5las016087@lin12.triumf.ca> <4E7B4148.2090902@Media-Brokers.com> <4E7B437B.9030600@lists.grepular.com> <20110922142152.GQ18064@charite.de> <4E7B45CD.5060904@lists.grepular.com> <20110922093417.Horde.p1v6IqPBW7JOe0dpQ45kRsA@beta.vfemail.net> <20110922143658.GV18064@charite.de> <4E7B4963.80207@schetterer.org> Message-ID: <4E7C860A.2070908@hardwarefreak.com> On 9/22/2011 9:42 AM, Robert Schetterer wrote: > why not simply use clamav-milter with sanesecurity sigs > ( works like charme here ) > so the stuff dont pass ever in mailboxes, if you dont like reject , then > hold for manual human admin interaction Seems to me this could be done pretty easily with a PCRE/regexp body filter in Postfix, assuming the credentials follow a strict pattern. Apply it to the submission daemon stream and redirect the mail with a filter action to an admin mailbox. I've not written such a thing myself but it seems it would be pretty straightforward. -- Stan From robert at schetterer.org Fri Sep 23 16:45:01 2011 From: robert at schetterer.org (Robert Schetterer) Date: Fri, 23 Sep 2011 15:45:01 +0200 Subject: [Dovecot] 64.31.19.48 attempt to break into my computer In-Reply-To: <4E7C860A.2070908@hardwarefreak.com> References: <201109191705.p8JH5las016087@lin12.triumf.ca> <4E7B4148.2090902@Media-Brokers.com> <4E7B437B.9030600@lists.grepular.com> <20110922142152.GQ18064@charite.de> <4E7B45CD.5060904@lists.grepular.com> <20110922093417.Horde.p1v6IqPBW7JOe0dpQ45kRsA@beta.vfemail.net> <20110922143658.GV18064@charite.de> <4E7B4963.80207@schetterer.org> <4E7C860A.2070908@hardwarefreak.com> Message-ID: <4E7C8D5D.5030708@schetterer.org> Am 23.09.2011 15:13, schrieb Stan Hoeppner: > On 9/22/2011 9:42 AM, Robert Schetterer wrote: > >> why not simply use clamav-milter with sanesecurity sigs >> ( works like charme here ) >> so the stuff dont pass ever in mailboxes, if you dont like reject , then >> hold for manual human admin interaction > > Seems to me this could be done pretty easily with a PCRE/regexp body > filter in Postfix, assuming the credentials follow a strict pattern. > Apply it to the submission daemon stream and redirect the mail with a > filter action to an admin mailbox. I've not written such a thing myself > but it seems it would be pretty straightforward. > why that difficult clamav-milter is able to hold mail, simply configure some monitor script alarming admin when x number mail are in the hold queue so he may delete or unhold it after inspection, i do monitoring i.e. with bb-clone xymon anyway monitoring postfix queues is always nice to have from clamav-milter.conf ACTIONS The following group of options controls the delievery process under different circumstances. The following actions are available: - Accept: The message is accepted for delievery - Reject: Immediately refuse delievery (a 5xx error is returned to the peer) - Defer: Return a temporary failure message (4xx) to the peer - Blackhole (not available for OnFail): Like Accept but the message is sent to oblivion - Quarantine (not available for OnFail): Like Accept but message is quarantined instead of being delivered. NOTE: In Sendmail the quarantine queue can be examined via mailq -qQ. For Postfix this causes the message to be placed on hold. -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria From Lutz.Pressler at SerNet.DE Fri Sep 23 17:49:13 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Fri, 23 Sep 2011 16:49:13 +0200 Subject: [Dovecot] fts (lucene): indexing of virtual mailboxes? Message-ID: Hello, (recent 2.1alpha2 variant - my test setup known to Timo). No time to diagnose in depth at the moment, but I just noticed that SEARCHing in virtual mailboxes seems not to create lucene index content of its own but use those of referenced mailboxes? The problem is that no new indexing takes place. Example: with INBOX INBOX.in% all in dovecot-virtual, for a given query I only get matches from those mailboxes searched in previously. Regards, Lutz From tss at iki.fi Fri Sep 23 17:51:11 2011 From: tss at iki.fi (Timo Sirainen) Date: Fri, 23 Sep 2011 17:51:11 +0300 Subject: [Dovecot] fts (lucene): indexing of virtual mailboxes? In-Reply-To: References: Message-ID: <86A557F0-7062-49B3-A278-3C9418769C65@iki.fi> On 23.9.2011, at 17.49, Lutz Pre?ler wrote: > (recent 2.1alpha2 variant - my test setup known to Timo). > No time to diagnose in depth at the moment, but I just noticed > that SEARCHing in virtual mailboxes seems not to create lucene > index content of its own but use those of referenced mailboxes? Right. > The problem is that no new indexing takes place. It used to work previously.. I'll check later.. From tss at iki.fi Fri Sep 23 17:51:36 2011 From: tss at iki.fi (Timo Sirainen) Date: Fri, 23 Sep 2011 17:51:36 +0300 Subject: [Dovecot] (2.1 recent:) fts_decoder In-Reply-To: References: Message-ID: <072C43C9-38A9-4A22-91AC-78F43EDA74E4@iki.fi> On 22.9.2011, at 14.35, Lutz Pre?ler wrote: > test setup as in previous messages. > With fts = lucene, I enabled the adapted decode2text.sh (at least I tried...) > as suggested in the comment section. > On dovecot-start /var/run/dovecot/decode2text socket is created with sufficiant > permissions (rw for anybody), but decode2text.sh is not started (it's rx for > anybody). When creating lucene indexes, I cannot see it executed either > (and no attachment-only content is findable afterwards). Yeah, it was broken. Fixed today. From forumer at smartmobili.com Fri Sep 23 18:14:06 2011 From: forumer at smartmobili.com (forumer at smartmobili.com) Date: Fri, 23 Sep 2011 17:14:06 +0200 Subject: [Dovecot] How to port this dovecot-1.x configuration file to dovecot-2.x Message-ID: <6638d9f44ea260fbd224784d8a1e958c@smartmobili.com> Hi, I am trying to move from dovecot-1.x to dovecot 2.1 but I have this error : Sep 23 16:04:13 lda: Error: userdb lookup: connect(/var/run/dovecot/auth-master) failed: Permission denied (euid=5000(vmail) egid=5000(vmail) missing +r perm: /var/run/dovecot/auth-master, dir owned by 0:0 mode=0755) and I dont' manage to find information about how to translate this old configuration part: socket listen { master { # Master socket provides access to userdb information. It's typically # used to give Dovecot's local delivery agent access to userdb so it # can find mailbox locations. path = /var/run/dovecot/auth-master mode = 0600 # Default user/group is the one who started dovecot-auth (root) user = vmail #group = } client { # The client socket is generally safe to export to everyone. Typical use # is to export it to your SMTP server so it can do SMTP AUTH lookups # using it. path = /var/run/dovecot/auth-client mode = 0660 } Thanks From tss at iki.fi Fri Sep 23 18:23:05 2011 From: tss at iki.fi (Timo Sirainen) Date: Fri, 23 Sep 2011 18:23:05 +0300 Subject: [Dovecot] How to port this dovecot-1.x configuration file to dovecot-2.x In-Reply-To: <6638d9f44ea260fbd224784d8a1e958c@smartmobili.com> References: <6638d9f44ea260fbd224784d8a1e958c@smartmobili.com> Message-ID: <1C9BC876-89CC-4EB7-A2F7-71500032FA51@iki.fi> On 23.9.2011, at 18.14, forumer at smartmobili.com wrote: > I am trying to move from dovecot-1.x to dovecot 2.1 but I have this error : > > Sep 23 16:04:13 lda: Error: userdb lookup: connect(/var/run/dovecot/auth-master) failed: > Permission denied (euid=5000(vmail) egid=5000(vmail) missing +r perm: /var/run/dovecot/auth-master, dir owned by 0:0 mode=0755) Preferably you'd use auth-userdb now instead of auth-master. > and I dont' manage to find information about how to translate this old configuration part: > > socket listen { > master { > # Master socket provides access to userdb information. It's typically > # used to give Dovecot's local delivery agent access to userdb so it > # can find mailbox locations. > path = /var/run/dovecot/auth-master > mode = 0600 > # Default user/group is the one who started dovecot-auth (root) > user = vmail > #group = > } > client { > # The client socket is generally safe to export to everyone. Typical use > # is to export it to your SMTP server so it can do SMTP AUTH lookups > # using it. > path = /var/run/dovecot/auth-client > mode = 0660 > } doveconf converts that just fine: service auth { unix_listener /var/run/dovecot/auth-client { mode = 0660 } unix_listener /var/run/dovecot/auth-master { mode = 0600 user = vmail } } But again, auth-userdb instead of auth-master is safer. From asai at globalchangemusic.org Fri Sep 23 18:23:41 2011 From: asai at globalchangemusic.org (Asai) Date: Fri, 23 Sep 2011 08:23:41 -0700 Subject: [Dovecot] Using Dsync for Incremental Sync In-Reply-To: <4E7A4157.2080206@globalchangemusic.org> References: <4E7A4157.2080206@globalchangemusic.org> Message-ID: <4E7CA47D.6050904@globalchangemusic.org> So maybe a better question would be, "What can I use for incremental syncing of Dovecot maildirs?" On 9/21/2011 12:56 PM, Asai wrote: > Greetings, > > We have about 26 GB of email which we're trying to sync nightly to a > remote server, but what I just read from a post from Timo awhile back > is that it's not possible because dsync relies on message GUIDs which > aren't available in the IMAP protocol. It seems that this is still > the case, is there anything on the horizon for this to change? From tss at iki.fi Fri Sep 23 19:13:28 2011 From: tss at iki.fi (Timo Sirainen) Date: Fri, 23 Sep 2011 19:13:28 +0300 Subject: [Dovecot] Using Dsync for Incremental Sync In-Reply-To: <4E7A4157.2080206@globalchangemusic.org> References: <4E7A4157.2080206@globalchangemusic.org> Message-ID: <6E40B212-C3FE-4C26-A646-38897E05D34A@iki.fi> On 21.9.2011, at 22.56, Asai wrote: > We have about 26 GB of email which we're trying to sync nightly to a remote server, but what I just read from a post from Timo awhile back is that it's not possible because dsync relies on message GUIDs which aren't available in the IMAP protocol. It seems that this is still the case, is there anything on the horizon for this to change? You mean you want one way Dovecot -> some other IMAP server? Then GUIDs don't really matter and "dsync backup" should work fine. You'll need Dovecot v2.1 of course. From asai at globalchangemusic.org Fri Sep 23 19:27:04 2011 From: asai at globalchangemusic.org (Asai) Date: Fri, 23 Sep 2011 09:27:04 -0700 Subject: [Dovecot] Using Dsync for Incremental Sync In-Reply-To: <6E40B212-C3FE-4C26-A646-38897E05D34A@iki.fi> References: <4E7A4157.2080206@globalchangemusic.org> <6E40B212-C3FE-4C26-A646-38897E05D34A@iki.fi> Message-ID: <4E7CB358.1070205@globalchangemusic.org> Thanks, Timo. Maybe I misunderstood then that Dsync will only add or remove the changed email items on the remote server? Basically we're just trying to keep the mailboxes stored and backed up on the remote server, without having to transfer 26 GB every night. We're using version 2.0.14 right now. So we'd need 2.1 to do that? *Asai* Global Change Multi-Media Internet Application Development IT and Networking Services 520-398-2542 On 9/23/2011 9:13 AM, Timo Sirainen wrote: > On 21.9.2011, at 22.56, Asai wrote: > >> We have about 26 GB of email which we're trying to sync nightly to a remote server, but what I just read from a post from Timo awhile back is that it's not possible because dsync relies on message GUIDs which aren't available in the IMAP protocol. It seems that this is still the case, is there anything on the horizon for this to change? > You mean you want one way Dovecot -> some other IMAP server? Then GUIDs don't really matter and "dsync backup" should work fine. You'll need Dovecot v2.1 of course. > From moseleymark at gmail.com Sat Sep 24 01:35:14 2011 From: moseleymark at gmail.com (Mark Moseley) Date: Fri, 23 Sep 2011 15:35:14 -0700 Subject: [Dovecot] Glued-together private namespaces Message-ID: I've been goofing with this all day with 2.0.15 and I'm starting to realize that either a) I'm not that smart, b) it's been so long since I messed with namespaces that I'm going about it completely wrong, or c) it's just not possible. I haven't posted 'doveconf -n' and other details, because mainly I'm just looking for 'yes, this is possible' or 'no, you're smoking crack' before posting further details. At this point, it's all maildir and moving to mdbox, while highly desirable in the future, is not possible in the near- to medium-term. I'm trying to glue a namespace underneath INBOX: namespace INBOX { type = private separator = . prefix = INBOX. # Yes, this used to be on Courier inbox = yes list = yes hidden = no subscriptions = yes location = maildir:~/Maildir } namespace archive { type = private separator = . prefix = INBOX.Archives. inbox = no list = children subscriptions = yes location = maildir:~/Maildir-Archive } I've tried putting namespace archive's 'prefix' as just "Archives", but Tbird doesn't seem to see this namespace, regardless of how much I futz with the imap settings in tbird. With the above setup, it actually seems to work correctly (provided ~/Maildir-Archive exists), though I'm sure a big gotcha is waiting in the wings. I can move messages around, create subfolders, subscribe to folders in ~/Maildir-Archive). The only thing I can't seem to get working is quotas. With my password_query like: password_query = ... CONCAT( '*:bytes=', "1M" ) AS 'userdb_quota_rule', \ CONCAT( '*:messages=10' ) AS 'userdb_quota_rule2', \ CONCAT( 'INBOX.Archives:bytes=+4900M' ) AS 'userdb_quota_rule3', \ CONCAT( 'INBOX.Archives:messages=+3900' ) AS 'userdb_quota_rule4' ... only the default quota seems to be in place for any subfolder of INBOX.Archives and for INBOX.Archives itself, i.e. *:bytes still applies to INBOX.Archives. The debug log show that: Debug: Quota root: name=User quota backend=maildir args= Debug: Quota rule: root=User quota mailbox=* bytes=1048576 messages=0 Debug: Quota rule: root=User quota mailbox=* bytes=1048576 messages=10 Debug: Quota rule: root=User quota mailbox=INBOX.Archives bytes=+5138022400 messages=0 Debug: Quota rule: root=User quota mailbox=INBOX.Archives bytes=+5138022400 messages=+3900 These are wildly stupid quotas but they're just there to test. With INBOX already at capacity (byte-wise; only set to a meg), copying large messages inside INBOX.Archives fails (only copying a 800k message but the quota should be 5gig now). Again, before I post configs, I'm just curious if what I'm trying to do isn't remotely possible, or that I'm approaching this entirely wrongly. Thanks! From piotr-l at netexpert.pl Sat Sep 24 12:00:22 2011 From: piotr-l at netexpert.pl (Piotr NetExpert) Date: Sat, 24 Sep 2011 11:00:22 +0200 Subject: [Dovecot] dsync doubts Message-ID: <4E7D9C26.6030207@netexpert.pl> Hi everyone, I want to backup mailboxes to another server. A usage information for dsync says "... ". Does it mean I need dsync installed on the other server too? Now when I try to run dsync I receive: # dsync -v -D -u abc backup ssh user at other.server dsync(username): Debug: Effective uid=123, gid=123, home=/path/abc dsync(username): Debug: maildir++: root=/path/abc, index=, control=, inbox=/path/abc dsync-local(abc): Debug: Namespace : Using permissions from /path/abc: mode=0700 gid=-1 Password: server: not found dsync-local(abc): Error: read() from worker server failed: EOF What could be wrong? How can I check what it wants to do and cannot? I cannot find more information I need in a wiki page of dsync. -- pozdrawiam Piotr Szafarczyk http://www.netexpert.pl From lennon at orcon.net.nz Sat Sep 24 12:13:10 2011 From: lennon at orcon.net.nz (Craig Whitmore) Date: Sat, 24 Sep 2011 21:13:10 +1200 Subject: [Dovecot] dsync doubts In-Reply-To: <4E7D9C26.6030207@netexpert.pl> Message-ID: http://wiki2.dovecot.org/Tools/Dsync On 24/09/11 8:00 PM, "Piotr NetExpert" wrote: >Hi everyone, > >I want to backup mailboxes to another server. A usage information for >dsync says "... ". Does it mean I need dsync >installed on the other server too? > >Now when I try to run dsync I receive: ># dsync -v -D -u abc backup ssh user at other.server >dsync(username): Debug: Effective uid=123, gid=123, home=/path/abc >dsync(username): Debug: maildir++: root=/path/abc, index=, control=, >inbox=/path/abc >dsync-local(abc): Debug: Namespace : Using permissions from /path/abc: >mode=0700 gid=-1 >Password: >server: not found >dsync-local(abc): Error: read() from worker server failed: EOF > >What could be wrong? How can I check what it wants to do and cannot? I >cannot find more information I need in a wiki page of dsync. >-- >pozdrawiam >Piotr Szafarczyk > >http://www.netexpert.pl From piotr-l at netexpert.pl Sat Sep 24 12:55:26 2011 From: piotr-l at netexpert.pl (Piotr NetExpert) Date: Sat, 24 Sep 2011 11:55:26 +0200 Subject: [Dovecot] dsync doubts In-Reply-To: References: Message-ID: <4E7DA90E.6050800@netexpert.pl> ??? I know the page. Do you mean I missed something there? What exactly? > http://wiki2.dovecot.org/Tools/Dsync > > > On 24/09/11 8:00 PM, "Piotr NetExpert" wrote: > >> Hi everyone, >> >> I want to backup mailboxes to another server. A usage information for >> dsync says "...". Does it mean I need dsync >> installed on the other server too? >> >> Now when I try to run dsync I receive: >> # dsync -v -D -u abc backup ssh user at other.server >> dsync(username): Debug: Effective uid=123, gid=123, home=/path/abc >> dsync(username): Debug: maildir++: root=/path/abc, index=, control=, >> inbox=/path/abc >> dsync-local(abc): Debug: Namespace : Using permissions from /path/abc: >> mode=0700 gid=-1 >> Password: >> server: not found >> dsync-local(abc): Error: read() from worker server failed: EOF >> >> What could be wrong? How can I check what it wants to do and cannot? I >> cannot find more information I need in a wiki page of dsync. >> -- pozdrawiam Piotr Szafarczyk http://www.netexpert.pl From dvrsn at diphi.com Fri Sep 23 23:20:58 2011 From: dvrsn at diphi.com (Jeff Rogers) Date: Fri, 23 Sep 2011 13:20:58 -0700 Subject: [Dovecot] tiny doc bug report Message-ID: <4E7CEA2A.8080100@diphi.com> First timer, I'm installing dovecot-2.0.15. I ran configure; make; sudo make install The INSTALL file then says: --- Rename configuration file: mv /usr/local/etc/dovecot-example.conf /usr/local/etc/dovecot.conf Read through, and make needed modifications. --- The example configuration file is not installed in that location. Presumably it is now installed as /usr/local/share/doc/dovecot/example-config/dovecot.conf Unless this path difference is a quirk of my local system, the INSTALL directions should be fixed to avoid confusion. Thanks, -J From dick at fouter.net Sat Sep 24 21:02:36 2011 From: dick at fouter.net (Dick Middleton) Date: Sat, 24 Sep 2011 19:02:36 +0100 Subject: [Dovecot] dsync doubts In-Reply-To: <4E7D9C26.6030207@netexpert.pl> References: <4E7D9C26.6030207@netexpert.pl> Message-ID: <4E7E1B3C.9010809@fouter.net> On 09/24/11 10:00, Piotr NetExpert wrote: > Hi everyone, > > I want to backup mailboxes to another server. A usage information for dsync > says "... ". Does it mean I need dsync installed on the > other server too? Yes Dick From dovecot-user at spambox.dk Sun Sep 25 01:23:49 2011 From: dovecot-user at spambox.dk (Henrik Larsson) Date: Sun, 25 Sep 2011 00:23:49 +0200 Subject: [Dovecot] "doveadm log reopen" don't reopen seperate lmtp log Message-ID: <4E7E5875.60508@spambox.dk> Dear all I have setup separate pop3/imap log "/var/log/dovecot" and lmtp delivery log "/var/log/dovecot-deliver". After rotating logfiles, i run "doveadm log reopen". I see that my pop3/imap log "/var/log/dovecot" is used straight away, but my lmpt log "/var/log/dovecot-deliver" isn't used at first. After some time, usually a few minutes, logs are being written to this file anyway. But if I compare this to my maillog, it misses some deliveries just after the log rotation. Is there any problems with this configuration that should be corrected? --cut-- # doveconf -n # 2.0.15: /usr/local/etc/dovecot/dovecot.conf # OS: FreeBSD 8.2-STABLE amd64 auth_mechanisms = plain login digest-md5 cram-md5 first_valid_uid = 125 hostname = mail.larsson.it listen = * log_path = /var/log/dovecot mail_plugins = fts fts_squat zlib mail_privileged_group = postfix mail_temp_dir = /var/db/dovecot managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date namespace { inbox = yes location = prefix = separator = . type = private } namespace { hidden = yes inbox = no list = no location = prefix = INBOX. separator = . type = private } passdb { args = /usr/local/etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { fts = squat fts_squat = partial=4 full=10 sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = imap pop3 lmtp sieve service auth-worker { user = $default_internal_user } service auth { unix_listener /home/mail/postfix/private/auth { group = postfix mode = 0666 user = postfix } } service lmtp { executable = lmtp -L unix_listener /home/mail/postfix/private/dovecot-lmtp { group = postfix mode = 0660 user = postfix } } ssl_cert = I'm attempting to create a virtual inbox that contains all unread messages from the user's Maildir. I created a conf file called 80-virtual.conf containing: mail_plugins = $mail_plugins virtual namespace { prefix = virtual/ separator = / location = virtual:~/Maildir/virtual } And created the /home/username/Maildir/virtual/unseen/dovecot-virtual file which contains: # ~/Maildir/virtual/unseen/dovecot-virtual * unseen However it doesn't work and the maillog file contains: dovecot: imap(username): Error: user username: Initialization failed: namespace configuration error: inbox=yes namespace missing This is with dovecot 2.0.beta6 (3156315704ef) Does anybody have any suggestions? Thanks! Terry From Lutz.Pressler at SerNet.DE Mon Sep 26 14:11:23 2011 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Mon, 26 Sep 2011 13:11:23 +0200 Subject: [Dovecot] Virtual Folder configuration problem. In-Reply-To: <20110924213056.Horde.qHIQRFeGiNBOfoRQjGNhvJA@www.cnysupport.com> References: <20110924213056.Horde.qHIQRFeGiNBOfoRQjGNhvJA@www.cnysupport.com> Message-ID: On Sa, 24 Sep 2011, Terry Carmen wrote: > I'm attempting to create a virtual inbox that contains all unread > messages from the user's Maildir. > > I created a conf file called 80-virtual.conf containing: [...] > However it doesn't work and the maillog file contains: > > dovecot: imap(username): Error: user username: Initialization failed: > namespace configuration error: inbox=yes namespace missing > Probably you forgot to follow this advise from 10-mail.conf: # REMEMBER: If you add any namespaces, the default namespace must be added # explicitly, ie. mail_location does nothing unless you have a namespace # without a location setting. Default namespace is simply done by having a # namespace with empty prefix. Lutz From udo.lembke at albertbauer.com Mon Sep 26 14:24:09 2011 From: udo.lembke at albertbauer.com (Udo Lembke) Date: Mon, 26 Sep 2011 13:24:09 +0200 Subject: [Dovecot] how to disable quota for second namespace? In-Reply-To: <4E78B30F.7020000@albertbauer.com> References: <4E78B30F.7020000@albertbauer.com> Message-ID: <4E8060D9.2010603@albertbauer.com> Am 20.09.2011 17:36, schrieb Udo Lembke: > > > Hi all, > I have a second namespace as archive, where no quota should be active > (work with type = shared). > But if I change the type to private the quota will allways count. Hi, for reference only (if someone find this post) with help in the irc-channel I got the right configuration: plugin { quota = maildir:User quota:ns= quota2 = maildir:Archiv quota:ns=archiv/%u/ } plugin { quota_rule = *:storage=500M quota_rule2 = Trash:storage=+100M quota_rule3 = Sent:storage=+50M quota_rule4 = ns=archiv/%u/:ignore } The ":ns=" do the right trick! Here the result: doveadm quota get -u test at example.com Quota name Type Value Limit % User quota STORAGE 95132 204800 46 User quota MESSAGE 6423 - 0 Archiv quota STORAGE 3290972 - 0 Archiv quota MESSAGE 136950 - 0 Udo From carloswill at gmail.com Mon Sep 26 15:43:56 2011 From: carloswill at gmail.com (Carlos Mennens) Date: Mon, 26 Sep 2011 08:43:56 -0400 Subject: [Dovecot] Subscription File Message-ID: I had a use lose 20 folders on their mail account. I was able to pull them back from a restore and dumped them all back on the server in her Maildir. The problem is she doesn't see them on her Thunderbird or Outlook client. I checked to make sure I put them back into the correct directory and I did as well as verify permissions aren't weird. I then noticed a file called 'subscriptions' in her Maildir directory. She appears to only be seeing folders that are listed in this 'subscriptions' file. My question is how do I update this file? If I delete it, will Dovecot re-generate the file with the correct subscription entries? I don't understand what to do but I'm hoping I don't have to edit the file by hand...that seems way too cumbersome. From Ralf.Hildebrandt at charite.de Mon Sep 26 15:45:44 2011 From: Ralf.Hildebrandt at charite.de (Ralf Hildebrandt) Date: Mon, 26 Sep 2011 14:45:44 +0200 Subject: [Dovecot] Subscription File In-Reply-To: References: Message-ID: <20110926124544.GN21539@charite.de> * Carlos Mennens : > I had a use lose 20 folders on their mail account. I was able to pull > them back from a restore and dumped them all back on the server in her > Maildir. The problem is she doesn't see them on her Thunderbird or > Outlook client. I checked to make sure I put them back into the > correct directory and I did as well as verify permissions aren't > weird. I then noticed a file called 'subscriptions' in her Maildir > directory. She appears to only be seeing folders that are listed in > this 'subscriptions' file. My question is how do I update this file? > If I delete it, will Dovecot re-generate the file with the correct > subscription entries? I don't understand what to do but I'm hoping I > don't have to edit the file by hand...that seems way too cumbersome. The client handles the subscriptions (and dovecot does in turn update the file) -- Ralf Hildebrandt Gesch?ftsbereich IT | Abteilung Netzwerk Charit? - Universit?tsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebrandt at charite.de | http://www.charite.de From CMarcus at Media-Brokers.com Mon Sep 26 16:38:44 2011 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Mon, 26 Sep 2011 09:38:44 -0400 Subject: [Dovecot] Virtual Folder configuration problem. In-Reply-To: <20110924213056.Horde.qHIQRFeGiNBOfoRQjGNhvJA@www.cnysupport.com> References: <20110924213056.Horde.qHIQRFeGiNBOfoRQjGNhvJA@www.cnysupport.com> Message-ID: <4E808064.9050005@Media-Brokers.com> On 2011-09-24 9:30 PM, Terry Carmen wrote: > This is with dovecot 2.0.beta6 (3156315704ef) > > Does anybody have any suggestions? Upgrade - which probably won't fix your problem, but because the version you're using is so old should be considered a requirement before asking for further help. -- Best regards, Charles From carloswill at gmail.com Mon Sep 26 17:07:35 2011 From: carloswill at gmail.com (Carlos Mennens) Date: Mon, 26 Sep 2011 10:07:35 -0400 Subject: [Dovecot] Subscription File In-Reply-To: <20110926124544.GN21539@charite.de> References: <20110926124544.GN21539@charite.de> Message-ID: On Mon, Sep 26, 2011 at 8:45 AM, Ralf Hildebrandt wrote: > The client handles the subscriptions (and dovecot does in turn update > the file) So I added some folders back to the users Maildir directory and made sure ownership on the Linux side was correct. I just can't see where in Thunderbird, the user is able to see folders in her Maildir that she's unsubscribed to and how we enable the subscription. From CMarcus at Media-Brokers.com Mon Sep 26 17:11:46 2011 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Mon, 26 Sep 2011 10:11:46 -0400 Subject: [Dovecot] Subscription File In-Reply-To: References: <20110926124544.GN21539@charite.de> Message-ID: <4E808822.4030406@Media-Brokers.com> On 2011-09-26 10:07 AM, Carlos Mennens wrote: > So I added some folders back to the users Maildir directory and made > sure ownership on the Linux side was correct. I just can't see where > in Thunderbird, the user is able to see folders in her Maildir that > she's unsubscribed to and how we enable the subscription. Right-click on any folder under the account, then click 'Subscribe'... -- Best regards, Charles From terry at cnysupport.com Mon Sep 26 17:14:28 2011 From: terry at cnysupport.com (Terry Carmen) Date: Mon, 26 Sep 2011 10:14:28 -0400 Subject: [Dovecot] Virtual Folder configuration problem. In-Reply-To: <4E808064.9050005@Media-Brokers.com> References: <20110924213056.Horde.qHIQRFeGiNBOfoRQjGNhvJA@www.cnysupport.com> <4E808064.9050005@Media-Brokers.com> Message-ID: <20110926101428.Horde.qUH2U1eGiNBOgIjErxtgghA@www.cnysupport.com> ----- Message from Charles Marcus --------- Date: Mon, 26 Sep 2011 09:38:44 -0400 From: Charles Marcus Reply-To: Dovecot Mailing List Subject: Re: [Dovecot] Virtual Folder configuration problem. To: dovecot at dovecot.org > On 2011-09-24 9:30 PM, Terry Carmen wrote: >> This is with dovecot 2.0.beta6 (3156315704ef) >> >> Does anybody have any suggestions? > > Upgrade - which probably won't fix your problem, but because the > version you're using is so old should be considered a requirement > before asking for further help. It's the version that came with Centos 6. I was keeping it to maintain compatibility with the Cendos distribution. In any case, I'll probably try an upgrade later today, because even after adding the default namespace config, the virtual folders still don't work and it suddenly began complaining about not supporting TLS. Terry From carloswill at gmail.com Mon Sep 26 17:16:34 2011 From: carloswill at gmail.com (Carlos Mennens) Date: Mon, 26 Sep 2011 10:16:34 -0400 Subject: [Dovecot] Subscription File In-Reply-To: <4E808822.4030406@Media-Brokers.com> References: <20110926124544.GN21539@charite.de> <4E808822.4030406@Media-Brokers.com> Message-ID: On Mon, Sep 26, 2011 at 10:11 AM, Charles Marcus wrote: > Right-click on any folder under the account, then click 'Subscribe'... I don't think we're on the same page here. I restored the folders off tape and moved them back into her 'Maildir' directory on the server. She doesn't see them in Webmail or Thunderbird clients because they are not listed in this 'subscribe' text file Dovecot uses to display the folders to the user. She can't right click what she can't see. The folders are sitting in her Maildir and I can see them on the server...I'm just missing how we can see or present these folders to the user so she can see / subscribe the folders. Sorry if I'm missing something here... From CMarcus at Media-Brokers.com Mon Sep 26 17:27:01 2011 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Mon, 26 Sep 2011 10:27:01 -0400 Subject: [Dovecot] Subscription File In-Reply-To: References: <20110926124544.GN21539@charite.de> <4E808822.4030406@Media-Brokers.com> Message-ID: <4E808BB5.9050902@Media-Brokers.com> On 2011-09-26 10:16 AM, Carlos Mennens wrote: > On Mon, Sep 26, 2011 at 10:11 AM, Charles Marcus > wrote: >> Right-click on any folder under the account, then click 'Subscribe'... > > I don't think we're on the same page here. I restored the folders off > tape and moved them back into her 'Maildir' directory on the server. > She doesn't see them in Webmail or Thunderbird clients because they > are not listed in this 'subscribe' text file Dovecot uses to display > the folders to the user. She can't right click what she can't see. The > folders are sitting in her Maildir and I can see them on the > server...I'm just missing how we can see or present these folders to > the user so she can see / subscribe the folders. > > Sorry if I'm missing something here... You are... as has already been told to you, the subscriptions file is accessed/manipulated by IMAP *clients - ie, Thunderbird. Do as I suggested - in Thunderbird, right-click on ANY folder that IS being displayed, click 'Subscriptions', then ENABLE the missing folders in the subscriptions list (click the little checkbox). If you don't see them there, then that would most likely be a permissions problem. -- Best regards, Charles From carloswill at gmail.com Mon Sep 26 18:00:01 2011 From: carloswill at gmail.com (Carlos Mennens) Date: Mon, 26 Sep 2011 11:00:01 -0400 Subject: [Dovecot] Subscription File In-Reply-To: <4E808BB5.9050902@Media-Brokers.com> References: <20110926124544.GN21539@charite.de> <4E808822.4030406@Media-Brokers.com> <4E808BB5.9050902@Media-Brokers.com> Message-ID: On Mon, Sep 26, 2011 at 10:27 AM, Charles Marcus wrote: > You are... as has already been told to you, the subscriptions file is > accessed/manipulated by IMAP *clients - ie, Thunderbird. > > Do as I suggested - in Thunderbird, right-click on ANY folder that IS being > displayed, click 'Subscriptions', then ENABLE the missing folders in the > subscriptions list (click the little checkbox). > > If you don't see them there, then that would most likely be a permissions > problem. Sorry Monday's are a bit slow for me. Understood and thanks! From busseniu at in.tum.de Mon Sep 26 19:56:51 2011 From: busseniu at in.tum.de (Christoph Bussenius) Date: Mon, 26 Sep 2011 18:56:51 +0200 Subject: [Dovecot] [PATCH] Bad boundary check in client_find_namespace Message-ID: <20110926165651.GA20769@informatik.tu-muenchen.de> Hi, while trying to investigate the bug I reported last week, I found that there is a broken boundary check in client_find_namespace in src/imap/imap-commands-util.c. The code is: /* make sure two hierarchy separators aren't next to each others */ for (p = storage_name+1; *p != '\0'; p++) { if (p[0] == ns->real_sep && p[-1] == ns->real_sep) { client_send_tagline(cmd, "NO Invalid mailbox name."); return NULL; } } The loop iterates over the string storage_name starting from its second byte. However, the string may be "". This is the case if you select the root of a namespace, like in "SELECT shared" or "SELECT shared/user1". In that case, the code will read past the end of the buffer from random memory until it finds a zero byte or a duplicate separator. This would fix it: diff -ru dovecot-2.0.15.orig/src/imap/imap-commands-util.c dovecot-2.0.15/src/imap/imap-commands-util.c --- dovecot-2.0.15.orig/src/imap/imap-commands-util.c 2011-08-02 12:29:37.000000000 +0200 +++ dovecot-2.0.15/src/imap/imap-commands-util.c 2011-09-26 18:33:16.121917759 +0200 @@ -81,7 +81,9 @@ } /* make sure two hierarchy separators aren't next to each others */ - for (p = storage_name+1; *p != '\0'; p++) { + for (p = storage_name; *p != '\0'; p++) { + if (p == storage_name) + continue; if (p[0] == ns->real_sep && p[-1] == ns->real_sep) { client_send_tagline(cmd, "NO Invalid mailbox name."); return NULL; Cheers, Christoph Bu?enius -- Christoph Bu?enius Rechnerbetriebsgruppe der Fakult?ten Informatik und Mathematik TU M?nchen +49 89-289-18519 <> Raum 00.05.055 <> Boltzmannstr. 3 <> Garching From moseleymark at gmail.com Mon Sep 26 20:11:45 2011 From: moseleymark at gmail.com (Mark Moseley) Date: Mon, 26 Sep 2011 10:11:45 -0700 Subject: [Dovecot] Glued-together private namespaces In-Reply-To: References: Message-ID: On Fri, Sep 23, 2011 at 3:35 PM, Mark Moseley wrote: > I've been goofing with this all day with 2.0.15 and I'm starting to > realize that either a) I'm not that smart, b) it's been so long since > I messed with namespaces that I'm going about it completely wrong, or > c) it's just not possible. I haven't posted 'doveconf -n' and other > details, because mainly I'm just looking for 'yes, this is possible' > or 'no, you're smoking crack' before posting further details. At this > point, it's all maildir and moving to mdbox, while highly desirable in > the future, is not possible in the near- to medium-term. > > I'm trying to glue a namespace underneath INBOX: > > namespace INBOX { > ? ? ? ?type = private > ? ? ? ?separator = . > ? ? ? ?prefix = INBOX. ? ?# Yes, this used to be on Courier > ? ? ? ?inbox = yes > ? ? ? ?list = yes > ? ? ? ?hidden = no > ? ? ? ?subscriptions = yes > ? ? ? ?location = maildir:~/Maildir > } > namespace archive { > ? ? ? ?type = private > ? ? ? ?separator = . > ? ? ? ?prefix = INBOX.Archives. > ? ? ? ?inbox = no > ? ? ? ?list = children > ? ? ? ?subscriptions = yes > ? ? ? ?location = maildir:~/Maildir-Archive > } > > > I've tried putting namespace archive's 'prefix' as just "Archives", > but Tbird doesn't seem to see this namespace, regardless of how much I > futz with the imap settings in tbird. > > With the above setup, it actually seems to work correctly (provided > ~/Maildir-Archive exists), though I'm sure a big gotcha is waiting in > the wings. I can move messages around, create subfolders, subscribe to > folders in ~/Maildir-Archive). The only thing I can't seem to get > working is quotas. With my password_query like: > > password_query = ... > CONCAT( '*:bytes=', "1M" ) AS 'userdb_quota_rule', \ > CONCAT( '*:messages=10' ) AS 'userdb_quota_rule2', \ > CONCAT( 'INBOX.Archives:bytes=+4900M' ) AS 'userdb_quota_rule3', \ > CONCAT( 'INBOX.Archives:messages=+3900' ) AS 'userdb_quota_rule4' > ... > > only the default quota seems to be in place for any subfolder of > INBOX.Archives and for INBOX.Archives itself, i.e. *:bytes still > applies to INBOX.Archives. The debug log show that: > > Debug: Quota root: name=User quota backend=maildir args= > Debug: Quota rule: root=User quota mailbox=* bytes=1048576 messages=0 > Debug: Quota rule: root=User quota mailbox=* bytes=1048576 messages=10 > Debug: Quota rule: root=User quota mailbox=INBOX.Archives > bytes=+5138022400 messages=0 > Debug: Quota rule: root=User quota mailbox=INBOX.Archives > bytes=+5138022400 messages=+3900 > > These are wildly stupid quotas but they're just there to test. With > INBOX already at capacity (byte-wise; only set to a meg), copying > large messages inside INBOX.Archives fails (only copying a 800k > message but the quota should be 5gig now). > > Again, before I post configs, I'm just curious if what I'm trying to > do isn't remotely possible, or that I'm approaching this entirely > wrongly. Thanks! > Thanks to a fortuitously unrelated thread ("how to disable quota for second namespace"), I got the quota part figured out and that seems to be working: Add a second entry to plugin {}, e.g. "quota2 = maildir:Archive quota:ns=INBOX.Archives." and add rules for userdb_quota2_rule, userdb_quota2_rule2, etc. My real question now is: Are there any fatal gotchas in this that I'm just not thinking of? From nerijus.kislauskas at ktu.lt Tue Sep 27 15:56:10 2011 From: nerijus.kislauskas at ktu.lt (Nerijus Kislauskas) Date: Tue, 27 Sep 2011 15:56:10 +0300 Subject: [Dovecot] deliver agent and index/control files Message-ID: <4E81C7EA.6040502@ktu.lt> Hi Timo and others, We use Dovecot in Kaunas University of Technology in Lithuania. For now our LDA is Postfix and POP/IMAP server is Dovecot. We would like to implement dovecot deliver as LDA. Everything is ok exept one small thing: deliver is creating dovecot.index.log in wrong place In dovecot config files we have: ... mail_location = maildir:/var/mail/%Ln:INDEX=/var/indexes/%Ln:CONTROL=/var/indexes/%Ln ... As you can see, mail and index/control files are in different partitions. and deliver log: deliver(nerijus.kislauskas at ktu.lt): maildir: data=/var/mail/nerkisl deliver(nerijus.kislauskas at ktu.lt): maildir++: root=/var/mail/nerkisl, index=, control=, inbox=/var/mail/nerkisl That is why dovecot.index.log is created in /var/mail/nerkisl, and not in /var/indexes/nerkisl. How can we fix this? -- Sincerely, Nerijus Kislauskas KTU ITPI, LitNET NOC Studentu g. 48a - 101, Kaunas tel.: (8~37) 30 06 45 mob. tel.: 8-614-93889 e-mail.: nerijus.kislauskas at ktu.lt From nerijus.kislauskas at ktu.lt Tue Sep 27 16:11:04 2011 From: nerijus.kislauskas at ktu.lt (Nerijus Kislauskas) Date: Tue, 27 Sep 2011 16:11:04 +0300 Subject: [Dovecot] deliver agent and index/control files In-Reply-To: <4E81C7EA.6040502@ktu.lt> References: <4E81C7EA.6040502@ktu.lt> Message-ID: <4E81CB68.4040606@ktu.lt> On 09/27/2011 03:56 PM, Nerijus Kislauskas wrote: > How can we fix this? Sorry for your disturbance. LDAP replication issue. Everything is working fine. Thanks for your great job. -- Pagarbiai, Nerijus Kislauskas KTU ITPI, Litnet valdymo centras Studentu g. 48a - 101, Kaunas tel.: (8~37) 30 06 45 mob. tel.: 8-614-93889 e-mail.: nerijus.kislauskas at ktu.lt From andreas at kado-web.de Tue Sep 27 17:32:20 2011 From: andreas at kado-web.de (Andreas Cieslak) Date: Tue, 27 Sep 2011 16:32:20 +0200 Subject: [Dovecot] Create userdir on dovecot login --- solved Message-ID: <0MGXWy-1RLm6d3cJM-00DXml@mrelayeu.kundenserver.de> Sorted out the problem, which was already solved in an older forum post of dovecot. In the file /usr/local/etc/dovecot/conf.d/auth-system.conf.ext I set Passdb { Driver = pam args = session=yes dovecot } Unfortunately this didn?t work because when I log in with a user xy, the user dovecot became the owner of the userdir. When I modified the file /usr/local/etc/dovecot/conf.d/auth-system.conf.ext like this: Passdb { Driver = pam # args = session=yes dovecot } And gave anyone (for testing) the permission to write to home. That worked! At least put the ldap-users in a group and gave that group writing permissions to home. Finished! -----Urspr?ngliche Nachricht----- Von: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] Im Auftrag von Andreas Cieslak Gesendet: Donnerstag, 22. September 2011 15:41 An: dovecot at dovecot.org Betreff: [Dovecot] Create userdir on dovecot login Hi List, I am trying to set up automated userdir-creation on login via squirrelmail or email-client with a dovecot backend. The users are first imported on an openldap directory on the same server as the dovecot runs on. Authentication on the dovecot mail system via pam_ldap works properly. Tried already to integrate some advices from the dovecot wiki like Passdb { Driver = pam args = session=yes dovecot } But the homedir creation works only when the user logs onto the machine. When I try to log in via Squirrel on the dovecot no homedir is created and there is following message in the logs: auth: Error: pam(cieslak,193.175.157.121): pam_open_session() failed: Permission denied I think its something about the user rights, but dont really know where to search for the needle Here is the config of my environment root at server:/home# dovecot -n # 2.0.13: /usr/local/etc/dovecot/dovecot.conf # OS: Linux 2.6.32-5-686 i686 Debian 6.0.2 auth_debug = yes auth_mechanisms = login plain auth_verbose = yes first_valid_uid = 1000 hostname = server info_log_path = /var/log/dovecot-info last_valid_uid = 10000 listen = * log_path = /var/log/dovecot mail_access_groups = mail mail_debug = yes mail_full_filesystem_access = yes mail_location = maildir:~/Maildir mbox_write_locks = fcntl passdb { args = session=yes dovecot driver = pam } postmaster_address = mailaddress service auth-worker { group = shadow user = $default_internal_user } service auth { user = $default_internal_user } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } process_min_avail = 0 service_count = 0 vsz_limit = 256 M } service lmtp { unix_listener lmtp { mode = 0666 } } service pop3-login { inet_listener pop3s { port = 995 ssl = yes } } ssl_ca = Hello, I'm moving my mail server from Exchange to an opensource one. After a bunch of reading, I decided on building a Dovecot2 + Postfix server in a VirtualUsers-only + Multiple-domains configuration. Since my messages will be stored by Dovecot, and the documentation is really good, I figured that it's smartest to configure Dovecot, then make Postfix 'fit' to it, sharing the data files that way. I read through lots of the Dovecot wiki for v2. There are many ways for storing the database data. My goal is to only have data in one instances, used by both Postfix & Dovecot. I'm a little confused about: to do that sharing-in-one-place, do I have to use SQL or can I use the flatfiles like passwd-db? I think for sure someone already decided the best approach for this, and maybe I'm not understanding the logic to it. The data I think I need to share are: users (user at domain.com) passwords user aliases (mapping user2 at domain.com -> user1 at domain.com) domains domain aliases (domain.com also receives email for domain2.com) And I think all of this can be in passwd-db in Dovecot. But I also want to make sure that Postfix ONLY accepts email for users/domains that exist, so it has to read that data too. Can I do this that way with the flatfiles? Or do I have to use the SQL approach? TJ From tom at whyscream.net Tue Sep 27 20:29:25 2011 From: tom at whyscream.net (Tom Hendrikx) Date: Tue, 27 Sep 2011 19:29:25 +0200 Subject: [Dovecot] What best decision to make for flatfiles or SQL when I use Dovecot2 + Postfix together? In-Reply-To: <1317138678.29156.140258148311993@webmail.messagingengine.com> References: <1317138678.29156.140258148311993@webmail.messagingengine.com> Message-ID: <4E8207F5.2070105@whyscream.net> On 27/09/11 17:51, terryjames9461 at mm.st wrote: > Hello, > > I'm moving my mail server from Exchange to an opensource one. > > After a bunch of reading, I decided on building a Dovecot2 + Postfix > server in a VirtualUsers-only + Multiple-domains configuration. > > Since my messages will be stored by Dovecot, and the documentation is > really good, I figured that it's smartest to configure Dovecot, then > make Postfix 'fit' to it, sharing the data files that way. > > I read through lots of the Dovecot wiki for v2. > > There are many ways for storing the database data. My goal is to only > have data in one instances, used by both Postfix & Dovecot. > > I'm a little confused about: to do that sharing-in-one-place, do I have > to use SQL or can I use the flatfiles like passwd-db? I think for sure > someone already decided the best approach for this, and maybe I'm not > understanding the logic to it. > > The data I think I need to share are: > > users (user at domain.com) > passwords > user aliases (mapping user2 at domain.com -> user1 at domain.com) > domains > domain aliases (domain.com also receives email for domain2.com) > > And I think all of this can be in passwd-db in Dovecot. But I also want > to make sure that Postfix ONLY accepts email for users/domains that > exist, so it has to read that data too. > > Can I do this that way with the flatfiles? Or do I have to use the SQL > approach? > The problem with passwd(like) files is that they are almost never in the correct format to fit both daemons. The easiest way to use a database. You could check out postfixadmin: it contains the database format you need, the documentation to hook postfix and dovecot into it, and a nice web gui for administrating the list of domains, aliases, mailboxes, passwords, etc etc. -- Tom From lists at wildgooses.com Tue Sep 27 21:06:22 2011 From: lists at wildgooses.com (Ed W) Date: Tue, 27 Sep 2011 19:06:22 +0100 Subject: [Dovecot] outlook 2007 very slow. In-Reply-To: References: <4E77CA5A.6010506@tlinx.org> Message-ID: <4E82109E.2000600@wildgooses.com> On 20/09/2011 03:10, Kui Zhang wrote: > thunderbird does not really work for us, due to amount of emails per > mailbox. It was hogging all the memory + cpu. I think if you disable the new local indexing features in TB then it should start running fairly decently? I don't have mega large inboxes, but basically no real concerns with my normal inboxes which are around the 44K level at the largest and the remainder around 10K-15K Obviously it's a whole new problem to push out company wide configuration with the local indexing/download stuff disabled, but I think there is some ability to do this in newer versions? Good luck Ed W From CMarcus at Media-Brokers.com Tue Sep 27 21:21:06 2011 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Tue, 27 Sep 2011 14:21:06 -0400 Subject: [Dovecot] outlook 2007 very slow. In-Reply-To: <4E82109E.2000600@wildgooses.com> References: <4E77CA5A.6010506@tlinx.org> <4E82109E.2000600@wildgooses.com> Message-ID: <4E821412.2040801@Media-Brokers.com> On 2011-09-27 2:06 PM, Ed W wrote: > On 20/09/2011 03:10, Kui Zhang wrote: >> thunderbird does not really work for us, due to amount of emails per >> mailbox. It was hogging all the memory + cpu. > I think if you disable the new local indexing features in TB then it > should start running fairly decently? Also - Outlook is by far much slower than Thunderbird in my experience... -- Best regards, Charles From user+dovecot at localhost.localdomain.org Tue Sep 27 22:46:02 2011 From: user+dovecot at localhost.localdomain.org (Pascal Volk) Date: Tue, 27 Sep 2011 21:46:02 +0200 Subject: [Dovecot] Missing man page for doveadm move In-Reply-To: <4E7B5389.7050907@directi.com> References: <4E7B5389.7050907@directi.com> Message-ID: <4E8227FA.8030608@localhost.localdomain.org> On 09/22/2011 05:26 PM Jeetu wrote: > Hi, > > i cant see man pages for doveadm-move, though the command "doveadm move > ..." works on new version of dovecot. There is the manual page: http://hg.dovecot.org/dovecot-2.0/rev/c194c76b98ff also available in the wiki: http://wiki2.dovecot.org/Tools/Doveadm/Move Regards, Pascal -- The trapper recommends today: c01dcafe.1127021 at localdomain.org From nick+dovecot at bunbun.be Tue Sep 27 22:47:29 2011 From: nick+dovecot at bunbun.be (Nick Rosier) Date: Tue, 27 Sep 2011 21:47:29 +0200 Subject: [Dovecot] What best decision to make for flatfiles or SQL when I use Dovecot2 + Postfix together? In-Reply-To: <4E8207F5.2070105@whyscream.net> References: <1317138678.29156.140258148311993@webmail.messagingengine.com> <4E8207F5.2070105@whyscream.net> Message-ID: <4E822851.1030000@bunbun.be> Tom Hendrikx wrote: > On 27/09/11 17:51, terryjames9461 at mm.st wrote: >> Hello, >> >> I'm moving my mail server from Exchange to an opensource one. >> >> After a bunch of reading, I decided on building a Dovecot2 + Postfix >> server in a VirtualUsers-only + Multiple-domains configuration. >> >> Since my messages will be stored by Dovecot, and the documentation is >> really good, I figured that it's smartest to configure Dovecot, then >> make Postfix 'fit' to it, sharing the data files that way. >> >> I read through lots of the Dovecot wiki for v2. >> >> There are many ways for storing the database data. My goal is to only >> have data in one instances, used by both Postfix& Dovecot. >> >> I'm a little confused about: to do that sharing-in-one-place, do I have >> to use SQL or can I use the flatfiles like passwd-db? I think for sure >> someone already decided the best approach for this, and maybe I'm not >> understanding the logic to it. >> >> The data I think I need to share are: >> >> users (user at domain.com) >> passwords >> user aliases (mapping user2 at domain.com -> user1 at domain.com) >> domains >> domain aliases (domain.com also receives email for domain2.com) >> >> And I think all of this can be in passwd-db in Dovecot. But I also want >> to make sure that Postfix ONLY accepts email for users/domains that >> exist, so it has to read that data too. >> >> Can I do this that way with the flatfiles? Or do I have to use the SQL >> approach? >> > > The problem with passwd(like) files is that they are almost never in the > correct format to fit both daemons. The easiest way to use a database. > > You could check out postfixadmin: it contains the database format you > need, the documentation to hook postfix and dovecot into it, and a nice > web gui for administrating the list of domains, aliases, mailboxes, > passwords, etc etc. +1 one on PostfixAdmin. Wouldn't want to live without it. The main advantage of using a DB is that all information is stored in 1 location and available in the right format through SQL-queries. My 1st config used flat-files and the biggest issue was keeping the different files in sync (i.e. when creating/deleting users making sure to update all the necessary files). My main concern was losing mails if the DB is unavailable but this isn't a problem; if the DB is unavailable Postfix will return a temporarily unavailable and the MTA should retry. Rgds, N. From voytek at sbt.net.au Tue Sep 27 23:27:06 2011 From: voytek at sbt.net.au (Voytek) Date: Wed, 28 Sep 2011 07:27:06 +1100 Subject: [Dovecot] What best decision to make for flatfiles or SQL when I use Dovecot2 + Postfix together? In-Reply-To: <1317138678.29156.140258148311993@webmail.messagingengine.com> References: <1317138678.29156.140258148311993@webmail.messagingengine.com> Message-ID: On Wed, September 28, 2011 2:51 am, terryjames9461 at mm.st wrote: > I'm a little confused about: to do that sharing-in-one-place, do I have > to use SQL or can I use the flatfiles like passwd-db? I think for sure > someone already decided the best approach for this, and maybe I'm not > understanding the logic to it. personally, I'd suggest SQL, that's what I use, used it with CourierIMAP/Postfix, now, with Dovecot/Postfix, it works well, I also use Postfix.admin, for, well, admin Voytek From voytek at sbt.net.au Tue Sep 27 23:32:31 2011 From: voytek at sbt.net.au (Voytek) Date: Wed, 28 Sep 2011 07:32:31 +1100 Subject: [Dovecot] What best decision to make for flatfiles or SQL when I use Dovecot2 + Postfix together? In-Reply-To: <4E822851.1030000@bunbun.be> References: <1317138678.29156.140258148311993@webmail.messagingengine.com> <4E8207F5.2070105@whyscream.net> <4E822851.1030000@bunbun.be> Message-ID: On Wed, September 28, 2011 6:47 am, Nick Rosier wrote: > My main concern was losing mails if the DB is unavailable but this isn't > a problem; if the DB is unavailable Postfix will return a temporarily > unavailable and the MTA should retry. yes, that was also my biggest concern when I 1st looked at the issue, after several years of usage, it still remain my biggest concern luckily, it's just a concern, never caused a problem, and, mail will queue up if there are issues From kuizhang at gmail.com Wed Sep 28 00:50:39 2011 From: kuizhang at gmail.com (Kui Zhang) Date: Tue, 27 Sep 2011 14:50:39 -0700 Subject: [Dovecot] outlook 2007 very slow. In-Reply-To: <4E821412.2040801@Media-Brokers.com> References: <4E77CA5A.6010506@tlinx.org> <4E82109E.2000600@wildgooses.com> <4E821412.2040801@Media-Brokers.com> Message-ID: > I think if you disable the new local indexing features in TB then it > should start running fairly decently? I had indexing disabled... that did not help much. TB work better after I have these settings... mail.imap.expunge_after_delete true mail.imap.expunge_option 2 mail.server.default.autosync_offline_stores false mail.server.default.offline_download false mail.server.default.autosync_max_age_days 14 I think mail.imap.expunge_after_delete might have caused mdbox limit problem I had before... but not confirmed. > > Also - Outlook is by far much slower than Thunderbird in my experience... > Multiple people in the office report outlook is faster (when it works). KuiZ On Tue, Sep 27, 2011 at 11:21 AM, Charles Marcus wrote: > On 2011-09-27 2:06 PM, Ed W wrote: >> >> On 20/09/2011 03:10, Kui Zhang wrote: >>> >>> thunderbird does not really work for us, due to amount of emails per >>> mailbox. It was hogging all the memory + cpu. > >> I think if you disable the new local indexing features in TB then it >> should start running fairly decently? > > Also - Outlook is by far much slower than Thunderbird in my experience... > > -- > > Best regards, > > Charles > From terryjames9461 at mm.st Wed Sep 28 01:00:29 2011 From: terryjames9461 at mm.st (terryjames9461 at mm.st) Date: Tue, 27 Sep 2011 15:00:29 -0700 Subject: [Dovecot] What best decision to make for flatfiles or SQL when I use Dovecot2 + Postfix together? In-Reply-To: <4E8207F5.2070105@whyscream.net> References: <1317138678.29156.140258148311993@webmail.messagingengine.com> <4E8207F5.2070105@whyscream.net> Message-ID: <1317160829.10644.140258148445373@webmail.messagingengine.com> Hello Tom, On Tuesday, September 27, 2011 7:29 PM, "Tom Hendrikx" wrote: > The problem with passwd(like) files is that they are almost never in the > correct format to fit both daemons. The easiest way to use a database. I don't yet see using a database easier than flatfiles. I understand that the one-instance data is done well in a database. But also I found this page at the Dovecot wiki, http://wiki2.dovecot.org/HowTo/VirtualUserFlatFilesPostfix. I keep rereading it and I think that it tells me that I can do this with flatfiles only. I think its this section, http://wiki2.dovecot.org/HowTo/VirtualUserFlatFilesPostfix#Master_Configuration, that tells how to share data with Postfix. Except there's also LMTP which I haven't figured out how to do it yet. For only 3 domains and 30 users its silly to have to run a mysql database. But who knows yet if I an reading this right, and if sharing flatfiles are possible? Its confusing to read and understand. TJ From patrickdk at patrickdk.com Wed Sep 28 01:02:13 2011 From: patrickdk at patrickdk.com (Patrick Domack) Date: Tue, 27 Sep 2011 18:02:13 -0400 Subject: [Dovecot] What best decision to make for flatfiles or SQL when I use Dovecot2 + Postfix together? In-Reply-To: References: <1317138678.29156.140258148311993@webmail.messagingengine.com> <4E8207F5.2070105@whyscream.net> <4E822851.1030000@bunbun.be> Message-ID: <20110927180213.Horde.ayLBaZLnE6FOgkflBICBR6A@kishi.patrickdk.com> For my personal email, I have a habit of having the sql server down for one reason or another. I just dump the sql tables to flatfiles on the email server, and a script runs every 15min and checks for updates if any exist. Works well. Another method would be to just keep it sql, but dump the mysql tables into sqlite tables that postfix/dovecot use. Quoting Voytek : > On Wed, September 28, 2011 6:47 am, Nick Rosier wrote: > >> My main concern was losing mails if the DB is unavailable but this isn't >> a problem; if the DB is unavailable Postfix will return a temporarily >> unavailable and the MTA should retry. > > yes, that was also my biggest concern when I 1st looked at the issue, > after several years of usage, it still remain my biggest concern > > luckily, it's just a concern, never caused a problem, and, mail will queue > up if there are issues From patrickdk at patrickdk.com Wed Sep 28 01:06:32 2011 From: patrickdk at patrickdk.com (Patrick Domack) Date: Tue, 27 Sep 2011 18:06:32 -0400 Subject: [Dovecot] What best decision to make for flatfiles or SQL when I use Dovecot2 + Postfix together? In-Reply-To: <1317160829.10644.140258148445373@webmail.messagingengine.com> References: <1317138678.29156.140258148311993@webmail.messagingengine.com> <4E8207F5.2070105@whyscream.net> <1317160829.10644.140258148445373@webmail.messagingengine.com> Message-ID: <20110927180632.Horde.jPUpZZLnE6FOgkjoSa5RRHA@kishi.patrickdk.com> Well, the info dovecot needs, it mailbox name/location, username, password, and quota, misc info. postfix will need email address to mailbox name mapping info. That is the very basic things you need. Using dovecot lda/lmtp you remove all postfix needs to know mailbox name to directory mapping, that would be duplicated. Quoting terryjames9461 at mm.st: > Hello Tom, > > On Tuesday, September 27, 2011 7:29 PM, "Tom Hendrikx" > wrote: >> The problem with passwd(like) files is that they are almost never in the >> correct format to fit both daemons. The easiest way to use a database. > > I don't yet see using a database easier than flatfiles. I understand > that the one-instance data is done well in a database. > > But also I found this page at the Dovecot wiki, > http://wiki2.dovecot.org/HowTo/VirtualUserFlatFilesPostfix. I keep > rereading it and I think that it tells me that I can do this with > flatfiles only. > > I think its this section, > http://wiki2.dovecot.org/HowTo/VirtualUserFlatFilesPostfix#Master_Configuration, > that tells how to share data with Postfix. Except there's also LMTP > which I haven't figured out how to do it yet. > > For only 3 domains and 30 users its silly to have to run a mysql > database. But who knows yet if I an reading this right, and if sharing > flatfiles are possible? Its confusing to read and understand. > > TJ From terryjames9461 at mm.st Wed Sep 28 01:08:14 2011 From: terryjames9461 at mm.st (terryjames9461 at mm.st) Date: Tue, 27 Sep 2011 15:08:14 -0700 Subject: [Dovecot] What best decision to make for flatfiles or SQL when I use Dovecot2 + Postfix together? In-Reply-To: <4E822851.1030000@bunbun.be> References: <1317138678.29156.140258148311993@webmail.messagingengine.com><4E8207F5.2070105@whyscream.net> <4E822851.1030000@bunbun.be> Message-ID: <1317161294.12320.140258148448633@webmail.messagingengine.com> Hello Nick, On Tuesday, September 27, 2011 9:47 PM, "Nick Rosier" wrote: > +1 one on PostfixAdmin. Wouldn't want to live without it. The main > advantage of using a DB is that all information is stored in 1 location > and available in the right format through SQL-queries. My 1st config > used flat-files and the biggest issue was keeping the different files in > sync (i.e. when creating/deleting users making sure to update all the > necessary files). Did you try that system with flatfiles in Dovecot v2 or v1? I think that this instructed possibility, http://wiki2.dovecot.org/HowTo/VirtualUserFlatFilesPostfix, is only for v2? Its that sync of the different files that I hope to avoid. If I can with flatfiles, all the better. If not then maybe I will have to use SQL. And then the Postfix Admin looks interesting. TJ From terryjames9461 at mm.st Wed Sep 28 01:14:12 2011 From: terryjames9461 at mm.st (terryjames9461 at mm.st) Date: Tue, 27 Sep 2011 15:14:12 -0700 Subject: [Dovecot] What best decision to make for flatfiles or SQL when I use Dovecot2 + Postfix together? In-Reply-To: <20110927180632.Horde.jPUpZZLnE6FOgkjoSa5RRHA@kishi.patrickdk.com> References: <1317138678.29156.140258148311993@webmail.messagingengine.com><4E8207F5.2070105@whyscream.net><1317160829.10644.140258148445373@webmail.messagingengine.com> <20110927180632.Horde.jPUpZZLnE6FOgkjoSa5RRHA@kishi.patrickdk.com> Message-ID: <1317161652.13631.140258148451673@webmail.messagingengine.com> Hello Patrick, On Tuesday, September 27, 2011 6:06 PM, "Patrick Domack" wrote: > Using dovecot lda/lmtp you remove all postfix needs to know mailbox > name to directory mapping, that would be duplicated. With using the Dovecot lmtp option, where does Postfix know to refuse email for a non-existing user or domain? That also has to be shared? I am trying to draw a picture in my head of all the data pieces. Are you saying that when using lmtp the data for Postfix and the data for Dovecot/LMTP do not overlap anymore? Each can have its own flatfiles? TJ From tgoguen at ilap.com Wed Sep 28 01:18:45 2011 From: tgoguen at ilap.com (Tristan Goguen) Date: Tue, 27 Sep 2011 18:18:45 -0400 Subject: [Dovecot] Duplicates when switching from Qpopper to Dovecot pop3 In-Reply-To: References: Message-ID: <2106AB5E-F6ED-431B-8E7B-97D82EC47131@ilap.com> Hi All, Problems can sometimes be solved by _carefully_ reading the documentation: Some clients re-download all mails if you change the hostname in the client configuration. Be aware of this when testing. We converted without a hitch this morning. Thank you for great software. Tristan Tristan Goguen CEO, ILAP? T: 416-250-5600 ext. 205 F: 416-250-6755 tgoguen at ilap.com www.ilap.com On Sep 22, 2011, at 1:01 PM, Tristan Goguen wrote: > > Hi All, > Our test users re-download the mail they've left on the server when they switch from Qpopper to Dovecot. Qpopper includes the X-UIDL header - X-UIDL: X8V"!E)<"!58?"!"9C"! - on read messages. Any suggestions are appreciated. I've included my dovecot configuration. > > Thank you, > Tristan > > --- > Tristan > > Tristan Goguen > CEO, ILAP? > T: 416-250-5600 ext. 205 > F: 416-250-6755 > tgoguen at ilap.com > www.ilap.com > > --- > > # 2.0.14: /etc/dovecot.conf > # OS: SunOS 5.10 sun4v > auth_cache_size = 1048575 B > auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.+-_@ > auth_username_format = %Ln > auth_verbose = yes > base_dir = /usr/local/var/run/dovecot/ > disable_plaintext_auth = no > first_valid_uid = 100 > log_path = /var/log/dovecot.log > login_greeting = > mail_access_groups = mail > mail_fsync = never > mail_location = mbox:~/mail:INBOX=/var/mail/%1u/%1.1u/%u > mbox_dotlock_change_timeout = 1 mins > mbox_min_index_size = 1 B > mbox_read_locks = dotlock > mbox_write_locks = dotlock > mmap_disable = yes > passdb { > driver = shadow > } > protocols = pop3 > service pop3-login { > client_limit = 10 > inet_listener pop3 { > address = 216.223.136.7 > port = 110 > } > process_limit = 128 > process_min_avail = 5 > service_count = 0 > vsz_limit = 512 M > } > shutdown_clients = no > ssl = no > userdb { > args = blocking=yes > driver = passwd > } > protocol pop3 { > pop3_client_workarounds = outlook-no-nuls oe-ns-eoh > pop3_enable_last = yes > pop3_lock_session = yes > pop3_reuse_xuidl = yes > pop3_save_uidl = yes > } > > From dovecot.user at seibercom.net Wed Sep 28 01:42:09 2011 From: dovecot.user at seibercom.net (Jerry) Date: Tue, 27 Sep 2011 18:42:09 -0400 Subject: [Dovecot] outlook 2007 very slow. In-Reply-To: References: <4E77CA5A.6010506@tlinx.org> <4E82109E.2000600@wildgooses.com> <4E821412.2040801@Media-Brokers.com> Message-ID: <20110927184209.504e9c90@scorpio> On Tue, 27 Sep 2011 14:50:39 -0700 Kui Zhang articulated: > On Tue, Sep 27, 2011 at 11:21 AM, Charles Marcus > wrote: > > On 2011-09-27 2:06 PM, Ed W wrote: > >> > >> On 20/09/2011 03:10, Kui Zhang wrote: > >>> > >>> thunderbird does not really work for us, due to amount of emails > >>> per mailbox. It was hogging all the memory + cpu. > > > >> I think if you disable the new local indexing features in TB then > >> it should start running fairly decently? > > > > Also - Outlook is by far much slower than Thunderbird in my > > experience... > > > > I think if you disable the new local indexing features in TB then it > > should start running fairly decently? > > I had indexing disabled... that did not help much. > > TB work better after I have these settings... > > mail.imap.expunge_after_delete true > mail.imap.expunge_option 2 > mail.server.default.autosync_offline_stores false > mail.server.default.offline_download false > mail.server.default.autosync_max_age_days 14 > > I think mail.imap.expunge_after_delete might have caused mdbox limit > problem I had before... but not confirmed. > > > > > > Also - Outlook is by far much slower than Thunderbird in my > > experience... > > > > Multiple people in the office report outlook is faster (when it > works). I have always found Outlook to be much faster than TB. In any case, Outlook 2007 is an old version. I am using the 2010 version at work and it is a much more polished application than the 2010 version and far superior to TB. -- Jerry ? Dovecot.user at seibercom.net Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __________________________________________________________________ From patrickdk at patrickdk.com Wed Sep 28 04:41:37 2011 From: patrickdk at patrickdk.com (Patrick Domack) Date: Tue, 27 Sep 2011 21:41:37 -0400 Subject: [Dovecot] What best decision to make for flatfiles or SQL when I use Dovecot2 + Postfix together? In-Reply-To: <1317161652.13631.140258148451673@webmail.messagingengine.com> References: <1317138678.29156.140258148311993@webmail.messagingengine.com><4E8207F5.2070105@whyscream.net><1317160829.10644.140258148445373@webmail.messagingengine.com> <20110927180632.Horde.jPUpZZLnE6FOgkjoSa5RRHA@kishi.patrickdk.com> <1317161652.13631.140258148451673@webmail.messagingengine.com> Message-ID: <20110927214137.Horde.Bx9rKpLnE6FOgntRdGVQihA@kishi.patrickdk.com> Depends on how you think about it. If you forget about email addresses. Dovecot works on mailbox's, and it maps a mailbox to a path, username, and password. In postfix, it only cares about email addresses (if you use dovecot for delivery, if not then postfix also has to care about the mailbox location). In this case you just tell postfix the email addresses that are valid, and what mailbox they go to. So normally most users would just have a 1 to 1 mapping in postfix, email -> email, as their email address will be the same as their mailbox. But then you might have extra, like, sales at x -> user at x All depends on how flexable or simple you want it later. You could just manage two flatfiles. Or you could have it create the 1 to 1 mapping automatically with a script, and just do the extra mappings seperate. Or do the whole thing in sql, and use like postfixadmin to manage it all. Or even use postfixadmin, and have a script pull the results into flatfiles that it uses. It all depends on how much time and energy you want to spend in setting it up, vs the flexibility you in vision you need later. I do it 3 different ways, on different systems, one is just sql fully, nothing interesting. My personal email is sql, but dumped to local flatfiles. And another system I pull the info from windows AD. Quoting terryjames9461 at mm.st: > Hello Patrick, > > On Tuesday, September 27, 2011 6:06 PM, "Patrick Domack" > wrote: >> Using dovecot lda/lmtp you remove all postfix needs to know mailbox >> name to directory mapping, that would be duplicated. > > With using the Dovecot lmtp option, where does Postfix know to refuse > email for a non-existing user or domain? That also has to be shared? > > I am trying to draw a picture in my head of all the data pieces. Are > you saying that when using lmtp the data for Postfix and the data for > Dovecot/LMTP do not overlap anymore? Each can have its own flatfiles? > > > TJ From terry at cnysupport.com Wed Sep 28 06:41:31 2011 From: terry at cnysupport.com (Terry Carmen) Date: Tue, 27 Sep 2011 23:41:31 -0400 Subject: [Dovecot] Virtual Folder configuration problem. In-Reply-To: <4E808064.9050005@Media-Brokers.com> References: <20110924213056.Horde.qHIQRFeGiNBOfoRQjGNhvJA@www.cnysupport.com> <4E808064.9050005@Media-Brokers.com> Message-ID: <20110927234131.Horde.q0raU1eGiNBOgpdraHYkUUA@www.cnysupport.com> >> Does anybody have any suggestions? > > Upgrade - which probably won't fix your problem, but because the > version you're using is so old should be considered a requirement > before asking for further help. OK, I upgraded to the current version of Dovecot, which didn't actually fix anything. However I spent pretty much an entire day experimenting and reading docs from all over the net, I came up with something that more-or-less works, although it still behaves a touch strangely. I added the following code: dovecot.conf: mail_plugins = $mail_plugins virtual namespace { list = yes type = private prefix = virtual-folders. separator = . location = virtual:~/Maildir/virtual-folders } 10-mail.conf: namespace { separator = . prefix = inbox = yes } 10-lda.conf mail_plugins = $mail_plugins sieve virtual 20-imap.conf mail_plugins = $mail_plugins virtual The directory virtual-folders appears inside the ~/Maildir folder and contains the file dovecot-virtual, which contains: # ~/Maildir/dovecot-virtual INBOX INBOX.Folder1 INBOX.Folder1.* INBOX.Folder2 INBOX.Folder2.* unseen This actually works, although the subscription to the virtual folder vanishes with each logout, and need to be re-subscribed with each login. Also, the virtual folder appears as "virtual-folder" in the client, at the same level as INBOX. I'd like to make move it under INBOX and place other virtual folders inside it, but haven't been able to find the right configuration. I would appreciate any hints on where to look to make the subscription permanent and to make a folder structure containing virtual-folder sub-nodes for various search criteria. Any assistance is appreciated. Thanks! Terry From stan at hardwarefreak.com Wed Sep 28 08:42:15 2011 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Wed, 28 Sep 2011 00:42:15 -0500 Subject: [Dovecot] outlook 2007 very slow. In-Reply-To: References: <4E77CA5A.6010506@tlinx.org> <4E82109E.2000600@wildgooses.com> <4E821412.2040801@Media-Brokers.com> Message-ID: <4E82B3B7.2020301@hardwarefreak.com> On 9/27/2011 4:50 PM, Kui Zhang wrote: >> I think if you disable the new local indexing features in TB then it >> should start running fairly decently? > > I had indexing disabled... that did not help much. > > TB work better after I have these settings... > > mail.imap.expunge_after_delete true > mail.imap.expunge_option 2 > mail.server.default.autosync_offline_stores false > mail.server.default.offline_download false > mail.server.default.autosync_max_age_days 14 > > I think mail.imap.expunge_after_delete might have caused mdbox limit > problem I had before... but not confirmed. What, exactly, was the nature of the performance problem you originally mentioned to start this thread, the mailbox with the thousands of sub folders? With GLODA and local synchronization disabled, using 1 IMAP connection instead of the default 5, disabling IDLE and using check interval seconds, and using the default: mail.server.default.check_all_folders_for_new FALSE then you should have excellent performance with TB regardless of the number of folders in a mailbox. Unless maybe the hardware or net pipe are lacking. What are the specs of the client machine in question? What CPU/freq. Maybe more importantly, what is the link speed of the network between this PC and the Dovecot server? LAN or WAN? -- Stan From terryjames9461 at mm.st Wed Sep 28 09:08:03 2011 From: terryjames9461 at mm.st (terryjames9461 at mm.st) Date: Tue, 27 Sep 2011 23:08:03 -0700 Subject: [Dovecot] What best decision to make for flatfiles or SQL when I use Dovecot2 + Postfix together? In-Reply-To: <20110927214137.Horde.Bx9rKpLnE6FOgntRdGVQihA@kishi.patrickdk.com> References: <1317138678.29156.140258148311993@webmail.messagingengine.com><4E8207F5.2070105@whyscream.net><1317160829.10644.140258148445373@webmail.messagingengine.com><20110927180632.Horde.jPUpZZLnE6FOgkjoSa5RRHA@kishi.patrickdk.com><1317161652.13631.140258148451673@webmail.messagingengine.com> <20110927214137.Horde.Bx9rKpLnE6FOgntRdGVQihA@kishi.patrickdk.com> Message-ID: <1317190083.25639.140258148566589@webmail.messagingengine.com> Hello Patrick, On Tuesday, September 27, 2011 9:41 PM, "Patrick Domack" wrote: > It all depends on how much time and energy you want to spend in > setting it up, vs the flexibility you in vision you need later. This is the intersection of the decision. I still am no sure if that simple flatfile dream of one-instance data can be done. I think I am going to have to try it a number of times becuase I dont see a certain answer, yes or no. Can you may be explain more what you do with your case that you dump SQL to flatfile? I don't see why that would ever be a benefit and am interested in understanding that. I think I am worried about using SQL a bit because it is not something that I think I can edit so quickly as I do text files. And also like you others, losing data when things are corrupted. TJ From dlie76 at yahoo.com.au Wed Sep 28 09:37:32 2011 From: dlie76 at yahoo.com.au (Daminto Lie) Date: Tue, 27 Sep 2011 23:37:32 -0700 (PDT) Subject: [Dovecot] deliver LDA issue with setuid-root Message-ID: <1317191852.67316.YahooMailNeo@web113415.mail.gq1.yahoo.com> Hi, I am getting the following error message when trying to implement LDA Dovecot 1.2.9 with virtual users: Sep 28 15:59:33 server1 postfix/pipe[3041]: 28BEC2400A1: to=, relay=dovecot, delay=2361, delays=2361/0.01/0/0.03, dsn=4.3.0, status=deferred (temporary failure. Command output: /usr/lib/dovecot/deliver must not be both world-executable and setuid-root. This allows root exploits. See http://wiki.dovecot.org/LDA#multipleuids ) I do not know if I need to change the group to secmail. Currently, I have as follows -rwsr-xr-x?? 1 root root 933796 2011-06-10 05:36 deliver Can I change it to any other group apart from secmail? and what does it mean by world-executable? Sorry if I ask a silly question here but keen to learn more about linux. Here is my dovecot.conf log_timestamp: %Y-%m-%d %H:%M:%S protocols: imap listen: *:143 ssl: no disable_plaintext_auth: no login_dir: /var/run/dovecot/login login_executable: /usr/lib/dovecot/imap-login verbose_proctitle: yes first_valid_uid: 106 last_valid_uid: 200 mail_privileged_group: mail mail_location: maildir:/home/vmail/%u/Maildir mbox_write_locks: fcntl dotlock mail_plugins: quota imap_quota imap_client_workarounds: outlook-idle delay-newmail netscape-eoh tb-extra-mailbox-sep lda: ? postmaster_address: postmaster at example.com ? mail_plugins: quota ? sendmail_path: /usr/lib/sendmail ? rejection_reason: Your message to <%t> was automatically rejected:%n%r auth default: ? mechanisms: plain login ? username_format: %Lu ? verbose: yes ? debug: yes ? debug_passwords: yes ? passdb: ??? driver: pam ? passdb: ??? driver: ldap ??? args: /etc/dovecot/dovecot-ldap.conf ? userdb: ??? driver: prefetch ? userdb: ??? driver: passwd ? userdb: ??? driver: static ??? args: uid=106 gid=1010 home=/home/vmail/%u ? socket: ??? type: listen ??? client: ????? path: /var/spool/postfix/private/auth ????? mode: 432 ????? user: postfix ????? group: mail ??? master: ????? path: /var/run/dovecot-auth-master ????? mode: 432 ????? user: vmail ????? group: vmail plugin: ? quota: maildir ? quota_rule: *:storage=3GB ? quota_rule2: Trash:storage=20%% ? quota_rule3: Spam:storage=10%% ? quota_warning: storage=95%% /usr/local/bin/quota-warning.sh 95 ? quota_warning2: storage=80%% /usr/local/bin/quota-warning.sh 80 Here is my master.cf # delivery through dovecot dovecot?? unix? -?????? n?????? n?????? -?????? -?????? pipe ? flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${recipient} Any help would be greatly appreciated. Thank you From janfrode at tanso.net Wed Sep 28 09:44:24 2011 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Wed, 28 Sep 2011 08:44:24 +0200 Subject: [Dovecot] What best decision to make for flatfiles or SQL when I use Dovecot2 + Postfix together? In-Reply-To: <1317138678.29156.140258148311993@webmail.messagingengine.com> References: <1317138678.29156.140258148311993@webmail.messagingengine.com> Message-ID: <20110928064424.GA31755@oc1046828364.ibm.com> On Tue, Sep 27, 2011 at 08:51:18AM -0700, terryjames9461 at mm.st wrote: > > I'm a little confused about: to do that sharing-in-one-place, do I have > to use SQL or can I use the flatfiles like passwd-db? I think for sure > someone already decided the best approach for this, and maybe I'm not > understanding the logic to it. Best approach is probably to store this in an ldap-directory. Then you can easily have multi-master replication, and avoid any single point of failure for your database. Both postfix and dovecot will be able to lookup the data using ldap. -jf From dovecot.user at seibercom.net Wed Sep 28 15:02:05 2011 From: dovecot.user at seibercom.net (Jerry) Date: Wed, 28 Sep 2011 08:02:05 -0400 Subject: [Dovecot] What best decision to make for flatfiles or SQL when I use Dovecot2 + Postfix together? In-Reply-To: <20110928064424.GA31755@oc1046828364.ibm.com> References: <1317138678.29156.140258148311993@webmail.messagingengine.com> <20110928064424.GA31755@oc1046828364.ibm.com> Message-ID: <20110928080205.5d621f20@scorpio> On Wed, 28 Sep 2011 08:44:24 +0200 Jan-Frode Myklebust articulated: > On Tue, Sep 27, 2011 at 08:51:18AM -0700, terryjames9461 at mm.st wrote: > > > > I'm a little confused about: to do that sharing-in-one-place, do I > > have to use SQL or can I use the flatfiles like passwd-db? I > > think for sure someone already decided the best approach for this, > > and maybe I'm not understanding the logic to it. > > Best approach is probably to store this in an ldap-directory. Then you > can easily have multi-master replication, and avoid any single point > of failure for your database. Both postfix and dovecot will be able to > lookup the data using ldap. While "ldap" may be fine for some users; personally, I have had nothing but catastrophic results when attempting to use it. I am fully aware that the main problem is that I am not truly "ldap" proficient. For the end user who needs an easy to maintain database I would unequivocally recommend MySQL. It has the added bonus of not requiring that Postfix (and I am not sure about Dovecot) be restarted if the database is changed. In Postfix, this also eliminates the requirement that "postmap" be run on the edited files prior to restarting Postfix. Just my unsolicited 2?. -- Jerry ? Dovecot.user at seibercom.net Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __________________________________________________________________ From ra at rz.uni-frankfurt.de Wed Sep 28 15:33:33 2011 From: ra at rz.uni-frankfurt.de (ra at rz.uni-frankfurt.de) Date: Wed, 28 Sep 2011 14:33:33 +0200 Subject: [Dovecot] Problems running Dovecot 1.2.17 on AIX Message-ID: <4E83141D.90306@rz.uni-frankfurt.de> Hello, we have a problem getting Dovecot 1.2.17 to work on one of our AIX-Machines (AIX 5.3). Dovecot compiles fine, but if we try to run it we get strange library dependency problems such as the following: [root at localhost dovecot-test]# /local/dovecot-test/sbin/dovecot -F -c /local/dovecot-test/etc/dovecot.clients.conf Edlopen(/local/dovecot-test/lib/dovecot/imap/lib01_acl_plugin.so) failed: rtld: 0712-001 Symbol bsearch_strcmp was referenced from module /local/dovecot-test/lib/dovecot/imap/lib01_acl_plugin.so(), but a runtime definition of the symbol was not found. rtld: 0712-001 Symbol safe_mkstemp_group was referenced from module /local/dovecot-test/lib/dovecot/imap/lib01_acl_plugin.so(), but a runtime definition of the symbol was not found. rtld: 0712-001 Symbol mail_user_module_register was referenced from module /local/dovecot-test/lib/dovecot/imap/lib01_acl_plugin.so(), but a runtime definition of the symbol was not found. rtld: 0712-001 Symbol dict_iterate_init was referenced from module /local/dovecot-test/lib/dovecot/imap/lib01_acl_plugin.so(), but a runtime definition of the symbol was not found. rtld: 0712-001 Symbol dict_iterate was referenced from module /local/dovecot-test/lib/dovecot/imap/lib01_acl_plugin.so(), but a runtime definition of the symbol was not found. rtld: 0712-001 Symbol dict_iterate_deinit was referenced from module /local/dovecot-test/lib/dovecot/imap/lib01_acl_plugin.so(), but a runtime definition of the symbol was not found. rtld: 0712-001 Symbol i_strcmp_p was referenced from module /local/dovecot-test/lib/dovecot/imap/lib01_acl_plugin.so(), but a runtime definition of the symbol was not found. Additional errors occurred but are not reported. FCouldn't load required plugins We tried to use the compiler-script as described on the wiki (http://wiki1.dovecot.org/AixPluginsSupport) and we tried to compile dovecot with gcc instead of xlc. We even tried it on another host running AIX 5.3 but dovecot still fails with the runtime linker complaining about missing runtime definitions. Any hint/help would be appreciated. Thanks in advance Manuel From robert at schetterer.org Wed Sep 28 16:02:51 2011 From: robert at schetterer.org (Robert Schetterer) Date: Wed, 28 Sep 2011 15:02:51 +0200 Subject: [Dovecot] What best decision to make for flatfiles or SQL when I use Dovecot2 + Postfix together? In-Reply-To: <1317138678.29156.140258148311993@webmail.messagingengine.com> References: <1317138678.29156.140258148311993@webmail.messagingengine.com> Message-ID: <4E831AFB.9000603@schetterer.org> Am 27.09.2011 17:51, schrieb terryjames9461 at mm.st: > Hello, > > I'm moving my mail server from Exchange to an opensource one. > > After a bunch of reading, I decided on building a Dovecot2 + Postfix > server in a VirtualUsers-only + Multiple-domains configuration. > > Since my messages will be stored by Dovecot, and the documentation is > really good, I figured that it's smartest to configure Dovecot, then > make Postfix 'fit' to it, sharing the data files that way. > > I read through lots of the Dovecot wiki for v2. > > There are many ways for storing the database data. My goal is to only > have data in one instances, used by both Postfix & Dovecot. > > I'm a little confused about: to do that sharing-in-one-place, do I have > to use SQL or can I use the flatfiles like passwd-db? I think for sure > someone already decided the best approach for this, and maybe I'm not > understanding the logic to it. > > The data I think I need to share are: > > users (user at domain.com) > passwords > user aliases (mapping user2 at domain.com -> user1 at domain.com) > domains > domain aliases (domain.com also receives email for domain2.com) > > And I think all of this can be in passwd-db in Dovecot. But I also want > to make sure that Postfix ONLY accepts email for users/domains that > exist, so it has to read that data too. > > Can I do this that way with the flatfiles? Or do I have to use the SQL > approach? > > > TJ i do it all with postfixadmin and mysql, in my eyes you could use plain flat files , if your the only on who admins i.e over ssh etc but if you want a customer friendly mailserver, with parted superadmin/domainadmin/user administration over some i.e. http gui you should better use sql and/or ldap stuff -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria From CMarcus at Media-Brokers.com Wed Sep 28 16:03:18 2011 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Wed, 28 Sep 2011 09:03:18 -0400 Subject: [Dovecot] outlook 2007 very slow. In-Reply-To: <20110927184209.504e9c90@scorpio> References: <4E77CA5A.6010506@tlinx.org> <4E82109E.2000600@wildgooses.com> <4E821412.2040801@Media-Brokers.com> <20110927184209.504e9c90@scorpio> Message-ID: <4E831B16.4050607@Media-Brokers.com> On 2011-09-27 6:42 PM, Jerry wrote: > I have always found Outlook to be much faster than TB. In any case, > Outlook 2007 is an old version. I am using the 2010 version at work and > it is a much more polished application than the 2010 version and far > superior to TB. That's funny - I find Outlooks email UI to be horrible. And HTML support relies on Word's HTML rendering engine? Give me a break... Outlook's calendar is definitely superior, but as an email client it is only useful when it is used in a full blown Exchange environment. As an IMAP client, it blows chunks. -- Best regards, Charles From nick+dovecot at bunbun.be Wed Sep 28 16:04:17 2011 From: nick+dovecot at bunbun.be (Nick Rosier) Date: Wed, 28 Sep 2011 15:04:17 +0200 Subject: [Dovecot] What best decision to make for flatfiles or SQL when I use Dovecot2 + Postfix together? In-Reply-To: <1317161294.12320.140258148448633@webmail.messagingengine.com> References: <1317138678.29156.140258148311993@webmail.messagingengine.com><4E8207F5.2070105@whyscream.net> <4E822851.1030000@bunbun.be> <1317161294.12320.140258148448633@webmail.messagingengine.com> Message-ID: <4E831B51.9040308@bunbun.be> terryjames9461 at mm.st wrote: > Hello Nick, > > On Tuesday, September 27, 2011 9:47 PM, "Nick Rosier" > wrote: > >> +1 one on PostfixAdmin. Wouldn't want to live without it. The main >> advantage of using a DB is that all information is stored in 1 location >> and available in the right format through SQL-queries. My 1st config >> used flat-files and the biggest issue was keeping the different files in >> sync (i.e. when creating/deleting users making sure to update all the >> necessary files). > > Did you try that system with flatfiles in Dovecot v2 or v1? I think that > this instructed possibility, > http://wiki2.dovecot.org/HowTo/VirtualUserFlatFilesPostfix, is only for > v2? This was back with v1. It was working with a little script I wrote. A problem was delegating management of all the domains. My servers hosts a number of domains which are owned by different people (family+friends). With PostfixAdmin you can define which user administers which domains (another perk). > > Its that sync of the different files that I hope to avoid. If I can > with flatfiles, all the better. If not then maybe I will have to use > SQL. And then the Postfix Admin looks interesting. An additional advantage I found with PostfixAdmin is the possibility to run post-creation/editing/deleting scripts on mailboxes and domains. I'm using Amavisd-new and have the post-creation script create users in the Amavis-DB with e.g. the default policies for a user and populating some tables used by other tools (quarReminder etc...). Rgds, N. PS: my mailserver only hosts a couple of domains and less than 100 mailboxes. I could have done this with flat-files but the possibility to delegate mailbox creation/deletion to the domain owners was worth the "trouble" using a DB which I was using anyway for other services. From simon.brereton at buongiorno.com Wed Sep 28 16:49:49 2011 From: simon.brereton at buongiorno.com (Simon Brereton) Date: Wed, 28 Sep 2011 09:49:49 -0400 Subject: [Dovecot] What best decision to make for flatfiles or SQL when I use Dovecot2 + Postfix together? In-Reply-To: <1317190083.25639.140258148566589@webmail.messagingengine.com> References: <1317138678.29156.140258148311993@webmail.messagingengine.com><4E8207F5.2070105@whyscream.net><1317160829.10644.140258148445373@webmail.messagingengine.com><20110927180632.Horde.jPUpZZLnE6FOgkjoSa5RRHA@kishi.patrickdk.com><1317161652.13631.140258148451673@webmail.messagingengine.com> <20110927214137.Horde.Bx9rKpLnE6FOgntRdGVQihA@kishi.patrickdk.com> <1317190083.25639.140258148566589@webmail.messagingengine.com> Message-ID: <044601cc7de5$7eb585b0$7c209110$@brereton@buongiorno.com> > -----Original Message----- > From: dovecot-bounces at dovecot.org [mailto:dovecot- > bounces at dovecot.org] On Behalf Of terryjames9461 at mm.st > Hello Patrick, > > On Tuesday, September 27, 2011 9:41 PM, "Patrick Domack" > wrote: > > It all depends on how much time and energy you want to spend in > > setting it up, vs the flexibility you in vision you need later. > > This is the intersection of the decision. I still am no sure if that > simple flatfile dream of one-instance data can be done. I think I am > going to have to try it a number of times becuase I dont see a > certain answer, yes or no. > > Can you may be explain more what you do with your case that you dump > SQL to flatfile? I don't see why that would ever be a benefit and am > interested in understanding that. > > I think I am worried about using SQL a bit because it is not > something that I think I can edit so quickly as I do text files. And > also like you others, losing data when things are corrupted. I have reasonable evidence that I'm by no means a sys-admin or even a linux Guru. But for the past 5 years, I've managed a system like you're trying to build - Postfix/Amavis/SpamAssassin/Dovecot (until recently I was running Courier for the MDA) with an SQL backend. It's never let me down, gives me a web interface (with PHPMyAdmin) to make changes, has 7 domains and about 300 user accounts. Once the set-up is done, you can save a file with a few queries or even build a php page to make common changes (adding domains/users, etc). Backup is easy. For the record, I've never used Postfixadmin - although I hear great things about it. Like the others, I'd recommend going the SQL route - it's easier to maintain and upgrade and it scales. If you don't need it to scale you've lost nothing because it uses virtually no resources, and if you do, you have it. Simon From dovecot.user at seibercom.net Wed Sep 28 17:04:47 2011 From: dovecot.user at seibercom.net (Jerry) Date: Wed, 28 Sep 2011 10:04:47 -0400 Subject: [Dovecot] outlook 2007 very slow. In-Reply-To: <4E831B16.4050607@Media-Brokers.com> References: <4E77CA5A.6010506@tlinx.org> <4E82109E.2000600@wildgooses.com> <4E821412.2040801@Media-Brokers.com> <20110927184209.504e9c90@scorpio> <4E831B16.4050607@Media-Brokers.com> Message-ID: <20110928100447.05f8beee@scorpio> On Wed, 28 Sep 2011 09:03:18 -0400 Charles Marcus articulated: > On 2011-09-27 6:42 PM, Jerry wrote: > > I have always found Outlook to be much faster than TB. In any case, > > Outlook 2007 is an old version. I am using the 2010 version at work > > and it is a much more polished application than the 2010 version > > and far superior to TB. > > That's funny - I find Outlooks email UI to be horrible. And HTML > support relies on Word's HTML rendering engine? Give me a break... > > Outlook's calendar is definitely superior, but as an email client it > is only useful when it is used in a full blown Exchange environment. > As an IMAP client, it blows chunks. Like all things, the usefulness of any application can only be truly measured in the context of the end user's environment. I virtually never use HTML e-mail myself. There are a few publications that I subscribe to that supply their material in HTML format; however, they all also list a URL to view the material. I prefer to use that method instead. E-mail, in my opinion, is a poor environment for HTML. MS Outlook's calender is the best available. I find Outlook's interface easy to use. Then again, I am quite familiar with it so that would only be natural. You fail to mention what version of Outlook you are referring to so there is no way I can gather any useful data from your analysis other to state that I have never used any version of TB that I found as useful as a comparative version of Outlook. If it is Outlook 2007, then perhaps this comparison of products should be restricted to a four year old version of TB also. I think I can safely say without fear of contradiction that, that is not something anyone would readily want to do. In any case, the idiom, "better the devil you know than the devil you don't" is apropos to this thread. -- Jerry ? Dovecot.user at seibercom.net Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __________________________________________________________________ From tompru at jla.rutgers.edu Wed Sep 28 17:09:17 2011 From: tompru at jla.rutgers.edu (Tom Pawlowski) Date: Wed, 28 Sep 2011 10:09:17 -0400 Subject: [Dovecot] 2.0.14 IPC client_limit reached error Message-ID: <20110928140917.GC16725@hawkeye.rutgers.edu> Hi Timo, Upgraded to 2.0.14 last night for the director-related features and I noticed an oddity in the logs: Sep 28 09:53:21 director2 dovecot: master: Warning: service(ipc): client_limit reached, client connections are being dropped Sep 28 09:53:56 director1 dovecot: master: Warning: service(ipc): client_limit reached, client connections are being dropped Sep 28 09:54:23 director2 dovecot: master: Warning: service(ipc): client_limit reached, client connections are being dropped Sep 28 09:55:07 director1 dovecot: master: Warning: service(ipc): client_limit reached, client connections are being dropped Sep 28 09:55:24 director2 dovecot: master: Warning: service(ipc): client_limit reached, client connections are being dropped Sep 28 09:56:08 director1 dovecot: master: Warning: service(ipc): client_limit reached, client connections are being dropped Sep 28 09:56:25 director2 dovecot: master: Warning: service(ipc): client_limit reached, client connections are being dropped Sep 28 09:57:10 director1 dovecot: master: Warning: service(ipc): client_limit reached, client connections are being dropped Sep 28 09:57:26 director2 dovecot: master: Warning: service(ipc): client_limit reached, client connections are being dropped These warnings are only being printed out by the directors. Both the directors and imap/pop3 servers have init scripts with the following ulimits set in the start sections: ulimit -s unlimited ulimit -n 30000 ulimit -u 30000 (We'd get alerts long before resource consumption became an issue) I've been watching the established imap/pop3 connection count on both directors for the past hour and a half and despite these warnings, those counts have grown continuously. The other weird thing is, according the configuration (attached), the ipc service has a client_limit of 0 by default, so we shouldn't be hitting a ceiling anyway, correct? So are these false warnings or something to be concerned about? -- Tom Pawlowski OIT-CSS System Administrator office: Hill 147 email: tompru at jla.rutgers.edu phone: (732) 445-2634 -------------- next part -------------- # 2.0.14: /etc/dovecot/dovecot.conf # OS: Linux 2.6.18-194.32.1.el5 x86_64 CentOS release 5.5 (Final) auth_anonymous_username = anonymous auth_cache_negative_ttl = 1 hours auth_cache_size = 0 auth_cache_ttl = 1 hours auth_debug = no auth_debug_passwords = no auth_default_realm = auth_failure_delay = 2 secs auth_first_valid_uid = 500 auth_gssapi_hostname = auth_krb5_keytab = auth_last_valid_uid = 0 auth_master_user_separator = auth_mechanisms = plain auth_realms = auth_socket_path = auth-userdb auth_ssl_require_client_cert = no auth_ssl_username_from_cert = no auth_use_winbind = no auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@ auth_username_format = auth_username_translation = auth_verbose = no auth_verbose_passwords = no auth_winbind_helper_path = /usr/bin/ntlm_auth auth_worker_max_count = 30 base_dir = /var/run/dovecot config_cache_size = 1 M debug_log_path = default_client_limit = 1000 default_idle_kill = 60 default_internal_user = dovecot default_login_user = dovenull default_process_limit = 100 default_vsz_limit = 256 M deliver_log_format = msgid=%m: %$ dict_db_config = director_doveadm_port = 9091 director_mail_servers = 192.168.160.74 192.168.160.75 192.168.160.76 192.168.160.77 192.168.160.78 192.168.160.79 director_servers = 192.168.160.80 192.168.160.81 director_user_expire = 15 mins disable_plaintext_auth = yes dotlock_use_excl = yes doveadm_allowed_commands = doveadm_password = doveadm_proxy_port = 0 doveadm_socket_path = doveadm-server doveadm_worker_count = 0 first_valid_gid = 1 first_valid_uid = 500 hostname = imap_capability = imap_client_workarounds = imap_id_log = imap_id_send = imap_idle_notify_interval = 2 mins imap_logout_format = bytes=%i/%o imap_max_line_length = 64 k import_environment = TZ LISTEN_PID LISTEN_FDS info_log_path = last_valid_gid = 0 last_valid_uid = 0 lda_mailbox_autocreate = no lda_mailbox_autosubscribe = no lda_original_recipient_header = libexec_dir = /usr/libexec/dovecot listen = * lmtp_proxy = no lmtp_save_to_detail_mailbox = no lock_method = fcntl log_path = syslog log_timestamp = "%b %d %H:%M:%S " login_access_sockets = login_greeting = Dovecot ready. login_log_format = %$: %s login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c login_trusted_networks = mail_access_groups = mail_attachment_dir = mail_attachment_fs = sis posix mail_attachment_hash = %{sha1} mail_attachment_min_size = 128 k mail_cache_fields = flags mail_cache_min_mail_count = 0 mail_chroot = mail_debug = no mail_fsync = optimized mail_full_filesystem_access = no mail_gid = mail_home = mail_location = mail_log_prefix = "%s(%u): " mail_max_keyword_length = 50 mail_max_lock_timeout = 0 mail_max_userip_connections = 10 mail_never_cache_fields = imap.envelope mail_nfs_index = no mail_nfs_storage = no mail_plugin_dir = /usr/lib64/dovecot mail_plugins = mail_privileged_group = mail_save_crlf = no mail_temp_dir = /tmp mail_uid = mailbox_idle_check_interval = 30 secs mailbox_list_index_disable = no maildir_copy_with_hardlinks = yes maildir_stat_dirs = no maildir_very_dirty_syncs = no master_user_separator = mbox_dirty_syncs = yes mbox_dotlock_change_timeout = 2 mins mbox_lazy_writes = yes mbox_lock_timeout = 5 mins mbox_min_index_size = 0 mbox_read_locks = fcntl mbox_very_dirty_syncs = no mbox_write_locks = dotlock fcntl mdbox_preallocate_space = no mdbox_rotate_interval = 0 mdbox_rotate_size = 2 M mmap_disable = no passdb { args = proxy=y nopassword=y deny = no driver = static master = no pass = no } pop3_client_workarounds = pop3_enable_last = no pop3_fast_size_lookups = no pop3_lock_session = no pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s pop3_no_flag_updates = no pop3_reuse_xuidl = no pop3_save_uidl = no pop3_uidl_format = %08Xu%08Xv postmaster_address = protocols = imap pop3 lmtp quota_full_tempfail = no recipient_delimiter = + rejection_reason = Your message to <%t> was automatically rejected:%n%r rejection_subject = Rejected: %s sendmail_path = /usr/sbin/sendmail service anvil { chroot = empty client_limit = 16321 drop_priv_before_exec = no executable = anvil extra_groups = group = idle_kill = 4294967295 secs privileged_group = process_limit = 1 process_min_avail = 1 protocol = service_count = 0 type = anvil unix_listener anvil-auth-penalty { group = mode = 0600 user = } unix_listener anvil { group = mode = 0600 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service auth-worker { chroot = client_limit = 1 drop_priv_before_exec = no executable = auth -w extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 1 type = unix_listener auth-worker { group = mode = 0600 user = $default_internal_user } user = vsz_limit = 18446744073709551615 B } service auth { chroot = client_limit = 18466 drop_priv_before_exec = no executable = auth extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener auth-client { group = mode = 0600 user = } unix_listener auth-login { group = mode = 0600 user = $default_internal_user } unix_listener auth-master { group = mode = 0600 user = } unix_listener auth-userdb { group = mode = 0600 user = } unix_listener login/login { group = mode = 0666 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service config { chroot = client_limit = 0 drop_priv_before_exec = no executable = config extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = config unix_listener config { group = mode = 0600 user = } user = vsz_limit = 18446744073709551615 B } service dict { chroot = client_limit = 1 drop_priv_before_exec = no executable = dict extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = unix_listener dict { group = mode = 0600 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service director { chroot = client_limit = 0 drop_priv_before_exec = no executable = director extra_groups = fifo_listener login/proxy-notify { group = mode = 0666 user = } group = idle_kill = 4294967295 secs inet_listener { address = port = 9090 ssl = no } privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener director-admin { group = mode = 0600 user = } unix_listener director-userdb { group = mode = 0600 user = } unix_listener login/director { group = mode = 0666 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service dns_client { chroot = client_limit = 1 drop_priv_before_exec = no executable = dns-client extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = unix_listener dns-client { group = mode = 0666 user = } unix_listener login/dns-client { group = mode = 0666 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service doveadm { chroot = client_limit = 1 drop_priv_before_exec = no executable = doveadm-server extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 1 type = unix_listener doveadm-server { group = mode = 0600 user = } user = vsz_limit = 18446744073709551615 B } service imap-login { chroot = login client_limit = 0 drop_priv_before_exec = no executable = imap-login director extra_groups = group = idle_kill = 0 inet_listener imap { address = port = 143 ssl = no } inet_listener imaps { address = port = 993 ssl = yes } privileged_group = process_limit = 12222 process_min_avail = 10 protocol = imap service_count = 1 type = login user = $default_login_user vsz_limit = 2 G } service imap { chroot = client_limit = 1 drop_priv_before_exec = no executable = imap extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1024 process_min_avail = 0 protocol = imap service_count = 1 type = unix_listener login/imap { group = mode = 0666 user = } user = vsz_limit = 18446744073709551615 B } service ipc { chroot = empty client_limit = 0 drop_priv_before_exec = no executable = ipc extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener ipc { group = mode = 0600 user = } unix_listener login/ipc-proxy { group = mode = 0600 user = $default_login_user } user = $default_internal_user vsz_limit = 18446744073709551615 B } service lmtp { chroot = client_limit = 0 drop_priv_before_exec = no executable = lmtp extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = lmtp service_count = 0 type = unix_listener lmtp { group = mode = 0666 user = } user = vsz_limit = 0 } service log { chroot = client_limit = 0 drop_priv_before_exec = no executable = log extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = log user = vsz_limit = 18446744073709551615 B } service pop3-login { chroot = login client_limit = 0 drop_priv_before_exec = no executable = pop3-login director extra_groups = group = idle_kill = 0 inet_listener pop3 { address = port = 110 ssl = no } inet_listener pop3s { address = port = 995 ssl = yes } privileged_group = process_limit = 4096 process_min_avail = 0 protocol = pop3 service_count = 1 type = login user = $default_login_user vsz_limit = 64 M } service pop3 { chroot = client_limit = 1 drop_priv_before_exec = no executable = pop3 extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1024 process_min_avail = 0 protocol = pop3 service_count = 1 type = unix_listener login/pop3 { group = mode = 0666 user = } user = vsz_limit = 18446744073709551615 B } service ssl-params { chroot = client_limit = 0 drop_priv_before_exec = no executable = ssl-params extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = startup unix_listener login/ssl-params { group = mode = 0666 user = } user = vsz_limit = 18446744073709551615 B } shutdown_clients = yes ssl = required ssl_ca = Hello We are going to split our mailhub in two :-) one for students and one for the others Does Dovecot 2 provide some mechanisms to filter users's' login ? a flat file would be enough for my usage ( I use pam_ldap nss_ldap with nsswitch ) thanks From asai at globalchangemusic.org Wed Sep 28 20:30:07 2011 From: asai at globalchangemusic.org (Asai) Date: Wed, 28 Sep 2011 10:30:07 -0700 Subject: [Dovecot] Dsync Removing Subscriptions Entries Message-ID: <4E83599F.8030603@globalchangemusic.org> Greetings, In learning to get Dsync to work, I see a lot of this type of warning in the logs: dsync-remote(user at domain.org): Warning: Subscriptions file /vmail/domain/user/subscriptions: Removing invalid entry: INBOX/SOME folder When I ran a test this morning on the backed up emails on the remote server with Thunderbird, I did indeed see that many of the subscribed folders were not present in TB, although the directories and data were indeed present on the remote server. The subscriptions file on the remote server had the omissions which Dsync warned about. These maildir folders seem to work fine on the main server. Can someone help me to understand how to make the sync without omissions in the subscriptions file? -- *Asai* Global Change Multi-Media Internet Application Development IT and Networking Services 520-398-2542 From user+dovecot at localhost.localdomain.org Wed Sep 28 21:33:27 2011 From: user+dovecot at localhost.localdomain.org (Pascal Volk) Date: Wed, 28 Sep 2011 20:33:27 +0200 Subject: [Dovecot] deliver LDA issue with setuid-root In-Reply-To: <1317191852.67316.YahooMailNeo@web113415.mail.gq1.yahoo.com> References: <1317191852.67316.YahooMailNeo@web113415.mail.gq1.yahoo.com> Message-ID: <4E836877.4070105@localhost.localdomain.org> On 09/28/2011 08:37 AM Daminto Lie wrote: > Hi, > > I am getting the following error message when trying to implement LDA Dovecot 1.2.9 with virtual users: > > > Sep 28 15:59:33 server1 postfix/pipe[3041]: 28BEC2400A1: to=, relay=dovecot, delay=2361, delays=2361/0.01/0/0.03, dsn=4.3.0, status=deferred (temporary failure. Command output: /usr/lib/dovecot/deliver must not be both world-executable and setuid-root. This allows root exploits. See http://wiki.dovecot.org/LDA#multipleuids ) > > I do not know if I need to change the group to secmail. Currently, I have as follows > > -rwsr-xr-x 1 root root 933796 2011-06-10 05:36 deliver > > > Can I change it to any other group apart from secmail? and what does it mean by world-executable? Sorry if I ask a silly question here but keen to learn more about linux. RTFM chmod(1) > ? > Here is my master.cf > # delivery through dovecot > dovecot unix - n n - - pipe > flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${recipient} > > Any help would be greatly appreciated. > > Thank you chgrp vmail /usr/lib/dovecot/deliver chmod o-rx !$ Regards, Pascal -- The trapper recommends today: cafefeed.1127120 at localdomain.org From kuizhang at gmail.com Wed Sep 28 23:00:27 2011 From: kuizhang at gmail.com (Kui Zhang) Date: Wed, 28 Sep 2011 13:00:27 -0700 Subject: [Dovecot] outlook 2007 very slow. In-Reply-To: <4E82B3B7.2020301@hardwarefreak.com> References: <4E77CA5A.6010506@tlinx.org> <4E82109E.2000600@wildgooses.com> <4E821412.2040801@Media-Brokers.com> <4E82B3B7.2020301@hardwarefreak.com> Message-ID: On Tue, Sep 27, 2011 at 10:42 PM, Stan Hoeppner wrote: > On 9/27/2011 4:50 PM, Kui Zhang wrote: >>> >>> I think if you disable the new local indexing features in TB then it >>> should start running fairly decently? >> >> I had indexing disabled... that did not help much. >> >> TB work better after I have these settings... >> >> mail.imap.expunge_after_delete true >> mail.imap.expunge_option 2 >> mail.server.default.autosync_offline_stores false >> mail.server.default.offline_download false >> mail.server.default.autosync_max_age_days 14 >> >> I think mail.imap.expunge_after_delete might have caused mdbox limit >> problem I had before... but not confirmed. > > What, exactly, was the nature of the performance problem you originally > mentioned to start this thread, the mailbox with the thousands of sub > folders? This thread might be getting little off topic. It was for inotify loop on server side during idle (outlook 2k7), with approximate 2.1k folders. > > With GLODA and local synchronization disabled, using 1 IMAP connection > instead of the default 5, disabling IDLE and using check interval seconds, > and using the default: I have not notice looping on idle when client using Thunderbird. So it might be outlook specific. > > mail.server.default.check_all_folders_for_new ? FALSE > Not feasible. Few folders need to be checked periodically... > then you should have excellent performance with TB regardless of the number > of folders in a mailbox. ?Unless maybe the hardware or net pipe are lacking. > Ya, but TB would be doing less work. > What are the specs of the client machine in question? ?What CPU/freq. Maybe > more importantly, what is the link speed of the network between this PC and > the Dovecot server? ?LAN or WAN? avg ttl = 0.5ms Sustain 10-12MB/s, concurrent connections, from 5+ workstations. No load issues recorded on the server side. The clients have 8GB of ram, athlon II X4 640 quad core. they should have enough juice... On an athlon 3200, 2G Ram, I did some tests on an account, with 3GB on disk, approximate 100k emails, and 30 folders. on the client side, when no mail client running. 450-500MB ram used. CPU at 1-2% TB hangs on start up, for extent period of time. cpu at 100%, ram at 1 - 1.2 GB used. CPU usage almost always at 100%. And it hangs from time to time. The client side disk usage for TB is around 200MB? why would it need 500MB of ram? This is something I will bring up with the thunderbird people. With claws-mail, cpu goes up depending on amount of email in the folder. And cpu usage drop almost immediately after folder switch. around 480 ? 520 MB ram used. So the client box is not too slow. KuiZ > > -- > Stan > > From pavel.obr at gmail.com Wed Sep 28 23:40:45 2011 From: pavel.obr at gmail.com (Pavel Obr) Date: Wed, 28 Sep 2011 22:40:45 +0200 Subject: [Dovecot] Dovecot and NTLM problem Message-ID: Hallo, i am trying setup dovecot 2.0.9 with NTLM. I tested succesfully winbind with winbind -k, ntlm-auth with ntlm_auth --username=pavel. But I cannot authenticate in Dovecot. My log show these lines: Sep 28 22:16:25 srv-pat dovecot: auth: Debug: auth client connected (pid=6002) Sep 28 22:16:25 srv-pat dovecot: auth: Debug: client in: AUTH#0111#011NTLM#011service=imap#011lip=192.168.7.67#011rip=192.168.100.141#011lport=143#011rport=5109 Sep 28 22:16:25 srv-pat dovecot: auth: Debug: client out: CONT#0111#011 Sep 28 22:16:25 srv-pat dovecot: auth: Fatal: execv(/usr/bin/ntlm_auth) failed: Permission denied Sep 28 22:16:25 srv-pat dovecot: auth: Error: winbind: ntlm_auth exited with exit code 84 Sep 28 22:16:25 srv-pat dovecot: auth: Debug: client in: CONT#0111#011TlRMTVNTUAABAAAAB4IIAAAAAAAAAAAAAAAAAAAAAAA= Sep 28 22:16:25 srv-pat dovecot: auth: Error: winbind(?,192.168.100.141): write(out_pipe) failed: Broken pipe Sep 28 22:16:27 srv-pat dovecot: auth: Debug: client out: FAIL#0111 Do you know what that is mean "Fatal: execv(/usr/bin/ntlm_auth) failed: Permission denied" ? What is exit code 84 - "Error: winbind: ntlm_auth exited with exit code 84"? My dovecot -n: # 2.0.9: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-131.12.1.el6.x86_64 x86_64 Scientific Linux release 6.1 (Carbon) auth_debug = yes auth_debug_passwords = yes auth_mechanisms = plain ntlm login auth_use_winbind = yes auth_username_format = %n mail_home = /data/vmail/%d/%n mail_location = mdbox:~/mail mbox_write_locks = fcntl passdb { driver = pam } protocols = pop3 imap lmtp ssl_cert = >> New subscriber here. I noticed that the FTS index is not used in compound searches. >> Is this expected? Tested in 2.0.0 and 2.0.8: > >Yep. It's been in TODO for a while. I know this thread is quite old, but we have the same issue with v2.0.14 and squat. Would this issue also affect the Solr FTS backend? Thanks, Nikolai. From tlx at leuxner.net Thu Sep 29 10:57:53 2011 From: tlx at leuxner.net (Thomas Leuxner) Date: Thu, 29 Sep 2011 09:57:53 +0200 Subject: [Dovecot] What best decision to make for flatfiles or SQL when I use Dovecot2 + Postfix together? In-Reply-To: <1317161652.13631.140258148451673@webmail.messagingengine.com> References: <1317138678.29156.140258148311993@webmail.messagingengine.com> <4E8207F5.2070105@whyscream.net> <1317160829.10644.140258148445373@webmail.messagingengine.com> <20110927180632.Horde.jPUpZZLnE6FOgkjoSa5RRHA@kishi.patrickdk.com> <1317161652.13631.140258148451673@webmail.messagingengine.com> Message-ID: <20110929075753.GA10332@nihlus.leuxner.net> On Tue, Sep 27, 2011 at 03:14:12PM -0700, terryjames9461 at mm.st wrote: > With using the Dovecot lmtp option, where does Postfix know to refuse > email for a non-existing user or domain? That also has to be shared? Sticking to the Flatfile recipe on the Wiki, Postfix would query the Auth Backend of Dovecot. The actual user records would sit on the Dovecot side, where Postfix would only worry about valid domains etc. Fancy stuff like Aliasing would be better done on the Postfix side in this scenario although it would also be possible to have bogus User records in Dovecot to address that. Thomas -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: Digital signature URL: From per at computer.org Thu Sep 29 11:15:52 2011 From: per at computer.org (Per Jessen) Date: Thu, 29 Sep 2011 10:15:52 +0200 Subject: [Dovecot] What best decision to make for flatfiles or SQL when I use Dovecot2 + Postfix together? References: <1317138678.29156.140258148311993@webmail.messagingengine.com> <20110928064424.GA31755@oc1046828364.ibm.com> <20110928080205.5d621f20@scorpio> Message-ID: Jerry wrote: > On Wed, 28 Sep 2011 08:44:24 +0200 > Jan-Frode Myklebust articulated: > >> On Tue, Sep 27, 2011 at 08:51:18AM -0700, terryjames9461 at mm.st wrote: >> > >> > I'm a little confused about: to do that sharing-in-one-place, do I >> > have to use SQL or can I use the flatfiles like passwd-db? I >> > think for sure someone already decided the best approach for this, >> > and maybe I'm not understanding the logic to it. >> >> Best approach is probably to store this in an ldap-directory. Then >> you can easily have multi-master replication, and avoid any single >> point of failure for your database. Both postfix and dovecot will be >> able to lookup the data using ldap. > > While "ldap" may be fine for some users; personally, I have had > nothing but catastrophic results when attempting to use it. I am fully > aware that the main problem is that I am not truly "ldap" proficient. > For the end user who needs an easy to maintain database I would > unequivocally recommend MySQL. +1 on the mysql. /Per Jessen, Z?rich From rainer.frey at inxmail.de Thu Sep 29 12:24:29 2011 From: rainer.frey at inxmail.de (Rainer Frey) Date: Thu, 29 Sep 2011 11:24:29 +0200 Subject: [Dovecot] What best decision to make for flatfiles or SQL when I use Dovecot2 + Postfix together? In-Reply-To: <1317161652.13631.140258148451673@webmail.messagingengine.com> References: <1317138678.29156.140258148311993@webmail.messagingengine.com><4E8207F5.2070105@whyscream.net><1317160829.10644.140258148445373@webmail.messagingengine.com> <20110927180632.Horde.jPUpZZLnE6FOgkjoSa5RRHA@kishi.patrickdk.com> <1317161652.13631.140258148451673@webmail.messagingengine.com> Message-ID: On 28.09.2011, at 00:14, terryjames9461 at mm.st wrote: > Hello Patrick, > > On Tuesday, September 27, 2011 6:06 PM, "Patrick Domack" > wrote: >> Using dovecot lda/lmtp you remove all postfix needs to know mailbox >> name to directory mapping, that would be duplicated. > > With using the Dovecot lmtp option, where does Postfix know to refuse > email for a non-existing user or domain? That also has to be shared? I wondered that as well, and unfortunately the Howto doesn't explain the concept it builds upon. But I found it: it uses LMTP and recipient verification (see reject_unverified_recipient in smtpd_recipient_restictions). See http://www.postfix.org/ADDRESS_VERIFICATION_README.html for details. Rainer From venom00 at setsun.org Thu Sep 29 15:22:49 2011 From: venom00 at setsun.org (venom00) Date: Thu, 29 Sep 2011 14:22:49 +0200 Subject: [Dovecot] Messages not deleted from mbox Message-ID: Hello, I've two accounts on my mail server, and from my client (Evolution) I've set up two configurations. If I dowload mail one account at a time everything works fine, but if I download both of them at the same time I'm not able to delete downloaded messages, so I download them twice, three times and counting to infinity. On th client side everything looks good: ----------------------------------------------------- LIST +OK 1 messages: 1 485 . UIDL +OK 1 000000704e57eebd . RETR 1 +OK 485 octets Message here... . DELE 1 +OK Marked to be deleted. QUIT +OK Logging out, messages deleted. ----------------------------------------------------- On the server side I've enabled debug logging but nothing relevant comes up, except sometimes an error: Panic: Message unexpectedly expunged from index Full log: http://pastebin.com/raw.php?i=bBizx9tm But most of the times there are no errors and simply the message is not deleted. I'm using mbox format in /var/spool/mail/%u. The dovecot user has read-write access to the folder (even because, as I said, if download an account at once everything works fine). I think it's about locking, I've tried several lock methods but always the same result and I can't see dead locks from lsof, fuser or ls (for dotlocks). Thanks in advance, venom00 From lists at wildgooses.com Thu Sep 29 15:27:11 2011 From: lists at wildgooses.com (Ed W) Date: Thu, 29 Sep 2011 13:27:11 +0100 Subject: [Dovecot] outlook 2007 very slow. In-Reply-To: References: <4E77CA5A.6010506@tlinx.org> <4E82109E.2000600@wildgooses.com> <4E821412.2040801@Media-Brokers.com> <4E82B3B7.2020301@hardwarefreak.com> Message-ID: <4E84641F.8080001@wildgooses.com> On 28/09/2011 21:00, Kui Zhang wrote: > TB hangs on start up, for extent period of time. cpu at 100%, ram at 1 > - 1.2 GB used. CPU usage almost always at 100%. And it hangs from time > to time. The client side disk usage for TB is around 200MB? why would > it need 500MB of ram? This is something I will bring up with the > thunderbird people. > If you care to debug in more detail, you may learn a lot by watching the network traffic at this point? You can setup debugging on the server side, but personally I find this a touch hard to setup for one off sessions (and shared IPs/mailboxes, etc). Also consider wireshark and just tracing a single machine. The point being to see if it's locked up because it's thrashing the mail server for some reason, or if it's doing something silly client side? Random untested ideas: - I believe it pulls the folder list down at startup. With thousands of folders in your case (did I understand that?) you might find it's doing some silly select on each folder and hence spending ages being bound by the ping speed to the server (something like 100-200 round trips per sec max I think you said?), or perhaps it's even worse than that if it causes some disk seek for each folder? - Quantity of headers could be large under certain circumstances - check if you are network bandwidth bound? - TB might be doing something silly locally and you are bound by disk seek time on your local machine as it does whatever it does to several thousand mbox files? Move the TB local folder to some slower/faster disk and observe if the startup speed gets proportionally slower/faster..? Eg I slapped in some large flash drive to my Mac and now I keep forgetting that others still have seek time limitations starting apps... Good luck - interested to hear if you can trace this to something? Ed W P.S. I will try and post some tips in a new thread, but I found that TB and other clever clients can benefit enormously if you turn on the appropriate zlib stuff that means the COMPRESS extension is supported (not on by default). Outlook hasn't historically supported this, so I doubt it will help above, but it's one feature that can give TB the edge over Outlook. From lists at wildgooses.com Thu Sep 29 15:30:59 2011 From: lists at wildgooses.com (Ed W) Date: Thu, 29 Sep 2011 13:30:59 +0100 Subject: [Dovecot] outlook 2007 very slow. In-Reply-To: <20110928100447.05f8beee@scorpio> References: <4E77CA5A.6010506@tlinx.org> <4E82109E.2000600@wildgooses.com> <4E821412.2040801@Media-Brokers.com> <20110927184209.504e9c90@scorpio> <4E831B16.4050607@Media-Brokers.com> <20110928100447.05f8beee@scorpio> Message-ID: <4E846503.9020900@wildgooses.com> On 28/09/2011 15:04, Jerry wrote: > MS Outlook's calender is the best available. I find Outlook's interface > easy to use. Then again, I am quite familiar with it so that would only > be natural. I have been waiting for what is likely to be TB 8 + the subsequent release of SoGo. I have some hope that the sogo plugins, which should then have all the patches they need natively in TB, will go a long way to level the playing field on the calendering vs Outlook... Watch this space and all that... Just chewing the cud and all that, but one of the features which does very much annoy me about Outlook is the apparent failure to do simple nested indents on replied emails, ie like this one where you get each person's reply indented one level all the way down the exchange. I get so many emails where the user starts writing in various coloured writing to try and and make up for the completely flat reply... I *believe* this is entirely down to the settings you pick in Outlook, but it's clearly a common setup to have replies non indented? (Plenty of things tick me off about TB, but this margin too small to accomodate them....) Cheers Ed W From danilo.abbasciano at gmail.com Thu Sep 29 16:05:53 2011 From: danilo.abbasciano at gmail.com (Danilo) Date: Thu, 29 Sep 2011 15:05:53 +0200 Subject: [Dovecot] Timeout leak in get quota Message-ID: <4E846D31.6010900@gmail.com> Hello! I wrote perl script for read current quota usage, it works but when I run the program I receive a warning in Dovecot log: 2011-09-29 14:45:30 doveadm(guest at testmail.com): Warning: Timeout leak: 0x7f14800ad970 This is the script: =============================== #!/usr/bin/perl use strict; use Socket; use IO::Handle; socket(TSOCK, PF_UNIX, SOCK_STREAM,0); connect(TSOCK, sockaddr_un("/var/run/dovecot/doveadm-server")) or print("ERROR!"); print "VERSION\tdoveadm-server\t1\t0\n"; print "\tguest\@testmail.com\tquota get\n"; print "=" x 20 . "\n"; if (defined(my $messg = )) { print $messg; print TSOCK "VERSION\tdoveadm-server\t1\t0\n"; TSOCK->flush; print TSOCK "\tguest\@testmail.com\tquota get\n"; TSOCK->flush; $messg = ; print $messg; $messg = ; print $messg; close TSOCK; } ============================= I hope someone could help me to fix the warning. Thanks in advance, Dany From ibrahim.harrani at gmail.com Thu Sep 29 16:08:55 2011 From: ibrahim.harrani at gmail.com (Ibrahim Harrani) Date: Thu, 29 Sep 2011 16:08:55 +0300 Subject: [Dovecot] "Waiting for authentication process to respond" for invalid users with auth_dovecot In-Reply-To: <1316178672.12936.99.camel@hurina> References: <1316178672.12936.99.camel@hurina> Message-ID: Hi Timo, I switched to auth_pop wrapper to solve the problem. I agree that there is something wrong with auth_dovecot. Thanks. On Fri, Sep 16, 2011 at 4:11 PM, Timo Sirainen wrote: > On Tue, 2011-09-13 at 13:53 +0300, Ibrahim Harrani wrote: > >> I am testing dovecot 2.0.13 and 2.0.14 with qmail-ldap and >> auth_dovecot patch. If i login to dovecot (pop3/imap) with correct >> user and password. >> no problem, I can login immediately. but if I try with nonexistant >> user, dovecot does not immediate answer, wait for a while and says >> "Waiting for authentication process to respond." >> auth_dovecot process remains working in the background. >> How can I avoid this situation? > > If auth_dovecot process keeps running, the bug is in auth_dovecot. I've > never looked at it (or probably even heard of it). > > > From listas.correo at yahoo.es Thu Sep 29 18:09:02 2011 From: listas.correo at yahoo.es (mailing lists) Date: Thu, 29 Sep 2011 16:09:02 +0100 (BST) Subject: [Dovecot] Panic: file lmtp-proxy.c: line 370 (lmtp_proxy_output_timeout): assertion failed: (proxy->data_input->eof) Message-ID: <1317308942.24498.YahooMailNeo@web29115.mail.ird.yahoo.com> Hello all, today I got this crash from dovecot (2.0.14) Sep 29 14:09:32 imap1 dovecot: lmtp(17693): Panic: file lmtp-proxy.c: line 370 (lmtp_proxy_output_timeout): assertion failed: (proxy->data_input->eof) Sep 29 14:09:32 imap1 dovecot: lmtp(17693): Error: Raw backtrace: /usr/lib64/dovecot/libdovecot.so.0(+0x3f9aa)? [0x7f18f10299aa] -> /usr/lib64/dovecot/libdovecot.so.0(+0x3f9f6) [0x7f18f10299f6] -> /usr/lib64/dovecot/libdovecot.so.0(i_fatal+0) [0x7f18f1003211] -> dovecot/lmtp(+0x7a4f) [0x7f18f1982a4f] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_handle_timeouts+0xcb) [0x7f18f103590b] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_handler_run+0x5b) [0x7f18f103680b] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_run+0x28) [0x7f18f1035768] -> /usr/lib64/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7f18f1023423] -> dovecot/lmtp(main+0x183) [0x7f18f197fa93] -> /lib64/libc.so.6(__libc_start_main+0xfd) [0x7f18f0ca8b7d] -> dovecot/lmtp(+0x4819) [0x7f18f197f819] Sep 29 14:09:32 imap1 dovecot: master: Error: service(lmtp): child 17693 killed with signal 6 (core dumps disabled) ?? /-----------------/ # dovecot -n -c /etc/dovecot-director/dovecot.conf # 2.0.14: /etc/dovecot-director/dovecot.conf # OS: Linux 2.6.34.7-0.7-xen x86_64 openSUSE 11.3 (x86_64) auth_debug = yes auth_verbose = yes base_dir = /var/run/dovecot-director/ director_mail_servers = 100.1.245.101 100.1.245.105 director_servers = 100.1.245.101:9091 100.1.245.105:9091 100.1.241.204:9091 disable_plaintext_auth = no doveadm_proxy_port = 24245 lmtp_proxy = yes mail_debug = yes mail_fsync = always mail_gid = 5000 mail_nfs_index = yes mail_nfs_storage = yes mail_plugins = acl mail_uid = 5000 managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date mmap_disable = yes passdb { ? args = proxy=y nopassword=y ? driver = static } plugin { ? acl = vfile ? sieve = ~/.dovecot.sieve ? sieve_dir = ~/sieve } protocols = imap lmtp pop3 service auth { ? unix_listener auth-userdb { ??? group = vmail ??? mode = 0666 ??? user = vmail ? } } service director { ? fifo_listener login/proxy-notify { ??? mode = 0666 ? } ? inet_listener { ??? port = 9091 ? } ? unix_listener director-userdb { ??? mode = 0666 ? } ? unix_listener login/director { ??? mode = 0666 ? } } service doveadm { ? inet_listener { ??? port = 24245 ? } } service imap-login { ? executable = imap-login director ? inet_listener imap { ??? port = 10143 ? } } service lmtp { ? inet_listener lmtp { ??? port = 1024 ? } } service pop3-login { ? executable = pop3-login director ? inet_listener pop3 { ??? port = 10110 ? } } ssl = no verbose_proctitle = yes protocol lmtp { ? auth_socket_path = director-userdb ? passdb { ??? args = proxy=y nopassword=y port=24 ??? driver = static ? } } protocol imap { ? mail_max_userip_connections = 100 } local 100.1.245.101/28/28 { ? doveadm_password = secret } From dovecot at knutejohnson.com Thu Sep 29 19:56:22 2011 From: dovecot at knutejohnson.com (Knute Johnson) Date: Thu, 29 Sep 2011 09:56:22 -0700 Subject: [Dovecot] Error message Message-ID: <4E84A336.1060002@knutejohnson.com> I'm getting the following message in my log; dovecot: IMAP(knute): fchown(/home/knute/mail/.imap/INBOX/dovecot.index.cache.lock, -1, 8(mail)) failed: Operation not permitted (egid=1000(knute), group based on /var/mail/knute): 1 Time(s) dovecot: IMAP(knute): fchown(/home/knute/mail/.imap/INBOX/dovecot.index.log.newlock, -1, 8(mail)) failed: Operation not permitted (egid=1000(knute), group based on /var/mail/knute): 2 Time(s) dovecot: IMAP(knute): fchown(/home/knute/mail/.imap/INBOX/dovecot.index.tmp, -1, 8(mail)) failed: Operation not permitted (egid=1000(knute), group based on /var/mail/knute): 4 Time(s) I got these once before on the /var/mail/user files and changed the permissions to 600. /home/knute/mail/.imap/INBOX is 770 and the index files are 600. Is this a problem with the directory privilege? Thanks, -- Knute Johnson From terry at cnysupport.com Thu Sep 29 20:15:13 2011 From: terry at cnysupport.com (Terry Carmen) Date: Thu, 29 Sep 2011 13:15:13 -0400 Subject: [Dovecot] Virtual Folder configuration problem. [FIXED] Message-ID: <20110929131513.Horde.o8eCXFeGiNBOhKehtHSilmA@www.cnysupport.com> Well, it took a ton of time and research, but I finally have a working Unread virtual mailbox on Dovecot 2.x on Centos 6.0. I have no idea if it's optimal or correct, but it works perfectly and doesn't raise any errors or warnings. Here's what I ended up with: dovecot.conf: Add the following: mail_plugins = $mail_plugins virtual namespace { type = private prefix = virtual. separator = . location = virtual:~/Maildir/virtual } 10-mail.conf: Add the following: # default namespace namespace { separator = . prefix = inbox = yes } 20-imap.conf: Add the following: protocol imap { mail_plugins = $mail_plugins virtual } 15-lda.conf: Add the following: protocol lda { mail_plugins = $mail_plugins virtual } Restart dovecot. Reload your mail client. Dovecot will create ~/Maildir/virtual cd ~/Maildir/virtual mkdir Unread Use your favorite editor and create a file named "dovecot-virtual" contaiing: # ~/Maildir/virtual/unseen/dovecot-virtual INBOX INBOX.* -INBOX.Trash unseen Save the file and restart your mail client. Go to "Subscriptions" in your mail client and subscribe to the Unseen folder. You should now have a virtual folder that contains all your unread mail, except for the contents of the Trash folder. Enjoy! -- Terry Carmen CNY Support, LLC https://www.cnysupport.com From tompru at jla.rutgers.edu Thu Sep 29 20:21:34 2011 From: tompru at jla.rutgers.edu (Tom Pawlowski) Date: Thu, 29 Sep 2011 13:21:34 -0400 Subject: [Dovecot] 2.0.14 doveadm proxy list segfault Message-ID: <20110929172134.GA25237@hawkeye.rutgers.edu> Hi Timo, Periodic segfaults with doveadm proxy list: root at director1:~) doveadm proxy list doveadm(root): Error: LIST failed: Disconnected Segmentation fault (core dumped) Sometimes it's just the 'LIST failed' error, other times it's the error with the segfault. Usually the first attempt to call it works, subsequent attempts fail. I've attached a strace log of it in action. -- Tom Pawlowski OIT-CSS System Administrator office: Hill 147 email: tompru at jla.rutgers.edu phone: (732) 445-2634 -------------- next part -------------- execve("/usr/bin/doveadm", ["doveadm", "proxy", "list"], [/* 26 vars */]) = 0 brk(0) = 0x1bb97000 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2b99123e5000 uname({sys="Linux", node="director1", ...}) = 0 access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory) open("/usr/lib64/dovecot/tls/x86_64/libdovecot-storage.so.0", O_RDONLY) = -1 ENOENT (No such file or directory) stat("/usr/lib64/dovecot/tls/x86_64", 0x7fffbbe8e710) = -1 ENOENT (No such file or directory) open("/usr/lib64/dovecot/tls/libdovecot-storage.so.0", O_RDONLY) = -1 ENOENT (No such file or directory) stat("/usr/lib64/dovecot/tls", 0x7fffbbe8e710) = -1 ENOENT (No such file or directory) open("/usr/lib64/dovecot/x86_64/libdovecot-storage.so.0", O_RDONLY) = -1 ENOENT (No such file or directory) stat("/usr/lib64/dovecot/x86_64", 0x7fffbbe8e710) = -1 ENOENT (No such file or directory) open("/usr/lib64/dovecot/libdovecot-storage.so.0", O_RDONLY) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\0\242\242\3071\0\0\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=862264, ...}) = 0 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2b99123e6000 mmap(0x31c7a00000, 2955496, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x31c7a00000 mprotect(0x31c7acb000, 2093056, PROT_NONE) = 0 mmap(0x31c7cca000, 32768, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xca000) = 0x31c7cca000 close(3) = 0 open("/usr/lib64/dovecot/libdovecot.so.0", O_RDONLY) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\220ma\3071\0\0\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=508488, ...}) = 0 mmap(0x31c7600000, 2611840, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x31c7600000 mprotect(0x31c7679000, 2093056, PROT_NONE) = 0 mmap(0x31c7878000, 16384, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x78000) = 0x31c7878000 mmap(0x31c787c000, 6784, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x31c787c000 close(3) = 0 open("/usr/lib64/dovecot/libcrypt.so.1", O_RDONLY) = -1 ENOENT (No such file or directory) open("/etc/ld.so.cache", O_RDONLY) = 3 fstat(3, {st_mode=S_IFREG|0644, st_size=26844, ...}) = 0 mmap(NULL, 26844, PROT_READ, MAP_PRIVATE, 3, 0) = 0x2b99123e7000 close(3) = 0 open("/lib64/libcrypt.so.1", O_RDONLY) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\360\t\240\257>\0\0\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=48600, ...}) = 0 mmap(0x3eafa00000, 2322880, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x3eafa00000 mprotect(0x3eafa09000, 2093056, PROT_NONE) = 0 mmap(0x3eafc08000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x8000) = 0x3eafc08000 mmap(0x3eafc0a000, 184768, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x3eafc0a000 close(3) = 0 open("/usr/lib64/dovecot/libpam.so.0", O_RDONLY) = -1 ENOENT (No such file or directory) open("/lib64/libpam.so.0", O_RDONLY) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\220\"`N6\0\0\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=50904, ...}) = 0 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2b99123ee000 mmap(0x364e600000, 2143696, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x364e600000 mprotect(0x364e60b000, 2097152, PROT_NONE) = 0 mmap(0x364e80b000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xb000) = 0x364e80b000 close(3) = 0 open("/usr/lib64/dovecot/libdl.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) open("/lib64/libdl.so.2", O_RDONLY) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\20\16\340\255>\0\0\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=23360, ...}) = 0 mmap(0x3eade00000, 2109696, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x3eade00000 mprotect(0x3eade02000, 2097152, PROT_NONE) = 0 mmap(0x3eae002000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x3eae002000 close(3) = 0 open("/usr/lib64/dovecot/librt.so.1", O_RDONLY) = -1 ENOENT (No such file or directory) open("/lib64/librt.so.1", O_RDONLY) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0 \"`\257>\0\0\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=53448, ...}) = 0 mmap(0x3eaf600000, 2132936, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x3eaf600000 mprotect(0x3eaf607000, 2097152, PROT_NONE) = 0 mmap(0x3eaf807000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x7000) = 0x3eaf807000 close(3) = 0 open("/usr/lib64/dovecot/libc.so.6", O_RDONLY) = -1 ENOENT (No such file or directory) open("/lib64/libc.so.6", O_RDONLY) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\220\332\241\255>\0\0\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=1718120, ...}) = 0 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2b99123ef000 mmap(0x3eada00000, 3498328, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x3eada00000 mprotect(0x3eadb4e000, 2093056, PROT_NONE) = 0 mmap(0x3eadd4d000, 20480, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x14d000) = 0x3eadd4d000 mmap(0x3eadd52000, 16728, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x3eadd52000 close(3) = 0 open("/usr/lib64/dovecot/libaudit.so.0", O_RDONLY) = -1 ENOENT (No such file or directory) open("/lib64/libaudit.so.0", O_RDONLY) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\340&`&8\0\0\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=98920, ...}) = 0 mmap(0x3826600000, 2191888, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x3826600000 mprotect(0x3826617000, 2093056, PROT_NONE) = 0 mmap(0x3826816000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x16000) = 0x3826816000 close(3) = 0 open("/usr/lib64/dovecot/libpthread.so.0", O_RDONLY) = -1 ENOENT (No such file or directory) open("/lib64/libpthread.so.0", O_RDONLY) = 3 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\240W \256>\0\0\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=145824, ...}) = 0 mmap(0x3eae200000, 2204528, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x3eae200000 mprotect(0x3eae216000, 2093056, PROT_NONE) = 0 mmap(0x3eae415000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x15000) = 0x3eae415000 mmap(0x3eae417000, 13168, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x3eae417000 close(3) = 0 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2b99123f0000 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2b99123f1000 arch_prctl(ARCH_SET_FS, 0x2b99123f13a0) = 0 mprotect(0x3eafc08000, 4096, PROT_READ) = 0 mprotect(0x3eae002000, 4096, PROT_READ) = 0 mprotect(0x3eaf807000, 4096, PROT_READ) = 0 mprotect(0x3eadd4d000, 16384, PROT_READ) = 0 mprotect(0x3ead81b000, 4096, PROT_READ) = 0 mprotect(0x3eae415000, 4096, PROT_READ) = 0 munmap(0x2b99123e7000, 26844) = 0 set_tid_address(0x2b99123f1430) = 29539 set_robust_list(0x2b99123f1440, 0x18) = 0 futex(0x7fffbbe8f23c, FUTEX_WAKE_PRIVATE, 1) = 0 rt_sigaction(SIGRTMIN, {0x3eae205380, [], SA_RESTORER|SA_SIGINFO, 0x3eae20eb10}, NULL, 8) = 0 rt_sigaction(SIGRT_1, {0x3eae2052b0, [], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x3eae20eb10}, NULL, 8) = 0 rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 getrlimit(RLIMIT_STACK, {rlim_cur=10240*1024, rlim_max=RLIM_INFINITY}) = 0 brk(0) = 0x1bb97000 brk(0x1bbc0000) = 0x1bbc0000 uname({sys="Linux", node="director1", ...}) = 0 rt_sigaction(SIGPIPE, {0x1, [], SA_RESTORER|SA_RESTART, 0x3eada302d0}, NULL, 8) = 0 rt_sigaction(SIGALRM, {0x31c7648b40, [], SA_RESTORER|SA_SIGINFO, 0x3eada302d0}, NULL, 8) = 0 socket(PF_FILE, SOCK_STREAM, 0) = 3 fcntl(3, F_GETFL) = 0x2 (flags O_RDWR) fcntl(3, F_SETFL, O_RDWR|O_NONBLOCK) = 0 connect(3, {sa_family=AF_FILE, path="/var/run/dovecot/config"...}, 110) = 0 fcntl(3, F_GETFL) = 0x802 (flags O_RDWR|O_NONBLOCK) fcntl(3, F_SETFL, O_RDWR) = 0 write(3, "VERSION\tconfig\t2\t0\nREQ\tmodule=do"..., 38) = 38 fstat(3, {st_mode=S_IFSOCK|0777, st_size=0, ...}) = 0 alarm(10) = 0 read(3, "\n\n", 8192) = 2 alarm(0) = 10 open("/usr/lib64/dovecot/doveadm", O_RDONLY|O_NONBLOCK|O_DIRECTORY) = 4 fcntl(4, F_SETFD, FD_CLOEXEC) = 0 getdents(4, /* 10 entries */, 32768) = 464 getdents(4, /* 0 entries */, 32768) = 0 close(4) = 0 futex(0x3eae0030ec, FUTEX_WAKE_PRIVATE, 2147483647) = 0 open("/usr/lib64/dovecot/doveadm/lib10_doveadm_acl_plugin.so", O_RDONLY) = 4 read(4, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\220\33\0\0\0\0\0\0"..., 832) = 832 fstat(4, {st_mode=S_IFREG|0755, st_size=16696, ...}) = 0 mmap(NULL, 2112392, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 4, 0) = 0x2b99123f2000 mprotect(0x2b99123f6000, 2093056, PROT_NONE) = 0 mmap(0x2b99125f5000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 4, 0x3000) = 0x2b99125f5000 close(4) = 0 munmap(0x2b99123f2000, 2112392) = 0 open("/usr/lib64/dovecot/doveadm/lib10_doveadm_expire_plugin.so", O_RDONLY) = 4 read(4, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\300\24\0\0\0\0\0\0"..., 832) = 832 fstat(4, {st_mode=S_IFREG|0755, st_size=12208, ...}) = 0 mmap(NULL, 2107912, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 4, 0) = 0x2b99123f2000 mprotect(0x2b99123f5000, 2093056, PROT_NONE) = 0 mmap(0x2b99125f4000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 4, 0x2000) = 0x2b99125f4000 close(4) = 0 munmap(0x2b99123f2000, 2107912) = 0 open("/usr/lib64/dovecot/doveadm/lib10_doveadm_quota_plugin.so", O_RDONLY) = 4 read(4, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\320\v\0\0\0\0\0\0"..., 832) = 832 fstat(4, {st_mode=S_IFREG|0755, st_size=7248, ...}) = 0 mmap(NULL, 2102936, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 4, 0) = 0x2b99123f2000 mprotect(0x2b99123f4000, 2093056, PROT_NONE) = 0 mmap(0x2b99125f3000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 4, 0x1000) = 0x2b99125f3000 close(4) = 0 munmap(0x2b99123f2000, 2102936) = 0 open("/usr/lib64/dovecot/doveadm/lib10_doveadm_zlib_plugin.so", O_RDONLY) = 4 read(4, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\260\22\0\0\0\0\0\0"..., 832) = 832 fstat(4, {st_mode=S_IFREG|0755, st_size=11048, ...}) = 0 mmap(NULL, 2106296, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 4, 0) = 0x2b99123f2000 mprotect(0x2b99123f4000, 2097152, PROT_NONE) = 0 mmap(0x2b99125f4000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 4, 0x2000) = 0x2b99125f4000 close(4) = 0 munmap(0x2b99123f2000, 2106296) = 0 rt_sigaction(SIGINT, {0x31c7648d70, [], SA_RESTORER|SA_SIGINFO, 0x3eada302d0}, NULL, 8) = 0 pipe([4, 5]) = 0 fcntl(4, F_GETFL) = 0 (flags O_RDONLY) fcntl(4, F_SETFL, O_RDONLY|O_NONBLOCK) = 0 fcntl(5, F_GETFL) = 0x1 (flags O_WRONLY) fcntl(5, F_SETFL, O_WRONLY|O_NONBLOCK) = 0 fcntl(4, F_GETFD) = 0 fcntl(4, F_SETFD, FD_CLOEXEC) = 0 fcntl(5, F_GETFD) = 0 fcntl(5, F_SETFD, FD_CLOEXEC) = 0 epoll_create(128) = 6 fcntl(6, F_GETFD) = 0 fcntl(6, F_SETFD, FD_CLOEXEC) = 0 epoll_ctl(6, EPOLL_CTL_ADD, 4, {EPOLLIN|EPOLLPRI|EPOLLERR|EPOLLHUP, {u32=465205840, u64=465205840}}) = 0 rt_sigaction(SIGTERM, {0x31c7648d70, [], SA_RESTORER|SA_SIGINFO, 0x3eada302d0}, NULL, 8) = 0 open("/dev/null", O_WRONLY|O_CREAT|O_APPEND, 0600) = 7 fcntl(7, F_GETFD) = 0 fcntl(7, F_SETFD, FD_CLOEXEC) = 0 ioctl(1, TIOCGWINSZ, {ws_row=68, ws_col=155, ws_xpixel=0, ws_ypixel=0}) = 0 socket(PF_FILE, SOCK_STREAM, 0) = 8 fcntl(8, F_GETFL) = 0x2 (flags O_RDWR) fcntl(8, F_SETFL, O_RDWR|O_NONBLOCK) = 0 connect(8, {sa_family=AF_FILE, path="/var/run/dovecot/ipc"...}, 110) = 0 epoll_ctl(6, EPOLL_CTL_ADD, 8, {EPOLLIN|EPOLLPRI|EPOLLERR|EPOLLHUP, {u32=465209040, u64=465209040}}) = 0 fstat(8, {st_mode=S_IFSOCK|0777, st_size=0, ...}) = 0 lseek(8, 0, SEEK_CUR) = -1 ESPIPE (Illegal seek) getsockname(8, {sa_family=AF_FILE, path="\377\377\377\377\377\377\200\363\271\33"...}, [18446462603027808258]) = 0 writev(8, [{"proxy\t*\tLIST", 12}, {"\n", 1}], 2) = -1 EPIPE (Broken pipe) --- SIGPIPE (Broken pipe) @ 0 (0) --- epoll_wait(6, {{EPOLLIN|EPOLLHUP, {u32=465209040, u64=465209040}}}, 2, 4294967295) = 1 read(8, "", 8192) = 0 write(2, "doveadm(root): Error: LIST faile"..., 48) = 48 epoll_ctl(6, EPOLL_CTL_DEL, 8, {0, {u32=465209040, u64=465209040}}) = 0 close(8) = 0 --- SIGSEGV (Segmentation fault) @ 0 (0) --- +++ killed by SIGSEGV (core dumped) +++ From ar-dovecotlist at acrconsulting.co.uk Fri Sep 30 01:38:23 2011 From: ar-dovecotlist at acrconsulting.co.uk (Andrew Richards) Date: 29 Sep 2011 23:38:23 +0100 Subject: [Dovecot] Dovecot failing to parse some UTF-8 encoded attachment filenames, returning empty string instead [SOLVED] In-Reply-To: <201109221231.40494.ar-dovecotlist@acrconsulting.co.uk> References: <201109221231.40494.ar-dovecotlist@acrconsulting.co.uk> Message-ID: <201109292338.23297.ar-dovecotlist@acrconsulting.co.uk> On Thursday 22 September 2011 12:31:40 Andrew Richards wrote: > On Thursday 22 September 2011 00:45:32 Timo Sirainen wrote: > > On 22.9.2011, at 1.59, Andrew Richards wrote: > > > I'm seeing a strange problem with some attachment filenames that are > > > UTF-8 encoded. The problem seems to be related to spaces and/or > > > unusual characters in filenames, like accented characters (or perhaps > > > just to filenames if UTF-8 encoded; I've not explored that fully). > > > > The problem is that the client sends it wrong: > > > Content-Type: application/octet-stream; > > > name==?UTF-8?B?dGhpc19mYWlscy50eHQ=?= > > > Content-Disposition: attachment; > > > filename==?UTF-8?B?dGhpc19mYWlscy50eHQ=?= > > > > These are both wrong. First of all they are illegal because they have = > > and > > ? characters, from RFC 2045: > > ...snip... > > > > Also from RFC 2047 (encoded-word is the =?UTF-8?...?= thing): > > > + An 'encoded-word' MUST NOT be used in parameter of a MIME > > > Content-Type or Content-Disposition field, or in any structured > > > field body except within a 'comment' or 'phrase'. > > > > ...snip... > > Anyway .. I'll check tomorrow if I can easily add code to workaround your > > problem. If it's just a minor change I'll do it. > > Wow - a very thorough response only 45 minutes after I'd posted the > question, and in your follow up message you've already provided a > suggested fix - a huge thank you! > > So in summary it's a "Garbage in -> Garbage out" issue... This also > explains why I'm only getting this issue with one client after a > Courier->Dovecot migration. I'll research which mail client program(s) are > generating the faulty messages for completeness for this thread. > > I expect to test the fix later today or tomorrow, I'll update the thread > accordingly when I've done so. Firstly, my apologies - it's been a week before I've got back to this - I was making sense of another MIME issue which I thought might be related (it isn't), but I'll start a new thread for that. The fix works just fine. However... ...regarding the broken MIME fields: These look to occur in the form I noted for a single client program only, which on further investigation turns out to be an in-house[-written] mail program of my client, and therefore this problem is unlikely to bite other people: I've had permission to search the client's mailboxes for similar non-conforming emails and they only occur for this one in-house mail program. Summary: False alarm. However once again a huge thank-you to Timo for the patch to workaround this broken data. Best regards, Andrew. From ar-dovecotlist at acrconsulting.co.uk Fri Sep 30 01:38:44 2011 From: ar-dovecotlist at acrconsulting.co.uk (Andrew Richards) Date: 29 Sep 2011 23:38:44 +0100 Subject: [Dovecot] Broken mail clients? [MIME] Long attachment encoded filenames (for non-ASCII characters etc) Message-ID: <201109292338.44590.ar-dovecotlist@acrconsulting.co.uk> Hi, I've noticed a possible minor issue with long encoded filenames for attachments where these filenames are split across multiple lines. My understanding of character encoding and MIME is not as good as it should be, so I may easily have got this all mixed up, in which case sorry for the noise... Although I understand the preferred method for handling filenames split across multiple lines (because they're too long to fit on one line in the message) is that suggested in RFC2184/2231, so for example, filename*0*=iso-8859-1''accented_characters_here_%EA%CA%E6 filename*1=etc%2Epdf I find that some mail clients do this instead, filename="=?ISO-8859-1?Q?accented_characters_here_=EA=CA=E6?= =?ISO-8859-1?Q?etc=2Epdf?=" In Dovecot this results in, 0 fetch 25 body * 25 FETCH (BODY (("text" "plain" ("charset" "ISO-8859-1") NIL NIL "7bit" 239 8)("application" "pdf" ("name" "=?ISO-8859-1?Q?accented_characters_here_=EA=CA=E6?= =?ISO-8859-1?Q?etc=2Epdf?=") NIL NIL "base64" 219130) "mixed")) esp. note the unwanted space - or in fact the sequence ?= =? between the two sections of the filename. I think a possible tweak for Dovecot would be to combine the filename parts in this situation to remove the ?= =?. I'm not sure if an IMAP client should know to combine the parts in their current format. FWIW I see that Courier does the same as Dovecot in this situation. I think the 'alternative' method of splitting filenames I'm raising breaks RFC2047 (details below), but unfortunately this method is used by some large email generators like gmail - also details below. Key bits from RFC2047 section 5 part (3) re. only a single encoded-word ('phrase') being allowed for a MIME Content-Type / Content-Disposition: phrase = 1*( encoded-word / word ) An 'encoded-word' MUST NOT be used in parameter of a MIME Content-Type or Content-Disposition field, or in any structured field body except within a 'comment' or 'phrase'. Here are the mail clients I noted this issue with (original filenames destroyed because I've been examining my client's emails for this issue - with their permission), (AOL) X-Mailer: Webmail 33953-STANDARD Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="=?utf-8?Q?abcde?= =?utf-8?Q?abcde=C3=A9abcde.jpg?=" Content-Type: image/jpeg; name="=?utf-8?Q?abcde?= =?utf-8?Q?abcde=C3=A9abcde.jpg?=" Gmail: Content-Type: application/pdf; name="=?ISO-8859-1?Q?with_a_=EA=CA=E6_super=2Dlong_name_that=27s_bound?= =?ISO-8859-1?Q?_to_overflow_a_line_boundary_to_test_gmail=2Epdf?=" Content-Disposition: attachment; filename="=?ISO-8859-1?Q?with_a_=EA=CA=E6_super=2Dlong_name_that=27s_bound?= =?ISO-8859-1?Q?_to_overflow_a_line_boundary_to_test_gmail=2Epdf?=" X-Mailer: YahooMailWebService/0.8.113.313619 Content-Type: application/vnd.openxmlformats- officedocument.wordprocessingml.document; name="=?utf-8?B?base64encodedstring?= =?utf-8?B?base64encodedstring?=" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="=?utf-8?B?base64encodedstring?= =?utf-8?B?base64encodedstring?=" X-Mailer: Lotus Notes Release 6.5.5 November 30, 2005: Content-type: application/pdf; name="=?ISO-8859-1?Q?abcde=E9abcde=E9abcde=E9?= =?ISO-8859-1?Q?abcde=2Cl=2Epdf?=" Content-Disposition: attachment; filename="=?ISO-8859-1?Q?abcde=E9abcde=E9_abcde=E9?= =?ISO-8859-1?Q?abcde=2Cl=2Epdf?=" Content-ID: <20__=snip> Content-transfer-encoding: base64 X-Mailer: Lotus Domino Web Server Release 6.5.5FP1 HF551 November 27, 2007: Content-type: application/pdf; name="=?windows-1252?Q?abcde_=28=E9?= =?windows-1252?Q?=29=2Epdf?=" Content-Disposition: attachment; filename="=?windows-1252?Q?abcde_=28=E9?= =?windows-1252?Q?=29=2Epdf?=" Content-transfer-encoding: base64 Timo also noted the same style of filename encoding in Apple Mail in the previous thread I started, it would be interesting to try Apple Mail with a very long filename to cause it to split across multiple lines and see how it encodes the filename then, > Looks like Apple Mail also sends: > > Content-Type: application/octet-stream; > > name="=?iso-8859-1?Q?p=E4=E4?=" Best regards, Andrew. From ar-dovecotlist at acrconsulting.co.uk Fri Sep 30 01:48:21 2011 From: ar-dovecotlist at acrconsulting.co.uk (Andrew Richards) Date: 29 Sep 2011 23:48:21 +0100 Subject: [Dovecot] Long attachment encoded filenames (for non-ASCII characters etc) in MIME headers & corresponding Dovecot behaviour Message-ID: <201109292348.21999.ar-dovecotlist@acrconsulting.co.uk> (Correction: Subject was confused) Hi, I've noticed a possible minor issue with long encoded filenames for attachments where these filenames are split across multiple lines. My understanding of character encoding and MIME is not as good as it should be, so I may easily have got this all mixed up, in which case sorry for the noise... Although I understand the preferred method for handling filenames split across multiple lines (because they're too long to fit on one line in the message) is that suggested in RFC2184/2231, so for example, filename*0*=iso-8859-1''accented_characters_here_%EA%CA%E6 filename*1=etc%2Epdf I find that some mail clients do this instead, filename="=?ISO-8859-1?Q?accented_characters_here_=EA=CA=E6?= =?ISO-8859-1?Q?etc=2Epdf?=" In Dovecot this results in, 0 fetch 25 body * 25 FETCH (BODY (("text" "plain" ("charset" "ISO-8859-1") NIL NIL "7bit" 239 8)("application" "pdf" ("name" "=?ISO-8859-1?Q?accented_characters_here_=EA=CA=E6?= =?ISO-8859-1?Q?etc=2Epdf?=") NIL NIL "base64" 219130) "mixed")) esp. note the unwanted space - or in fact the sequence ?= =? between the two sections of the filename. I think a possible tweak for Dovecot would be to combine the filename parts in this situation to remove the ?= =?. I'm not sure if an IMAP client should know to combine the parts in their current format. FWIW I see that Courier does the same as Dovecot in this situation. I think the 'alternative' method of splitting filenames I'm raising breaks RFC2047 (details below), but unfortunately this method is used by some large email generators like gmail - also details below. Key bits from RFC2047 section 5 part (3) re. only a single encoded-word ('phrase') being allowed for a MIME Content-Type / Content-Disposition: phrase = 1*( encoded-word / word ) An 'encoded-word' MUST NOT be used in parameter of a MIME Content-Type or Content-Disposition field, or in any structured field body except within a 'comment' or 'phrase'. Here are the mail clients I noted this issue with (original filenames destroyed because I've been examining my client's emails for this issue - with their permission), (AOL) X-Mailer: Webmail 33953-STANDARD Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="=?utf-8?Q?abcde?= =?utf-8?Q?abcde=C3=A9abcde.jpg?=" Content-Type: image/jpeg; name="=?utf-8?Q?abcde?= =?utf-8?Q?abcde=C3=A9abcde.jpg?=" Gmail: Content-Type: application/pdf; name="=?ISO-8859-1?Q?with_a_=EA=CA=E6_super=2Dlong_name_that=27s_bound?= =?ISO-8859-1?Q?_to_overflow_a_line_boundary_to_test_gmail=2Epdf?=" Content-Disposition: attachment; filename="=?ISO-8859-1?Q?with_a_=EA=CA=E6_super=2Dlong_name_that=27s_bound?= =?ISO-8859-1?Q?_to_overflow_a_line_boundary_to_test_gmail=2Epdf?=" X-Mailer: YahooMailWebService/0.8.113.313619 Content-Type: application/vnd.openxmlformats- officedocument.wordprocessingml.document; name="=?utf-8?B?base64encodedstring?= =?utf-8?B?base64encodedstring?=" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="=?utf-8?B?base64encodedstring?= =?utf-8?B?base64encodedstring?=" X-Mailer: Lotus Notes Release 6.5.5 November 30, 2005: Content-type: application/pdf; name="=?ISO-8859-1?Q?abcde=E9abcde=E9abcde=E9?= =?ISO-8859-1?Q?abcde=2Cl=2Epdf?=" Content-Disposition: attachment; filename="=?ISO-8859-1?Q?abcde=E9abcde=E9_abcde=E9?= =?ISO-8859-1?Q?abcde=2Cl=2Epdf?=" Content-ID: <20__=snip> Content-transfer-encoding: base64 X-Mailer: Lotus Domino Web Server Release 6.5.5FP1 HF551 November 27, 2007: Content-type: application/pdf; name="=?windows-1252?Q?abcde_=28=E9?= =?windows-1252?Q?=29=2Epdf?=" Content-Disposition: attachment; filename="=?windows-1252?Q?abcde_=28=E9?= =?windows-1252?Q?=29=2Epdf?=" Content-transfer-encoding: base64 Timo also noted the same style of filename encoding in Apple Mail in the previous thread I started, it would be interesting to try Apple Mail with a very long filename to cause it to split across multiple lines and see how it encodes the filename then, > Looks like Apple Mail also sends: > > Content-Type: application/octet-stream; > > name="=?iso-8859-1?Q?p=E4=E4?=" Best regards, Andrew. From slusarz at curecanti.org Fri Sep 30 02:07:08 2011 From: slusarz at curecanti.org (Michael M Slusarz) Date: Thu, 29 Sep 2011 17:07:08 -0600 Subject: [Dovecot] Broken mail clients? [MIME] Long attachment encoded filenames (for non-ASCII characters etc) In-Reply-To: <201109292338.44590.ar-dovecotlist@acrconsulting.co.uk> References: <201109292338.44590.ar-dovecotlist@acrconsulting.co.uk> Message-ID: <20110929170708.Horde.C90fP4F5lbhOhPocU46wxcA@bigworm.curecanti.org> Quoting Andrew Richards : > Hi, > > I've noticed a possible minor issue with long encoded filenames for > attachments > where these filenames are split across multiple lines. My understanding of > character encoding and MIME is not as good as it should be, so I may easily > have got this all mixed up, in which case sorry for the noise... > > Although I understand the preferred method for handling filenames > split across > multiple lines (because they're too long to fit on one line in the > message) is > that suggested in RFC2184/2231, so for example, > filename*0*=iso-8859-1''accented_characters_here_%EA%CA%E6 > filename*1=etc%2Epdf > > I find that some mail clients do this instead, > filename="=?ISO-8859-1?Q?accented_characters_here_=EA=CA=E6?= > =?ISO-8859-1?Q?etc=2Epdf?=" > > In Dovecot this results in, > 0 fetch 25 body > * 25 FETCH (BODY (("text" "plain" ("charset" "ISO-8859-1") NIL NIL "7bit" 239 > 8)("application" "pdf" ("name" > "=?ISO-8859-1?Q?accented_characters_here_=EA=CA=E6?= > =?ISO-8859-1?Q?etc=2Epdf?=") NIL NIL "base64" 219130) "mixed")) > > esp. note the unwanted space - or in fact the sequence ?= =? between the two > sections of the filename. I think a possible tweak for Dovecot would be to > combine the filename parts in this situation to remove the ?= =?. > I'm not sure > if an IMAP client should know to combine the parts in their current format. > FWIW I see that Courier does the same as Dovecot in this situation. Dovecot's behavior is correct. There's nothing "special" about that name parameter - it's not RFC 2231 encoded - so the IMAP server should output the exact header text as-is. Those two parts were separated by space in the original header - they should be separated by space when grabbing the fetch data. If the *client* wants to workaround these broken messages, it can do whatever munging is wants to translate the contents of the "name" parameter. But that should be up to the client. An IMAP server should not be making wild assumptions about what the original sender wanted to do with the message vs. what it actually sent. FYI: A workaround is to do something like this when sending a message: Content-Dispostion: attachment; filename="=?ISO-8859-1?Q?accented_characters_here_=EA=CA=E6?= =?ISO-8859-1?Q?etc=2Epdf?="; filename*0*=iso-8859-1''accented_characters_here_%EA%CA%E6; filename*1=etc%2Epdf When parsing, MIME parsers *generally* perform in a FIFO manner (although see note below). So what will happen here is an IMAP server will overwrite the initial broken filename parameter with the correct, unencoded RFC 2231 parameter. (Note: RFC 2045 [5] states that parameter order is not significant, so you can't depend on this 100%. But any decent RFC 2231 MIME parser will do sanity checking no matter the order of the parameters and should never replace an parameter value generated via RFC 2231 encoding with a parameter value that is non-encoded). Conversely, a broken (or at least non-RFC2231 MIME parser) that sees the above header will instead report three different parameters - filename, filename*0*, and filename*1. Non 2231 agents will most likely try to do RFC 2046 unencoding on the 'filename' parameter, which will succeed. 2231 agents will recognize that 2231 data exists and will do the necessary concatenation/unencoding itself on the 'filename*0*' and 'filename*1' parameters, and will completely ignore the 'filename' parameter. michael From ar-dovecotlist at acrconsulting.co.uk Fri Sep 30 02:30:55 2011 From: ar-dovecotlist at acrconsulting.co.uk (Andrew Richards) Date: 30 Sep 2011 00:30:55 +0100 Subject: [Dovecot] Long attachment encoded filenames (for non-ASCII characters etc) in MIME headers & corresponding Dovecot behaviour In-Reply-To: <20110929170708.Horde.C90fP4F5lbhOhPocU46wxcA@bigworm.curecanti.org> References: <201109292338.44590.ar-dovecotlist@acrconsulting.co.uk> <20110929170708.Horde.C90fP4F5lbhOhPocU46wxcA@bigworm.curecanti.org> Message-ID: <201109300030.55645.ar-dovecotlist@acrconsulting.co.uk> (Subject line altered - original was confused) On Friday 30 September 2011 00:07:08 Michael M Slusarz wrote: > Quoting Andrew Richards : > > Hi, > > > > I've noticed a possible minor issue with long encoded filenames for > > attachments > > where these filenames are split across multiple lines. My understanding > > of character encoding and MIME is not as good as it should be, so I may > > easily have got this all mixed up, in which case sorry for the noise... > > > > Although I understand the preferred method for handling filenames > > split across multiple lines (because they're too long to fit on one line > > in the message) is that suggested in RFC2184/2231, so for example, > > filename*0*=iso-8859-1''accented_characters_here_%EA%CA%E6 > > filename*1=etc%2Epdf > > > > I find that some mail clients do this instead, > > filename="=?ISO-8859-1?Q?accented_characters_here_=EA=CA=E6?= > > =?ISO-8859-1?Q?etc=2Epdf?=" > > > > In Dovecot this results in, > > 0 fetch 25 body > > * 25 FETCH (BODY (("text" "plain" ("charset" "ISO-8859-1") NIL NIL "7bit" > > 239 8)("application" "pdf" ("name" > > "=?ISO-8859-1?Q?accented_characters_here_=EA=CA=E6?= > > =?ISO-8859-1?Q?etc=2Epdf?=") NIL NIL "base64" 219130) "mixed")) > > > > esp. note the unwanted space - or in fact the sequence ?= =? between the > > two sections of the filename. I think a possible tweak for Dovecot would > > be to combine the filename parts in this situation to remove the ?= =?. Correcting myself: ...remove the ?= =?ISO-8859-1?Q? (not just ?= =?) to generate the string in this example, "=?ISO-8859-1?Q?accented_characters_here_=EA=CA=E6etc=2Epdf?=" > > I'm not sure > > if an IMAP client should know to combine the parts in their current > > format. FWIW I see that Courier does the same as Dovecot in this > > situation. > > Dovecot's behavior is correct. There's nothing "special" about that > name parameter - it's not RFC 2231 encoded - so the IMAP server should > output the exact header text as-is. Those two parts were separated by > space in the original header - they should be separated by space when > grabbing the fetch data. I can accept that Dovecot's behaviour is technically correct, but my point is that (if I've understood correctly) with some large mailers like Gmail acting in a non-RFC2231 manner, is it worth adapting Dovecot to play nicely with them. Possibly I'm conflating 2 separate issues: Munging together non-RFC2231 attachment filename parts, large mailers not using RFC2231 to handle long non- ASCII filenames. > If the *client* wants to workaround these broken messages, it can do > whatever munging is wants to translate the contents of the "name" > parameter. But that should be up to the client. An IMAP server > should not be making wild assumptions about what the original sender > wanted to do with the message vs. what it actually sent. > > FYI: A workaround is to do something like this when sending a message: > > Content-Dispostion: attachment; > filename="=?ISO-8859-1?Q?accented_characters_here_=EA=CA=E6?= > =?ISO-8859-1?Q?etc=2Epdf?="; > filename*0*=iso-8859-1''accented_characters_here_%EA%CA%E6; > filename*1=etc%2Epdf Sure: I accept that that's the preferred way to handle long filenames that need to be encoded - but I'm noting that there are badly-behaved large mailers that don't do so, so I wonder if it's worth Dovecot mitigating the effects. Best regards, Andrew. From knute2011 at knutejohnson.com Fri Sep 30 06:56:34 2011 From: knute2011 at knutejohnson.com (Knute Johnson) Date: Thu, 29 Sep 2011 20:56:34 -0700 Subject: [Dovecot] Error message in log Message-ID: <4E853DF2.7070105@knutejohnson.com> I'm getting the following message in my log; dovecot: IMAP(knute): fchown(/home/knute/mail/.imap/INBOX/dovecot.index.cache.lock, -1, 8(mail)) failed: Operation not permitted (egid=1000(knute), group based on /var/mail/knute): 1 Time(s) dovecot: IMAP(knute): fchown(/home/knute/mail/.imap/INBOX/dovecot.index.log.newlock, -1, 8(mail)) failed: Operation not permitted (egid=1000(knute), group based on /var/mail/knute): 2 Time(s) dovecot: IMAP(knute): fchown(/home/knute/mail/.imap/INBOX/dovecot.index.tmp, -1, 8(mail)) failed: Operation not permitted (egid=1000(knute), group based on /var/mail/knute): 4 Time(s) I got these once before on the /var/mail/user files and changed the permissions to 600. /home/knute/mail/.imap/INBOX is 770 and the index files are 600. Is this a problem with the directory privilege? Thanks, -- Knute Johnson knute2011 at knutejohnson.com From janfrode at tanso.net Fri Sep 30 13:42:17 2011 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Fri, 30 Sep 2011 12:42:17 +0200 Subject: [Dovecot] Panic: file lmtp-proxy.c: line 370 (lmtp_proxy_output_timeout): assertion failed: (proxy->data_input->eof) In-Reply-To: <1317308942.24498.YahooMailNeo@web29115.mail.ird.yahoo.com> References: <1317308942.24498.YahooMailNeo@web29115.mail.ird.yahoo.com> Message-ID: <20110930104217.GA21864@oc1046828364.ibm.com> On Thu, Sep 29, 2011 at 04:09:02PM +0100, mailing lists wrote: > Hello all, > > today I got this crash from dovecot (2.0.14) FYI: You're not alone.. http://dovecot.org/list/dovecot/2011-September/060830.html I seem to remember thinking this probably was caused by too short LMTP_PROXY_DATA_INPUT_TIMEOUT_MSECS in lmtp-proxy.c, but I've given up on lmtp-proxying for now.. Will have to revisit at some later point. -jf From ejs at shubes.net Fri Sep 30 19:07:41 2011 From: ejs at shubes.net (Eric Shubert) Date: Fri, 30 Sep 2011 09:07:41 -0700 Subject: [Dovecot] Intermittent authentication failures Message-ID: I'm running dovecot with vpopmail. Here's the configuration: [root at wong log]# dovecot -n # 2.0.11: /etc/dovecot/dovecot.conf # OS: Linux 2.6.18-238.9.1.el5 i686 CentOS release 5.6 (Final) auth_cache_size = 32 M auth_mechanisms = plain login digest-md5 cram-md5 auth_username_format = %Lu first_valid_uid = 89 log_path = /var/log/dovecot.log login_greeting = Dovecot toaster ready. mail_fsync = always mail_nfs_index = yes mail_nfs_storage = yes mmap_disable = yes namespace { inbox = yes location = prefix = separator = . type = private } passdb { args = cache_key=%u webmail=127.0.0.1 driver = vpopmail } plugin/quota = maildir protocols = imap ssl_cert = , method=CRAM-MD5, rip=192.168.252.8, lip=192.168.252.14, mpid=20301 but (seemingly more frequently) the authentication fails: Sep 30 08:16:41 imap-login: Info: Aborted login (auth failed, 1 attempts): user=, method=CRAM-MD5, rip=192.168.252.8, lip=192.168.252.14 I restarted dovecot, and that apparently cleared the problem for one user, but not others. Is this perhaps a bug in dovecot, or would the problem lie with vpopmail? TIA for any pointers. -- -Eric 'shubes' From simon.brereton at buongiorno.com Fri Sep 30 19:33:02 2011 From: simon.brereton at buongiorno.com (Simon Brereton) Date: Fri, 30 Sep 2011 12:33:02 -0400 Subject: [Dovecot] SSL only for external connections Message-ID: <01ca01cc7f8e$a04dab30$e0e90190$@brereton@buongiorno.com> Hi I'm running dovecot 1:1.2.15-7 and php webmail application is throwing errors when connecting to IMAP with TLS. Is there away to disable SSL/TLS for localhost connections? I googled, but didn't see anything specific. Can I assume that it's as simple as setting ssl_listen = to the external IP address(es) and leaving listen = * as it is? Thanks. Simon From terry at cnysupport.com Fri Sep 30 20:15:50 2011 From: terry at cnysupport.com (Terry Carmen) Date: Fri, 30 Sep 2011 13:15:50 -0400 Subject: [Dovecot] SSL only for external connections Message-ID: <20110930131550.Horde.s20OVVeGiNBOhflGDHUDDtA@www.cnysupport.com> An embedded and charset-unspecified text was scrubbed... Name: not available URL: From simon.brereton at buongiorno.com Fri Sep 30 20:34:56 2011 From: simon.brereton at buongiorno.com (Simon Brereton) Date: Fri, 30 Sep 2011 13:34:56 -0400 Subject: [Dovecot] SSL only for external connections In-Reply-To: <20110930131550.Horde.s20OVVeGiNBOhflGDHUDDtA@www.cnysupport.com> References: <20110930131550.Horde.s20OVVeGiNBOhflGDHUDDtA@www.cnysupport.com> Message-ID: <01ea01cc7f97$45fa69d0$d1ef3d70$@brereton@buongiorno.com> > -----Original Message----- > From: dovecot-bounces at dovecot.org [mailto:dovecot- > bounces at dovecot.org] On Behalf Of Terry Carmen > > If SSL/TLS works from the outside, but not the inside, you should > probably find out why and fix that instead. You'd think so - but since I don't actually need TLS from the inside, and given my skill level - disabling it seems easier :) > What is the actual error text? 2011-09-29T15:33:14-04:00 WARN: HORDE4 [imp] PHP ERROR: fwrite(): SSL: Broken pipe [pid 23503 on line 3716 of "/usr/share/php/Horde/Imap/Client/Socket.php"] 2011-09-29T15:33:14-04:00 WARN: HORDE4 [imp] PHP ERROR: fwrite() expects parameter 1 to be resource, null given [pid 23503 on line 3714 of "/usr/share/php/Horde/Imap/Client/Socket.php"] 2011-09-29T15:33:14-04:00 WARN: HORDE4 [imp] PHP ERROR: fwrite() expects parameter 1 to be resource, null given [pid 23503 on line 3716 of "/usr/share/php/Horde/Imap/Client/Socket.php"] 2011-09-29T15:33:14-04:00 WARN: HORDE4 [imp] PHP ERROR: feof() expects parameter 1 to be resource, null given [pid 23503 on line 3909 of "/usr/share/php/Horde/Imap/Client/Socket.php"] 2011-09-29T15:33:14-04:00 WARN: HORDE4 [imp] PHP ERROR: fgets() expects parameter 1 to be resource, null given [pid 23503 on line 3925 of "/usr/share/php/Horde/Imap/Client/Socket.php"] 2011-09-29T15:33:14-04:00 ERR: HORDE4 [imp] IMAP server denied authentication. [pid 23503 on line 340 of "/usr/share/horde4/imp/lib/Imap.php"] 2011-09-29T15:38:05-04:00 ERR: HORDE4 [imp] Server does not support TLS connections. [pid 23596 on line 340 of "/usr/share/horde4/imp/lib/Imap.php"] The mail log (to which Dovecot logs) shows nothing for either of those time periods - and a single (successful) login with TLS at 15:33:15 - The consensus from the excellent Horde mailing list is that it's either an IMAP issue or a PHP one. Since the dovecot log isn't showing any errors I'm inclined to believe it's PHP. And since I have neither the skills nor the time to engage with those folks on the intricacies of fwrite, fget and feof, I'd rather just not have the TLS overhead on localhost connections (which probably makes sense even if I did have the inclination). So, would setting ssl_listen to the external IP remove the TLS offer from localhost connections? Simon From stan at hardwarefreak.com Fri Sep 30 20:46:10 2011 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Fri, 30 Sep 2011 12:46:10 -0500 Subject: [Dovecot] SSL only for external connections In-Reply-To: <01ea01cc7f97$45fa69d0$d1ef3d70$@brereton@buongiorno.com> References: <20110930131550.Horde.s20OVVeGiNBOhflGDHUDDtA@www.cnysupport.com> <01ea01cc7f97$45fa69d0$d1ef3d70$@brereton@buongiorno.com> Message-ID: <4E860062.40902@hardwarefreak.com> On 9/30/2011 12:34 PM, Simon Brereton wrote: >> -----Original Message----- >> From: dovecot-bounces at dovecot.org [mailto:dovecot- >> bounces at dovecot.org] On Behalf Of Terry Carmen > >> >> If SSL/TLS works from the outside, but not the inside, you should >> probably find out why and fix that instead. > > You'd think so - but since I don't actually need TLS from the inside, and given my skill level - disabling it seems easier :) You don't need TLS/SSL from the outside either, if this is strictly a webmail box. In this case, configure Apache/lighttpd+Horde to only accept HTTPS connections from the outside, and configure Horde to connect via the Dovecot localhost:143 listener. This is how I've been doing it with Roundcube for years. Works like a champ. With encrypted sessions between browser and web server, and both Horde and Dovecot running on the same host, you don't need to, nor want to, use IMAPS. -- Stan From simon.brereton at buongiorno.com Fri Sep 30 21:04:01 2011 From: simon.brereton at buongiorno.com (Simon Brereton) Date: Fri, 30 Sep 2011 14:04:01 -0400 Subject: [Dovecot] SSL only for external connections In-Reply-To: <4E860062.40902@hardwarefreak.com> References: <20110930131550.Horde.s20OVVeGiNBOhflGDHUDDtA@www.cnysupport.com> <01ea01cc7f97$45fa69d0$d1ef3d70$@brereton@buongiorno.com> <4E860062.40902@hardwarefreak.com> Message-ID: <01f001cc7f9b$560ca730$0225f590$@brereton@buongiorno.com> > -----Original Message----- > From: dovecot-bounces at dovecot.org [mailto:dovecot- > bounces at dovecot.org] On Behalf Of Stan Hoeppner > On 9/30/2011 12:34 PM, Simon Brereton wrote: > >> -----Original Message----- > >> From: dovecot-bounces at dovecot.org [mailto:dovecot- > >> bounces at dovecot.org] On Behalf Of Terry Carmen > > > >> > >> If SSL/TLS works from the outside, but not the inside, you should > >> probably find out why and fix that instead. > > > > You'd think so - but since I don't actually need TLS from the > inside, > > and given my skill level - disabling it seems easier :) > > You don't need TLS/SSL from the outside either, if this is strictly a > webmail box. In this case, configure Apache/lighttpd+Horde to only > accept HTTPS connections from the outside, and configure Horde to > connect via the Dovecot localhost:143 listener. This is how I've > been doing it with Roundcube for years. Works like a champ. It's not strictly a webmail box though. IMAP clients (fixed and mobile) connect to it. So what I'd like is IMAP, IMAPS, POP3 and POP3S on the outside and IMAP only on the local host (there's no actual reason to offer POP to the localhost either... > With encrypted sessions between browser and web server, and both > Horde and Dovecot running on the same host, you don't need to, nor > want to, use IMAPS. Makes sense. Simon From slusarz at curecanti.org Fri Sep 30 21:17:18 2011 From: slusarz at curecanti.org (Michael M Slusarz) Date: Fri, 30 Sep 2011 12:17:18 -0600 Subject: [Dovecot] SSL only for external connections In-Reply-To: <01f001cc7f9b$560ca730$0225f590$@brereton@buongiorno.com> References: <20110930131550.Horde.s20OVVeGiNBOhflGDHUDDtA@www.cnysupport.com> <01ea01cc7f97$45fa69d0$d1ef3d70$@brereton@buongiorno.com> <4E860062.40902@hardwarefreak.com> <01f001cc7f9b$560ca730$0225f590$@brereton@buongiorno.com> Message-ID: <20110930121718.Horde.3eYlX4F5lbhOhgeuZgDH09A@bigworm.curecanti.org> Quoting Simon Brereton : >> -----Original Message----- >> From: dovecot-bounces at dovecot.org [mailto:dovecot- >> bounces at dovecot.org] On Behalf Of Stan Hoeppner >> On 9/30/2011 12:34 PM, Simon Brereton wrote: >> >> -----Original Message----- >> >> From: dovecot-bounces at dovecot.org [mailto:dovecot- >> >> bounces at dovecot.org] On Behalf Of Terry Carmen >> > >> >> >> >> If SSL/TLS works from the outside, but not the inside, you should >> >> probably find out why and fix that instead. >> > >> > You'd think so - but since I don't actually need TLS from the >> inside, >> > and given my skill level - disabling it seems easier :) >> >> You don't need TLS/SSL from the outside either, if this is strictly a >> webmail box. In this case, configure Apache/lighttpd+Horde to only >> accept HTTPS connections from the outside, and configure Horde to >> connect via the Dovecot localhost:143 listener. This is how I've >> been doing it with Roundcube for years. Works like a champ. > > It's not strictly a webmail box though. IMAP clients (fixed and > mobile) connect to it. So what I'd like is IMAP, IMAPS, POP3 and > POP3S on the outside and IMAP only on the local host (there's no > actual reason to offer POP to the localhost either... You can also configure the MUA (e.g. Horde) to not use a secure connection, as opposed to turning off features on the server level. michael From dick at fouter.net Fri Sep 30 21:28:51 2011 From: dick at fouter.net (Dick Middleton) Date: Fri, 30 Sep 2011 19:28:51 +0100 Subject: [Dovecot] SSL only for external connections In-Reply-To: <20110930131550.Horde.s20OVVeGiNBOhflGDHUDDtA@www.cnysupport.com> References: <20110930131550.Horde.s20OVVeGiNBOhflGDHUDDtA@www.cnysupport.com> Message-ID: <4E860A63.4040604@fouter.net> On 09/30/11 18:15, Terry Carmen wrote: > > If SSL/TLS works from the outside, but not the inside, you should probably > find out why and fix that instead. > > What is the actual error text? In my limited experience there are two main reasons why it can work from outside but not inside. One is a routing problem. The common problem is trying to connect from inside using the outside IP address where the replies try to take a different route back. The second reason is to do with the SSL certificate which will have a CN indicating the server name. If you try to connect from the inside the server name will not match and you'll get a certificate error. A third possibility is you're trying to use TLS on an SSL connection. You need to use port 143 for TLS and 993 for SSL. However your error messages show an authentication error and I suspect you are using an encrypted password on a connection that doesn't support it. It's fairly common if TLS is demanded that PLAIN auth is the only method accepted. Without more detail one can only guess. Dick From simon.brereton at buongiorno.com Fri Sep 30 22:25:01 2011 From: simon.brereton at buongiorno.com (Simon Brereton) Date: Fri, 30 Sep 2011 15:25:01 -0400 Subject: [Dovecot] SSL only for external connections In-Reply-To: <4E860A63.4040604@fouter.net> References: <20110930131550.Horde.s20OVVeGiNBOhflGDHUDDtA@www.cnysupport.com> <4E860A63.4040604@fouter.net> Message-ID: <01f601cc7fa6$a6f27cf0$f4d776d0$@brereton@buongiorno.com> > -----Original Message----- > From: dovecot-bounces at dovecot.org [mailto:dovecot- > bounces at dovecot.org] On Behalf Of Dick Middleton > On 09/30/11 18:15, Terry Carmen wrote: > > > > If SSL/TLS works from the outside, but not the inside, you should > > probably find out why and fix that instead. > > > > What is the actual error text? > > In my limited experience there are two main reasons why it can work > from outside but not inside. One is a routing problem. The common > problem is trying to connect from inside using the outside IP address > where the replies try to take a different route back. > > The second reason is to do with the SSL certificate which will have a > CN indicating the server name. If you try to connect from the inside > the server name will not match and you'll get a certificate error. > > A third possibility is you're trying to use TLS on an SSL connection. > You need to use port 143 for TLS and 993 for SSL. > > However your error messages show an authentication error and I > suspect you are using an encrypted password on a connection that > doesn't support it. It's fairly common if TLS is demanded that PLAIN > auth is the only method accepted. > > Without more detail one can only guess. 1) No. 2) Yes. 3) No. Your postulation about the certificate is a good one. The weird thing is that the error is not consistent, which is why I hadn't caught it before I was idly trawling through the logs. As Michael says - I can (and probably should) turn this off in the horde config. But the question remains - if only because it's now there - how does one limit services effectively in Dovecot. In Courier it was fairly easy and well documented. There's no reason for me to offer IMAPS or POP3S to localhost (because of the certificate issue) and there's also no reason for me to offer POP3 to localhost either. For posterity and for my own edification it would be nice to know how to do that. Thanks for the help and input. Simon From slusarz at curecanti.org Fri Sep 30 22:39:40 2011 From: slusarz at curecanti.org (Michael M Slusarz) Date: Fri, 30 Sep 2011 13:39:40 -0600 Subject: [Dovecot] SSL only for external connections In-Reply-To: <01f601cc7fa6$a6f27cf0$f4d776d0$@brereton@buongiorno.com> References: <20110930131550.Horde.s20OVVeGiNBOhflGDHUDDtA@www.cnysupport.com> <4E860A63.4040604@fouter.net> <01f601cc7fa6$a6f27cf0$f4d776d0$@brereton@buongiorno.com> Message-ID: <20110930133940.Horde.Eyq2RoF5lbhOhhr8YnmH1IA@bigworm.curecanti.org> Quoting Simon Brereton : > But the question remains - if only because it's now there - how does > one limit services effectively in Dovecot. In Courier it was fairly > easy and well documented. There's no reason for me to offer IMAPS > or POP3S to localhost (because of the certificate issue) and there's > also no reason for me to offer POP3 to localhost either. > > For posterity and for my own edification it would be nice to know > how to do that. At a minimum, you can't disable TLS. If you disable TLS support in dovecot, the server is no longer IMAP 4rev1 compliant (see RFC 3501 [6.1.1] - STARTTLS MUST be supported by server). michael From dick at fouter.net Fri Sep 30 22:47:29 2011 From: dick at fouter.net (Dick Middleton) Date: Fri, 30 Sep 2011 20:47:29 +0100 Subject: [Dovecot] SSL only for external connections In-Reply-To: <01f601cc7fa6$a6f27cf0$f4d776d0$@brereton@buongiorno.com> References: <20110930131550.Horde.s20OVVeGiNBOhflGDHUDDtA@www.cnysupport.com> <4E860A63.4040604@fouter.net> <01f601cc7fa6$a6f27cf0$f4d776d0$@brereton@buongiorno.com> Message-ID: <4E861CD1.8000301@fouter.net> On 09/30/11 20:25, Simon Brereton wrote: > But the question remains - if only because it's now there - how does one limit services effectively in Dovecot. In Courier it was fairly easy and well documented. There's no reason for me to offer IMAPS or POP3S to localhost (because of the certificate issue) and there's also no reason for me to offer POP3 to localhost either. > > For posterity and for my own edification it would be nice to know how to do that. I don't think you can do that. However if you don't want to use tls/ssl just connect to port 143 plain. I don't know about horde but Roundcube you use tls://localhost, ssl://locahost or just localhost. i.e the choice is with the client not the server. Dick From ejs at shubes.net Fri Sep 30 22:55:32 2011 From: ejs at shubes.net (Eric Shubert) Date: Fri, 30 Sep 2011 12:55:32 -0700 Subject: [Dovecot] SSL only for external connections In-Reply-To: <20110930121718.Horde.3eYlX4F5lbhOhgeuZgDH09A@bigworm.curecanti.org> References: <20110930131550.Horde.s20OVVeGiNBOhflGDHUDDtA@www.cnysupport.com> <01ea01cc7f97$45fa69d0$d1ef3d70$@brereton@buongiorno.com> <4E860062.40902@hardwarefreak.com> <01f001cc7f9b$560ca730$0225f590$@brereton@buongiorno.com> <20110930121718.Horde.3eYlX4F5lbhOhgeuZgDH09A@bigworm.curecanti.org> Message-ID: On 09/30/2011 11:17 AM, Michael M Slusarz wrote: > Quoting Simon Brereton : > >>> -----Original Message----- >>> From: dovecot-bounces at dovecot.org [mailto:dovecot- >>> bounces at dovecot.org] On Behalf Of Stan Hoeppner >>> On 9/30/2011 12:34 PM, Simon Brereton wrote: >>> >> -----Original Message----- >>> >> From: dovecot-bounces at dovecot.org [mailto:dovecot- >>> >> bounces at dovecot.org] On Behalf Of Terry Carmen >>> > >>> >> >>> >> If SSL/TLS works from the outside, but not the inside, you should >>> >> probably find out why and fix that instead. >>> > >>> > You'd think so - but since I don't actually need TLS from the >>> inside, >>> > and given my skill level - disabling it seems easier :) >>> >>> You don't need TLS/SSL from the outside either, if this is strictly a >>> webmail box. In this case, configure Apache/lighttpd+Horde to only >>> accept HTTPS connections from the outside, and configure Horde to >>> connect via the Dovecot localhost:143 listener. This is how I've >>> been doing it with Roundcube for years. Works like a champ. >> >> It's not strictly a webmail box though. IMAP clients (fixed and >> mobile) connect to it. So what I'd like is IMAP, IMAPS, POP3 and POP3S >> on the outside and IMAP only on the local host (there's no actual >> reason to offer POP to the localhost either... > > You can also configure the MUA (e.g. Horde) to not use a secure > connection, as opposed to turning off features on the server level. > > michael > > This makes the most sense to me. The client should decide what to use. FWIW. -- -Eric 'shubes' From terry at cnysupport.com Fri Sep 30 22:59:29 2011 From: terry at cnysupport.com (Terry Carmen) Date: Fri, 30 Sep 2011 15:59:29 -0400 Subject: [Dovecot] SSL only for external connections In-Reply-To: <4E861CD1.8000301@fouter.net> References: <20110930131550.Horde.s20OVVeGiNBOhflGDHUDDtA@www.cnysupport.com> <4E860A63.4040604@fouter.net> <01f601cc7fa6$a6f27cf0$f4d776d0$@brereton@buongiorno.com> <4E861CD1.8000301@fouter.net> Message-ID: <20110930155929.Horde.5sE8eFeGiNBOhh_hd8OmjeA@www.cnysupport.com> > On 09/30/11 20:25, Simon Brereton wrote: > >> But the question remains - if only because it's now there - how >> does one limit services effectively in Dovecot. In Courier it was >> fairly easy and well documented. There's no reason for me to offer >> IMAPS or POP3S to localhost (because of the certificate issue) and >> there's also no reason for me to offer POP3 to localhost either. >> >> For posterity and for my own edification it would be nice to know >> how to do that. You can specify what ports and interfaces the various services listen on with the inet_listener configuration block and the "address" and "port" configuration items in the 10-master.conf configuration file. Terry From ejs at shubes.net Fri Sep 30 22:59:56 2011 From: ejs at shubes.net (Eric Shubert) Date: Fri, 30 Sep 2011 12:59:56 -0700 Subject: [Dovecot] Intermittent authentication failures In-Reply-To: References: Message-ID: On 09/30/2011 09:07 AM, Eric Shubert wrote: > > CRAM-MD5 works sometimes: > Sep 30 08:15:43 imap-login: Info: Login: user=, > method=CRAM-MD5, rip=192.168.252.8, lip=192.168.252.14, mpid=20301 > > but (seemingly more frequently) the authentication fails: > Sep 30 08:16:41 imap-login: Info: Aborted login (auth failed, 1 > attempts): user=, method=CRAM-MD5, rip=192.168.252.8, > lip=192.168.252.14 > > I restarted dovecot, and that apparently cleared the problem for one > user, but not others. > > Is this perhaps a bug in dovecot, or would the problem lie with vpopmail? > > TIA for any pointers. > FWIW, I tried digest-md5, and experience the same problem. Is it possible that passwords are being cached in such a way that different login mechanisms cannot be used by different client programs with the same user account? -- -Eric 'shubes' From simon.brereton at buongiorno.com Fri Sep 30 23:49:21 2011 From: simon.brereton at buongiorno.com (Simon Brereton) Date: Fri, 30 Sep 2011 16:49:21 -0400 Subject: [Dovecot] SSL only for external connections In-Reply-To: <20110930155929.Horde.5sE8eFeGiNBOhh_hd8OmjeA@www.cnysupport.com> References: <20110930131550.Horde.s20OVVeGiNBOhflGDHUDDtA@www.cnysupport.com> <4E860A63.4040604@fouter.net> <01f601cc7fa6$a6f27cf0$f4d776d0$@brereton@buongiorno.com> <4E861CD1.8000301@fouter.net> <20110930155929.Horde.5sE8eFeGiNBOhh_hd8OmjeA@www.cnysupport.com> Message-ID: <01ff01cc7fb2$6ef8ff20$4ceafd60$@brereton@buongiorno.com> > -----Original Message----- > From: dovecot-bounces at dovecot.org [mailto:dovecot- > bounces at dovecot.org] On Behalf Of Terry Carmen > > On 09/30/11 20:25, Simon Brereton wrote: > > > >> But the question remains - if only because it's now there - how > does > >> one limit services effectively in Dovecot. In Courier it was > fairly > >> easy and well documented. There's no reason for me to offer IMAPS > or > >> POP3S to localhost (because of the certificate issue) and there's > >> also no reason for me to offer POP3 to localhost either. > >> > >> For posterity and for my own edification it would be nice to know > how > >> to do that. > > You can specify what ports and interfaces the various services listen > on with the inet_listener configuration block and the "address" and > "port" > configuration items in the 10-master.conf configuration file. I don't have that file. Part of the problem is that I'm confused between protocols and wrappers and interfaces :) Dick and Michael have persuaded me that it's just easier to for Horde not to ask for TLS on port 143 - because that's in fact what I was doing - and it's pointless. Nonetheless, I think it would be nice to tell Dovecot listen on the local interface for IMAP. Listen on the external interface for IMAP, IMAPS, POP and POP3S. But if there's not simple way to do that I don't have a valid use-case for doing it right now. Thanks for all the input everyone! Happy Weekend. Simon